List of usage examples for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers rsaEncryption
ASN1ObjectIdentifier rsaEncryption
To view the source code for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers rsaEncryption.
Click Source Link
From source file:ca.trustpoint.m2m.M2mCertPathValidatorTest.java
License:Apache License
@BeforeClass public static void initializeTests() throws Exception { Security.addProvider(new BouncyCastleProvider()); KeyAlgorithmDefinition caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); Date validFrom = new Date((new BigInteger(Hex.decode("5797C511"))).longValue() * 1000); int validDuration = (new BigInteger(Hex.decode("01E13380"))).intValue(); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); KeyAlgorithmDefinition pkAlgorithm = new KeyAlgorithmDefinition(); pkAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); X962Parameters keyParams = new X962Parameters(SECObjectIdentifiers.secp521r1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); SubjectPublicKeyInfo publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("040078EF059D605AB85B6A25A6EF31A1A73A632D3CB04DC606A8CA0B5823966168CFAF6131D8D9B5" + "3F6BDF6B62946EC4B41D618FA3FF7F8BBFACBFD4F64FE3C33DA9D200A47AE528DC50B6F3876D7F5B" + "A3C082D9927751E1A8C4F934D90942B35C57DFE311B2663E8D0187AD4EDE31BF9CD2AD8317107360" + "522FDB6975AB2CD66DC029981F")); PublicKey publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); byte[] signature = Hex .decode("3081880242014F15CAF8EF38626B2C7CFA85B9544E028668290CADB45F62E2153EAAF5A9D51AF5BF0D02" + "F2C057D3856B5CBFB3529C25B8481405924039FA612D422AE9A1A85591024201868D3DFE5FC2BEDD2F74" + "68B0B17ED2708E76CD0D37C44F4D0BB88693752046FCFC56D9818B32533B8992923C2C81499400AC44FB" + "BECD6324D8AE1DD41EC73A0B2A"); rootCertificate.setSerialNumber(new byte[] { 0x02 }); rootCertificate.setCaKeyDefinition(caAlgorithm); rootCertificate.setIssuer(issuer);/* ww w.j a v a 2s. c o m*/ rootCertificate.setValidFrom(validFrom); rootCertificate.setValidDuration(validDuration); rootCertificate.setSubject(subject); rootCertificate.setPublicKeyDefinition(pkAlgorithm); rootCertificate.setPublicKey(publicKey); rootCertificate.setCaCalcValue(signature); caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); validFrom = new Date((new BigInteger(Hex.decode("57990E5F"))).longValue() * 1000); validDuration = (new BigInteger(Hex.decode("03C26700"))).intValue(); subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MyIssuer")); pkAlgorithm = new KeyAlgorithmDefinition(); pkAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); keyParams = new X962Parameters(SECObjectIdentifiers.secp256r1); algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("0461591E779EE482541CF63EF2A0709D3D04CEBE1F621D4764EFECC4FF374864305E3742DAB2690E" + "889B84906A7D2EAB444B9E03B546393BFCF9B2B3B87658C6FA")); publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); signature = Hex .decode("3081870242016A8F50899193BD85FF36965129F86F64290B64FAD40E755CA367D31B3484F2A5552DDAB0" + "5B1246304CFC4164E29950D56DEA04BB4D9A3D489E07106D1D3F34669D0241631ED08CD7EEAFE6114189" + "53C64F1A6097B45D1ABB5FB9390A3CEAEDAB3C47FF3E7A1A754E1E0D53B2C2FEE90EB14EBDA0B4F15260" + "C375FFC1868A7569B505FF08"); issuerCertificate.setSerialNumber(new byte[] { 0x65 }); issuerCertificate.setCaKeyDefinition(caAlgorithm); issuerCertificate.setIssuer(issuer); issuerCertificate.setValidFrom(validFrom); issuerCertificate.setValidDuration(validDuration); issuerCertificate.setSubject(subject); issuerCertificate.setPublicKeyDefinition(pkAlgorithm); issuerCertificate.setPublicKey(publicKey); issuerCertificate.setCaCalcValue(signature); caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MyIssuer")); validFrom = new Date((new BigInteger(Hex.decode("57A26BCC"))).longValue() * 1000); validDuration = (new BigInteger(Hex.decode("03C26700"))).intValue(); subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MySigner")); keyParams = new X962Parameters(SECObjectIdentifiers.secp256r1); algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("0463C779CFF44EB3C97D7CDF9AB3AD9A6ED0DCB6F3F1A3155DF674109A3AAD0A757FCAF2F01E53CD" + "ED25707ADC38C2271E90BB554DB4ED47B65B25BB478E9E3BF8")); publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); signature = Hex .decode("3045022100CBD969EEEB637A03D60B3271BD7320E7A3DDA1B1EF014E641F6C32BF897EEAC6022030FF7F" + "FD3A59C9B16F2F335716B47402A3CFF3EE667767A89017D218203CD66E"); signerCertificate.setSerialNumber(new byte[] { 0x68 }); signerCertificate.setCaKeyDefinition(caAlgorithm); signerCertificate.setIssuer(issuer); signerCertificate.setValidFrom(validFrom); signerCertificate.setValidDuration(validDuration); signerCertificate.setSubject(subject); signerCertificate.setPublicKey(publicKey); signerCertificate.setCaCalcValue(signature); caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(NfcSignatureAlgorithmOids.RSA_SHA256_RSA); issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Country, "US")); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Organization, "NFC Forum Test RSA CA")); validFrom = new Date((new BigInteger(Hex.decode("5418AEDA"))).longValue() * 1000); validDuration = (new BigInteger(Hex.decode("05A497A0"))).intValue(); subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Country, "US")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.StateOrProvince, "UT")); subject.addAttribute( new EntityNameAttribute(EntityNameAttributeId.Organization, "NFC Forum RSA Test M2M EE 1")); algId = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERSet(DERNull.INSTANCE)); publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("3082010A0282010100E93D3E174F587784C53A4B01C05D2F73CFEC22CCCD1FBCF1B1C5B49A118CE6" + "B323640F28DFE1D5882FAFAEFDE9BB9A20347C44347D69F431AEEF5788D2EAE2131E49E3B9FD6A94" + "BCE34AFCF88C603BAA8EADBC5E6BC558D1459064F9FF6F6157C472739E90B9A312A5DE67176A03FB" + "A77981A6F89F1CA9C0733C67797ED6DB766FC99ABEE0C8D3641D69A9C6FD1E6F33CEE29344374146" + "E9A8E3CB141163798FDD9217CF58D93E836EA735D5A7F642F203DE097C1623EB855AB72D81330014" + "26163E671C747DB54629C0EAF37342CF16923FCAD53B5CAF2CECCB3876853CE003C3753FA72C1F39" + "9A9B5FA7A232792FBE38C995B55B9D105F3C0AC536D841068B0203010001")); publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); signature = Hex.decode("B6A683AF9B20715210CA38D0DAA647F48270DBF67EDF3E043BFBD02265A035540D50540F877179D6" + "1349B9F872AFA41646835F8353CF90049551941B89D79B3FC61B1AADE00E8BA474A4342BDAACA5CD" + "28AFC9DD7C505127857224D0278A6E5C9AC4344B3FA36B7FD6E5E54D4D92FBCD717AD4D2FE73C2E6" + "2219D6A097970BB4F956AAA948501E4083137992EEBCFA41308687F36DBE8CEC54579C76DE4DE54A" + "1D6E007AD22F83BEE86CDEF39A37B4BCCD71D5B0A364C258B94D0B953DC3DA5637874157C3AD7CEC" + "3367F3075FA1D8939B27F4062DFBE436F871AECDC6D2A3098793A1212ED192F6B128648FFE764C4D" + "3176D64E6594DB295400465395781A37"); rsaTestCertificate.setSerialNumber(Hex.decode("034F3F184941B948A47F3D59EE625F09")); rsaTestCertificate.setCaKeyDefinition(caAlgorithm); rsaTestCertificate.setIssuer(issuer); rsaTestCertificate.setValidFrom(validFrom); rsaTestCertificate.setValidDuration(validDuration); rsaTestCertificate.setSubject(subject); rsaTestCertificate.setPublicKey(publicKey); rsaTestCertificate.setKeyUsage(new KeyUsage((byte) 0xA0)); rsaTestCertificate.setExtendedKeyUsage("2.16.840.1.114513.29.37"); rsaTestCertificate.setCrlDistributionPointUri(new URI("http://crl.nfctest.example.com/nfctestrsaca.crl")); rsaTestCertificate.setCaCalcValue(signature); CertificateFactory x509Factory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME); FileInputStream fileInput = new FileInputStream("testdata/digicert_batch_2/NFC Forum Test RSA CA.cer"); x509Ca = (X509Certificate) x509Factory.generateCertificate(fileInput); fileInput.close(); }
From source file:com.github.autermann.sockets.ssl.SSLUtils.java
License:Apache License
private static PrivateKey createPrivateKey(PemObject privatePemObject) throws IOException, InvalidKeySpecException, NoSuchAlgorithmException { AlgorithmIdentifier algId = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE); RSAPrivateKey instance = RSAPrivateKey.getInstance(privatePemObject.getContent()); PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo(algId, instance); return createKeyFromDER(privateKeyInfo.toASN1Primitive().getEncoded()); }
From source file:com.raphfrk.craftproxyclient.net.protocol.p16x.P16xProtocol.java
License:Open Source License
public byte[] encodeRSAPublicKey(RSAKeyParameters key) { if (((RSAKeyParameters) key).isPrivate()) { return null; }//from w w w . java 2 s . c o m RSAKeyParameters rsaKey = (RSAKeyParameters) key; ASN1EncodableVector encodable = new ASN1EncodableVector(); encodable.add(new ASN1Integer(rsaKey.getModulus())); encodable.add(new ASN1Integer(rsaKey.getExponent())); return KeyUtil.getEncodedSubjectPublicKeyInfo( new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new DERSequence(encodable)); }
From source file:net.jradius.client.auth.EAPTLSAuthenticator.java
License:Open Source License
/** * Create a private key parameter from the passed in PKCS8 PrivateKeyInfo object. * /*from ww w . java 2 s. co m*/ * @param keyInfo the PrivateKeyInfo object containing the key material * @return a suitable private key parameter * @throws IOException on an error decoding the key */ public static AsymmetricKeyParameter createKey(PrivateKeyInfo keyInfo) throws IOException { AlgorithmIdentifier algId = keyInfo.getAlgorithmId(); if (algId.getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption)) { RSAPrivateKeyStructure keyStructure = new RSAPrivateKeyStructure( (ASN1Sequence) keyInfo.getPrivateKey()); return new RSAPrivateCrtKeyParameters(keyStructure.getModulus(), keyStructure.getPublicExponent(), keyStructure.getPrivateExponent(), keyStructure.getPrime1(), keyStructure.getPrime2(), keyStructure.getExponent1(), keyStructure.getExponent2(), keyStructure.getCoefficient()); } else if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement)) { DHParameter params = new DHParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters()); DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); BigInteger lVal = params.getL(); int l = lVal == null ? 0 : lVal.intValue(); DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l); return new DHPrivateKeyParameters(derX.getValue(), dhParams); } else if (algId.getObjectId().equals(OIWObjectIdentifiers.elGamalAlgorithm)) { ElGamalParameter params = new ElGamalParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters()); DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(params.getP(), params.getG())); } else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa)) { DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); DEREncodable de = keyInfo.getAlgorithmId().getParameters(); DSAParameters parameters = null; if (de != null) { DSAParameter params = DSAParameter.getInstance(de.getDERObject()); parameters = new DSAParameters(params.getP(), params.getQ(), params.getG()); } return new DSAPrivateKeyParameters(derX.getValue(), parameters); } else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_ecPublicKey)) { X962Parameters params = new X962Parameters((DERObject) keyInfo.getAlgorithmId().getParameters()); ECDomainParameters dParams = null; if (params.isNamedCurve()) { DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters(); X9ECParameters ecP = X962NamedCurves.getByOID(oid); if (ecP == null) { ecP = SECNamedCurves.getByOID(oid); if (ecP == null) { ecP = NISTNamedCurves.getByOID(oid); if (ecP == null) { ecP = TeleTrusTNamedCurves.getByOID(oid); } } } dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed()); } else { X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters()); dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed()); } ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) keyInfo.getPrivateKey()); return new ECPrivateKeyParameters(ec.getKey(), dParams); } else { throw new RuntimeException("algorithm identifier in key not recognised"); } }
From source file:org.globus.cog.security.cert.request.BouncyCastleOpenSSLKey.java
License:Open Source License
protected PrivateKey getKey(String alg, byte[] data) throws GeneralSecurityException { if (alg.equals("RSA")) { try {//from www .java2 s . c o m ByteArrayInputStream bis = new ByteArrayInputStream(data); DERInputStream derin = new DERInputStream(bis); DERObject keyInfo = derin.readObject(); DERObjectIdentifier rsa_oid = PKCSObjectIdentifiers.rsaEncryption; AlgorithmIdentifier rsa = new AlgorithmIdentifier(rsa_oid); PrivateKeyInfo pkeyinfo = new PrivateKeyInfo(rsa, keyInfo); DERObject derkey = pkeyinfo.getDERObject(); byte[] keyData = BouncyCastleUtil.toByteArray(derkey); // The DER object needs to be mangled to // create a proper ProvateKeyInfo object PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyData); KeyFactory kfac = KeyFactory.getInstance("RSA"); return kfac.generatePrivate(spec); } catch (IOException e) { // that should never happen return null; } } else { return null; } }
From source file:org.globus.gsi.bc.BouncyCastleOpenSSLKey.java
License:Apache License
protected PrivateKey getKey(String alg, byte[] data) throws GeneralSecurityException { if (alg.equals("RSA")) { try {/*from ww w .java 2 s. c om*/ if (data.length == 0) { throw new GeneralSecurityException("Cannot process empty byte stream."); } ByteArrayInputStream bis = new ByteArrayInputStream(data); ASN1InputStream derin = new ASN1InputStream(bis); ASN1Primitive keyInfo = derin.readObject(); ASN1ObjectIdentifier rsaOid = PKCSObjectIdentifiers.rsaEncryption; AlgorithmIdentifier rsa = new AlgorithmIdentifier(rsaOid); PrivateKeyInfo pkeyinfo = new PrivateKeyInfo(rsa, keyInfo); ASN1Primitive derkey = pkeyinfo.toASN1Primitive(); byte[] keyData = BouncyCastleUtil.toByteArray(derkey); // The DER object needs to be mangled to // create a proper ProvateKeyInfo object PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyData); KeyFactory kfac = KeyFactory.getInstance("RSA"); return kfac.generatePrivate(spec); } catch (IOException e) { // that should never happen return null; } } else { return null; } }
From source file:org.globus.security.bc.BouncyCastleOpenSSLKey.java
License:Apache License
protected PrivateKey getKey(String alg, byte[] data) throws GeneralSecurityException { if (alg.equals("RSA")) { try {/*from ww w. j a v a 2 s.c o m*/ if (data.length == 0) { throw new GeneralSecurityException("Cannot process empty byte stream."); } ByteArrayInputStream bis = new ByteArrayInputStream(data); ASN1InputStream derin = new ASN1InputStream(bis); DERObject keyInfo = derin.readObject(); DERObjectIdentifier rsaOid = PKCSObjectIdentifiers.rsaEncryption; AlgorithmIdentifier rsa = new AlgorithmIdentifier(rsaOid); PrivateKeyInfo pkeyinfo = new PrivateKeyInfo(rsa, keyInfo); DERObject derkey = pkeyinfo.getDERObject(); byte[] keyData = BouncyCastleUtil.toByteArray(derkey); // The DER object needs to be mangled to // create a proper ProvateKeyInfo object PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyData); KeyFactory kfac = KeyFactory.getInstance("RSA"); return kfac.generatePrivate(spec); } catch (IOException e) { // that should never happen return null; } } else { return null; } }
From source file:org.icepdf.core.pobjects.acroform.signature.Pkcs1Validator.java
License:Apache License
public void init() throws SignatureIntegrityException { SignatureDictionary signatureDictionary = signatureFieldDictionary.getSignatureDictionary(); announceSignatureType(signatureDictionary); // start the decode of the raw type. StringObject stringObject = signatureDictionary.getContents(); // make sure we don't loose any bytes converting the string in the raw. byte[] cmsData = Utils.convertByteCharSequenceToByteArray(stringObject.getLiteralString()); // get the certificate stringObject = signatureDictionary.getCertString(); // make sure we don't loose any bytes converting the string in the raw. byte[] certsKey = Utils.convertByteCharSequenceToByteArray(stringObject.getLiteralString()); try {// w w w . jav a 2 s . com X509CertParser x509CertParser = new X509CertParser(); x509CertParser.engineInit(new ByteArrayInputStream(certsKey)); certificateChain = x509CertParser.engineReadAll(); signerCertificate = (X509Certificate) certificateChain.iterator().next(); // content data is encrypted using the cert above. ASN1InputStream asn1InputStream = new ASN1InputStream(new ByteArrayInputStream(cmsData)); ASN1Primitive tmp = asn1InputStream.readObject(); messageDigest = ((ASN1OctetString) tmp).getOctets(); String provider = signatureDictionary.getFilter().getName(); digestAlgorithmIdentifier = OIWObjectIdentifiers.idSHA1.getId(); signatureAlgorithmIdentifier = PKCSObjectIdentifiers.rsaEncryption.getId(); // basic creation and public key check which should throw any format errors. createSignature(signerCertificate.getPublicKey(), provider, signatureAlgorithmIdentifier, digestAlgorithmIdentifier); // Use RSA/ECB/NoPadding do decrypt the message digest Cipher asymmetricCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); // initialize your cipher asymmetricCipher.init(Cipher.DECRYPT_MODE, signerCertificate.getPublicKey()); // assuming, cipherText is a byte array containing your encrypted message messageDigest = asymmetricCipher.doFinal(messageDigest); // trim the padding bytes if (messageDigest.length > 20) { // You can create the ASN.1 BER encoding of an MD5, SHA-1, or SHA-256 value by prepending these strings to // the 16-byte or 20-byte hash values, respectively: // We always assume sha1 which is: // ref: sha1 : X'30213009 06052B0E 03021A05 000414' // ref: SHA-256: X'3031300D 06096086 48016503 04020105 000420' // ref: MD5: X'3020300C 06082A86 4886F70D 02050500 0410' byte[] trunkedMD = new byte[20]; System.arraycopy(messageDigest, 15, trunkedMD, 0, 20); messageDigest = trunkedMD; } } catch (Exception e) { throw new SignatureIntegrityException(e); } initialized = true; }
From source file:org.jruby.ext.openssl.impl.pem.MiscPEMGenerator.java
License:Open Source License
private PemObject createPemObject(Object o) throws IOException { String type;// ww w. j a va2 s . c om byte[] encoding; if (o instanceof PemObject) { return (PemObject) o; } if (o instanceof PemObjectGenerator) { return ((PemObjectGenerator) o).generate(); } if (o instanceof X509CertificateHolder) { type = "CERTIFICATE"; encoding = ((X509CertificateHolder) o).getEncoded(); } else if (o instanceof X509CRLHolder) { type = "X509 CRL"; encoding = ((X509CRLHolder) o).getEncoded(); } else if (o instanceof PrivateKeyInfo) { PrivateKeyInfo info = (PrivateKeyInfo) o; ASN1ObjectIdentifier algOID = info.getPrivateKeyAlgorithm().getAlgorithm(); if (algOID.equals(PKCSObjectIdentifiers.rsaEncryption)) { type = "RSA PRIVATE KEY"; encoding = info.parsePrivateKey().toASN1Primitive().getEncoded(); } else if (algOID.equals(dsaOids[0]) || algOID.equals(dsaOids[1])) { type = "DSA PRIVATE KEY"; DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters()); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(BigInteger.ZERO)); v.add(new ASN1Integer(p.getP())); v.add(new ASN1Integer(p.getQ())); v.add(new ASN1Integer(p.getG())); BigInteger x = ASN1Integer.getInstance(info.parsePrivateKey()).getValue(); BigInteger y = p.getG().modPow(x, p.getP()); v.add(new ASN1Integer(y)); v.add(new ASN1Integer(x)); encoding = new DERSequence(v).getEncoded(); } else if (algOID.equals(X9ObjectIdentifiers.id_ecPublicKey)) { type = "EC PRIVATE KEY"; encoding = info.parsePrivateKey().toASN1Primitive().getEncoded(); } else { throw new IOException("Cannot identify private key"); } } else if (o instanceof SubjectPublicKeyInfo) { type = "PUBLIC KEY"; encoding = ((SubjectPublicKeyInfo) o).getEncoded(); } else if (o instanceof X509AttributeCertificateHolder) { type = "ATTRIBUTE CERTIFICATE"; encoding = ((X509AttributeCertificateHolder) o).getEncoded(); } else if (o instanceof PKCS10CertificationRequest) { type = "CERTIFICATE REQUEST"; encoding = ((PKCS10CertificationRequest) o).getEncoded(); } else if (o instanceof ContentInfo) { type = "PKCS7"; encoding = ((ContentInfo) o).getEncoded(); } // // NOTE: added behaviour to provide backwards compatibility with 1.47 : // else if (o instanceof java.security.cert.X509Certificate) // 1.47 compatibility { type = "CERTIFICATE"; try { encoding = ((java.security.cert.X509Certificate) o).getEncoded(); } catch (CertificateEncodingException e) { throw new PemGenerationException("Cannot encode object: " + e.toString()); } } else if (o instanceof java.security.cert.X509CRL) // 1.47 compatibility { type = "X509 CRL"; try { encoding = ((java.security.cert.X509CRL) o).getEncoded(); } catch (CRLException e) { throw new PemGenerationException("Cannot encode object: " + e.toString()); } } else if (o instanceof java.security.KeyPair) // 1.47 compatibility { return createPemObject(((java.security.KeyPair) o).getPrivate()); } else if (o instanceof java.security.PrivateKey) // 1.47 compatibility { PrivateKeyInfo info = new PrivateKeyInfo( (ASN1Sequence) ASN1Primitive.fromByteArray(((java.security.Key) o).getEncoded())); if (o instanceof java.security.interfaces.RSAPrivateKey) { type = "RSA PRIVATE KEY"; encoding = info.parsePrivateKey().toASN1Primitive().getEncoded(); } else if (o instanceof java.security.interfaces.DSAPrivateKey) { type = "DSA PRIVATE KEY"; DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters()); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERInteger(0)); v.add(new DERInteger(p.getP())); v.add(new DERInteger(p.getQ())); v.add(new DERInteger(p.getG())); BigInteger x = ((java.security.interfaces.DSAPrivateKey) o).getX(); BigInteger y = p.getG().modPow(x, p.getP()); v.add(new DERInteger(y)); v.add(new DERInteger(x)); encoding = new DERSequence(v).getEncoded(); } else if (((java.security.PrivateKey) o).getAlgorithm().equals("ECDSA")) { type = "EC PRIVATE KEY"; encoding = info.parsePrivateKey().toASN1Primitive().getEncoded(); } else { throw new IOException("Cannot identify private key"); } } else if (o instanceof java.security.PublicKey) // 1.47 compatibility { type = "PUBLIC KEY"; encoding = ((java.security.PublicKey) o).getEncoded(); } else if (o instanceof X509AttributeCertificate) // 1.47 compatibility { type = "ATTRIBUTE CERTIFICATE"; encoding = ((X509AttributeCertificate) o).getEncoded(); } // // // else { throw new PemGenerationException("unknown object passed - can't encode."); } if (encryptor != null) // NEW STUFF (NOT IN OLD) { String dekAlgName = Strings.toUpperCase(encryptor.getAlgorithm()); // Note: For backward compatibility if (dekAlgName.equals("DESEDE")) { dekAlgName = "DES-EDE3-CBC"; } byte[] iv = encryptor.getIV(); byte[] encData = encryptor.encrypt(encoding); List<PemHeader> headers = new ArrayList<PemHeader>(2); headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED")); headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv))); return new PemObject(type, headers, encData); } return new PemObject(type, encoding); }
From source file:org.spout.api.security.SecurityHandler.java
License:Open Source License
public byte[] encodeKey(CipherParameters key) { if (!(key instanceof RSAKeyParameters)) { return null; }/*from w w w. j a v a2 s .c o m*/ if (((RSAKeyParameters) key).isPrivate()) { return null; } RSAKeyParameters rsaKey = (RSAKeyParameters) key; ASN1EncodableVector encodable = new ASN1EncodableVector(); encodable.add(new ASN1Integer(rsaKey.getModulus())); encodable.add(new ASN1Integer(rsaKey.getExponent())); return KeyUtil.getEncodedSubjectPublicKeyInfo( new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new DERSequence(encodable)); }