/**
* create from an issuer certificate and the serial number of the certificate it signed.
*
* @exception OCSPException if any problems occur creating the id fields.
*/
public CertificateID(
String hashAlgorithm, X509Certificate issuerCert, BigInteger number, String provider)
throws OCSPException {
try {
MessageDigest digest = MessageDigest.getInstance(hashAlgorithm, provider);
AlgorithmIdentifier hashAlg =
new AlgorithmIdentifier(new DERObjectIdentifier(hashAlgorithm), new DERNull());
X509Principal issuerName = PrincipalUtil.getSubjectX509Principal(issuerCert);
digest.update(issuerName.getEncoded());
ASN1OctetString issuerNameHash = new DEROctetString(digest.digest());
PublicKey issuerKey = issuerCert.getPublicKey();
ASN1InputStream aIn = new ASN1InputStream(issuerKey.getEncoded());
SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(aIn.readObject());
digest.update(info.getPublicKeyData().getBytes());
ASN1OctetString issuerKeyHash = new DEROctetString(digest.digest());
DERInteger serialNumber = new DERInteger(number);
this.id = new CertID(hashAlg, issuerNameHash, issuerKeyHash, serialNumber);
} catch (Exception e) {
throw new OCSPException("problem creating ID: " + e, e);
}
}
/**
* Create a public key from the passed in SubjectPublicKeyInfo
*
* @param keyInfo the SubjectPublicKeyInfo containing the key data
* @return the appropriate key parameter
* @throws IOException on an error decoding the key
*/
public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo) throws IOException {
AlgorithmIdentifier algId = keyInfo.getAlgorithm();
if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.rsaEncryption)
|| algId.getAlgorithm().equals(X509ObjectIdentifiers.id_ea_rsa)) {
RSAPublicKey pubKey = RSAPublicKey.getInstance(keyInfo.parsePublicKey());
return new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent());
} else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.dhpublicnumber)) {
DHPublicKey dhPublicKey = DHPublicKey.getInstance(keyInfo.parsePublicKey());
BigInteger y = dhPublicKey.getY().getValue();
DHDomainParameters dhParams = DHDomainParameters.getInstance(algId.getParameters());
BigInteger p = dhParams.getP().getValue();
BigInteger g = dhParams.getG().getValue();
BigInteger q = dhParams.getQ().getValue();
BigInteger j = null;
if (dhParams.getJ() != null) {
j = dhParams.getJ().getValue();
}
DHValidationParameters validation = null;
DHValidationParms dhValidationParms = dhParams.getValidationParms();
if (dhValidationParms != null) {
byte[] seed = dhValidationParms.getSeed().getBytes();
BigInteger pgenCounter = dhValidationParms.getPgenCounter().getValue();
// TODO Check pgenCounter size?
validation = new DHValidationParameters(seed, pgenCounter.intValue());
}
return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation));
} else if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.dhKeyAgreement)) {
DHParameter params = DHParameter.getInstance(algId.getParameters());
ASN1Integer derY = (ASN1Integer) keyInfo.parsePublicKey();
BigInteger lVal = params.getL();
int l = lVal == null ? 0 : lVal.intValue();
DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
return new DHPublicKeyParameters(derY.getValue(), dhParams);
}
// BEGIN android-removed
// else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
// {
// ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters());
// ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
//
// return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
// params.getP(), params.getG()));
// }
// END android-removed
else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)
|| algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) {
ASN1Integer derY = (ASN1Integer) keyInfo.parsePublicKey();
ASN1Encodable de = algId.getParameters();
DSAParameters parameters = null;
if (de != null) {
DSAParameter params = DSAParameter.getInstance(de.toASN1Primitive());
parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
}
return new DSAPublicKeyParameters(derY.getValue(), parameters);
} else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
X962Parameters params = X962Parameters.getInstance(algId.getParameters());
X9ECParameters x9;
if (params.isNamedCurve()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) params.getParameters();
x9 = ECNamedCurveTable.getByOID(oid);
} else {
x9 = X9ECParameters.getInstance(params.getParameters());
}
ASN1OctetString key = new DEROctetString(keyInfo.getPublicKeyData().getBytes());
X9ECPoint derQ = new X9ECPoint(x9.getCurve(), key);
// TODO We lose any named parameters here
ECDomainParameters dParams =
new ECDomainParameters(x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
return new ECPublicKeyParameters(derQ.getPoint(), dParams);
} else {
throw new RuntimeException("algorithm identifier in key not recognised");
}
}
