private static byte[] calculatePbeMac( DERObjectIdentifier oid, byte[] salt, int itCount, char[] password, byte[] data, String provider) throws Exception { SecretKeyFactory keyFact = SecretKeyFactory.getInstance(oid.getId(), provider); PBEParameterSpec defParams = new PBEParameterSpec(salt, itCount); PBEKeySpec pbeSpec = new PBEKeySpec(password); SecretKey key = keyFact.generateSecret(pbeSpec); Mac mac = Mac.getInstance(oid.getId(), provider); mac.init(key, defParams); mac.update(data); return mac.doFinal(); }
public static OCSPReq GenOcspReq(X509Certificate nextCert, X509Certificate nextIssuer) throws OCSPException { OCSPReqGenerator ocspRequestGenerator = new OCSPReqGenerator(); CertificateID certId = new CertificateID(CertificateID.HASH_SHA1, nextIssuer, nextCert.getSerialNumber()); ocspRequestGenerator.addRequest(certId); BigInteger nonce = BigInteger.valueOf(System.currentTimeMillis()); Vector<DERObjectIdentifier> oids = new Vector<DERObjectIdentifier>(); Vector<X509Extension> values = new Vector<X509Extension>(); oids.add(OCSPObjectIdentifiers.id_pkix_ocsp_nonce); values.add(new X509Extension(false, new DEROctetString(nonce .toByteArray()))); ocspRequestGenerator.setRequestExtensions(new X509Extensions(oids, values)); return ocspRequestGenerator.generate(); }
/** * @param param */ public JCEPBEKey( String algorithm, DERObjectIdentifier oid, int type, int digest, int keySize, int ivSize, PBEKeySpec pbeKeySpec, CipherParameters param) { this.algorithm = algorithm; this.oid = oid; this.type = type; this.digest = digest; this.keySize = keySize; this.ivSize = ivSize; this.pbeKeySpec = pbeKeySpec; this.param = param; }
public void writeObject(ObjectOutputStream out) throws IOException { if (pkcs12Ordering.size() == 0) { out.writeObject(new Hashtable()); out.writeObject(new Vector()); } else { ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream aOut = new ASN1OutputStream(bOut); Enumeration e = this.getBagAttributeKeys(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); aOut.writeObject(oid); aOut.writeObject(pkcs12Attributes.get(oid)); } out.writeObject(bOut.toByteArray()); } }
public void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException { Object obj = in.readObject(); if (obj instanceof Hashtable) { this.pkcs12Attributes = (Hashtable)obj; this.pkcs12Ordering = (Vector)in.readObject(); } else { ASN1InputStream aIn = new ASN1InputStream((byte[])obj); DERObjectIdentifier oid; while ((oid = (DERObjectIdentifier)aIn.readObject()) != null) { this.setBagAttribute(oid, aIn.readObject()); } } }
static AlgorithmIdentifier getSigAlgID( DERObjectIdentifier sigOid, String algorithmName) { if (noParams.contains(sigOid)) { return new AlgorithmIdentifier(sigOid); } algorithmName = Strings.toUpperCase(algorithmName); if (params.containsKey(algorithmName)) { return new AlgorithmIdentifier(sigOid, (ASN1Encodable)params.get(algorithmName)); } else { return new AlgorithmIdentifier(sigOid, DERNull.INSTANCE); } }
static byte[] calculateSignature( DERObjectIdentifier sigOid, String sigName, PrivateKey key, SecureRandom random, ASN1Encodable object) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException { Signature sig; if (sigOid == null) { throw new IllegalStateException("no signature algorithm specified"); } sig = X509Util.getSignatureInstance(sigName); if (random != null) { sig.initSign(key, random); } else { sig.initSign(key); } sig.update(object.toASN1Primitive().getEncoded(ASN1Encoding.DER)); return sig.sign(); }
private X509AttributeCertificate readDERCertificate( InputStream in) throws IOException { ASN1InputStream dIn = new ASN1InputStream(in); ASN1Sequence seq = (ASN1Sequence)dIn.readObject(); if (seq.size() > 1 && seq.getObjectAt(0) instanceof DERObjectIdentifier) { if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) { sData = new SignedData(ASN1Sequence.getInstance( (ASN1TaggedObject)seq.getObjectAt(1), true)).getCertificates(); return getCertificate(); } } return new X509V2AttributeCertificate(seq.getEncoded()); }
static String getSignatureName( AlgorithmIdentifier sigAlgId) { ASN1Encodable params = sigAlgId.getParameters(); if (params != null && !derNull.equals(params)) { if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) { RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; } if (sigAlgId.getObjectId().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) { ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); return getDigestAlgName((DERObjectIdentifier)ecDsaParams.getObjectAt(0)) + "withECDSA"; } } return sigAlgId.getObjectId().getId(); }
private Certificate readDERCertificate( InputStream in) throws IOException, CertificateParsingException { ASN1InputStream dIn = new ASN1InputStream(in); ASN1Sequence seq = (ASN1Sequence)dIn.readObject(); if (seq.size() > 1 && seq.getObjectAt(0) instanceof DERObjectIdentifier) { if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) { sData = new SignedData(ASN1Sequence.getInstance( (ASN1TaggedObject)seq.getObjectAt(1), true)).getCertificates(); return getCertificate(); } } return new X509CertificateObject( org.bouncycastle.asn1.x509.Certificate.getInstance(seq)); }
private CRL readDERCRL( InputStream in) throws IOException, CRLException { ASN1InputStream dIn = new ASN1InputStream(in); ASN1Sequence seq = (ASN1Sequence)dIn.readObject(); if (seq.size() > 1 && seq.getObjectAt(0) instanceof DERObjectIdentifier) { if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) { sData = new SignedData(ASN1Sequence.getInstance( (ASN1TaggedObject)seq.getObjectAt(1), true)).getCRLs(); return getCRL(); } } return new X509CRLObject(CertificateList.getInstance(seq)); }
static String getSignatureName( AlgorithmIdentifier sigAlgId) { ASN1Encodable params = sigAlgId.getParameters(); if (params != null && !derNull.equals(params)) { if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) { RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; } if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) { ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); return getDigestAlgName((DERObjectIdentifier)ecDsaParams.getObjectAt(0)) + "withECDSA"; } } return sigAlgId.getAlgorithm().getId(); }
public void writeObject(ObjectOutputStream out) throws IOException { if (pkcs12Ordering.size() == 0) { out.writeObject(new Hashtable()); out.writeObject(new Vector()); } else { ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream aOut = new ASN1OutputStream(bOut); Enumeration e = this.getBagAttributeKeys(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); aOut.writeObject(oid); aOut.writeObject((ASN1Encodable)pkcs12Attributes.get(oid)); } out.writeObject(bOut.toByteArray()); } }
private Set getExtensionOIDs(boolean critical) { Set set = new HashSet(); X509Extensions extensions = this.getResponseExtensions(); if (extensions != null) { Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); X509Extension ext = extensions.getExtension(oid); if (critical == ext.isCritical()) { set.add(oid.getId()); } } } return set; }
public byte[] getExtensionValue(String oid) { X509Extensions exts = this.getResponseExtensions(); if (exts != null) { X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid)); if (ext != null) { try { return ext.getValue().getEncoded(ASN1Encoding.DER); } catch (Exception e) { throw new RuntimeException("error encoding " + e.toString()); } } } return null; }
public OCSPReq generate( String signingAlgorithm, PrivateKey key, X509Certificate[] chain, String provider, SecureRandom random) throws OCSPException, NoSuchProviderException, IllegalArgumentException { if (signingAlgorithm == null) { throw new IllegalArgumentException("no signing algorithm specified"); } try { DERObjectIdentifier oid = OCSPUtil.getAlgorithmOID(signingAlgorithm); return generateRequest(oid, key, chain, provider, random); } catch (IllegalArgumentException e) { throw new IllegalArgumentException("unknown signing algorithm specified: " + signingAlgorithm); } }
private Set getExtensionOIDs(boolean critical) { Set set = new HashSet(); X509Extensions extensions = this.getSingleRequestExtensions(); if (extensions != null) { Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); X509Extension ext = extensions.getExtension(oid); if (critical == ext.isCritical()) { set.add(oid.getId()); } } } return set; }
public byte[] getExtensionValue(String oid) { X509Extensions exts = this.getSingleRequestExtensions(); if (exts != null) { X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid)); if (ext != null) { try { return ext.getValue().getEncoded(ASN1Encoding.DER); } catch (Exception e) { throw new RuntimeException("error encoding " + e.toString()); } } } return null; }
private Set getExtensionOIDs(boolean critical) { Set set = new HashSet(); X509Extensions extensions = this.getSingleExtensions(); if (extensions != null) { Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); X509Extension ext = extensions.getExtension(oid); if (critical == ext.isCritical()) { set.add(oid.getId()); } } } return set; }
public byte[] getExtensionValue(String oid) { X509Extensions exts = this.getSingleExtensions(); if (exts != null) { X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid)); if (ext != null) { try { return ext.getValue().getEncoded(ASN1Encoding.DER); } catch (Exception e) { throw new RuntimeException("error encoding " + e.toString()); } } } return null; }
static AlgorithmIdentifier getSigAlgID( DERObjectIdentifier sigOid, String algorithmName) { if (noParams.contains(sigOid)) { return new AlgorithmIdentifier(sigOid); } algorithmName = Strings.toUpperCase(algorithmName); if (params.containsKey(algorithmName)) { return new AlgorithmIdentifier(sigOid, (DEREncodable)params.get(algorithmName)); } else { return new AlgorithmIdentifier(sigOid, new DERNull()); } }
private Set getExtensionOIDs(boolean critical) { if (this.getVersion() == 2) { HashSet set = new HashSet(); X509Extensions extensions = c.getTBSCertList().getExtensions(); Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); X509Extension ext = extensions.getExtension(oid); if (critical == ext.isCritical()) { set.add(oid.getId()); } } return set; } return null; }
private Set getExtensionOIDs(boolean critical) { X509Extensions extensions = c.getExtensions(); if ( extensions != null ) { HashSet set = new HashSet(); Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); X509Extension ext = extensions.getExtension(oid); if (critical == ext.isCritical()) { set.add(oid.getId()); } } return set; } return null; }
public byte[] getExtensionValue(String oid) { X509Extensions exts = c.getExtensions(); if (exts != null) { X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid)); if (ext != null) { return ext.getValue().getOctets(); } } return null; }
/** * Add an extension with the given oid and the passed in value to be included * in the OCTET STRING associated with the extension. * * @param oid OID for the extension. * @param critical true if critical, false otherwise. * @param value the ASN.1 object to be included in the extension. */ public void addExtension( DERObjectIdentifier oid, boolean critical, DEREncodable value) { ByteArrayOutputStream bOut = new ByteArrayOutputStream(); DEROutputStream dOut = new DEROutputStream(bOut); try { dOut.writeObject(value); } catch (IOException e) { throw new IllegalArgumentException("error encoding value: " + e); } this.addExtension(oid, critical, bOut.toByteArray()); }
/** * return the X9ECParameters object for the named curve represented by * the passed in object identifier. Null if the curve isn't present. * * @param oid an object identifier representing a named curve, if present. */ public static X9ECParameters getByOID( DERObjectIdentifier oid) { X9ECParameters result = (X9ECParameters)curves.get(oid); if ( result == null ){ String id = oid.getId(); if ( !missing_oids.contains( id )){ missing_oids.add( id ); new Exception( "Missing named curve: " + id ).printStackTrace(); } } return( result ); }
public byte[] buildCmsBody(String signedHashId, X509Certificate certContent, byte[] content, String hashId, int version) throws CertificateEncodingException, IOException { final DEREncodableVector whole = new DEREncodableVector(); whole.add(new DERObjectIdentifier(CMS_SIGNED_ID)); final DEREncodableVector body = new DEREncodableVector(); // ----- versao ------- // final int version = 1; body.add(new DERInteger(version)); buildDigestAlg(body, hashId); // buildContentInfo(body, content); buildCerts(body, certContent); buildSignerInfo(body, signedHashId, certContent, hashId); whole.add(new DERTaggedObject(0, new DERSequence(body))); return genOutput(new DERSequence(whole)); }
public byte[] buildCmsBody(byte[] signedHashId, X509Certificate certContent, List<X509Certificate> chain, int hashId, int version, int attachSize) throws Exception { final DEREncodableVector whole = new DEREncodableVector(); // 0 SEQ whole.add(new DERObjectIdentifier(CMS_SIGNED_ID)); // 1 SEQ final DEREncodableVector body = new DEREncodableVector(); // ----- versao ------- // final int version = 1; body.add(new DERInteger(version)); // 3 INT buildDigestAlg(body, getHashAlg(hashId)); // 3 SET buildContentInfo(body, attachSize); // 3 SEQ buildCerts(body, chain); // 3 CS buildSignerInfo(body, signedHashId, certContent, hashId); // 3 SET whole.add(new DERTaggedObject(0, new DERSequence( // 2 SEQ body))); // 1 CS return genOutput(new DERSequence(whole)); }
private void buildContentInfo(final DEREncodableVector body, int size) { // ------ Content Info DEREncodableVector contentInfoVector = new DEREncodableVector(); contentInfoVector.add(new DERObjectIdentifier(ID_PKCS7_DATA)); // 4 OID if (size != DETACHED) { byte[] content = new byte[size]; for (int i = 0; i < size; i++) { content[i] = (byte) 0xba; } contentInfoVector.add(new DERTaggedObject(0, new DEROctetString( content))); } // CONTENT INFO final DERSequence contentinfo = new DERSequence(contentInfoVector); // 3 // SEQ body.add(contentinfo); }
private void buildDigestAlg(final DEREncodableVector body, List<String> listHashId) { // ---------- algoritmos de digest final DEREncodableVector algos = new DEREncodableVector(); for (String next : listHashId) { algos.add(new DERObjectIdentifier(next)); // 4 OID algos.add(new DERNull()); // 4 NULL } final DEREncodableVector algoSet = new DEREncodableVector(); algoSet.add(new DERSequence(algos)); final DERSet digestAlgorithms = new DERSet(algoSet); // 2 // SET body.add(digestAlgorithms); }
public static void extractAuthorityInformationAccess(List<String> OCSPUrl, DERObject aiaExt) { AuthorityInformationAccess aia = AuthorityInformationAccess .getInstance(aiaExt); AccessDescription[] accessDescriptions = aia.getAccessDescriptions(); DERObjectIdentifier OCSPOid = new DERObjectIdentifier( "1.3.6.1.5.5.7.48.1"); //$NON-NLS-1$ for (AccessDescription accessDescription : accessDescriptions) { GeneralName generalName = accessDescription.getAccessLocation(); String nextName = generalName.getName().toString(); DERObjectIdentifier acessMethod = accessDescription .getAccessMethod(); if (acessMethod.equals(OCSPOid)) { OCSPUrl.add(nextName); } } }
public byte[] buildCmsBody(String signedHashId, X509Certificate certContent, byte[] content, String hashId, int version) throws CertificateEncodingException, IOException { final ASN1EncodableVector whole = new ASN1EncodableVector(); whole.add(new DERObjectIdentifier(CMS_SIGNED_ID)); final ASN1EncodableVector body = new ASN1EncodableVector(); // ----- versao ------- // final int version = 1; body.add(new DERInteger(version)); buildDigestAlg(body, hashId); // buildContentInfo(body, content); buildCerts(body, certContent); buildSignerInfo(body, signedHashId, certContent, hashId); whole.add(new DERTaggedObject(0, new DERSequence(body))); return genOutput(new DERSequence(whole)); }
public byte[] buildCmsBody(byte[] signedHashId, X509Certificate certContent, List<X509Certificate> chain, int hashId, int version, int attachSize) throws Exception { final ASN1EncodableVector whole = new ASN1EncodableVector(); // 0 SEQ whole.add(new DERObjectIdentifier(CMS_SIGNED_ID)); // 1 SEQ final ASN1EncodableVector body = new ASN1EncodableVector(); // ----- versao ------- // final int version = 1; body.add(new DERInteger(version)); // 3 INT buildDigestAlg(body, getHashAlg(hashId)); // 3 SET buildContentInfo(body, attachSize); // 3 SEQ buildCerts(body, chain); // 3 CS buildSignerInfo(body, signedHashId, certContent, hashId); // 3 SET whole.add(new DERTaggedObject(0, new DERSequence( // 2 SEQ body))); // 1 CS return genOutput(new DERSequence(whole)); }
private void buildContentInfo(final ASN1EncodableVector body, int size) { // ------ Content Info ASN1EncodableVector contentInfoVector = new ASN1EncodableVector(); contentInfoVector.add(new DERObjectIdentifier(ID_PKCS7_DATA)); // 4 OID if (size != DETACHED) { byte[] content = new byte[size]; for (int i = 0; i < size; i++) { content[i] = (byte) 0xba; } contentInfoVector.add(new DERTaggedObject(0, new DEROctetString( content))); } // CONTENT INFO final DERSequence contentinfo = new DERSequence(contentInfoVector); // 3 // SEQ body.add(contentinfo); }
private void buildDigestAlg(final ASN1EncodableVector body, List<String> listHashId) { // ---------- algoritmos de digest final ASN1EncodableVector algos = new ASN1EncodableVector(); for (String next : listHashId) { algos.add(new DERObjectIdentifier(next)); // 4 OID algos.add(new DERNull()); // 4 NULL } final ASN1EncodableVector algoSet = new ASN1EncodableVector(); algoSet.add(new DERSequence(algos)); final DERSet digestAlgorithms = new DERSet(algoSet); // 2 // SET body.add(digestAlgorithms); }
