/** * <pre> * CertifiedKeyPair ::= SEQUENCE { * certOrEncCert CertOrEncCert, * privateKey [0] EncryptedValue OPTIONAL, * -- see [CRMF] for comment on encoding * publicationInfo [1] PKIPublicationInfo OPTIONAL * } * </pre> * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(certOrEncCert); if (privateKey != null) { v.add(new DERTaggedObject(true, 0, privateKey)); } if (publicationInfo != null) { v.add(new DERTaggedObject(true, 1, publicationInfo)); } return new DERSequence(v); }
public static byte[] dsaSigPlainToX962(byte[] signature) throws XiSecurityException { ParamUtil.requireNonNull("signature", signature); if (signature.length % 2 != 0) { throw new XiSecurityException("signature.lenth must be even, but is odd"); } byte[] ba = new byte[signature.length / 2]; ASN1EncodableVector sigder = new ASN1EncodableVector(); System.arraycopy(signature, 0, ba, 0, ba.length); sigder.add(new ASN1Integer(new BigInteger(1, ba))); System.arraycopy(signature, ba.length, ba, 0, ba.length); sigder.add(new ASN1Integer(new BigInteger(1, ba))); DERSequence seq = new DERSequence(sigder); try { return seq.getEncoded(); } catch (IOException ex) { throw new XiSecurityException("IOException, message: " + ex.getMessage(), ex); } }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); if (null != this.crlVals) { v.add(new DERTaggedObject(true, 0, this.crlVals)); } if (null != this.ocspVals) { v.add(new DERTaggedObject(true, 1, this.ocspVals)); } if (null != this.otherRevVals) { v.add(new DERTaggedObject(true, 2, this.otherRevVals.toASN1Primitive())); } return new DERSequence(v); }
public NetscapeCertRequest( String challenge, AlgorithmIdentifier signing_alg, PublicKey pub_key) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException { this.challenge = challenge; sigAlg = signing_alg; pubkey = pub_key; ASN1EncodableVector content_der = new ASN1EncodableVector(); content_der.add(getKeySpec()); //content_der.add(new SubjectPublicKeyInfo(sigAlg, new RSAPublicKeyStructure(pubkey.getModulus(), pubkey.getPublicExponent()).getDERObject())); content_der.add(new DERIA5String(challenge)); try { content = new DERBitString(new DERSequence(content_der)); } catch (IOException e) { throw new InvalidKeySpecException("exception encoding key: " + e.toString()); } }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector seqOfPSh = new ASN1EncodableVector(); ASN1EncodableVector seqOfPSw = new ASN1EncodableVector(); ASN1EncodableVector seqOfPSK = new ASN1EncodableVector(); for (int i = 0; i < h.length; i++) { seqOfPSh.add(new ASN1Integer(h[i])); seqOfPSw.add(new ASN1Integer(w[i])); seqOfPSK.add(new ASN1Integer(k[i])); } ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(t)); v.add(new DERSequence(seqOfPSh)); v.add(new DERSequence(seqOfPSw)); v.add(new DERSequence(seqOfPSK)); return new DERSequence(v); }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); // encode <oidString> v.add(oid); // encode <n> v.add(new ASN1Integer(n)); // encode <t> v.add(new ASN1Integer(t)); // encode <matrixG> v.add(new DEROctetString(matrixG)); return new DERSequence(v); }
public ECPrivateKey( BigInteger key, DERBitString publicKey, ASN1Object parameters) { byte[] bytes = BigIntegers.asUnsignedByteArray(key); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(1)); v.add(new DEROctetString(bytes)); if (parameters != null) { v.add(new DERTaggedObject(true, 0, parameters)); } if (publicKey != null) { v.add(new DERTaggedObject(true, 1, publicKey)); } seq = new DERSequence(v); }
/** * Produce an object suitable for an ASN1OutputStream. * <pre> * KEKIdentifier ::= SEQUENCE { * keyIdentifier OCTET STRING, * date GeneralizedTime OPTIONAL, * other OtherKeyAttribute OPTIONAL * } * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(keyIdentifier); if (date != null) { v.add(date); } if (other != null) { v.add(other); } return new DERSequence(v); }
/** * <pre> * POPOSigningKeyInput ::= SEQUENCE { * authInfo CHOICE { * sender [0] GeneralName, * -- used only if an authenticated identity has been * -- established for the sender (e.g., a DN from a * -- previously-issued and currently-valid certificate * publicKeyMAC PKMACValue }, * -- used if no authenticated GeneralName currently exists for * -- the sender; publicKeyMAC contains a password-based MAC * -- on the DER-encoded value of publicKey * publicKey SubjectPublicKeyInfo } -- from CertTemplate * </pre> * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); if (sender != null) { v.add(new DERTaggedObject(false, 0, sender)); } else { v.add(publicKeyMAC); } v.add(publicKey); return new DERSequence(v); }
public static X500PrivateCredential generateServerCertificate(KeyPair caKeyPair) throws NoSuchAlgorithmException, CertificateException, OperatorCreationException, CertIOException { X500Name issuerName = new X500Name("CN=bouncrca"); X500Name subjectName = new X500Name("CN=bouncr"); BigInteger serial = BigInteger.valueOf(2); long t1 = System.currentTimeMillis(); KeyPairGenerator rsa = KeyPairGenerator.getInstance("RSA"); rsa.initialize(2048, SecureRandom.getInstance("NativePRNGNonBlocking")); KeyPair kp = rsa.generateKeyPair(); System.out.println(System.currentTimeMillis() - t1); X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, NOT_BEFORE, NOT_AFTER, subjectName, kp.getPublic()); DERSequence subjectAlternativeNames = new DERSequence(new ASN1Encodable[] { new GeneralName(GeneralName.dNSName, "localhost"), new GeneralName(GeneralName.dNSName, "127.0.0.1") }); builder.addExtension(Extension.subjectAlternativeName, false, subjectAlternativeNames); X509Certificate cert = signCertificate(builder, caKeyPair.getPrivate()); return new X500PrivateCredential(cert, kp.getPrivate()); }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(this.p); v.add(this.g); v.add(this.q); if (this.j != null) { v.add(this.j); } if (this.validationParms != null) { v.add(this.validationParms); } return new DERSequence(v); }
/** * Creates a new CertReqMsg. * @param certReq CertRequest * @param pop may be null * @param regInfo may be null */ public CertReqMsg( CertRequest certReq, ProofOfPossession pop, AttributeTypeAndValue[] regInfo) { if (certReq == null) { throw new IllegalArgumentException("'certReq' cannot be null"); } this.certReq = certReq; this.pop = pop; if (regInfo != null) { this.regInfo = new DERSequence(regInfo); } }
/** * Produce an object suitable for an ASN1OutputStream. * <pre> * SignerInfo ::= SEQUENCE { * version Version, * issuerAndSerialNumber IssuerAndSerialNumber, * digestAlgorithm DigestAlgorithmIdentifier, * authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL, * digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier, * encryptedDigest EncryptedDigest, * unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL * } * * EncryptedDigest ::= OCTET STRING * * DigestAlgorithmIdentifier ::= AlgorithmIdentifier * * DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(version); v.add(issuerAndSerialNumber); v.add(digAlgorithm); if (authenticatedAttributes != null) { v.add(new DERTaggedObject(false, 0, authenticatedAttributes)); } v.add(digEncryptionAlgorithm); v.add(encryptedDigest); if (unauthenticatedAttributes != null) { v.add(new DERTaggedObject(false, 1, unauthenticatedAttributes)); } return new DERSequence(v); }
/** * <pre> * CertTemplate ::= SEQUENCE { * version [0] Version OPTIONAL, * serialNumber [1] INTEGER OPTIONAL, * signingAlg [2] AlgorithmIdentifier OPTIONAL, * issuer [3] Name OPTIONAL, * validity [4] OptionalValidity OPTIONAL, * subject [5] Name OPTIONAL, * publicKey [6] SubjectPublicKeyInfo OPTIONAL, * issuerUID [7] UniqueIdentifier OPTIONAL, * subjectUID [8] UniqueIdentifier OPTIONAL, * extensions [9] Extensions OPTIONAL } * </pre> * @return a basic ASN.1 object representation. */ public CertTemplate build() { ASN1EncodableVector v = new ASN1EncodableVector(); addOptional(v, 0, false, version); addOptional(v, 1, false, serialNumber); addOptional(v, 2, false, signingAlg); addOptional(v, 3, true, issuer); // CHOICE addOptional(v, 4, false, validity); addOptional(v, 5, true, subject); // CHOICE addOptional(v, 6, false, publicKey); addOptional(v, 7, false, issuerUID); addOptional(v, 8, false, subjectUID); addOptional(v, 9, false, extensions); return CertTemplate.getInstance(new DERSequence(v)); }
/** * Produce an object suitable for an ASN1OutputStream. */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); if (keyidentifier != null) { v.add(new DERTaggedObject(false, 0, keyidentifier)); } if (certissuer != null) { v.add(new DERTaggedObject(false, 1, certissuer)); } if (certserno != null) { v.add(new DERTaggedObject(false, 2, certserno)); } return new DERSequence(v); }
/** * <pre> * ESSCertIDv2 ::= SEQUENCE { * hashAlgorithm AlgorithmIdentifier * DEFAULT {algorithm id-sha256}, * certHash Hash, * issuerSerial IssuerSerial OPTIONAL * } * * Hash ::= OCTET STRING * * IssuerSerial ::= SEQUENCE { * issuer GeneralNames, * serialNumber CertificateSerialNumber * } * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); if (!hashAlgorithm.equals(DEFAULT_ALG_ID)) { v.add(hashAlgorithm); } v.add(new DEROctetString(certHash).toASN1Primitive()); if (issuerSerial != null) { v.add(issuerSerial); } return new DERSequence(v); }
public RevRepContent build() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERSequence(status)); if (revCerts.size() != 0) { v.add(new DERTaggedObject(true, 0, new DERSequence(revCerts))); } if (crls.size() != 0) { v.add(new DERTaggedObject(true, 1, new DERSequence(crls))); } return RevRepContent.getInstance(new DERSequence(v)); }
/** * <pre> * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension * * Extension ::= SEQUENCE { * extnId EXTENSION.&id ({ExtensionSet}), * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING } * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vec = new ASN1EncodableVector(); Enumeration e = ordering.elements(); while (e.hasMoreElements()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); X509Extension ext = (X509Extension)extensions.get(oid); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(oid); if (ext.isCritical()) { v.add(DERBoolean.TRUE); } v.add(ext.getValue()); vec.add(new DERSequence(v)); } return new DERSequence(vec); }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector av = new ASN1EncodableVector(); if (noticeRef != null) { av.add(noticeRef); } if (explicitText != null) { av.add(explicitText); } return new DERSequence(av); }
/** * in the absence of a standard way of doing it this will do for * now... */ protected byte[] engineGetEncoded() { try { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DEROctetString(currentSpec.getDerivationV())); v.add(new DEROctetString(currentSpec.getEncodingV())); v.add(new DERInteger(currentSpec.getMacKeySize())); return new DERSequence(v).getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new RuntimeException("Error encoding IESParameters"); } }
/** * <pre> * CertResponse ::= SEQUENCE { * certReqId INTEGER, * -- to match this response with corresponding request (a value * -- of -1 is to be used if certReqId is not specified in the * -- corresponding request) * status PKIStatusInfo, * certifiedKeyPair CertifiedKeyPair OPTIONAL, * rspInfo OCTET STRING OPTIONAL * -- analogous to the id-regInfo-utf8Pairs string defined * -- for regInfo in CertReqMsg [CRMF] * } * </pre> * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(certReqId); v.add(status); if (certifiedKeyPair != null) { v.add(certifiedKeyPair); } if (rspInfo != null) { v.add(rspInfo); } return new DERSequence(v); }
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new Asn1P11SlotIdentifier(slotId)); vector.add(new DERUTF8String(label)); vector.add(new ASN1Integer(keysize)); if (publicExponent != null) { vector.add(new ASN1Integer(publicExponent)); } return new DERSequence(vector); }
public DERObject toASN1Object() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(p); v.add(g); if (this.getL() != null) { v.add(l); } return new DERSequence(v); }
/** * Produce an object suitable for an ASN1OutputStream. * <pre> * Attribute ::= SEQUENCE { * attrType OBJECT IDENTIFIER, * attrValues SET OF AttributeValue * } * </pre> */ public DERObject toASN1Object() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(attrType); v.add(attrValues); return new DERSequence(v); }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(this.otherRevValType); v.add(this.otherRevVals); return new DERSequence(v); }
/** * <pre> * TimeStampResp ::= SEQUENCE { * status PKIStatusInfo, * timeStampToken TimeStampToken OPTIONAL } * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(pkiStatusInfo); if (timeStampToken != null) { v.add(timeStampToken); } return new DERSequence(v); }
public DERObject toASN1Object() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(iv); v.add(iterations); return new DERSequence(v); }
public AttributeCertificateHolder(X509Principal issuerName, BigInteger serialNumber) { holder = new org.bouncycastle.asn1.x509.Holder(new IssuerSerial( GeneralNames.getInstance(new DERSequence(new GeneralName(issuerName))), new ASN1Integer(serialNumber))); }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(requestInformation); v.add(data); if (transactionIdentifier != null) { v.add(transactionIdentifier); } return new DERSequence(v); }
private X509CRL generateJcaObject(TBSCertList tbsCrl, byte[] signature) throws CRLException { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(tbsCrl); v.add(sigAlgId); v.add(new DERBitString(signature)); return new X509CRLObject(new CertificateList(new DERSequence(v))); }
/** * Produce an object suitable for an ASN1OutputStream. * <pre> * Signature ::= SEQUENCE { * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING, * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL} * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(signatureAlgorithm); v.add(signature); if (certs != null) { v.add(new DERTaggedObject(true, 0, certs)); } return new DERSequence(v); }
/** * generate an X509 certificate, based on the current issuer and subject, * using the passed in provider for the signing and the supplied source * of randomness, if required. */ public X509AttributeCertificate generate( PrivateKey key, String provider, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { if (!extGenerator.isEmpty()) { acInfoGen.setExtensions(extGenerator.generate()); } AttributeCertificateInfo acInfo = acInfoGen.generateAttributeCertificateInfo(); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(acInfo); v.add(sigAlgId); try { v.add(new DERBitString(X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, acInfo))); return new X509V2AttributeCertificate(new AttributeCertificate(new DERSequence(v))); } catch (IOException e) { throw new ExtCertificateEncodingException("constructed invalid certificate", e); } }
private static Certificate generateStructure(TBSCertificate tbsCert, AlgorithmIdentifier sigAlgId, byte[] signature) { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(tbsCert); v.add(sigAlgId); v.add(new DERBitString(signature)); return Certificate.getInstance(new DERSequence(v)); }
private static AttributeCertificate generateAttrStructure(AttributeCertificateInfo attrInfo, AlgorithmIdentifier sigAlgId, byte[] signature) { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(attrInfo); v.add(sigAlgId); v.add(new DERBitString(signature)); return AttributeCertificate.getInstance(new DERSequence(v)); }
/** * Produce an object suitable for an ASN1OutputStream. * <pre> * OtherKeyAttribute ::= SEQUENCE { * keyAttrId OBJECT IDENTIFIER, * keyAttr ANY DEFINED BY keyAttrId OPTIONAL * } * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(keyAttrId); v.add(keyAttr); return new DERSequence(v); }
public ASN1Primitive toASN1Primitive() { // Construct the CertificateRequest ASN1EncodableVector v = new ASN1EncodableVector(); v.add(reqInfo); v.add(sigAlgId); v.add(sigBits); return new DERSequence(v); }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(func); v.add(scheme); return new DERSequence(v); }
public byte[] encode( BigInteger r, BigInteger s) throws IOException { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(r)); v.add(new ASN1Integer(s)); return new DERSequence(v).getEncoded(ASN1Encoding.DER); }
/** * Produce an object suitable for an ASN1OutputStream. * <pre> * RevokedInfo ::= SEQUENCE { * revocationTime GeneralizedTime, * revocationReason [0] EXPLICIT CRLReason OPTIONAL } * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(revocationTime); if (revocationReason != null) { v.add(new DERTaggedObject(true, 0, revocationReason)); } return new DERSequence(v); }
