String serial = DatatypeConverter.printHexBinary(certificate.getSerialNumber().toByteArray()); byte[] extensionValue = certificate.getExtensionValue(Extension.authorityKeyIdentifier.getId()); ASN1OctetString akiOc = ASN1OctetString.getInstance(extensionValue); String aki = DatatypeConverter.printHexBinary(AuthorityKeyIdentifier.getInstance(akiOc.getOctets()).getKeyIdentifier());
private AuthorityKeyIdentifier getAKI() throws HFCACertificateException { if (x509Cert == null) { throw new HFCACertificateException("Certificate is null"); } byte[] fullExtValue = x509Cert.getExtensionValue(Extension.authorityKeyIdentifier.getId()); byte[] extValue = ASN1OctetString.getInstance(fullExtValue).getOctets(); return AuthorityKeyIdentifier.getInstance(extValue); } }
private MessageImprint( ASN1Sequence seq) { this.hashAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0)); this.hashedMessage = ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets(); }
private void populateFromPrivKeyInfo(PrivateKeyInfo info) throws IOException ASN1Primitive p = info.getPrivateKeyAlgorithm().getParameters().toASN1Primitive(); if (p instanceof ASN1Sequence && (ASN1Sequence.getInstance(p).size() == 2 || ASN1Sequence.getInstance(p).size() == 3)) gostParams = GOST3410PublicKeyAlgParameters.getInstance(info.getPrivateKeyAlgorithm().getParameters()); this.d = ASN1Integer.getInstance(privKey).getPositiveValue(); byte[] encVal = ASN1OctetString.getInstance(privKey).getOctets(); byte[] dVal = new byte[encVal.length]; this.d = new BigInteger(1, dVal); X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters()); ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); if (privKey instanceof ASN1Integer) ASN1Integer derD = ASN1Integer.getInstance(privKey); this.d = derD.getValue();
byte[] keyEnc = key.getOctets(); if (keyInfo.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) DSTU4145Params dstuParams = DSTU4145Params.getInstance(keyInfo.getAlgorithm().getParameters()); if (keyInfo.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes)); byte[] g_bytes = binary.getG(); if (keyInfo.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
byte[] keyEnc = key.getOctets(); if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) ASN1Sequence seq = ASN1Sequence.getInstance(info.getAlgorithm().getParameters()); org.bouncycastle.jce.spec.ECParameterSpec spec = null; X9ECParameters x9Params = null; if (seq.getObjectAt(0) instanceof ASN1Integer) ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(curveOid); spec = new ECNamedCurveParameterSpec(curveOid.getId(), ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed()); if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes)); byte[] g_bytes = binary.getG(); if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) EC5Util.convertPoint(spec.getG()), spec.getN(), spec.getH().intValue());
private XMSSMTPublicKey(ASN1Sequence seq) { if (!ASN1Integer.getInstance(seq.getObjectAt(0)).getValue().equals(BigInteger.valueOf(0))) { throw new IllegalArgumentException("unknown version of sequence"); } this.publicSeed = Arrays.clone(DEROctetString.getInstance(seq.getObjectAt(1)).getOctets()); this.root = Arrays.clone(DEROctetString.getInstance(seq.getObjectAt(2)).getOctets()); }
private XMSSMTPrivateKey(ASN1Sequence seq) { if (!ASN1Integer.getInstance(seq.getObjectAt(0)).getValue().equals(BigInteger.valueOf(0))) { throw new IllegalArgumentException("unknown version of sequence"); } if (seq.size() != 2 && seq.size() != 3) { throw new IllegalArgumentException("key sequence wrong size"); } ASN1Sequence keySeq = ASN1Sequence.getInstance(seq.getObjectAt(1)); this.index = ASN1Integer.getInstance(keySeq.getObjectAt(0)).getValue().intValue(); this.secretKeySeed = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(1)).getOctets()); this.secretKeyPRF = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(2)).getOctets()); this.publicSeed = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(3)).getOctets()); this.root = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(4)).getOctets()); if(seq.size() == 3) { this.bdsState = Arrays.clone(DEROctetString.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(2)), true).getOctets()); } else { this.bdsState = null; } }
/** * Parses an EC private key as defined in RFC 5915. * <pre> * ECPrivateKey ::= SEQUENCE { * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), * privateKey OCTET STRING, * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, * publicKey [1] BIT STRING OPTIONAL * } * </pre> * * @param seq ASN1 sequence to parse * * @return EC private key */ private ECPrivateKeyParameters parseECPrivateKey(final ASN1Sequence seq) { final ASN1TaggedObject asn1Params = ASN1TaggedObject.getInstance(seq.getObjectAt(2)); final X9ECParameters params; if (asn1Params.getObject() instanceof ASN1ObjectIdentifier) { params = ECUtil.getNamedCurveByOid(ASN1ObjectIdentifier.getInstance(asn1Params.getObject())); } else { params = X9ECParameters.getInstance(asn1Params.getObject()); } return new ECPrivateKeyParameters( new BigInteger(1, ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets()), new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed())); } }
public BigInteger getKey() { ASN1OctetString octs = (ASN1OctetString)seq.getObjectAt(1); return new BigInteger(1, octs.getOctets()); }
private McEliecePrivateKey(ASN1Sequence seq) { BigInteger bigN = ((ASN1Integer)seq.getObjectAt(0)).getValue(); n = bigN.intValue(); BigInteger bigK = ((ASN1Integer)seq.getObjectAt(1)).getValue(); k = bigK.intValue(); encField = ((ASN1OctetString)seq.getObjectAt(2)).getOctets(); encGp = ((ASN1OctetString)seq.getObjectAt(3)).getOctets(); encP1 = ((ASN1OctetString)seq.getObjectAt(4)).getOctets(); encP2 = ((ASN1OctetString)seq.getObjectAt(5)).getOctets(); encSInv = ((ASN1OctetString)seq.getObjectAt(6)).getOctets(); }
private GCMParameters( ASN1Sequence seq) { this.nonce = ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets(); if (seq.size() == 2) { this.icvLen = ASN1Integer.getInstance(seq.getObjectAt(1)).getValue().intValue(); } else { this.icvLen = 12; } }
private ImportSecretKeyParams(ASN1Sequence seq) throws BadAsn1ObjectException { requireRange(seq, 4, 4); int idx = 0; slotId = SlotIdentifier.getInstance(seq.getObjectAt(idx++)).getValue(); control = NewKeyControl.getInstance(seq.getObjectAt(idx++)).getControl(); keyType = getInteger(seq.getObjectAt(idx++)).longValue(); keyValue = ASN1OctetString.getInstance(seq.getObjectAt(idx++)).getOctets(); }
EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed()); info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); if (curveOid == null) curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName()); EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed()); new X9ECPoint(curve.createPoint(this.getQ().getAffineXCoord().toBigInteger(), this.getQ().getAffineYCoord().toBigInteger(), withCompression)).toASN1Primitive(); info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
@Override protected void parse ( byte[] token ) throws IOException { try ( ASN1InputStream der = new ASN1InputStream(token) ) { ASN1TaggedObject tagged = (ASN1TaggedObject) der.readObject(); ASN1Sequence sequence = ASN1Sequence.getInstance(tagged, true); Enumeration<?> fields = sequence.getObjects(); while ( fields.hasMoreElements() ) { tagged = (ASN1TaggedObject) fields.nextElement(); switch ( tagged.getTagNo() ) { case 0: ASN1Enumerated enumerated = ASN1Enumerated.getInstance(tagged, true); setResult(enumerated.getValue().intValue()); break; case 1: setMechanism(ASN1ObjectIdentifier.getInstance(tagged, true)); break; case 2: ASN1OctetString mechanismToken = ASN1OctetString.getInstance(tagged, true); setMechanismToken(mechanismToken.getOctets()); break; case 3: ASN1OctetString mechanismListMIC = ASN1OctetString.getInstance(tagged, true); setMechanismListMIC(mechanismListMIC.getOctets()); break; default: throw new IOException("Malformed token field."); } } } }
final org.bouncycastle.asn1.pkcs.EncryptionScheme scheme) final PBES2Algorithm alg = PBES2Algorithm.fromOid(scheme.getAlgorithm().getId()); if (keyLength == 0) { keyLength = alg.getKeySize(); setCipher(alg.getCipherSpec().newInstance()); final ASN1Sequence rc2Params = ASN1Sequence.getInstance(scheme.getParameters()); if (rc2Params.size() > 1) { cipherParameters = new RC2Parameters( ((KeyParameter) cipherParameters).getKey(), ASN1Integer.getInstance(rc2Params.getObjectAt(0)).getValue().intValue()); iv = ASN1OctetString.getInstance(rc2Params.getObjectAt(0)).getOctets(); final ASN1Sequence rc5Params = ASN1Sequence.getInstance(scheme.getParameters()); final int rounds = ASN1Integer.getInstance(rc5Params.getObjectAt(1)).getValue().intValue(); final int blockSize = ASN1Integer.getInstance(rc5Params.getObjectAt(2)).getValue().intValue(); if (blockSize == 32) { setCipher(new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC532Engine()), new PKCS7Padding())); if (rc5Params.size() > 3) { iv = ASN1OctetString.getInstance(rc5Params.getObjectAt(3)).getOctets(); iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
PBMParameter.getInstance(pkiMessage.getHeader().getProtectionAlg().getParameters()); AlgorithmIdentifier algId = parameter.getOwf(); if (!cmpControl.isRequestPbmOwfPermitted(algId)) { LOG.warn("MAC_ALGO_FORBIDDEN (PBMParameter.owf: {})", algId.getAlgorithm().getId()); return new ProtectionVerificationResult(null, ProtectionResult.MAC_ALGO_FORBIDDEN); LOG.warn("MAC_ALGO_FORBIDDEN (PBMParameter.mac: {})", algId.getAlgorithm().getId()); return new ProtectionVerificationResult(null, ProtectionResult.MAC_ALGO_FORBIDDEN); int iterationCount = parameter.getIterationCount().getValue().intValue(); if (iterationCount < 1000) { LOG.warn("MAC_ALGO_FORBIDDEN (PBMParameter.iterationCount: {} < 1000)", iterationCount); byte[] senderKID = (asn1 == null) ? null : asn1.getOctets(); PKMACBuilder pkMacBuilder = new PKMACBuilder(new JcePKMACValuesCalculator()); if (!cmpControl.getSigAlgoValidator().isAlgorithmPermitted(protectionAlg)) { LOG.warn("SIG_ALGO_FORBIDDEN: {}", pkiMessage.getHeader().getProtectionAlg().getAlgorithm().getId()); return new ProtectionVerificationResult(null, ProtectionResult.SIGNATURE_ALGO_FORBIDDEN);
throws IllegalArgumentException ASN1ObjectIdentifier encAlg = encryptionAlgID.getAlgorithm(); if (encAlg.equals(PKCSObjectIdentifiers.rc4)) BufferedBlockCipher cipher = createCipher(encryptionAlgID.getAlgorithm()); ASN1Primitive sParams = encryptionAlgID.getParameters().toASN1Primitive(); if (encAlg.equals(PKCSObjectIdentifiers.des_EDE3_CBC) || encAlg.equals(AlgorithmIdentifierFactory.IDEA_CBC) || encAlg.equals(NISTObjectIdentifiers.id_aes128_CBC) || encAlg.equals(NISTObjectIdentifiers.id_aes192_CBC) ASN1OctetString.getInstance(sParams).getOctets())); else if (encAlg.equals(AlgorithmIdentifierFactory.CAST5_CBC)) cipher.init(forEncryption, new ParametersWithIV(new RC2Parameters(((KeyParameter)encKey).getKey(), rc2Ekb[cbcParams.getRC2ParameterVersion().intValue()]), cbcParams.getIV()));
byte[] receivedNonce = nonceExtn.getExtnValue().getOctets(); if (!Arrays.equals(nonce, receivedNonce)) { throw new OcspResponseException.OcspNonceUnmatched(nonce, receivedNonce); Request reqAt0 = Request.getInstance(ocspReq.getTbsRequest().getRequestList().getObjectAt(0)); ASN1ObjectIdentifier issuerHashAlg = certId.getHashAlgorithm().getAlgorithm(); byte[] issuerKeyHash = certId.getIssuerKeyHash().getOctets(); byte[] issuerNameHash = certId.getIssuerNameHash().getOctets(); boolean issuerMatch = issuerHashAlg.equals(cid.getHashAlgOID()) && Arrays.equals(issuerKeyHash, cid.getIssuerKeyHash()) && Arrays.equals(issuerNameHash, cid.getIssuerNameHash()); if (!serialNumbers[0].equals(serialNumber)) { throw new OcspResponseException.OcspTargetUnmatched("the serialNumber is not requested"); SingleResp singleResp = singleResponses[i]; CertificateID cid = singleResp.getCertID(); boolean issuerMatch = issuerHashAlg.equals(cid.getHashAlgOID()) && Arrays.equals(issuerKeyHash, cid.getIssuerKeyHash()) && Arrays.equals(issuerNameHash, cid.getIssuerNameHash());
/** * @deprecated use PrivateKeyInfo.getInstance() * @param seq */ public PrivateKeyInfo( ASN1Sequence seq) { Enumeration e = seq.getObjects(); BigInteger version = ((ASN1Integer)e.nextElement()).getValue(); if (version.intValue() != 0) { throw new IllegalArgumentException("wrong version for private key info"); } algId = AlgorithmIdentifier.getInstance(e.nextElement()); privKey = ASN1OctetString.getInstance(e.nextElement()); if (e.hasMoreElements()) { attributes = ASN1Set.getInstance((ASN1TaggedObject)e.nextElement(), false); } }