List of usage examples for org.bouncycastle.crypto.params ECDomainParameters ECDomainParameters
public ECDomainParameters(ECCurve curve, ECPoint G, BigInteger n, BigInteger h, byte[] seed)
From source file:com.github.horrorho.inflatabledonkey.crypto.ec.ECAssistant.java
License:Open Source License
public static ECDomainParameters ecDomainParametersFrom(X9ECParameters x9ECParameters) { return new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN(), x9ECParameters.getH(), x9ECParameters.getSeed()); }
From source file:com.licel.jcardsim.crypto.ECKeyImpl.java
License:Apache License
/** * Get defaults/* ww w . j a v a2 s.c om*/ * <code>ECDomainParameters</code> for EC curve * {@link http://www.secg.org/collateral/sec2_final.pdf} * * @param keyType * @param keySize * @return parameters for use with BouncyCastle API * @see ECDomainParameters */ static ECDomainParameters getDefaultsDomainParameters(byte keyType, short keySize) { String curveName = ""; switch (keySize) { case 113: case 131: case 163: case 193: if ((keyType != KeyBuilder.TYPE_EC_F2M_PRIVATE) & (keyType != KeyBuilder.TYPE_EC_F2M_PUBLIC)) { CryptoException.throwIt(CryptoException.ILLEGAL_VALUE); } curveName = "sect" + keySize + "r1"; break; case 112: case 128: case 160: case 192: case 256: if ((keyType != KeyBuilder.TYPE_EC_FP_PRIVATE) & (keyType != KeyBuilder.TYPE_EC_FP_PUBLIC)) { CryptoException.throwIt(CryptoException.ILLEGAL_VALUE); } curveName = "secp" + keySize + "r1"; break; default: CryptoException.throwIt(CryptoException.ILLEGAL_VALUE); break; } X9ECParameters x9params = SECNamedCurves.getByName(curveName); return new ECDomainParameters(x9params.getCurve(), x9params.getG(), // G x9params.getN(), x9params.getH(), x9params.getSeed()); }
From source file:eu.betaas.taas.securitymanager.common.ec.ECKeyPairGen.java
License:Apache License
/** * Generate a random EC (Elliptic Curve) random 192-bit key pair (equivalent * to 1536-bit RSA) based on NIST and SECG, using Bc (Bouncy Castle) classes * @return a pair of EC keys (AsymmetricCipherKeyPair type) *///from w ww . j a v a 2 s. c o m public static AsymmetricCipherKeyPair generateECKeyPair192() { AsymmetricCipherKeyPairGenerator kpGen = new ECKeyPairGenerator(); // First, define an EC curve // ECCurve.Fp(p, a, b); p = prime; a,b = constants defined in equation E: y^2=x^3+ax+b (mod p) ECCurve curve = new ECCurve.Fp(new BigInteger(ECParams.P_192_R1, 16), // p new BigInteger(ECParams.A_192_R1, 16), // a new BigInteger(ECParams.B_192_R1, 16)); // b byte[] seed = Hex.decode(ECParams.SEED_192_R1); // finally use the seed in the ECKeyGenerationParameters along with the others // ECKeyGenerationParameters(ECDomainParameters(ECCurve, G, n, h),random) kpGen.init(new ECKeyGenerationParameters( new ECDomainParameters(curve, curve.decodePoint(Hex.decode(ECParams.G_192_R1_NCOMP)), // G new BigInteger(ECParams.N_192_R1, 16), // n new BigInteger(ECParams.H_192_R1, 16), // h seed), // seed new SecureRandom())); return kpGen.generateKeyPair(); }
From source file:eu.betaas.taas.securitymanager.common.ec.ECKeyPairGen.java
License:Apache License
/** * Generate a random EC (Elliptic Curve) random 224-bit key pair (equivalent * to 2048-bit RSA) based on NIST and SECG, using Bc (Bouncy Castle) classes * @return a pair of EC keys (AsymmetricCipherKeyPair type) *//*w w w . ja va2s. c om*/ public static AsymmetricCipherKeyPair generateECKeyPair224() { AsymmetricCipherKeyPairGenerator kpGen = new ECKeyPairGenerator(); // ECCurve.Fp(p, a, b); p = prime; a,b = constants defined in equation E: y^2=x^3+ax+b (mod p) ECCurve curve = new ECCurve.Fp(new BigInteger(ECParams.P_224_R1, 16), new BigInteger(ECParams.A_224_R1, 16), new BigInteger(ECParams.B_224_R1, 16)); byte[] seed = Hex.decode(ECParams.SEED_224_R1); // finally use the seed in the ECKeyGenerationParameters along with the others // ECKeyGenerationParameters(ECDomainParameters(ECCurve, G, n, h),random) kpGen.init(new ECKeyGenerationParameters( new ECDomainParameters(curve, curve.decodePoint(Hex.decode(ECParams.G_224_R1_NCOMP)), new BigInteger(ECParams.N_224_R1, 16), new BigInteger(ECParams.H_224_R1, 16), seed), new SecureRandom())); return kpGen.generateKeyPair(); }
From source file:eu.betaas.taas.securitymanager.common.ec.ECKeyPairGen.java
License:Apache License
/** * Generate random 192-bit EC Public Key given the Q/W parameters of EC Public * Key, i.e. the X and Y coordinate //from w w w . j av a 2 s . co m * @param Wx: X coordinate of Q or W point representing the EC public key * @param Wy: Y coordinate of Q or W point representing the EC public key * @return * @throws Exception */ public static ECPublicKeyParameters generateECPublicKey192(BigInteger Wx, BigInteger Wy) throws Exception { // First, define an EC curve // ECCurve.Fp(p, a, b); p = prime; a,b = constants defined in equation E: y^2=x^3+ax+b (mod p) ECCurve curve = new ECCurve.Fp(new BigInteger(ECParams.P_192_R1, 16), // p new BigInteger(ECParams.A_192_R1, 16), // a new BigInteger(ECParams.B_192_R1, 16)); // b byte[] seed = Hex.decode(ECParams.SEED_192_R1); org.bouncycastle.math.ec.ECPoint gPoint = curve.createPoint(Wx, Wy); return new ECPublicKeyParameters(gPoint, new ECDomainParameters(curve, curve.decodePoint(Hex.decode(ECParams.G_192_R1_NCOMP)), // G new BigInteger(ECParams.N_192_R1, 16), // n new BigInteger(ECParams.H_192_R1, 16), // h seed)); }
From source file:eu.betaas.taas.securitymanager.common.ec.ECKeyPairGen.java
License:Apache License
/** * A method to reconstruct an ECPublicKey from a SubjectPublicKeyInfo of a * certificate /* w ww.j a v a 2s. c o m*/ * @param info: SubjectPublicKeyInfo in a X509Certificate * @return: ECPublicKeyParameters */ public static ECPublicKeyParameters generateECPublicKey(SubjectPublicKeyInfo info) { X962Parameters as = (X962Parameters) info.getAlgorithm().getParameters(); DERSequence aa = (DERSequence) as.getParameters(); Enumeration en = aa.getObjects(); ECCurve curve = null; org.bouncycastle.math.ec.ECPoint g = null; byte[] seed = null; BigInteger h = null; BigInteger n = null; while (en.hasMoreElements()) { Object oen = en.nextElement(); if (oen instanceof X9Curve) { curve = ((X9Curve) oen).getCurve(); seed = ((X9Curve) oen).getSeed(); } else if (oen instanceof X9ECPoint) { g = ((X9ECPoint) oen).getPoint(); } else if (oen instanceof ASN1Integer) { BigInteger xoen = ((ASN1Integer) oen).getValue(); if (xoen.equals(BigInteger.ONE)) h = xoen; else n = xoen; } } ASN1OctetString key = new DEROctetString(info.getPublicKeyData().getBytes()); X9ECPoint derQ = new X9ECPoint(curve, key); ECDomainParameters dParams = new ECDomainParameters(curve, g, n, h, seed); return new ECPublicKeyParameters(derQ.getPoint(), dParams); }
From source file:net.jradius.client.auth.EAPTLSAuthenticator.java
License:Open Source License
/** * Create a private key parameter from the passed in PKCS8 PrivateKeyInfo object. * /* ww w .j av a2 s . c o m*/ * @param keyInfo the PrivateKeyInfo object containing the key material * @return a suitable private key parameter * @throws IOException on an error decoding the key */ public static AsymmetricKeyParameter createKey(PrivateKeyInfo keyInfo) throws IOException { AlgorithmIdentifier algId = keyInfo.getAlgorithmId(); if (algId.getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption)) { RSAPrivateKeyStructure keyStructure = new RSAPrivateKeyStructure( (ASN1Sequence) keyInfo.getPrivateKey()); return new RSAPrivateCrtKeyParameters(keyStructure.getModulus(), keyStructure.getPublicExponent(), keyStructure.getPrivateExponent(), keyStructure.getPrime1(), keyStructure.getPrime2(), keyStructure.getExponent1(), keyStructure.getExponent2(), keyStructure.getCoefficient()); } else if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement)) { DHParameter params = new DHParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters()); DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); BigInteger lVal = params.getL(); int l = lVal == null ? 0 : lVal.intValue(); DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l); return new DHPrivateKeyParameters(derX.getValue(), dhParams); } else if (algId.getObjectId().equals(OIWObjectIdentifiers.elGamalAlgorithm)) { ElGamalParameter params = new ElGamalParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters()); DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(params.getP(), params.getG())); } else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa)) { DERInteger derX = (DERInteger) keyInfo.getPrivateKey(); DEREncodable de = keyInfo.getAlgorithmId().getParameters(); DSAParameters parameters = null; if (de != null) { DSAParameter params = DSAParameter.getInstance(de.getDERObject()); parameters = new DSAParameters(params.getP(), params.getQ(), params.getG()); } return new DSAPrivateKeyParameters(derX.getValue(), parameters); } else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_ecPublicKey)) { X962Parameters params = new X962Parameters((DERObject) keyInfo.getAlgorithmId().getParameters()); ECDomainParameters dParams = null; if (params.isNamedCurve()) { DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters(); X9ECParameters ecP = X962NamedCurves.getByOID(oid); if (ecP == null) { ecP = SECNamedCurves.getByOID(oid); if (ecP == null) { ecP = NISTNamedCurves.getByOID(oid); if (ecP == null) { ecP = TeleTrusTNamedCurves.getByOID(oid); } } } dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed()); } else { X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters()); dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed()); } ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) keyInfo.getPrivateKey()); return new ECPrivateKeyParameters(ec.getKey(), dParams); } else { throw new RuntimeException("algorithm identifier in key not recognised"); } }
From source file:org.cryptacular.asn.OpenSSLPrivateKeyDecoder.java
License:Open Source License
@Override protected AsymmetricKeyParameter decodeASN1(final byte[] encoded) { final ASN1Object o; try {//from w w w. j av a 2s. c o m o = ASN1Primitive.fromByteArray(encoded); } catch (Exception e) { throw new IllegalArgumentException("Invalid encoded key"); } final AsymmetricKeyParameter key; if (o instanceof ASN1ObjectIdentifier) { // EC private key with named curve in the default OpenSSL format emitted // by // // openssl ecparam -name xxxx -genkey // // which is the concatenation of the named curve OID and a sequence of 1 // containing the private point final ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(o); final int len = encoded[1]; final byte[] privatePart = new byte[encoded.length - len - 2]; System.arraycopy(encoded, len + 2, privatePart, 0, privatePart.length); final ASN1Sequence seq = ASN1Sequence.getInstance(privatePart); final X9ECParameters params = ECUtil.getNamedCurveByOid(oid); key = new ECPrivateKeyParameters(ASN1Integer.getInstance(seq.getObjectAt(0)).getValue(), new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed())); } else { // OpenSSL "traditional" format is an ASN.1 sequence of key parameters // Detect key type based on number and types of parameters: // RSA -> {version, mod, pubExp, privExp, prime1, prime2, exp1, exp2, c} // DSA -> {version, p, q, g, pubExp, privExp} // EC -> {version, privateKey, parameters, publicKey} final ASN1Sequence sequence = ASN1Sequence.getInstance(o); if (sequence.size() == 9) { // RSA private certificate key key = new RSAPrivateCrtKeyParameters(ASN1Integer.getInstance(sequence.getObjectAt(1)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(2)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(3)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(4)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(5)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(6)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(7)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(8)).getValue()); } else if (sequence.size() == 6) { // DSA private key key = new DSAPrivateKeyParameters(ASN1Integer.getInstance(sequence.getObjectAt(5)).getValue(), new DSAParameters(ASN1Integer.getInstance(sequence.getObjectAt(1)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(2)).getValue(), ASN1Integer.getInstance(sequence.getObjectAt(3)).getValue())); } else if (sequence.size() == 4) { // EC private key with explicit curve final X9ECParameters params = X9ECParameters .getInstance(ASN1TaggedObject.getInstance(sequence.getObjectAt(2)).getObject()); key = new ECPrivateKeyParameters( new BigInteger(ASN1OctetString.getInstance(sequence.getObjectAt(1)).getOctets()), new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed())); } else { throw new IllegalArgumentException("Invalid OpenSSL traditional private key format."); } } return key; }
From source file:org.cryptoworkshop.ximix.node.crypto.key.ECKeyPairGenerator.java
License:Apache License
public MessageReply handle(final KeyPairGenerateMessage message) { // TODO: sort out the reply messages try {/*from ww w.j a v a2s . com*/ switch (((Type) message.getType())) { case GENERATE: final NamedKeyGenParams ecKeyGenParams = (NamedKeyGenParams) NamedKeyGenParams .getInstance(message.getPayload()); final List<String> involvedPeers = ecKeyGenParams.getNodesToUse(); X9ECParameters params = CustomNamedCurves.getByName(ecKeyGenParams.getDomainParameters()); if (params == null) { params = ECNamedCurveTable.getByName(ecKeyGenParams.getDomainParameters()); } paramsMap.put(ecKeyGenParams.getKeyID(), new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed())); sharedHMap.init(ecKeyGenParams.getKeyID(), involvedPeers.size()); BigInteger h = generateH(params.getN(), new SecureRandom()); // TODO: provide randomness? ECPoint[] messages = new ECPoint[involvedPeers.size()]; for (int i = 0; i != messages.length; i++) { messages[i] = params.getG().multiply(h); } nodeContext.execute( new SendHTask(message.getAlgorithm(), ecKeyGenParams.getKeyID(), involvedPeers, messages)); final List<String> peerList = ecKeyGenParams.getNodesToUse(); ECNewDKGGenerator generator = (ECNewDKGGenerator) nodeContext .getKeyPairGenerator(ecKeyGenParams.getAlgorithm()); ECCommittedSecretShareMessage[] comMessages = generator.generateThresholdKey( ecKeyGenParams.getKeyID(), paramsMap.get(ecKeyGenParams.getKeyID()), peerList.size(), ecKeyGenParams.getThreshold(), sharedHMap.getShare(ecKeyGenParams.getKeyID()).getValue().normalize()); nodeContext.execute(new SendShareTask(generator, message.getAlgorithm(), ecKeyGenParams.getKeyID(), peerList, comMessages)); return new MessageReply(MessageReply.Type.OKAY); case STORE_H: StoreMessage storeMessage = StoreMessage.getInstance(message.getPayload()); ShareMessage shareMessage = ShareMessage.getInstance(storeMessage.getSecretShareMessage()); nodeContext.execute(new StoreHTask(storeMessage.getID(), shareMessage)); return new MessageReply(MessageReply.Type.OKAY); case STORE: StoreMessage sssMessage = StoreMessage.getInstance(message.getPayload()); // we may not have been asked to generate our share yet, if this is the case we need to queue up our share requests // till we can validate them. generator = (ECNewDKGGenerator) nodeContext.getKeyPairGenerator(message.getAlgorithm()); nodeContext.execute( new StoreShareTask(generator, sssMessage.getID(), sssMessage.getSecretShareMessage())); return new MessageReply(MessageReply.Type.OKAY); default: return new MessageReply(MessageReply.Type.ERROR, new DERUTF8String("Unknown command in NodeKeyGenerationService.")); } } catch (Exception e) { nodeContext.getEventNotifier().notify(EventNotifier.Level.ERROR, "NodeKeyGenerationService failure: " + e.getMessage(), e); return new MessageReply(MessageReply.Type.ERROR, new DERUTF8String("NodeKeyGenerationService failure: " + e.getMessage())); } }
From source file:org.cryptoworkshop.ximix.node.crypto.test.BasicShamirSharingTest.java
License:Apache License
@Test public void testMultiplicationProtocol() { X9ECParameters params = SECNamedCurves.getByName("secp256r1"); SecureRandom random = new SecureRandom(); ECDomainParameters domainParams = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed()); int numberOfPeers = 10; int threshold = 3; BigInteger p = params.getN(); ShamirSecretSplitter secretSplitter = new ShamirSecretSplitter(numberOfPeers, threshold, p, random); // The k shares ///*from w ww. j a v a2 s . c o m*/ BigInteger[] kVals = new BigInteger[numberOfPeers]; BigInteger[][] kShares = new BigInteger[numberOfPeers][]; for (int i = 0; i < numberOfPeers; i++) { kVals[i] = getRandomInteger(p, random); SplitSecret split = secretSplitter.split(kVals[i]); kShares[i] = split.getShares(); } BigInteger kVal = BigInteger.ZERO; for (BigInteger v : kVals) { kVal = kVal.add(v).mod(p); } BigInteger k = computeValue(numberOfPeers, threshold, p, kShares); BigInteger[] weights; BigInteger[] finalKShares = new BigInteger[numberOfPeers]; for (int i = 0; i < numberOfPeers; i++) { finalKShares[i] = kShares[0][i]; for (int j = 1; j < numberOfPeers; j++) { finalKShares[i] = finalKShares[i].add(kShares[j][i]); } } // // divided by numberOfPeers as numberOfPeers polynomials Assert.assertEquals(k, kVal); // The a shares // BigInteger[] aVals = new BigInteger[numberOfPeers]; BigInteger[][] aShares = new BigInteger[numberOfPeers][]; for (int i = 0; i < numberOfPeers; i++) { aVals[i] = getRandomInteger(params.getN(), random); aShares[i] = secretSplitter.split(aVals[i]).getShares(); } BigInteger aVal = BigInteger.ZERO; for (BigInteger v : aVals) { aVal = aVal.add(v).mod(p); } BigInteger a = computeValue(numberOfPeers, threshold, p, aShares); BigInteger[] finalAShares = new BigInteger[numberOfPeers]; for (int i = 0; i < numberOfPeers; i++) { finalAShares[i] = aShares[0][i]; for (int j = 1; j < numberOfPeers; j++) { finalAShares[i] = finalAShares[i].add(aShares[j][i]); } } // // divided by numberOfPeers as numberOfPeers polynomials Assert.assertEquals(a, aVal); // create the splitter for the peers/threshold over the order of the curve. secretSplitter = new ShamirSecretSplitter(numberOfPeers, 2 * threshold, domainParams.getN(), random); // The z shares // BigInteger[][] zShares = new BigInteger[numberOfPeers][]; for (int i = 0; i < numberOfPeers; i++) { zShares[i] = secretSplitter.split(BigInteger.ZERO).getShares(); } BigInteger[] finalZShares = new BigInteger[numberOfPeers]; for (int i = 0; i < numberOfPeers; i++) { finalZShares[i] = zShares[0][i]; for (int j = 1; j < numberOfPeers; j++) { finalZShares[i] = finalZShares[i].add(zShares[j][i]); } } // Simulates distributing shares and combining them // v(i) = k(i)a(i) + z(i) // BigInteger[] finalVShares = new BigInteger[numberOfPeers]; // for (int i = 0; i < numberOfPeers; i++) // { // finalVShares[i] = kShares[0][i].multiply(aShares[0][i]).add(zShares[0][i]).mod(p); // for (int j = 1; j < numberOfPeers; j++) // { // finalVShares[i] = finalVShares[i].add(kShares[j][i].multiply(aShares[j][i]).add(zShares[j][i])).mod(p); // } // } BigInteger[] finalVShares = new BigInteger[numberOfPeers]; for (int i = 0; i < numberOfPeers; i++) { finalVShares[i] = finalKShares[i].multiply(finalAShares[i]).add(finalZShares[i]).mod(p); } BigInteger[] alpha = new BigInteger[numberOfPeers]; for (int i = 0; i < numberOfPeers; i++) { alpha[i] = BigInteger.valueOf(i + 1); } // BWDecoder bwDecU = new BWDecoder( // alpha, // finalVShares, // 2 * threshold, // p); // BigInteger mu1 = bwDecU.interpolate(BigInteger.ZERO); // // in this case these should come out the same. LagrangeWeightCalculator lagrangeWeightCalculator = new LagrangeWeightCalculator(numberOfPeers, domainParams.getN()); BigInteger[] weights1 = lagrangeWeightCalculator.computeWeights(finalVShares); BigInteger mu2 = finalVShares[0].multiply(weights1[0]).mod(p); for (int i = 1; i < weights1.length; i++) { if (finalVShares[i] != null) { mu2 = mu2.add(finalVShares[i].multiply(weights1[i])).mod(p); } } // Assert.assertEquals(mu1, mu2); // // check values for mu // Assert.assertEquals(mu2, k.multiply(a).mod(p)); }