private CertifiedKeyPair(ASN1Sequence seq) { certOrEncCert = CertOrEncCert.getInstance(seq.getObjectAt(0)); if (seq.size() >= 2) { if (seq.size() == 2) { ASN1TaggedObject tagged = ASN1TaggedObject.getInstance(seq.getObjectAt(1)); if (tagged.getTagNo() == 0) { privateKey = EncryptedValue.getInstance(tagged.getObject()); } else { publicationInfo = PKIPublicationInfo.getInstance(tagged.getObject()); } } else { privateKey = EncryptedValue.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(1))); publicationInfo = PKIPublicationInfo.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(2))); } } }
public void testEncryptedValue() throws Exception { KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC); kGen.initialize(512); KeyPair kp = kGen.generateKeyPair(); X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test"); JcaEncryptedValueBuilder build = new JcaEncryptedValueBuilder(new JceAsymmetricKeyWrapper(cert.getPublicKey()).setProvider(BC), new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build()); EncryptedValue value = build.build(cert); ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC); // try direct encryptedValueParserTest(value, decGen, cert); // try indirect encryptedValueParserTest(EncryptedValue.getInstance(value.getEncoded()), decGen, cert); }
public void testEncryptedValuePassphrase() throws Exception { char[] passphrase = PASSPHRASE.toCharArray(); KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC); kGen.initialize(512); KeyPair kp = kGen.generateKeyPair(); X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test"); EncryptedValueBuilder build = new EncryptedValueBuilder(new JceAsymmetricKeyWrapper(cert.getPublicKey()).setProvider(BC), new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build()); EncryptedValue value = build.build(passphrase); ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC); // try direct encryptedValuePassphraseParserTest(value, null, decGen, cert); // try indirect encryptedValuePassphraseParserTest(EncryptedValue.getInstance(value.getEncoded()), null, decGen, cert); }
public void testEncryptedValuePassphraseWithPadding() throws Exception { char[] passphrase = PASSPHRASE.toCharArray(); KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC); kGen.initialize(512); KeyPair kp = kGen.generateKeyPair(); X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test"); FixedLengthMGF1Padder mgf1Padder = new FixedLengthMGF1Padder(200, new SecureRandom()); EncryptedValueBuilder build = new EncryptedValueBuilder(new JceAsymmetricKeyWrapper(cert.getPublicKey()).setProvider(BC), new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build(), mgf1Padder); EncryptedValue value = build.build(passphrase); ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC); // try direct encryptedValuePassphraseParserTest(value, mgf1Padder, decGen, cert); // try indirect encryptedValuePassphraseParserTest(EncryptedValue.getInstance(value.getEncoded()), mgf1Padder, decGen, cert); }
/** * Build an EncryptedValue structure containing the certificate contained in * the passed in holder. * * @param holder a holder containing a certificate. * @return an EncryptedValue containing the encrypted certificate. * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this value. */ public EncryptedValue build(X509CertificateHolder holder) throws CRMFException { try { return encryptData(padData(holder.getEncoded())); } catch (IOException e) { throw new CRMFException("cannot encode certificate: " + e.getMessage(), e); } }
private CertOrEncCert(ASN1TaggedObject tagged) { if (tagged.getTagNo() == 0) { certificate = CMPCertificate.getInstance(tagged.getObject()); } else if (tagged.getTagNo() == 1) { encryptedCert = EncryptedValue.getInstance(tagged.getObject()); } else { throw new IllegalArgumentException("unknown tag: " + tagged.getTagNo()); } }
public CertOrEncCert(EncryptedValue encryptedCert) { if (encryptedCert == null) { throw new IllegalArgumentException("'encryptedCert' cannot be null"); } this.encryptedCert = encryptedCert; }
public CertifiedKeyPair( CertOrEncCert certOrEncCert, EncryptedValue privateKey, PKIPublicationInfo publicationInfo ) { if (certOrEncCert == null) { throw new IllegalArgumentException("'certOrEncCert' cannot be null"); } this.certOrEncCert = certOrEncCert; this.privateKey = privateKey; this.publicationInfo = publicationInfo; }
private void encryptedValueParserTest(EncryptedValue value, ValueDecryptorGenerator decGen, X509Certificate cert) throws Exception { EncryptedValueParser parser = new EncryptedValueParser(value); X509CertificateHolder holder = parser.readCertificateHolder(decGen); assertTrue(Arrays.areEqual(cert.getEncoded(), holder.getEncoded())); }
private void encryptedValuePassphraseParserTest(EncryptedValue value, EncryptedValuePadder padder, ValueDecryptorGenerator decGen, X509Certificate cert) throws Exception { EncryptedValueParser parser = new EncryptedValueParser(value, padder); assertTrue(Arrays.areEqual(PASSPHRASE.toCharArray(), parser.readPassphrase(decGen))); }
