use of org.spongycastle.asn1.ASN1InputStream in project jmulticard by ctt-gob-es.
the class SecureMessaging method unwrap.
/**
* Obtiene la APDU de respuesta en claro a partir de una APDU protegida.
* @param responseApduEncrypted APDU protegida.
* @return APDU en claro.
* @throws SecureMessagingException En cualquier error.
*/
public ResponseApdu unwrap(final ResponseApdu responseApduEncrypted) throws SecureMessagingException {
DO87 do87 = null;
DO99 do99 = null;
DO8E do8E = null;
incrementAtIndex(this.ssc);
int pointer = 0;
final byte[] rapduBytes = responseApduEncrypted.getData();
final byte[] subArray = new byte[rapduBytes.length];
while (pointer < rapduBytes.length) {
System.arraycopy(rapduBytes, pointer, subArray, 0, rapduBytes.length - pointer);
final byte[] encodedBytes;
try (final ASN1InputStream asn1sp = new ASN1InputStream(subArray)) {
encodedBytes = asn1sp.readObject().getEncoded();
} catch (final IOException e) {
throw new SecureMessagingException(e);
}
try (final ASN1InputStream asn1in = new ASN1InputStream(encodedBytes)) {
switch(encodedBytes[0]) {
case (byte) 0x87:
do87 = new DO87();
do87.fromByteArray(asn1in.readObject().getEncoded());
break;
case (byte) 0x99:
do99 = new DO99();
do99.fromByteArray(asn1in.readObject().getEncoded());
break;
case (byte) 0x8E:
do8E = new DO8E();
do8E.fromByteArray(asn1in.readObject().getEncoded());
break;
default:
break;
}
} catch (final IOException e) {
throw new SecureMessagingException(e);
}
pointer += encodedBytes.length;
}
if (do99 == null || do8E == null) {
// DO99 es obligatorio //$NON-NLS-1$
throw new SecureMessagingException("Error en SecureMessaging: DO99 o DO8E no encontrados");
}
// Construct K (SSC||DO87||DO99)
final ByteArrayOutputStream bout = new ByteArrayOutputStream();
try {
if (do87 != null) {
bout.write(do87.getEncoded());
}
bout.write(do99.getEncoded());
} catch (final IOException e) {
throw new SecureMessagingException(e);
}
this.crypto.init(this.kmac, this.ssc);
final byte[] cc = this.crypto.getMAC(bout.toByteArray());
final byte[] do8eData = do8E.getData();
if (!java.util.Arrays.equals(cc, do8eData)) {
throw new SecureMessagingException(// $NON-NLS-1$
"Checksum incorrecto\n CC Calculado: " + HexUtils.hexify(cc, false) + // $NON-NLS-1$
"\nCC en DO8E: " + HexUtils.hexify(do8eData, false));
}
// Desencriptar DO87
final byte[] unwrappedAPDUBytes;
if (do87 != null) {
this.crypto.init(this.kenc, this.ssc);
final byte[] do87Data = do87.getData();
final byte[] data;
try {
data = this.crypto.decrypt(do87Data);
} catch (final AmCryptoException e) {
throw new SecureMessagingException(e);
}
// Construir la respuesta APDU desencriptada
unwrappedAPDUBytes = new byte[data.length + 2];
System.arraycopy(data, 0, unwrappedAPDUBytes, 0, data.length);
final byte[] do99Data = do99.getData();
System.arraycopy(do99Data, 0, unwrappedAPDUBytes, data.length, do99Data.length);
} else {
unwrappedAPDUBytes = do99.getData().clone();
}
return new ResponseApdu(unwrappedAPDUBytes);
}
use of org.spongycastle.asn1.ASN1InputStream in project android_packages_apps_Settings by DirtyUnicorns.
the class CredentialStorage method isHardwareBackedKey.
private boolean isHardwareBackedKey(byte[] keyData) {
try {
ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(keyData));
PrivateKeyInfo pki = PrivateKeyInfo.getInstance(bIn.readObject());
String algOid = pki.getAlgorithmId().getAlgorithm().getId();
String algName = new AlgorithmId(new ObjectIdentifier(algOid)).getName();
return KeyChain.isBoundKeyAlgorithm(algName);
} catch (IOException e) {
Log.e(TAG, "Failed to parse key data");
return false;
}
}
use of org.spongycastle.asn1.ASN1InputStream in project android_packages_apps_Settings by DirtyUnicorns.
the class CertInstallerHelper method isCa.
private boolean isCa(X509Certificate cert) {
try {
byte[] asn1EncodedBytes = cert.getExtensionValue("2.5.29.19");
if (asn1EncodedBytes == null) {
return false;
}
DEROctetString derOctetString = (DEROctetString) new ASN1InputStream(asn1EncodedBytes).readObject();
byte[] octets = derOctetString.getOctets();
ASN1Sequence sequence = (ASN1Sequence) new ASN1InputStream(octets).readObject();
return BasicConstraints.getInstance(sequence).isCA();
} catch (IOException e) {
return false;
}
}
use of org.spongycastle.asn1.ASN1InputStream in project signer by demoiselle.
the class CertificateHelper method createSubjectKeyIdentifier.
private static SubjectKeyIdentifier createSubjectKeyIdentifier(Key key) throws IOException {
ByteArrayInputStream bIn = new ByteArrayInputStream(key.getEncoded());
ASN1InputStream is = null;
try {
is = new ASN1InputStream(bIn);
ASN1Sequence seq = (ASN1Sequence) is.readObject();
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(seq);
return new BcX509ExtensionUtils().createSubjectKeyIdentifier(info);
} finally {
IOUtils.closeQuietly(is);
}
}
use of org.spongycastle.asn1.ASN1InputStream in project webcert by sklintyg.
the class ASN1UtilImpl method getValue.
@Override
public String getValue(String identifier, InputStream asn1Signature) {
ByteArrayInputStream bais = null;
ASN1InputStream asn1InputStream = null;
try {
bais = convertStream(asn1Signature);
asn1InputStream = new ASN1InputStream(bais);
DERObject obj = asn1InputStream.readObject();
ContentInfo contentInfo = ContentInfo.getInstance(obj);
// Extract certificates
SignedData signedData = SignedData.getInstance(contentInfo.getContent());
return findInCertificate(identifier, (DERObject) signedData.getCertificates().getObjectAt(0));
} catch (IOException e) {
LOG.error("Error parsing signature: {}", e.getMessage());
throw new IllegalStateException(e);
} finally {
IOUtils.closeQuietly(bais);
IOUtils.closeQuietly(asn1InputStream);
}
}
Aggregations