Java Code Examples for sun.security.util.DerValue

The following examples show how to use sun.security.util.DerValue. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: flow-platform-x   Author: FlowCI   File: CipherHelper.java    License: Apache License 2.0 7 votes vote down vote up
private static PrivateKey toPrivateKey(String key)
        throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");

    String content = key.replaceAll("\\n", "").replace(RsaPrivateKeyStart, "").replace(RsaPrivateKeyEnd, "");
    byte[] bytes = Base64.getDecoder().decode(content);

    DerInputStream derReader = new DerInputStream(bytes);
    DerValue[] seq = derReader.getSequence(0);

    // skip version seq[0];
    BigInteger modulus = seq[1].getBigInteger();
    BigInteger publicExp = seq[2].getBigInteger();
    BigInteger privateExp = seq[3].getBigInteger();
    BigInteger prime1 = seq[4].getBigInteger();
    BigInteger prime2 = seq[5].getBigInteger();
    BigInteger exp1 = seq[6].getBigInteger();
    BigInteger exp2 = seq[7].getBigInteger();
    BigInteger crtCoef = seq[8].getBigInteger();

    RSAPrivateCrtKeySpec keySpec =
            new RSAPrivateCrtKeySpec(modulus, publicExp, privateExp, prime1, prime2, exp1, exp2, crtCoef);

    return keyFactory.generatePrivate(keySpec);
}
 
Example #2
Source Project: jdk8u60   Author: chenghanpeng   File: CertificatePoliciesExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from its DER encoded value and criticality.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value an array of DER encoded bytes of the actual value.
 * @exception ClassCastException if value is not an array of bytes
 * @exception IOException on error.
 */
public CertificatePoliciesExtension(Boolean critical, Object value)
throws IOException {
    this.extensionId = PKIXExtensions.CertificatePolicies_Id;
    this.critical = critical.booleanValue();
    this.extensionValue = (byte[]) value;
    DerValue val = new DerValue(this.extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                               "CertificatePoliciesExtension.");
    }
    certPolicies = new ArrayList<PolicyInformation>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        PolicyInformation policy = new PolicyInformation(seq);
        certPolicies.add(policy);
    }
}
 
Example #3
Source Project: openjdk-jdk8u-backup   Author: AdoptOpenJDK   File: PolicyInformation.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create an instance of PolicyInformation, decoding from
 * the passed DerValue.
 *
 * @param val the DerValue to construct the PolicyInformation from.
 * @exception IOException on decoding errors.
 */
public PolicyInformation(DerValue val) throws IOException {
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding of PolicyInformation");
    }
    policyIdentifier = new CertificatePolicyId(val.data.getDerValue());
    if (val.data.available() != 0) {
        policyQualifiers = new LinkedHashSet<PolicyQualifierInfo>();
        DerValue opt = val.data.getDerValue();
        if (opt.tag != DerValue.tag_Sequence)
            throw new IOException("Invalid encoding of PolicyInformation");
        if (opt.data.available() == 0)
            throw new IOException("No data available in policyQualifiers");
        while (opt.data.available() != 0)
            policyQualifiers.add(new PolicyQualifierInfo
                    (opt.data.getDerValue().toByteArray()));
    } else {
        policyQualifiers = Collections.emptySet();
    }
}
 
Example #4
Source Project: dragonwell8_jdk   Author: alibaba   File: PolicyQualifierInfo.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of {@code PolicyQualifierInfo} from the
 * encoded bytes. The encoded byte array is copied on construction.
 *
 * @param encoded a byte array containing the qualifier in DER encoding
 * @exception IOException thrown if the byte array does not represent a
 * valid and parsable policy qualifier
 */
public PolicyQualifierInfo(byte[] encoded) throws IOException {
    mEncoded = encoded.clone();

    DerValue val = new DerValue(mEncoded);
    if (val.tag != DerValue.tag_Sequence)
        throw new IOException("Invalid encoding for PolicyQualifierInfo");

    mId = (val.data.getDerValue()).getOID().toString();
    byte [] tmp = val.data.toByteArray();
    if (tmp == null) {
        mData = null;
    } else {
        mData = new byte[tmp.length];
        System.arraycopy(tmp, 0, mData, 0, tmp.length);
    }
}
 
Example #5
Source Project: jdk8u-jdk   Author: lambdalab-mirror   File: DSAParameters.java    License: GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(byte[] params) throws IOException {
    DerValue encodedParams = new DerValue(params);

    if (encodedParams.tag != DerValue.tag_Sequence) {
        throw new IOException("DSA params parsing error");
    }

    encodedParams.data.reset();

    this.p = encodedParams.data.getBigInteger();
    this.q = encodedParams.data.getBigInteger();
    this.g = encodedParams.data.getBigInteger();

    if (encodedParams.data.available() != 0) {
        throw new IOException("encoded params have " +
                              encodedParams.data.available() +
                              " extra bytes");
    }
}
 
Example #6
Source Project: TencentKona-8   Author: Tencent   File: CertificatePoliciesExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from its DER encoded value and criticality.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value an array of DER encoded bytes of the actual value.
 * @exception ClassCastException if value is not an array of bytes
 * @exception IOException on error.
 */
public CertificatePoliciesExtension(Boolean critical, Object value)
throws IOException {
    this.extensionId = PKIXExtensions.CertificatePolicies_Id;
    this.critical = critical.booleanValue();
    this.extensionValue = (byte[]) value;
    DerValue val = new DerValue(this.extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                               "CertificatePoliciesExtension.");
    }
    certPolicies = new ArrayList<PolicyInformation>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        PolicyInformation policy = new PolicyInformation(seq);
        certPolicies.add(policy);
    }
}
 
Example #7
Source Project: openjdk-jdk9   Author: AdoptOpenJDK   File: CRLDistributionPointsExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates the extension (also called by the subclass).
 */
protected CRLDistributionPointsExtension(ObjectIdentifier extensionId,
    Boolean critical, Object value, String extensionName)
        throws IOException {

    this.extensionId = extensionId;
    this.critical = critical.booleanValue();

    if (!(value instanceof byte[])) {
        throw new IOException("Illegal argument type");
    }

    extensionValue = (byte[])value;
    DerValue val = new DerValue(extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " + extensionName +
                              " extension.");
    }
    distributionPoints = new ArrayList<DistributionPoint>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        DistributionPoint point = new DistributionPoint(seq);
        distributionPoints.add(point);
    }
    this.extensionName = extensionName;
}
 
Example #8
Source Project: jdk8u60   Author: chenghanpeng   File: ExtendedKeyUsageExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from its DER encoded value and criticality.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value an array of DER encoded bytes of the actual value.
 * @exception ClassCastException if value is not an array of bytes
 * @exception IOException on error.
 */
public ExtendedKeyUsageExtension(Boolean critical, Object value)
throws IOException {
    this.extensionId = PKIXExtensions.ExtendedKeyUsage_Id;
    this.critical = critical.booleanValue();
    this.extensionValue = (byte[]) value;
    DerValue val = new DerValue(this.extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                               "ExtendedKeyUsageExtension.");
    }
    keyUsages = new Vector<ObjectIdentifier>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        ObjectIdentifier usage = seq.getOID();
        keyUsages.addElement(usage);
    }
}
 
Example #9
Source Project: dragonwell8_jdk   Author: alibaba   File: AuthorityInfoAccessExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from the passed DER encoded value of the same.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value Array of DER encoded bytes of the actual value.
 * @exception IOException on error.
 */
public AuthorityInfoAccessExtension(Boolean critical, Object value)
        throws IOException {
    this.extensionId = PKIXExtensions.AuthInfoAccess_Id;
    this.critical = critical.booleanValue();

    if (!(value instanceof byte[])) {
        throw new IOException("Illegal argument type");
    }

    extensionValue = (byte[])value;
    DerValue val = new DerValue(extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                              "AuthorityInfoAccessExtension.");
    }
    accessDescriptions = new ArrayList<AccessDescription>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        AccessDescription accessDescription = new AccessDescription(seq);
        accessDescriptions.add(accessDescription);
    }
}
 
Example #10
Source Project: hottub   Author: dsrg-uoft   File: DSA.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Sign all the data thus far updated. The signature is formatted
 * according to the Canonical Encoding Rules, returned as a DER
 * sequence of Integer, r and s.
 *
 * @return a signature block formatted according to the Canonical
 * Encoding Rules.
 *
 * @exception SignatureException if the signature object was not
 * properly initialized, or if another exception occurs.
 *
 * @see sun.security.DSA#engineUpdate
 * @see sun.security.DSA#engineVerify
 */
protected byte[] engineSign() throws SignatureException {
    BigInteger k = generateK(presetQ);
    BigInteger r = generateR(presetP, presetQ, presetG, k);
    BigInteger s = generateS(presetX, presetQ, r, k);

    try {
        DerOutputStream outseq = new DerOutputStream(100);
        outseq.putInteger(r);
        outseq.putInteger(s);
        DerValue result = new DerValue(DerValue.tag_Sequence,
                                       outseq.toByteArray());

        return result.toByteArray();

    } catch (IOException e) {
        throw new SignatureException("error encoding signature");
    }
}
 
Example #11
Source Project: openjdk-8   Author: bpupadhyaya   File: PolicyQualifierInfo.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of {@code PolicyQualifierInfo} from the
 * encoded bytes. The encoded byte array is copied on construction.
 *
 * @param encoded a byte array containing the qualifier in DER encoding
 * @exception IOException thrown if the byte array does not represent a
 * valid and parsable policy qualifier
 */
public PolicyQualifierInfo(byte[] encoded) throws IOException {
    mEncoded = encoded.clone();

    DerValue val = new DerValue(mEncoded);
    if (val.tag != DerValue.tag_Sequence)
        throw new IOException("Invalid encoding for PolicyQualifierInfo");

    mId = (val.data.getDerValue()).getOID().toString();
    byte [] tmp = val.data.toByteArray();
    if (tmp == null) {
        mData = null;
    } else {
        mData = new byte[tmp.length];
        System.arraycopy(tmp, 0, mData, 0, tmp.length);
    }
}
 
Example #12
Source Project: j2objc   Author: google   File: IosRSAKey.java    License: Apache License 2.0 6 votes vote down vote up
@Override
protected void decodeParameters() {
  byte[] bytes = getEncoded();
  if (bytes == null) {
    return;
  }
  try {
    DerInputStream in = new DerInputStream(bytes);
    if (in.peekByte() == DerValue.tag_BitString) {
      // Strip headers.
      in.getBitString(); // Ignore: bitstring of mod + exp.
      in.getBitString();
      modulus = new BigInteger(in.getBitString());
      in.getBitString();
      publicExponent = new BigInteger(in.getBitString());
    } else {
      DerValue[] values = in.getSequence(2);
      publicExponent = values[0].getBigInteger();
      modulus = values[1].getBigInteger();
    }
  } catch (IOException e) {
    throw new ProviderException("failed decoding public key parameters: " + e);
  }
}
 
Example #13
Source Project: openjdk-8   Author: bpupadhyaya   File: DSAPublicKey.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Make a DSA public key out of a public key and three parameters.
 * The p, q, and g parameters may be null, but if so, parameters will need
 * to be supplied from some other source before this key can be used in
 * cryptographic operations.  PKIX RFC2459bis explicitly allows DSA public
 * keys without parameters, where the parameters are provided in the
 * issuer's DSA public key.
 *
 * @param y the actual key bits
 * @param p DSA parameter p, may be null if all of p, q, and g are null.
 * @param q DSA parameter q, may be null if all of p, q, and g are null.
 * @param g DSA parameter g, may be null if all of p, q, and g are null.
 */
public DSAPublicKey(BigInteger y, BigInteger p, BigInteger q,
                    BigInteger g)
throws InvalidKeyException {
    this.y = y;
    algid = new AlgIdDSA(p, q, g);

    try {
        byte[] keyArray = new DerValue(DerValue.tag_Integer,
                           y.toByteArray()).toByteArray();
        setKey(new BitArray(keyArray.length*8, keyArray));
        encode();
    } catch (IOException e) {
        throw new InvalidKeyException("could not DER encode y: " +
                                      e.getMessage());
    }
}
 
Example #14
Source Project: j2objc   Author: google   File: PolicyInformation.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Create an instance of PolicyInformation, decoding from
 * the passed DerValue.
 *
 * @param val the DerValue to construct the PolicyInformation from.
 * @exception IOException on decoding errors.
 */
public PolicyInformation(DerValue val) throws IOException {
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding of PolicyInformation");
    }
    policyIdentifier = new CertificatePolicyId(val.data.getDerValue());
    if (val.data.available() != 0) {
        policyQualifiers = new LinkedHashSet<PolicyQualifierInfo>();
        DerValue opt = val.data.getDerValue();
        if (opt.tag != DerValue.tag_Sequence)
            throw new IOException("Invalid encoding of PolicyInformation");
        if (opt.data.available() == 0)
            throw new IOException("No data available in policyQualifiers");
        while (opt.data.available() != 0)
            policyQualifiers.add(new PolicyQualifierInfo
                    (opt.data.getDerValue().toByteArray()));
    } else {
        policyQualifiers = Collections.emptySet();
    }
}
 
Example #15
Source Project: jdk8u_jdk   Author: JetBrains   File: DSAPublicKey.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Make a DSA public key out of a public key and three parameters.
 * The p, q, and g parameters may be null, but if so, parameters will need
 * to be supplied from some other source before this key can be used in
 * cryptographic operations.  PKIX RFC2459bis explicitly allows DSA public
 * keys without parameters, where the parameters are provided in the
 * issuer's DSA public key.
 *
 * @param y the actual key bits
 * @param p DSA parameter p, may be null if all of p, q, and g are null.
 * @param q DSA parameter q, may be null if all of p, q, and g are null.
 * @param g DSA parameter g, may be null if all of p, q, and g are null.
 */
public DSAPublicKey(BigInteger y, BigInteger p, BigInteger q,
                    BigInteger g)
throws InvalidKeyException {
    this.y = y;
    algid = new AlgIdDSA(p, q, g);

    try {
        byte[] keyArray = new DerValue(DerValue.tag_Integer,
                           y.toByteArray()).toByteArray();
        setKey(new BitArray(keyArray.length*8, keyArray));
        encode();
    } catch (IOException e) {
        throw new InvalidKeyException("could not DER encode y: " +
                                      e.getMessage());
    }
}
 
Example #16
Source Project: jdk8u-jdk   Author: lambdalab-mirror   File: DSAPublicKey.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Make a DSA public key out of a public key and three parameters.
 * The p, q, and g parameters may be null, but if so, parameters will need
 * to be supplied from some other source before this key can be used in
 * cryptographic operations.  PKIX RFC2459bis explicitly allows DSA public
 * keys without parameters, where the parameters are provided in the
 * issuer's DSA public key.
 *
 * @param y the actual key bits
 * @param p DSA parameter p, may be null if all of p, q, and g are null.
 * @param q DSA parameter q, may be null if all of p, q, and g are null.
 * @param g DSA parameter g, may be null if all of p, q, and g are null.
 */
public DSAPublicKey(BigInteger y, BigInteger p, BigInteger q,
                    BigInteger g)
throws InvalidKeyException {
    this.y = y;
    algid = new AlgIdDSA(p, q, g);

    try {
        byte[] keyArray = new DerValue(DerValue.tag_Integer,
                           y.toByteArray()).toByteArray();
        setKey(new BitArray(keyArray.length*8, keyArray));
        encode();
    } catch (IOException e) {
        throw new InvalidKeyException("could not DER encode y: " +
                                      e.getMessage());
    }
}
 
Example #17
Source Project: jdk8u-dev-jdk   Author: frohoff   File: DSA.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Sign all the data thus far updated. The signature is formatted
 * according to the Canonical Encoding Rules, returned as a DER
 * sequence of Integer, r and s.
 *
 * @return a signature block formatted according to the Canonical
 * Encoding Rules.
 *
 * @exception SignatureException if the signature object was not
 * properly initialized, or if another exception occurs.
 *
 * @see sun.security.DSA#engineUpdate
 * @see sun.security.DSA#engineVerify
 */
protected byte[] engineSign() throws SignatureException {
    BigInteger k = generateK(presetQ);
    BigInteger r = generateR(presetP, presetQ, presetG, k);
    BigInteger s = generateS(presetX, presetQ, r, k);

    try {
        DerOutputStream outseq = new DerOutputStream(100);
        outseq.putInteger(r);
        outseq.putInteger(s);
        DerValue result = new DerValue(DerValue.tag_Sequence,
                                       outseq.toByteArray());

        return result.toByteArray();

    } catch (IOException e) {
        throw new SignatureException("error encoding signature");
    }
}
 
Example #18
Source Project: openjdk-jdk8u   Author: AdoptOpenJDK   File: KerberosTime.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Parse (unmarshal) a kerberostime from a DER input stream.  This form
 * parsing might be used when expanding a value which is part of
 * a constructed sequence and uses explicitly tagged type.
 *
 * @exception Asn1Exception on error.
 * @param data the Der input stream value, which contains
 *             one or more marshaled value.
 * @param explicitTag tag number.
 * @param optional indicates if this data field is optional
 * @return an instance of KerberosTime.
 *
 */
public static KerberosTime parse(
        DerInputStream data, byte explicitTag, boolean optional)
        throws Asn1Exception, IOException {
    if ((optional) && (((byte)data.peekByte() & (byte)0x1F)!= explicitTag))
        return null;
    DerValue der = data.getDerValue();
    if (explicitTag != (der.getTag() & (byte)0x1F))  {
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    }
    else {
        DerValue subDer = der.getData().getDerValue();
        Date temp = subDer.getGeneralizedTime();
        return new KerberosTime(temp.getTime(), 0);
    }
}
 
Example #19
Source Project: jdk8u-dev-jdk   Author: frohoff   File: OrderAndDup.java    License: GNU General Public License v2.0 6 votes vote down vote up
static void checkData(X509CRLImpl c, byte[] data, BigInteger[] expected)
        throws Exception {
    if (c.getRevokedCertificates().size() != expected.length) {
        throw new Exception("Wrong count in CRL object, now " +
                c.getRevokedCertificates().size());
    }
    DerValue d1 = new DerValue(data);
    // revokedCertificates at 5th place of TBSCertList
    DerValue[] d2 = new DerInputStream(
            d1.data.getSequence(0)[4].toByteArray())
            .getSequence(0);
    if (d2.length != expected.length) {
        throw new Exception("Wrong count in raw data, now " + d2.length);
    }
    for (int i=0; i<d2.length; i++) {
        // Serial is first in revokedCertificates entry
        BigInteger bi = d2[i].data.getBigInteger();
        if (!bi.equals(expected[i])) {
            throw new Exception("Entry at #" + i + " is " + bi
                    + ", should be " + expected[i]);
        }
    }
}
 
Example #20
Source Project: openjdk-8   Author: bpupadhyaya   File: SigningCertificateInfo.java    License: GNU General Public License v2.0 6 votes vote down vote up
public void parse(byte[] bytes) throws IOException {

        // Parse signingCertificate
        DerValue derValue = new DerValue(bytes);
        if (derValue.tag != DerValue.tag_Sequence) {
            throw new IOException("Bad encoding for signingCertificate");
        }

        // Parse certs
        DerValue[] certs = derValue.data.getSequence(1);
        certId = new ESSCertId[certs.length];
        for (int i = 0; i < certs.length; i++) {
            certId[i] = new ESSCertId(certs[i]);
        }

        // Parse policies, if present
        if (derValue.data.available() > 0) {
            DerValue[] policies = derValue.data.getSequence(1);
            for (int i = 0; i < policies.length; i++) {
                // parse PolicyInformation
            }
        }
    }
 
Example #21
Source Project: jdk8u_jdk   Author: JetBrains   File: DistributionPointName.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Encodes the distribution point name and writes it to the DerOutputStream.
 *
 * @param out the output stream.
 * @exception IOException on encoding error.
 */
public void encode(DerOutputStream out) throws IOException {

    DerOutputStream theChoice = new DerOutputStream();

    if (fullName != null) {
        fullName.encode(theChoice);
        out.writeImplicit(
            DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_FULL_NAME),
            theChoice);

    } else {
        relativeName.encode(theChoice);
        out.writeImplicit(
            DerValue.createTag(DerValue.TAG_CONTEXT, true,
                TAG_RELATIVE_NAME),
            theChoice);
    }
}
 
Example #22
Source Project: jdk8u60   Author: chenghanpeng   File: Oid.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Creates an Oid object from its ASN.1 DER encoding.  This refers to
 * the full encoding including tag and length.  The structure and
 * encoding of Oids is defined in ISOIEC-8824 and ISOIEC-8825.  This
 * method is identical in functionality to its InputStream conterpart.
 *
 * @param data byte array containing the DER encoded oid
 * @exception GSSException may be thrown when the DER encoding does not
 *     follow the prescribed format.
 */
public Oid(byte [] data) throws GSSException {
    try {
        DerValue derVal = new DerValue(data);
        derEncoding = derVal.toByteArray();
        oid = derVal.getOID();
    } catch (IOException e) {
        throw new GSSException(GSSException.FAILURE,
                      "Improperly formatted ASN.1 DER encoding for Oid");
    }
}
 
Example #23
Source Project: j2objc   Author: google   File: InhibitAnyPolicyExtension.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Create the extension from the passed DER encoded value of the same.
 *
 * @param critical criticality flag to use.  Must be true for this
 *                 extension.
 * @param value a byte array holding the DER-encoded extension value.
 * @exception ClassCastException if value is not an array of bytes
 * @exception IOException on error.
 */
public InhibitAnyPolicyExtension(Boolean critical, Object value)
    throws IOException {

    this.extensionId = PKIXExtensions.InhibitAnyPolicy_Id;

    if (!critical.booleanValue())
        throw new IOException("Criticality cannot be false for " +
                              "InhibitAnyPolicy");
    this.critical = critical.booleanValue();

    this.extensionValue = (byte[]) value;
    DerValue val = new DerValue(this.extensionValue);
    if (val.tag != DerValue.tag_Integer)
        throw new IOException("Invalid encoding of InhibitAnyPolicy: "
                              + "data not integer");

    if (val.data == null)
        throw new IOException("Invalid encoding of InhibitAnyPolicy: "
                              + "null data");
    int skipCertsValue = val.getInteger();
    if (skipCertsValue < -1)
        throw new IOException("Invalid value for skipCerts");
    if (skipCertsValue == -1) {
        this.skipCerts = Integer.MAX_VALUE;
    } else {
        this.skipCerts = skipCertsValue;
    }
}
 
Example #24
Source Project: openjdk-8-source   Author: keerath   File: P11ECKeyFactory.java    License: GNU General Public License v2.0 5 votes vote down vote up
private PublicKey generatePublic(ECPoint point, ECParameterSpec params)
        throws PKCS11Exception {
    byte[] encodedParams =
        ECUtil.encodeECParameterSpec(getSunECProvider(), params);
    byte[] encodedPoint =
        ECUtil.encodePoint(point, params.getCurve());

    // Check whether the X9.63 encoding of an EC point shall be wrapped
    // in an ASN.1 OCTET STRING
    if (!token.config.getUseEcX963Encoding()) {
        try {
            encodedPoint =
                new DerValue(DerValue.tag_OctetString, encodedPoint)
                    .toByteArray();
        } catch (IOException e) {
            throw new
                IllegalArgumentException("Could not DER encode point", e);
        }
    }

    CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
        new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
        new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
        new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint),
        new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
    };
    attributes = token.getAttributes
            (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes);
    Session session = null;
    try {
        session = token.getObjSession();
        long keyID = token.p11.C_CreateObject(session.id(), attributes);
        return P11Key.publicKey
            (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes);
    } finally {
        token.releaseSession(session);
    }
}
 
Example #25
Source Project: openjdk-jdk8u-backup   Author: AdoptOpenJDK   File: KerberosString.java    License: GNU General Public License v2.0 5 votes vote down vote up
public KerberosString(DerValue der) throws IOException {
    if (der.tag != DerValue.tag_GeneralString) {
        throw new IOException(
            "KerberosString's tag is incorrect: " + der.tag);
    }
    s = new String(der.getDataBytes(), MSNAME?"UTF8":"ASCII");
}
 
Example #26
Source Project: jdk8u-dev-jdk   Author: frohoff   File: KeyImpl.java    License: GNU General Public License v2.0 5 votes vote down vote up
private void readObject(ObjectInputStream ois)
            throws IOException, ClassNotFoundException {
    try {
        EncryptionKey encKey = new EncryptionKey(new
                                 DerValue((byte[])ois.readObject()));
        keyType = encKey.getEType();
        keyBytes = encKey.getBytes();
    } catch (Asn1Exception ae) {
        throw new IOException(ae.getMessage());
    }
}
 
Example #27
Source Project: jdk8u60   Author: chenghanpeng   File: DSAParameters.java    License: GNU General Public License v2.0 5 votes vote down vote up
protected byte[] engineGetEncoded() throws IOException {
    DerOutputStream out = new DerOutputStream();
    DerOutputStream bytes = new DerOutputStream();

    bytes.putInteger(p);
    bytes.putInteger(q);
    bytes.putInteger(g);
    out.write(DerValue.tag_Sequence, bytes);
    return out.toByteArray();
}
 
Example #28
Source Project: openjdk-jdk9   Author: AdoptOpenJDK   File: TSRequest.java    License: GNU General Public License v2.0 5 votes vote down vote up
public byte[] encode() throws IOException {

        DerOutputStream request = new DerOutputStream();

        // encode version
        request.putInteger(version);

        // encode messageImprint
        DerOutputStream messageImprint = new DerOutputStream();
        hashAlgorithmId.encode(messageImprint);
        messageImprint.putOctetString(hashValue);
        request.write(DerValue.tag_Sequence, messageImprint);

        // encode optional elements

        if (policyId != null) {
            request.putOID(new ObjectIdentifier(policyId));
        }
        if (nonce != null) {
            request.putInteger(nonce);
        }
        if (returnCertificate) {
            request.putBoolean(true);
        }

        DerOutputStream out = new DerOutputStream();
        out.write(DerValue.tag_Sequence, request);
        return out.toByteArray();
    }
 
Example #29
Source Project: j2objc   Author: google   File: SigningCertificateInfo.java    License: Apache License 2.0 5 votes vote down vote up
ESSCertId(DerValue certId) throws IOException {
    // Parse certHash
    certHash = certId.data.getDerValue().toByteArray();

    // Parse issuerSerial, if present
    if (certId.data.available() > 0) {
        DerValue issuerSerial = certId.data.getDerValue();
        // Parse issuer
        issuer = new GeneralNames(issuerSerial.data.getDerValue());
        // Parse serialNumber
        serialNumber = new SerialNumber(issuerSerial.data.getDerValue());
    }
}
 
Example #30
Source Project: openjdk-jdk9   Author: AdoptOpenJDK   File: MacData.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Parses a PKCS#12 MAC data.
 */
MacData(DerInputStream derin)
    throws IOException, ParsingException
{
    DerValue[] macData = derin.getSequence(2);

    // Parse the digest info
    DerInputStream digestIn = new DerInputStream(macData[0].toByteArray());
    DerValue[] digestInfo = digestIn.getSequence(2);

    // Parse the DigestAlgorithmIdentifier.
    AlgorithmId digestAlgorithmId = AlgorithmId.parse(digestInfo[0]);
    this.digestAlgorithmName = digestAlgorithmId.getName();
    this.digestAlgorithmParams = digestAlgorithmId.getParameters();
    // Get the digest.
    this.digest = digestInfo[1].getOctetString();

    // Get the salt.
    this.macSalt = macData[1].getOctetString();

    // Iterations is optional. The default value is 1.
    if (macData.length > 2) {
        this.iterations = macData[2].getInteger();
    } else {
        this.iterations = 1;
    }
}