Search in sources :

Example 46 with ASN1InputStream

use of org.spongycastle.asn1.ASN1InputStream in project jmulticard by ctt-gob-es.

the class SecureMessaging method unwrap.

/**
 * Obtiene la APDU de respuesta en claro a partir de una APDU protegida.
 * @param responseApduEncrypted APDU protegida.
 * @return APDU en claro.
 * @throws SecureMessagingException En cualquier error.
 */
public ResponseApdu unwrap(final ResponseApdu responseApduEncrypted) throws SecureMessagingException {
    DO87 do87 = null;
    DO99 do99 = null;
    DO8E do8E = null;
    incrementAtIndex(this.ssc);
    int pointer = 0;
    final byte[] rapduBytes = responseApduEncrypted.getData();
    final byte[] subArray = new byte[rapduBytes.length];
    while (pointer < rapduBytes.length) {
        System.arraycopy(rapduBytes, pointer, subArray, 0, rapduBytes.length - pointer);
        final byte[] encodedBytes;
        try (final ASN1InputStream asn1sp = new ASN1InputStream(subArray)) {
            encodedBytes = asn1sp.readObject().getEncoded();
        } catch (final IOException e) {
            throw new SecureMessagingException(e);
        }
        try (final ASN1InputStream asn1in = new ASN1InputStream(encodedBytes)) {
            switch(encodedBytes[0]) {
                case (byte) 0x87:
                    do87 = new DO87();
                    do87.fromByteArray(asn1in.readObject().getEncoded());
                    break;
                case (byte) 0x99:
                    do99 = new DO99();
                    do99.fromByteArray(asn1in.readObject().getEncoded());
                    break;
                case (byte) 0x8E:
                    do8E = new DO8E();
                    do8E.fromByteArray(asn1in.readObject().getEncoded());
                    break;
                default:
                    break;
            }
        } catch (final IOException e) {
            throw new SecureMessagingException(e);
        }
        pointer += encodedBytes.length;
    }
    if (do99 == null || do8E == null) {
        // DO99 es obligatorio //$NON-NLS-1$
        throw new SecureMessagingException("Error en SecureMessaging: DO99 o DO8E no encontrados");
    }
    // Construct K (SSC||DO87||DO99)
    final ByteArrayOutputStream bout = new ByteArrayOutputStream();
    try {
        if (do87 != null) {
            bout.write(do87.getEncoded());
        }
        bout.write(do99.getEncoded());
    } catch (final IOException e) {
        throw new SecureMessagingException(e);
    }
    this.crypto.init(this.kmac, this.ssc);
    final byte[] cc = this.crypto.getMAC(bout.toByteArray());
    final byte[] do8eData = do8E.getData();
    if (!java.util.Arrays.equals(cc, do8eData)) {
        throw new SecureMessagingException(// $NON-NLS-1$
        "Checksum incorrecto\n CC Calculado: " + HexUtils.hexify(cc, false) + // $NON-NLS-1$
        "\nCC en DO8E: " + HexUtils.hexify(do8eData, false));
    }
    // Desencriptar DO87
    final byte[] unwrappedAPDUBytes;
    if (do87 != null) {
        this.crypto.init(this.kenc, this.ssc);
        final byte[] do87Data = do87.getData();
        final byte[] data;
        try {
            data = this.crypto.decrypt(do87Data);
        } catch (final AmCryptoException e) {
            throw new SecureMessagingException(e);
        }
        // Construir la respuesta APDU desencriptada
        unwrappedAPDUBytes = new byte[data.length + 2];
        System.arraycopy(data, 0, unwrappedAPDUBytes, 0, data.length);
        final byte[] do99Data = do99.getData();
        System.arraycopy(do99Data, 0, unwrappedAPDUBytes, data.length, do99Data.length);
    } else {
        unwrappedAPDUBytes = do99.getData().clone();
    }
    return new ResponseApdu(unwrappedAPDUBytes);
}
Also used : ASN1InputStream(org.spongycastle.asn1.ASN1InputStream) ResponseApdu(es.gob.jmulticard.apdu.ResponseApdu) IOException(java.io.IOException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) AmCryptoException(es.gob.jmulticard.de.tsenger.androsmex.crypto.AmCryptoException)

Example 47 with ASN1InputStream

use of org.spongycastle.asn1.ASN1InputStream in project android_packages_apps_Settings by DirtyUnicorns.

the class CredentialStorage method isHardwareBackedKey.

private boolean isHardwareBackedKey(byte[] keyData) {
    try {
        ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(keyData));
        PrivateKeyInfo pki = PrivateKeyInfo.getInstance(bIn.readObject());
        String algOid = pki.getAlgorithmId().getAlgorithm().getId();
        String algName = new AlgorithmId(new ObjectIdentifier(algOid)).getName();
        return KeyChain.isBoundKeyAlgorithm(algName);
    } catch (IOException e) {
        Log.e(TAG, "Failed to parse key data");
        return false;
    }
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) AlgorithmId(sun.security.x509.AlgorithmId) IOException(java.io.IOException) PrivateKeyInfo(com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo) ObjectIdentifier(sun.security.util.ObjectIdentifier)

Example 48 with ASN1InputStream

use of org.spongycastle.asn1.ASN1InputStream in project android_packages_apps_Settings by DirtyUnicorns.

the class CertInstallerHelper method isCa.

private boolean isCa(X509Certificate cert) {
    try {
        byte[] asn1EncodedBytes = cert.getExtensionValue("2.5.29.19");
        if (asn1EncodedBytes == null) {
            return false;
        }
        DEROctetString derOctetString = (DEROctetString) new ASN1InputStream(asn1EncodedBytes).readObject();
        byte[] octets = derOctetString.getOctets();
        ASN1Sequence sequence = (ASN1Sequence) new ASN1InputStream(octets).readObject();
        return BasicConstraints.getInstance(sequence).isCA();
    } catch (IOException e) {
        return false;
    }
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ASN1Sequence(com.android.org.bouncycastle.asn1.ASN1Sequence) IOException(java.io.IOException) DEROctetString(com.android.org.bouncycastle.asn1.DEROctetString)

Example 49 with ASN1InputStream

use of org.spongycastle.asn1.ASN1InputStream in project signer by demoiselle.

the class CertificateHelper method createSubjectKeyIdentifier.

private static SubjectKeyIdentifier createSubjectKeyIdentifier(Key key) throws IOException {
    ByteArrayInputStream bIn = new ByteArrayInputStream(key.getEncoded());
    ASN1InputStream is = null;
    try {
        is = new ASN1InputStream(bIn);
        ASN1Sequence seq = (ASN1Sequence) is.readObject();
        SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(seq);
        return new BcX509ExtensionUtils().createSubjectKeyIdentifier(info);
    } finally {
        IOUtils.closeQuietly(is);
    }
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ByteArrayInputStream(java.io.ByteArrayInputStream) BcX509ExtensionUtils(org.bouncycastle.cert.bc.BcX509ExtensionUtils) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)

Example 50 with ASN1InputStream

use of org.spongycastle.asn1.ASN1InputStream in project webcert by sklintyg.

the class ASN1UtilImpl method getValue.

@Override
public String getValue(String identifier, InputStream asn1Signature) {
    ByteArrayInputStream bais = null;
    ASN1InputStream asn1InputStream = null;
    try {
        bais = convertStream(asn1Signature);
        asn1InputStream = new ASN1InputStream(bais);
        DERObject obj = asn1InputStream.readObject();
        ContentInfo contentInfo = ContentInfo.getInstance(obj);
        // Extract certificates
        SignedData signedData = SignedData.getInstance(contentInfo.getContent());
        return findInCertificate(identifier, (DERObject) signedData.getCertificates().getObjectAt(0));
    } catch (IOException e) {
        LOG.error("Error parsing signature: {}", e.getMessage());
        throw new IllegalStateException(e);
    } finally {
        IOUtils.closeQuietly(bais);
        IOUtils.closeQuietly(asn1InputStream);
    }
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DERObject(org.bouncycastle.asn1.DERObject) SignedData(org.bouncycastle.asn1.pkcs.SignedData) ByteArrayInputStream(java.io.ByteArrayInputStream) ContentInfo(org.bouncycastle.asn1.pkcs.ContentInfo) IOException(java.io.IOException)

Aggregations

ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)99 IOException (java.io.IOException)81 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)34 ByteArrayInputStream (java.io.ByteArrayInputStream)28 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)22 BigInteger (java.math.BigInteger)20 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)19 CertificateException (java.security.cert.CertificateException)19 X509Certificate (java.security.cert.X509Certificate)19 DEROctetString (org.bouncycastle.asn1.DEROctetString)19 CertificateParsingException (java.security.cert.CertificateParsingException)18 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)17 Enumeration (java.util.Enumeration)17 CertificateEncodingException (java.security.cert.CertificateEncodingException)16 InvalidKeyException (java.security.InvalidKeyException)14 CRLException (java.security.cert.CRLException)14 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)14 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)12 NoSuchProviderException (java.security.NoSuchProviderException)11 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)11