List of usage examples for org.bouncycastle.asn1.x9 X9ObjectIdentifiers id_dsa
ASN1ObjectIdentifier id_dsa
To view the source code for org.bouncycastle.asn1.x9 X9ObjectIdentifiers id_dsa.
Click Source Link
dsapublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) ansi-x957(10040) number-type(4) 1 } Base OID: 1.2.840.10040.4.1 From source file:dorkbox.build.util.jar.JarSigner.java
License:Apache License
private static void writeDsaKeysToFile(DSAPrivateKeyParameters wimpyPrivateKey, DSAPublicKeyParameters wimpyPublicKey, File wimpyKeyRawFile) throws IOException, FileNotFoundException { DSAParameters parameters = wimpyPublicKey.getParameters(); // has to convert to DSAParameter so encoding works. byte[] publicKeyBytes = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(parameters.getP(), parameters.getQ(), parameters.getG()).toASN1Primitive()), new ASN1Integer(wimpyPublicKey.getY())).getEncoded(); // SAME AS://ww w . ja v a2s . co m // Certificate[] certificates = Launcher.class.getProtectionDomain().getCodeSource().getCertificates(); // if (certificates.length != 1) { // // WHOOPS! // Exit.FailedSecurity("Incorrect certificate length!"); // } // // Certificate certificate = certificates[0]; // PublicKey publicKey = certificate.getPublicKey(); // byte[] publicKeyBytes = publicKey.getEncoded(); // // digest.reset(); // digest.update(publicKeyBytes, 0, publicKeyBytes.length); // hashPublicKeyBytes = digest.digest(); parameters = wimpyPrivateKey.getParameters(); byte[] privateKeyBytes = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(parameters.getP(), parameters.getQ(), parameters.getG()).toASN1Primitive()), new ASN1Integer(wimpyPrivateKey.getX())).getEncoded(); // write public length to bytes. byte[] publicKeySize = new byte[] { (byte) (publicKeyBytes.length >>> 24), (byte) (publicKeyBytes.length >>> 16), (byte) (publicKeyBytes.length >>> 8), (byte) (publicKeyBytes.length >>> 0) }; ByteArrayOutputStream keyOutputStream = new ByteArrayOutputStream( 4 + publicKeyBytes.length + privateKeyBytes.length); keyOutputStream.write(publicKeyBytes, 0, publicKeyBytes.length); keyOutputStream.write(privateKeyBytes, 0, privateKeyBytes.length); keyOutputStream.write(publicKeySize, 0, publicKeySize.length); // mess with people staring at the keys (store length at the end). displayByteHash(publicKeyBytes); // write out the file OutputStream outputStream = new FileOutputStream(wimpyKeyRawFile); keyOutputStream.writeTo(outputStream); Sys.close(outputStream); }
From source file:dorkbox.util.crypto.DsaTest.java
License:Apache License
@Test public void DsaJceSerializaion() throws IOException { AsymmetricCipherKeyPair generateKeyPair = CryptoDSA .generateKeyPair(new SecureRandom(entropySeed.getBytes()), 1024); DSAPrivateKeyParameters privateKey = (DSAPrivateKeyParameters) generateKeyPair.getPrivate(); DSAPublicKeyParameters publicKey = (DSAPublicKeyParameters) generateKeyPair.getPublic(); // public key as bytes. DSAParameters parameters = publicKey.getParameters(); byte[] bs = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(parameters.getP(), parameters.getQ(), parameters.getG()).toASN1Primitive()), new ASN1Integer(publicKey.getY())).getEncoded(); parameters = privateKey.getParameters(); byte[] bs2 = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(parameters.getP(), parameters.getQ(), parameters.getG()).toASN1Primitive()), new ASN1Integer(privateKey.getX())).getEncoded(); DSAPrivateKeyParameters privateKey2 = (DSAPrivateKeyParameters) PrivateKeyFactory.createKey(bs2); DSAPublicKeyParameters publicKey2 = (DSAPublicKeyParameters) PublicKeyFactory.createKey(bs); // test via signing byte[] bytes = "hello, my name is inigo montoya".getBytes(); BigInteger[] signature = CryptoDSA.generateSignature(privateKey, new SecureRandom(entropySeed.getBytes()), bytes);/* ww w. j av a2 s . c om*/ boolean verify1 = CryptoDSA.verifySignature(publicKey, bytes, signature); if (!verify1) { fail("failed signature verification"); } boolean verify2 = CryptoDSA.verifySignature(publicKey2, bytes, signature); if (!verify2) { fail("failed signature verification"); } // now reverse who signs what. BigInteger[] signatureB = CryptoDSA.generateSignature(privateKey2, new SecureRandom(entropySeed.getBytes()), bytes); boolean verifyB1 = CryptoDSA.verifySignature(publicKey, bytes, signatureB); if (!verifyB1) { fail("failed signature verification"); } boolean verifyB2 = CryptoDSA.verifySignature(publicKey2, bytes, signatureB); if (!verifyB2) { fail("failed signature verification"); } }
From source file:net.jradius.client.auth.EAPTLSAuthenticator.java
License:Open Source License
/** * Create a private key parameter from the passed in PKCS8 PrivateKeyInfo object. * // w w w . j a v a 2s .com * @param keyInfo the PrivateKeyInfo object containing the key material * @return a suitable private key parameter * @throws IOException on an error decoding the key */ public static AsymmetricKeyParameter createKey(PrivateKeyInfo keyInfo) throws IOException { AlgorithmIdentifier algId = keyInfo.getAlgorithmId(); if (algId.getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption)) { RSAPrivateKeyStructure keyStructure = new RSAPrivateKeyStructure( (ASN1Sequence) keyInfo.getPrivateKey()); return new RSAPrivateCrtKeyParameters(keyStructure.getModulus(), keyStructure.getPublicExponent(), keyStructure.getPrivateExponent(), keyStructure.getPrime1(), keyStructure.getPrime2(), keyStructure.getExponent1(), keyStructure.getExponent2(), keyStructure.getCoefficient()); } else if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement)) { DHParameter params = new DHParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters()); DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); BigInteger lVal = params.getL(); int l = lVal == null ? 0 : lVal.intValue(); DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l); return new DHPrivateKeyParameters(derX.getValue(), dhParams); } else if (algId.getObjectId().equals(OIWObjectIdentifiers.elGamalAlgorithm)) { ElGamalParameter params = new ElGamalParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters()); DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(params.getP(), params.getG())); } else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa)) { DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); DEREncodable de = keyInfo.getAlgorithmId().getParameters(); DSAParameters parameters = null; if (de != null) { DSAParameter params = DSAParameter.getInstance(de.getDERObject()); parameters = new DSAParameters(params.getP(), params.getQ(), params.getG()); } return new DSAPrivateKeyParameters(derX.getValue(), parameters); } else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_ecPublicKey)) { X962Parameters params = new X962Parameters((DERObject) keyInfo.getAlgorithmId().getParameters()); ECDomainParameters dParams = null; if (params.isNamedCurve()) { DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters(); X9ECParameters ecP = X962NamedCurves.getByOID(oid); if (ecP == null) { ecP = SECNamedCurves.getByOID(oid); if (ecP == null) { ecP = NISTNamedCurves.getByOID(oid); if (ecP == null) { ecP = TeleTrusTNamedCurves.getByOID(oid); } } } dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed()); } else { X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters()); dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed()); } ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) keyInfo.getPrivateKey()); return new ECPrivateKeyParameters(ec.getKey(), dParams); } else { throw new RuntimeException("algorithm identifier in key not recognised"); } }
From source file:org.usrz.libs.crypto.pem.PEMFactory.java
License:Apache License
public PrivateKey getPrivateKey(PrivateKeyInfo keyInfo) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException { final Object algorithmId = keyInfo.getPrivateKeyAlgorithm().getAlgorithm(); final ASN1Encodable encodable; try {// w w w . j a v a 2s .c om encodable = keyInfo.parsePrivateKey(); } catch (IOException exception) { throw new InvalidKeyException("Unable to parse private key structure", exception); } /* DSA keys */ if (algorithmId.equals(X9ObjectIdentifiers.id_dsa)) { final ASN1Encodable encodedParams = keyInfo.getPrivateKeyAlgorithm().getParameters(); final DSAParameter params = DSAParameter.getInstance(encodedParams); final BigInteger x = ASN1Integer.getInstance(encodable).getValue(); return getDSAKeyFactory() .generatePrivate(new DSAPrivateKeySpec(x, params.getP(), params.getQ(), params.getG())); } /* RSA keys */ if (algorithmId.equals(PKCSObjectIdentifiers.rsaEncryption)) { final RSAPrivateKey privateKey = RSAPrivateKey.getInstance(encodable); return getRSAKeyFactory().generatePrivate( new RSAPrivateCrtKeySpec(privateKey.getModulus(), privateKey.getPublicExponent(), privateKey.getPrivateExponent(), privateKey.getPrime1(), privateKey.getPrime2(), privateKey.getExponent1(), privateKey.getExponent2(), privateKey.getCoefficient())); } /* Others? */ throw new NoSuchAlgorithmException("Unsupported algorithm for private key: " + algorithmId); }
From source file:org.usrz.libs.crypto.pem.PEMFactory.java
License:Apache License
public PublicKey getPublicKey(SubjectPublicKeyInfo keyInfo) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException { final Object algorithmId = keyInfo.getAlgorithm().getAlgorithm(); final byte[] encoded; try {/*from www . j a va 2s. co m*/ encoded = keyInfo.getEncoded(); } catch (IOException exception) { throw new InvalidKeyException("Unable to get encoded key", exception); } /* DSA keys */ if (algorithmId.equals(X9ObjectIdentifiers.id_dsa)) { return getDSAKeyFactory().generatePublic(new X509EncodedKeySpec(encoded)); } /* RSA keys */ if (algorithmId.equals(PKCSObjectIdentifiers.rsaEncryption)) { return getRSAKeyFactory().generatePublic(new X509EncodedKeySpec(encoded)); } /* Others? */ throw new NoSuchAlgorithmException("Unsupported algorithm for private key: " + algorithmId); }
From source file:org.xipki.ca.certprofile.internal.ProfileConfCreatorDemo.java
License:Open Source License
private static KeyAlgorithms createKeyAlgorithms() { KeyAlgorithms ret = new KeyAlgorithms(); List<AlgorithmType> list = ret.getAlgorithm(); // RSA//from w w w . j a v a 2 s . c o m { AlgorithmType algorithm = new AlgorithmType(); list.add(algorithm); algorithm.getAlgorithm().add(createOidType(PKCSObjectIdentifiers.rsaEncryption, "RSA")); RSAParameters params = new RSAParameters(); algorithm.setParameters(createKeyParametersType(params)); RangesType ranges = new RangesType(); params.setModulusLength(ranges); List<RangeType> modulusLengths = ranges.getRange(); modulusLengths.add(createRange(2048)); modulusLengths.add(createRange(3072)); } // DSA { AlgorithmType algorithm = new AlgorithmType(); list.add(algorithm); algorithm.getAlgorithm().add(createOidType(X9ObjectIdentifiers.id_dsa, "DSA")); DSAParameters params = new DSAParameters(); algorithm.setParameters(createKeyParametersType(params)); RangesType ranges = new RangesType(); params.setPLength(ranges); List<RangeType> pLengths = ranges.getRange(); pLengths.add(createRange(1024)); pLengths.add(createRange(2048)); ranges = new RangesType(); params.setQLength(ranges); List<RangeType> qLengths = ranges.getRange(); qLengths.add(createRange(160)); qLengths.add(createRange(224)); qLengths.add(createRange(256)); } // EC { AlgorithmType algorithm = new AlgorithmType(); list.add(algorithm); algorithm.getAlgorithm().add(createOidType(X9ObjectIdentifiers.id_ecPublicKey, "EC")); ECParameters params = new ECParameters(); algorithm.setParameters(createKeyParametersType(params)); Curves curves = new Curves(); params.setCurves(curves); ASN1ObjectIdentifier[] curveIds = new ASN1ObjectIdentifier[] { SECObjectIdentifiers.secp256r1, TeleTrusTObjectIdentifiers.brainpoolP256r1 }; for (ASN1ObjectIdentifier curveId : curveIds) { String name = SecurityUtil.getCurveName(curveId); curves.getCurve().add(createOidType(curveId, name)); } params.setPointEncodings(new PointEncodings()); final Byte unpressed = 4; params.getPointEncodings().getPointEncoding().add(unpressed); } return ret; }
From source file:org.xipki.commons.security.pkcs11.emulator.EmulatorP11Slot.java
License:Open Source License
private PublicKey readPublicKey(final byte[] keyId) throws P11TokenException { String hexKeyId = Hex.toHexString(keyId); File pubKeyFile = new File(pubKeyDir, hexKeyId + INFO_FILE_SUFFIX); Properties props = loadProperties(pubKeyFile); String algorithm = props.getProperty(PROP_ALGORITHM); if (PKCSObjectIdentifiers.rsaEncryption.getId().equals(algorithm)) { BigInteger exp = new BigInteger(1, Hex.decode(props.getProperty(PROP_RSA_PUBLIC_EXPONENT))); BigInteger mod = new BigInteger(1, Hex.decode(props.getProperty(PROP_RSA_MODUS))); RSAPublicKeySpec keySpec = new RSAPublicKeySpec(mod, exp); try {// ww w . j a v a 2s.com return KeyUtil.generateRSAPublicKey(keySpec); } catch (InvalidKeySpecException ex) { throw new P11TokenException(ex.getMessage(), ex); } } else if (X9ObjectIdentifiers.id_dsa.getId().equals(algorithm)) { BigInteger prime = new BigInteger(1, Hex.decode(props.getProperty(PROP_DSA_PRIME))); // p BigInteger subPrime = new BigInteger(1, Hex.decode(props.getProperty(PROP_DSA_SUBPRIME))); // q BigInteger base = new BigInteger(1, Hex.decode(props.getProperty(PROP_DSA_BASE))); // g BigInteger value = new BigInteger(1, Hex.decode(props.getProperty(PROP_DSA_VALUE))); // y DSAPublicKeySpec keySpec = new DSAPublicKeySpec(value, prime, subPrime, base); try { return KeyUtil.generateDSAPublicKey(keySpec); } catch (InvalidKeySpecException ex) { throw new P11TokenException(ex.getMessage(), ex); } } else if (X9ObjectIdentifiers.id_ecPublicKey.getId().equals(algorithm)) { byte[] ecdsaParams = Hex.decode(props.getProperty(PROP_EC_ECDSA_PARAMS)); byte[] asn1EncodedPoint = Hex.decode(props.getProperty(PROP_EC_EC_POINT)); byte[] ecPoint = DEROctetString.getInstance(asn1EncodedPoint).getOctets(); try { return KeyUtil.createECPublicKey(ecdsaParams, ecPoint); } catch (InvalidKeySpecException ex) { throw new P11TokenException(ex.getMessage(), ex); } } else { throw new P11TokenException("unknown key algorithm " + algorithm); } }
From source file:org.xipki.commons.security.pkcs11.emulator.EmulatorP11Slot.java
License:Open Source License
private void savePkcs11PublicKey(final byte[] id, final String label, final PublicKey publicKey) throws P11TokenException { String hexId = Hex.toHexString(id).toLowerCase(); StringBuilder sb = new StringBuilder(100); sb.append(PROP_ID).append('=').append(hexId).append('\n'); sb.append(PROP_LABEL).append('=').append(label).append('\n'); if (publicKey instanceof RSAPublicKey) { sb.append(PROP_ALGORITHM).append('='); sb.append(PKCSObjectIdentifiers.rsaEncryption.getId()); sb.append('\n'); sb.append(PROP_RSA_MODUS).append('='); RSAPublicKey rsaKey = (RSAPublicKey) publicKey; sb.append(Hex.toHexString(rsaKey.getModulus().toByteArray())); sb.append('\n'); sb.append(PROP_RSA_PUBLIC_EXPONENT).append('='); sb.append(Hex.toHexString(rsaKey.getPublicExponent().toByteArray())); sb.append('\n'); } else if (publicKey instanceof DSAPublicKey) { sb.append(PROP_ALGORITHM).append('='); sb.append(X9ObjectIdentifiers.id_dsa.getId()); sb.append('\n'); sb.append(PROP_DSA_PRIME).append('='); DSAPublicKey dsaKey = (DSAPublicKey) publicKey; sb.append(Hex.toHexString(dsaKey.getParams().getP().toByteArray())); sb.append('\n'); sb.append(PROP_DSA_SUBPRIME).append('='); sb.append(Hex.toHexString(dsaKey.getParams().getQ().toByteArray())); sb.append('\n'); sb.append(PROP_DSA_BASE).append('='); sb.append(Hex.toHexString(dsaKey.getParams().getG().toByteArray())); sb.append('\n'); sb.append(PROP_DSA_VALUE).append('='); sb.append(Hex.toHexString(dsaKey.getY().toByteArray())); sb.append('\n'); } else if (publicKey instanceof ECPublicKey) { sb.append(PROP_ALGORITHM).append('='); sb.append(X9ObjectIdentifiers.id_ecPublicKey.getId()); sb.append('\n'); ECPublicKey ecKey = (ECPublicKey) publicKey; ECParameterSpec paramSpec = ecKey.getParams(); // ecdsaParams org.bouncycastle.jce.spec.ECParameterSpec bcParamSpec = EC5Util.convertSpec(paramSpec, false); ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(bcParamSpec); if (curveOid == null) { throw new P11TokenException("EC public key is not of namedCurve"); }//from www . j a v a 2s .c o m byte[] encodedParams; try { if (namedCurveSupported) { encodedParams = curveOid.getEncoded(); } else { encodedParams = ECNamedCurveTable.getByOID(curveOid).getEncoded(); } } catch (IOException | NullPointerException ex) { throw new P11TokenException(ex.getMessage(), ex); } sb.append(PROP_EC_ECDSA_PARAMS).append('='); sb.append(Hex.toHexString(encodedParams)); sb.append('\n'); // EC point java.security.spec.ECPoint pointW = ecKey.getW(); int keysize = (paramSpec.getOrder().bitLength() + 7) / 8; byte[] ecPoint = new byte[1 + keysize * 2]; ecPoint[0] = 4; // uncompressed bigIntToBytes("Wx", pointW.getAffineX(), ecPoint, 1, keysize); bigIntToBytes("Wy", pointW.getAffineY(), ecPoint, 1 + keysize, keysize); byte[] encodedEcPoint; try { encodedEcPoint = new DEROctetString(ecPoint).getEncoded(); } catch (IOException ex) { throw new P11TokenException("could not ASN.1 encode the ECPoint"); } sb.append(PROP_EC_EC_POINT).append('='); sb.append(Hex.toHexString(encodedEcPoint)); sb.append('\n'); } else { throw new IllegalArgumentException("unsupported public key " + publicKey.getClass().getName()); } try { IoUtil.save(new File(pubKeyDir, hexId + INFO_FILE_SUFFIX), sb.toString().getBytes()); } catch (IOException ex) { throw new P11TokenException(ex.getMessage(), ex); } }
From source file:org.xipki.commons.security.pkcs11.emulator.PrivateKeyCryptor.java
License:Open Source License
PrivateKey decrypt(final PKCS8EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) throws P11TokenException { ParamUtil.requireNonNull("encryptedPrivateKeyInfo", encryptedPrivateKeyInfo); PrivateKeyInfo privateKeyInfo;/*from w ww . j ava2 s . c o m*/ synchronized (decryptorProvider) { try { privateKeyInfo = encryptedPrivateKeyInfo.decryptPrivateKeyInfo(decryptorProvider); } catch (PKCSException ex) { throw new P11TokenException(ex.getMessage(), ex); } } AlgorithmIdentifier keyAlg = privateKeyInfo.getPrivateKeyAlgorithm(); ASN1ObjectIdentifier keyAlgOid = keyAlg.getAlgorithm(); String algoName; if (PKCSObjectIdentifiers.rsaEncryption.equals(keyAlgOid)) { algoName = "RSA"; } else if (X9ObjectIdentifiers.id_dsa.equals(keyAlgOid)) { algoName = "DSA"; } else if (X9ObjectIdentifiers.id_ecPublicKey.equals(keyAlgOid)) { algoName = "EC"; } else { throw new P11TokenException("unknown private key algorithm " + keyAlgOid.getId()); } try { KeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded()); KeyFactory keyFactory = KeyFactory.getInstance(algoName, "BC"); return keyFactory.generatePrivate(keySpec); } catch (IOException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException ex) { throw new P11TokenException(ex.getClass().getName() + ": " + ex.getMessage(), ex); } }
From source file:org.xipki.commons.security.util.KeyUtil.java
License:Open Source License
public static PublicKey generatePublicKey(final SubjectPublicKeyInfo pkInfo) throws NoSuchAlgorithmException, InvalidKeySpecException { ParamUtil.requireNonNull("pkInfo", pkInfo); X509EncodedKeySpec keyspec;/*from w w w . j a v a 2s . c o m*/ try { keyspec = new X509EncodedKeySpec(pkInfo.getEncoded()); } catch (IOException ex) { throw new InvalidKeySpecException(ex.getMessage(), ex); } ASN1ObjectIdentifier aid = pkInfo.getAlgorithm().getAlgorithm(); String algorithm; if (PKCSObjectIdentifiers.rsaEncryption.equals(aid)) { algorithm = "RSA"; } else if (X9ObjectIdentifiers.id_dsa.equals(aid)) { algorithm = "DSA"; } else if (X9ObjectIdentifiers.id_ecPublicKey.equals(aid)) { algorithm = "EC"; } else { throw new InvalidKeySpecException("unsupported key algorithm: " + aid); } KeyFactory kf = getKeyFactory(algorithm); synchronized (kf) { return kf.generatePublic(keyspec); } }