@Override public boolean verify(byte[] hash, byte[] signature, byte[] publicKey) { ASN1InputStream asn1 = new ASN1InputStream(signature); try { ECDSASigner signer = new ECDSASigner(); signer.init(false, new ECPublicKeyParameters(curve.getCurve().decodePoint(publicKey), domain)); DLSequence seq = (DLSequence) asn1.readObject(); BigInteger r = ((ASN1Integer) seq.getObjectAt(0)).getPositiveValue(); BigInteger s = ((ASN1Integer) seq.getObjectAt(1)).getPositiveValue(); return signer.verifySignature(hash, r, s); } catch (Exception e) { return false; } finally { try { asn1.close(); } catch (IOException ignored) { } } }
/** * This method returns SKI bytes from certificate. * * @param certificateToken * {@code CertificateToken} * @param computeIfMissing * if the extension is missing and computeIfMissing = true, it will compute the SKI value from the Public * Key * @return ski bytes from the given certificate * @throws DSSException */ public static byte[] getSki(final CertificateToken certificateToken, boolean computeIfMissing) throws DSSException { try { byte[] sKI = certificateToken.getCertificate().getExtensionValue(Extension.subjectKeyIdentifier.getId()); if (Utils.isArrayNotEmpty(sKI)) { ASN1Primitive extension = X509ExtensionUtil.fromExtensionValue(sKI); SubjectKeyIdentifier skiBC = SubjectKeyIdentifier.getInstance(extension); return skiBC.getKeyIdentifier(); } else if (computeIfMissing) { // If extension not present, we compute it from the certificate public key DLSequence seq = (DLSequence) DERSequence.fromByteArray(certificateToken.getPublicKey().getEncoded()); DERBitString item = (DERBitString) seq.getObjectAt(1); return DSSUtils.digest(DigestAlgorithm.SHA1, item.getOctets()); } return null; } catch (Exception e) { throw new DSSException(e); } }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); for (int i = 0; i != info.length; i++) { v.add(info[i]); } if (isBer) { return new BERSequence(v); } else { return new DLSequence(v); } }
/** * Produce an object suitable for an ASN1OutputStream. * <pre> * ContentInfo ::= SEQUENCE { * contentType ContentType, * content * [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(contentType); if (content != null) { v.add(new BERTaggedObject(true, 0, content)); } if (isBer) { return new BERSequence(v); } else { return new DLSequence(v); } }
private static Pair<String, String> parseOtherName(byte[] otherName) { try { ASN1Primitive asn1Primitive = ASN1Primitive.fromByteArray(otherName); if (asn1Primitive instanceof DERTaggedObject) { ASN1Primitive inner = ((DERTaggedObject) asn1Primitive).getObject(); if (inner instanceof DLSequence) { DLSequence sequence = (DLSequence) inner; if (sequence.size() >= 2 && sequence.getObjectAt(1) instanceof DERTaggedObject) { String oid = sequence.getObjectAt(0).toString(); ASN1Primitive value = ((DERTaggedObject) sequence.getObjectAt(1)).getObject(); if (value instanceof DERUTF8String) { return new Pair<>(oid, ((DERUTF8String) value).getString()); } else if (value instanceof DERIA5String) { return new Pair<>(oid, ((DERIA5String) value).getString()); } } } } return null; } catch (IOException e) { return null; } }
public void parse(ASN1Primitive derObject) { ASN1Sequence sequence = ASN1Object.getDERSequence(derObject); ASN1Primitive firstObject = sequence.getObjectAt(0).toASN1Primitive(); this.version = new Version(); int indice = 0; if (firstObject instanceof ASN1Integer) { this.version.parse(firstObject); indice++; } ASN1Primitive policyInfos = sequence.getObjectAt(indice).toASN1Primitive(); DLSequence policyInfosSequence = (DLSequence) policyInfos; if (policyInfosSequence != null && policyInfosSequence.size() > 0) { this.policyInfos = new ArrayList<>(); for (int i = 0; i < policyInfosSequence.size(); i++) { PolicyInfo policyInfo = new PolicyInfo(); policyInfo.parse(policyInfosSequence.getObjectAt(i).toASN1Primitive()); this.policyInfos.add(policyInfo); } } this.nextUpdate = new GeneralizedTime(); this.nextUpdate.parse(sequence.getObjectAt(indice + 1).toASN1Primitive()); }
@Override public void parse(ASN1Primitive derObject) { ASN1Sequence sequence = ASN1Object.getDERSequence(derObject); ASN1Primitive policyInfos = sequence.getObjectAt(0).toASN1Primitive(); DLSequence policyInfosSequence = (DLSequence) policyInfos; if (policyInfosSequence != null && policyInfosSequence.size() > 0) { this.policyInfos = new ArrayList<>(); for (int i = 0; i < policyInfosSequence.size(); i++) { PolicyInfo policyInfo = new PolicyInfo(); policyInfo.parse(policyInfosSequence.getObjectAt(i).toASN1Primitive()); this.policyInfos.add(policyInfo); } } this.nextUpdate = new Time(); this.nextUpdate.parse(sequence.getObjectAt(1).toASN1Primitive()); }
private static OtherName parseOtherName(byte[] otherName) { try { ASN1Primitive asn1Primitive = ASN1Primitive.fromByteArray(otherName); if (asn1Primitive instanceof DERTaggedObject) { ASN1Primitive inner = ((DERTaggedObject) asn1Primitive).getObject(); if (inner instanceof DLSequence) { DLSequence sequence = (DLSequence) inner; if (sequence.size() >= 2 && sequence.getObjectAt(1) instanceof DERTaggedObject) { String oid = sequence.getObjectAt(0).toString(); ASN1Primitive value = ((DERTaggedObject) sequence.getObjectAt(1)).getObject(); if (value instanceof DERUTF8String) { return new OtherName(oid, ((DERUTF8String) value).getString()); } else if (value instanceof DERIA5String) { return new OtherName(oid, ((DERIA5String) value).getString()); } } } } return null; } catch (IOException e) { return null; } }
public KerberosRelevantAuthData ( byte[] token, Map<Integer, KerberosKey> keys ) throws PACDecodingException { DLSequence authSequence; try { try ( ASN1InputStream stream = new ASN1InputStream(new ByteArrayInputStream(token)) ) { authSequence = ASN1Util.as(DLSequence.class, stream); } } catch ( IOException e ) { throw new PACDecodingException("Malformed kerberos ticket", e); } this.authorizations = new ArrayList<>(); Enumeration<?> authElements = authSequence.getObjects(); while ( authElements.hasMoreElements() ) { DLSequence authElement = ASN1Util.as(DLSequence.class, authElements); ASN1Integer authType = ASN1Util.as(ASN1Integer.class, ASN1Util.as(DERTaggedObject.class, authElement, 0)); DEROctetString authData = ASN1Util.as(DEROctetString.class, ASN1Util.as(DERTaggedObject.class, authElement, 1)); this.authorizations.addAll(KerberosAuthData.parse(authType.getValue().intValue(), authData.getOctets(), keys)); } }
public static Map<String, String> get(final X500Principal x500Principal) { Map<String, String> treeMap = new HashMap<String, String>(); final byte[] encoded = x500Principal.getEncoded(); final ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(encoded); final ASN1Encodable[] asn1Encodables = asn1Sequence.toArray(); for (final ASN1Encodable asn1Encodable : asn1Encodables) { final DLSet dlSet = (DLSet) asn1Encodable; for (int ii = 0; ii < dlSet.size(); ii++) { final DLSequence dlSequence = (DLSequence) dlSet.getObjectAt(ii); if (dlSequence.size() != 2) { throw new DSSException("The DLSequence must contains exactly 2 elements."); } final ASN1Encodable asn1EncodableAttributeType = dlSequence.getObjectAt(0); final String stringAttributeType = getString(asn1EncodableAttributeType); final ASN1Encodable asn1EncodableAttributeValue = dlSequence.getObjectAt(1); final String stringAttributeValue = getString(asn1EncodableAttributeValue); treeMap.put(stringAttributeType, stringAttributeValue); } } return treeMap; }
/** * Returns current certificate policies or null if no policies was found. * * @return list of policies * @throws IOException when policy parsing fails */ public List<String> getCertificatePolicies() throws IOException { logger.debug(""); byte[] extensionValue = originalCert.getExtensionValue("2.5.29.32"); List<String> policies = new ArrayList<>(); byte[] octets = ((DEROctetString) DEROctetString.fromByteArray(extensionValue)).getOctets(); ASN1Sequence sequence = (ASN1Sequence) ASN1Sequence.fromByteArray(octets); Enumeration sequenceObjects = sequence.getObjects(); while (sequenceObjects.hasMoreElements()) { DLSequence next = (DLSequence) sequenceObjects.nextElement(); Object objectAt = next.getObjectAt(0); if (objectAt != null) { policies.add(objectAt.toString()); } } return policies; }
private void parseDG15(byte[] DG15) { try (ASN1InputStream bIn = new ASN1InputStream(DG15)) { DERApplicationSpecific app = (DERApplicationSpecific) bIn.readObject(); ASN1Sequence seq = (ASN1Sequence) app.getObject(BERTags.SEQUENCE); byte[] data = ((ASN1Primitive)seq.getObjects().nextElement()).getEncoded(); Log.d(getClass().getName(), "Data = "+ Bytes.hexString(data)); try (ASN1InputStream in = new ASN1InputStream(data)) { Enumeration seq1 = ((DLSequence) in.readObject()).getObjects(); while (seq1.hasMoreElements()) { ASN1Primitive obj = (ASN1Primitive)seq1.nextElement(); byte[] data1 = obj.getEncoded(); Log.d(getClass().getName(), "data1 = "+ Bytes.hexString(data1)); if (data1[0] == (byte) 0x01) { this.set18(data1[2] == 0x01); } else if (data1[0] == (byte) 0x02) { this.setAge(Bytes.toInt(data1[2])); } } } } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } }
private void parseDG16(byte[] DG16) { try (ASN1InputStream bIn = new ASN1InputStream(DG16)) { DERApplicationSpecific app = (DERApplicationSpecific) bIn.readObject(); ASN1Sequence seq = (ASN1Sequence) app.getObject(BERTags.SEQUENCE); byte[] data = ((ASN1Primitive)seq.getObjects().nextElement()).getEncoded(); Log.d(getClass().getName(), "Data = "+ Bytes.hexString(data)); try (ASN1InputStream in = new ASN1InputStream(data)) { Enumeration seq1 = ((DLSequence) in.readObject()).getObjects(); while (seq1.hasMoreElements()) { ASN1Primitive obj = (ASN1Primitive)seq1.nextElement(); byte[] data1 = obj.getEncoded(); Log.d(getClass().getName(), "data1 = "+ Bytes.hexString(data1)); if (data1[0] == (byte) 0x01) { this.set21(data1[2] == 0x01); } else if (data1[0] == (byte) 0x02) { this.setAge(Bytes.toInt(data1[2])); } } } } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } }
private void parseDG15(byte[] DG15) { try (ASN1InputStream bIn = new ASN1InputStream(DG15)) { DERApplicationSpecific app = (DERApplicationSpecific) bIn.readObject(); ASN1Sequence seq = (ASN1Sequence) app.getObject(BERTags.SEQUENCE); byte[] data = ((ASN1Primitive)seq.getObjects().nextElement()).getEncoded(); try (ASN1InputStream in = new ASN1InputStream(data)) { Enumeration seq1 = ((DLSequence) in.readObject()).getObjects(); while (seq1.hasMoreElements()) { ASN1Primitive obj = (ASN1Primitive)seq1.nextElement(); byte[] data1 = obj.getEncoded(); if (data1[0] == (byte) 0x01) { this.set18(data1[2] == 0x01); } else if (data1[0] == (byte) 0x02) { // Value of the age check } else if (data1[0] == (byte) 0x04) { // Random } } } } catch (IOException e) { Log.e(getClass().getName(), e.getMessage(), e); } }
private void parseDG16(byte[] DG16) { try (ASN1InputStream bIn = new ASN1InputStream(DG16)) { DERApplicationSpecific app = (DERApplicationSpecific) bIn.readObject(); ASN1Sequence seq = (ASN1Sequence) app.getObject(BERTags.SEQUENCE); byte[] data = ((ASN1Primitive)seq.getObjects().nextElement()).getEncoded(); try (ASN1InputStream in = new ASN1InputStream(data)) { Enumeration seq1 = ((DLSequence) in.readObject()).getObjects(); while (seq1.hasMoreElements()) { ASN1Primitive obj = (ASN1Primitive)seq1.nextElement(); byte[] data1 = obj.getEncoded(); if (data1[0] == (byte) 0x01) { this.set21(data1[2] == 0x01); } else if (data1[0] == (byte) 0x02) { // Value of the age check } else if (data1[0] == (byte) 0x04) { // Random } } } } catch (IOException e) { Log.e(getClass().getName(), e.getMessage(), e); } }
/** * Add a SafeBag that is to be included as is. * * @param data the SafeBag to add. * @return this builder. * @throws IOException */ public PKCS12PfxPduBuilder addData(PKCS12SafeBag data) throws IOException { dataVector.add(new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(new DLSequence(data.toASN1Structure()).getEncoded()))); return this; }
/** * Add a set of SafeBags that are to be wrapped in a EncryptedData object. * * @param dataEncryptor the encryptor to use for encoding the data. * @param data the SafeBags to include. * @return this builder. * @throws IOException if a issue occurs processing the data. */ public PKCS12PfxPduBuilder addEncryptedData(OutputEncryptor dataEncryptor, PKCS12SafeBag[] data) throws IOException { ASN1EncodableVector v = new ASN1EncodableVector(); for (int i = 0; i != data.length; i++) { v.add(data[i].toASN1Structure()); } return addEncryptedData(dataEncryptor, new DLSequence(v)); }
/** * Build the Pfx structure, protecting it with a MAC calculated against the passed in password. * * @param macCalcBuilder a builder for a PKCS12 mac calculator. * @param password the password to use. * @return a Pfx object. * @throws PKCSException on a encoding or processing error. */ public PKCS12PfxPdu build(PKCS12MacCalculatorBuilder macCalcBuilder, char[] password) throws PKCSException { AuthenticatedSafe auth = AuthenticatedSafe.getInstance(new DLSequence(dataVector)); byte[] encAuth; try { encAuth = auth.getEncoded(); } catch (IOException e) { throw new PKCSException("unable to encode AuthenticatedSafe: " + e.getMessage(), e); } ContentInfo mainInfo = new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(encAuth)); MacData mData = null; if (macCalcBuilder != null) { MacDataGenerator mdGen = new MacDataGenerator(macCalcBuilder); mData = mdGen.build(password, encAuth); } // // output the Pfx // Pfx pfx = new Pfx(mainInfo, mData); return new PKCS12PfxPdu(pfx); }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(bagId); v.add(new DLTaggedObject(true, 0, bagValue)); if (bagAttributes != null) { v.add(bagAttributes); } return new DLSequence(v); }
/** * DER - From byte[] to Big Integer rs * UAF_ALG_SIGN_SECP256K1_ECDSA_SHA256_DER 0x06 DER [ITU-X690-2008] encoded * ECDSA signature [RFC5480] on the secp256k1 curve. I.e. a DER encoded * SEQUENCE { r INTEGER, s INTEGER } * * @param signature * @return * @throws IOException */ public static BigInteger[] decodeToBigIntegerArray(byte[] signature) throws IOException { ASN1InputStream decoder = new ASN1InputStream(signature); DLSequence seq = (DLSequence) decoder.readObject(); ASN1Integer r = (ASN1Integer) seq.getObjectAt(0); ASN1Integer s = (ASN1Integer) seq.getObjectAt(1); decoder.close(); BigInteger[] ret = new BigInteger[2]; ret[0] = r.getPositiveValue(); ret[1] = s.getPositiveValue(); return ret; }
