List of usage examples for org.bouncycastle.asn1 ASN1Integer ASN1Integer
public ASN1Integer(byte[] bytes)
From source file:org.jruby.ext.openssl.impl.PKCS7.java
License:LGPL
public static PKCS7 sign(X509AuxCertificate signcert, PrivateKey pkey, Collection<X509AuxCertificate> certs, BIO data, int flags) throws PKCS7Exception { PKCS7 p7 = new PKCS7(); p7.setType(ASN1Registry.NID_pkcs7_signed); p7.contentNew(ASN1Registry.NID_pkcs7_data); SignerInfoWithPkey si = p7.addSignature(signcert, pkey, EVP.sha1()); if ((flags & NOCERTS) == 0) { p7.addCertificate(signcert);//from w w w.j a v a 2 s .c o m if (certs != null) { for (X509AuxCertificate c : certs) { p7.addCertificate(c); } } } if ((flags & NOATTR) == 0) { si.addSignedAttribute(ASN1Registry.NID_pkcs9_contentType, ASN1Registry.nid2obj(ASN1Registry.NID_pkcs7_data)); if ((flags & NOSMIMECAP) == 0) { ASN1EncodableVector smcap = new ASN1EncodableVector(); smcap.add(new AlgorithmIdentifier(ASN1Registry.nid2obj(ASN1Registry.NID_des_ede3_cbc))); smcap.add(new AlgorithmIdentifier(ASN1Registry.nid2obj(ASN1Registry.NID_rc2_cbc), new ASN1Integer(128))); smcap.add(new AlgorithmIdentifier(ASN1Registry.nid2obj(ASN1Registry.NID_rc2_cbc), new ASN1Integer(64))); smcap.add(new AlgorithmIdentifier(ASN1Registry.nid2obj(ASN1Registry.NID_rc2_cbc), new ASN1Integer(40))); smcap.add(new AlgorithmIdentifier(ASN1Registry.nid2obj(ASN1Registry.NID_des_cbc))); si.addSignedAttribute(ASN1Registry.NID_SMIMECapabilities, new DLSequence(smcap)); } } if ((flags & STREAM) != 0) { return p7; } BIO p7bio = p7.dataInit(null); try { data.crlfCopy(p7bio, flags); } catch (IOException e) { throw new PKCS7Exception(F_PKCS7_SIGN, R_PKCS7_DATAFINAL_ERROR, e); } if ((flags & DETACHED) != 0) { p7.setDetached(1); } p7.dataFinal(p7bio); return p7; }
From source file:org.jruby.ext.openssl.impl.PKey.java
License:LGPL
public static byte[] toDerRSAKey(RSAPublicKey pubKey, RSAPrivateCrtKey privKey) throws IOException { ASN1EncodableVector v1 = new ASN1EncodableVector(); if (pubKey != null && privKey == null) { v1.add(new ASN1Integer(pubKey.getModulus())); v1.add(new ASN1Integer(pubKey.getPublicExponent())); } else {/* w w w.j a v a2 s .c o m*/ v1.add(new ASN1Integer(0)); v1.add(new ASN1Integer(privKey.getModulus())); v1.add(new ASN1Integer(privKey.getPublicExponent())); v1.add(new ASN1Integer(privKey.getPrivateExponent())); v1.add(new ASN1Integer(privKey.getPrimeP())); v1.add(new ASN1Integer(privKey.getPrimeQ())); v1.add(new ASN1Integer(privKey.getPrimeExponentP())); v1.add(new ASN1Integer(privKey.getPrimeExponentQ())); v1.add(new ASN1Integer(privKey.getCrtCoefficient())); } return new DLSequence(v1).getEncoded(); }
From source file:org.jruby.ext.openssl.impl.PKey.java
License:LGPL
public static byte[] toDerDSAKey(DSAPublicKey pubKey, DSAPrivateKey privKey) throws IOException { if (pubKey != null && privKey == null) { return pubKey.getEncoded(); } else if (privKey != null && pubKey != null) { DSAParams params = privKey.getParams(); ASN1EncodableVector v1 = new ASN1EncodableVector(); v1.add(new ASN1Integer(0)); v1.add(new ASN1Integer(params.getP())); v1.add(new ASN1Integer(params.getQ())); v1.add(new ASN1Integer(params.getG())); v1.add(new ASN1Integer(pubKey.getY())); v1.add(new ASN1Integer(privKey.getX())); return new DLSequence(v1).getEncoded(); } else {/*from w ww .j a va2s . c om*/ return privKey.getEncoded(); } }
From source file:org.jruby.ext.openssl.impl.PKey.java
License:LGPL
public static byte[] toDerDHKey(BigInteger p, BigInteger g) throws IOException { ASN1EncodableVector v = new ASN1EncodableVector(); if (p != null) { v.add(new ASN1Integer(p)); }/* www.j av a 2 s.c o m*/ if (g != null) { v.add(new ASN1Integer(g)); } return new DLSequence(v).getEncoded(); }
From source file:org.jruby.ext.openssl.impl.RecipInfo.java
License:LGPL
public ASN1Encodable asASN1() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(getVersion())); vector.add(issuerAndSerial.toASN1Primitive()); vector.add(keyEncAlgor.toASN1Primitive()); vector.add(encKey.toASN1Primitive()); return new DLSequence(vector); }
From source file:org.jruby.ext.openssl.impl.Signed.java
License:LGPL
public ASN1Encodable asASN1() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(version)); vector.add(digestAlgorithmsToASN1Set()); if (contents == null) { contents = PKCS7.newEmpty();//from ww w . java 2 s.c om } vector.add(contents.asASN1()); if (cert != null && cert.size() > 0) { if (cert.size() > 1) { vector.add(new DERTaggedObject(false, 0, certificatesToASN1Set())); } else { // Encode the signer certificate directly for OpenSSL compatibility. // OpenSSL does not support multiple signer signature. // And OpenSSL requires EXPLICIT tagging. vector.add(new DERTaggedObject(true, 0, firstCertificatesToASN1())); } } if (crl != null && crl.size() > 0) { vector.add(new DERTaggedObject(false, 1, crlsToASN1Set())); } vector.add(signerInfosToASN1Set()); return new DLSequence(vector); }
From source file:org.jruby.ext.openssl.impl.SignerInfoWithPkey.java
License:LGPL
public void set(X509AuxCertificate x509, PrivateKey pkey, MessageDigest dgst) throws PKCS7Exception { boolean dsa = (pkey instanceof DSAPrivateKey) || (pkey instanceof ECPrivateKey); version = new ASN1Integer(1); X500Name issuer = X500Name.getInstance(x509.getIssuerX500Principal().getEncoded()); BigInteger serial = x509.getSerialNumber(); issuerAndSerialNumber = new IssuerAndSerialNumber(issuer, serial); this.pkey = pkey; if (dsa) {/* w ww . j av a2s. c om*/ digAlgorithm = new AlgorithmIdentifier(ASN1Registry.nid2obj(ASN1Registry.NID_sha1)); } else { digAlgorithm = new AlgorithmIdentifier(ASN1Registry.nid2obj(EVP.type(dgst))); } if (pkey instanceof RSAPrivateKey) { digEncryptionAlgorithm = new AlgorithmIdentifier(ASN1Registry.nid2obj(ASN1Registry.NID_rsaEncryption)); } else if (pkey instanceof DSAPrivateKey) { digEncryptionAlgorithm = new AlgorithmIdentifier(ASN1Registry.nid2obj(ASN1Registry.NID_dsa)); } else if (pkey instanceof ECPrivateKey) { digEncryptionAlgorithm = new AlgorithmIdentifier( ASN1Registry.nid2obj(ASN1Registry.NID_ecdsa_with_SHA1)); } }
From source file:org.jruby.ext.openssl.PKeyEC.java
License:Open Source License
@JRubyMethod(name = "dsa_sign_asn1") public IRubyObject dsa_sign_asn1(final ThreadContext context, final IRubyObject data) { try {/*from w w w .ja va2 s . c o m*/ ECNamedCurveParameterSpec params = ECNamedCurveTable.getParameterSpec(getCurveName()); ASN1ObjectIdentifier oid = getCurveOID(getCurveName()); ECNamedDomainParameters domainParams = new ECNamedDomainParameters(oid, params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed()); final ECDSASigner signer = new ECDSASigner(); final ECPrivateKey privKey = (ECPrivateKey) this.privateKey; signer.init(true, new ECPrivateKeyParameters(privKey.getS(), domainParams)); final byte[] message = data.convertToString().getBytes(); BigInteger[] signature = signer.generateSignature(message); // [r, s] // final byte[] r = signature[0].toByteArray(); // final byte[] s = signature[1].toByteArray(); // // ASN.1 encode as: 0x30 len 0x02 rlen (r) 0x02 slen (s) // final int len = 1 + (1 + r.length) + 1 + (1 + s.length); // // final byte[] encoded = new byte[1 + 1 + len]; int i; // encoded[0] = 0x30; // encoded[1] = (byte) len; // encoded[2] = 0x20; // encoded[3] = (byte) r.length; // System.arraycopy(r, 0, encoded, i = 4, r.length); i += r.length; // encoded[i++] = 0x20; // encoded[i++] = (byte) s.length; // System.arraycopy(s, 0, encoded, i, s.length); ByteArrayOutputStream bytes = new ByteArrayOutputStream(); ASN1OutputStream asn1 = new ASN1OutputStream(bytes); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(signature[0])); // r v.add(new ASN1Integer(signature[1])); // s asn1.writeObject(new DLSequence(v)); return StringHelper.newString(context.runtime, bytes.buffer(), bytes.size()); } catch (IOException ex) { throw newECError(context.runtime, ex.toString()); } catch (RuntimeException ex) { throw newECError(context.runtime, ex.toString()); } }
From source file:org.jruby.ext.openssl.X509CRL.java
License:LGPL
@JRubyMethod public IRubyObject sign(final IRubyObject key, IRubyObject digest) { //System.err.println("WARNING: unimplemented method called: CRL#sign"); // Have to obey some artificial constraints of the OpenSSL implementation. Stupid. String keyAlg = ((PKey) key).getAlgorithm(); String digAlg = ((Digest) digest).getShortAlgorithm(); if (("DSA".equalsIgnoreCase(keyAlg) && "MD5".equalsIgnoreCase(digAlg)) || ("RSA".equalsIgnoreCase(keyAlg) && "DSS1".equals(((Digest) digest).name().toString())) || ("DSA".equalsIgnoreCase(keyAlg) && "SHA1".equals(((Digest) digest).name().toString()))) { throw newX509CRLError(getRuntime(), null); }/*from w ww. j a va 2s .c om*/ sig_alg = getRuntime().newString(digAlg); generator.setSignatureAlgorithm(digAlg + "WITH" + keyAlg); for (IRubyObject obj : ((RubyArray) revoked).toJavaArray()) { X509Revoked rev = (X509Revoked) obj; // TODO: can throw CCE BigInteger serial = new BigInteger( rev.callMethod(getRuntime().getCurrentContext(), "serial").toString()); IRubyObject t1 = rev.callMethod(getRuntime().getCurrentContext(), "time") .callMethod(getRuntime().getCurrentContext(), "getutc"); ((RubyTime) t1).setMicroseconds(0); // Extensions ignored, for now generator.addCRLEntry(serial, ((RubyTime) t1).getJavaDate(), new org.bouncycastle.asn1.x509.X509Extensions(new Hashtable())); } try { for (Iterator<IRubyObject> iter = extensions.iterator(); iter.hasNext();) { X509Extensions.Extension ag = (X509Extensions.Extension) iter.next(); generator.addExtension(ag.getRealOid(), ag.getRealCritical(), ag.getRealValueBytes()); } } catch (IOException ioe) { throw newX509CRLError(getRuntime(), ioe.getMessage()); } try { crl = generator.generate(((PKey) key).getPrivateKey()); } catch (Exception e) { throw newX509CRLError(getRuntime(), e.getMessage()); } try { crl_v = new ASN1InputStream(new ByteArrayInputStream(crl.getEncoded())).readObject(); } catch (CRLException crle) { throw newX509CRLError(getRuntime(), crle.getMessage()); } catch (IOException ioe) { throw newX509CRLError(getRuntime(), ioe.getMessage()); } ASN1Sequence v1 = (ASN1Sequence) (((ASN1Sequence) crl_v).getObjectAt(0)); ASN1EncodableVector build1 = new ASN1EncodableVector(); int copyIndex = 0; if (v1.getObjectAt(0) instanceof ASN1Integer) { copyIndex++; } build1.add(new ASN1Integer(new java.math.BigInteger(version.toString()))); while (copyIndex < v1.size()) { build1.add(v1.getObjectAt(copyIndex++)); } ASN1EncodableVector build2 = new ASN1EncodableVector(); build2.add(new DLSequence(build1)); build2.add(((ASN1Sequence) crl_v).getObjectAt(1)); build2.add(((ASN1Sequence) crl_v).getObjectAt(2)); crl_v = new DLSequence(build2); changed = false; return this; }
From source file:org.jruby.ext.openssl.X509ExtensionFactory.java
License:LGPL
private static DLSequence parseBasicConstrains(final String valuex) { final String[] val = valuex.split(","); final ASN1EncodableVector vec = new ASN1EncodableVector(); for (int i = 0; i < val.length; i++) { final String value = val[i] = val[i].trim(); if (value.length() > 3 && value.substring(0, 3).equalsIgnoreCase("CA:")) { boolean isTrue = "true".equalsIgnoreCase(value.substring(3).trim()); vec.add(ASN1Boolean.getInstance(isTrue)); }/*from www. j a v a 2 s .co m*/ } for (int i = 0; i < val.length; i++) { final String value = val[i]; if (value.length() > 8 && value.substring(0, 8).equalsIgnoreCase("pathlen:")) { int pathlen = Integer.parseInt(value.substring(8).trim()); vec.add(new ASN1Integer(BigInteger.valueOf(pathlen))); } } return new DLSequence(vec); }