List of usage examples for org.bouncycastle.asn1 ASN1Integer ASN1Integer
public ASN1Integer(byte[] bytes)
From source file:org.xipki.commons.security.pkcs11.proxy.Asn1Mechanism.java
License:Open Source License
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(mechanism)); if (params != null) { vector.add(params);// ww w .jav a 2 s . c o m } return new DERSequence(vector); }
From source file:org.xipki.commons.security.pkcs11.proxy.Asn1P11SlotIdentifier.java
License:Open Source License
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(slotId.getId())); vector.add(new ASN1Integer(slotId.getIndex())); return new DERSequence(vector); }
From source file:org.xipki.commons.security.pkcs11.proxy.Asn1RSAPkcsPssParams.java
License:Open Source License
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(pkcsPssParams.getHashAlgorithm())); vector.add(new ASN1Integer(pkcsPssParams.getMaskGenerationFunction())); vector.add(new ASN1Integer(pkcsPssParams.getSaltLength())); return new DERSequence(vector); }
From source file:org.xipki.commons.security.pkcs11.proxy.ProxyP11Module.java
License:Open Source License
ASN1Encodable send(final int action, final ASN1Encodable content) throws P11TokenException { ASN1EncodableVector vec = new ASN1EncodableVector(); vec.add(new ASN1Integer(version)); vec.add(new ASN1Integer(action)); vec.add((content != null) ? content : DERNull.INSTANCE); InfoTypeAndValue itvReq = new InfoTypeAndValue(ObjectIdentifiers.id_xipki_cmp_cmpGenmsg, new DERSequence(vec)); GenMsgContent genMsgContent = new GenMsgContent(itvReq); PKIHeader header = buildPkiHeader(null); PKIBody body = new PKIBody(PKIBody.TYPE_GEN_MSG, genMsgContent); PKIMessage request = new PKIMessage(header, body); byte[] encodedRequest; try {/*www . ja v a 2 s. c o m*/ encodedRequest = request.getEncoded(); } catch (IOException ex) { final String msg = "could not encode the PKI request"; LOG.error(msg + " {}", request); throw new P11TokenException(msg + ": " + ex.getMessage(), ex); } byte[] encodedResponse; try { encodedResponse = send(encodedRequest); } catch (IOException ex) { final String msg = "could not send the PKI request"; LOG.error(msg + " {}", request); throw new P11TokenException(msg + ": " + ex.getMessage(), ex); } GeneralPKIMessage response; try { response = new GeneralPKIMessage(encodedResponse); } catch (IOException ex) { final String msg = "could not decode the received PKI message"; LOG.error(msg + ": {}", Hex.toHexString(encodedResponse)); throw new P11TokenException(msg + ": " + ex.getMessage(), ex); } PKIHeader respHeader = response.getHeader(); ASN1OctetString tid = respHeader.getTransactionID(); GeneralName rec = respHeader.getRecipient(); if (!sender.equals(rec)) { LOG.warn("tid={}: unknown CMP requestor '{}'", tid, rec); } return extractItvInfoValue(action, response); }
From source file:org.xipki.commons.security.util.AlgorithmUtil.java
License:Open Source License
public static RSASSAPSSparams createPSSRSAParams(final HashAlgoType digestAlg) throws NoSuchAlgorithmException { ParamUtil.requireNonNull("digestAlg", digestAlg); int saltSize = digestAlg.getLength(); AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(digestAlg.getOid(), DERNull.INSTANCE); return new RSASSAPSSparams(digAlgId, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, digAlgId), new ASN1Integer(saltSize), RSASSAPSSparams.DEFAULT_TRAILER_FIELD); }
From source file:org.xipki.commons.security.util.KeyUtil.java
License:Open Source License
public static SubjectPublicKeyInfo createSubjectPublicKeyInfo(final PublicKey publicKey) throws InvalidKeyException { ParamUtil.requireNonNull("publicKey", publicKey); if (publicKey instanceof DSAPublicKey) { DSAPublicKey dsaPubKey = (DSAPublicKey) publicKey; ASN1EncodableVector vec = new ASN1EncodableVector(); vec.add(new ASN1Integer(dsaPubKey.getParams().getP())); vec.add(new ASN1Integer(dsaPubKey.getParams().getQ())); vec.add(new ASN1Integer(dsaPubKey.getParams().getG())); ASN1Sequence dssParams = new DERSequence(vec); try {/*from ww w. j a v a2 s.c o m*/ return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, dssParams), new ASN1Integer(dsaPubKey.getY())); } catch (IOException ex) { throw new InvalidKeyException(ex.getMessage(), ex); } } else if (publicKey instanceof RSAPublicKey) { RSAPublicKey rsaPubKey = (RSAPublicKey) publicKey; try { return new SubjectPublicKeyInfo( new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPublicKey(rsaPubKey.getModulus(), rsaPubKey.getPublicExponent())); } catch (IOException ex) { throw new InvalidKeyException(ex.getMessage(), ex); } } else if (publicKey instanceof ECPublicKey) { ECPublicKey ecPubKey = (ECPublicKey) publicKey; ECParameterSpec paramSpec = ecPubKey.getParams(); ASN1ObjectIdentifier curveOid = detectCurveOid(paramSpec); if (curveOid == null) { throw new InvalidKeyException("Cannot find namedCurve of the given public key"); } java.security.spec.ECPoint pointW = ecPubKey.getW(); BigInteger wx = pointW.getAffineX(); if (wx.signum() != 1) { throw new InvalidKeyException("Wx is not positive"); } BigInteger wy = pointW.getAffineY(); if (wy.signum() != 1) { throw new InvalidKeyException("Wy is not positive"); } int keysize = (paramSpec.getOrder().bitLength() + 7) / 8; byte[] wxBytes = wx.toByteArray(); byte[] wyBytes = wy.toByteArray(); byte[] pubKey = new byte[1 + keysize * 2]; pubKey[0] = 4; // uncompressed int numBytesToCopy = Math.min(wxBytes.length, keysize); int srcOffset = Math.max(0, wxBytes.length - numBytesToCopy); int destOffset = 1 + Math.max(0, keysize - wxBytes.length); System.arraycopy(wxBytes, srcOffset, pubKey, destOffset, numBytesToCopy); numBytesToCopy = Math.min(wyBytes.length, keysize); srcOffset = Math.max(0, wyBytes.length - numBytesToCopy); destOffset = 1 + keysize + Math.max(0, keysize - wyBytes.length); System.arraycopy(wyBytes, srcOffset, pubKey, destOffset, numBytesToCopy); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, curveOid); return new SubjectPublicKeyInfo(algId, pubKey); } else { throw new InvalidKeyException("unknown publicKey class " + publicKey.getClass().getName()); } }
From source file:org.xipki.commons.security.util.SignerUtil.java
License:Open Source License
public static byte[] convertPlainDSASigToX962(final byte[] signature) throws XiSecurityException { ParamUtil.requireNonNull("signature", signature); if (signature.length % 2 != 0) { throw new XiSecurityException("signature.lenth must be even, but is odd"); }//w w w .ja v a 2 s . c o m byte[] ba = new byte[signature.length / 2]; ASN1EncodableVector sigder = new ASN1EncodableVector(); System.arraycopy(signature, 0, ba, 0, ba.length); sigder.add(new ASN1Integer(new BigInteger(1, ba))); System.arraycopy(signature, ba.length, ba, 0, ba.length); sigder.add(new ASN1Integer(new BigInteger(1, ba))); DERSequence seq = new DERSequence(sigder); try { return seq.getEncoded(); } catch (IOException ex) { throw new XiSecurityException("IOException, message: " + ex.getMessage(), ex); } }
From source file:org.xipki.ocsp.client.api.RequestOptions.java
License:Open Source License
static public RSASSAPSSparams createPSSRSAParams(final ASN1ObjectIdentifier digestAlgOID) { int saltSize; if (X509ObjectIdentifiers.id_SHA1.equals(digestAlgOID)) { saltSize = 20;/* w w w. j a va 2s .c o m*/ } else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) { saltSize = 28; } else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) { saltSize = 32; } else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID)) { saltSize = 48; } else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID)) { saltSize = 64; } else { throw new RuntimeException("unknown digest algorithm " + digestAlgOID); } AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(digestAlgOID, DERNull.INSTANCE); return new RSASSAPSSparams(digAlgId, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, digAlgId), new ASN1Integer(saltSize), RSASSAPSSparams.DEFAULT_TRAILER_FIELD); }
From source file:org.xipki.pki.ca.certprofile.test.ProfileConfCreatorDemo.java
License:Open Source License
private static ExtensionValueType createSmimeCapabilities() { SMIMECapabilities caps = new SMIMECapabilities(); // DES-EDE3-CBC SMIMECapability cap = new SMIMECapability(); caps.getSMIMECapability().add(cap);//from ww w. ja va2 s .c o m cap.setCapabilityID(createOidType(new ASN1ObjectIdentifier("1.2.840.113549.3.7"), "DES-EDE3-CBC")); // RC2-CBC keysize 128 cap = new SMIMECapability(); caps.getSMIMECapability().add(cap); cap.setCapabilityID(createOidType(new ASN1ObjectIdentifier("1.2.840.113549.3.2"), "RC2-CBC")); cap.setParameters(new org.xipki.pki.ca.certprofile.x509.jaxb.SMIMECapability.Parameters()); cap.getParameters().setInteger(BigInteger.valueOf(128)); // RC2-CBC keysize 64 cap = new SMIMECapability(); caps.getSMIMECapability().add(cap); cap.setCapabilityID(createOidType(new ASN1ObjectIdentifier("1.2.840.113549.3.2"), "RC2-CBC")); cap.setParameters(new org.xipki.pki.ca.certprofile.x509.jaxb.SMIMECapability.Parameters()); Base64BinaryWithDescType binary = new Base64BinaryWithDescType(); try { binary.setValue(new ASN1Integer(64).getEncoded()); binary.setDescription("INTEGER 64"); } catch (IOException ex) { throw new RuntimeException(ex.getMessage()); } cap.getParameters().setBase64Binary(binary); return createExtensionValueType(caps); }
From source file:org.xipki.pki.ca.certprofile.XmlX509Certprofile.java
License:Open Source License
private void initInhibitAnyPolicy(ExtensionsType extensionsType) throws CertprofileException { ASN1ObjectIdentifier type = Extension.inhibitAnyPolicy; if (!extensionControls.containsKey(type)) { return;/*from w ww . java 2 s. c om*/ } InhibitAnyPolicy extConf = (InhibitAnyPolicy) getExtensionValue(type, extensionsType, InhibitAnyPolicy.class); if (extConf == null) { return; } int skipCerts = extConf.getSkipCerts(); if (skipCerts < 0) { throw new CertprofileException("negative inhibitAnyPolicy.skipCerts is not allowed: " + skipCerts); } ASN1Integer value = new ASN1Integer(BigInteger.valueOf(skipCerts)); this.inhibitAnyPolicy = new ExtensionValue(extensionControls.get(type).isCritical(), value); }