List of usage examples for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers rsaEncryption
ASN1ObjectIdentifier rsaEncryption
To view the source code for org.bouncycastle.asn1.pkcs PKCSObjectIdentifiers rsaEncryption.
Click Source Link
From source file:org.usrz.libs.crypto.pem.PEMFactory.java
License:Apache License
public PrivateKey getPrivateKey(PrivateKeyInfo keyInfo) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException { final Object algorithmId = keyInfo.getPrivateKeyAlgorithm().getAlgorithm(); final ASN1Encodable encodable; try {//from w w w . j ava 2 s . co m encodable = keyInfo.parsePrivateKey(); } catch (IOException exception) { throw new InvalidKeyException("Unable to parse private key structure", exception); } /* DSA keys */ if (algorithmId.equals(X9ObjectIdentifiers.id_dsa)) { final ASN1Encodable encodedParams = keyInfo.getPrivateKeyAlgorithm().getParameters(); final DSAParameter params = DSAParameter.getInstance(encodedParams); final BigInteger x = ASN1Integer.getInstance(encodable).getValue(); return getDSAKeyFactory() .generatePrivate(new DSAPrivateKeySpec(x, params.getP(), params.getQ(), params.getG())); } /* RSA keys */ if (algorithmId.equals(PKCSObjectIdentifiers.rsaEncryption)) { final RSAPrivateKey privateKey = RSAPrivateKey.getInstance(encodable); return getRSAKeyFactory().generatePrivate( new RSAPrivateCrtKeySpec(privateKey.getModulus(), privateKey.getPublicExponent(), privateKey.getPrivateExponent(), privateKey.getPrime1(), privateKey.getPrime2(), privateKey.getExponent1(), privateKey.getExponent2(), privateKey.getCoefficient())); } /* Others? */ throw new NoSuchAlgorithmException("Unsupported algorithm for private key: " + algorithmId); }
From source file:org.usrz.libs.crypto.pem.PEMFactory.java
License:Apache License
public PublicKey getPublicKey(SubjectPublicKeyInfo keyInfo) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException { final Object algorithmId = keyInfo.getAlgorithm().getAlgorithm(); final byte[] encoded; try {// w w w . j a va 2s . c o m encoded = keyInfo.getEncoded(); } catch (IOException exception) { throw new InvalidKeyException("Unable to get encoded key", exception); } /* DSA keys */ if (algorithmId.equals(X9ObjectIdentifiers.id_dsa)) { return getDSAKeyFactory().generatePublic(new X509EncodedKeySpec(encoded)); } /* RSA keys */ if (algorithmId.equals(PKCSObjectIdentifiers.rsaEncryption)) { return getRSAKeyFactory().generatePublic(new X509EncodedKeySpec(encoded)); } /* Others? */ throw new NoSuchAlgorithmException("Unsupported algorithm for private key: " + algorithmId); }
From source file:org.xipki.ca.certprofile.internal.ProfileConfCreatorDemo.java
License:Open Source License
private static KeyAlgorithms createKeyAlgorithms() { KeyAlgorithms ret = new KeyAlgorithms(); List<AlgorithmType> list = ret.getAlgorithm(); // RSA/* w w w . ja v a2 s. c o m*/ { AlgorithmType algorithm = new AlgorithmType(); list.add(algorithm); algorithm.getAlgorithm().add(createOidType(PKCSObjectIdentifiers.rsaEncryption, "RSA")); RSAParameters params = new RSAParameters(); algorithm.setParameters(createKeyParametersType(params)); RangesType ranges = new RangesType(); params.setModulusLength(ranges); List<RangeType> modulusLengths = ranges.getRange(); modulusLengths.add(createRange(2048)); modulusLengths.add(createRange(3072)); } // DSA { AlgorithmType algorithm = new AlgorithmType(); list.add(algorithm); algorithm.getAlgorithm().add(createOidType(X9ObjectIdentifiers.id_dsa, "DSA")); DSAParameters params = new DSAParameters(); algorithm.setParameters(createKeyParametersType(params)); RangesType ranges = new RangesType(); params.setPLength(ranges); List<RangeType> pLengths = ranges.getRange(); pLengths.add(createRange(1024)); pLengths.add(createRange(2048)); ranges = new RangesType(); params.setQLength(ranges); List<RangeType> qLengths = ranges.getRange(); qLengths.add(createRange(160)); qLengths.add(createRange(224)); qLengths.add(createRange(256)); } // EC { AlgorithmType algorithm = new AlgorithmType(); list.add(algorithm); algorithm.getAlgorithm().add(createOidType(X9ObjectIdentifiers.id_ecPublicKey, "EC")); ECParameters params = new ECParameters(); algorithm.setParameters(createKeyParametersType(params)); Curves curves = new Curves(); params.setCurves(curves); ASN1ObjectIdentifier[] curveIds = new ASN1ObjectIdentifier[] { SECObjectIdentifiers.secp256r1, TeleTrusTObjectIdentifiers.brainpoolP256r1 }; for (ASN1ObjectIdentifier curveId : curveIds) { String name = SecurityUtil.getCurveName(curveId); curves.getCurve().add(createOidType(curveId, name)); } params.setPointEncodings(new PointEncodings()); final Byte unpressed = 4; params.getPointEncodings().getPointEncoding().add(unpressed); } return ret; }
From source file:org.xipki.common.util.AlgorithmUtil.java
License:Open Source License
public static SubjectPublicKeyInfo toRfc3279Style(final SubjectPublicKeyInfo publicKeyInfo) throws InvalidKeySpecException { // TODO: add support of other algorithms ASN1ObjectIdentifier algOid = publicKeyInfo.getAlgorithm().getAlgorithm(); ASN1Encodable keyParameters = publicKeyInfo.getAlgorithm().getParameters(); if (PKCSObjectIdentifiers.rsaEncryption.equals(algOid)) { if (DERNull.INSTANCE.equals(keyParameters)) { return publicKeyInfo; } else {/*w w w. j av a 2 s . c o m*/ AlgorithmIdentifier keyAlgId = new AlgorithmIdentifier(algOid, DERNull.INSTANCE); return new SubjectPublicKeyInfo(keyAlgId, publicKeyInfo.getPublicKeyData().getBytes()); } } else { return publicKeyInfo; } }
From source file:org.xipki.commons.security.pkcs11.emulator.EmulatorP11Slot.java
License:Open Source License
private PublicKey readPublicKey(final byte[] keyId) throws P11TokenException { String hexKeyId = Hex.toHexString(keyId); File pubKeyFile = new File(pubKeyDir, hexKeyId + INFO_FILE_SUFFIX); Properties props = loadProperties(pubKeyFile); String algorithm = props.getProperty(PROP_ALGORITHM); if (PKCSObjectIdentifiers.rsaEncryption.getId().equals(algorithm)) { BigInteger exp = new BigInteger(1, Hex.decode(props.getProperty(PROP_RSA_PUBLIC_EXPONENT))); BigInteger mod = new BigInteger(1, Hex.decode(props.getProperty(PROP_RSA_MODUS))); RSAPublicKeySpec keySpec = new RSAPublicKeySpec(mod, exp); try {/*from w w w .j a v a 2 s . c o m*/ return KeyUtil.generateRSAPublicKey(keySpec); } catch (InvalidKeySpecException ex) { throw new P11TokenException(ex.getMessage(), ex); } } else if (X9ObjectIdentifiers.id_dsa.getId().equals(algorithm)) { BigInteger prime = new BigInteger(1, Hex.decode(props.getProperty(PROP_DSA_PRIME))); // p BigInteger subPrime = new BigInteger(1, Hex.decode(props.getProperty(PROP_DSA_SUBPRIME))); // q BigInteger base = new BigInteger(1, Hex.decode(props.getProperty(PROP_DSA_BASE))); // g BigInteger value = new BigInteger(1, Hex.decode(props.getProperty(PROP_DSA_VALUE))); // y DSAPublicKeySpec keySpec = new DSAPublicKeySpec(value, prime, subPrime, base); try { return KeyUtil.generateDSAPublicKey(keySpec); } catch (InvalidKeySpecException ex) { throw new P11TokenException(ex.getMessage(), ex); } } else if (X9ObjectIdentifiers.id_ecPublicKey.getId().equals(algorithm)) { byte[] ecdsaParams = Hex.decode(props.getProperty(PROP_EC_ECDSA_PARAMS)); byte[] asn1EncodedPoint = Hex.decode(props.getProperty(PROP_EC_EC_POINT)); byte[] ecPoint = DEROctetString.getInstance(asn1EncodedPoint).getOctets(); try { return KeyUtil.createECPublicKey(ecdsaParams, ecPoint); } catch (InvalidKeySpecException ex) { throw new P11TokenException(ex.getMessage(), ex); } } else { throw new P11TokenException("unknown key algorithm " + algorithm); } }
From source file:org.xipki.commons.security.pkcs11.emulator.EmulatorP11Slot.java
License:Open Source License
private void savePkcs11PublicKey(final byte[] id, final String label, final PublicKey publicKey) throws P11TokenException { String hexId = Hex.toHexString(id).toLowerCase(); StringBuilder sb = new StringBuilder(100); sb.append(PROP_ID).append('=').append(hexId).append('\n'); sb.append(PROP_LABEL).append('=').append(label).append('\n'); if (publicKey instanceof RSAPublicKey) { sb.append(PROP_ALGORITHM).append('='); sb.append(PKCSObjectIdentifiers.rsaEncryption.getId()); sb.append('\n'); sb.append(PROP_RSA_MODUS).append('='); RSAPublicKey rsaKey = (RSAPublicKey) publicKey; sb.append(Hex.toHexString(rsaKey.getModulus().toByteArray())); sb.append('\n'); sb.append(PROP_RSA_PUBLIC_EXPONENT).append('='); sb.append(Hex.toHexString(rsaKey.getPublicExponent().toByteArray())); sb.append('\n'); } else if (publicKey instanceof DSAPublicKey) { sb.append(PROP_ALGORITHM).append('='); sb.append(X9ObjectIdentifiers.id_dsa.getId()); sb.append('\n'); sb.append(PROP_DSA_PRIME).append('='); DSAPublicKey dsaKey = (DSAPublicKey) publicKey; sb.append(Hex.toHexString(dsaKey.getParams().getP().toByteArray())); sb.append('\n'); sb.append(PROP_DSA_SUBPRIME).append('='); sb.append(Hex.toHexString(dsaKey.getParams().getQ().toByteArray())); sb.append('\n'); sb.append(PROP_DSA_BASE).append('='); sb.append(Hex.toHexString(dsaKey.getParams().getG().toByteArray())); sb.append('\n'); sb.append(PROP_DSA_VALUE).append('='); sb.append(Hex.toHexString(dsaKey.getY().toByteArray())); sb.append('\n'); } else if (publicKey instanceof ECPublicKey) { sb.append(PROP_ALGORITHM).append('='); sb.append(X9ObjectIdentifiers.id_ecPublicKey.getId()); sb.append('\n'); ECPublicKey ecKey = (ECPublicKey) publicKey; ECParameterSpec paramSpec = ecKey.getParams(); // ecdsaParams org.bouncycastle.jce.spec.ECParameterSpec bcParamSpec = EC5Util.convertSpec(paramSpec, false); ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(bcParamSpec); if (curveOid == null) { throw new P11TokenException("EC public key is not of namedCurve"); }//from w w w . ja v a 2s .c om byte[] encodedParams; try { if (namedCurveSupported) { encodedParams = curveOid.getEncoded(); } else { encodedParams = ECNamedCurveTable.getByOID(curveOid).getEncoded(); } } catch (IOException | NullPointerException ex) { throw new P11TokenException(ex.getMessage(), ex); } sb.append(PROP_EC_ECDSA_PARAMS).append('='); sb.append(Hex.toHexString(encodedParams)); sb.append('\n'); // EC point java.security.spec.ECPoint pointW = ecKey.getW(); int keysize = (paramSpec.getOrder().bitLength() + 7) / 8; byte[] ecPoint = new byte[1 + keysize * 2]; ecPoint[0] = 4; // uncompressed bigIntToBytes("Wx", pointW.getAffineX(), ecPoint, 1, keysize); bigIntToBytes("Wy", pointW.getAffineY(), ecPoint, 1 + keysize, keysize); byte[] encodedEcPoint; try { encodedEcPoint = new DEROctetString(ecPoint).getEncoded(); } catch (IOException ex) { throw new P11TokenException("could not ASN.1 encode the ECPoint"); } sb.append(PROP_EC_EC_POINT).append('='); sb.append(Hex.toHexString(encodedEcPoint)); sb.append('\n'); } else { throw new IllegalArgumentException("unsupported public key " + publicKey.getClass().getName()); } try { IoUtil.save(new File(pubKeyDir, hexId + INFO_FILE_SUFFIX), sb.toString().getBytes()); } catch (IOException ex) { throw new P11TokenException(ex.getMessage(), ex); } }
From source file:org.xipki.commons.security.pkcs11.emulator.PrivateKeyCryptor.java
License:Open Source License
PrivateKey decrypt(final PKCS8EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) throws P11TokenException { ParamUtil.requireNonNull("encryptedPrivateKeyInfo", encryptedPrivateKeyInfo); PrivateKeyInfo privateKeyInfo;/*from w w w . j av a 2 s.c o m*/ synchronized (decryptorProvider) { try { privateKeyInfo = encryptedPrivateKeyInfo.decryptPrivateKeyInfo(decryptorProvider); } catch (PKCSException ex) { throw new P11TokenException(ex.getMessage(), ex); } } AlgorithmIdentifier keyAlg = privateKeyInfo.getPrivateKeyAlgorithm(); ASN1ObjectIdentifier keyAlgOid = keyAlg.getAlgorithm(); String algoName; if (PKCSObjectIdentifiers.rsaEncryption.equals(keyAlgOid)) { algoName = "RSA"; } else if (X9ObjectIdentifiers.id_dsa.equals(keyAlgOid)) { algoName = "DSA"; } else if (X9ObjectIdentifiers.id_ecPublicKey.equals(keyAlgOid)) { algoName = "EC"; } else { throw new P11TokenException("unknown private key algorithm " + keyAlgOid.getId()); } try { KeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded()); KeyFactory keyFactory = KeyFactory.getInstance(algoName, "BC"); return keyFactory.generatePrivate(keySpec); } catch (IOException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException ex) { throw new P11TokenException(ex.getClass().getName() + ": " + ex.getMessage(), ex); } }
From source file:org.xipki.commons.security.pkcs12.P12KeypairGenerator.java
License:Open Source License
private KeyPairWithSubjectPublicKeyInfo genRSAKeypair(final int keysize, final BigInteger publicExponent, final SecureRandom random) throws Exception { KeyPair kp = KeyUtil.generateRSAKeypair(keysize, publicExponent, random); java.security.interfaces.RSAPublicKey rsaPubKey = (java.security.interfaces.RSAPublicKey) kp.getPublic(); SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo( new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(rsaPubKey.getModulus(), rsaPubKey.getPublicExponent())); return new KeyPairWithSubjectPublicKeyInfo(kp, spki); }
From source file:org.xipki.commons.security.util.KeyUtil.java
License:Open Source License
public static PublicKey generatePublicKey(final SubjectPublicKeyInfo pkInfo) throws NoSuchAlgorithmException, InvalidKeySpecException { ParamUtil.requireNonNull("pkInfo", pkInfo); X509EncodedKeySpec keyspec;// w ww . j av a 2 s . c o m try { keyspec = new X509EncodedKeySpec(pkInfo.getEncoded()); } catch (IOException ex) { throw new InvalidKeySpecException(ex.getMessage(), ex); } ASN1ObjectIdentifier aid = pkInfo.getAlgorithm().getAlgorithm(); String algorithm; if (PKCSObjectIdentifiers.rsaEncryption.equals(aid)) { algorithm = "RSA"; } else if (X9ObjectIdentifiers.id_dsa.equals(aid)) { algorithm = "DSA"; } else if (X9ObjectIdentifiers.id_ecPublicKey.equals(aid)) { algorithm = "EC"; } else { throw new InvalidKeySpecException("unsupported key algorithm: " + aid); } KeyFactory kf = getKeyFactory(algorithm); synchronized (kf) { return kf.generatePublic(keyspec); } }
From source file:org.xipki.commons.security.util.KeyUtil.java
License:Open Source License
public static SubjectPublicKeyInfo createSubjectPublicKeyInfo(final PublicKey publicKey) throws InvalidKeyException { ParamUtil.requireNonNull("publicKey", publicKey); if (publicKey instanceof DSAPublicKey) { DSAPublicKey dsaPubKey = (DSAPublicKey) publicKey; ASN1EncodableVector vec = new ASN1EncodableVector(); vec.add(new ASN1Integer(dsaPubKey.getParams().getP())); vec.add(new ASN1Integer(dsaPubKey.getParams().getQ())); vec.add(new ASN1Integer(dsaPubKey.getParams().getG())); ASN1Sequence dssParams = new DERSequence(vec); try {// w w w.j av a 2 s. c om return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, dssParams), new ASN1Integer(dsaPubKey.getY())); } catch (IOException ex) { throw new InvalidKeyException(ex.getMessage(), ex); } } else if (publicKey instanceof RSAPublicKey) { RSAPublicKey rsaPubKey = (RSAPublicKey) publicKey; try { return new SubjectPublicKeyInfo( new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPublicKey(rsaPubKey.getModulus(), rsaPubKey.getPublicExponent())); } catch (IOException ex) { throw new InvalidKeyException(ex.getMessage(), ex); } } else if (publicKey instanceof ECPublicKey) { ECPublicKey ecPubKey = (ECPublicKey) publicKey; ECParameterSpec paramSpec = ecPubKey.getParams(); ASN1ObjectIdentifier curveOid = detectCurveOid(paramSpec); if (curveOid == null) { throw new InvalidKeyException("Cannot find namedCurve of the given public key"); } java.security.spec.ECPoint pointW = ecPubKey.getW(); BigInteger wx = pointW.getAffineX(); if (wx.signum() != 1) { throw new InvalidKeyException("Wx is not positive"); } BigInteger wy = pointW.getAffineY(); if (wy.signum() != 1) { throw new InvalidKeyException("Wy is not positive"); } int keysize = (paramSpec.getOrder().bitLength() + 7) / 8; byte[] wxBytes = wx.toByteArray(); byte[] wyBytes = wy.toByteArray(); byte[] pubKey = new byte[1 + keysize * 2]; pubKey[0] = 4; // uncompressed int numBytesToCopy = Math.min(wxBytes.length, keysize); int srcOffset = Math.max(0, wxBytes.length - numBytesToCopy); int destOffset = 1 + Math.max(0, keysize - wxBytes.length); System.arraycopy(wxBytes, srcOffset, pubKey, destOffset, numBytesToCopy); numBytesToCopy = Math.min(wyBytes.length, keysize); srcOffset = Math.max(0, wyBytes.length - numBytesToCopy); destOffset = 1 + keysize + Math.max(0, keysize - wyBytes.length); System.arraycopy(wyBytes, srcOffset, pubKey, destOffset, numBytesToCopy); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, curveOid); return new SubjectPublicKeyInfo(algId, pubKey); } else { throw new InvalidKeyException("unknown publicKey class " + publicKey.getClass().getName()); } }