Search in sources :

Example 11 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project felix by apache.

the class CertificateUtil method createSelfSignedCert.

private static X509Certificate createSelfSignedCert(String commonName, KeyPair keypair) throws Exception {
    PublicKey publicKey = keypair.getPublic();
    String keyAlg = DPSigner.getSignatureAlgorithm(publicKey);
    X500Name issuer = new X500Name(commonName);
    BigInteger serial = BigInteger.probablePrime(16, new Random());
    Date notBefore = new Date(System.currentTimeMillis() - 1000);
    Date notAfter = new Date(notBefore.getTime() + 6000);
    SubjectPublicKeyInfo pubKeyInfo;
    try (ASN1InputStream is = new ASN1InputStream(publicKey.getEncoded())) {
        pubKeyInfo = SubjectPublicKeyInfo.getInstance(is.readObject());
    }
    X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, serial, notBefore, notAfter, issuer, pubKeyInfo);
    builder.addExtension(new Extension(Extension.basicConstraints, true, new DEROctetString(new BasicConstraints(false))));
    X509CertificateHolder certHolder = builder.build(new JcaContentSignerBuilder(keyAlg).build(keypair.getPrivate()));
    return new JcaX509CertificateConverter().getCertificate(certHolder);
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) PublicKey(java.security.PublicKey) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) DEROctetString(org.bouncycastle.asn1.DEROctetString) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Date(java.util.Date) DEROctetString(org.bouncycastle.asn1.DEROctetString) Extension(org.bouncycastle.asn1.x509.Extension) Random(java.util.Random) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints)

Example 12 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project android_packages_apps_Settings by LineageOS.

the class CertInstallerHelper method isCa.

private boolean isCa(X509Certificate cert) {
    try {
        byte[] asn1EncodedBytes = cert.getExtensionValue("2.5.29.19");
        if (asn1EncodedBytes == null) {
            return false;
        }
        DEROctetString derOctetString = (DEROctetString) new ASN1InputStream(asn1EncodedBytes).readObject();
        byte[] octets = derOctetString.getOctets();
        ASN1Sequence sequence = (ASN1Sequence) new ASN1InputStream(octets).readObject();
        return BasicConstraints.getInstance(sequence).isCA();
    } catch (IOException e) {
        return false;
    }
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ASN1Sequence(com.android.org.bouncycastle.asn1.ASN1Sequence) IOException(java.io.IOException) DEROctetString(com.android.org.bouncycastle.asn1.DEROctetString)

Example 13 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project pdfbox by apache.

the class CertInformationHelper method getAuthorityInfoExtensionValue.

/**
 * Extracts authority information access extension values from the given data. The Data
 * structure has to be implemented as described in RFC 2459, 4.2.2.1.
 *
 * @param extensionValue byte[] of the extension value.
 * @param certInfo where to put the found values
 * @throws IOException when there is a problem with the extensionValue
 */
protected static void getAuthorityInfoExtensionValue(byte[] extensionValue, CertSignatureInformation certInfo) throws IOException {
    ASN1Sequence asn1Seq = (ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue);
    Enumeration<?> objects = asn1Seq.getObjects();
    while (objects.hasMoreElements()) {
        // AccessDescription
        ASN1Sequence obj = (ASN1Sequence) objects.nextElement();
        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) obj.getObjectAt(0);
        // accessLocation
        DERTaggedObject location = (DERTaggedObject) obj.getObjectAt(1);
        if (oid.equals(X509ObjectIdentifiers.id_ad_ocsp) && location.getTagNo() == GeneralName.uniformResourceIdentifier) {
            DEROctetString url = (DEROctetString) location.getObject();
            certInfo.setOcspUrl(new String(url.getOctets()));
        } else if (oid.equals(X509ObjectIdentifiers.id_ad_caIssuers)) {
            DEROctetString uri = (DEROctetString) location.getObject();
            certInfo.setIssuerUrl(new String(uri.getOctets()));
        }
    }
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Example 14 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project nuls by nuls-io.

the class SM2Utils method encrypt.

public static byte[] encrypt(byte[] publicKey, byte[] data) throws IOException {
    if (publicKey == null || publicKey.length == 0) {
        return null;
    }
    if (data == null || data.length == 0) {
        return null;
    }
    byte[] source = new byte[data.length];
    System.arraycopy(data, 0, source, 0, data.length);
    Cipher cipher = new Cipher();
    SM2 sm2 = SM2.Instance();
    ECPoint userKey = sm2.ecc_curve.decodePoint(publicKey);
    ECPoint c1 = cipher.initEnc(sm2, userKey);
    cipher.encrypt(source);
    byte[] c3 = new byte[32];
    cipher.dofinal(c3);
    DERInteger x = new DERInteger(c1.getX().toBigInteger());
    DERInteger y = new DERInteger(c1.getY().toBigInteger());
    DEROctetString derDig = new DEROctetString(c3);
    DEROctetString derEnc = new DEROctetString(source);
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(x);
    v.add(y);
    v.add(derDig);
    v.add(derEnc);
    DERSequence seq = new DERSequence(v);
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    DEROutputStream dos = new DEROutputStream(bos);
    dos.writeObject(seq);
    return bos.toByteArray();
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ECPoint(org.bouncycastle.math.ec.ECPoint) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERInteger(org.bouncycastle.asn1.DERInteger) DEROutputStream(org.bouncycastle.asn1.DEROutputStream)

Example 15 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project xipki by xipki.

the class OcspBenchRequestor method init.

public void init(OcspBenchmark responseHandler, String responderUrl, Certificate issuerCert, RequestOptions requestOptions, int queueSize) throws Exception {
    ParamUtil.requireNonNull("issuerCert", issuerCert);
    ParamUtil.requireNonNull("responseHandler", responseHandler);
    this.requestOptions = ParamUtil.requireNonNull("requestOptions", requestOptions);
    HashAlgo hashAlgo = HashAlgo.getInstance(requestOptions.getHashAlgorithmId());
    if (hashAlgo == null) {
        throw new OcspRequestorException("unknown HashAlgo " + requestOptions.getHashAlgorithmId().getId());
    }
    this.issuerhashAlg = hashAlgo.getAlgorithmIdentifier();
    this.issuerNameHash = new DEROctetString(hashAlgo.hash(issuerCert.getSubject().getEncoded()));
    this.issuerKeyHash = new DEROctetString(hashAlgo.hash(issuerCert.getSubjectPublicKeyInfo().getPublicKeyData().getOctets()));
    List<AlgorithmIdentifier> prefSigAlgs = requestOptions.getPreferredSignatureAlgorithms();
    if (prefSigAlgs == null || prefSigAlgs.size() == 0) {
        this.extensions = null;
    } else {
        ASN1EncodableVector vec = new ASN1EncodableVector();
        for (AlgorithmIdentifier algId : prefSigAlgs) {
            ASN1Sequence prefSigAlgObj = new DERSequence(algId);
            vec.add(prefSigAlgObj);
        }
        ASN1Sequence extnValue = new DERSequence(vec);
        Extension extn;
        try {
            extn = new Extension(ObjectIdentifiers.id_pkix_ocsp_prefSigAlgs, false, new DEROctetString(extnValue));
        } catch (IOException ex) {
            throw new OcspRequestorException(ex.getMessage(), ex);
        }
        this.extensions = new Extension[] { extn };
    }
    URI uri = new URI(responderUrl);
    this.responderRawPathPost = uri.getRawPath();
    if (this.responderRawPathPost.endsWith("/")) {
        this.responderRawPathGet = this.responderRawPathPost;
    } else {
        this.responderRawPathGet = this.responderRawPathPost + "/";
    }
    this.httpClient = new HttpClient(responderUrl, responseHandler, queueSize);
    this.httpClient.start();
}
Also used : OcspRequestorException(org.xipki.ocsp.client.api.OcspRequestorException) Extension(org.bouncycastle.asn1.x509.Extension) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERSequence(org.bouncycastle.asn1.DERSequence) HashAlgo(org.xipki.security.HashAlgo) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) IOException(java.io.IOException) URI(java.net.URI) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Aggregations

DEROctetString (org.bouncycastle.asn1.DEROctetString)84 IOException (java.io.IOException)38 DERSequence (org.bouncycastle.asn1.DERSequence)29 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)28 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)26 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)21 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)19 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)18 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)16 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)16 Extension (org.bouncycastle.asn1.x509.Extension)16 BigInteger (java.math.BigInteger)13 Date (java.util.Date)11 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)11 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)11 DERSet (org.bouncycastle.asn1.DERSet)10 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)10 Extensions (org.bouncycastle.asn1.x509.Extensions)10 X509Certificate (java.security.cert.X509Certificate)8 ArrayList (java.util.ArrayList)8