List of usage examples for org.bouncycastle.asn1 ASN1Integer ASN1Integer
public ASN1Integer(byte[] bytes)
From source file:es.gob.afirma.signers.pkcs7.SignedAndEnvelopedData.java
License:Open Source License
/** Crea un objecto CMS SignedAndEnvelopedData. * @param recipientInfos RecipientInfo//from w ww.j a va 2 s.c om * @param digestAlgorithms ALgoritmos de huella digital * @param encryptedContentInfo EncryptedContentInfo * @param certificates Certificados * @param crls Listas de revoación de certificados * @param signerInfos SignerInfo */ public SignedAndEnvelopedData(final ASN1Set recipientInfos, final ASN1Primitive digestAlgorithms, final EncryptedContentInfo encryptedContentInfo, final ASN1Set certificates, final ASN1Set crls, final ASN1Set signerInfos) { this.version = new ASN1Integer(1); // Siempre 1 this.recipientInfos = recipientInfos; this.digestAlgorithms = digestAlgorithms; this.encryptedContentInfo = encryptedContentInfo; this.certificates = certificates; this.crls = crls; this.signerInfos = signerInfos; }
From source file:eu.emi.security.authn.x509.helpers.proxy.ProxyCertInfoExtension.java
License:Open Source License
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); if (pathLen != Integer.MAX_VALUE) v.add(new ASN1Integer(pathLen)); if (policy != null) { v.add(policy.toASN1Primitive()); } else {/*from w ww.j a v a 2 s.c o m*/ throw new IllegalArgumentException( "Can't generate " + "ProxyCertInfoExtension without mandatory policy"); } return new DLSequence(v); }
From source file:eu.emi.security.authn.x509.helpers.proxy.X509v3CertificateBuilder.java
License:Open Source License
/** * Create a builder for a version 3 certificate. * //from w ww .jav a 2 s . c om * @param issuer the certificate issuer * @param serial the certificate serial number * @param notBefore the date before which the certificate is not valid * @param notAfter the date after which the certificate is not valid * @param subject the certificate subject * @param publicKeyInfo the info structure for the public key to be associated * with this certificate. */ public X509v3CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo) { tbsGen = new V3TBSCertificateGenerator(); tbsGen.setSubject(subject); tbsGen.setSerialNumber(new ASN1Integer(serial)); tbsGen.setIssuer(issuer); tbsGen.setStartDate(new Time(notBefore)); tbsGen.setEndDate(new Time(notAfter)); tbsGen.setSubject(subject); tbsGen.setSubjectPublicKeyInfo(publicKeyInfo); extGenerator = new ExtensionsGenerator(); }
From source file:it.nibbles.javacoin.keyfactory.ecc.KeyImpl.java
License:Open Source License
/** * Sign a block of data with this private key. * @param data The data to sign./*from w ww .j av a2 s . c o m*/ * @return The signature of the data compatible with Bitcoin specification. */ @Override public byte[] sign(byte[] data) throws VerificationException { // Bitcoin wiki specifies signature to be produced by EC-DSA, so init ECDSASigner signer = new ECDSASigner(); signer.init(true, new ECPrivateKeyParameters(privateKey, domainParameters)); // Sign BigInteger[] signature = signer.generateSignature(data); // As per specification signatures must be DER encoded, and both components // must be concatenated. Luckily bouncycastle provides that also. try { ByteArrayOutputStream byteOutput = new ByteArrayOutputStream(); DERSequenceGenerator derOutput = new DERSequenceGenerator(byteOutput); derOutput.addObject(new ASN1Integer(signature[0])); derOutput.addObject(new ASN1Integer(signature[1])); derOutput.close(); return byteOutput.toByteArray(); } catch (IOException e) { throw new VerificationException("could not encode signature to DER stream", e); } }
From source file:it.scoppelletti.spaceship.security.FakeCertificateFactory.java
License:Apache License
@SuppressWarnings({ "deprecation", "TryFinallyCanBeTryWithResources" })
public static X509Certificate create(PublicKey publicKey, FakeKeyPairGeneratorSpec spec)
throws IOException, CertificateParsingException {
ASN1ObjectIdentifier sigAlgOid;/*w w w .j a v a2s . c o m*/
AlgorithmIdentifier sigAlgId;
org.bouncycastle.jce.X509Principal subject;
ASN1EncodableVector result;
Certificate cert;
org.bouncycastle.jce.provider.X509CertificateObject x509Cert;
TBSCertificate tbsCertificate;
ASN1InputStream publicKeyInfoIn = null;
V3TBSCertificateGenerator tbsGenerator;
byte[] signature;
sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
signature = new byte[1];
tbsGenerator = new V3TBSCertificateGenerator();
try {
publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded());
tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
} finally {
if (publicKeyInfoIn != null) {
publicKeyInfoIn.close();
}
}
subject = new org.bouncycastle.jce.X509Principal(spec.getSubject().getEncoded());
tbsGenerator.setSerialNumber(new ASN1Integer(spec.getSerialNumber()));
tbsGenerator.setSubject(subject);
tbsGenerator.setIssuer(subject);
tbsGenerator.setStartDate(new Time(spec.getStartDate()));
tbsGenerator.setEndDate(new Time(spec.getEndDate()));
tbsGenerator.setSignature(sigAlgId);
tbsCertificate = tbsGenerator.generateTBSCertificate();
result = new ASN1EncodableVector();
result.add(tbsCertificate);
result.add(sigAlgId);
result.add(new DERBitString(signature));
cert = Certificate.getInstance(new DERSequence(result));
x509Cert = new org.bouncycastle.jce.provider.X509CertificateObject(cert);
return x509Cert;
}
From source file:mitm.common.security.asn1.ASN1Encoder.java
License:Open Source License
/** * Taken from org.bouncycastle.jce.provider.PKIXCertPath. * //from w w w. j av a2 s. c om * See ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-7.asc for info on PKCS#7 encoding */ public static byte[] encodePKCS7(ASN1EncodableVector certificatesVector, ASN1EncodableVector crlsVector) throws IOException { ContentInfo dataContentInfo = new ContentInfo(PKCSObjectIdentifiers.data, null); ASN1Integer version = new ASN1Integer(1); ASN1Set digestAlgorithms = new DERSet(); ASN1Set signerInfos = new DERSet(); ASN1Set crls = null; ASN1Set certificates = null; if (certificatesVector != null) { /* * pre-sort the asn1Certificates vector with a much faster method then DERSet uses */ ASN1EncodableVector sortedASN1Certificates = DERUtils.sortASN1EncodableVector(certificatesVector); certificates = new DERSet(sortedASN1Certificates); } if (crlsVector != null) { /* * pre-sort the asn1Certificates vector with a much faster method then DERSet uses */ ASN1EncodableVector sortedASN1CRLs = DERUtils.sortASN1EncodableVector(crlsVector); crls = new DERSet(sortedASN1CRLs); } SignedData signedData = new SignedData(version, digestAlgorithms, dataContentInfo, certificates, crls, signerInfos); ContentInfo signedContentInfo = new ContentInfo(PKCSObjectIdentifiers.signedData, signedData); return DERUtils.toByteArray(signedContentInfo); }
From source file:net.jsign.asn1.authenticode.AuthenticodeSignedData.java
License:Apache License
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(1)); v.add(new DERSet(digestAlgorithm)); v.add(contentInfo);//w w w .j a v a 2s. c o m if (certificates != null) { v.add(new DERTaggedObject(false, 0, certificates)); } v.add(new DERSet(signerInformation)); return new BERSequence(v); }
From source file:net.ripe.rpki.commons.crypto.cms.manifest.ManifestCmsBuilder.java
License:BSD License
/** * Note: in DER encoding a field with a value equal to its default should * NOT be encoded. So the version field should not be present. *//*from ww w . j av a 2 s. co m*/ ASN1Encodable encodeManifest() { ASN1Encodable[] seq = { new ASN1Integer(number), new ASN1GeneralizedTime(thisUpdateTime.toDate()), new ASN1GeneralizedTime(nextUpdateTime.toDate()), new ASN1ObjectIdentifier(ManifestCms.FILE_HASH_ALGORITHM), encodeFileList() }; return new DERSequence(seq); }
From source file:net.ripe.rpki.commons.crypto.cms.roa.RoaCmsBuilder.java
License:BSD License
/** * <pre>// w w w. j av a2 s . c om * ROAIPAddress ::= SEQUENCE { * address IPAdress, * maxLength INTEGER OPTIONAL } * </pre> */ ASN1Object encodeRoaIpAddress(RoaPrefix prefix) { DERBitString address = Asn1Util.resourceToBitString(prefix.getPrefix().getStart(), prefix.getPrefix().getPrefixLength()); ASN1Encodable[] encodables; if (prefix.getMaximumLength() == null) { encodables = new ASN1Encodable[] { address }; } else { encodables = new ASN1Encodable[] { address, new ASN1Integer(prefix.getMaximumLength()) }; } return new DERSequence(encodables); }
From source file:net.ripe.rpki.commons.crypto.cms.roa.RoaCmsBuilder.java
License:BSD License
/** * <pre>/*from ww w .j a va 2s . c o m*/ * RouteOriginAttestation ::= SEQUENCE { * version [0] INTEGER DEFAULT 0, * asID ASID, * ipAddrBlocks SEQUENCE OF ROAIPAddressFamily } * * ASID ::= INTEGER * </pre> * <p/> * Note: in DER encoding a field with a value equal to its default should * NOT be encoded. So the version field should not be present. */ ASN1Encodable encodeRouteOriginAttestation(Asn asn, List<RoaPrefix> prefixes) { ASN1Encodable[] encodables = { new ASN1Integer(asn.getValue()), encodeRoaIpAddressFamilySequence(prefixes) }; return new DERSequence(encodables); }