/** * Get the key identifier, which is composed of the 160-bit SHA-1 hash of the value of the BIT STRING * {@code subjectPublicKey} (excluding the tag, length, and number of unused bits), as per * <a href="https://tools.ietf.org/html/rfc3280">RFC 3280</a>. * * @param publicKey the public key * @return the key identifier */ public static byte[] getKeyIdentifier(final PublicKey publicKey) { DERDecoder decoder = new DERDecoder(publicKey.getEncoded()); decoder.startSequence(); decoder.skipElement(); // skip the algorithm byte[] subjectPublicKey = decoder.decodeBitString(); decoder.endSequence(); final MessageDigest messageDigest; try { messageDigest = MessageDigest.getInstance("SHA-1"); messageDigest.update(subjectPublicKey); return messageDigest.digest(); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } } }
private static PublicKey parsePemPublicKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PUBLIC_KEY_FORMAT)) { throw log.invalidPemType(PUBLIC_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); switch (derDecoder.peekType()) { case ASN1.SEQUENCE_TYPE: derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePublic(new X509EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); default: throw log.asnUnexpectedTag(); } } catch (Exception cause) { throw log.publicKeyParseError(cause); } }
private static PrivateKey parsePemPrivateKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PRIVATE_KEY_FORMAT)) { throw log.invalidPemType(PRIVATE_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); // Version if (derDecoder.peekType() != ASN1.INTEGER_TYPE) throw log.asnUnexpectedTag(); derDecoder.skipElement(); // AlgorithmIdentifier derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePrivate(new PKCS8EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); } catch (Exception cause) { throw log.privateKeyParseError(cause); } }
derDecoder.startSequence(); byte[] r = derDecoder.drainElementValue(); byte[] s = derDecoder.drainElementValue();
/** * <p> * Create an {@code OtherName} that is defined as: * * <pre> * OtherName ::= SEQUENCE { * type-id OBJECT IDENTIFIER, * value [0] EXPLICIT ANY DEFINED BY type-id } * </pre> * </p> * * @param encodedName the DER encoded form of the name, as a byte array * @throws ASN1Exception if {@code encodedName} is not DER encoded */ public OtherName(final byte[] encodedName) throws ASN1Exception { super(OTHER_NAME); this.encodedName = encodedName; final DERDecoder decoder = new DERDecoder(encodedName); decoder.startSequence(); typeId = decoder.decodeObjectIdentifier(); encodedValue = decoder.drainElement(); decoder.endSequence(); }
List<TrustedAuthority> trustedAuthorities = new ArrayList<TrustedAuthority>(); TrustedAuthority trustedAuthority = null; decoder.startSequence(); while (decoder.hasNextElement()) { out: {
decoder.startSequence(); final byte[] publicBytes = decoder.drainElement(); final byte[] privateBytes = decoder.drainElement(); final int count = decoder.decodeInteger().intValueExact(); final X509Certificate[] array = new X509Certificate[count]; decoder.startSequence(); int i = 0; while (decoder.hasNextElement()) { case UnixSHACryptPassword.ALGORITHM_CRYPT_SHA_256: case UnixSHACryptPassword.ALGORITHM_CRYPT_SHA_512: { decoder.startSequence(); final byte[] hash = decoder.decodeOctetString(); final byte[] salt = decoder.decodeOctetString(); case DigestPassword.ALGORITHM_DIGEST_SHA_512: case DigestPassword.ALGORITHM_DIGEST_SHA_512_256: { decoder.startSequence(); final String username = decoder.decodeOctetStringAsString(); final String realm = decoder.decodeOctetStringAsString(); case OneTimePassword.ALGORITHM_OTP_SHA_384: case OneTimePassword.ALGORITHM_OTP_SHA_512: { decoder.startSequence(); final byte[] hash = decoder.decodeOctetString(); final String seed = decoder.decodeIA5String(); case UnixDESCryptPassword.ALGORITHM_CRYPT_DES:
decoder.startSequence(); String decodedOid = decoder.decodeObjectIdentifier(); if (! mechanism.equals(new Oid(decodedOid))) {
List<GeneralName> generalNames = new ArrayList<GeneralName>(); GeneralName generalName = null; decoder.startSequence(); while (decoder.hasNextElement()) { out: { if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) { decoder.decodeImplicit(generalNameType); decoder.startSequence(); String typeId = decoder.decodeObjectIdentifier(); byte[] encodedValue = decoder.drainElement();
try { decoder.startSequence(); List<GeneralName> entityA = null; try { decoder.startSequence(); byte[] randomC = decoder.decodeOctetString(); decoder.startSequence(); decoder.skipElement(); byte[] serverSignature = decoder.decodeBitString();
List<GeneralName> authID = null; try { decoder.startSequence(); randomA = decoder.decodeOctetString(); if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, 0, true)) { decoder.startSequence(); decoder.skipElement(); byte[] clientSignature = decoder.decodeBitString();
/** * Get the key identifier, which is composed of the 160-bit SHA-1 hash of the value of the BIT STRING * {@code subjectPublicKey} (excluding the tag, length, and number of unused bits), as per * <a href="https://tools.ietf.org/html/rfc3280">RFC 3280</a>. * * @param publicKey the public key * @return the key identifier */ public static byte[] getKeyIdentifier(final PublicKey publicKey) { DERDecoder decoder = new DERDecoder(publicKey.getEncoded()); decoder.startSequence(); decoder.skipElement(); // skip the algorithm byte[] subjectPublicKey = decoder.decodeBitString(); decoder.endSequence(); final MessageDigest messageDigest; try { messageDigest = MessageDigest.getInstance("SHA-1"); messageDigest.update(subjectPublicKey); return messageDigest.digest(); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } } }
private static PublicKey parsePemPublicKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PUBLIC_KEY_FORMAT)) { throw log.invalidPemType(PUBLIC_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); switch (derDecoder.peekType()) { case ASN1.SEQUENCE_TYPE: derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePublic(new X509EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); default: throw log.asnUnexpectedTag(); } } catch (Exception cause) { throw log.publicKeyParseError(cause); } }
private static PublicKey parsePemPublicKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PUBLIC_KEY_FORMAT)) { throw log.invalidPemType(PUBLIC_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); switch (derDecoder.peekType()) { case ASN1.SEQUENCE_TYPE: derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePublic(new X509EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); default: throw log.asnUnexpectedTag(); } } catch (Exception cause) { throw log.publicKeyParseError(cause); } }
private static PrivateKey parsePemPrivateKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PRIVATE_KEY_FORMAT)) { throw log.invalidPemType(PRIVATE_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); // Version if (derDecoder.peekType() != ASN1.INTEGER_TYPE) throw log.asnUnexpectedTag(); derDecoder.skipElement(); // AlgorithmIdentifier derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePrivate(new PKCS8EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); } catch (Exception cause) { throw log.privateKeyParseError(cause); } }
private static PrivateKey parsePemPrivateKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PRIVATE_KEY_FORMAT)) { throw log.invalidPemType(PRIVATE_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); // Version if (derDecoder.peekType() != ASN1.INTEGER_TYPE) throw log.asnUnexpectedTag(); derDecoder.skipElement(); // AlgorithmIdentifier derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePrivate(new PKCS8EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); } catch (Exception cause) { throw log.privateKeyParseError(cause); } }
private static PrivateKey parsePemPrivateKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PRIVATE_KEY_FORMAT)) { throw log.invalidPemType(PRIVATE_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); // Version if (derDecoder.peekType() != ASN1.INTEGER_TYPE) throw log.asnUnexpectedTag(); derDecoder.skipElement(); // AlgorithmIdentifier derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePrivate(new PKCS8EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); } catch (Exception cause) { throw log.privateKeyParseError(cause); } }
/** * <p> * Create an {@code OtherName} that is defined as: * * <pre> * OtherName ::= SEQUENCE { * type-id OBJECT IDENTIFIER, * value [0] EXPLICIT ANY DEFINED BY type-id } * </pre> * </p> * * @param encodedName the DER encoded form of the name, as a byte array * @throws ASN1Exception if {@code encodedName} is not DER encoded */ public OtherName(final byte[] encodedName) throws ASN1Exception { super(OTHER_NAME); this.encodedName = encodedName; final DERDecoder decoder = new DERDecoder(encodedName); decoder.startSequence(); typeId = decoder.decodeObjectIdentifier(); encodedValue = decoder.drainElement(); decoder.endSequence(); }
/** * <p> * Create an {@code OtherName} that is defined as: * * <pre> * OtherName ::= SEQUENCE { * type-id OBJECT IDENTIFIER, * value [0] EXPLICIT ANY DEFINED BY type-id } * </pre> * </p> * * @param encodedName the DER encoded form of the name, as a byte array * @throws ASN1Exception if {@code encodedName} is not DER encoded */ public OtherName(final byte[] encodedName) throws ASN1Exception { super(OTHER_NAME); this.encodedName = encodedName; final DERDecoder decoder = new DERDecoder(encodedName); decoder.startSequence(); typeId = decoder.decodeObjectIdentifier(); encodedValue = decoder.drainElement(); decoder.endSequence(); }
/** * <p> * Create an {@code OtherName} that is defined as: * * <pre> * OtherName ::= SEQUENCE { * type-id OBJECT IDENTIFIER, * value [0] EXPLICIT ANY DEFINED BY type-id } * </pre> * </p> * * @param encodedName the DER encoded form of the name, as a byte array * @throws ASN1Exception if {@code encodedName} is not DER encoded */ public OtherName(final byte[] encodedName) throws ASN1Exception { super(OTHER_NAME); this.encodedName = encodedName; final DERDecoder decoder = new DERDecoder(encodedName); decoder.startSequence(); typeId = decoder.decodeObjectIdentifier(); encodedValue = decoder.drainElement(); decoder.endSequence(); }