Пример #1
0
  /** return the issuer of the given CRL as an X509PrincipalObject. */
  public static X509Principal getIssuerX509Principal(X509CRL crl) throws CRLException {
    try {
      TBSCertList tbsCertList =
          TBSCertList.getInstance(ASN1Object.fromByteArray(crl.getTBSCertList()));

      return new X509Principal(tbsCertList.getIssuer());
    } catch (IOException e) {
      throw new CRLException(e.toString());
    }
  }
Пример #2
0
 /** return the subject of the given cert as an X509PrincipalObject. */
 public static X509Principal getSubjectX509Principal(X509Certificate cert)
     throws CertificateEncodingException {
   try {
     TBSCertificateStructure tbsCert =
         TBSCertificateStructure.getInstance(ASN1Object.fromByteArray(cert.getTBSCertificate()));
     return new X509Principal(tbsCert.getSubject());
   } catch (IOException e) {
     throw new CertificateEncodingException(e.toString());
   }
 }
Пример #3
0
  private ECNamedCurveParameterSpec readECParameters(String endMarker) throws IOException {
    DERObjectIdentifier oid = (DERObjectIdentifier) ASN1Object.fromByteArray(readBytes(endMarker));

    return ECNamedCurveTable.getParameterSpec(oid.getId());
  }
Пример #4
0
  /** Read a Key Pair */
  private KeyPair readKeyPair(String type, String endMarker) throws Exception {
    boolean isEncrypted = false;
    String line = null;
    String dekInfo = null;
    StringBuffer buf = new StringBuffer();

    while ((line = readLine()) != null) {
      if (line.startsWith("Proc-Type: 4,ENCRYPTED")) {
        isEncrypted = true;
      } else if (line.startsWith("DEK-Info:")) {
        dekInfo = line.substring(10);
      } else if (line.indexOf(endMarker) != -1) {
        break;
      } else {
        buf.append(line.trim());
      }
    }

    //
    // extract the key
    //
    byte[] keyBytes = Base64.decode(buf.toString());

    if (isEncrypted) {
      if (pFinder == null) {
        throw new PasswordException("No password finder specified, but a password is required");
      }

      char[] password = pFinder.getPassword();

      if (password == null) {
        throw new PasswordException("Password is null, but a password is required");
      }

      StringTokenizer tknz = new StringTokenizer(dekInfo, ",");
      String dekAlgName = tknz.nextToken();
      byte[] iv = Hex.decode(tknz.nextToken());

      keyBytes = PEMUtilities.crypt(false, provider, keyBytes, password, dekAlgName, iv);
    }

    KeySpec pubSpec, privSpec;
    ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(keyBytes);

    if (type.equals("RSA")) {
      //            DERInteger              v = (DERInteger)seq.getObjectAt(0);
      DERInteger mod = (DERInteger) seq.getObjectAt(1);
      DERInteger pubExp = (DERInteger) seq.getObjectAt(2);
      DERInteger privExp = (DERInteger) seq.getObjectAt(3);
      DERInteger p1 = (DERInteger) seq.getObjectAt(4);
      DERInteger p2 = (DERInteger) seq.getObjectAt(5);
      DERInteger exp1 = (DERInteger) seq.getObjectAt(6);
      DERInteger exp2 = (DERInteger) seq.getObjectAt(7);
      DERInteger crtCoef = (DERInteger) seq.getObjectAt(8);

      pubSpec = new RSAPublicKeySpec(mod.getValue(), pubExp.getValue());
      privSpec =
          new RSAPrivateCrtKeySpec(
              mod.getValue(),
              pubExp.getValue(),
              privExp.getValue(),
              p1.getValue(),
              p2.getValue(),
              exp1.getValue(),
              exp2.getValue(),
              crtCoef.getValue());
    } else if (type.equals("ECDSA")) {
      ECPrivateKeyStructure pKey = new ECPrivateKeyStructure(seq);
      AlgorithmIdentifier algId =
          new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParameters());
      PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey.getDERObject());
      SubjectPublicKeyInfo pubInfo =
          new SubjectPublicKeyInfo(algId, pKey.getPublicKey().getBytes());

      privSpec = new PKCS8EncodedKeySpec(privInfo.getEncoded());
      pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
    } else // "DSA"
    {
      //            DERInteger              v = (DERInteger)seq.getObjectAt(0);
      DERInteger p = (DERInteger) seq.getObjectAt(1);
      DERInteger q = (DERInteger) seq.getObjectAt(2);
      DERInteger g = (DERInteger) seq.getObjectAt(3);
      DERInteger y = (DERInteger) seq.getObjectAt(4);
      DERInteger x = (DERInteger) seq.getObjectAt(5);

      privSpec = new DSAPrivateKeySpec(x.getValue(), p.getValue(), q.getValue(), g.getValue());
      pubSpec = new DSAPublicKeySpec(y.getValue(), p.getValue(), q.getValue(), g.getValue());
    }

    KeyFactory fact = KeyFactory.getInstance(type, provider);

    return new KeyPair(fact.generatePublic(pubSpec), fact.generatePrivate(privSpec));
  }