List of usage examples for org.bouncycastle.asn1 ASN1EncodableVector ASN1EncodableVector
public ASN1EncodableVector()
From source file:de.mendelson.util.security.BCCryptoHelper.java
/** * @param chain certificate chain, chain[0] is the signers certificate * itself Signs the data using S/MIME 3.1 - dont use if for S/MIME 3.2 or * higher//w ww . j a v a 2 s . c om */ public MimeMultipart sign(MimeMessage message, Certificate[] chain, Key key, String digest) throws Exception { if (message == null) { throw new Exception("sign: Message is absent"); } X509Certificate x509Cert = this.castCertificate(chain[0]); PrivateKey privKey = this.getPrivateKey(key); SMIMESignedGenerator signedGenerator = new SMIMESignedGenerator(SMIMESignedGenerator.RFC3851_MICALGS); //add dont know ASN1EncodableVector signedAttrs = new ASN1EncodableVector(); SMIMECapabilityVector caps = new SMIMECapabilityVector(); caps.addCapability(SMIMECapability.dES_EDE3_CBC); caps.addCapability(SMIMECapability.rC2_CBC, 128); caps.addCapability(SMIMECapability.dES_CBC); signedAttrs.add(new SMIMECapabilitiesAttribute(caps)); if (digest.equalsIgnoreCase(ALGORITHM_SHA1)) { signedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC") .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA1withRSA", privKey, x509Cert)); } else if (digest.equalsIgnoreCase(ALGORITHM_SHA224)) { signedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC") .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA224withRSA", privKey, x509Cert)); } else if (digest.equalsIgnoreCase(ALGORITHM_SHA256)) { signedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC") .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA256withRSA", privKey, x509Cert)); } else if (digest.equalsIgnoreCase(ALGORITHM_SHA384)) { signedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC") .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA384withRSA", privKey, x509Cert)); } else if (digest.equalsIgnoreCase(ALGORITHM_SHA512)) { signedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC") .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("SHA512withRSA", privKey, x509Cert)); } else if (digest.equalsIgnoreCase(ALGORITHM_MD5)) { signedGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC") .setSignedAttributeGenerator(new AttributeTable(signedAttrs)) .build("MD5withRSA", privKey, x509Cert)); } else { throw new Exception("sign: Signing digest " + digest + " not supported."); } //add cert store List<Certificate> certList = Arrays.asList(chain); Store certStore = new JcaCertStore(certList); signedGenerator.addCertificates(certStore); MimeMultipart multipart = signedGenerator.generate(message); return (multipart); }
From source file:de.rub.nds.tlsattacker.tlsserver.KeyStoreGenerator.java
License:Apache License
public static KeyStore createKeyStore(KeyPair keyPair) throws CertificateException, IOException, InvalidKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, OperatorCreationException { PublicKey publicKey = keyPair.getPublic(); PrivateKey privateKey = keyPair.getPrivate(); X500Name issuerName = new X500Name("CN=127.0.0.1, O=TLS-Attacker, L=RUB, ST=NRW, C=DE"); X500Name subjectName = issuerName; BigInteger serial = BigInteger.valueOf(new SecureRandom().nextInt()); X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, BEFORE, AFTER, subjectName, publicKey);/*w ww . ja va2 s . co m*/ builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment); builder.addExtension(Extension.keyUsage, false, usage); ASN1EncodableVector purposes = new ASN1EncodableVector(); purposes.add(KeyPurposeId.id_kp_serverAuth); purposes.add(KeyPurposeId.id_kp_clientAuth); purposes.add(KeyPurposeId.anyExtendedKeyUsage); builder.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes)); String algorithm = createSigningAlgorithm(keyPair); X509Certificate cert = signCertificate(algorithm, builder, privateKey); cert.checkValidity(new Date()); cert.verify(publicKey); KeyStore keyStore = KeyStore.getInstance("JKS"); keyStore.load(null, null); keyStore.setKeyEntry(ALIAS, privateKey, PASSWORD.toCharArray(), new java.security.cert.Certificate[] { cert }); return keyStore; }
From source file:de.tsenger.animamea.asn1.CardInfoLocator.java
License:Open Source License
/** * The definition of CardInfoLocator is/*from ww w. ja va 2 s . c o m*/ * <pre> * CardInfoLocator ::= SEQUENCE { * protocol OBJECT IDENTIFIER(id-CI), * url IA5String, * efCardInfo FileID OPTIONAL * } * </pre> */ @Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(protocol); v.add(url); if (fileID != null) v.add(fileID); return ASN1Sequence.getInstance(v); }
From source file:de.tsenger.animamea.asn1.CertificateHolderAuthorizationTemplate.java
License:Open Source License
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(terminalType);/* w w w. j ava 2 s . co m*/ v.add(auth); return new DERApplicationSpecific(0x4c, v); }
From source file:de.tsenger.animamea.asn1.ChipAuthenticationDomainParameterInfo.java
License:Open Source License
/** * The definition of ChipAuthenticationDomainParameterInfo is * <pre>// w w w . j av a 2s . co m * ChipAuthenticationDomainParameterInfo ::= SEQUENCE { * protocol OBJECT IDENTIFIER(id-CA-DH | id-CA-ECDH), * domainParameter AlgorithmIdentifier, * keyID INTEGER OPTIONAL * } * </pre> */ @Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(protocol); v.add(domainParameter); if (keyId != null) v.add(keyId); return ASN1Sequence.getInstance(v); }
From source file:de.tsenger.animamea.asn1.ChipAuthenticationInfo.java
License:Open Source License
/** * The definition of ChipAuthenticationInfo is * <pre>/*from w w w .j a v a 2 s. com*/ * ChipAuthenticationInfo ::= SEQUENCE { * protocol OBJECT IDENTIFIER( * id-CA-DH-3DES-CBC-CBC | * id-CA-DH-AES-CBC-CMAC-128 | * id-CA-DH-AES-CBC-CMAC-192 | * id-CA-DH-AES-CBC-CMAC-256 | * id-CA-ECDH-3DES-CBC-CBC | * id-CA-ECDH-AES-CBC-CMAC-128 | * id-CA-ECDH-AES-CBC-CMAC-192 | * id-CA-ECDH-AES-CBC-CMAC-256), * version INTEGER, -- MUST be 1 or 2 * keyID INTEGER OPTIONAL * } * </pre> */ @Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(protocol); v.add(version); if (keyId != null) v.add(keyId); return ASN1Sequence.getInstance(v); }
From source file:de.tsenger.animamea.asn1.ChipAuthenticationPublicKeyInfo.java
License:Open Source License
/** * The definition of ChipAuthenticationPublicKeyInfo is * <pre>//from w w w . j a va 2 s . c o m * ChipAuthenticationPublicKeyInfo ::= SEQUENCE { * protocol OBJECT IDENTIFIER(id-PK-DH | id-PK-ECDH), * chipAuthenticationPublicKey SubjectPublicKeyInfo, * keyID INTEGER OPTIONAL * } * </pre> */ @Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vec = new ASN1EncodableVector(); vec.add(protocol); vec.add(capk); if (keyId != null) { vec.add(keyId); } return ASN1Sequence.getInstance(vec); }
From source file:de.tsenger.animamea.asn1.CVCertBody.java
License:Open Source License
/** * CVCertBody contains://w w w .j a v a 2 s .co m * - Certificate Profile Identifier * - Certificate Authority Reference * - Public Key * - Certificate Holder Reference * - Certificate Holder Authorization Template * - Certificate Effective Date * - Certificate Expiration Date * - Certificate Extensions (OPTIONAL) * */ @Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); try { v.add(new DERApplicationSpecific(0x29, profileIdentifier)); v.add(new DERApplicationSpecific(0x02, authorityReference)); v.add(publicKey); v.add(new DERApplicationSpecific(0x20, chr)); v.add(chat); v.add(new DERApplicationSpecific(0x25, effectiveDate)); v.add(new DERApplicationSpecific(0x24, expirationDate)); if (extensions != null) v.add(new DERApplicationSpecific(0x05, extensions)); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } return new DERApplicationSpecific(0x4E, v); }
From source file:de.tsenger.animamea.asn1.CVCertificate.java
License:Open Source License
/** * The definition of CVCertificate is//from w w w . j av a 2s.c o m * <pre> * CVCertificate ::= SEQUENCE { * body CVCertBody * signature CVCertSignature * } * </pre> */ @Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(certBody); v.add(certSignature); return new DERApplicationSpecific(0x21, v); }
From source file:de.tsenger.animamea.asn1.DynamicAuthenticationData.java
License:Open Source License
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector asn1vec = new ASN1EncodableVector(); for (DERTaggedObject item : objects) { asn1vec.add(item);//from w ww. j a va2 s .co m } return new DERApplicationSpecific(0x1C, asn1vec); // Application specific + 0x1c = 0x7C }