List of usage examples for org.bouncycastle.asn1 ASN1InputStream readObject
public ASN1Primitive readObject() throws IOException
From source file:org.globus.gsi.bc.BouncyCastleUtil.java
License:Apache License
/** * Converts the DER-encoded byte array into a * <code>DERObject</code>.//from ww w . j a v a2s . co m * * @param data the DER-encoded byte array to convert. * @return the DERObject. * @exception IOException if conversion fails */ public static ASN1Primitive toASN1Primitive(byte[] data) throws IOException { ByteArrayInputStream inStream = new ByteArrayInputStream(data); ASN1InputStream derInputStream = new ASN1InputStream(inStream); return derInputStream.readObject(); }
From source file:org.globus.gsi.bc.BouncyCastleUtil.java
License:Apache License
/** * Retrieves the actual value of the X.509 extension. * * @param certExtValue the DER-encoded OCTET string value of the extension. * @return the decoded/actual value of the extension (the octets). *//*from ww w.jav a2 s.com*/ public static byte[] getExtensionValue(byte[] certExtValue) throws IOException { ByteArrayInputStream inStream = new ByteArrayInputStream(certExtValue); ASN1InputStream derInputStream = new ASN1InputStream(inStream); ASN1Primitive object = derInputStream.readObject(); if (object instanceof ASN1OctetString) { return ((ASN1OctetString) object).getOctets(); } else { throw new IOException(i18n.getMessage("octectExp")); } }
From source file:org.globus.gsi.proxy.ext.ProxyCertInfoTest.java
License:Apache License
public void testParseProxyCertInfo() throws Exception { ProxyPolicy policy = new ProxyPolicy(testOid, testPolicy); ProxyCertInfo info = new ProxyCertInfo(3, policy); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); DEROutputStream dOut = new DEROutputStream(bOut); dOut.writeObject(info);// w w w. j a va 2 s .c om ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); ASN1InputStream dIn = new ASN1InputStream(bIn); ASN1Primitive obj = dIn.readObject(); assertTrue(obj instanceof ASN1Sequence); ProxyCertInfo testInfo = new ProxyCertInfo((ASN1Sequence) obj); assertEquals(3, testInfo.getPathLenConstraint()); assertEquals(testPolicy, testInfo.getProxyPolicy().getPolicyAsString()); assertEquals(testOid, testInfo.getProxyPolicy().getPolicyLanguage()); }
From source file:org.globus.gsi.proxy.ext.ProxyCertInfoTest.java
License:Apache License
public void testCreateProxyCertInfo2() throws Exception { ProxyPolicy policy = new ProxyPolicy(testOid, testPolicy); ProxyCertInfo info = new ProxyCertInfo(policy); assertEquals(Integer.MAX_VALUE, info.getPathLenConstraint()); assertEquals(testPolicy, info.getProxyPolicy().getPolicyAsString()); assertEquals(testOid, info.getProxyPolicy().getPolicyLanguage()); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); DEROutputStream dOut = new DEROutputStream(bOut); dOut.writeObject(info);//from w w w . jav a2 s. co m ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); ASN1InputStream dIn = new ASN1InputStream(bIn); ASN1Primitive obj = dIn.readObject(); ProxyCertInfo testInfo = new ProxyCertInfo((ASN1Sequence) obj); assertEquals(Integer.MAX_VALUE, testInfo.getPathLenConstraint()); assertEquals(testPolicy, testInfo.getProxyPolicy().getPolicyAsString()); assertEquals(testOid, testInfo.getProxyPolicy().getPolicyLanguage()); }
From source file:org.globus.security.bc.BouncyCastleOpenSSLKey.java
License:Apache License
protected PrivateKey getKey(String alg, byte[] data) throws GeneralSecurityException { if (alg.equals("RSA")) { try {//w ww. ja va2 s. c om if (data.length == 0) { throw new GeneralSecurityException("Cannot process empty byte stream."); } ByteArrayInputStream bis = new ByteArrayInputStream(data); ASN1InputStream derin = new ASN1InputStream(bis); DERObject keyInfo = derin.readObject(); DERObjectIdentifier rsaOid = PKCSObjectIdentifiers.rsaEncryption; AlgorithmIdentifier rsa = new AlgorithmIdentifier(rsaOid); PrivateKeyInfo pkeyinfo = new PrivateKeyInfo(rsa, keyInfo); DERObject derkey = pkeyinfo.getDERObject(); byte[] keyData = BouncyCastleUtil.toByteArray(derkey); // The DER object needs to be mangled to // create a proper ProvateKeyInfo object PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyData); KeyFactory kfac = KeyFactory.getInstance("RSA"); return kfac.generatePrivate(spec); } catch (IOException e) { // that should never happen return null; } } else { return null; } }
From source file:org.globus.security.bc.BouncyCastleUtil.java
License:Apache License
/** * Converts the DER-encoded byte array into a <code>DERObject</code>. * * @param data the DER-encoded byte array to convert. * @return the DERObject.//from w w w. ja v a 2s . c o m * @throws IOException if conversion fails */ public static DERObject toDERObject(byte[] data) throws IOException { ByteArrayInputStream inStream = new ByteArrayInputStream(data); ASN1InputStream derInputStream = new ASN1InputStream(inStream); return derInputStream.readObject(); }
From source file:org.hyperledger.common.BouncyCastleCrypto.java
License:Apache License
@Override public boolean verify(byte[] hash, byte[] signature, byte[] publicKey) { ASN1InputStream asn1 = new ASN1InputStream(signature); try {//from w w w . ja v a 2 s .c o m ECDSASigner signer = new ECDSASigner(); signer.init(false, new ECPublicKeyParameters(curve.getCurve().decodePoint(publicKey), domain)); DLSequence seq = (DLSequence) asn1.readObject(); BigInteger r = ((ASN1Integer) seq.getObjectAt(0)).getPositiveValue(); BigInteger s = ((ASN1Integer) seq.getObjectAt(1)).getPositiveValue(); return signer.verifySignature(hash, r, s); } catch (Exception e) { return false; } finally { try { asn1.close(); } catch (IOException ignored) { } } }
From source file:org.hyperledger.common.PublicKey.java
License:Apache License
/** * verify a signature/* w w w .j av a 2 s . c om*/ * * @param hash arbitrary data * @param signature signature * @param pub public key in binary representation * @return true if signature is valid for the key and data */ public static boolean verify(byte[] hash, byte[] signature, byte[] pub) { ASN1InputStream asn1 = new ASN1InputStream(signature); try { ECDSASigner signer = new ECDSASigner(); signer.init(false, new ECPublicKeyParameters(curve.getCurve().decodePoint(pub), domain)); DLSequence seq = (DLSequence) asn1.readObject(); BigInteger r = ((ASN1Integer) seq.getObjectAt(0)).getPositiveValue(); BigInteger s = ((ASN1Integer) seq.getObjectAt(1)).getPositiveValue(); return signer.verifySignature(hash, r, s); } catch (Exception e) { // treat format errors as invalid signatures return false; } finally { try { asn1.close(); } catch (IOException e) { } } }
From source file:org.hyperledger.fabric.sdk.shim.crypto.CryptoPrimitives.java
License:Open Source License
/** * //from w w w .jav a 2 s . c om * @param certificate * @param signature * @param plainText * @return */ public boolean ecdsaVerify(byte[] certificate, byte[] signature, byte[] plainText) { ASN1InputStream asn1 = null; InputStream in = null; DigestSHA3 sha3 = new DigestSHA3(256); try { in = new ByteArrayInputStream(certificate); CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); X509Certificate c = (X509Certificate) certFactory.generateCertificate(in); ECPublicKey ecPublicKey = (ECPublicKey) c.getPublicKey(); ECDSASigner signer = new ECDSASigner(); ECPublicKeyParameters bcPubKeyParams = (ECPublicKeyParameters) ECUtil .generatePublicKeyParameter(ecPublicKey); ECPublicKeyParameters params = new ECPublicKeyParameters( CURVE.getCurve().decodePoint(bcPubKeyParams.getQ().getEncoded(false)), CURVE); signer.init(false, params); asn1 = new ASN1InputStream(signature); DLSequence seq = (DLSequence) asn1.readObject(); BigInteger r = ((ASN1Integer) seq.getObjectAt(0)).getPositiveValue(); BigInteger s = ((ASN1Integer) seq.getObjectAt(1)).getPositiveValue(); return signer.verifySignature(sha3.digest(plainText), r, s); } catch (Exception e) { e.printStackTrace(); return false; } finally { if (in != null) { try { in.close(); } catch (IOException e) { e.printStackTrace(); } } if (asn1 != null) { try { asn1.close(); } catch (IOException e) { e.printStackTrace(); } } } }
From source file:org.icepdf.core.pobjects.acroform.signature.AbstractPkcsValidator.java
License:Apache License
/** * Takes the DER-encoded PKCS#1 binary data or PKCS#7 binary data object and reads it into an * Abstract Syntax Notation One (ASNI.1) object. * * @return ASN1Sequence representing the Cryptographic Message Syntax (CMS), null if data stream * could not be loaded//from w w w . ja va 2s . co m */ protected ASN1Sequence buildASN1Primitive(byte[] cmsData) { try { // setup the ASN1InputStream abstractSyntaxNotationStream = new ASN1InputStream(new ByteArrayInputStream(cmsData)); ASN1Primitive pkcs = abstractSyntaxNotationStream.readObject(); if (pkcs instanceof ASN1Sequence) { if (logger.isLoggable(Level.FINER)) { logger.finest("ASN1Sequence found starting sequence processing. "); } return (ASN1Sequence) pkcs; } else if (logger.isLoggable(Level.FINER)) { logger.finest("ASN1Sequence was not found backing out. "); } } catch (IOException e) { logger.log(Level.WARNING, "ASN1 stream could not be read.", e); } return null; }