List of usage examples for org.bouncycastle.asn1 ASN1InputStream readObject
public ASN1Primitive readObject() throws IOException
From source file:org.jruby.ext.openssl.impl.PKCS7.java
License:LGPL
public static PKCS7 fromASN1(BIO bio) throws IOException, PKCS7Exception { ASN1InputStream ais = new ASN1InputStream(BIO.asInputStream(bio)); return fromASN1(ais.readObject()); }
From source file:org.jruby.ext.openssl.impl.PKey.java
License:LGPL
public static DHParameterSpec readDHParameter(byte[] input) throws IOException { ASN1InputStream aIn = new ASN1InputStream(input); ASN1Sequence seq = (ASN1Sequence) aIn.readObject(); BigInteger p = ((ASN1Integer) seq.getObjectAt(0)).getValue(); BigInteger g = ((ASN1Integer) seq.getObjectAt(1)).getValue(); return new DHParameterSpec(p, g); }
From source file:org.jruby.ext.openssl.X509Name.java
License:LGPL
@JRubyMethod public IRubyObject initialize(ThreadContext context, IRubyObject dn, IRubyObject template) { Ruby runtime = context.runtime;// w w w . ja va 2 s . com if (dn instanceof RubyArray) { RubyArray ary = (RubyArray) dn; if (template.isNil()) { template = runtime.getClassFromPath("OpenSSL::X509::Name").getConstant("OBJECT_TYPE_TEMPLATE"); } for (int i = 0; i < ary.size(); i++) { IRubyObject obj = ary.eltOk(i); if (!(obj instanceof RubyArray)) { throw runtime.newTypeError(obj, runtime.getArray()); } RubyArray arr = (RubyArray) obj; IRubyObject entry0, entry1, entry2; entry0 = arr.size() > 0 ? arr.eltOk(0) : context.nil; entry1 = arr.size() > 1 ? arr.eltOk(1) : context.nil; entry2 = arr.size() > 2 ? arr.eltOk(2) : context.nil; if (entry2.isNil()) entry2 = template.callMethod(context, "[]", entry0); if (entry2.isNil()) entry2 = runtime.getClassFromPath("OpenSSL::X509::Name").getConstant("DEFAULT_OBJECT_TYPE"); add_entry(context, entry0, entry1, entry2); } } else { try { byte[] bytes = OpenSSLImpl.to_der_if_possible(dn).convertToString().getBytes(); ASN1InputStream is = new ASN1InputStream(bytes); ASN1Sequence seq = (ASN1Sequence) is.readObject(); //StringBuilder b = new StringBuilder(); //printASN(seq, b); fromASN1Sequence(seq); } catch (IOException e) { //Do not catch Exception. Want to see nullpointer stacktrace. throw newX509NameError(runtime, e.getClass().getName() + ":" + e.getLocalizedMessage()); } } return this; }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
/** * c: PEM_read_PrivateKey + PEM_read_bio_PrivateKey * CAUTION: KeyPair#getPublic() may be null. *//*from ww w. j a v a2 s . c o m*/ @Override public KeyPair readPrivateKey(Reader in, char[] password) throws IOException { BufferedReader _in = makeBuffered(in); String line; while ((line = _in.readLine()) != null) { if (line.indexOf(BEF_G + PEM_STRING_RSA) != -1) { try { return readKeyPair(_in, password, "RSA", BEF_E + PEM_STRING_RSA); } catch (Exception e) { throw new IOException("problem creating RSA private key: " + e.toString()); } } else if (line.indexOf(BEF_G + PEM_STRING_DSA) != -1) { try { return readKeyPair(_in, password, "DSA", BEF_E + PEM_STRING_DSA); } catch (Exception e) { throw new IOException("problem creating DSA private key: " + e.toString()); } } else if (line.indexOf(BEF_G + PEM_STRING_ECPRIVATEKEY) != -1) { throw new IOException("EC private key not supported"); } else if (line.indexOf(BEF_G + PEM_STRING_PKCS8INF) != -1) { try { byte[] bytes = readBytes(_in, BEF_E + PEM_STRING_PKCS8INF); ByteArrayInputStream bIn = new ByteArrayInputStream(bytes); ASN1InputStream aIn = new ASN1InputStream(bIn); PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) aIn.readObject()); String type = getPrivateKeyTypeFromObjectId(info.getAlgorithmId().getObjectId()); return readPrivateKeySequence(info.getPrivateKey().getDEREncoded(), type); } catch (Exception e) { throw new IOException("problem creating private key: " + e.toString()); } } else if (line.indexOf(BEF_G + PEM_STRING_PKCS8) != -1) { try { byte[] bytes = readBytes(_in, BEF_E + PEM_STRING_PKCS8); ByteArrayInputStream bIn = new ByteArrayInputStream(bytes); ASN1InputStream aIn = new ASN1InputStream(bIn); org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo eIn = new org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo( (ASN1Sequence) aIn.readObject()); AlgorithmIdentifier algId = eIn.getEncryptionAlgorithm(); String algorithm = ASN1Registry.o2a(algId.getObjectId()); algorithm = (algorithm.split("-"))[0]; PKCS12PBEParams pbeParams = new PKCS12PBEParams((ASN1Sequence) algId.getParameters()); SecretKeyFactory fact = OpenSSLReal.getSecretKeyFactoryBC(algorithm); // need to use BC for PKCS12PBEParams. PBEKeySpec pbeSpec = new PBEKeySpec(password); SecretKey key = fact.generateSecret(pbeSpec); PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue()); Cipher cipher = OpenSSLReal.getCipherBC(algorithm); // need to use BC for PBEParameterSpec. cipher.init(Cipher.UNWRAP_MODE, key, defParams); // wrappedKeyAlgorithm is unknown ("") PrivateKey privKey = (PrivateKey) cipher.unwrap(eIn.getEncryptedData(), "", Cipher.PRIVATE_KEY); return new KeyPair(null, privKey); } catch (Exception e) { throw new IOException("problem creating private key: " + e.toString()); } } } return null; }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
@Override public DHParameterSpec readDHParameters(Reader _in) throws IOException, InvalidParameterSpecException { BufferedReader in = makeBuffered(_in); String line;//from w ww . ja v a2 s . c om StringBuilder buf = new StringBuilder(); while ((line = in.readLine()) != null) { if (line.indexOf(BEF_G + PEM_STRING_DHPARAMS) >= 0) { do { buf.append(line.trim()); } while (line.indexOf(BEF_E + PEM_STRING_DHPARAMS) < 0 && (line = in.readLine()) != null); break; } } Matcher m = DH_PARAM_PATTERN.matcher(buf.toString()); if (m.find()) { try { byte[] decoded = Base64.decode(m.group(DH_PARAM_GROUP)); ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(decoded)); ASN1Sequence seq = (ASN1Sequence) aIn.readObject(); BigInteger p = ((DERInteger) seq.getObjectAt(0)).getValue(); BigInteger g = ((DERInteger) seq.getObjectAt(1)).getValue(); return new DHParameterSpec(p, g); } catch (Exception e) { } } // probably not exactly the intended use of this exception, but // close enough for internal throw/catch throw new InvalidParameterSpecException("invalid " + PEM_STRING_DHPARAMS); }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
@Override public void writeDSAPrivateKey(Writer _out, DSAPrivateKey obj, String algo, char[] f) throws IOException { BufferedWriter out = makeBuffered(_out); ByteArrayInputStream bIn = new ByteArrayInputStream(getEncoded(obj)); ASN1InputStream aIn = new ASN1InputStream(bIn); PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) aIn.readObject()); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream aOut = new ASN1OutputStream(bOut); DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters()); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERInteger(0)); v.add(new DERInteger(p.getP())); v.add(new DERInteger(p.getQ())); v.add(new DERInteger(p.getG())); BigInteger x = obj.getX();//from ww w. j a v a2 s . c om BigInteger y = p.getG().modPow(x, p.getP()); v.add(new DERInteger(y)); v.add(new DERInteger(x)); aOut.writeObject(new DERSequence(v)); byte[] encoding = bOut.toByteArray(); if (algo != null && f != null) { byte[] salt = new byte[8]; byte[] encData = null; random.nextBytes(salt); OpenSSLPBEParametersGenerator pGen = new OpenSSLPBEParametersGenerator(); pGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(f), salt); SecretKey secretKey = null; if (algo.equalsIgnoreCase("DESede/CBC/PKCS5Padding")) { // generate key int keyLength = 24; KeyParameter param = (KeyParameter) pGen.generateDerivedParameters(keyLength * 8); secretKey = new SecretKeySpec(param.getKey(), "DESede"); } else { throw new IOException("unknown algorithm in write_DSAPrivateKey: " + algo); } // cipher try { Cipher c = Cipher.getInstance("DESede/CBC/PKCS5Padding"); c.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(salt)); encData = c.doFinal(encoding); } catch (Exception e) { throw new IOException("exception using cipher: " + e.toString()); } // write the data out.write(BEF_G + PEM_STRING_DSA + AFT); out.newLine(); out.write("Proc-Type: 4,ENCRYPTED"); out.newLine(); out.write("DEK-Info: DES-EDE3-CBC,"); writeHexEncoded(out, salt); out.newLine(); out.newLine(); writeEncoded(out, encData); out.write(BEF_E + PEM_STRING_DSA + AFT); out.flush(); } else { out.write(BEF_G + PEM_STRING_DSA + AFT); out.newLine(); writeEncoded(out, encoding); out.write(BEF_E + PEM_STRING_DSA + AFT); out.newLine(); out.flush(); } }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
private RSAPublicKey readRSAPublicKey(BufferedReader in, String endMarker) throws IOException { ByteArrayInputStream bAIS = new ByteArrayInputStream(readBytes(in, endMarker)); ASN1InputStream ais = new ASN1InputStream(bAIS); Object asnObject = ais.readObject(); ASN1Sequence sequence = (ASN1Sequence) asnObject; RSAPublicKeyStructure rsaPubStructure = new RSAPublicKeyStructure(sequence); RSAPublicKeySpec keySpec = new RSAPublicKeySpec(rsaPubStructure.getModulus(), rsaPubStructure.getPublicExponent()); try {/*from w ww . j a v a2 s .c o m*/ KeyFactory keyFact = KeyFactory.getInstance("RSA"); return (RSAPublicKey) keyFact.generatePublic(keySpec); } catch (NoSuchAlgorithmException e) { // ignore } catch (InvalidKeySpecException e) { // ignore } return null; }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
private KeyPair readPrivateKeySequence(byte[] in, String type) throws Exception { KeySpec pubSpec = null;//from www . ja v a2 s.c o m KeySpec privSpec = null; ByteArrayInputStream bIn = new ByteArrayInputStream(in); ASN1InputStream aIn = new ASN1InputStream(bIn); ASN1Sequence seq = (ASN1Sequence) aIn.readObject(); if (type.equals("RSA")) { DERInteger mod = (DERInteger) seq.getObjectAt(1); DERInteger pubExp = (DERInteger) seq.getObjectAt(2); DERInteger privExp = (DERInteger) seq.getObjectAt(3); DERInteger p1 = (DERInteger) seq.getObjectAt(4); DERInteger p2 = (DERInteger) seq.getObjectAt(5); DERInteger exp1 = (DERInteger) seq.getObjectAt(6); DERInteger exp2 = (DERInteger) seq.getObjectAt(7); DERInteger crtCoef = (DERInteger) seq.getObjectAt(8); pubSpec = new RSAPublicKeySpec(mod.getValue(), pubExp.getValue()); privSpec = new RSAPrivateCrtKeySpec(mod.getValue(), pubExp.getValue(), privExp.getValue(), p1.getValue(), p2.getValue(), exp1.getValue(), exp2.getValue(), crtCoef.getValue()); } else { // assume "DSA" for now. DERInteger p = (DERInteger) seq.getObjectAt(1); DERInteger q = (DERInteger) seq.getObjectAt(2); DERInteger g = (DERInteger) seq.getObjectAt(3); DERInteger y = (DERInteger) seq.getObjectAt(4); DERInteger x = (DERInteger) seq.getObjectAt(5); privSpec = new DSAPrivateKeySpec(x.getValue(), p.getValue(), q.getValue(), g.getValue()); pubSpec = new DSAPublicKeySpec(y.getValue(), p.getValue(), q.getValue(), g.getValue()); } KeyFactory fact = KeyFactory.getInstance(type); return new KeyPair(fact.generatePublic(pubSpec), fact.generatePrivate(privSpec)); }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
private X509AuxCertificate readAuxCertificate(BufferedReader in, String endMarker) throws IOException { String line;//from w w w.j a v a 2 s .co m StringBuffer buf = new StringBuffer(); while ((line = in.readLine()) != null) { if (line.indexOf(endMarker) != -1) { break; } buf.append(line.trim()); } if (line == null) { throw new IOException(endMarker + " not found"); } ASN1InputStream try1 = new ASN1InputStream(Base64.decode(buf.toString())); ByteArrayInputStream bIn = new ByteArrayInputStream((try1.readObject()).getEncoded()); try { CertificateFactory certFact = CertificateFactory.getInstance("X.509"); X509Certificate bCert = (X509Certificate) certFact.generateCertificate(bIn); DERSequence aux = (DERSequence) try1.readObject(); X509Aux ax = null; if (aux != null) { ax = new X509Aux(); int ix = 0; if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERSequence) { DERSequence trust = (DERSequence) aux.getObjectAt(ix++); for (int i = 0; i < trust.size(); i++) { ax.trust.add(((DERObjectIdentifier) trust.getObjectAt(i)).getId()); } } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERTaggedObject && ((DERTaggedObject) aux.getObjectAt(ix)).getTagNo() == 0) { DERSequence reject = (DERSequence) ((DERTaggedObject) aux.getObjectAt(ix++)).getObject(); for (int i = 0; i < reject.size(); i++) { ax.reject.add(((DERObjectIdentifier) reject.getObjectAt(i)).getId()); } } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERUTF8String) { ax.alias = ((DERUTF8String) aux.getObjectAt(ix++)).getString(); } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DEROctetString) { ax.keyid = ((DEROctetString) aux.getObjectAt(ix++)).getOctets(); } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERTaggedObject && ((DERTaggedObject) aux.getObjectAt(ix)).getTagNo() == 1) { DERSequence other = (DERSequence) ((DERTaggedObject) aux.getObjectAt(ix++)).getObject(); for (int i = 0; i < other.size(); i++) { ax.other.add((DERObject) (other.getObjectAt(i))); } } } return new X509AuxCertificate(bCert, ax); } catch (Exception e) { throw new IOException("problem parsing cert: " + e.toString()); } }
From source file:org.jruby.ext.openssl.x509store.PEMInputOutput.java
License:LGPL
private static X509AuxCertificate readAuxCertificate(BufferedReader in, String endMarker) throws IOException { String line;//from w ww. ja v a 2s . c o m StringBuilder buf = new StringBuilder(); while ((line = in.readLine()) != null) { if (line.indexOf(endMarker) != -1) { break; } buf.append(line.trim()); } if (line == null) { throw new IOException(endMarker + " not found"); } ASN1InputStream try1 = new ASN1InputStream(Base64.decode(buf.toString())); ByteArrayInputStream bIn = new ByteArrayInputStream((try1.readObject()).getEncoded()); try { CertificateFactory certFact = CertificateFactory.getInstance("X.509"); X509Certificate bCert = (X509Certificate) certFact.generateCertificate(bIn); ASN1Sequence aux = (ASN1Sequence) try1.readObject(); X509Aux ax = null; if (aux != null) { ax = new X509Aux(); int ix = 0; if (aux.size() > ix && aux.getObjectAt(ix) instanceof ASN1Sequence) { ASN1Sequence trust = (ASN1Sequence) aux.getObjectAt(ix++); for (int i = 0; i < trust.size(); i++) { ax.trust.add(((ASN1ObjectIdentifier) trust.getObjectAt(i)).getId()); } } if (aux.size() > ix && aux.getObjectAt(ix) instanceof ASN1TaggedObject && ((ASN1TaggedObject) aux.getObjectAt(ix)).getTagNo() == 0) { ASN1Sequence reject = (ASN1Sequence) ((ASN1TaggedObject) aux.getObjectAt(ix++)).getObject(); for (int i = 0; i < reject.size(); i++) { ax.reject.add(((ASN1ObjectIdentifier) reject.getObjectAt(i)).getId()); } } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERUTF8String) { ax.alias = ((DERUTF8String) aux.getObjectAt(ix++)).getString(); } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DEROctetString) { ax.keyid = ((DEROctetString) aux.getObjectAt(ix++)).getOctets(); } if (aux.size() > ix && aux.getObjectAt(ix) instanceof ASN1TaggedObject && ((ASN1TaggedObject) aux.getObjectAt(ix)).getTagNo() == 1) { ASN1Sequence other = (ASN1Sequence) ((ASN1TaggedObject) aux.getObjectAt(ix++)).getObject(); for (int i = 0; i < other.size(); i++) { ax.other.add((ASN1Primitive) (other.getObjectAt(i))); } } } return new X509AuxCertificate(bCert, ax); } catch (Exception e) { throw new IOException("problem parsing cert: " + e.toString()); } }