예제 #1
0
  /**
   * create a request type Iso7816CertificateBody.
   *
   * @return return the "request" type certificate body.
   * @throws IOException if the DERApplicationSpecific cannot be created.
   */
  private ASN1Primitive requestToASN1Object() throws IOException {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(certificateProfileIdentifier);
    v.add(new DERApplicationSpecific(false, EACTags.CARDHOLDER_PUBLIC_KEY_TEMPLATE, publicKey));
    v.add(certificateHolderReference);
    return new DERApplicationSpecific(EACTags.CERTIFICATE_CONTENT_TEMPLATE, v);
  }
예제 #2
0
 public ASN1Primitive toASN1Primitive() {
   ASN1EncodableVector v = new ASN1EncodableVector();
   v.add(this.crlIssuer.toASN1Primitive());
   v.add(this.crlIssuedTime);
   if (null != this.crlNumber) {
     v.add(this.crlNumber);
   }
   return new DERSequence(v);
 }
예제 #3
0
  /**
   *
   *
   * <pre>
   * PKMACValue ::= SEQUENCE {
   *      algId  AlgorithmIdentifier,
   *      -- algorithm value shall be PasswordBasedMac 1.2.840.113533.7.66.13
   *      -- parameter value is PBMParameter
   *      value  BIT STRING }
   * </pre>
   *
   * @return a basic ASN.1 object representation.
   */
  public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(algId);
    v.add(value);

    return new DERSequence(v);
  }
  public ASN1Sequence generateRecipientEncryptedKeys(
      AlgorithmIdentifier keyAgreeAlgorithm,
      AlgorithmIdentifier keyEncryptionAlgorithm,
      GenericKey contentEncryptionKey)
      throws CMSException {
    init(keyAgreeAlgorithm.getAlgorithm());

    PrivateKey senderPrivateKey = this.senderPrivateKey;

    ASN1ObjectIdentifier keyAgreementOID = keyAgreeAlgorithm.getAlgorithm();

    if (keyAgreementOID.getId().equals(CMSEnvelopedGenerator.ECMQV_SHA1KDF)) {
      senderPrivateKey =
          new MQVPrivateKeySpec(
              senderPrivateKey, ephemeralKP.getPrivate(), ephemeralKP.getPublic());
    }

    ASN1EncodableVector recipientEncryptedKeys = new ASN1EncodableVector();
    for (int i = 0; i != recipientIDs.size(); i++) {
      PublicKey recipientPublicKey = (PublicKey) recipientKeys.get(i);
      KeyAgreeRecipientIdentifier karId = (KeyAgreeRecipientIdentifier) recipientIDs.get(i);

      if (keyAgreementOID.getId().equals(CMSEnvelopedGenerator.ECMQV_SHA1KDF)) {
        recipientPublicKey = new MQVPublicKeySpec(recipientPublicKey, recipientPublicKey);
      }

      try {
        // Use key agreement to choose a wrap key for this recipient
        KeyAgreement keyAgreement = helper.createKeyAgreement(keyAgreementOID);
        keyAgreement.init(senderPrivateKey, random);
        keyAgreement.doPhase(recipientPublicKey, true);
        SecretKey keyEncryptionKey =
            keyAgreement.generateSecret(keyEncryptionAlgorithm.getAlgorithm().getId());

        // Wrap the content encryption key with the agreement key
        Cipher keyEncryptionCipher = helper.createCipher(keyEncryptionAlgorithm.getAlgorithm());

        keyEncryptionCipher.init(Cipher.WRAP_MODE, keyEncryptionKey, random);

        byte[] encryptedKeyBytes = keyEncryptionCipher.wrap(helper.getJceKey(contentEncryptionKey));

        ASN1OctetString encryptedKey = new DEROctetString(encryptedKeyBytes);

        recipientEncryptedKeys.add(new RecipientEncryptedKey(karId, encryptedKey));
      } catch (GeneralSecurityException e) {
        throw new CMSException("cannot perform agreement step: " + e.getMessage(), e);
      }
    }

    return new DERSequence(recipientEncryptedKeys);
  }
예제 #5
0
  public ASN1EncodableVector getASN1EncodableVector(
      ASN1ObjectIdentifier oid, boolean publicPointOnly) {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(oid);

    if (!publicPointOnly) {
      v.add(new UnsignedInteger(0x01, getPrimeModulusP()));
      v.add(new UnsignedInteger(0x02, getFirstCoefA()));
      v.add(new UnsignedInteger(0x03, getSecondCoefB()));
      v.add(new DERTaggedObject(false, 0x04, new DEROctetString(getBasePointG())));
      v.add(new UnsignedInteger(0x05, getOrderOfBasePointR()));
    }
    v.add(new DERTaggedObject(false, 0x06, new DEROctetString(getPublicPointY())));
    if (!publicPointOnly) {
      v.add(new UnsignedInteger(0x07, getCofactorF()));
    }

    return v;
  }
  /**
   * Produce an object suitable for an ASN1OutputStream.
   *
   * <pre>
   *  AttributeCertificateInfo ::= SEQUENCE {
   *       version              AttCertVersion -- version is v2,
   *       holder               Holder,
   *       issuer               AttCertIssuer,
   *       signature            AlgorithmIdentifier,
   *       serialNumber         CertificateSerialNumber,
   *       attrCertValidityPeriod   AttCertValidityPeriod,
   *       attributes           SEQUENCE OF Attribute,
   *       issuerUniqueID       UniqueIdentifier OPTIONAL,
   *       extensions           Extensions OPTIONAL
   *  }
   *
   *  AttCertVersion ::= INTEGER { v2(1) }
   * </pre>
   */
  public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    if (version.getValue().intValue() != 0) {
      v.add(version);
    }
    v.add(holder);
    v.add(issuer);
    v.add(signature);
    v.add(serialNumber);
    v.add(attrCertValidityPeriod);
    v.add(attributes);

    if (issuerUniqueID != null) {
      v.add(issuerUniqueID);
    }

    if (extensions != null) {
      v.add(extensions);
    }

    return new DERSequence(v);
  }