List of usage examples for org.bouncycastle.asn1 ASN1Integer getPositiveValue
public BigInteger getPositiveValue()
From source file:de.tsenger.animamea.asn1.AmECPublicKey.java
License:Open Source License
/** Returns cofactor f * @return/*from w ww.j a va 2 s. c o m*/ */ public BigInteger getF() { if (f == null) return null; ASN1Integer derInt = ASN1Integer.getInstance(f, false); return derInt.getPositiveValue(); }
From source file:de.tsenger.animamea.asn1.AmRSAPublicKey.java
License:Open Source License
@Override public BigInteger getModulus() { if (n == null) return null; ASN1Integer derInt = (ASN1Integer) n.getObjectParser(BERTags.INTEGER, false); return derInt.getPositiveValue(); }
From source file:de.tsenger.animamea.asn1.AmRSAPublicKey.java
License:Open Source License
@Override public BigInteger getPublicExponent() { if (e == null) return null; ASN1Integer derInt = (ASN1Integer) e.getObjectParser(BERTags.INTEGER, false); return derInt.getPositiveValue(); }
From source file:edu.tamu.tcat.crypto.bouncycastle.ASN1SeqKeyImpl.java
License:Apache License
private static PrivateKey decodeECKey(byte[] encodedKey) throws EncodingException { try {/*from w w w .j a v a 2 s . c o m*/ ECPrivateKey priv = ECPrivateKey.getInstance(encodedKey); ASN1Sequence parameters = (ASN1Sequence) priv.getParameters(); ASN1Integer version = (ASN1Integer) parameters.getObjectAt(0); if (version.getPositiveValue().intValue() != 1) throw new EncodingException("Only know how to decode version 1"); ASN1Sequence fieldId = (ASN1Sequence) parameters.getObjectAt(1); ASN1Encodable fieldType = fieldId.getObjectAt(0); ECField field; if (fieldType.toString().equals("1.2.840.10045.1.1")) { ASN1Integer primeObject = (ASN1Integer) fieldId.getObjectAt(1); field = new ECFieldFp(primeObject.getPositiveValue()); } else throw new EncodingException("Only know how to decode prime fields"); ASN1Sequence curveSeq = (ASN1Sequence) parameters.getObjectAt(2); ASN1OctetString a = (ASN1OctetString) curveSeq.getObjectAt(0); ASN1OctetString b = (ASN1OctetString) curveSeq.getObjectAt(1); EllipticCurve curve; if (curveSeq.size() > 2) { DERBitString seed = (DERBitString) curveSeq.getObjectAt(2); curve = new EllipticCurve(field, getInteger(a.getOctets()), getInteger(b.getOctets()), seed.getBytes()); } else curve = new EllipticCurve(field, getInteger(a.getOctets()), getInteger(b.getOctets())); ASN1OctetString gEncoded = (ASN1OctetString) parameters.getObjectAt(3); ECPoint g = ECPointUtil.decodePoint(curve, gEncoded.getOctets()); ASN1Integer n = (ASN1Integer) parameters.getObjectAt(4); ASN1Integer h = (ASN1Integer) parameters.getObjectAt(5); ECParameterSpec paramSpec = new ECParameterSpec(curve, g, n.getPositiveValue(), h.getPositiveValue().intValue()); ECPrivateKeySpec spec = new ECPrivateKeySpec(priv.getKey(), paramSpec); KeyFactory factory = KeyFactory.getInstance("EC", Activator.getDefault().getBouncyCastleProvider()); PrivateKey key = factory.generatePrivate(spec); return key; } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw new EncodingException("Failed decoding type [EC]", e); } }
From source file:net.ripe.rpki.commons.crypto.crl.X509Crl.java
License:BSD License
public BigInteger getNumber() { try {//from ww w . j a va2 s. co m byte[] extensionValue = getCrl().getExtensionValue(X509Extension.cRLNumber.getId()); if (extensionValue == null) { return null; } ASN1Integer number = (ASN1Integer) X509ExtensionUtil.fromExtensionValue(extensionValue); return number.getPositiveValue(); } catch (IOException e) { throw new X509CrlException("cannot get CRLNumber extension from CRL", e); } }
From source file:org.apache.poi.poifs.crypt.dsig.facets.XAdESXLSignatureFacet.java
License:Apache License
private BigInteger getCrlNumber(X509CRL crl) { try {/* w ww. j a va 2 s . c om*/ byte[] crlNumberExtensionValue = crl.getExtensionValue(Extension.cRLNumber.getId()); if (null == crlNumberExtensionValue) { return null; } @SuppressWarnings("resource") ASN1InputStream asn1InputStream = new ASN1InputStream(crlNumberExtensionValue); ASN1OctetString octetString = (ASN1OctetString) asn1InputStream.readObject(); byte[] octets = octetString.getOctets(); asn1InputStream = new ASN1InputStream(octets); ASN1Integer integer = (ASN1Integer) asn1InputStream.readObject(); BigInteger crlNumber = integer.getPositiveValue(); return crlNumber; } catch (Exception e) { throw new RuntimeException("I/O error: " + e.getMessage(), e); } }
From source file:org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.impl.RevocationRefs.java
License:Open Source License
/** * /*from w w w .ja v a2s. c o m*/ * * @param extract * CrlValidatedID from X509CRL * @return a CrlValidatedID * @throws NoSuchAlgorithmException * @throws CRLException */ private CrlValidatedID makeCrlValidatedID(X509CRL crl) throws NoSuchAlgorithmException, CRLException { Digest digest = DigestFactory.getInstance().factoryDefault(); digest.setAlgorithm(DigestAlgorithmEnum.SHA_256); OtherHashAlgAndValue otherHashAlgAndValue = new OtherHashAlgAndValue( new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256), new DEROctetString(digest.digest(crl.getEncoded()))); OtherHash hash = new OtherHash(otherHashAlgAndValue); BigInteger crlnumber; CrlIdentifier crlid; if (crl.getExtensionValue("2.5.29.20") != null) { ASN1Integer varASN1Integer = new ASN1Integer(crl.getExtensionValue("2.5.29.20")); crlnumber = varASN1Integer.getPositiveValue(); crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal().getName()), new DERUTCTime(crl.getThisUpdate()), crlnumber); } else { crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal().getName()), new DERUTCTime(crl.getThisUpdate())); } CrlValidatedID crlvid = new CrlValidatedID(hash, crlid); return crlvid; }
From source file:org.ebayopensource.fido.uaf.crypto.Asn1.java
License:Apache License
/** * DER - From byte[] to Big Integer rs/* w w w. j av a2 s .c o m*/ * UAF_ALG_SIGN_SECP256K1_ECDSA_SHA256_DER 0x06 DER [ITU-X690-2008] encoded * ECDSA signature [RFC5480] on the secp256k1 curve. I.e. a DER encoded * SEQUENCE { r INTEGER, s INTEGER } * * @param signature * @return * @throws IOException */ public static BigInteger[] decodeToBigIntegerArray(byte[] signature) throws IOException { ASN1InputStream decoder = new ASN1InputStream(signature); DLSequence seq = (DLSequence) decoder.readObject(); ASN1Integer r = (ASN1Integer) seq.getObjectAt(0); ASN1Integer s = (ASN1Integer) seq.getObjectAt(1); decoder.close(); BigInteger[] ret = new BigInteger[2]; ret[0] = r.getPositiveValue(); ret[1] = s.getPositiveValue(); return ret; }
From source file:org.xipki.ca.api.profile.x509.BaseX509Certprofile.java
License:Open Source License
@Override public SubjectPublicKeyInfo checkPublicKey(final SubjectPublicKeyInfo publicKey) throws BadCertTemplateException { Map<ASN1ObjectIdentifier, KeyParametersOption> keyAlgorithms = getKeyAlgorithms(); if (CollectionUtil.isEmpty(keyAlgorithms)) { return publicKey; }/* w ww . ja v a 2 s.co m*/ ASN1ObjectIdentifier keyType = publicKey.getAlgorithm().getAlgorithm(); if (keyAlgorithms.containsKey(keyType) == false) { throw new BadCertTemplateException("key type " + keyType.getId() + " is not permitted"); } KeyParametersOption keyParamsOption = keyAlgorithms.get(keyType); if (keyParamsOption instanceof AllowAllParametersOption) { return publicKey; } else if (keyParamsOption instanceof ECParamatersOption) { ECParamatersOption ecOption = (ECParamatersOption) keyParamsOption; // parameters ASN1Encodable algParam = publicKey.getAlgorithm().getParameters(); ASN1ObjectIdentifier curveOid; if (algParam instanceof ASN1ObjectIdentifier) { curveOid = (ASN1ObjectIdentifier) algParam; if (ecOption.allowsCurve(curveOid) == false) { throw new BadCertTemplateException("EC curve " + SecurityUtil.getCurveName(curveOid) + " (OID: " + curveOid.getId() + ") is not allowed"); } } else { throw new BadCertTemplateException("only namedCurve or implictCA EC public key is supported"); } // point encoding if (ecOption.getPointEncodings() != null) { byte[] keyData = publicKey.getPublicKeyData().getBytes(); if (keyData.length < 1) { throw new BadCertTemplateException("invalid publicKeyData"); } byte pointEncoding = keyData[0]; if (ecOption.getPointEncodings().contains(pointEncoding) == false) { throw new BadCertTemplateException("unaccepted EC point encoding " + pointEncoding); } } byte[] keyData = publicKey.getPublicKeyData().getBytes(); try { checkECSubjectPublicKeyInfo(curveOid, keyData); } catch (BadCertTemplateException e) { throw e; } catch (Exception e) { LOG.debug("populateFromPubKeyInfo", e); throw new BadCertTemplateException("invalid public key: " + e.getMessage()); } return publicKey; } else if (keyParamsOption instanceof RSAParametersOption) { RSAParametersOption rsaOption = (RSAParametersOption) keyParamsOption; ASN1Integer modulus; try { ASN1Sequence seq = ASN1Sequence.getInstance(publicKey.getPublicKeyData().getBytes()); modulus = ASN1Integer.getInstance(seq.getObjectAt(0)); } catch (IllegalArgumentException e) { throw new BadCertTemplateException("invalid publicKeyData"); } int modulusLength = modulus.getPositiveValue().bitLength(); if ((rsaOption.allowsModulusLength(modulusLength))) { return publicKey; } } else if (keyParamsOption instanceof DSAParametersOption) { DSAParametersOption dsaOption = (DSAParametersOption) keyParamsOption; ASN1Encodable params = publicKey.getAlgorithm().getParameters(); if (params == null) { throw new BadCertTemplateException("null Dss-Parms is not permitted"); } int pLength; int qLength; try { ASN1Sequence seq = ASN1Sequence.getInstance(params); ASN1Integer p = ASN1Integer.getInstance(seq.getObjectAt(0)); ASN1Integer q = ASN1Integer.getInstance(seq.getObjectAt(1)); pLength = p.getPositiveValue().bitLength(); qLength = q.getPositiveValue().bitLength(); } catch (IllegalArgumentException | ArrayIndexOutOfBoundsException e) { throw new BadCertTemplateException("illegal Dss-Parms"); } boolean match = dsaOption.allowsPLength(pLength); if (match) { match = dsaOption.allowsQLength(qLength); } if (match) { return publicKey; } } else { throw new RuntimeException("should not reach here, unknown KeyParametersOption " + keyParamsOption); } throw new BadCertTemplateException("the given publicKey is not permitted"); }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private void checkPublicKey(final SubjectPublicKeyInfo publicKey) throws BadCertTemplateException { if (CollectionUtil.isEmpty(keyAlgorithms)) { return;/*from w w w. j a v a 2 s . c om*/ } ASN1ObjectIdentifier keyType = publicKey.getAlgorithm().getAlgorithm(); if (keyAlgorithms.containsKey(keyType) == false) { throw new BadCertTemplateException("key type " + keyType.getId() + " is not permitted"); } KeyParametersOption keyParamsOption = keyAlgorithms.get(keyType); if (keyParamsOption instanceof AllowAllParametersOption) { return; } else if (keyParamsOption instanceof ECParamatersOption) { ECParamatersOption ecOption = (ECParamatersOption) keyParamsOption; // parameters ASN1Encodable algParam = publicKey.getAlgorithm().getParameters(); ASN1ObjectIdentifier curveOid; if (algParam instanceof ASN1ObjectIdentifier) { curveOid = (ASN1ObjectIdentifier) algParam; if (ecOption.allowsCurve(curveOid) == false) { throw new BadCertTemplateException("EC curve " + SecurityUtil.getCurveName(curveOid) + " (OID: " + curveOid.getId() + ") is not allowed"); } } else { throw new BadCertTemplateException("only namedCurve or implictCA EC public key is supported"); } // point encoding if (ecOption.getPointEncodings() != null) { byte[] keyData = publicKey.getPublicKeyData().getBytes(); if (keyData.length < 1) { throw new BadCertTemplateException("invalid publicKeyData"); } byte pointEncoding = keyData[0]; if (ecOption.getPointEncodings().contains(pointEncoding) == false) { throw new BadCertTemplateException("unaccepted EC point encoding " + pointEncoding); } } try { checkECSubjectPublicKeyInfo(curveOid, publicKey.getPublicKeyData().getBytes()); } catch (BadCertTemplateException e) { throw e; } catch (Exception e) { LOG.debug("populateFromPubKeyInfo", e); throw new BadCertTemplateException("invalid public key: " + e.getMessage()); } return; } else if (keyParamsOption instanceof RSAParametersOption) { RSAParametersOption rsaOption = (RSAParametersOption) keyParamsOption; ASN1Integer modulus; try { ASN1Sequence seq = ASN1Sequence.getInstance(publicKey.getPublicKeyData().getBytes()); modulus = ASN1Integer.getInstance(seq.getObjectAt(0)); } catch (IllegalArgumentException e) { throw new BadCertTemplateException("invalid publicKeyData"); } int modulusLength = modulus.getPositiveValue().bitLength(); if ((rsaOption.allowsModulusLength(modulusLength))) { return; } } else if (keyParamsOption instanceof DSAParametersOption) { DSAParametersOption dsaOption = (DSAParametersOption) keyParamsOption; ASN1Encodable params = publicKey.getAlgorithm().getParameters(); if (params == null) { throw new BadCertTemplateException("null Dss-Parms is not permitted"); } int pLength; int qLength; try { ASN1Sequence seq = ASN1Sequence.getInstance(params); ASN1Integer p = ASN1Integer.getInstance(seq.getObjectAt(0)); ASN1Integer q = ASN1Integer.getInstance(seq.getObjectAt(1)); pLength = p.getPositiveValue().bitLength(); qLength = q.getPositiveValue().bitLength(); } catch (IllegalArgumentException | ArrayIndexOutOfBoundsException e) { throw new BadCertTemplateException("illegal Dss-Parms"); } boolean match = dsaOption.allowsPLength(pLength); if (match) { match = dsaOption.allowsQLength(qLength); } if (match) { return; } } else { throw new RuntimeException("should not reach here, unknown keyParamsOption " + (keyParamsOption == null ? "null" : keyParamsOption.getClass().getName())); } throw new BadCertTemplateException("the given publicKey is not permitted"); }