Search in sources :

Example 21 with ASN1Integer

use of org.openecard.bouncycastle.asn1.ASN1Integer in project keystore-explorer by kaikramer.

the class DUserNoticeChooser method populateNoticeNumbers.

private void populateNoticeNumbers(NoticeReference noticeReference) {
    ASN1Integer[] noticeNumbers = noticeReference.getNoticeNumbers();
    if (noticeNumbers != null) {
        StringBuffer sb = new StringBuffer();
        for (int i = 0; i < noticeNumbers.length; i++) {
            ASN1Integer noticeNumber = noticeNumbers[i];
            sb.append(noticeNumber.getValue().intValue());
            if ((i + 1) < noticeNumbers.length) {
                sb.append(" ");
            }
        }
        jtfNoticeNumbers.setText(sb.toString());
        jtfNoticeNumbers.setCaretPosition(0);
    }
}
Also used : ASN1Integer(org.bouncycastle.asn1.ASN1Integer)

Example 22 with ASN1Integer

use of org.openecard.bouncycastle.asn1.ASN1Integer in project keystore-explorer by kaikramer.

the class DUserNoticeChooser method okPressed.

private void okPressed() {
    String organizationString = jtfOrganization.getText().trim();
    int[] noticeNumberInts = extractNoticeNumbers();
    String explicitTextString = jtfExplicitText.getText().trim();
    if (noticeNumberInts == null) {
        JOptionPane.showMessageDialog(this, res.getString("DUserNoticeChooser.InvalidNoticeNumbers.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    if (((organizationString.length() > 0) && (noticeNumberInts.length == 0)) || ((organizationString.length() == 0) && (noticeNumberInts.length > 0))) {
        JOptionPane.showMessageDialog(this, res.getString("DUserNoticeChooser.OrganizationOrNoticeNumbersValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    if ((organizationString.length() == 0) && (noticeNumberInts.length == 0) && (explicitTextString.length() == 0)) {
        JOptionPane.showMessageDialog(this, res.getString("DUserNoticeChooser.NoticeRefOrExplicitTextValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    NoticeReference noticeReference = null;
    if (organizationString.length() > 0) {
        // If organization is present then so is al of notice reference
        Vector<ASN1Integer> noticeNumbers = new Vector<ASN1Integer>();
        for (int noticeNumber : noticeNumberInts) {
            noticeNumbers.add(new ASN1Integer(noticeNumber));
        }
        noticeReference = new NoticeReference(organizationString, noticeNumbers);
    }
    userNotice = new UserNotice(noticeReference, explicitTextString);
    closeDialog();
}
Also used : UserNotice(org.bouncycastle.asn1.x509.UserNotice) NoticeReference(org.bouncycastle.asn1.x509.NoticeReference) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) Vector(java.util.Vector)

Example 23 with ASN1Integer

use of org.openecard.bouncycastle.asn1.ASN1Integer in project keystore-explorer by kaikramer.

the class OpenSslPvkUtil method load.

/**
 * Load an unencrypted OpenSSL private key from the stream. The encoding of
 * the private key may be PEM or DER.
 *
 * @param is
 *            Stream to load the unencrypted private key from
 * @return The private key
 * @throws PrivateKeyEncryptedException
 *             If private key is encrypted
 * @throws CryptoException
 *             Problem encountered while loading the private key
 * @throws IOException
 *             An I/O error occurred
 */
public static PrivateKey load(InputStream is) throws CryptoException, IOException {
    byte[] streamContents = ReadUtil.readFully(is);
    EncryptionType encType = getEncryptionType(new ByteArrayInputStream(streamContents));
    if (encType == null) {
        throw new CryptoException(res.getString("NotValidOpenSsl.exception.message"));
    }
    if (encType == ENCRYPTED) {
        throw new PrivateKeyEncryptedException(res.getString("OpenSslIsEncrypted.exception.message"));
    }
    // Check if stream is PEM encoded
    PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(streamContents));
    if (pemInfo != null) {
        // It is - get DER from PEM
        streamContents = pemInfo.getContent();
    }
    try {
        // Read OpenSSL DER structure
        ASN1InputStream asn1InputStream = new ASN1InputStream(streamContents);
        ASN1Primitive openSsl = asn1InputStream.readObject();
        asn1InputStream.close();
        if (openSsl instanceof ASN1Sequence) {
            ASN1Sequence seq = (ASN1Sequence) openSsl;
            if (seq.size() == 9) {
                // RSA private key
                BigInteger version = ((ASN1Integer) seq.getObjectAt(0)).getValue();
                BigInteger modulus = ((ASN1Integer) seq.getObjectAt(1)).getValue();
                BigInteger publicExponent = ((ASN1Integer) seq.getObjectAt(2)).getValue();
                BigInteger privateExponent = ((ASN1Integer) seq.getObjectAt(3)).getValue();
                BigInteger primeP = ((ASN1Integer) seq.getObjectAt(4)).getValue();
                BigInteger primeQ = ((ASN1Integer) seq.getObjectAt(5)).getValue();
                BigInteger primeExponentP = ((ASN1Integer) seq.getObjectAt(6)).getValue();
                BigInteger primeExponenetQ = ((ASN1Integer) seq.getObjectAt(7)).getValue();
                BigInteger crtCoefficient = ((ASN1Integer) seq.getObjectAt(8)).getValue();
                if (!version.equals(VERSION)) {
                    throw new CryptoException(MessageFormat.format(res.getString("OpenSslVersionIncorrect.exception.message"), "" + VERSION.intValue(), "" + version.intValue()));
                }
                RSAPrivateCrtKeySpec rsaPrivateCrtKeySpec = new RSAPrivateCrtKeySpec(modulus, publicExponent, privateExponent, primeP, primeQ, primeExponentP, primeExponenetQ, crtCoefficient);
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                return keyFactory.generatePrivate(rsaPrivateCrtKeySpec);
            } else if (seq.size() == 6) {
                // DSA private key
                BigInteger version = ((ASN1Integer) seq.getObjectAt(0)).getValue();
                BigInteger primeModulusP = ((ASN1Integer) seq.getObjectAt(1)).getValue();
                BigInteger primeQ = ((ASN1Integer) seq.getObjectAt(2)).getValue();
                BigInteger generatorG = ((ASN1Integer) seq.getObjectAt(3)).getValue();
                // publicExponentY not req for pvk: sequence.getObjectAt(4);
                BigInteger secretExponentX = ((ASN1Integer) seq.getObjectAt(5)).getValue();
                if (!version.equals(VERSION)) {
                    throw new CryptoException(MessageFormat.format(res.getString("OpenSslVersionIncorrect.exception.message"), "" + VERSION.intValue(), "" + version.intValue()));
                }
                DSAPrivateKeySpec dsaPrivateKeySpec = new DSAPrivateKeySpec(secretExponentX, primeModulusP, primeQ, generatorG);
                KeyFactory keyFactory = KeyFactory.getInstance("DSA");
                return keyFactory.generatePrivate(dsaPrivateKeySpec);
            } else if (seq.size() >= 2) {
                // EC private key (RFC 5915)
                org.bouncycastle.asn1.sec.ECPrivateKey pKey = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(seq);
                AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParameters());
                PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey);
                return new JcaPEMKeyConverter().getPrivateKey(privInfo);
            } else {
                throw new CryptoException(MessageFormat.format(res.getString("OpenSslSequenceIncorrectSize.exception.message"), "" + seq.size()));
            }
        } else {
            throw new CryptoException(res.getString("OpenSslSequenceNotFound.exception.message"));
        }
    } catch (Exception ex) {
        throw new CryptoException(res.getString("NoLoadOpenSslPrivateKey.exception.message"), ex);
    }
}
Also used : RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec) ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) PemInfo(org.kse.utilities.pem.PemInfo) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) CryptoException(org.kse.crypto.CryptoException) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ByteArrayInputStream(java.io.ByteArrayInputStream) BigInteger(java.math.BigInteger) CryptoException(org.kse.crypto.CryptoException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) KeyFactory(java.security.KeyFactory) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)

Example 24 with ASN1Integer

use of org.openecard.bouncycastle.asn1.ASN1Integer in project keystore-explorer by kaikramer.

the class OpenSslPvkUtil method getEncryptionType.

/**
 * Detect if a OpenSSL private key is encrypted or not.
 *
 * @param is
 *            Input stream containing OpenSSL private key
 * @return Encryption type or null if not a valid OpenSSL private key
 * @throws IOException
 *             If an I/O problem occurred
 */
public static EncryptionType getEncryptionType(InputStream is) throws IOException {
    byte[] openSsl = ReadUtil.readFully(is);
    // In PEM format?
    PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(openSsl));
    if (pemInfo != null) {
        String pemType = pemInfo.getType();
        // PEM type of OpenSSL?
        if (OPENSSL_RSA_PVK_PEM_TYPE.equals(pemType) || OPENSSL_DSA_PVK_PEM_TYPE.equals(pemType) || OPENSSL_EC_PVK_PEM_TYPE.equals(pemType)) {
            // Encrypted? It is if PEM contains appropriate header attributes/values
            PemAttributes pemAttributes = pemInfo.getAttributes();
            if ((pemAttributes != null) && (pemAttributes.get(PROC_TYPE_ATTR_NAME) != null) && (pemAttributes.get(PROC_TYPE_ATTR_NAME).getValue().equals(PROC_TYPE_ATTR_VALUE)) && (pemAttributes.get(DEK_INFO_ATTR_NAME) != null)) {
                return ENCRYPTED;
            } else {
                return UNENCRYPTED;
            }
        }
    }
    // In ASN.1 format?
    try {
        // If OpenSSL will be a sequence of 9 (RSA) or 6 (DSA) integers or 2-4 mixed elements (EC)
        ASN1Primitive key = ASN1Primitive.fromByteArray(openSsl);
        if (key instanceof ASN1Sequence) {
            ASN1Sequence seq = (ASN1Sequence) key;
            // }
            if ((seq.size() >= 2) && (seq.size() <= 4) && seq.getObjectAt(0) instanceof ASN1Integer) {
                BigInteger version = ((ASN1Integer) seq.getObjectAt(0)).getValue();
                if (version.equals(VERSION_EC)) {
                    if (seq.getObjectAt(1) instanceof ASN1OctetString) {
                        // ASN.1 OpenSSL is always unencrypted
                        return UNENCRYPTED;
                    } else {
                        // Not OpenSSL
                        return null;
                    }
                }
            }
            for (int i = 0; i < seq.size(); i++) {
                if (!(seq.getObjectAt(i) instanceof ASN1Integer)) {
                    // Not OpenSSL
                    return null;
                }
            }
            if ((seq.size() == 9) || (seq.size() == 6)) {
                // ASN.1 OpenSSL is always unencrypted
                return UNENCRYPTED;
            }
        }
    } catch (IOException ex) {
        // Not an OpenSSL file
        return null;
    }
    // Not an OpenSSL file
    return null;
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ByteArrayInputStream(java.io.ByteArrayInputStream) PemInfo(org.kse.utilities.pem.PemInfo) PemAttributes(org.kse.utilities.pem.PemAttributes) BigInteger(java.math.BigInteger) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IOException(java.io.IOException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Example 25 with ASN1Integer

use of org.openecard.bouncycastle.asn1.ASN1Integer in project keystore-explorer by kaikramer.

the class OpenSslPvkUtil method get.

/**
 * OpenSSL encode a private key.
 *
 * @return The encoding
 * @param privateKey
 *            The private key
 * @throws CryptoException
 *             Problem encountered while getting the encoded private key
 */
public static byte[] get(PrivateKey privateKey) throws CryptoException {
    // DER encoding for each key type is a sequence
    ASN1EncodableVector vec = new ASN1EncodableVector();
    if (privateKey instanceof ECPrivateKey) {
        try {
            ECPrivateKey ecPrivKey = (ECPrivateKey) privateKey;
            org.bouncycastle.asn1.sec.ECPrivateKey keyStructure = EccUtil.convertToECPrivateKeyStructure(ecPrivKey);
            return keyStructure.toASN1Primitive().getEncoded();
        } catch (IOException e) {
            throw new CryptoException(res.getString("NoDerEncodeOpenSslPrivateKey.exception.message"), e);
        }
    } else if (privateKey instanceof RSAPrivateCrtKey) {
        RSAPrivateCrtKey rsaPrivateKey = (RSAPrivateCrtKey) privateKey;
        vec.add(new ASN1Integer(VERSION));
        vec.add(new ASN1Integer(rsaPrivateKey.getModulus()));
        vec.add(new ASN1Integer(rsaPrivateKey.getPublicExponent()));
        vec.add(new ASN1Integer(rsaPrivateKey.getPrivateExponent()));
        vec.add(new ASN1Integer(rsaPrivateKey.getPrimeP()));
        vec.add(new ASN1Integer(rsaPrivateKey.getPrimeQ()));
        vec.add(new ASN1Integer(rsaPrivateKey.getPrimeExponentP()));
        vec.add(new ASN1Integer(rsaPrivateKey.getPrimeExponentQ()));
        vec.add(new ASN1Integer(rsaPrivateKey.getCrtCoefficient()));
    } else {
        DSAPrivateKey dsaPrivateKey = (DSAPrivateKey) privateKey;
        DSAParams dsaParams = dsaPrivateKey.getParams();
        BigInteger primeModulusP = dsaParams.getP();
        BigInteger primeQ = dsaParams.getQ();
        BigInteger generatorG = dsaParams.getG();
        BigInteger secretExponentX = dsaPrivateKey.getX();
        // Derive public key from private key parts, ie Y = G^X mod P
        BigInteger publicExponentY = generatorG.modPow(secretExponentX, primeModulusP);
        vec.add(new ASN1Integer(VERSION));
        vec.add(new ASN1Integer(primeModulusP));
        vec.add(new ASN1Integer(primeQ));
        vec.add(new ASN1Integer(generatorG));
        vec.add(new ASN1Integer(publicExponentY));
        vec.add(new ASN1Integer(secretExponentX));
    }
    DERSequence derSequence = new DERSequence(vec);
    try {
        return derSequence.getEncoded();
    } catch (IOException ex) {
        throw new CryptoException(res.getString("NoDerEncodeOpenSslPrivateKey.exception.message"), ex);
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey) IOException(java.io.IOException) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) DSAParams(java.security.interfaces.DSAParams) DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) BigInteger(java.math.BigInteger) CryptoException(org.kse.crypto.CryptoException)

Aggregations

ASN1Integer (org.bouncycastle.asn1.ASN1Integer)120 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)54 DERSequence (org.bouncycastle.asn1.DERSequence)48 IOException (java.io.IOException)43 BigInteger (java.math.BigInteger)43 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)39 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)28 DEROctetString (org.bouncycastle.asn1.DEROctetString)21 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)20 ArrayList (java.util.ArrayList)18 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)18 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)15 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)15 X509Certificate (java.security.cert.X509Certificate)14 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)14 Date (java.util.Date)12 DLSequence (org.bouncycastle.asn1.DLSequence)12 KeyPair (java.security.KeyPair)11 HashMap (java.util.HashMap)11 HashSet (java.util.HashSet)11