Example 71 with ASN1ObjectIdentifier
use of org.openecard.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.
the class P12KeyGenerator method genECKeypair.
// CHECKSTYLE:SKIP
private KeyPairWithSubjectPublicKeyInfo genECKeypair(String curveNameOrOid, SecureRandom random) throws Exception {
ASN1ObjectIdentifier curveOid = AlgorithmUtil.getCurveOidForCurveNameOrOid(curveNameOrOid);
if (curveOid == null) {
throw new IllegalArgumentException("invalid curveNameOrOid '" + curveNameOrOid + "'");
}
KeyPair kp = KeyUtil.generateECKeypair(curveOid, random);
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, curveOid);
BCECPublicKey pub = (BCECPublicKey) kp.getPublic();
byte[] keyData = pub.getQ().getEncoded(false);
SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algId, keyData);
return new KeyPairWithSubjectPublicKeyInfo(kp, subjectPublicKeyInfo);
}
Also used :
KeyPair(java.security.KeyPair)
BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 72 with ASN1ObjectIdentifier
use of org.openecard.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.
the class P12KeyGenerator method getContentSigner.
// method generateIdentity
private static ContentSigner getContentSigner(PrivateKey key) throws Exception {
BcContentSignerBuilder builder;
if (key instanceof RSAPrivateKey) {
ASN1ObjectIdentifier hashOid = X509ObjectIdentifiers.id_SHA1;
ASN1ObjectIdentifier sigOid = PKCSObjectIdentifiers.sha1WithRSAEncryption;
builder = new BcRSAContentSignerBuilder(buildAlgId(sigOid), buildAlgId(hashOid));
} else if (key instanceof DSAPrivateKey) {
ASN1ObjectIdentifier hashOid = X509ObjectIdentifiers.id_SHA1;
AlgorithmIdentifier sigId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa_with_sha1);
builder = new BcDSAContentSignerBuilder(sigId, buildAlgId(hashOid));
} else if (key instanceof ECPrivateKey) {
HashAlgo hashAlgo;
ASN1ObjectIdentifier sigOid;
int keysize = ((ECPrivateKey) key).getParams().getOrder().bitLength();
if (keysize > 384) {
hashAlgo = HashAlgo.SHA512;
sigOid = X9ObjectIdentifiers.ecdsa_with_SHA512;
} else if (keysize > 256) {
hashAlgo = HashAlgo.SHA384;
sigOid = X9ObjectIdentifiers.ecdsa_with_SHA384;
} else if (keysize > 224) {
hashAlgo = HashAlgo.SHA224;
sigOid = X9ObjectIdentifiers.ecdsa_with_SHA224;
} else if (keysize > 160) {
hashAlgo = HashAlgo.SHA256;
sigOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
} else {
hashAlgo = HashAlgo.SHA1;
sigOid = X9ObjectIdentifiers.ecdsa_with_SHA1;
}
builder = new BcECContentSignerBuilder(new AlgorithmIdentifier(sigOid), buildAlgId(hashAlgo.getOid()));
} else {
throw new IllegalArgumentException("unknown type of key " + key.getClass().getName());
}
return builder.build(KeyUtil.generatePrivateKeyParameter(key));
}
Also used :
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
ECPrivateKey(java.security.interfaces.ECPrivateKey)
HashAlgo(org.xipki.security.HashAlgo)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
BcDSAContentSignerBuilder(org.bouncycastle.operator.bc.BcDSAContentSignerBuilder)
BcECContentSignerBuilder(org.bouncycastle.operator.bc.BcECContentSignerBuilder)
BcContentSignerBuilder(org.bouncycastle.operator.bc.BcContentSignerBuilder)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 73 with ASN1ObjectIdentifier
use of org.openecard.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.
the class AlgorithmUtil method getDSASigAlgId.
// method getRSASigAlgId
// CHECKSTYLE:SKIP
private static AlgorithmIdentifier getDSASigAlgId(HashAlgo hashAlgo) throws NoSuchAlgorithmException {
ParamUtil.requireNonNull("hashAlgo", hashAlgo);
ASN1ObjectIdentifier sigAlgOid = digestToDSASigAlgMap.get(hashAlgo);
if (sigAlgOid == null) {
throw new NoSuchAlgorithmException("unsupported hash " + hashAlgo + " for DSA key");
}
return new AlgorithmIdentifier(sigAlgOid);
}
Also used :
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 74 with ASN1ObjectIdentifier
use of org.openecard.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.
the class AlgorithmUtil method extractDigesetAlgFromSigAlg.
public static AlgorithmIdentifier extractDigesetAlgFromSigAlg(AlgorithmIdentifier sigAlgId) throws NoSuchAlgorithmException {
ASN1ObjectIdentifier algOid = sigAlgId.getAlgorithm();
ASN1ObjectIdentifier digestAlgOid;
if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) {
ASN1Encodable asn1Encodable = sigAlgId.getParameters();
RSASSAPSSparams param = RSASSAPSSparams.getInstance(asn1Encodable);
digestAlgOid = param.getHashAlgorithm().getAlgorithm();
} else {
HashAlgo digestAlg = sigAlgOidToDigestMap.get(algOid);
if (digestAlg == null) {
throw new NoSuchAlgorithmException("unknown signature algorithm " + algOid.getId());
}
digestAlgOid = digestAlg.getOid();
}
return new AlgorithmIdentifier(digestAlgOid, DERNull.INSTANCE);
}
Also used :
HashAlgo(org.xipki.security.HashAlgo)
RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 75 with ASN1ObjectIdentifier
use of org.openecard.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.
the class AlgorithmUtil method getSigOrMacAlgoCode.
// method getHashOutputSizeInOctets
public static AlgorithmCode getSigOrMacAlgoCode(AlgorithmIdentifier algId) throws NoSuchAlgorithmException {
ASN1ObjectIdentifier oid = algId.getAlgorithm();
AlgorithmCode code = algOidToCodeMap.get(oid);
if (code != null) {
return code;
}
if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(oid)) {
RSASSAPSSparams param = RSASSAPSSparams.getInstance(algId.getParameters());
ASN1ObjectIdentifier digestAlgOid = param.getHashAlgorithm().getAlgorithm();
code = digestToMgf1AlgCodeMap.get(digestAlgOid);
if (code == null) {
throw new NoSuchAlgorithmException("unsupported digest algorithm " + digestAlgOid);
}
return code;
} else {
throw new NoSuchAlgorithmException("unsupported signature algorithm " + oid.getId());
}
}
Also used :
RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmCode(org.xipki.security.AlgorithmCode)
Aggregations
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)327
IOException (java.io.IOException)76
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)70
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)53
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)49
DEROctetString (org.bouncycastle.asn1.DEROctetString)48
DERIA5String (org.bouncycastle.asn1.DERIA5String)47
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)44
DERSequence (org.bouncycastle.asn1.DERSequence)41
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)38
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)36
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)35
Extension (org.bouncycastle.asn1.x509.Extension)33
ASN1String (org.bouncycastle.asn1.ASN1String)31
HashSet (java.util.HashSet)30
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)29
ArrayList (java.util.ArrayList)28
DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)27
X500Name (org.bouncycastle.asn1.x500.X500Name)27
