Example usage for org.bouncycastle.asn1 DERSequence DERSequence

Introduction

In this page you can find the example usage for org.bouncycastle.asn1 DERSequence DERSequence.

Prototype

public DERSequence(ASN1Encodable[] elements)

Source Link

Document

Create a sequence containing an array of objects.

Usage

From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java

License:LGPL

@Override
public void writeDHParameters(Writer _out, DHParameterSpec params) throws IOException {
    BufferedWriter out = makeBuffered(_out);
    ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    ASN1OutputStream aOut = new ASN1OutputStream(bOut);

    ASN1EncodableVector v = new ASN1EncodableVector();

    BigInteger value;/*from ww  w  .j a  v  a 2s  . c om*/
    if ((value = params.getP()) != null) {
        v.add(new DERInteger(value));
    }
    if ((value = params.getG()) != null) {
        v.add(new DERInteger(value));
    }

    aOut.writeObject(new DERSequence(v));
    byte[] encoding = bOut.toByteArray();

    out.write(BEF_G + PEM_STRING_DHPARAMS + AFT);
    out.newLine();
    writeEncoded(out, encoding);
    out.write(BEF_E + PEM_STRING_DHPARAMS + AFT);
    out.newLine();
    out.flush();
}

From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java

License:LGPL

@Override
public byte[] toDerRSAKey(RSAPublicKey pubKey, RSAPrivateCrtKey privKey) throws IOException {
    ASN1EncodableVector v1 = new ASN1EncodableVector();
    if (pubKey != null && privKey == null) {
        v1.add(new DERInteger(pubKey.getModulus()));
        v1.add(new DERInteger(pubKey.getPublicExponent()));
    } else {/*from w ww.j a  v  a  2s . c  o  m*/
        v1.add(new DERInteger(0));
        v1.add(new DERInteger(privKey.getModulus()));
        v1.add(new DERInteger(privKey.getPublicExponent()));
        v1.add(new DERInteger(privKey.getPrivateExponent()));
        v1.add(new DERInteger(privKey.getPrimeP()));
        v1.add(new DERInteger(privKey.getPrimeQ()));
        v1.add(new DERInteger(privKey.getPrimeExponentP()));
        v1.add(new DERInteger(privKey.getPrimeExponentQ()));
        v1.add(new DERInteger(privKey.getCrtCoefficient()));
    }
    return new DERSequence(v1).getEncoded();
}

From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java

License:LGPL

@Override
public byte[] toDerDSAKey(DSAPublicKey pubKey, DSAPrivateKey privKey) throws IOException {
    if (pubKey != null && privKey == null) {
        return pubKey.getEncoded();
    } else if (privKey != null && pubKey != null) {
        DSAParams params = privKey.getParams();
        ASN1EncodableVector v1 = new ASN1EncodableVector();
        v1.add(new DERInteger(0));
        v1.add(new DERInteger(params.getP()));
        v1.add(new DERInteger(params.getQ()));
        v1.add(new DERInteger(params.getG()));
        v1.add(new DERInteger(pubKey.getY()));
        v1.add(new DERInteger(privKey.getX()));
        return new DERSequence(v1).getEncoded();
    } else {//from   w ww .j av  a2  s . co  m
        return privKey.getEncoded();
    }
}

From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java

License:LGPL

@Override
public byte[] toDerDHKey(BigInteger p, BigInteger g) throws IOException {
    ASN1EncodableVector v = new ASN1EncodableVector();
    if (p != null) {
        v.add(new DERInteger(p));
    }/* w w w.ja  v a  2s.  co m*/
    if (g != null) {
        v.add(new DERInteger(g));
    }
    return new DERSequence(v).getEncoded();
}

From source file:org.jscep.asn1.IssuerAndSubject.java

License:Open Source License

@Override
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(issuer);/* ww w .  ja v  a2s.c om*/
    v.add(subject);

    return new DERSequence(v);
}

From source file:org.keysupport.bc.scvp.asn1.ReplyCheck.java

License:Open Source License

/**
 * /*from w w  w  . jav a 2 s . c  o  m*/
 * @param check ASN1ObjectIdentifier
 * @param status ASN1Integer
 */
public ReplyCheck(ASN1ObjectIdentifier check, ASN1Integer status) {

    final ASN1EncodableVector v;

    this.check = check;
    if (null != status) {
        this.status = status;
    } else {
        this.status = ReplyCheck.STATUS_DEFAULT;
    }
    /*
     * Now construct the overall value, where we encode explicit
     * with no implied default values.  We are working with DER,
     * not BER.
     */
    v = new ASN1EncodableVector();
    v.add(this.check);
    v.add(this.value);
    this.value = new DERSequence(v);
}

From source file:org.keysupport.bc.scvp.asn1.ReplyChecks.java

License:Open Source License

/**
 * //  w w w  . j  a v  a  2s  . c  om
 * @param replyChecks Enumeration<ReplyCheck>
 */
public ReplyChecks(Enumeration<ReplyCheck> replyChecks) {

    final ASN1EncodableVector v;

    v = new ASN1EncodableVector();
    while (replyChecks.hasMoreElements()) {
        v.add(replyChecks.nextElement());
    }
    this.value = new DERSequence(v);

}

From source file:org.kopi.ebics.certificate.X509Generator.java

License:Open Source License

/**
 * Returns an <code>X509Certificate</code> from a given
 * <code>KeyPair</code> and limit dates validations
 * @param keypair the given key pair/*from w  w  w .  j  a v  a  2s . c  om*/
 * @param issuer the certificate issuer
 * @param notBefore the begin validity date
 * @param notAfter the end validity date
 * @param keyusage the certificate key usage
 * @return the X509 certificate
 * @throws GeneralSecurityException
 * @throws IOException
 */
public X509Certificate generate(KeyPair keypair, String issuer, Date notBefore, Date notAfter, int keyusage)
        throws GeneralSecurityException, IOException {
    X509V3CertificateGenerator generator;
    BigInteger serial;
    X509Certificate certificate;
    ASN1EncodableVector vector;

    serial = BigInteger.valueOf(generateSerial());
    generator = new X509V3CertificateGenerator();
    generator.setSerialNumber(serial);
    generator.setIssuerDN(new X509Principal(issuer));
    generator.setNotBefore(notBefore);
    generator.setNotAfter(notAfter);
    generator.setSubjectDN(new X509Principal(issuer));
    generator.setPublicKey(keypair.getPublic());
    generator.setSignatureAlgorithm(X509Constants.SIGNATURE_ALGORITHM);
    generator.addExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(true));
    generator.addExtension(X509Extensions.SubjectKeyIdentifier, false,
            getSubjectKeyIdentifier(keypair.getPublic()));
    generator.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            getAuthorityKeyIdentifier(keypair.getPublic(), issuer, serial));
    vector = new ASN1EncodableVector();
    vector.add(KeyPurposeId.id_kp_emailProtection);

    generator.addExtension(X509Extensions.ExtendedKeyUsage, false,
            new ExtendedKeyUsage(new DERSequence(vector)));

    switch (keyusage) {
    case X509Constants.SIGNATURE_KEY_USAGE:
        generator.addExtension(X509Extensions.KeyUsage, false, new KeyUsage(KeyUsage.nonRepudiation));
        break;
    case X509Constants.AUTHENTICATION_KEY_USAGE:
        generator.addExtension(X509Extensions.KeyUsage, false, new KeyUsage(KeyUsage.digitalSignature));
        break;
    case X509Constants.ENCRYPTION_KEY_USAGE:
        generator.addExtension(X509Extensions.KeyUsage, false, new KeyUsage(KeyUsage.keyAgreement));
        break;
    default:
        generator.addExtension(X509Extensions.KeyUsage, false,
                new KeyUsage(KeyUsage.keyEncipherment | KeyUsage.digitalSignature));
        break;
    }

    certificate = generator.generate(keypair.getPrivate(), "BC", new SecureRandom());
    certificate.checkValidity(new Date());
    certificate.verify(keypair.getPublic());

    return certificate;
}

From source file:org.kopi.ebics.certificate.X509Generator.java

License:Open Source License

/**
 * Returns the <code>AuthorityKeyIdentifier</code> corresponding
 * to a given <code>PublicKey</code>
 * @param publicKey the given public key
 * @param issuer the certificate issuer/*from w  w  w .  j  av a  2  s .c  o  m*/
 * @param serial the certificate serial number
 * @return the authority key identifier of the public key
 * @throws IOException
 */
private AuthorityKeyIdentifier getAuthorityKeyIdentifier(PublicKey publicKey, String issuer, BigInteger serial)
        throws IOException {
    InputStream input;
    SubjectPublicKeyInfo keyInfo;
    ASN1EncodableVector vector;

    input = new ByteArrayInputStream(publicKey.getEncoded());
    keyInfo = new SubjectPublicKeyInfo((ASN1Sequence) new ASN1InputStream(input).readObject());
    vector = new ASN1EncodableVector();
    vector.add(new GeneralName(new X509Name(issuer)));

    return new AuthorityKeyIdentifier(keyInfo, new GeneralNames(new DERSequence(vector)), serial);
}

From source file:org.krakenapps.ca.util.CertificateBuilder.java

License:Apache License

public static X509Certificate createCertificate(CertificateRequest req) throws Exception {
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    X509Principal subject = parseDn(req.getSubjectDn());
    X509Principal issuer = parseDn(req.getIssuerDn());

    certGen.setSerialNumber(req.getSerial());
    certGen.setIssuerDN(issuer);/*from w w  w. j a v  a  2  s  .com*/
    certGen.setSubjectDN(subject);
    certGen.setNotBefore(req.getNotBefore());
    certGen.setNotAfter(req.getNotAfter());
    certGen.setPublicKey(req.getKeyPair().getPublic());
    certGen.setSignatureAlgorithm(req.getSignatureAlgorithm());

    if (req.getCrlUrl() != null) {
        GeneralName gn = new GeneralName(6, new DERIA5String(req.getCrlUrl().toString()));

        ASN1EncodableVector vec = new ASN1EncodableVector();
        vec.add(gn);

        GeneralNames gns = new GeneralNames(new DERSequence(vec));
        DistributionPointName dpn = new DistributionPointName(0, gns);

        List<DistributionPoint> l = new ArrayList<DistributionPoint>();
        l.add(new DistributionPoint(dpn, null, null));

        CRLDistPoint crlDp = new CRLDistPoint(l.toArray(new DistributionPoint[0]));

        certGen.addExtension(new DERObjectIdentifier("2.5.29.31"), false, crlDp);
    }

    return certGen.generate(req.getIssuerKey(), "BC");
}