/** * create a request type Iso7816CertificateBody. * * @return return the "request" type certificate body. * @throws IOException if the DERApplicationSpecific cannot be created. */ private ASN1Primitive requestToASN1Object() throws IOException { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(certificateProfileIdentifier); v.add(new DERApplicationSpecific(false, EACTags.CARDHOLDER_PUBLIC_KEY_TEMPLATE, publicKey)); v.add(certificateHolderReference); return new DERApplicationSpecific(EACTags.CERTIFICATE_CONTENT_TEMPLATE, v); }
public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(this.crlIssuer.toASN1Primitive()); v.add(this.crlIssuedTime); if (null != this.crlNumber) { v.add(this.crlNumber); } return new DERSequence(v); }
/** * * * <pre> * PKMACValue ::= SEQUENCE { * algId AlgorithmIdentifier, * -- algorithm value shall be PasswordBasedMac 1.2.840.113533.7.66.13 * -- parameter value is PBMParameter * value BIT STRING } * </pre> * * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(algId); v.add(value); return new DERSequence(v); }
public ASN1Sequence generateRecipientEncryptedKeys( AlgorithmIdentifier keyAgreeAlgorithm, AlgorithmIdentifier keyEncryptionAlgorithm, GenericKey contentEncryptionKey) throws CMSException { init(keyAgreeAlgorithm.getAlgorithm()); PrivateKey senderPrivateKey = this.senderPrivateKey; ASN1ObjectIdentifier keyAgreementOID = keyAgreeAlgorithm.getAlgorithm(); if (keyAgreementOID.getId().equals(CMSEnvelopedGenerator.ECMQV_SHA1KDF)) { senderPrivateKey = new MQVPrivateKeySpec( senderPrivateKey, ephemeralKP.getPrivate(), ephemeralKP.getPublic()); } ASN1EncodableVector recipientEncryptedKeys = new ASN1EncodableVector(); for (int i = 0; i != recipientIDs.size(); i++) { PublicKey recipientPublicKey = (PublicKey) recipientKeys.get(i); KeyAgreeRecipientIdentifier karId = (KeyAgreeRecipientIdentifier) recipientIDs.get(i); if (keyAgreementOID.getId().equals(CMSEnvelopedGenerator.ECMQV_SHA1KDF)) { recipientPublicKey = new MQVPublicKeySpec(recipientPublicKey, recipientPublicKey); } try { // Use key agreement to choose a wrap key for this recipient KeyAgreement keyAgreement = helper.createKeyAgreement(keyAgreementOID); keyAgreement.init(senderPrivateKey, random); keyAgreement.doPhase(recipientPublicKey, true); SecretKey keyEncryptionKey = keyAgreement.generateSecret(keyEncryptionAlgorithm.getAlgorithm().getId()); // Wrap the content encryption key with the agreement key Cipher keyEncryptionCipher = helper.createCipher(keyEncryptionAlgorithm.getAlgorithm()); keyEncryptionCipher.init(Cipher.WRAP_MODE, keyEncryptionKey, random); byte[] encryptedKeyBytes = keyEncryptionCipher.wrap(helper.getJceKey(contentEncryptionKey)); ASN1OctetString encryptedKey = new DEROctetString(encryptedKeyBytes); recipientEncryptedKeys.add(new RecipientEncryptedKey(karId, encryptedKey)); } catch (GeneralSecurityException e) { throw new CMSException("cannot perform agreement step: " + e.getMessage(), e); } } return new DERSequence(recipientEncryptedKeys); }
public ASN1EncodableVector getASN1EncodableVector( ASN1ObjectIdentifier oid, boolean publicPointOnly) { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(oid); if (!publicPointOnly) { v.add(new UnsignedInteger(0x01, getPrimeModulusP())); v.add(new UnsignedInteger(0x02, getFirstCoefA())); v.add(new UnsignedInteger(0x03, getSecondCoefB())); v.add(new DERTaggedObject(false, 0x04, new DEROctetString(getBasePointG()))); v.add(new UnsignedInteger(0x05, getOrderOfBasePointR())); } v.add(new DERTaggedObject(false, 0x06, new DEROctetString(getPublicPointY()))); if (!publicPointOnly) { v.add(new UnsignedInteger(0x07, getCofactorF())); } return v; }
/** * Produce an object suitable for an ASN1OutputStream. * * <pre> * AttributeCertificateInfo ::= SEQUENCE { * version AttCertVersion -- version is v2, * holder Holder, * issuer AttCertIssuer, * signature AlgorithmIdentifier, * serialNumber CertificateSerialNumber, * attrCertValidityPeriod AttCertValidityPeriod, * attributes SEQUENCE OF Attribute, * issuerUniqueID UniqueIdentifier OPTIONAL, * extensions Extensions OPTIONAL * } * * AttCertVersion ::= INTEGER { v2(1) } * </pre> */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); if (version.getValue().intValue() != 0) { v.add(version); } v.add(holder); v.add(issuer); v.add(signature); v.add(serialNumber); v.add(attrCertValidityPeriod); v.add(attributes); if (issuerUniqueID != null) { v.add(issuerUniqueID); } if (extensions != null) { v.add(extensions); } return new DERSequence(v); }