Example 96 with DerOutputStream
use of sun.security.util.DerOutputStream in project Bytecoder by mirkosertic.
the class PKCS9Attributes method generateDerEncoding.
private byte[] generateDerEncoding() throws IOException {
DerOutputStream out = new DerOutputStream();
Object[] attribVals = attributes.values().toArray();
out.putOrderedSetOf(DerValue.tag_SetOf, castToDerEncoder(attribVals));
return out.toByteArray();
}
Also used :
DerOutputStream(sun.security.util.DerOutputStream)
Example 97 with DerOutputStream
use of sun.security.util.DerOutputStream in project Bytecoder by mirkosertic.
the class SignerInfo method derEncode.
/**
* DER encode this object onto an output stream.
* Implements the {@code DerEncoder} interface.
*
* @param out
* the output stream on which to write the DER encoding.
*
* @exception IOException on encoding error.
*/
public void derEncode(OutputStream out) throws IOException {
DerOutputStream seq = new DerOutputStream();
seq.putInteger(version);
DerOutputStream issuerAndSerialNumber = new DerOutputStream();
issuerName.encode(issuerAndSerialNumber);
issuerAndSerialNumber.putInteger(certificateSerialNumber);
seq.write(DerValue.tag_Sequence, issuerAndSerialNumber);
digestAlgorithmId.encode(seq);
// encode authenticated attributes if there are any
if (authenticatedAttributes != null)
authenticatedAttributes.encode((byte) 0xA0, seq);
digestEncryptionAlgorithmId.encode(seq);
seq.putOctetString(encryptedDigest);
// encode unauthenticated attributes if there are any
if (unauthenticatedAttributes != null)
unauthenticatedAttributes.encode((byte) 0xA1, seq);
DerOutputStream tmp = new DerOutputStream();
tmp.write(DerValue.tag_Sequence, seq);
out.write(tmp.toByteArray());
}
Also used :
DerOutputStream(sun.security.util.DerOutputStream)
Example 98 with DerOutputStream
use of sun.security.util.DerOutputStream in project Bytecoder by mirkosertic.
the class PKCS12KeyStore method engineStore.
/**
* Stores this keystore to the given output stream, and protects its
* integrity with the given password.
*
* @param stream the output stream to which this keystore is written.
* @param password the password to generate the keystore integrity check
*
* @exception IOException if there was an I/O problem with data
* @exception NoSuchAlgorithmException if the appropriate data integrity
* algorithm could not be found
* @exception CertificateException if any of the certificates included in
* the keystore data could not be stored
*/
public synchronized void engineStore(OutputStream stream, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException {
// password is mandatory when storing
if (password == null) {
throw new IllegalArgumentException("password can't be null");
}
// -- Create PFX
DerOutputStream pfx = new DerOutputStream();
// PFX version (always write the latest version)
DerOutputStream version = new DerOutputStream();
version.putInteger(VERSION_3);
byte[] pfxVersion = version.toByteArray();
pfx.write(pfxVersion);
// -- Create AuthSafe
DerOutputStream authSafe = new DerOutputStream();
// -- Create ContentInfos
DerOutputStream authSafeContentInfo = new DerOutputStream();
// -- create safeContent Data ContentInfo
if (privateKeyCount > 0 || secretKeyCount > 0) {
if (debug != null) {
debug.println("Storing " + (privateKeyCount + secretKeyCount) + " protected key(s) in a PKCS#7 data content-type");
}
byte[] safeContentData = createSafeContent();
ContentInfo dataContentInfo = new ContentInfo(safeContentData);
dataContentInfo.encode(authSafeContentInfo);
}
// -- create EncryptedContentInfo
if (certificateCount > 0) {
if (debug != null) {
debug.println("Storing " + certificateCount + " certificate(s) in a PKCS#7 encryptedData content-type");
}
byte[] encrData = createEncryptedData(password);
ContentInfo encrContentInfo = new ContentInfo(ContentInfo.ENCRYPTED_DATA_OID, new DerValue(encrData));
encrContentInfo.encode(authSafeContentInfo);
}
// wrap as SequenceOf ContentInfos
DerOutputStream cInfo = new DerOutputStream();
cInfo.write(DerValue.tag_SequenceOf, authSafeContentInfo);
byte[] authenticatedSafe = cInfo.toByteArray();
// Create Encapsulated ContentInfo
ContentInfo contentInfo = new ContentInfo(authenticatedSafe);
contentInfo.encode(authSafe);
byte[] authSafeData = authSafe.toByteArray();
pfx.write(authSafeData);
// -- MAC
byte[] macData = calculateMac(password, authenticatedSafe);
pfx.write(macData);
// write PFX to output stream
DerOutputStream pfxout = new DerOutputStream();
pfxout.write(DerValue.tag_Sequence, pfx);
byte[] pfxData = pfxout.toByteArray();
stream.write(pfxData);
stream.flush();
}
Also used :
DerOutputStream(sun.security.util.DerOutputStream)
ContentInfo(sun.security.pkcs.ContentInfo)
DerValue(sun.security.util.DerValue)
Example 99 with DerOutputStream
use of sun.security.util.DerOutputStream in project Bytecoder by mirkosertic.
the class PKCS12KeyStore method createSafeContent.
/*
* Create SafeContent Data content type.
* Includes encrypted secret key in a SafeBag of type SecretBag.
* Includes encrypted private key in a SafeBag of type PKCS8ShroudedKeyBag.
* Each PKCS8ShroudedKeyBag includes pkcs12 attributes
* (see comments in getBagAttributes)
*/
private byte[] createSafeContent() throws CertificateException, IOException {
DerOutputStream out = new DerOutputStream();
for (Enumeration<String> e = engineAliases(); e.hasMoreElements(); ) {
String alias = e.nextElement();
Entry entry = entries.get(alias);
if (entry == null || (!(entry instanceof KeyEntry))) {
continue;
}
DerOutputStream safeBag = new DerOutputStream();
KeyEntry keyEntry = (KeyEntry) entry;
// DER encode the private key
if (keyEntry instanceof PrivateKeyEntry) {
// Create SafeBag of type pkcs8ShroudedKeyBag
safeBag.putOID(PKCS8ShroudedKeyBag_OID);
// get the encrypted private key
byte[] encrBytes = ((PrivateKeyEntry) keyEntry).protectedPrivKey;
EncryptedPrivateKeyInfo encrInfo = null;
try {
encrInfo = new EncryptedPrivateKeyInfo(encrBytes);
} catch (IOException ioe) {
throw new IOException("Private key not stored as " + "PKCS#8 EncryptedPrivateKeyInfo" + ioe.getMessage());
}
// Wrap the EncryptedPrivateKeyInfo in a context-specific tag.
DerOutputStream bagValue = new DerOutputStream();
bagValue.write(encrInfo.getEncoded());
safeBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), bagValue);
// DER encode the secret key
} else if (keyEntry instanceof SecretKeyEntry) {
// Create SafeBag of type SecretBag
safeBag.putOID(SecretBag_OID);
// Create a SecretBag
DerOutputStream secretBag = new DerOutputStream();
secretBag.putOID(PKCS8ShroudedKeyBag_OID);
// Write secret key in a context-specific tag
DerOutputStream secretKeyValue = new DerOutputStream();
secretKeyValue.putOctetString(((SecretKeyEntry) keyEntry).protectedSecretKey);
secretBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), secretKeyValue);
// Wrap SecretBag in a Sequence
DerOutputStream secretBagSeq = new DerOutputStream();
secretBagSeq.write(DerValue.tag_Sequence, secretBag);
byte[] secretBagValue = secretBagSeq.toByteArray();
// Wrap the secret bag in a context-specific tag.
DerOutputStream bagValue = new DerOutputStream();
bagValue.write(secretBagValue);
// Write SafeBag value
safeBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), bagValue);
} else {
// skip this entry
continue;
}
// write SafeBag Attributes
byte[] bagAttrs = getBagAttributes(alias, entry.keyId, entry.attributes);
safeBag.write(bagAttrs);
// wrap as Sequence
out.write(DerValue.tag_Sequence, safeBag);
}
// wrap as Sequence
DerOutputStream safeBagValue = new DerOutputStream();
safeBagValue.write(DerValue.tag_Sequence, out);
return safeBagValue.toByteArray();
}
Also used :
DerOutputStream(sun.security.util.DerOutputStream)
EncryptedPrivateKeyInfo(sun.security.pkcs.EncryptedPrivateKeyInfo)
Example 100 with DerOutputStream
use of sun.security.util.DerOutputStream in project Bytecoder by mirkosertic.
the class PKCS12KeyStore method getBagAttributes.
private byte[] getBagAttributes(String alias, byte[] keyId, ObjectIdentifier[] trustedUsage, Set<KeyStore.Entry.Attribute> attributes) throws IOException {
byte[] localKeyID = null;
byte[] friendlyName = null;
byte[] trustedKeyUsage = null;
// return null if all three attributes are null
if ((alias == null) && (keyId == null) && (trustedKeyUsage == null)) {
return null;
}
// SafeBag Attributes
DerOutputStream bagAttrs = new DerOutputStream();
// Encode the friendlyname oid.
if (alias != null) {
DerOutputStream bagAttr1 = new DerOutputStream();
bagAttr1.putOID(PKCS9FriendlyName_OID);
DerOutputStream bagAttrContent1 = new DerOutputStream();
DerOutputStream bagAttrValue1 = new DerOutputStream();
bagAttrContent1.putBMPString(alias);
bagAttr1.write(DerValue.tag_Set, bagAttrContent1);
bagAttrValue1.write(DerValue.tag_Sequence, bagAttr1);
friendlyName = bagAttrValue1.toByteArray();
}
// Encode the localkeyId oid.
if (keyId != null) {
DerOutputStream bagAttr2 = new DerOutputStream();
bagAttr2.putOID(PKCS9LocalKeyId_OID);
DerOutputStream bagAttrContent2 = new DerOutputStream();
DerOutputStream bagAttrValue2 = new DerOutputStream();
bagAttrContent2.putOctetString(keyId);
bagAttr2.write(DerValue.tag_Set, bagAttrContent2);
bagAttrValue2.write(DerValue.tag_Sequence, bagAttr2);
localKeyID = bagAttrValue2.toByteArray();
}
// Encode the trustedKeyUsage oid.
if (trustedUsage != null) {
DerOutputStream bagAttr3 = new DerOutputStream();
bagAttr3.putOID(TrustedKeyUsage_OID);
DerOutputStream bagAttrContent3 = new DerOutputStream();
DerOutputStream bagAttrValue3 = new DerOutputStream();
for (ObjectIdentifier usage : trustedUsage) {
bagAttrContent3.putOID(usage);
}
bagAttr3.write(DerValue.tag_Set, bagAttrContent3);
bagAttrValue3.write(DerValue.tag_Sequence, bagAttr3);
trustedKeyUsage = bagAttrValue3.toByteArray();
}
DerOutputStream attrs = new DerOutputStream();
if (friendlyName != null) {
attrs.write(friendlyName);
}
if (localKeyID != null) {
attrs.write(localKeyID);
}
if (trustedKeyUsage != null) {
attrs.write(trustedKeyUsage);
}
if (attributes != null) {
for (KeyStore.Entry.Attribute attribute : attributes) {
String attributeName = attribute.getName();
// skip friendlyName, localKeyId and trustedKeyUsage
if (CORE_ATTRIBUTES[0].equals(attributeName) || CORE_ATTRIBUTES[1].equals(attributeName) || CORE_ATTRIBUTES[2].equals(attributeName)) {
continue;
}
attrs.write(((PKCS12Attribute) attribute).getEncoded());
}
}
bagAttrs.write(DerValue.tag_Set, attrs);
return bagAttrs.toByteArray();
}
Also used :
DerOutputStream(sun.security.util.DerOutputStream)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Aggregations
DerOutputStream (sun.security.util.DerOutputStream)125
IOException (java.io.IOException)17
DerValue (sun.security.util.DerValue)11
CertificateEncodingException (java.security.cert.CertificateEncodingException)9
CertificateException (java.security.cert.CertificateException)9
X509Certificate (java.security.cert.X509Certificate)9
ObjectIdentifier (sun.security.util.ObjectIdentifier)9
AlgorithmId (sun.security.x509.AlgorithmId)7
KeyStoreException (java.security.KeyStoreException)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6
UnrecoverableEntryException (java.security.UnrecoverableEntryException)6
UnrecoverableKeyException (java.security.UnrecoverableKeyException)6
SecretKey (javax.crypto.SecretKey)6
DestroyFailedException (javax.security.auth.DestroyFailedException)6
ContentInfo (sun.security.pkcs.ContentInfo)6
BitArray (sun.security.util.BitArray)6
Date (java.util.Date)4
PKCS7 (sun.security.pkcs.PKCS7)4
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
InvalidKeyException (java.security.InvalidKeyException)3
