Examples with DERBitString - org.spongycastle.asn1.DERBitString

Example 1 with DERBitString

use of org.spongycastle.asn1.DERBitString in project xwiki-commons by xwiki.

the class BcUtils method getX509CertificateHolder.

/**
 * Build the structure of an X.509 certificate.
 *
 * @param tbsCert the to be signed structure
 * @param signature the signature
 * @return a X.509 certificate holder.
 */
public static X509CertificateHolder getX509CertificateHolder(TBSCertificate tbsCert, byte[] signature) {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(tbsCert);
    v.add(tbsCert.getSignature());
    v.add(new DERBitString(signature));
    return new X509CertificateHolder(Certificate.getInstance(new DERSequence(v)));
}

Also used : DERSequence(org.bouncycastle.asn1.DERSequence) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERBitString(org.bouncycastle.asn1.DERBitString)

Example 2 with DERBitString

use of org.spongycastle.asn1.DERBitString in project OpenUnison by TremoloSecurity.

the class U2fAttestation method Parse.

/**
 * Parses a transport extension from an attestation certificate and returns
 * a List of HardwareFeatures supported by the security key. The specification of
 * the HardwareFeatures in the certificate should match their internal definition in
 * device_auth.proto
 *
 * <p>The expected transport extension value is a BIT STRING containing the enabled
 * transports:
 *
 *  <p>FIDOU2FTransports ::= BIT STRING {
 *       bluetoothRadio(0), -- Bluetooth Classic
 *       bluetoothLowEnergyRadio(1),
 *       uSB(2),
 *       nFC(3)
 *     }
 *
 *   <p>Note that the BIT STRING must be wrapped in an OCTET STRING.
 *   An extension that encodes BT, BLE, and NFC then looks as follows:
 *
 *   <p>SEQUENCE (2 elem)
 *      OBJECT IDENTIFIER 1.3.6.1.4.1.45724.2.1.1
 *      OCTET STRING (1 elem)
 *        BIT STRING (4 bits) 1101
 *
 * @param cert the certificate to parse for extension
 * @return the supported transports as a List of HardwareFeatures or null if no extension
 * was found
 * @throws CertificateParsingException
 */
public static U2fAttestation Parse(X509Certificate cert) throws CertificateParsingException {
    ASN1OctetString extValue = X509ExtensionParsingUtil.extractExtensionValue(cert, TRANSPORT_EXTENSION_OID);
    if (extValue == null) {
        // No Transport extension was found
        return new U2fAttestation(null);
    }
    // Read out the BitString
    ASN1Object asn1Object = X509ExtensionParsingUtil.getAsn1Object(extValue.getOctets());
    if (asn1Object == null || !(asn1Object instanceof DERBitString)) {
        throw new CertificateParsingException("No BitString found in transports extension");
    }
    DERBitString bitString = (DERBitString) asn1Object;
    byte[] values = bitString.getBytes();
    BitSet bitSet = BitSet.valueOf(values);
    // We might have more defined transports than used by the extension
    List<Transports> transports = new ArrayList<Transports>();
    for (int i = 0; i < BITS_IN_A_BYTE; i++) {
        if (bitSet.get(BITS_IN_A_BYTE - i - 1)) {
            transports.add(Transports.values()[i]);
        }
    }
    return new U2fAttestation(transports);
}

Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) CertificateParsingException(java.security.cert.CertificateParsingException) Transports(com.google.u2f.server.data.SecurityKeyData.Transports) BitSet(java.util.BitSet) ArrayList(java.util.ArrayList) DERBitString(org.bouncycastle.asn1.DERBitString) ASN1Object(org.bouncycastle.asn1.ASN1Object)

Example 3 with DERBitString

use of org.spongycastle.asn1.DERBitString in project Elastos.DID.Java.SDK by elastos.

the class ECKey method extractKeyFromASN1.

private static ECKey extractKeyFromASN1(byte[] asn1privkey) {
    // 
    try {
        ASN1InputStream decoder = new ASN1InputStream(asn1privkey);
        DLSequence seq = (DLSequence) decoder.readObject();
        checkArgument(decoder.readObject() == null, "Input contains extra bytes");
        decoder.close();
        checkArgument(seq.size() == 4, "Input does not appear to be an ASN.1 OpenSSL EC private key");
        checkArgument(((ASN1Integer) seq.getObjectAt(0)).getValue().equals(BigInteger.ONE), "Input is of wrong version");
        byte[] privbits = ((ASN1OctetString) seq.getObjectAt(1)).getOctets();
        BigInteger privkey = new BigInteger(1, privbits);
        ASN1TaggedObject pubkey = (ASN1TaggedObject) seq.getObjectAt(3);
        checkArgument(pubkey.getTagNo() == 1, "Input has 'publicKey' with bad tag number");
        byte[] pubbits = ((DERBitString) pubkey.getObject()).getBytes();
        checkArgument(pubbits.length == 33 || pubbits.length == 65, "Input has 'publicKey' with invalid length");
        int encoding = pubbits[0] & 0xFF;
        // Only allow compressed(2,3) and uncompressed(4), not infinity(0) or hybrid(6,7)
        checkArgument(encoding >= 2 && encoding <= 4, "Input has 'publicKey' with invalid encoding");
        // Now sanity check to ensure the pubkey bytes match the privkey.
        boolean compressed = isPubKeyCompressed(pubbits);
        ECKey key = new ECKey(privkey, (byte[]) null, compressed);
        if (!Arrays.equals(key.getPubKey(), pubbits))
            throw new IllegalArgumentException("Public key in ASN.1 structure does not match private key.");
        return key;
    } catch (IOException e) {
        // Cannot happen, reading from memory stream.
        throw new RuntimeException(e);
    }
}

Also used : ASN1OctetString(org.spongycastle.asn1.ASN1OctetString) ASN1InputStream(org.spongycastle.asn1.ASN1InputStream) ASN1TaggedObject(org.spongycastle.asn1.ASN1TaggedObject) DERBitString(org.spongycastle.asn1.DERBitString) ASN1Integer(org.spongycastle.asn1.ASN1Integer) IOException(java.io.IOException) ECPoint(org.spongycastle.math.ec.ECPoint) LazyECPoint(org.bitcoinj.crypto.LazyECPoint) DLSequence(org.spongycastle.asn1.DLSequence) BigInteger(java.math.BigInteger)

Example 4 with DERBitString

use of org.spongycastle.asn1.DERBitString in project attestation by TokenScript.

the class CryptoTest method testAddressWithReferenceKey.

/**
 * Reference key found here https://medium.com/@tunatore/how-to-generate-ethereum-addresses-technical-address-generation-explanation-and-online-course-9a56359f139e
 */
@Test
public void testAddressWithReferenceKey() throws IOException {
    String hexKey = "048e66b3e549818ea2cb354fb70749f6c8de8fa484f7530fc447d5fe80a1c424e4f5ae648d648c980ae7095d1efad87161d83886ca4b6c498ac22a93da5099014a";
    DERBitString derPk = new DERBitString(Hex.decode(hexKey));
    AsymmetricKeyParameter pk = SignatureUtility.restoreDefaultKey(derPk.getEncoded());
    String address = SignatureUtility.addressFromKey(pk);
    assertEquals("0x00B54E93EE2EBA3086A55F4249873E291D1AB06C", address);
}

Also used : AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter) DERBitString(org.bouncycastle.asn1.DERBitString) DERBitString(org.bouncycastle.asn1.DERBitString) Test(org.junit.jupiter.api.Test)

Example 5 with DERBitString

use of org.spongycastle.asn1.DERBitString in project attestation by TokenScript.

the class CoSignedIdentifierAttestation method constructSignedAttestation.

static byte[] constructSignedAttestation(SignedIdentifierAttestation unsignedAtt, byte[] signature) {
    try {
        byte[] rawAtt = unsignedAtt.getDerEncoding();
        ASN1EncodableVector res = new ASN1EncodableVector();
        res.add(ASN1Primitive.fromByteArray(rawAtt));
        res.add(unsignedAtt.getUnsignedAttestation().getSigningAlgorithm());
        res.add(new DERBitString(signature));
        return new DERSequence(res).getEncoded();
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}

Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERBitString(org.bouncycastle.asn1.DERBitString)

Aggregations

DERBitString (org.bouncycastle.asn1.DERBitString)83 IOException (java.io.IOException)42 DERSequence (org.bouncycastle.asn1.DERSequence)38 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)35 DERBitString (com.github.zhenwei.core.asn1.DERBitString)27 ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)15 DERSequence (com.github.zhenwei.core.asn1.DERSequence)15 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)14 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)13 DERIA5String (org.bouncycastle.asn1.DERIA5String)13 InvalidKeyException (java.security.InvalidKeyException)12 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)12 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)12 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)12 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)11 DEROctetString (org.bouncycastle.asn1.DEROctetString)11 ASN1EncodableVector (com.android.org.bouncycastle.asn1.ASN1EncodableVector)10 DERBitString (com.android.org.bouncycastle.asn1.DERBitString)10 KeyPair (java.security.KeyPair)8 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)7