Examples with DerValue sun.security.util.DerValue used on opensource projects

Example 66 with DerValue

use of sun.security.util.DerValue in project Bytecoder by mirkosertic.

the class DSA method engineVerify.

/**
 * Verify all the data thus far updated.
 *
 * @param signature the alleged signature, encoded using the
 * format indicated by {@code p1363Format}. If {@code p1363Format}
 * is {@code false} (the default), then the signature is formatted
 * according to the Canonical Encoding Rules, as a DER sequence of
 * Integers, r and s. If {@code p1363Format} is {@code false},
 * the signature is in the IEEE P1363 format, which is the
 * concatenation or r and s.
 *
 * @param offset the offset to start from in the array of bytes.
 *
 * @param length the number of bytes to use, starting at offset.
 *
 * @exception SignatureException if the signature object was not
 * properly initialized, or if another exception occurs.
 *
 * @see sun.security.DSA#engineUpdate
 * @see sun.security.DSA#engineSign
 */
protected boolean engineVerify(byte[] signature, int offset, int length) throws SignatureException {
    BigInteger r = null;
    BigInteger s = null;
    if (p1363Format) {
        if ((length & 1) == 1) {
            // length of signature byte array should be even
            throw new SignatureException("invalid signature format");
        }
        int mid = length / 2;
        r = new BigInteger(Arrays.copyOfRange(signature, 0, mid));
        s = new BigInteger(Arrays.copyOfRange(signature, mid, length));
    } else {
        // first decode the signature.
        try {
            // Enforce strict DER checking for signatures
            DerInputStream in = new DerInputStream(signature, offset, length, false);
            DerValue[] values = in.getSequence(2);
            // and trailing data
            if ((values.length != 2) || (in.available() != 0)) {
                throw new IOException("Invalid encoding for signature");
            }
            r = values[0].getBigInteger();
            s = values[1].getBigInteger();
        } catch (IOException e) {
            throw new SignatureException("Invalid encoding for signature", e);
        }
    }
    // to validate those signatures
    if (r.signum() < 0) {
        r = new BigInteger(1, r.toByteArray());
    }
    if (s.signum() < 0) {
        s = new BigInteger(1, s.toByteArray());
    }
    if ((r.compareTo(presetQ) == -1) && (s.compareTo(presetQ) == -1)) {
        BigInteger w = generateW(presetP, presetQ, presetG, s);
        BigInteger v = generateV(presetY, presetP, presetQ, presetG, w, r);
        return v.equals(r);
    } else {
        throw new SignatureException("invalid signature: out of range values");
    }
}

Example 67 with DerValue

use of sun.security.util.DerValue in project Bytecoder by mirkosertic.

the class DSA method engineSign.

/**
 * Sign all the data thus far updated. The signature format is
 * determined by {@code p1363Format}. If {@code p1363Format} is
 * {@code false} (the default), then the signature is formatted
 * according to the Canonical Encoding Rules, returned as a DER
 * sequence of Integers, r and s. If {@code p1363Format} is
 * {@code false}, the signature is returned in the IEEE P1363
 * format, which is the concatenation or r and s.
 *
 * @return a signature block formatted according to the format
 * indicated by {@code p1363Format}
 *
 * @exception SignatureException if the signature object was not
 * properly initialized, or if another exception occurs.
 *
 * @see sun.security.DSA#engineUpdate
 * @see sun.security.DSA#engineVerify
 */
protected byte[] engineSign() throws SignatureException {
    BigInteger k = generateK(presetQ);
    BigInteger r = generateR(presetP, presetQ, presetG, k);
    BigInteger s = generateS(presetX, presetQ, r, k);
    if (p1363Format) {
        // Return the concatenation of r and s
        byte[] rBytes = r.toByteArray();
        byte[] sBytes = s.toByteArray();
        int size = presetQ.bitLength() / 8;
        byte[] outseq = new byte[size * 2];
        int rLength = rBytes.length;
        int sLength = sBytes.length;
        int i;
        for (i = rLength; i > 0 && rBytes[rLength - i] == 0; i--) ;
        int j;
        for (j = sLength; j > 0 && sBytes[sLength - j] == 0; j--) ;
        System.arraycopy(rBytes, rLength - i, outseq, size - i, i);
        System.arraycopy(sBytes, sLength - j, outseq, size * 2 - j, j);
        return outseq;
    } else {
        // Return the DER-encoded ASN.1 form
        try {
            DerOutputStream outseq = new DerOutputStream(100);
            outseq.putInteger(r);
            outseq.putInteger(s);
            DerValue result = new DerValue(DerValue.tag_Sequence, outseq.toByteArray());
            return result.toByteArray();
        } catch (IOException e) {
            throw new SignatureException("error encoding signature");
        }
    }
}

Example 68 with DerValue

use of sun.security.util.DerValue in project Bytecoder by mirkosertic.

the class ESSCertId method parse.

public void parse(byte[] bytes) throws IOException {
    // Parse signingCertificate
    DerValue derValue = new DerValue(bytes);
    if (derValue.tag != DerValue.tag_Sequence) {
        throw new IOException("Bad encoding for signingCertificate");
    }
    // Parse certs
    DerValue[] certs = derValue.data.getSequence(1);
    certId = new ESSCertId[certs.length];
    for (int i = 0; i < certs.length; i++) {
        certId[i] = new ESSCertId(certs[i]);
    }
    // Parse policies, if present
    if (derValue.data.available() > 0) {
        DerValue[] policies = derValue.data.getSequence(1);
        for (int i = 0; i < policies.length; i++) {
        // parse PolicyInformation
        }
    }
}

Example 69 with DerValue

use of sun.security.util.DerValue in project Bytecoder by mirkosertic.

the class DSAParameters method engineInit.

protected void engineInit(byte[] params) throws IOException {
    DerValue encodedParams = new DerValue(params);
    if (encodedParams.tag != DerValue.tag_Sequence) {
        throw new IOException("DSA params parsing error");
    }
    encodedParams.data.reset();
    this.p = encodedParams.data.getBigInteger();
    this.q = encodedParams.data.getBigInteger();
    this.g = encodedParams.data.getBigInteger();
    if (encodedParams.data.available() != 0) {
        throw new IOException("encoded params have " + encodedParams.data.available() + " extra bytes");
    }
}

Example 70 with DerValue

use of sun.security.util.DerValue in project Bytecoder by mirkosertic.

the class SimpleValidator method getNetscapeCertTypeBit.

/**
 * Get the value of the specified bit in the Netscape certificate type
 * extension. If the extension is not present at all, we return true.
 */
static boolean getNetscapeCertTypeBit(X509Certificate cert, String type) {
    try {
        NetscapeCertTypeExtension ext;
        if (cert instanceof X509CertImpl) {
            X509CertImpl certImpl = (X509CertImpl) cert;
            ObjectIdentifier oid = OBJID_NETSCAPE_CERT_TYPE;
            ext = (NetscapeCertTypeExtension) certImpl.getExtension(oid);
            if (ext == null) {
                return true;
            }
        } else {
            byte[] extVal = cert.getExtensionValue(OID_NETSCAPE_CERT_TYPE);
            if (extVal == null) {
                return true;
            }
            DerInputStream in = new DerInputStream(extVal);
            byte[] encoded = in.getOctetString();
            encoded = new DerValue(encoded).getUnalignedBitString().toByteArray();
            ext = new NetscapeCertTypeExtension(encoded);
        }
        Boolean val = ext.get(type);
        return val.booleanValue();
    } catch (IOException e) {
        return false;
    }
}