Examples with AlgorithmIdentifier org.spongycastle.asn1.x509.AlgorithmIdentifier used on opensource projects

Example 51 with AlgorithmIdentifier

use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.

the class X509CRL method sign.

@JRubyMethod
public IRubyObject sign(final ThreadContext context, final IRubyObject key, IRubyObject digest) {
    final Ruby runtime = context.runtime;
    final String signatureAlgorithm = getSignatureAlgorithm(runtime, (PKey) key, (Digest) digest);
    final X500Name issuerName = ((X509Name) issuer).getX500Name();
    final java.util.Date thisUpdate = getLastUpdate().toDate();
    final X509v2CRLBuilder generator = new X509v2CRLBuilder(issuerName, thisUpdate);
    final java.util.Date nextUpdate = getNextUpdate().toDate();
    generator.setNextUpdate(nextUpdate);
    if (revoked != null) {
        for (int i = 0; i < revoked.size(); i++) {
            final X509Revoked rev = (X509Revoked) revoked.entry(i);
            BigInteger serial = new BigInteger(rev.callMethod(context, "serial").toString());
            RubyTime t1 = (RubyTime) rev.callMethod(context, "time").callMethod(context, "getutc");
            t1.setMicroseconds(0);
            final Extensions revExts;
            if (rev.hasExtensions()) {
                final RubyArray exts = rev.extensions();
                final ASN1Encodable[] array = new ASN1Encodable[exts.size()];
                for (int j = 0; j < exts.size(); j++) {
                    final X509Extension ext = (X509Extension) exts.entry(j);
                    try {
                        array[j] = ext.toASN1Sequence();
                    } catch (IOException e) {
                        throw newCRLError(runtime, e);
                    }
                }
                revExts = Extensions.getInstance(new DERSequence(array));
            } else {
                revExts = null;
            }
            generator.addCRLEntry(serial, t1.getJavaDate(), revExts);
        }
    }
    try {
        for (int i = 0; i < extensions.size(); i++) {
            X509Extension ext = (X509Extension) extensions.entry(i);
            ASN1Encodable value = ext.getRealValue();
            generator.addExtension(ext.getRealObjectID(), ext.isRealCritical(), value);
        }
    } catch (IOException e) {
        throw newCRLError(runtime, e);
    }
    final PrivateKey privateKey = ((PKey) key).getPrivateKey();
    try {
        if (avoidJavaSecurity) {
        // NOT IMPLEMENTED
        } else {
        // crl = generator.generate(((PKey) key).getPrivateKey());
        }
        /*
            AlgorithmIdentifier keyAldID = new AlgorithmIdentifier(new ASN1ObjectIdentifier(keyAlg));
            AlgorithmIdentifier digAldID = new AlgorithmIdentifier(new ASN1ObjectIdentifier(digAlg));
            final BcContentSignerBuilder signerBuilder;
            final AsymmetricKeyParameter signerPrivateKey;
            if ( isDSA ) {
                signerBuilder = new BcDSAContentSignerBuilder(keyAldID, digAldID);
                DSAPrivateKey privateKey = (DSAPrivateKey) ((PKey) key).getPrivateKey();
                DSAParameters params = new DSAParameters(
                        privateKey.getParams().getP(),
                        privateKey.getParams().getQ(),
                        privateKey.getParams().getG()
                );
                signerPrivateKey = new DSAPrivateKeyParameters(privateKey.getX(), params);
            }
            */
        ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey);
        this.crlHolder = generator.build(signer);
        this.crl = null;
    } catch (IllegalStateException e) {
        debugStackTrace(e);
        throw newCRLError(runtime, e);
    } catch (Exception e) {
        debugStackTrace(e);
        throw newCRLError(runtime, e.getMessage());
    }
    final ASN1Primitive crlVal = getCRLValue(runtime);
    ASN1Sequence v1 = (ASN1Sequence) (((ASN1Sequence) crlVal).getObjectAt(0));
    final ASN1EncodableVector build1 = new ASN1EncodableVector();
    int copyIndex = 0;
    if (v1.getObjectAt(0) instanceof ASN1Integer)
        copyIndex++;
    build1.add(new ASN1Integer(new BigInteger(version.toString())));
    while (copyIndex < v1.size()) {
        build1.add(v1.getObjectAt(copyIndex++));
    }
    final ASN1EncodableVector build2 = new ASN1EncodableVector();
    build2.add(new DLSequence(build1));
    build2.add(((ASN1Sequence) crlVal).getObjectAt(1));
    build2.add(((ASN1Sequence) crlVal).getObjectAt(2));
    this.crlValue = new DLSequence(build2);
    changed = false;
    return this;
}

Example 52 with AlgorithmIdentifier

use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.

the class PKey method readECPrivateKey.

public static KeyPair readECPrivateKey(final KeyFactory ecFactory, final byte[] input) throws IOException, InvalidKeySpecException {
    try {
        ECPrivateKeyStructure pKey = new ECPrivateKeyStructure((ASN1Sequence) ASN1Primitive.fromByteArray(input));
        AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParameters());
        PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey.toASN1Primitive());
        SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(algId, pKey.getPublicKey().getBytes());
        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(privInfo.getEncoded());
        X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
        // KeyFactory            fact = KeyFactory.getInstance("ECDSA", provider);
        ECPrivateKey privateKey = (ECPrivateKey) ecFactory.generatePrivate(privSpec);
        if (algId.getParameters() instanceof ASN1ObjectIdentifier) {
            privateKey = ECPrivateKeyWithName.wrap(privateKey, (ASN1ObjectIdentifier) algId.getParameters());
        }
        return new KeyPair(ecFactory.generatePublic(pubSpec), privateKey);
    } catch (ClassCastException ex) {
        throw new IOException("wrong ASN.1 object found in stream", ex);
    }
// catch (Exception ex) {
// throw new IOException("problem parsing EC private key: " + ex);
// }
}

Example 53 with AlgorithmIdentifier

use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.

the class RecipInfo method set.

/**
 * c: PKCS7_RECIP_INFO_set
 */
public void set(X509AuxCertificate cert) throws PKCS7Exception {
    version = 0;
    X500Name issuer = X500Name.getInstance(cert.getIssuerX500Principal().getEncoded());
    BigInteger serial = cert.getSerialNumber();
    issuerAndSerial = new IssuerAndSerialNumber(issuer, serial);
    String algo = addEncryptionIfNeeded(cert.getPublicKey().getAlgorithm());
    keyEncAlgor = new AlgorithmIdentifier(ASN1Registry.sym2oid(algo));
    this.cert = cert;
}

Example 54 with AlgorithmIdentifier

use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.

the class Signed method algorithmIdentifiersFromASN1Set.

private static Set<AlgorithmIdentifier> algorithmIdentifiersFromASN1Set(ASN1Encodable content) {
    ASN1Set set = (ASN1Set) content;
    Set<AlgorithmIdentifier> result = new HashSet<AlgorithmIdentifier>();
    for (Enumeration<?> e = set.getObjects(); e.hasMoreElements(); ) {
        result.add(AlgorithmIdentifier.getInstance(e.nextElement()));
    }
    return result;
}

Example 55 with AlgorithmIdentifier

use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.

the class PKCS10Request method resetSignedRequest.

private void resetSignedRequest() {
    if (signedRequest == null)
        return;
    CertificationRequest req = signedRequest.toASN1Structure();
    CertificationRequestInfo reqInfo = new CertificationRequestInfo(subject, publicKeyInfo, req.getCertificationRequestInfo().getAttributes());
    ASN1Sequence seq = (ASN1Sequence) req.toASN1Primitive();
    req = new CertificationRequest(reqInfo, (AlgorithmIdentifier) seq.getObjectAt(1), (DERBitString) seq.getObjectAt(2));
    // valid = true;
    signedRequest = new PKCS10CertificationRequest(req);
}