sun.security.util.DerValue Java Examples

The following examples show how to use sun.security.util.DerValue. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CipherHelper.java    From flow-platform-x with Apache License 2.0 7 votes vote down vote up
private static PrivateKey toPrivateKey(String key)
        throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");

    String content = key.replaceAll("\\n", "").replace(RsaPrivateKeyStart, "").replace(RsaPrivateKeyEnd, "");
    byte[] bytes = Base64.getDecoder().decode(content);

    DerInputStream derReader = new DerInputStream(bytes);
    DerValue[] seq = derReader.getSequence(0);

    // skip version seq[0];
    BigInteger modulus = seq[1].getBigInteger();
    BigInteger publicExp = seq[2].getBigInteger();
    BigInteger privateExp = seq[3].getBigInteger();
    BigInteger prime1 = seq[4].getBigInteger();
    BigInteger prime2 = seq[5].getBigInteger();
    BigInteger exp1 = seq[6].getBigInteger();
    BigInteger exp2 = seq[7].getBigInteger();
    BigInteger crtCoef = seq[8].getBigInteger();

    RSAPrivateCrtKeySpec keySpec =
            new RSAPrivateCrtKeySpec(modulus, publicExp, privateExp, prime1, prime2, exp1, exp2, crtCoef);

    return keyFactory.generatePrivate(keySpec);
}
 
Example #2
Source File: IosRSAKey.java    From j2objc with Apache License 2.0 6 votes vote down vote up
@Override
protected void decodeParameters() {
  byte[] bytes = getEncoded();
  if (bytes == null) {
    return;
  }
  try {
    DerInputStream in = new DerInputStream(bytes);
    if (in.peekByte() == DerValue.tag_BitString) {
      // Strip headers.
      in.getBitString(); // Ignore: bitstring of mod + exp.
      in.getBitString();
      modulus = new BigInteger(in.getBitString());
      in.getBitString();
      publicExponent = new BigInteger(in.getBitString());
    } else {
      DerValue[] values = in.getSequence(2);
      publicExponent = values[0].getBigInteger();
      modulus = values[1].getBigInteger();
    }
  } catch (IOException e) {
    throw new ProviderException("failed decoding public key parameters: " + e);
  }
}
 
Example #3
Source File: DSAParameters.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
protected void engineInit(byte[] params) throws IOException {
    DerValue encodedParams = new DerValue(params);

    if (encodedParams.tag != DerValue.tag_Sequence) {
        throw new IOException("DSA params parsing error");
    }

    encodedParams.data.reset();

    this.p = encodedParams.data.getBigInteger();
    this.q = encodedParams.data.getBigInteger();
    this.g = encodedParams.data.getBigInteger();

    if (encodedParams.data.available() != 0) {
        throw new IOException("encoded params have " +
                              encodedParams.data.available() +
                              " extra bytes");
    }
}
 
Example #4
Source File: DSA.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Sign all the data thus far updated. The signature is formatted
 * according to the Canonical Encoding Rules, returned as a DER
 * sequence of Integer, r and s.
 *
 * @return a signature block formatted according to the Canonical
 * Encoding Rules.
 *
 * @exception SignatureException if the signature object was not
 * properly initialized, or if another exception occurs.
 *
 * @see sun.security.DSA#engineUpdate
 * @see sun.security.DSA#engineVerify
 */
protected byte[] engineSign() throws SignatureException {
    BigInteger k = generateK(presetQ);
    BigInteger r = generateR(presetP, presetQ, presetG, k);
    BigInteger s = generateS(presetX, presetQ, r, k);

    try {
        DerOutputStream outseq = new DerOutputStream(100);
        outseq.putInteger(r);
        outseq.putInteger(s);
        DerValue result = new DerValue(DerValue.tag_Sequence,
                                       outseq.toByteArray());

        return result.toByteArray();

    } catch (IOException e) {
        throw new SignatureException("error encoding signature");
    }
}
 
Example #5
Source File: CertificatePoliciesExtension.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from its DER encoded value and criticality.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value an array of DER encoded bytes of the actual value.
 * @exception ClassCastException if value is not an array of bytes
 * @exception IOException on error.
 */
public CertificatePoliciesExtension(Boolean critical, Object value)
throws IOException {
    this.extensionId = PKIXExtensions.CertificatePolicies_Id;
    this.critical = critical.booleanValue();
    this.extensionValue = (byte[]) value;
    DerValue val = new DerValue(this.extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                               "CertificatePoliciesExtension.");
    }
    certPolicies = new ArrayList<PolicyInformation>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        PolicyInformation policy = new PolicyInformation(seq);
        certPolicies.add(policy);
    }
}
 
Example #6
Source File: PolicyInformation.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create an instance of PolicyInformation, decoding from
 * the passed DerValue.
 *
 * @param val the DerValue to construct the PolicyInformation from.
 * @exception IOException on decoding errors.
 */
public PolicyInformation(DerValue val) throws IOException {
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding of PolicyInformation");
    }
    policyIdentifier = new CertificatePolicyId(val.data.getDerValue());
    if (val.data.available() != 0) {
        policyQualifiers = new LinkedHashSet<PolicyQualifierInfo>();
        DerValue opt = val.data.getDerValue();
        if (opt.tag != DerValue.tag_Sequence)
            throw new IOException("Invalid encoding of PolicyInformation");
        if (opt.data.available() == 0)
            throw new IOException("No data available in policyQualifiers");
        while (opt.data.available() != 0)
            policyQualifiers.add(new PolicyQualifierInfo
                    (opt.data.getDerValue().toByteArray()));
    } else {
        policyQualifiers = Collections.emptySet();
    }
}
 
Example #7
Source File: PolicyQualifierInfo.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of {@code PolicyQualifierInfo} from the
 * encoded bytes. The encoded byte array is copied on construction.
 *
 * @param encoded a byte array containing the qualifier in DER encoding
 * @exception IOException thrown if the byte array does not represent a
 * valid and parsable policy qualifier
 */
public PolicyQualifierInfo(byte[] encoded) throws IOException {
    mEncoded = encoded.clone();

    DerValue val = new DerValue(mEncoded);
    if (val.tag != DerValue.tag_Sequence)
        throw new IOException("Invalid encoding for PolicyQualifierInfo");

    mId = (val.data.getDerValue()).getOID().toString();
    byte [] tmp = val.data.toByteArray();
    if (tmp == null) {
        mData = null;
    } else {
        mData = new byte[tmp.length];
        System.arraycopy(tmp, 0, mData, 0, tmp.length);
    }
}
 
Example #8
Source File: KerberosTime.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Parse (unmarshal) a kerberostime from a DER input stream.  This form
 * parsing might be used when expanding a value which is part of
 * a constructed sequence and uses explicitly tagged type.
 *
 * @exception Asn1Exception on error.
 * @param data the Der input stream value, which contains
 *             one or more marshaled value.
 * @param explicitTag tag number.
 * @param optional indicates if this data field is optional
 * @return an instance of KerberosTime.
 *
 */
public static KerberosTime parse(
        DerInputStream data, byte explicitTag, boolean optional)
        throws Asn1Exception, IOException {
    if ((optional) && (((byte)data.peekByte() & (byte)0x1F)!= explicitTag))
        return null;
    DerValue der = data.getDerValue();
    if (explicitTag != (der.getTag() & (byte)0x1F))  {
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    }
    else {
        DerValue subDer = der.getData().getDerValue();
        Date temp = subDer.getGeneralizedTime();
        return new KerberosTime(temp.getTime(), 0);
    }
}
 
Example #9
Source File: OrderAndDup.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
static void checkData(X509CRLImpl c, byte[] data, BigInteger[] expected)
        throws Exception {
    if (c.getRevokedCertificates().size() != expected.length) {
        throw new Exception("Wrong count in CRL object, now " +
                c.getRevokedCertificates().size());
    }
    DerValue d1 = new DerValue(data);
    // revokedCertificates at 5th place of TBSCertList
    DerValue[] d2 = new DerInputStream(
            d1.data.getSequence(0)[4].toByteArray())
            .getSequence(0);
    if (d2.length != expected.length) {
        throw new Exception("Wrong count in raw data, now " + d2.length);
    }
    for (int i=0; i<d2.length; i++) {
        // Serial is first in revokedCertificates entry
        BigInteger bi = d2[i].data.getBigInteger();
        if (!bi.equals(expected[i])) {
            throw new Exception("Entry at #" + i + " is " + bi
                    + ", should be " + expected[i]);
        }
    }
}
 
Example #10
Source File: CertificatePoliciesExtension.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from its DER encoded value and criticality.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value an array of DER encoded bytes of the actual value.
 * @exception ClassCastException if value is not an array of bytes
 * @exception IOException on error.
 */
public CertificatePoliciesExtension(Boolean critical, Object value)
throws IOException {
    this.extensionId = PKIXExtensions.CertificatePolicies_Id;
    this.critical = critical.booleanValue();
    this.extensionValue = (byte[]) value;
    DerValue val = new DerValue(this.extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                               "CertificatePoliciesExtension.");
    }
    certPolicies = new ArrayList<PolicyInformation>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        PolicyInformation policy = new PolicyInformation(seq);
        certPolicies.add(policy);
    }
}
 
Example #11
Source File: SigningCertificateInfo.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
public void parse(byte[] bytes) throws IOException {

        // Parse signingCertificate
        DerValue derValue = new DerValue(bytes);
        if (derValue.tag != DerValue.tag_Sequence) {
            throw new IOException("Bad encoding for signingCertificate");
        }

        // Parse certs
        DerValue[] certs = derValue.data.getSequence(1);
        certId = new ESSCertId[certs.length];
        for (int i = 0; i < certs.length; i++) {
            certId[i] = new ESSCertId(certs[i]);
        }

        // Parse policies, if present
        if (derValue.data.available() > 0) {
            DerValue[] policies = derValue.data.getSequence(1);
            for (int i = 0; i < policies.length; i++) {
                // parse PolicyInformation
            }
        }
    }
 
Example #12
Source File: ExtendedKeyUsageExtension.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from its DER encoded value and criticality.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value an array of DER encoded bytes of the actual value.
 * @exception ClassCastException if value is not an array of bytes
 * @exception IOException on error.
 */
public ExtendedKeyUsageExtension(Boolean critical, Object value)
throws IOException {
    this.extensionId = PKIXExtensions.ExtendedKeyUsage_Id;
    this.critical = critical.booleanValue();
    this.extensionValue = (byte[]) value;
    DerValue val = new DerValue(this.extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                               "ExtendedKeyUsageExtension.");
    }
    keyUsages = new Vector<ObjectIdentifier>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        ObjectIdentifier usage = seq.getOID();
        keyUsages.addElement(usage);
    }
}
 
Example #13
Source File: DSAPublicKey.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Make a DSA public key out of a public key and three parameters.
 * The p, q, and g parameters may be null, but if so, parameters will need
 * to be supplied from some other source before this key can be used in
 * cryptographic operations.  PKIX RFC2459bis explicitly allows DSA public
 * keys without parameters, where the parameters are provided in the
 * issuer's DSA public key.
 *
 * @param y the actual key bits
 * @param p DSA parameter p, may be null if all of p, q, and g are null.
 * @param q DSA parameter q, may be null if all of p, q, and g are null.
 * @param g DSA parameter g, may be null if all of p, q, and g are null.
 */
public DSAPublicKey(BigInteger y, BigInteger p, BigInteger q,
                    BigInteger g)
throws InvalidKeyException {
    this.y = y;
    algid = new AlgIdDSA(p, q, g);

    try {
        byte[] keyArray = new DerValue(DerValue.tag_Integer,
                           y.toByteArray()).toByteArray();
        setKey(new BitArray(keyArray.length*8, keyArray));
        encode();
    } catch (IOException e) {
        throw new InvalidKeyException("could not DER encode y: " +
                                      e.getMessage());
    }
}
 
Example #14
Source File: CRLDistributionPointsExtension.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates the extension (also called by the subclass).
 */
protected CRLDistributionPointsExtension(ObjectIdentifier extensionId,
    Boolean critical, Object value, String extensionName)
        throws IOException {

    this.extensionId = extensionId;
    this.critical = critical.booleanValue();

    if (!(value instanceof byte[])) {
        throw new IOException("Illegal argument type");
    }

    extensionValue = (byte[])value;
    DerValue val = new DerValue(extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " + extensionName +
                              " extension.");
    }
    distributionPoints = new ArrayList<DistributionPoint>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        DistributionPoint point = new DistributionPoint(seq);
        distributionPoints.add(point);
    }
    this.extensionName = extensionName;
}
 
Example #15
Source File: AuthorityInfoAccessExtension.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from the passed DER encoded value of the same.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value Array of DER encoded bytes of the actual value.
 * @exception IOException on error.
 */
public AuthorityInfoAccessExtension(Boolean critical, Object value)
        throws IOException {
    this.extensionId = PKIXExtensions.AuthInfoAccess_Id;
    this.critical = critical.booleanValue();

    if (!(value instanceof byte[])) {
        throw new IOException("Illegal argument type");
    }

    extensionValue = (byte[])value;
    DerValue val = new DerValue(extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                              "AuthorityInfoAccessExtension.");
    }
    accessDescriptions = new ArrayList<AccessDescription>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        AccessDescription accessDescription = new AccessDescription(seq);
        accessDescriptions.add(accessDescription);
    }
}
 
Example #16
Source File: PolicyInformation.java    From j2objc with Apache License 2.0 6 votes vote down vote up
/**
 * Create an instance of PolicyInformation, decoding from
 * the passed DerValue.
 *
 * @param val the DerValue to construct the PolicyInformation from.
 * @exception IOException on decoding errors.
 */
public PolicyInformation(DerValue val) throws IOException {
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding of PolicyInformation");
    }
    policyIdentifier = new CertificatePolicyId(val.data.getDerValue());
    if (val.data.available() != 0) {
        policyQualifiers = new LinkedHashSet<PolicyQualifierInfo>();
        DerValue opt = val.data.getDerValue();
        if (opt.tag != DerValue.tag_Sequence)
            throw new IOException("Invalid encoding of PolicyInformation");
        if (opt.data.available() == 0)
            throw new IOException("No data available in policyQualifiers");
        while (opt.data.available() != 0)
            policyQualifiers.add(new PolicyQualifierInfo
                    (opt.data.getDerValue().toByteArray()));
    } else {
        policyQualifiers = Collections.emptySet();
    }
}
 
Example #17
Source File: DistributionPointName.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Encodes the distribution point name and writes it to the DerOutputStream.
 *
 * @param out the output stream.
 * @exception IOException on encoding error.
 */
public void encode(DerOutputStream out) throws IOException {

    DerOutputStream theChoice = new DerOutputStream();

    if (fullName != null) {
        fullName.encode(theChoice);
        out.writeImplicit(
            DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_FULL_NAME),
            theChoice);

    } else {
        relativeName.encode(theChoice);
        out.writeImplicit(
            DerValue.createTag(DerValue.TAG_CONTEXT, true,
                TAG_RELATIVE_NAME),
            theChoice);
    }
}
 
Example #18
Source File: DSAPublicKey.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Make a DSA public key out of a public key and three parameters.
 * The p, q, and g parameters may be null, but if so, parameters will need
 * to be supplied from some other source before this key can be used in
 * cryptographic operations.  PKIX RFC2459bis explicitly allows DSA public
 * keys without parameters, where the parameters are provided in the
 * issuer's DSA public key.
 *
 * @param y the actual key bits
 * @param p DSA parameter p, may be null if all of p, q, and g are null.
 * @param q DSA parameter q, may be null if all of p, q, and g are null.
 * @param g DSA parameter g, may be null if all of p, q, and g are null.
 */
public DSAPublicKey(BigInteger y, BigInteger p, BigInteger q,
                    BigInteger g)
throws InvalidKeyException {
    this.y = y;
    algid = new AlgIdDSA(p, q, g);

    try {
        byte[] keyArray = new DerValue(DerValue.tag_Integer,
                           y.toByteArray()).toByteArray();
        setKey(new BitArray(keyArray.length*8, keyArray));
        encode();
    } catch (IOException e) {
        throw new InvalidKeyException("could not DER encode y: " +
                                      e.getMessage());
    }
}
 
Example #19
Source File: DSAPublicKey.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Make a DSA public key out of a public key and three parameters.
 * The p, q, and g parameters may be null, but if so, parameters will need
 * to be supplied from some other source before this key can be used in
 * cryptographic operations.  PKIX RFC2459bis explicitly allows DSA public
 * keys without parameters, where the parameters are provided in the
 * issuer's DSA public key.
 *
 * @param y the actual key bits
 * @param p DSA parameter p, may be null if all of p, q, and g are null.
 * @param q DSA parameter q, may be null if all of p, q, and g are null.
 * @param g DSA parameter g, may be null if all of p, q, and g are null.
 */
public DSAPublicKey(BigInteger y, BigInteger p, BigInteger q,
                    BigInteger g)
throws InvalidKeyException {
    this.y = y;
    algid = new AlgIdDSA(p, q, g);

    try {
        byte[] keyArray = new DerValue(DerValue.tag_Integer,
                           y.toByteArray()).toByteArray();
        setKey(new BitArray(keyArray.length*8, keyArray));
        encode();
    } catch (IOException e) {
        throw new InvalidKeyException("could not DER encode y: " +
                                      e.getMessage());
    }
}
 
Example #20
Source File: DSA.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Sign all the data thus far updated. The signature is formatted
 * according to the Canonical Encoding Rules, returned as a DER
 * sequence of Integer, r and s.
 *
 * @return a signature block formatted according to the Canonical
 * Encoding Rules.
 *
 * @exception SignatureException if the signature object was not
 * properly initialized, or if another exception occurs.
 *
 * @see sun.security.DSA#engineUpdate
 * @see sun.security.DSA#engineVerify
 */
protected byte[] engineSign() throws SignatureException {
    BigInteger k = generateK(presetQ);
    BigInteger r = generateR(presetP, presetQ, presetG, k);
    BigInteger s = generateS(presetX, presetQ, r, k);

    try {
        DerOutputStream outseq = new DerOutputStream(100);
        outseq.putInteger(r);
        outseq.putInteger(s);
        DerValue result = new DerValue(DerValue.tag_Sequence,
                                       outseq.toByteArray());

        return result.toByteArray();

    } catch (IOException e) {
        throw new SignatureException("error encoding signature");
    }
}
 
Example #21
Source File: PolicyQualifierInfo.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of {@code PolicyQualifierInfo} from the
 * encoded bytes. The encoded byte array is copied on construction.
 *
 * @param encoded a byte array containing the qualifier in DER encoding
 * @exception IOException thrown if the byte array does not represent a
 * valid and parsable policy qualifier
 */
public PolicyQualifierInfo(byte[] encoded) throws IOException {
    mEncoded = encoded.clone();

    DerValue val = new DerValue(mEncoded);
    if (val.tag != DerValue.tag_Sequence)
        throw new IOException("Invalid encoding for PolicyQualifierInfo");

    mId = (val.data.getDerValue()).getOID().toString();
    byte [] tmp = val.data.toByteArray();
    if (tmp == null) {
        mData = null;
    } else {
        mData = new byte[tmp.length];
        System.arraycopy(tmp, 0, mData, 0, tmp.length);
    }
}
 
Example #22
Source File: MacData.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Returns the ASN.1 encoding of this object.
 * @return the ASN.1 encoding.
 * @exception IOException if error occurs when constructing its
 * ASN.1 encoding.
 */
public byte[] getEncoded() throws NoSuchAlgorithmException, IOException
{
    if (this.encoded != null)
        return this.encoded.clone();

    DerOutputStream out = new DerOutputStream();
    DerOutputStream tmp = new DerOutputStream();

    DerOutputStream tmp2 = new DerOutputStream();
    // encode encryption algorithm
    AlgorithmId algid = AlgorithmId.get(digestAlgorithmName);
    algid.encode(tmp2);

    // encode digest data
    tmp2.putOctetString(digest);

    tmp.write(DerValue.tag_Sequence, tmp2);

    // encode salt
    tmp.putOctetString(macSalt);

    // encode iterations
    tmp.putInteger(iterations);

    // wrap everything into a SEQUENCE
    out.write(DerValue.tag_Sequence, tmp);
    this.encoded = out.toByteArray();

    return this.encoded.clone();
}
 
Example #23
Source File: X509CertPath.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Parse a PKIPATH format CertPath from an InputStream. Return an
 * unmodifiable List of the certificates.
 *
 * @param is the <code>InputStream</code> to read the data from
 * @return an unmodifiable List of the certificates
 * @exception CertificateException if an exception occurs
 */
private static List<X509Certificate> parsePKIPATH(InputStream is)
        throws CertificateException {
    List<X509Certificate> certList = null;
    CertificateFactory certFac = null;

    if (is == null) {
        throw new CertificateException("input stream is null");
    }

    try {
        DerInputStream dis = new DerInputStream(readAllBytes(is));
        DerValue[] seq = dis.getSequence(3);
        if (seq.length == 0) {
            return Collections.<X509Certificate>emptyList();
        }

        certFac = CertificateFactory.getInstance("X.509");
        certList = new ArrayList<X509Certificate>(seq.length);

        // append certs in reverse order (target to trust anchor)
        for (int i = seq.length-1; i >= 0; i--) {
            certList.add((X509Certificate)certFac.generateCertificate
                (new ByteArrayInputStream(seq[i].toByteArray())));
        }

        return Collections.unmodifiableList(certList);

    } catch (IOException ioe) {
        throw new CertificateException("IOException parsing PkiPath data: "
                + ioe, ioe);
    }
}
 
Example #24
Source File: KeyImpl.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
private void readObject(ObjectInputStream ois)
            throws IOException, ClassNotFoundException {
    try {
        EncryptionKey encKey = new EncryptionKey(new
                                 DerValue((byte[])ois.readObject()));
        keyType = encKey.getEType();
        keyBytes = encKey.getBytes();
    } catch (Asn1Exception ae) {
        throw new IOException(ae.getMessage());
    }
}
 
Example #25
Source File: Parse.java    From jdk8u60 with GNU General Public License v2.0 5 votes vote down vote up
private static void CRLDistributionPointsExtensionTest(String certStr)
        throws Exception {
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
    X509Certificate cert = (X509Certificate) cf.generateCertificate(is);

    // oid for CRL Distribution Points = 2.5.29.31
    byte[] CDPExtBytes = cert.getExtensionValue("2.5.29.31");
    DerValue val = new DerValue(CDPExtBytes);
    byte[] data = val.getOctetString();
    CRLDistributionPointsExtension CDPExt
            = new CRLDistributionPointsExtension(false, data);
}
 
Example #26
Source File: PKCS12KeyStore.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
private AlgorithmParameters parseAlgParameters(ObjectIdentifier algorithm,
    DerInputStream in) throws IOException
{
    AlgorithmParameters algParams = null;
    try {
        DerValue params;
        if (in.available() == 0) {
            params = null;
        } else {
            params = in.getDerValue();
            if (params.tag == DerValue.tag_Null) {
               params = null;
            }
        }
        if (params != null) {
            if (algorithm.equals((Object)pbes2_OID)) {
                algParams = AlgorithmParameters.getInstance("PBES2");
            } else {
                algParams = AlgorithmParameters.getInstance("PBE");
            }
            algParams.init(params.toByteArray());
        }
    } catch (Exception e) {
       throw new IOException("parseAlgParameters failed: " +
                             e.getMessage(), e);
    }
    return algParams;
}
 
Example #27
Source File: Oid.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Creates an Oid object from its ASN.1 DER encoding.  This refers to
 * the full encoding including tag and length.  The structure and
 * encoding of Oids is defined in ISOIEC-8824 and ISOIEC-8825.  This
 * method is identical in functionality to its byte array counterpart.
 *
 * @param derOid stream containing the DER encoded oid
 * @exception GSSException may be thrown when the DER encoding does not
 *  follow the prescribed format.
 */
public Oid(InputStream derOid) throws GSSException {
    try {
        DerValue derVal = new DerValue(derOid);
        derEncoding = derVal.toByteArray();
        oid = derVal.getOID();
    } catch (IOException e) {
        throw new GSSException(GSSException.FAILURE,
                      "Improperly formatted ASN.1 DER encoding for Oid");
    }
}
 
Example #28
Source File: P11ECKeyFactory.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
private PublicKey generatePublic(ECPoint point, ECParameterSpec params)
        throws PKCS11Exception {
    byte[] encodedParams =
        ECUtil.encodeECParameterSpec(getSunECProvider(), params);
    byte[] encodedPoint =
        ECUtil.encodePoint(point, params.getCurve());

    // Check whether the X9.63 encoding of an EC point shall be wrapped
    // in an ASN.1 OCTET STRING
    if (!token.config.getUseEcX963Encoding()) {
        try {
            encodedPoint =
                new DerValue(DerValue.tag_OctetString, encodedPoint)
                    .toByteArray();
        } catch (IOException e) {
            throw new
                IllegalArgumentException("Could not DER encode point", e);
        }
    }

    CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
        new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY),
        new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
        new CK_ATTRIBUTE(CKA_EC_POINT, encodedPoint),
        new CK_ATTRIBUTE(CKA_EC_PARAMS, encodedParams),
    };
    attributes = token.getAttributes
            (O_IMPORT, CKO_PUBLIC_KEY, CKK_EC, attributes);
    Session session = null;
    try {
        session = token.getObjSession();
        long keyID = token.p11.C_CreateObject(session.id(), attributes);
        return P11Key.publicKey
            (session, keyID, "EC", params.getCurve().getField().getFieldSize(), attributes);
    } finally {
        token.releaseSession(session);
    }
}
 
Example #29
Source File: KeyImpl.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
private void readObject(ObjectInputStream ois)
            throws IOException, ClassNotFoundException {
    try {
        EncryptionKey encKey = new EncryptionKey(new
                                 DerValue((byte[])ois.readObject()));
        keyType = encKey.getEType();
        keyBytes = encKey.getBytes();
    } catch (Asn1Exception ae) {
        throw new IOException(ae.getMessage());
    }
}
 
Example #30
Source File: AuthorityInfoAccessExtension.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
private void encodeThis() throws IOException {
    if (accessDescriptions.isEmpty()) {
        this.extensionValue = null;
    } else {
        DerOutputStream ads = new DerOutputStream();
        for (AccessDescription accessDescription : accessDescriptions) {
            accessDescription.encode(ads);
        }
        DerOutputStream seq = new DerOutputStream();
        seq.write(DerValue.tag_Sequence, ads);
        this.extensionValue = seq.toByteArray();
    }
}