use of org.openecard.bouncycastle.asn1.DERSequence in project XobotOS by xamarin.
the class X509Name method toASN1Object.
public DERObject toASN1Object() {
if (seq == null) {
ASN1EncodableVector vec = new ASN1EncodableVector();
ASN1EncodableVector sVec = new ASN1EncodableVector();
DERObjectIdentifier lstOid = null;
for (int i = 0; i != ordering.size(); i++) {
ASN1EncodableVector v = new ASN1EncodableVector();
DERObjectIdentifier oid = (DERObjectIdentifier) ordering.elementAt(i);
v.add(oid);
String str = (String) values.elementAt(i);
v.add(converter.getConvertedValue(oid, str));
if (lstOid == null || ((Boolean) this.added.elementAt(i)).booleanValue()) {
sVec.add(new DERSequence(v));
} else {
vec.add(new DERSet(sVec));
sVec = new ASN1EncodableVector();
sVec.add(new DERSequence(v));
}
lstOid = oid;
}
vec.add(new DERSet(sVec));
seq = new DERSequence(vec);
}
return seq;
}
use of org.openecard.bouncycastle.asn1.DERSequence in project android_frameworks_base by AOSPA.
the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.
@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
ASN1ObjectIdentifier sigAlgOid;
AlgorithmIdentifier sigAlgId;
byte[] signature;
switch(mKeymasterAlgorithm) {
case KeymasterDefs.KM_ALGORITHM_EC:
sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
sigAlgId = new AlgorithmIdentifier(sigAlgOid);
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(0));
signature = new DERSequence().getEncoded();
break;
case KeymasterDefs.KM_ALGORITHM_RSA:
sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
signature = new byte[1];
break;
default:
throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
}
try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
}
tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
tbsGenerator.setSubject(subject);
tbsGenerator.setIssuer(subject);
tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
tbsGenerator.setSignature(sigAlgId);
TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
ASN1EncodableVector result = new ASN1EncodableVector();
result.add(tbsCertificate);
result.add(sigAlgId);
result.add(new DERBitString(signature));
return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
use of org.openecard.bouncycastle.asn1.DERSequence in project wildfly by wildfly.
the class KerberosTestUtils method generateSpnegoTokenResp.
/**
* Generates SPNEGO response (to a "select mechanism challenge") with given bytes as the ticket for selected mechanism.
*
* @param ticket
* @return ASN.1 encoded SPNEGO response
*/
public static byte[] generateSpnegoTokenResp(byte[] ticket) throws IOException {
DEROctetString ourKerberosTicket = new DEROctetString(ticket);
// accept-incomplete
DERTaggedObject taggedNegState = new DERTaggedObject(0, new ASN1Enumerated(1));
DERTaggedObject taggedResponseToken = new DERTaggedObject(2, ourKerberosTicket);
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(taggedNegState);
v.add(taggedResponseToken);
DERSequence seqNegTokenResp = new DERSequence(v);
DERTaggedObject taggedSpnego = new DERTaggedObject(1, seqNegTokenResp);
return taggedSpnego.getEncoded();
}
use of org.openecard.bouncycastle.asn1.DERSequence in project oxAuth by GluuFederation.
the class OxAuthCryptoProvider method generateV3Certificate.
public X509Certificate generateV3Certificate(KeyPair keyPair, String issuer, String signatureAlgorithm, Long expirationTime) throws CertIOException, OperatorCreationException, CertificateException {
PrivateKey privateKey = keyPair.getPrivate();
PublicKey publicKey = keyPair.getPublic();
// Signers name
X500Name issuerName = new X500Name(issuer);
// Subjects name - the same as we are self signed.
X500Name subjectName = new X500Name(issuer);
// Serial
BigInteger serial = new BigInteger(256, new SecureRandom());
// Not before
Date notBefore = new Date(System.currentTimeMillis() - 10000);
Date notAfter = new Date(expirationTime);
// Create the certificate - version 3
JcaX509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, notBefore, notAfter, subjectName, publicKey);
ASN1EncodableVector purposes = new ASN1EncodableVector();
purposes.add(KeyPurposeId.id_kp_serverAuth);
purposes.add(KeyPurposeId.id_kp_clientAuth);
purposes.add(KeyPurposeId.anyExtendedKeyUsage);
ASN1ObjectIdentifier extendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37").intern();
builder.addExtension(extendedKeyUsage, false, new DERSequence(purposes));
ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).setProvider("BC").build(privateKey);
X509CertificateHolder holder = builder.build(signer);
X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(holder);
return cert;
}
use of org.openecard.bouncycastle.asn1.DERSequence in project robovm by robovm.
the class CertUtils method generateAttrStructure.
private static AttributeCertificate generateAttrStructure(AttributeCertificateInfo attrInfo, AlgorithmIdentifier sigAlgId, byte[] signature) {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(attrInfo);
v.add(sigAlgId);
v.add(new DERBitString(signature));
return AttributeCertificate.getInstance(new DERSequence(v));
}
Aggregations