Examples with DerOutputStream sun.security.util.DerOutputStream used on opensource projects

Example 66 with DerOutputStream

use of sun.security.util.DerOutputStream in project j2objc by google.

the class DistributionPoint method encode.

/**
 * Write the DistributionPoint value to the DerOutputStream.
 *
 * @param out the DerOutputStream to write the extension to.
 * @exception IOException on error.
 */
public void encode(DerOutputStream out) throws IOException {
    DerOutputStream tagged = new DerOutputStream();
    // NOTE: only one of pointNames and pointRDN can be set
    if ((fullName != null) || (relativeName != null)) {
        DerOutputStream distributionPoint = new DerOutputStream();
        if (fullName != null) {
            DerOutputStream derOut = new DerOutputStream();
            fullName.encode(derOut);
            distributionPoint.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_FULL_NAME), derOut);
        } else if (relativeName != null) {
            DerOutputStream derOut = new DerOutputStream();
            relativeName.encode(derOut);
            distributionPoint.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_REL_NAME), derOut);
        }
        tagged.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_DIST_PT), distributionPoint);
    }
    if (reasonFlags != null) {
        DerOutputStream reasons = new DerOutputStream();
        BitArray rf = new BitArray(reasonFlags);
        reasons.putTruncatedUnalignedBitString(rf);
        tagged.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, false, TAG_REASONS), reasons);
    }
    if (crlIssuer != null) {
        DerOutputStream issuer = new DerOutputStream();
        crlIssuer.encode(issuer);
        tagged.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_ISSUER), issuer);
    }
    out.write(DerValue.tag_Sequence, tagged);
}

Example 67 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class PKCS12KeyStore method setKeyEntry.

/*
     * Sets a key entry (with attributes, when present)
     */
private void setKeyEntry(String alias, Key key, KeyStore.PasswordProtection passwordProtection, Certificate[] chain, Set<KeyStore.Entry.Attribute> attributes) throws KeyStoreException {
    try {
        Entry entry;
        if (key instanceof PrivateKey) {
            PrivateKeyEntry keyEntry = new PrivateKeyEntry();
            keyEntry.date = new Date();
            if ((key.getFormat().equals("PKCS#8")) || (key.getFormat().equals("PKCS8"))) {
                if (debug != null) {
                    debug.println("Setting a protected private key (" + key.getClass().getName() + ") at alias '" + alias + "'");
                }
                // Encrypt the private key
                keyEntry.protectedPrivKey = encryptPrivateKey(key.getEncoded(), passwordProtection);
            } else {
                throw new KeyStoreException("Private key is not encoded" + "as PKCS#8");
            }
            // clone the chain
            if (chain != null) {
                // validate cert-chain
                if ((chain.length > 1) && (!validateChain(chain)))
                    throw new KeyStoreException("Certificate chain is " + "not valid");
                keyEntry.chain = chain.clone();
                certificateCount += chain.length;
                if (debug != null) {
                    debug.println("Setting a " + chain.length + "-certificate chain at alias '" + alias + "'");
                }
            }
            privateKeyCount++;
            entry = keyEntry;
        } else if (key instanceof SecretKey) {
            SecretKeyEntry keyEntry = new SecretKeyEntry();
            keyEntry.date = new Date();
            // Encode secret key in a PKCS#8
            DerOutputStream pkcs8 = new DerOutputStream();
            DerOutputStream secretKeyInfo = new DerOutputStream();
            secretKeyInfo.putInteger(0);
            AlgorithmId algId = AlgorithmId.get(key.getAlgorithm());
            algId.encode(secretKeyInfo);
            secretKeyInfo.putOctetString(key.getEncoded());
            pkcs8.write(DerValue.tag_Sequence, secretKeyInfo);
            // Encrypt the secret key (using same PBE as for private keys)
            keyEntry.protectedSecretKey = encryptPrivateKey(pkcs8.toByteArray(), passwordProtection);
            if (debug != null) {
                debug.println("Setting a protected secret key (" + key.getClass().getName() + ") at alias '" + alias + "'");
            }
            secretKeyCount++;
            entry = keyEntry;
        } else {
            throw new KeyStoreException("Unsupported Key type");
        }
        entry.attributes = new HashSet<>();
        if (attributes != null) {
            entry.attributes.addAll(attributes);
        }
        // set the keyId to current date
        entry.keyId = ("Time " + (entry.date).getTime()).getBytes("UTF8");
        // set the alias
        entry.alias = alias.toLowerCase(Locale.ENGLISH);
        // add the entry
        entries.put(alias.toLowerCase(Locale.ENGLISH), entry);
    } catch (Exception nsae) {
        throw new KeyStoreException("Key protection " + " algorithm not found: " + nsae, nsae);
    }
}

Example 68 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class PKCS12KeyStore method calculateMac.

/*
     * Calculate MAC using HMAC algorithm (required for password integrity)
     *
     * Hash-based MAC algorithm combines secret key with message digest to
     * create a message authentication code (MAC)
     */
private byte[] calculateMac(char[] passwd, byte[] data) throws IOException {
    byte[] mData = null;
    String algName = "SHA1";
    try {
        // Generate a random salt.
        byte[] salt = getSalt();
        // generate MAC (MAC key is generated within JCE)
        Mac m = Mac.getInstance("HmacPBESHA1");
        PBEParameterSpec params = new PBEParameterSpec(salt, iterationCount);
        SecretKey key = getPBEKey(passwd);
        m.init(key, params);
        m.update(data);
        byte[] macResult = m.doFinal();
        // encode as MacData
        MacData macData = new MacData(algName, macResult, salt, iterationCount);
        DerOutputStream bytes = new DerOutputStream();
        bytes.write(macData.getEncoded());
        mData = bytes.toByteArray();
    } catch (Exception e) {
        throw new IOException("calculateMac failed: " + e, e);
    }
    return mData;
}

Example 69 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class CRLDistributionPointsExtension method encodeThis.

// Encode this extension value
private void encodeThis() throws IOException {
    if (distributionPoints.isEmpty()) {
        this.extensionValue = null;
    } else {
        DerOutputStream pnts = new DerOutputStream();
        for (DistributionPoint point : distributionPoints) {
            point.encode(pnts);
        }
        DerOutputStream seq = new DerOutputStream();
        seq.write(DerValue.tag_Sequence, pnts);
        this.extensionValue = seq.toByteArray();
    }
}

Example 70 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class CRLDistributionPointsExtension method encode.

/**
     * Write the extension to the DerOutputStream.
     * (Also called by the subclass)
     */
protected void encode(OutputStream out, ObjectIdentifier extensionId, boolean isCritical) throws IOException {
    DerOutputStream tmp = new DerOutputStream();
    if (this.extensionValue == null) {
        this.extensionId = extensionId;
        this.critical = isCritical;
        encodeThis();
    }
    super.encode(tmp);
    out.write(tmp.toByteArray());
}