Package org.bouncycastle2.asn1.pkcs

Examples of org.bouncycastle2.asn1.pkcs.AuthenticatedSafe

                            // set the attributes on the key
                            PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
                            String                                   alias = null;
                            ASN1OctetString                   localId = null;

                            if (b.getBagAttributes() != null)
                                Enumeration e = b.getBagAttributes().getObjects();
                                while (e.hasMoreElements())
                                    ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                    DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                    ASN1Set                 attrSet = (ASN1Set)sq.getObjectAt(1);
                                    DERObject               attr = null;
                                    if (attrSet.size() > 0)
                                        attr = (DERObject)attrSet.getObjectAt(0);

                                        DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                        if (existing != null)
                                            // OK, but the value has to be the same
                                            if (!existing.getDERObject().equals(attr))
                                                throw new IOException(
                                                    "attempt to add existing attribute with different value");
                                            bagAttr.setBagAttribute(aOid, attr);
                                    if (aOid.equals(pkcs_9_at_friendlyName))
                                        alias = ((DERBMPString)attr).getString();
                                        keys.put(alias, privKey);
                                    else if (aOid.equals(pkcs_9_at_localKeyId))
                                        localId = (ASN1OctetString)attr;
                            if (localId != null)
                                String name = new String(Hex.encode(localId.getOctets()));
                                if (alias == null)
                                    keys.put(name, privKey);
                                    localIds.put(alias, name);
                                 unmarkedKey = true;
                                 keys.put("unmarked", privKey);
                        else if (b.getBagId().equals(certBag))
                            System.out.println("extra in data " + b.getBagId());
                else if (c[i].getContentType().equals(encryptedData))
                    EncryptedData d = new EncryptedData((ASN1Sequence)c[i].getContent());
                    byte[] octets = cryptData(false, d.getEncryptionAlgorithm(),
                        password, wrongPKCS12Zero, d.getContent().getOctets());
                    ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(octets);

                    for (int j = 0; j != seq.size(); j++)
                        SafeBag b = new SafeBag((ASN1Sequence)seq.getObjectAt(j));
                        if (b.getBagId().equals(certBag))
                        else if (b.getBagId().equals(pkcs8ShroudedKeyBag))
                            org.bouncycastle2.asn1.pkcs.EncryptedPrivateKeyInfo eIn = new org.bouncycastle2.asn1.pkcs.EncryptedPrivateKeyInfo((ASN1Sequence)b.getBagValue());
                            PrivateKey              privKey = unwrapKey(eIn.getEncryptionAlgorithm(), eIn.getEncryptedData(), password, wrongPKCS12Zero);

                            // set the attributes on the key
                            PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
                            String                      alias = null;
                            ASN1OctetString              localId = null;

                            Enumeration e = b.getBagAttributes().getObjects();
                            while (e.hasMoreElements())
                                ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                ASN1Set                 attrSet= (ASN1Set)sq.getObjectAt(1);
                                DERObject               attr = null;

                                if (attrSet.size() > 0)
                                    attr = (DERObject)attrSet.getObjectAt(0);

                                    DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                    if (existing != null)
                                        // OK, but the value has to be the same
                                        if (!existing.getDERObject().equals(attr))
                                            throw new IOException(
                                                "attempt to add existing attribute with different value");
                                        bagAttr.setBagAttribute(aOid, attr);

                                if (aOid.equals(pkcs_9_at_friendlyName))
                                    alias = ((DERBMPString)attr).getString();
                                    keys.put(alias, privKey);
                                else if (aOid.equals(pkcs_9_at_localKeyId))
                                    localId = (ASN1OctetString)attr;

                            String name = new String(Hex.encode(localId.getOctets()));

                            if (alias == null)
                                keys.put(name, privKey);
                                localIds.put(alias, name);
                        else if (b.getBagId().equals(keyBag))
                            org.bouncycastle2.asn1.pkcs.PrivateKeyInfo pIn = new org.bouncycastle2.asn1.pkcs.PrivateKeyInfo((ASN1Sequence)b.getBagValue());
                            PrivateKey              privKey = JDKKeyFactory.createPrivateKeyFromPrivateKeyInfo(pIn);

                            // set the attributes on the key
                            PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
                            String                      alias = null;
                            ASN1OctetString             localId = null;

                            Enumeration e = b.getBagAttributes().getObjects();
                            while (e.hasMoreElements())
                                ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                ASN1Set                 attrSet = (ASN1Set)sq.getObjectAt(1);
                                DERObject   attr = null;

                                if (attrSet.size() > 0)
                                    attr = (DERObject)attrSet.getObjectAt(0);

                                    DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                    if (existing != null)
                                        // OK, but the value has to be the same
                                        if (!existing.getDERObject().equals(attr))
                                            throw new IOException(
                                                "attempt to add existing attribute with different value");
                                        bagAttr.setBagAttribute(aOid, attr);

                                if (aOid.equals(pkcs_9_at_friendlyName))
                                    alias = ((DERBMPString)attr).getString();
                                    keys.put(alias, privKey);
                                else if (aOid.equals(pkcs_9_at_localKeyId))
                                    localId = (ASN1OctetString)attr;

                            String name = new String(Hex.encode(localId.getOctets()));

                            if (alias == null)
                                keys.put(name, privKey);
                                localIds.put(alias, name);
                            System.out.println("extra in encryptedData " + b.getBagId());
                    System.out.println("extra " + c[i].getContentType().getId());
                    System.out.println("extra " + ASN1Dump.dumpAsString(c[i].getContent()));

        certs = new IgnoresCaseHashtable();
        chainCerts = new Hashtable();
        keyCerts = new Hashtable();

        for (int i = 0; i != chain.size(); i++)
            SafeBag     b = (SafeBag)chain.elementAt(i);
            CertBag     cb = new CertBag((ASN1Sequence)b.getBagValue());

            if (!cb.getCertId().equals(x509Certificate))
                throw new RuntimeException("Unsupported certificate type: " + cb.getCertId());

            Certificate cert;

                ByteArrayInputStream  cIn = new ByteArrayInputStream(
                cert = certFact.generateCertificate(cIn);
            catch (Exception e)
                throw new RuntimeException(e.toString());

            // set the attributes
            ASN1OctetString localId = null;
            String          alias = null;

            if (b.getBagAttributes() != null)
                Enumeration e = b.getBagAttributes().getObjects();
                while (e.hasMoreElements())
                    ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                    DERObjectIdentifier     oid = (DERObjectIdentifier)sq.getObjectAt(0);
                    DERObject               attr = (DERObject)((ASN1Set)sq.getObjectAt(1)).getObjectAt(0);
                    PKCS12BagAttributeCarrier   bagAttr = null;

                    if (cert instanceof PKCS12BagAttributeCarrier)
                        bagAttr = (PKCS12BagAttributeCarrier)cert;

                        DEREncodable existing = bagAttr.getBagAttribute(oid);
                        if (existing != null)
                            // OK, but the value has to be the same
                            if (!existing.getDERObject().equals(attr))
                                throw new IOException(
                                    "attempt to add existing attribute with different value");
                            bagAttr.setBagAttribute(oid, attr);

                    if (oid.equals(pkcs_9_at_friendlyName))
                        alias = ((DERBMPString)attr).getString();
                    else if (oid.equals(pkcs_9_at_localKeyId))
                        localId = (ASN1OctetString)attr;

            chainCerts.put(new CertId(cert.getPublicKey()), cert);

            if (unmarkedKey)
                if (keyCerts.isEmpty())
                    String    name = new String(Hex.encode(createSubjectKeyId(cert.getPublicKey()).getKeyIdentifier()));
                    keyCerts.put(name, cert);
                    keys.put(name, keys.remove("unmarked"));
                // the local key id needs to override the friendly name
                if (localId != null)
                    String name = new String(Hex.encode(localId.getOctets()));

                    keyCerts.put(name, cert);
                if (alias != null)
View Full Code Here

            this.sigAlgId = new AlgorithmIdentifier(sigOID, null);

            ASN1Sequence seq = (ASN1Sequence)ASN1Object.fromByteArray(key.getEncoded());
            this.reqInfo = new CertificationRequestInfo(subject, new SubjectPublicKeyInfo(seq), attributes);
        catch (IOException e)
            throw new IllegalArgumentException("can't encode public key");
View Full Code Here



        ASN1InputStream bIn = new ASN1InputStream(bufIn);
        ASN1Sequence    obj = (ASN1Sequence)bIn.readObject();
        Pfx             bag = new Pfx(obj);
        ContentInfo     info = bag.getAuthSafe();
        Vector          chain = new Vector();
        boolean         unmarkedKey = false;
        boolean         wrongPKCS12Zero = false;

        if (bag.getMacData() != null)           // check the mac code
            MacData                     mData = bag.getMacData();
            DigestInfo                  dInfo = mData.getMac();
            AlgorithmIdentifier         algId = dInfo.getAlgorithmId();
            byte[]                      salt = mData.getSalt();
            int                         itCount = mData.getIterationCount().intValue();

            byte[]  data = ((ASN1OctetString)info.getContent()).getOctets();

                byte[] res = calculatePbeMac(algId.getObjectId(), salt, itCount, password, false, data);
                byte[] dig = dInfo.getDigest();

                if (!Arrays.constantTimeAreEqual(res, dig))
                    if (password.length > 0)
                        throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");

                    // Try with incorrect zero length password
                    res = calculatePbeMac(algId.getObjectId(), salt, itCount, password, true, data);

                    if (!Arrays.constantTimeAreEqual(res, dig))
                        throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");

                    wrongPKCS12Zero = true;
            catch (IOException e)
                throw e;
            catch (Exception e)
                throw new IOException("error constructing MAC: " + e.toString());

        keys = new IgnoresCaseHashtable();
        localIds = new Hashtable();

        if (info.getContentType().equals(data))
            bIn = new ASN1InputStream(((ASN1OctetString)info.getContent()).getOctets());

            AuthenticatedSafe   authSafe = new AuthenticatedSafe((ASN1Sequence)bIn.readObject());
            ContentInfo[]       c = authSafe.getContentInfo();

            for (int i = 0; i != c.length; i++)
                if (c[i].getContentType().equals(data))
                    ASN1InputStream dIn = new ASN1InputStream(((ASN1OctetString)c[i].getContent()).getOctets());
                    ASN1Sequence    seq = (ASN1Sequence)dIn.readObject();

                    for (int j = 0; j != seq.size(); j++)
                        SafeBag b = new SafeBag((ASN1Sequence)seq.getObjectAt(j));
                        if (b.getBagId().equals(pkcs8ShroudedKeyBag))
                            org.bouncycastle2.asn1.pkcs.EncryptedPrivateKeyInfo eIn = new org.bouncycastle2.asn1.pkcs.EncryptedPrivateKeyInfo((ASN1Sequence)b.getBagValue());
                            PrivateKey              privKey = unwrapKey(eIn.getEncryptionAlgorithm(), eIn.getEncryptedData(), password, wrongPKCS12Zero);

                            // set the attributes on the key
                            PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
                            String                                   alias = null;
                            ASN1OctetString                   localId = null;

                            if (b.getBagAttributes() != null)
                                Enumeration e = b.getBagAttributes().getObjects();
                                while (e.hasMoreElements())
                                    ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                    DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                    ASN1Set                 attrSet = (ASN1Set)sq.getObjectAt(1);
                                    DERObject               attr = null;
                                    if (attrSet.size() > 0)
                                        attr = (DERObject)attrSet.getObjectAt(0);

                                        DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                        if (existing != null)
                                            // OK, but the value has to be the same
                                            if (!existing.getDERObject().equals(attr))
                                                throw new IOException(
                                                    "attempt to add existing attribute with different value");
                                            bagAttr.setBagAttribute(aOid, attr);
                                    if (aOid.equals(pkcs_9_at_friendlyName))
                                        alias = ((DERBMPString)attr).getString();
                                        keys.put(alias, privKey);
                                    else if (aOid.equals(pkcs_9_at_localKeyId))
                                        localId = (ASN1OctetString)attr;
                            if (localId != null)
                                String name = new String(Hex.encode(localId.getOctets()));
                                if (alias == null)
                                    keys.put(name, privKey);
                                    localIds.put(alias, name);
                                 unmarkedKey = true;
                                 keys.put("unmarked", privKey);
                        else if (b.getBagId().equals(certBag))
                            System.out.println("extra in data " + b.getBagId());
                else if (c[i].getContentType().equals(encryptedData))
                    EncryptedData d = new EncryptedData((ASN1Sequence)c[i].getContent());
                    byte[] octets = cryptData(false, d.getEncryptionAlgorithm(),
                        password, wrongPKCS12Zero, d.getContent().getOctets());
                    ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(octets);

                    for (int j = 0; j != seq.size(); j++)
                        SafeBag b = new SafeBag((ASN1Sequence)seq.getObjectAt(j));
                        if (b.getBagId().equals(certBag))
                        else if (b.getBagId().equals(pkcs8ShroudedKeyBag))
                            org.bouncycastle2.asn1.pkcs.EncryptedPrivateKeyInfo eIn = new org.bouncycastle2.asn1.pkcs.EncryptedPrivateKeyInfo((ASN1Sequence)b.getBagValue());
                            PrivateKey              privKey = unwrapKey(eIn.getEncryptionAlgorithm(), eIn.getEncryptedData(), password, wrongPKCS12Zero);

                            // set the attributes on the key
                            PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
                            String                      alias = null;
                            ASN1OctetString              localId = null;

                            Enumeration e = b.getBagAttributes().getObjects();
                            while (e.hasMoreElements())
                                ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                ASN1Set                 attrSet= (ASN1Set)sq.getObjectAt(1);
                                DERObject               attr = null;

                                if (attrSet.size() > 0)
                                    attr = (DERObject)attrSet.getObjectAt(0);

                                    DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                    if (existing != null)
                                        // OK, but the value has to be the same
                                        if (!existing.getDERObject().equals(attr))
                                            throw new IOException(
                                                "attempt to add existing attribute with different value");
                                        bagAttr.setBagAttribute(aOid, attr);

                                if (aOid.equals(pkcs_9_at_friendlyName))
                                    alias = ((DERBMPString)attr).getString();
                                    keys.put(alias, privKey);
                                else if (aOid.equals(pkcs_9_at_localKeyId))
                                    localId = (ASN1OctetString)attr;

                            String name = new String(Hex.encode(localId.getOctets()));

                            if (alias == null)
                                keys.put(name, privKey);
                                localIds.put(alias, name);
                        else if (b.getBagId().equals(keyBag))
                            org.bouncycastle2.asn1.pkcs.PrivateKeyInfo pIn = new org.bouncycastle2.asn1.pkcs.PrivateKeyInfo((ASN1Sequence)b.getBagValue());
                            PrivateKey              privKey = JDKKeyFactory.createPrivateKeyFromPrivateKeyInfo(pIn);

                            // set the attributes on the key
                            PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
                            String                      alias = null;
                            ASN1OctetString             localId = null;

                            Enumeration e = b.getBagAttributes().getObjects();
                            while (e.hasMoreElements())
                                ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                ASN1Set                 attrSet = (ASN1Set)sq.getObjectAt(1);
                                DERObject   attr = null;

                                if (attrSet.size() > 0)
                                    attr = (DERObject)attrSet.getObjectAt(0);

                                    DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                    if (existing != null)
                                        // OK, but the value has to be the same
                                        if (!existing.getDERObject().equals(attr))
                                            throw new IOException(
                                                "attempt to add existing attribute with different value");
                                        bagAttr.setBagAttribute(aOid, attr);

                                if (aOid.equals(pkcs_9_at_friendlyName))
                                    alias = ((DERBMPString)attr).getString();
                                    keys.put(alias, privKey);
                                else if (aOid.equals(pkcs_9_at_localKeyId))
                                    localId = (ASN1OctetString)attr;

                            String name = new String(Hex.encode(localId.getOctets()));

                            if (alias == null)
                                keys.put(name, privKey);
                                localIds.put(alias, name);
                            System.out.println("extra in encryptedData " + b.getBagId());
                    System.out.println("extra " + c[i].getContentType().getId());
                    System.out.println("extra " + ASN1Dump.dumpAsString(c[i].getContent()));

        certs = new IgnoresCaseHashtable();
        chainCerts = new Hashtable();
        keyCerts = new Hashtable();

        for (int i = 0; i != chain.size(); i++)
            SafeBag     b = (SafeBag)chain.elementAt(i);
            CertBag     cb = new CertBag((ASN1Sequence)b.getBagValue());

            if (!cb.getCertId().equals(x509Certificate))
                throw new RuntimeException("Unsupported certificate type: " + cb.getCertId());

            Certificate cert;

                ByteArrayInputStream  cIn = new ByteArrayInputStream(
                cert = certFact.generateCertificate(cIn);
            catch (Exception e)
                throw new RuntimeException(e.toString());

            // set the attributes
            ASN1OctetString localId = null;
            String          alias = null;

            if (b.getBagAttributes() != null)
                Enumeration e = b.getBagAttributes().getObjects();
                while (e.hasMoreElements())
                    ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                    DERObjectIdentifier     oid = (DERObjectIdentifier)sq.getObjectAt(0);
                    DERObject               attr = (DERObject)((ASN1Set)sq.getObjectAt(1)).getObjectAt(0);
                    PKCS12BagAttributeCarrier   bagAttr = null;

                    if (cert instanceof PKCS12BagAttributeCarrier)
                        bagAttr = (PKCS12BagAttributeCarrier)cert;
View Full Code Here

        return attr.getAttrType().getId();
    public ASN1Encodable[] getValues()
        ASN1Set         s = attr.getAttrValues();
        ASN1Encodable[] values = new ASN1Encodable[s.size()];
        for (int i = 0; i != s.size(); i++)
            values[i] = (ASN1Encodable)s.getObjectAt(i);
        return values;
View Full Code Here

                                Enumeration e = b.getBagAttributes().getObjects();
                                while (e.hasMoreElements())
                                    ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                    DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                    ASN1Set                 attrSet = (ASN1Set)sq.getObjectAt(1);
                                    DERObject               attr = null;
                                    if (attrSet.size() > 0)
                                        attr = (DERObject)attrSet.getObjectAt(0);

                                        DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                        if (existing != null)
                                            // OK, but the value has to be the same
                                            if (!existing.getDERObject().equals(attr))
                                                throw new IOException(
                                                    "attempt to add existing attribute with different value");
                                            bagAttr.setBagAttribute(aOid, attr);
                                    if (aOid.equals(pkcs_9_at_friendlyName))
                                        alias = ((DERBMPString)attr).getString();
                                        keys.put(alias, privKey);
                                    else if (aOid.equals(pkcs_9_at_localKeyId))
                                        localId = (ASN1OctetString)attr;
                            if (localId != null)
                                String name = new String(Hex.encode(localId.getOctets()));
                                if (alias == null)
                                    keys.put(name, privKey);
                                    localIds.put(alias, name);
                                 unmarkedKey = true;
                                 keys.put("unmarked", privKey);
                        else if (b.getBagId().equals(certBag))
                            System.out.println("extra in data " + b.getBagId());
                else if (c[i].getContentType().equals(encryptedData))
                    EncryptedData d = new EncryptedData((ASN1Sequence)c[i].getContent());
                    byte[] octets = cryptData(false, d.getEncryptionAlgorithm(),
                        password, wrongPKCS12Zero, d.getContent().getOctets());
                    ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(octets);

                    for (int j = 0; j != seq.size(); j++)
                        SafeBag b = new SafeBag((ASN1Sequence)seq.getObjectAt(j));
                        if (b.getBagId().equals(certBag))
                        else if (b.getBagId().equals(pkcs8ShroudedKeyBag))
                            org.bouncycastle2.asn1.pkcs.EncryptedPrivateKeyInfo eIn = new org.bouncycastle2.asn1.pkcs.EncryptedPrivateKeyInfo((ASN1Sequence)b.getBagValue());
                            PrivateKey              privKey = unwrapKey(eIn.getEncryptionAlgorithm(), eIn.getEncryptedData(), password, wrongPKCS12Zero);

                            // set the attributes on the key
                            PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
                            String                      alias = null;
                            ASN1OctetString              localId = null;

                            Enumeration e = b.getBagAttributes().getObjects();
                            while (e.hasMoreElements())
                                ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                ASN1Set                 attrSet= (ASN1Set)sq.getObjectAt(1);
                                DERObject               attr = null;

                                if (attrSet.size() > 0)
                                    attr = (DERObject)attrSet.getObjectAt(0);

                                    DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                    if (existing != null)
                                        // OK, but the value has to be the same
                                        if (!existing.getDERObject().equals(attr))
                                            throw new IOException(
                                                "attempt to add existing attribute with different value");
                                        bagAttr.setBagAttribute(aOid, attr);

                                if (aOid.equals(pkcs_9_at_friendlyName))
                                    alias = ((DERBMPString)attr).getString();
                                    keys.put(alias, privKey);
                                else if (aOid.equals(pkcs_9_at_localKeyId))
                                    localId = (ASN1OctetString)attr;

                            String name = new String(Hex.encode(localId.getOctets()));

                            if (alias == null)
                                keys.put(name, privKey);
                                localIds.put(alias, name);
                        else if (b.getBagId().equals(keyBag))
                            org.bouncycastle2.asn1.pkcs.PrivateKeyInfo pIn = new org.bouncycastle2.asn1.pkcs.PrivateKeyInfo((ASN1Sequence)b.getBagValue());
                            PrivateKey              privKey = JDKKeyFactory.createPrivateKeyFromPrivateKeyInfo(pIn);

                            // set the attributes on the key
                            PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
                            String                      alias = null;
                            ASN1OctetString             localId = null;

                            Enumeration e = b.getBagAttributes().getObjects();
                            while (e.hasMoreElements())
                                ASN1Sequence  sq = (ASN1Sequence)e.nextElement();
                                DERObjectIdentifier     aOid = (DERObjectIdentifier)sq.getObjectAt(0);
                                ASN1Set                 attrSet = (ASN1Set)sq.getObjectAt(1);
                                DERObject   attr = null;

                                if (attrSet.size() > 0)
                                    attr = (DERObject)attrSet.getObjectAt(0);

                                    DEREncodable existing = bagAttr.getBagAttribute(aOid);
                                    if (existing != null)
                                        // OK, but the value has to be the same
View Full Code Here

            SafeBag                 kBag = new SafeBag(pkcs8ShroudedKeyBag, kInfo.getDERObject(), new DERSet(kName));

        byte[]                    keySEncoded = new DERSequence(keyS).getDEREncoded();
        BERConstructedOctetString keyString = new BERConstructedOctetString(keySEncoded);

        // certificate processing
        byte[]                  cSalt = new byte[SALT_SIZE];


        ASN1EncodableVector  certSeq = new ASN1EncodableVector();
        PKCS12PBEParams         cParams = new PKCS12PBEParams(cSalt, MIN_ITERATIONS);
        AlgorithmIdentifier     cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.getDERObject());
        Hashtable               doneCerts = new Hashtable();

        Enumeration cs = keys.keys();
        while (cs.hasMoreElements())
                String              name = (String)cs.nextElement();
                Certificate         cert = engineGetCertificate(name);
                boolean             cAttrSet = false;
                CertBag             cBag = new CertBag(
                                        new DEROctetString(cert.getEncoded()));
                ASN1EncodableVector fName = new ASN1EncodableVector();

                if (cert instanceof PKCS12BagAttributeCarrier)
                    PKCS12BagAttributeCarrier   bagAttrs = (PKCS12BagAttributeCarrier)cert;
                    // make sure we are using the local alias on store
                    DERBMPString    nm = (DERBMPString)bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
                    if (nm == null || !nm.getString().equals(name))
                        bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));

                    // make sure we have a local key-id
                    if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null)
                        bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(cert.getPublicKey()));

                    Enumeration e = bagAttrs.getBagAttributeKeys();

                    while (e.hasMoreElements())
                        DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();
                        ASN1EncodableVector fSeq = new ASN1EncodableVector();

                        fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
                        fName.add(new DERSequence(fSeq));

                        cAttrSet = true;

                if (!cAttrSet)
                    ASN1EncodableVector  fSeq = new ASN1EncodableVector();

                    fSeq.add(new DERSet(createSubjectKeyId(cert.getPublicKey())));
                    fName.add(new DERSequence(fSeq));

                    fSeq = new ASN1EncodableVector();

                    fSeq.add(new DERSet(new DERBMPString(name)));

                    fName.add(new DERSequence(fSeq));

                SafeBag sBag = new SafeBag(certBag, cBag.getDERObject(), new DERSet(fName));


                doneCerts.put(cert, cert);
            catch (CertificateEncodingException e)
                throw new IOException("Error encoding certificate: " + e.toString());

        cs = certs.keys();
        while (cs.hasMoreElements())
                String              certId = (String)cs.nextElement();
                Certificate         cert = (Certificate)certs.get(certId);
                boolean             cAttrSet = false;

                if (keys.get(certId) != null)

                CertBag             cBag = new CertBag(
                                        new DEROctetString(cert.getEncoded()));
                ASN1EncodableVector fName = new ASN1EncodableVector();

                if (cert instanceof PKCS12BagAttributeCarrier)
                    PKCS12BagAttributeCarrier   bagAttrs = (PKCS12BagAttributeCarrier)cert;
                    // make sure we are using the local alias on store
                    DERBMPString    nm = (DERBMPString)bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
                    if (nm == null || !nm.getString().equals(certId))
                        bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(certId));

                    Enumeration e = bagAttrs.getBagAttributeKeys();

                    while (e.hasMoreElements())
                        DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();

                        // a certificate not immediately linked to a key doesn't require
                        // a localKeyID and will confuse some PKCS12 implementations.
                        // If we find one, we'll prune it out.
                        if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId))

                        ASN1EncodableVector fSeq = new ASN1EncodableVector();

                        fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
                        fName.add(new DERSequence(fSeq));

                        cAttrSet = true;

                if (!cAttrSet)
                    ASN1EncodableVector  fSeq = new ASN1EncodableVector();

                    fSeq.add(new DERSet(new DERBMPString(certId)));

                    fName.add(new DERSequence(fSeq));

                SafeBag sBag = new SafeBag(certBag, cBag.getDERObject(), new DERSet(fName));


                doneCerts.put(cert, cert);
            catch (CertificateEncodingException e)
                throw new IOException("Error encoding certificate: " + e.toString());

        cs = chainCerts.keys();
        while (cs.hasMoreElements())
                CertId              certId = (CertId)cs.nextElement();
                Certificate         cert = (Certificate)chainCerts.get(certId);

                if (doneCerts.get(cert) != null)

                CertBag             cBag = new CertBag(
                                        new DEROctetString(cert.getEncoded()));
                ASN1EncodableVector fName = new ASN1EncodableVector();

                if (cert instanceof PKCS12BagAttributeCarrier)
                    PKCS12BagAttributeCarrier   bagAttrs = (PKCS12BagAttributeCarrier)cert;
                    Enumeration e = bagAttrs.getBagAttributeKeys();

                    while (e.hasMoreElements())
                        DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();

                        // a certificate not immediately linked to a key doesn't require
                        // a localKeyID and will confuse some PKCS12 implementations.
                        // If we find one, we'll prune it out.
                        if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId))

                        ASN1EncodableVector fSeq = new ASN1EncodableVector();

                        fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
                        fName.add(new DERSequence(fSeq));

                SafeBag sBag = new SafeBag(certBag, cBag.getDERObject(), new DERSet(fName));

            catch (CertificateEncodingException e)
                throw new IOException("Error encoding certificate: " + e.toString());

        byte[]          certSeqEncoded = new DERSequence(certSeq).getDEREncoded();
        byte[]          certBytes = cryptData(true, cAlgId, password, false, certSeqEncoded);
        EncryptedData   cInfo = new EncryptedData(data, cAlgId, new BERConstructedOctetString(certBytes));

        ContentInfo[] info = new ContentInfo[]
            new ContentInfo(data, keyString),
            new ContentInfo(encryptedData, cInfo.getDERObject())

        AuthenticatedSafe   auth = new AuthenticatedSafe(info);

        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
        BEROutputStream         berOut = new BEROutputStream(bOut);


        byte[]              pkg = bOut.toByteArray();

        ContentInfo         mainInfo = new ContentInfo(data, new BERConstructedOctetString(pkg));

        // create the mac
        byte[]                      mSalt = new byte[20];
View Full Code Here


        AuthenticatedSafe   auth = new AuthenticatedSafe(info);

        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
        BEROutputStream         berOut = new BEROutputStream(bOut);


        byte[]              pkg = bOut.toByteArray();

        ContentInfo         mainInfo = new ContentInfo(data, new BERConstructedOctetString(pkg));

        // create the mac
        byte[]                      mSalt = new byte[20];
        int                         itCount = MIN_ITERATIONS;

        byte[]  data = ((ASN1OctetString)mainInfo.getContent()).getOctets();

        MacData                 mData;

            byte[] res = calculatePbeMac(id_SHA1, mSalt, itCount, password, false, data);

            AlgorithmIdentifier     algId = new AlgorithmIdentifier(id_SHA1, new DERNull());
            DigestInfo              dInfo = new DigestInfo(algId, res);

            mData = new MacData(dInfo, mSalt, itCount);
        catch (Exception e)
            throw new IOException("error constructing MAC: " + e.toString());
        // output the Pfx
        Pfx                 pfx = new Pfx(mainInfo, mData);

        berOut = new BEROutputStream(stream);

View Full Code Here

                PKCS12BagAttributeCarrier   bagAttrs = (PKCS12BagAttributeCarrier)privKey;
                // make sure we are using the local alias on store
                DERBMPString    nm = (DERBMPString)bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
                if (nm == null || !nm.getString().equals(name))
                    bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));

                // make sure we have a local key-id
                if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null)
                    Certificate             ct = engineGetCertificate(name);

                    bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(ct.getPublicKey()));

                Enumeration e = bagAttrs.getBagAttributeKeys();

                while (e.hasMoreElements())
                    DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();
                    ASN1EncodableVector  kSeq = new ASN1EncodableVector();

                    kSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));

                    attrSet = true;

                    kName.add(new DERSequence(kSeq));

            if (!attrSet)
                // set a default friendly name (from the key id) and local id
                ASN1EncodableVector     kSeq = new ASN1EncodableVector();
                Certificate             ct = engineGetCertificate(name);

                kSeq.add(new DERSet(createSubjectKeyId(ct.getPublicKey())));

                kName.add(new DERSequence(kSeq));

                kSeq = new ASN1EncodableVector();

                kSeq.add(new DERSet(new DERBMPString(name)));

                kName.add(new DERSequence(kSeq));

            SafeBag                 kBag = new SafeBag(pkcs8ShroudedKeyBag, kInfo.getDERObject(), new DERSet(kName));

        byte[]                    keySEncoded = new DERSequence(keyS).getDEREncoded();
        BERConstructedOctetString keyString = new BERConstructedOctetString(keySEncoded);

        // certificate processing
        byte[]                  cSalt = new byte[SALT_SIZE];


        ASN1EncodableVector  certSeq = new ASN1EncodableVector();
        PKCS12PBEParams         cParams = new PKCS12PBEParams(cSalt, MIN_ITERATIONS);
        AlgorithmIdentifier     cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.getDERObject());
        Hashtable               doneCerts = new Hashtable();

        Enumeration cs = keys.keys();
        while (cs.hasMoreElements())
                String              name = (String)cs.nextElement();
                Certificate         cert = engineGetCertificate(name);
                boolean             cAttrSet = false;
                CertBag             cBag = new CertBag(
                                        new DEROctetString(cert.getEncoded()));
                ASN1EncodableVector fName = new ASN1EncodableVector();

                if (cert instanceof PKCS12BagAttributeCarrier)
                    PKCS12BagAttributeCarrier   bagAttrs = (PKCS12BagAttributeCarrier)cert;
                    // make sure we are using the local alias on store
                    DERBMPString    nm = (DERBMPString)bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
                    if (nm == null || !nm.getString().equals(name))
                        bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));

                    // make sure we have a local key-id
                    if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null)
                        bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(cert.getPublicKey()));

                    Enumeration e = bagAttrs.getBagAttributeKeys();

                    while (e.hasMoreElements())
                        DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();
                        ASN1EncodableVector fSeq = new ASN1EncodableVector();

                        fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
                        fName.add(new DERSequence(fSeq));

                        cAttrSet = true;

                if (!cAttrSet)
                    ASN1EncodableVector  fSeq = new ASN1EncodableVector();

                    fSeq.add(new DERSet(createSubjectKeyId(cert.getPublicKey())));
                    fName.add(new DERSequence(fSeq));

                    fSeq = new ASN1EncodableVector();

                    fSeq.add(new DERSet(new DERBMPString(name)));

                    fName.add(new DERSequence(fSeq));

                SafeBag sBag = new SafeBag(certBag, cBag.getDERObject(), new DERSet(fName));


                doneCerts.put(cert, cert);
            catch (CertificateEncodingException e)
                throw new IOException("Error encoding certificate: " + e.toString());

        cs = certs.keys();
        while (cs.hasMoreElements())
                String              certId = (String)cs.nextElement();
                Certificate         cert = (Certificate)certs.get(certId);
                boolean             cAttrSet = false;

                if (keys.get(certId) != null)

                CertBag             cBag = new CertBag(
                                        new DEROctetString(cert.getEncoded()));
                ASN1EncodableVector fName = new ASN1EncodableVector();

                if (cert instanceof PKCS12BagAttributeCarrier)
                    PKCS12BagAttributeCarrier   bagAttrs = (PKCS12BagAttributeCarrier)cert;
                    // make sure we are using the local alias on store
                    DERBMPString    nm = (DERBMPString)bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
                    if (nm == null || !nm.getString().equals(certId))
                        bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(certId));

                    Enumeration e = bagAttrs.getBagAttributeKeys();

                    while (e.hasMoreElements())
                        DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();

                        // a certificate not immediately linked to a key doesn't require
                        // a localKeyID and will confuse some PKCS12 implementations.
                        // If we find one, we'll prune it out.
                        if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId))

                        ASN1EncodableVector fSeq = new ASN1EncodableVector();

                        fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
                        fName.add(new DERSequence(fSeq));

                        cAttrSet = true;

                if (!cAttrSet)
                    ASN1EncodableVector  fSeq = new ASN1EncodableVector();

                    fSeq.add(new DERSet(new DERBMPString(certId)));

                    fName.add(new DERSequence(fSeq));

                SafeBag sBag = new SafeBag(certBag, cBag.getDERObject(), new DERSet(fName));
View Full Code Here

        catch (Exception e)
            throw new IllegalArgumentException("exception encoding TBS cert request - " + e);

        this.sigBits = new DERBitString(sig.sign());
View Full Code Here

        String  provider)
        throws NoSuchAlgorithmException, NoSuchProviderException,
        SubjectPublicKeyInfo    subjectPKInfo = reqInfo.getSubjectPublicKeyInfo();
        X509EncodedKeySpec      xspec = new X509EncodedKeySpec(new DERBitString(subjectPKInfo).getBytes());
        AlgorithmIdentifier     keyAlg = subjectPKInfo.getAlgorithmId();
View Full Code Here


Related Classes of org.bouncycastle2.asn1.pkcs.AuthenticatedSafe

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact