Search in sources :

Example 46 with DerValue

use of sun.security.util.DerValue in project jdk8u_jdk by JetBrains.

the class X509CertSelectorTest method getCertPubKeyAlgOID.

private ObjectIdentifier getCertPubKeyAlgOID(X509Certificate xcert) throws IOException {
    byte[] encodedKey = xcert.getPublicKey().getEncoded();
    DerValue val = new DerValue(encodedKey);
    if (val.tag != DerValue.tag_Sequence) {
        throw new RuntimeException("invalid key format");
    }
    return AlgorithmId.parse(val.data.getDerValue()).getOID();
}
Also used : DerValue(sun.security.util.DerValue)

Example 47 with DerValue

use of sun.security.util.DerValue in project jdk8u_jdk by JetBrains.

the class PKCS9Attributes method decode.

/**
     * Decode this set of PKCS9 attributes from the contents of its
     * DER encoding. Ignores unsupported attributes when directed.
     *
     * @param in
     * the contents of the DER encoding of the attribute set.
     *
     * @exception IOException
     * on i/o error, encoding syntax error, unacceptable or
     * unsupported attribute, or duplicate attribute.
     */
private byte[] decode(DerInputStream in) throws IOException {
    DerValue val = in.getDerValue();
    // save the DER encoding with its proper tag byte.
    byte[] derEncoding = val.toByteArray();
    derEncoding[0] = DerValue.tag_SetOf;
    DerInputStream derIn = new DerInputStream(derEncoding);
    DerValue[] derVals = derIn.getSet(3, true);
    PKCS9Attribute attrib;
    ObjectIdentifier oid;
    boolean reuseEncoding = true;
    for (int i = 0; i < derVals.length; i++) {
        try {
            attrib = new PKCS9Attribute(derVals[i]);
        } catch (ParsingException e) {
            if (ignoreUnsupportedAttributes) {
                // cannot reuse supplied DER encoding
                reuseEncoding = false;
                // skip
                continue;
            } else {
                throw e;
            }
        }
        oid = attrib.getOID();
        if (attributes.get(oid) != null)
            throw new IOException("Duplicate PKCS9 attribute: " + oid);
        if (permittedAttributes != null && !permittedAttributes.containsKey(oid))
            throw new IOException("Attribute " + oid + " not permitted in this attribute set");
        attributes.put(oid, attrib);
    }
    return reuseEncoding ? derEncoding : generateDerEncoding();
}
Also used : DerValue(sun.security.util.DerValue) DerInputStream(sun.security.util.DerInputStream) IOException(java.io.IOException) ObjectIdentifier(sun.security.util.ObjectIdentifier)

Example 48 with DerValue

use of sun.security.util.DerValue in project jdk8u_jdk by JetBrains.

the class KeyProtector method recover.

/*
     * Recovers the plaintext version of the given key (in protected format),
     * using the password provided at construction time.
     */
public Key recover(EncryptedPrivateKeyInfo encrInfo) throws UnrecoverableKeyException {
    int i;
    byte[] digest;
    int numRounds;
    // offset in xorKey where next digest will be stored
    int xorOffset;
    // the length of the encrpyted key
    int encrKeyLen;
    // do we support the algorithm?
    AlgorithmId encrAlg = encrInfo.getAlgorithm();
    if (!(encrAlg.getOID().toString().equals(KEY_PROTECTOR_OID))) {
        throw new UnrecoverableKeyException("Unsupported key protection " + "algorithm");
    }
    byte[] protectedKey = encrInfo.getEncryptedData();
    /*
         * Get the salt associated with this key (the first SALT_LEN bytes of
         * <code>protectedKey</code>)
         */
    byte[] salt = new byte[SALT_LEN];
    System.arraycopy(protectedKey, 0, salt, 0, SALT_LEN);
    // Determine the number of digest rounds
    encrKeyLen = protectedKey.length - SALT_LEN - DIGEST_LEN;
    numRounds = encrKeyLen / DIGEST_LEN;
    if ((encrKeyLen % DIGEST_LEN) != 0)
        numRounds++;
    // Get the encrypted key portion and store it in "encrKey"
    byte[] encrKey = new byte[encrKeyLen];
    System.arraycopy(protectedKey, SALT_LEN, encrKey, 0, encrKeyLen);
    // Set up the byte array which will be XORed with "encrKey"
    byte[] xorKey = new byte[encrKey.length];
    // Compute the digests, and store them in "xorKey"
    for (i = 0, xorOffset = 0, digest = salt; i < numRounds; i++, xorOffset += DIGEST_LEN) {
        md.update(passwdBytes);
        md.update(digest);
        digest = md.digest();
        md.reset();
        // Copy the digest into "xorKey"
        if (i < numRounds - 1) {
            System.arraycopy(digest, 0, xorKey, xorOffset, digest.length);
        } else {
            System.arraycopy(digest, 0, xorKey, xorOffset, xorKey.length - xorOffset);
        }
    }
    // XOR "encrKey" with "xorKey", and store the result in "plainKey"
    byte[] plainKey = new byte[encrKey.length];
    for (i = 0; i < plainKey.length; i++) {
        plainKey[i] = (byte) (encrKey[i] ^ xorKey[i]);
    }
    /*
         * Check the integrity of the recovered key by concatenating it with
         * the password, digesting the concatenation, and comparing the
         * result of the digest operation with the digest provided at the end
         * of <code>protectedKey</code>. If the two digest values are
         * different, throw an exception.
         */
    md.update(passwdBytes);
    Arrays.fill(passwdBytes, (byte) 0x00);
    passwdBytes = null;
    md.update(plainKey);
    digest = md.digest();
    md.reset();
    for (i = 0; i < digest.length; i++) {
        if (digest[i] != protectedKey[SALT_LEN + encrKeyLen + i]) {
            throw new UnrecoverableKeyException("Cannot recover key");
        }
    }
    // which in turn parses the key material.
    try {
        return PKCS8Key.parseKey(new DerValue(plainKey));
    } catch (IOException ioe) {
        throw new UnrecoverableKeyException(ioe.getMessage());
    }
}
Also used : UnrecoverableKeyException(java.security.UnrecoverableKeyException) AlgorithmId(sun.security.x509.AlgorithmId) DerValue(sun.security.util.DerValue) IOException(java.io.IOException)

Example 49 with DerValue

use of sun.security.util.DerValue in project jdk8u_jdk by JetBrains.

the class DSAParameters method engineInit.

protected void engineInit(byte[] params) throws IOException {
    DerValue encodedParams = new DerValue(params);
    if (encodedParams.tag != DerValue.tag_Sequence) {
        throw new IOException("DSA params parsing error");
    }
    encodedParams.data.reset();
    this.p = encodedParams.data.getBigInteger();
    this.q = encodedParams.data.getBigInteger();
    this.g = encodedParams.data.getBigInteger();
    if (encodedParams.data.available() != 0) {
        throw new IOException("encoded params have " + encodedParams.data.available() + " extra bytes");
    }
}
Also used : DerValue(sun.security.util.DerValue)

Example 50 with DerValue

use of sun.security.util.DerValue in project jdk8u_jdk by JetBrains.

the class X509CertificatePair method emit.

/* Translate to encoded bytes */
private void emit(DerOutputStream out) throws IOException, CertificateEncodingException {
    DerOutputStream tagged = new DerOutputStream();
    if (forward != null) {
        DerOutputStream tmp = new DerOutputStream();
        tmp.putDerValue(new DerValue(forward.getEncoded()));
        tagged.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_FORWARD), tmp);
    }
    if (reverse != null) {
        DerOutputStream tmp = new DerOutputStream();
        tmp.putDerValue(new DerValue(reverse.getEncoded()));
        tagged.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_REVERSE), tmp);
    }
    out.write(DerValue.tag_Sequence, tagged);
}
Also used : DerOutputStream(sun.security.util.DerOutputStream) DerValue(sun.security.util.DerValue)

Aggregations

DerValue (sun.security.util.DerValue)76 IOException (java.io.IOException)30 DerInputStream (sun.security.util.DerInputStream)26 ObjectIdentifier (sun.security.util.ObjectIdentifier)17 CertificateException (java.security.cert.CertificateException)14 DerOutputStream (sun.security.util.DerOutputStream)11 BigInteger (java.math.BigInteger)10 KeyStoreException (java.security.KeyStoreException)10 UnrecoverableKeyException (java.security.UnrecoverableKeyException)10 X509Certificate (java.security.cert.X509Certificate)10 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9 UnrecoverableEntryException (java.security.UnrecoverableEntryException)8 CertificateFactory (java.security.cert.CertificateFactory)8 X500Principal (javax.security.auth.x500.X500Principal)7 DestroyFailedException (javax.security.auth.DestroyFailedException)6 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)5 AlgorithmId (sun.security.x509.AlgorithmId)5 AlgorithmParameters (java.security.AlgorithmParameters)4 KeyFactory (java.security.KeyFactory)4 PrivateKey (java.security.PrivateKey)4