List of usage examples for org.bouncycastle.jcajce.provider.asymmetric.ec BCECPublicKey getQ
public org.bouncycastle.math.ec.ECPoint getQ()
From source file:ca.trustpoint.m2m.ecqv.EcqvProvider.java
License:Apache License
/** * Generate reconstruction data for an implicit certificate In the terminology of sec4, * ephemeralPublicKey is referenced as Ru * * @param identifyingInfo the identity portion of the implicit certificate * @param ephemeralPublicKey the requesters ephemeral public key * @param issuerPrivateKey the issuers private key * * @return reconstruction data associated with the implicit certificate * * @throws NoSuchAlgorithmException From Bouncy Castle * @throws InvalidAlgorithmParameterException From Bouncy Castle * @throws NoSuchProviderException From Bouncy Castle * @throws IOException/* w ww . ja va 2 s . c o m*/ */ public KeyReconstructionData genReconstructionData(byte[] identifyingInfo, PublicKey ephemeralPublicKey, PrivateKey issuerPrivateKey) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException, IOException { // Reconstruction point, in point and byte format ECPoint p; byte[] reconstructionPoint; // CA's ephemeral key pair (k, kG) BCECPublicKey caEphemeralPublicKey; BCECPrivateKey caEphemeralPrivateKey; BigInteger n = curveParameters.getN(); // get the order of the curve group BigInteger r; // private key recovery data and CA ephemeral private key, respectively. BigInteger e; // Integer representation of H(Certu) BigInteger dCa = ((BCECPrivateKey) issuerPrivateKey).getD(); // Private key (point multiplier) // of the issuer. ECPoint infinity = curveParameters.getCurve().getInfinity(); // The identity point. do { // create ephemeral key pair (k, kG) KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME); keyGen.initialize(curveParameters, random); KeyPair caEphemeralKeyPair = keyGen.generateKeyPair(); caEphemeralPrivateKey = (BCECPrivateKey) caEphemeralKeyPair.getPrivate(); caEphemeralPublicKey = (BCECPublicKey) caEphemeralKeyPair.getPublic(); // Compute Pu = Ru + kG // this is the reconstruction point p = ((BCECPublicKey) ephemeralPublicKey).getQ().add(caEphemeralPublicKey.getQ()); reconstructionPoint = p.getEncoded(true); // Update the digest with the implicit certificate Certu for (byte b : identifyingInfo) { digest.update(b); } // Update digest with reconstruction point data. for (byte b : reconstructionPoint) { digest.update(b); } // hash the implicit certificate Certu and compute the integer e from H(Certu) e = calculateE(n, digest.digest()).mod(n); // from sec4 S3.4 } while (p.multiply(e).add(curveParameters.getG().multiply(dCa)).equals(infinity)); // compute r = ek + dCA (mod n) r = e.multiply(caEphemeralPrivateKey.getD()).add(dCa).mod(n); return new KeyReconstructionData(reconstructionPoint, integerToOctetString(r, n)); }
From source file:ca.trustpoint.m2m.util.KeyConversionUtils.java
License:Apache License
/** * Converts EC {@link java.security.PublicKey PublicKey} objects to the corresponding raw byte * encoding.// w w w . j av a 2 s.c o m * * @param key EC {@link java.security.PublicKey PublicKey} to convert. * @param withCompression True if the output should be the compressed representation of the point. * @return The raw byte encoding of the given point. * @throws IllegalArgumentException if key is null or not a * {@link org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey BCECPublicKey} * object. */ public static byte[] convertEcPublicKeyToRawBytes(PublicKey key, boolean withCompression) throws IllegalArgumentException { if (key == null) { throw new IllegalArgumentException("key cannot be null."); } else if (!(key instanceof BCECPublicKey)) { throw new IllegalArgumentException("Unsupported key format."); } BCECPublicKey ecKey = (BCECPublicKey) key; return ecKey.getQ().getEncoded(withCompression); }
From source file:com.cryptolib.CryptoObject.java
License:Open Source License
/** * Create new commitment for protocol exchange. */// w w w . j a v a2 s . c o m public void createCryptoCommitment() throws CryptoSocketException, InvalidKeyException, NoSuchAlgorithmException { BCECPublicKey pk = (BCECPublicKey) (this.encKeypair.getPublic()); int publicKeySize = pk.getQ().getEncoded(true).length - 1; byte[] message = new byte[publicKeySize + this.OOB.length]; System.arraycopy(pk.getQ().getEncoded(true), 1, message, 0, publicKeySize); System.arraycopy(this.OOB, 0, message, publicKeySize, this.OOB.length); this.cc = new CryptoCommitmentObject(message); }
From source file:com.cryptolib.CryptoObject.java
License:Open Source License
/** * Open commitment and extract message to create shared secret. *///from ww w . ja v a2s .com public void openCommitmentAndCreateSharedSecret(byte[] decommitment) throws CryptoSocketException, InvalidKeyException, NoSuchAlgorithmException { this.cc.open(decommitment); try { BCECPublicKey mypk = (BCECPublicKey) (this.encKeypair.getPublic()); int publicKeySize = mypk.getQ().getEncoded(true).length - 1; byte[] message = this.cc.getOtherMessage(); if (message.length != publicKeySize + this.OOB.length) { throw new CryptoSocketException("Message size is wrong!"); } byte[] otherPK = new byte[publicKeySize + 1]; //compressed encoding magic byte otherPK[0] = (byte) 0x02; byte[] otherOOB = new byte[this.OOB.length]; System.arraycopy(message, 0, otherPK, 1, publicKeySize); System.arraycopy(message, publicKeySize, otherOOB, 0, otherOOB.length); X9ECParameters ecP = CustomNamedCurves.getByName(curve); org.bouncycastle.jce.spec.ECParameterSpec ecGenSpec = new org.bouncycastle.jce.spec.ECParameterSpec( ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH()); //ECNamedCurveParameterSpec ecP = ECNamedCurveTable.getParameterSpec(this.curve); ECPublicKeySpec pubKey = new ECPublicKeySpec(ecP.getCurve().decodePoint(otherPK), ecGenSpec); KeyFactory kf = KeyFactory.getInstance(this.enc_algorithm, new BouncyCastleProvider()); ECPublicKey pk = (ECPublicKey) kf.generatePublic(pubKey); createSharedEncKey(pk); mergeOOB(otherOOB); } catch (NoSuchAlgorithmException nsa) { throw new CryptoSocketException("Algorithm is not supported!"); } catch (InvalidKeySpecException iks) { throw new CryptoSocketException("Wrong parameter for algorithm!"); } }
From source file:org.certificateservices.custom.c2x.its.crypto.DefaultCryptoManager.java
License:Open Source License
/** * @see org.certificateservices.custom.c2x.its.crypto.CryptoManager#encodeEccPoint(PublicKeyAlgorithm, EccPointType, PublicKey) *///from w ww .j a v a2s . c o m public EccPoint encodeEccPoint(PublicKeyAlgorithm alg, EccPointType type, PublicKey publicKey) throws IllegalArgumentException, InvalidKeySpecException { if (!(publicKey instanceof java.security.interfaces.ECPublicKey)) { throw new IllegalArgumentException( "Only ec public keys are supported, not " + publicKey.getClass().getSimpleName()); } BCECPublicKey bcPub = convertECPublicKeyToBCECPublicKey(alg, (java.security.interfaces.ECPublicKey) publicKey); if (type == EccPointType.uncompressed) { return new EccPoint(alg, type, bcPub.getW().getAffineX(), bcPub.getW().getAffineY()); } if (type == EccPointType.compressed_lsb_y_0 || type == EccPointType.compressed_lsb_y_1) { return new EccPoint(alg, bcPub.getQ().getEncoded(true)); } if (type == EccPointType.x_coordinate_only) { return new EccPoint(alg, type, bcPub.getW().getAffineX()); } throw new IllegalArgumentException("Unsupported ecc point type: " + type); }
From source file:org.ebayopensource.fido.uaf.crypto.KeyCodec.java
License:Apache License
/** * UAF_ALG_KEY_ECC_X962_RAW 0x100 Raw ANSI X9.62 formatted Elliptic Curve * public key [SEC1].//from w w w. jav a2 s . co m * * I.e. [0x04, X (32 bytes), Y (32 bytes)]. Where the byte 0x04 denotes the * uncompressed point compression method. * * @param pub * - Public Key * @return bytes * @throws IOException */ public static byte[] getKeyAsRawBytes(BCECPublicKey pub) throws IOException { byte[] raw; ByteArrayOutputStream bos = new ByteArrayOutputStream(65); bos.write(0x04); bos.write(pub.getQ().getXCoord().getEncoded()); bos.write(pub.getQ().getYCoord().getEncoded()); raw = bos.toByteArray(); logger.info("Raw key length:" + raw.length); return raw; }
From source file:org.xdi.oxauth.model.crypto.Certificate.java
License:MIT License
public PublicKey getPublicKey() { PublicKey publicKey = null;//from w ww . jav a 2s. com if (x509Certificate != null && x509Certificate.getPublicKey() instanceof BCRSAPublicKey) { BCRSAPublicKey jcersaPublicKey = (BCRSAPublicKey) x509Certificate.getPublicKey(); publicKey = new RSAPublicKey(jcersaPublicKey.getModulus(), jcersaPublicKey.getPublicExponent()); } else if (x509Certificate != null && x509Certificate.getPublicKey() instanceof BCECPublicKey) { BCECPublicKey jceecPublicKey = (BCECPublicKey) x509Certificate.getPublicKey(); publicKey = new ECDSAPublicKey(signatureAlgorithm, jceecPublicKey.getQ().getX().toBigInteger(), jceecPublicKey.getQ().getY().toBigInteger()); } return publicKey; }
From source file:org.xdi.oxauth.model.crypto.Certificate.java
License:MIT License
public ECDSAPublicKey getEcdsaPublicKey() { ECDSAPublicKey ecdsaPublicKey = null; if (x509Certificate != null && x509Certificate.getPublicKey() instanceof BCECPublicKey) { BCECPublicKey publicKey = (BCECPublicKey) x509Certificate.getPublicKey(); ecdsaPublicKey = new ECDSAPublicKey(signatureAlgorithm, publicKey.getQ().getX().toBigInteger(), publicKey.getQ().getY().toBigInteger()); }/*ww w . jav a2 s. com*/ return ecdsaPublicKey; }
From source file:org.xdi.oxauth.model.crypto.signature.ECDSAKeyFactory.java
License:MIT License
public ECDSAKeyFactory(SignatureAlgorithm signatureAlgorithm, String dnName) throws InvalidParameterException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, CertificateEncodingException { if (signatureAlgorithm == null) { throw new InvalidParameterException("The signature algorithm cannot be null"); }/*from w ww. ja v a 2 s . c o m*/ this.signatureAlgorithm = signatureAlgorithm; ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(signatureAlgorithm.getCurve().getName()); KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA", "BC"); keyGen.initialize(ecSpec, new SecureRandom()); this.keyPair = keyGen.generateKeyPair(); BCECPrivateKey privateKeySpec = (BCECPrivateKey) keyPair.getPrivate(); BCECPublicKey publicKeySpec = (BCECPublicKey) keyPair.getPublic(); BigInteger x = publicKeySpec.getQ().getX().toBigInteger(); BigInteger y = publicKeySpec.getQ().getY().toBigInteger(); BigInteger d = privateKeySpec.getD(); this.ecdsaPrivateKey = new ECDSAPrivateKey(d); this.ecdsaPublicKey = new ECDSAPublicKey(signatureAlgorithm, x, y); if (StringUtils.isNotBlank(dnName)) { // Create certificate GregorianCalendar startDate = new GregorianCalendar(); // time from which certificate is valid GregorianCalendar expiryDate = new GregorianCalendar(); // time after which certificate is not valid expiryDate.add(Calendar.YEAR, 1); BigInteger serialNumber = new BigInteger(1024, new Random()); // serial number for certificate X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); X500Principal principal = new X500Principal(dnName); certGen.setSerialNumber(serialNumber); certGen.setIssuerDN(principal); certGen.setNotBefore(startDate.getTime()); certGen.setNotAfter(expiryDate.getTime()); certGen.setSubjectDN(principal); // note: same as issuer certGen.setPublicKey(keyPair.getPublic()); certGen.setSignatureAlgorithm("SHA256WITHECDSA"); X509Certificate x509Certificate = certGen.generate(privateKeySpec, "BC"); this.certificate = new Certificate(signatureAlgorithm, x509Certificate); } }
From source file:org.xipki.commons.security.pkcs12.P12KeypairGenerator.java
License:Open Source License
private KeyPairWithSubjectPublicKeyInfo genECKeypair(final String curveNameOrOid, final SecureRandom random) throws Exception { ASN1ObjectIdentifier curveOid = AlgorithmUtil.getCurveOidForCurveNameOrOid(curveNameOrOid); if (curveOid == null) { throw new IllegalArgumentException("invalid curveNameOrOid '" + curveNameOrOid + "'"); }// w w w. ja va 2 s .c o m KeyPair kp = KeyUtil.generateECKeypair(curveOid, random); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, curveOid); BCECPublicKey pub = (BCECPublicKey) kp.getPublic(); byte[] keyData = pub.getQ().getEncoded(false); SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algId, keyData); return new KeyPairWithSubjectPublicKeyInfo(kp, subjectPublicKeyInfo); }