List of usage examples for org.bouncycastle.crypto.params ECPublicKeyParameters getQ
public ECPoint getQ()
From source file:com.bitsofproof.supernode.api.ECKeyPair.java
License:Apache License
public static ECKeyPair createNew(boolean compressed) { ECKeyPairGenerator generator = new ECKeyPairGenerator(); ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(domain, secureRandom); generator.init(keygenParams);/* w ww . j a va2s.com*/ AsymmetricCipherKeyPair keypair = generator.generateKeyPair(); ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate(); ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic(); ECKeyPair k = new ECKeyPair(); k.priv = privParams.getD(); k.compressed = compressed; if (compressed) { ECPoint q = pubParams.getQ(); k.pub = new ECPoint.Fp(domain.getCurve(), q.getX(), q.getY(), true).getEncoded(); } else { k.pub = pubParams.getQ().getEncoded(); } return k; }
From source file:com.google.bitcoin.core.ECKey.java
License:Apache License
/** * Generates an entirely new keypair. Point compression is used so the resulting public key will be 33 bytes * (32 for the co-ordinate and 1 byte to represent the y bit). *//*from w w w .j a va2 s . c o m*/ public ECKey() { ECKeyPairGenerator generator = new ECKeyPairGenerator(); ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(CURVE, secureRandom); generator.init(keygenParams); AsymmetricCipherKeyPair keypair = generator.generateKeyPair(); ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate(); ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic(); priv = privParams.getD(); // Unfortunately Bouncy Castle does not let us explicitly change a point to be compressed, even though it // could easily do so. We must re-build it here so the ECPoints withCompression flag can be set to true. ECPoint uncompressed = pubParams.getQ(); ECPoint compressed = compressPoint(uncompressed); pub = compressed.getEncoded(); creationTimeSeconds = Utils.currentTimeMillis() / 1000; }
From source file:COSE.OneKey.java
static private OneKey generateECDSAKey(String curveName, CBORObject curve) { X9ECParameters p = NISTNamedCurves.getByName(curveName); ECDomainParameters parameters = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()); ECKeyPairGenerator pGen = new ECKeyPairGenerator(); ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(parameters, null); pGen.init(genParam);//w ww . j av a2s .c o m AsymmetricCipherKeyPair p1 = pGen.generateKeyPair(); ECPublicKeyParameters keyPublic = (ECPublicKeyParameters) p1.getPublic(); ECPrivateKeyParameters keyPrivate = (ECPrivateKeyParameters) p1.getPrivate(); byte[] rgbX = keyPublic.getQ().normalize().getXCoord().getEncoded(); byte[] rgbY = keyPublic.getQ().normalize().getYCoord().getEncoded(); boolean signY = true; byte[] rgbD = keyPrivate.getD().toByteArray(); OneKey key = new OneKey(); key.add(KeyKeys.KeyType, KeyKeys.KeyType_EC2); key.add(KeyKeys.EC2_Curve, curve); key.add(KeyKeys.EC2_X, CBORObject.FromObject(rgbX)); key.add(KeyKeys.EC2_Y, CBORObject.FromObject(rgbY)); key.add(KeyKeys.EC2_D, CBORObject.FromObject(rgbD)); return key; }
From source file:COSE.Recipient.java
private void ECDH_GenerateEphemeral() throws CoseException { X9ECParameters p = privateKey.GetCurve(); ECDomainParameters parameters = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()); ECKeyPairGenerator pGen = new ECKeyPairGenerator(); ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(parameters, null); pGen.init(genParam);/* ww w . ja v a2 s. c o m*/ AsymmetricCipherKeyPair p1 = pGen.generateKeyPair(); CBORObject epk = CBORObject.NewMap(); epk.Add(KeyKeys.KeyType.AsCBOR(), KeyKeys.KeyType_EC2); epk.Add(KeyKeys.EC2_Curve.AsCBOR(), privateKey.get(KeyKeys.EC2_Curve.AsCBOR())); ECPublicKeyParameters priv = (ECPublicKeyParameters) p1.getPublic(); byte[] rgbEncoded = priv.getQ().normalize().getEncoded(true); byte[] X = new byte[rgbEncoded.length - 1]; System.arraycopy(rgbEncoded, 1, X, 0, X.length); epk.Add(KeyKeys.EC2_X.AsCBOR(), CBORObject.FromObject(X)); epk.Add(KeyKeys.EC2_Y.AsCBOR(), CBORObject.FromObject((rgbEncoded[0] & 1) == 1)); addAttribute(HeaderKeys.ECDH_EPK, epk, Attribute.UNPROTECTED); OneKey secretKey = new OneKey(); secretKey.add(KeyKeys.KeyType, KeyKeys.KeyType_EC2); secretKey.add(KeyKeys.EC2_Curve, privateKey.get(KeyKeys.EC2_Curve.AsCBOR())); secretKey.add(KeyKeys.EC2_X, CBORObject.FromObject(X)); secretKey.add(KeyKeys.EC2_Y, CBORObject.FromObject((rgbEncoded[0] & 1) == 1)); ECPrivateKeyParameters priv1 = (ECPrivateKeyParameters) p1.getPrivate(); secretKey.add(KeyKeys.EC2_D, CBORObject.FromObject(BigIntegers.asUnsignedByteArray(priv1.getD()))); senderKey = secretKey; }
From source file:de.rub.nds.tlsattacker.tls.protocol.handshake.ECDHClientKeyExchangeHandler.java
License:Apache License
@Override byte[] prepareKeyExchangeMessage() { if (tlsContext.getEcContext().getServerPublicKeyParameters() == null) { // we are probably handling a simple ECDH ciphersuite, we try to // establish server public key parameters from the server // certificate message Certificate x509Cert = tlsContext.getServerCertificate(); SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo(); ECPublicKeyParameters parameters; try {//from w w w . j a v a 2s.c om parameters = (ECPublicKeyParameters) PublicKeyFactory.createKey(keyInfo); ECPublicKeyParameters publicKeyParameters = (ECPublicKeyParameters) parameters; tlsContext.getEcContext().setServerPublicKeyParameters(parameters); LOGGER.debug("Parsed the following EC domain parameters from the certificate: "); LOGGER.debug(" Curve order: {}", publicKeyParameters.getParameters().getCurve().getOrder()); LOGGER.debug(" Parameter A: {}", publicKeyParameters.getParameters().getCurve().getA()); LOGGER.debug(" Parameter B: {}", publicKeyParameters.getParameters().getCurve().getB()); LOGGER.debug(" Base point: {} ", publicKeyParameters.getParameters().getG()); LOGGER.debug(" Public key point Q: {} ", publicKeyParameters.getQ()); } catch (NoSuchMethodError e) { LOGGER.debug("The method was not found. It is possible that it is because an older bouncy castle" + " library was used. We try to proceed the workflow.", e); } catch (IOException e) { throw new WorkflowExecutionException("Problem in parsing public key parameters from certificate", e); } } AsymmetricCipherKeyPair kp = TlsECCUtils.generateECKeyPair(new SecureRandom(), tlsContext.getEcContext().getServerPublicKeyParameters().getParameters()); ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters) kp.getPublic(); ECPrivateKeyParameters ecPrivateKey = (ECPrivateKeyParameters) kp.getPrivate(); // do some ec point modification protocolMessage.setPublicKeyBaseX(ecPublicKey.getQ().getAffineXCoord().toBigInteger()); protocolMessage.setPublicKeyBaseY(ecPublicKey.getQ().getAffineYCoord().toBigInteger()); ECCurve curve = ecPublicKey.getParameters().getCurve(); ECPoint point = curve.createPoint(protocolMessage.getPublicKeyBaseX().getValue(), protocolMessage.getPublicKeyBaseY().getValue()); LOGGER.debug("Using the following point:"); LOGGER.debug("X: " + protocolMessage.getPublicKeyBaseX().getValue().toString()); LOGGER.debug("Y: " + protocolMessage.getPublicKeyBaseY().getValue().toString()); // System.out.println("-----------------\nUsing the following point:"); // System.out.println("X: " + point.getAffineXCoord()); // System.out.println("Y: " + point.getAffineYCoord()); // System.out.println("-----------------\n"); ECPointFormat[] pointFormats = tlsContext.getEcContext().getServerPointFormats(); try { byte[] serializedPoint = ECCUtilsBCWrapper.serializeECPoint(pointFormats, point); protocolMessage.setEcPointFormat(serializedPoint[0]); protocolMessage.setEcPointEncoded(Arrays.copyOfRange(serializedPoint, 1, serializedPoint.length)); protocolMessage.setPublicKeyLength(serializedPoint.length); byte[] result = ArrayConverter.concatenate( new byte[] { protocolMessage.getPublicKeyLength().getValue().byteValue() }, new byte[] { protocolMessage.getEcPointFormat().getValue() }, protocolMessage.getEcPointEncoded().getValue()); byte[] premasterSecret = TlsECCUtils.calculateECDHBasicAgreement( tlsContext.getEcContext().getServerPublicKeyParameters(), ecPrivateKey); byte[] random = tlsContext.getClientServerRandom(); protocolMessage.setPremasterSecret(premasterSecret); LOGGER.debug("Computed PreMaster Secret: {}", ArrayConverter.bytesToHexString(protocolMessage.getPremasterSecret().getValue())); LOGGER.debug("Client Server Random: {}", ArrayConverter.bytesToHexString(random)); PRFAlgorithm prfAlgorithm = AlgorithmResolver.getPRFAlgorithm(tlsContext.getProtocolVersion(), tlsContext.getSelectedCipherSuite()); byte[] masterSecret = PseudoRandomFunction.compute(prfAlgorithm, protocolMessage.getPremasterSecret().getValue(), PseudoRandomFunction.MASTER_SECRET_LABEL, random, HandshakeByteLength.MASTER_SECRET); LOGGER.debug("Computed Master Secret: {}", ArrayConverter.bytesToHexString(masterSecret)); protocolMessage.setMasterSecret(masterSecret); tlsContext.setMasterSecret(protocolMessage.getMasterSecret().getValue()); return result; } catch (IOException ex) { throw new WorkflowExecutionException("EC point serialization failure", ex); } }
From source file:de.rub.nds.tlsattacker.tls.protocol.handshake.ECDHEServerKeyExchangeHandler.java
License:Apache License
/** * @param message//w ww . j av a 2 s. c om * @param pointer * @return */ @Override public int parseMessageAction(byte[] message, int pointer) { if (message[pointer] != HandshakeMessageType.SERVER_KEY_EXCHANGE.getValue()) { throw new InvalidMessageTypeException(HandshakeMessageType.SERVER_KEY_EXCHANGE); } protocolMessage.setType(message[pointer]); int currentPointer = pointer + HandshakeByteLength.MESSAGE_TYPE; int nextPointer = currentPointer + HandshakeByteLength.MESSAGE_TYPE_LENGTH; int length = ArrayConverter.bytesToInt(Arrays.copyOfRange(message, currentPointer, nextPointer)); protocolMessage.setLength(length); currentPointer = nextPointer; nextPointer++; EllipticCurveType ct = EllipticCurveType.getCurveType(message[currentPointer]); if (ct != EllipticCurveType.NAMED_CURVE) { throw new UnsupportedOperationException("Currently only named curves are supported"); } protocolMessage.setCurveType(ct.getValue()); currentPointer = nextPointer; nextPointer = currentPointer + NamedCurve.LENGTH; NamedCurve nc = NamedCurve.getNamedCurve(Arrays.copyOfRange(message, currentPointer, nextPointer)); protocolMessage.setNamedCurve(nc.getValue()); currentPointer = nextPointer; nextPointer++; int publicKeyLength = message[currentPointer] & 0xFF; protocolMessage.setPublicKeyLength(publicKeyLength); currentPointer = nextPointer; nextPointer = currentPointer + publicKeyLength; protocolMessage.setPublicKey(Arrays.copyOfRange(message, currentPointer, nextPointer)); byte[] ecParams = ArrayConverter.concatenate(new byte[] { protocolMessage.getCurveType().getValue() }, protocolMessage.getNamedCurve().getValue(), ArrayConverter.intToBytes(protocolMessage.getPublicKeyLength().getValue(), 1), protocolMessage.getPublicKey().getValue()); InputStream is = new ByteArrayInputStream(ecParams); try { ECPublicKeyParameters publicKeyParameters = ECCUtilsBCWrapper.readECParametersWithPublicKey(is); LOGGER.debug("Parsed the following EC domain parameters: "); LOGGER.debug(" Curve order: {}", publicKeyParameters.getParameters().getCurve().getOrder()); LOGGER.debug(" Parameter A: {}", publicKeyParameters.getParameters().getCurve().getA()); LOGGER.debug(" Parameter B: {}", publicKeyParameters.getParameters().getCurve().getB()); LOGGER.debug(" Base point: {} ", publicKeyParameters.getParameters().getG()); LOGGER.debug(" Public key point Q: {} ", publicKeyParameters.getQ()); tlsContext.getEcContext().setServerPublicKeyParameters(publicKeyParameters); currentPointer = nextPointer; nextPointer++; HashAlgorithm ha = HashAlgorithm.getHashAlgorithm(message[currentPointer]); protocolMessage.setHashAlgorithm(ha.getValue()); currentPointer = nextPointer; nextPointer++; SignatureAlgorithm sa = SignatureAlgorithm.getSignatureAlgorithm(message[currentPointer]); protocolMessage.setSignatureAlgorithm(sa.getValue()); currentPointer = nextPointer; nextPointer = currentPointer + HandshakeByteLength.SIGNATURE_LENGTH; int signatureLength = ArrayConverter .bytesToInt(Arrays.copyOfRange(message, currentPointer, nextPointer)); protocolMessage.setSignatureLength(signatureLength); currentPointer = nextPointer; nextPointer = currentPointer + signatureLength; protocolMessage.setSignature(Arrays.copyOfRange(message, currentPointer, nextPointer)); protocolMessage.setCompleteResultingMessage(Arrays.copyOfRange(message, pointer, nextPointer)); return nextPointer; } catch (IOException ex) { ex.printStackTrace(); throw new WorkflowExecutionException("EC public key parsing failed", ex); } }
From source file:dorkbox.util.crypto.CryptoECC.java
License:Apache License
/** * @return true if publicA and publicB are NOT NULL, and are both equal to eachother *///from www.ja v a 2 s.c o m @SuppressWarnings({ "RedundantIfStatement", "SpellCheckingInspection" }) public static boolean compare(ECPublicKeyParameters publicA, ECPublicKeyParameters publicB) { if (publicA == null || publicB == null) { return false; } ECDomainParameters parametersA = publicA.getParameters(); ECDomainParameters parametersB = publicB.getParameters(); // is it the same curve? boolean equals = parametersA.getCurve().equals(parametersB.getCurve()); if (!equals) { return false; } equals = parametersA.getG().equals(parametersB.getG()); if (!equals) { return false; } equals = parametersA.getH().equals(parametersB.getH()); if (!equals) { return false; } equals = parametersA.getN().equals(parametersB.getN()); if (!equals) { return false; } ECPoint normalizeA = publicA.getQ().normalize(); ECPoint normalizeB = publicB.getQ().normalize(); ECFieldElement xCoordA = normalizeA.getXCoord(); ECFieldElement xCoordB = normalizeB.getXCoord(); equals = xCoordA.equals(xCoordB); if (!equals) { return false; } ECFieldElement yCoordA = normalizeA.getYCoord(); ECFieldElement yCoordB = normalizeB.getYCoord(); equals = yCoordA.equals(yCoordB); if (!equals) { return false; } return true; }
From source file:dorkbox.util.serialization.EccPublicKeySerializer.java
License:Apache License
public static void write(Output output, ECPublicKeyParameters key) throws KryoException { byte[] bytes; int length;// ww w . j a v a2s . c om ECDomainParameters parameters = key.getParameters(); ECCurve curve = parameters.getCurve(); EccPrivateKeySerializer.serializeCurve(output, curve); ///////////// BigInteger n = parameters.getN(); ECPoint g = parameters.getG(); ///////////// bytes = n.toByteArray(); length = bytes.length; output.writeInt(length, true); output.writeBytes(bytes, 0, length); EccPrivateKeySerializer.serializeECPoint(g, output); EccPrivateKeySerializer.serializeECPoint(key.getQ(), output); }
From source file:eu.betaas.taas.securitymanager.authentication.service.impl.GWEcmqvIntService.java
License:Apache License
/** * A method to verify MAC 2 which is received after invoking the initEcmqv * @param mac2: the received MAC 2/*w w w .j av a 2s.c o m*/ * @param ufnA: the user friendly name of the other GW * @param ufnB: the user friendly name of this GW * @param ephPubA: the ephemeral public key of the other GW * @param ephPubB: the ephemeral public key of this GW * @param k1: one of the calculated shared key * @return true if the calculated MAC 2 matches with the received MAC 2 */ private boolean verifyMac2(byte[] mac2, String ufnA, String ufnB, ECPublicKeyParameters ephPubA, ECPublicKeyParameters ephPubB, byte[] k1) { byte[] calcMac2 = ECMQVUtils.computeMAC("2", ufnA, ufnB, ephPubA.getQ().getEncoded(), ephPubB.getQ().getEncoded(), k1); String calcMac2Str = ""; for (byte b : calcMac2) calcMac2Str = calcMac2Str + Integer.toHexString(0xFF & b); log.debug("The calculated MAC (2):\n" + calcMac2Str); String mac2Str = ""; for (byte b : mac2) mac2Str = mac2Str + Integer.toHexString(0xFF & b); if (!mac2Str.equals(calcMac2Str)) return false; return true; }
From source file:eu.betaas.taas.securitymanager.authentication.service.impl.GWEcmqvIntService.java
License:Apache License
public byte[] responseEcmqv(EcmqvMessage eMsg) throws Exception { // decode the certificate X509CertificateHolder cert = new X509CertificateHolder(eMsg.getMyCertificate()); // decode the ECPublicKey ECPublicKeyParameters ephPub = ECKeyPairGen.generateECPublicKey192( new BigInteger(eMsg.getEphemeralPublicX()), new BigInteger(eMsg.getEphemeralPublicY())); // get the MAC 2 byte[] mac2 = eMsg.getMyMac(); // validate the certificate boolean isCertValid = false; isCertValid = validateCert(cert);// w w w .ja v a2 s .c o m if (!isCertValid) { log.error("The submitted certificate is not valid!!"); return null; } log.debug("Passed the certificate validation!!"); // perform embedded public key validation boolean pubValid = ECMQVUtils.validateEmbedPubKey(ephPub); if (!pubValid) { log.error("The submitted ephemeral public key is not valid!!"); return null; } log.debug("Passed the embedded ephemeral public key validation!!"); // set the ephPub with this received ephPub this.ephPub = ephPub; // now, no need to generate my own ephemeral key here, because it is done // compute the implicit signature BigInteger implSig = ECMQVUtils.computeImplicitSig(myEphPub, myEphPriv, statPriv); // calculates the shared key K ECPublicKeyParameters statPub = (ECPublicKeyParameters) PublicKeyFactory .createKey(cert.getSubjectPublicKeyInfo()); org.bouncycastle.math.ec.ECPoint K = ECMQVUtils.calculateSharedKey(this.ephPub, statPub, this.ephPub.getParameters().getH(), implSig); // derive 2 symmetric keys from the shared key K byte[] Kx = K.normalize().getXCoord().toBigInteger().toByteArray(); int Lx = K.normalize().getXCoord().toBigInteger().bitLength(); double x = Math.log(Lx) / Math.log(2.0); double L = Math.pow(2, 1 + Math.ceil(x)); byte[] deriveK = ECMQVUtils.deriveKeyHKDF(Kx, (int) L / 8); // k1 and k2 split from newKey --> k1: to be MACed, k2: the session key k1 = new byte[deriveK.length / 2]; k2 = new byte[deriveK.length / 2]; int c = 0; for (byte b : deriveK) { if (c < deriveK.length / 2) { k1[c] = b; } else { k2[c - deriveK.length / 2] = b; } c++; } // retrieving my user friendly name from the SubjectAlternativeNames in my // certificate Extensions myExs = myCert.getExtensions(); if (myExs != null) { GeneralNames gns = GeneralNames.fromExtensions(myExs, Extension.subjectAlternativeName); for (int i = 0; i < gns.getNames().length; i++) { myUFN = gns.getNames()[i].getName().toString(); } } // retrieving other GW user friendly name from the SubjectAlternativeNames // in the submitted certificate Extensions oExs = cert.getExtensions(); if (oExs != null) { GeneralNames gns = GeneralNames.fromExtensions(oExs, Extension.subjectAlternativeName); for (int i = 0; i < gns.getNames().length; i++) { ufn = gns.getNames()[i].getName().toString(); } } // validate MAC 2, which is received from other GW boolean isMac2Valid = verifyMac2(mac2, ufn, myUFN, this.ephPub, myEphPub, k1); // compute the MAC to be sent to the other gateway if (!isMac2Valid) { log.error("Fails to verify the received MAC (2)!!"); return null; } log.debug("Successfully verifies the received MAC (2)!!"); byte[] mac3 = ECMQVUtils.computeMAC("3", myUFN, ufn, myEphPub.getQ().getEncoded(), ephPub.getQ().getEncoded(), k1); return mac3; }