Search in sources :

Example 26 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class PKCS12KeyStore method getBagAttributes.

private byte[] getBagAttributes(String alias, byte[] keyId, ObjectIdentifier[] trustedUsage, Set<KeyStore.Entry.Attribute> attributes) throws IOException {
    byte[] localKeyID = null;
    byte[] friendlyName = null;
    byte[] trustedKeyUsage = null;
    // return null if all three attributes are null
    if ((alias == null) && (keyId == null) && (trustedKeyUsage == null)) {
        return null;
    }
    // SafeBag Attributes
    DerOutputStream bagAttrs = new DerOutputStream();
    // Encode the friendlyname oid.
    if (alias != null) {
        DerOutputStream bagAttr1 = new DerOutputStream();
        bagAttr1.putOID(PKCS9FriendlyName_OID);
        DerOutputStream bagAttrContent1 = new DerOutputStream();
        DerOutputStream bagAttrValue1 = new DerOutputStream();
        bagAttrContent1.putBMPString(alias);
        bagAttr1.write(DerValue.tag_Set, bagAttrContent1);
        bagAttrValue1.write(DerValue.tag_Sequence, bagAttr1);
        friendlyName = bagAttrValue1.toByteArray();
    }
    // Encode the localkeyId oid.
    if (keyId != null) {
        DerOutputStream bagAttr2 = new DerOutputStream();
        bagAttr2.putOID(PKCS9LocalKeyId_OID);
        DerOutputStream bagAttrContent2 = new DerOutputStream();
        DerOutputStream bagAttrValue2 = new DerOutputStream();
        bagAttrContent2.putOctetString(keyId);
        bagAttr2.write(DerValue.tag_Set, bagAttrContent2);
        bagAttrValue2.write(DerValue.tag_Sequence, bagAttr2);
        localKeyID = bagAttrValue2.toByteArray();
    }
    // Encode the trustedKeyUsage oid.
    if (trustedUsage != null) {
        DerOutputStream bagAttr3 = new DerOutputStream();
        bagAttr3.putOID(TrustedKeyUsage_OID);
        DerOutputStream bagAttrContent3 = new DerOutputStream();
        DerOutputStream bagAttrValue3 = new DerOutputStream();
        for (ObjectIdentifier usage : trustedUsage) {
            bagAttrContent3.putOID(usage);
        }
        bagAttr3.write(DerValue.tag_Set, bagAttrContent3);
        bagAttrValue3.write(DerValue.tag_Sequence, bagAttr3);
        trustedKeyUsage = bagAttrValue3.toByteArray();
    }
    DerOutputStream attrs = new DerOutputStream();
    if (friendlyName != null) {
        attrs.write(friendlyName);
    }
    if (localKeyID != null) {
        attrs.write(localKeyID);
    }
    if (trustedKeyUsage != null) {
        attrs.write(trustedKeyUsage);
    }
    if (attributes != null) {
        for (KeyStore.Entry.Attribute attribute : attributes) {
            String attributeName = attribute.getName();
            // skip friendlyName, localKeyId and trustedKeyUsage
            if (CORE_ATTRIBUTES[0].equals(attributeName) || CORE_ATTRIBUTES[1].equals(attributeName) || CORE_ATTRIBUTES[2].equals(attributeName)) {
                continue;
            }
            attrs.write(((PKCS12Attribute) attribute).getEncoded());
        }
    }
    bagAttrs.write(DerValue.tag_Set, attrs);
    return bagAttrs.toByteArray();
}
Also used : DerOutputStream(sun.security.util.DerOutputStream) ObjectIdentifier(sun.security.util.ObjectIdentifier)

Example 27 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class PKCS12KeyStore method createSafeContent.

/*
     * Create SafeContent Data content type.
     * Includes encrypted secret key in a SafeBag of type SecretBag.
     * Includes encrypted private key in a SafeBag of type PKCS8ShroudedKeyBag.
     * Each PKCS8ShroudedKeyBag includes pkcs12 attributes
     * (see comments in getBagAttributes)
     */
private byte[] createSafeContent() throws CertificateException, IOException {
    DerOutputStream out = new DerOutputStream();
    for (Enumeration<String> e = engineAliases(); e.hasMoreElements(); ) {
        String alias = e.nextElement();
        Entry entry = entries.get(alias);
        if (entry == null || (!(entry instanceof KeyEntry))) {
            continue;
        }
        DerOutputStream safeBag = new DerOutputStream();
        KeyEntry keyEntry = (KeyEntry) entry;
        // DER encode the private key
        if (keyEntry instanceof PrivateKeyEntry) {
            // Create SafeBag of type pkcs8ShroudedKeyBag
            safeBag.putOID(PKCS8ShroudedKeyBag_OID);
            // get the encrypted private key
            byte[] encrBytes = ((PrivateKeyEntry) keyEntry).protectedPrivKey;
            EncryptedPrivateKeyInfo encrInfo = null;
            try {
                encrInfo = new EncryptedPrivateKeyInfo(encrBytes);
            } catch (IOException ioe) {
                throw new IOException("Private key not stored as " + "PKCS#8 EncryptedPrivateKeyInfo" + ioe.getMessage());
            }
            // Wrap the EncryptedPrivateKeyInfo in a context-specific tag.
            DerOutputStream bagValue = new DerOutputStream();
            bagValue.write(encrInfo.getEncoded());
            safeBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), bagValue);
        // DER encode the secret key
        } else if (keyEntry instanceof SecretKeyEntry) {
            // Create SafeBag of type SecretBag
            safeBag.putOID(SecretBag_OID);
            // Create a SecretBag
            DerOutputStream secretBag = new DerOutputStream();
            secretBag.putOID(PKCS8ShroudedKeyBag_OID);
            // Write secret key in a context-specific tag
            DerOutputStream secretKeyValue = new DerOutputStream();
            secretKeyValue.putOctetString(((SecretKeyEntry) keyEntry).protectedSecretKey);
            secretBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), secretKeyValue);
            // Wrap SecretBag in a Sequence
            DerOutputStream secretBagSeq = new DerOutputStream();
            secretBagSeq.write(DerValue.tag_Sequence, secretBag);
            byte[] secretBagValue = secretBagSeq.toByteArray();
            // Wrap the secret bag in a context-specific tag.
            DerOutputStream bagValue = new DerOutputStream();
            bagValue.write(secretBagValue);
            // Write SafeBag value
            safeBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), bagValue);
        } else {
            // skip this entry
            continue;
        }
        // write SafeBag Attributes
        byte[] bagAttrs = getBagAttributes(alias, entry.keyId, entry.attributes);
        safeBag.write(bagAttrs);
        // wrap as Sequence
        out.write(DerValue.tag_Sequence, safeBag);
    }
    // wrap as Sequence
    DerOutputStream safeBagValue = new DerOutputStream();
    safeBagValue.write(DerValue.tag_Sequence, out);
    return safeBagValue.toByteArray();
}
Also used : DerOutputStream(sun.security.util.DerOutputStream) EncryptedPrivateKeyInfo(sun.security.pkcs.EncryptedPrivateKeyInfo)

Example 28 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class DSA method engineSign.

/**
     * Sign all the data thus far updated. The signature is formatted
     * according to the Canonical Encoding Rules, returned as a DER
     * sequence of Integer, r and s.
     *
     * @return a signature block formatted according to the Canonical
     * Encoding Rules.
     *
     * @exception SignatureException if the signature object was not
     * properly initialized, or if another exception occurs.
     *
     * @see sun.security.DSA#engineUpdate
     * @see sun.security.DSA#engineVerify
     */
protected byte[] engineSign() throws SignatureException {
    BigInteger k = generateK(presetQ);
    BigInteger r = generateR(presetP, presetQ, presetG, k);
    BigInteger s = generateS(presetX, presetQ, r, k);
    try {
        DerOutputStream outseq = new DerOutputStream(100);
        outseq.putInteger(r);
        outseq.putInteger(s);
        DerValue result = new DerValue(DerValue.tag_Sequence, outseq.toByteArray());
        return result.toByteArray();
    } catch (IOException e) {
        throw new SignatureException("error encoding signature");
    }
}
Also used : DerOutputStream(sun.security.util.DerOutputStream) DerValue(sun.security.util.DerValue) BigInteger(java.math.BigInteger)

Example 29 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class DSAParameters method engineGetEncoded.

protected byte[] engineGetEncoded() throws IOException {
    DerOutputStream out = new DerOutputStream();
    DerOutputStream bytes = new DerOutputStream();
    bytes.putInteger(p);
    bytes.putInteger(q);
    bytes.putInteger(g);
    out.write(DerValue.tag_Sequence, bytes);
    return out.toByteArray();
}
Also used : DerOutputStream(sun.security.util.DerOutputStream)

Example 30 with DerOutputStream

use of sun.security.util.DerOutputStream in project jdk8u_jdk by JetBrains.

the class X509CertPath method encodePKCS7.

/**
     * Encode the CertPath using PKCS#7 format.
     *
     * @return a byte array containing the binary encoding of the PKCS#7 object
     * @exception CertificateEncodingException if an exception occurs
     */
private byte[] encodePKCS7() throws CertificateEncodingException {
    PKCS7 p7 = new PKCS7(new AlgorithmId[0], new ContentInfo(ContentInfo.DATA_OID, null), certs.toArray(new X509Certificate[certs.size()]), new SignerInfo[0]);
    DerOutputStream derout = new DerOutputStream();
    try {
        p7.encodeSignedData(derout);
    } catch (IOException ioe) {
        throw new CertificateEncodingException(ioe.getMessage());
    }
    return derout.toByteArray();
}
Also used : ContentInfo(sun.security.pkcs.ContentInfo) DerOutputStream(sun.security.util.DerOutputStream) PKCS7(sun.security.pkcs.PKCS7) CertificateEncodingException(java.security.cert.CertificateEncodingException) IOException(java.io.IOException) X509Certificate(java.security.cert.X509Certificate)

Aggregations

DerOutputStream (sun.security.util.DerOutputStream)79 IOException (java.io.IOException)9 DerValue (sun.security.util.DerValue)8 ObjectIdentifier (sun.security.util.ObjectIdentifier)6 CertificateException (java.security.cert.CertificateException)5 BitArray (sun.security.util.BitArray)5 X509Certificate (java.security.cert.X509Certificate)4 AlgorithmId (sun.security.x509.AlgorithmId)4 KeyStoreException (java.security.KeyStoreException)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 UnrecoverableEntryException (java.security.UnrecoverableEntryException)3 UnrecoverableKeyException (java.security.UnrecoverableKeyException)3 CertificateEncodingException (java.security.cert.CertificateEncodingException)3 Date (java.util.Date)3 SecretKey (javax.crypto.SecretKey)3 DestroyFailedException (javax.security.auth.DestroyFailedException)3 ContentInfo (sun.security.pkcs.ContentInfo)3 DerInputStream (sun.security.util.DerInputStream)3 PolicyQualifierInfo (java.security.cert.PolicyQualifierInfo)2 X509CertSelector (java.security.cert.X509CertSelector)2