List of usage examples for org.bouncycastle.jcajce.provider.asymmetric.util ECUtil generatePrivateKeyParameter
public static AsymmetricKeyParameter generatePrivateKeyParameter(PrivateKey key) throws InvalidKeyException
From source file:org.cryptacular.util.KeyPairUtil.java
License:Open Source License
/** * Determines whether the given EC public and private keys form a proper key * pair by computing and verifying a digital signature with the keys. * * @param pubKey EC public key./* ww w . j ava 2s. c om*/ * @param privKey EC private key. * * @return True if the keys form a functioning keypair, false otherwise. * Errors during signature verification are treated as false. */ public static boolean isKeyPair(final ECPublicKey pubKey, final ECPrivateKey privKey) { final ECDSASigner signer = new ECDSASigner(); try { signer.init(true, ECUtil.generatePrivateKeyParameter(privKey)); final BigInteger[] sig = signer.generateSignature(SIGN_BYTES); signer.init(false, ECUtil.generatePublicKeyParameter(pubKey)); return signer.verifySignature(SIGN_BYTES, sig[0], sig[1]); } catch (InvalidKeyException e) { throw new IllegalArgumentException("Unsupported EC key", e); } catch (Exception e) { return false; } }
From source file:org.xipki.commons.security.pkcs12.SoftTokenContentSignerBuilder.java
License:Open Source License
public ConcurrentContentSigner createSigner(final AlgorithmIdentifier signatureAlgId, final int parallelism, final SecureRandom random) throws OperatorCreationException, NoSuchPaddingException { ParamUtil.requireNonNull("signatureAlgId", signatureAlgId); ParamUtil.requireMin("parallelism", parallelism, 1); List<ContentSigner> signers = new ArrayList<>(parallelism); ASN1ObjectIdentifier algOid = signatureAlgId.getAlgorithm(); final String provName = XiSecurityConstants.PROVIDER_NAME_NSS; if (Security.getProvider(provName) != null && !(key instanceof ECPrivateKey)) { String algoName;//from www . j a v a 2 s .c o m try { algoName = AlgorithmUtil.getSignatureAlgoName(signatureAlgId); } catch (NoSuchAlgorithmException ex) { throw new OperatorCreationException(ex.getMessage()); } boolean useGivenProvider = true; if (algOid.equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) { BcContentSignerBuilder signerBuilder; if (!(key instanceof RSAPrivateKey)) { throw new OperatorCreationException( "unsupported key " + key.getClass().getName() + " for RSAPSS"); } try { AsymmetricKeyParameter keyparam; try { signerBuilder = new RSAContentSignerBuilder(signatureAlgId, true); keyparam = SignerUtil.generateRSAPrivateKeyParameter((RSAPrivateKey) key); } catch (NoSuchAlgorithmException ex) { throw new OperatorCreationException("no such algorithm", ex); } for (int i = 0; i < parallelism; i++) { if (random != null) { signerBuilder.setSecureRandom(random); } ContentSigner signer = signerBuilder.build(keyparam); signers.add(signer); } } catch (Exception ex) { useGivenProvider = false; signers.clear(); } } else { try { for (int i = 0; i < parallelism; i++) { Signature signature = Signature.getInstance(algoName, provName); signature.initSign(key); if (i == 0) { signature.update(new byte[] { 1, 2, 3, 4 }); signature.sign(); } ContentSigner signer = new SignatureSigner(signatureAlgId, signature, key); signers.add(signer); } } catch (Exception ex) { useGivenProvider = false; signers.clear(); } } if (useGivenProvider) { LOG.info("use {} to sign {} signature", provName, algoName); } else { LOG.info("could not use {} to sign {} signature", provName, algoName); } } if (CollectionUtil.isEmpty(signers)) { BcContentSignerBuilder signerBuilder; AsymmetricKeyParameter keyparam; try { if (key instanceof RSAPrivateKey) { keyparam = SignerUtil.generateRSAPrivateKeyParameter((RSAPrivateKey) key); signerBuilder = new RSAContentSignerBuilder(signatureAlgId, false); } else if (key instanceof DSAPrivateKey) { keyparam = DSAUtil.generatePrivateKeyParameter(key); signerBuilder = new DSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)); } else if (key instanceof ECPrivateKey) { keyparam = ECUtil.generatePrivateKeyParameter(key); signerBuilder = new ECDSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)); } else { throw new OperatorCreationException("unsupported key " + key.getClass().getName()); } } catch (InvalidKeyException ex) { throw new OperatorCreationException("invalid key", ex); } catch (NoSuchAlgorithmException ex) { throw new OperatorCreationException("no such algorithm", ex); } for (int i = 0; i < parallelism; i++) { if (random != null) { signerBuilder.setSecureRandom(random); } ContentSigner signer = signerBuilder.build(keyparam); signers.add(signer); } } ConcurrentContentSigner concurrentSigner = new DefaultConcurrentContentSigner(signers, key); if (certificateChain != null) { concurrentSigner.setCertificateChain(certificateChain); } else { concurrentSigner.setPublicKey(publicKey); } return concurrentSigner; }
From source file:org.xipki.commons.security.util.KeyUtil.java
License:Open Source License
public static AsymmetricKeyParameter generatePrivateKeyParameter(final PrivateKey key) throws InvalidKeyException { ParamUtil.requireNonNull("key", key); if (key instanceof RSAPrivateCrtKey) { RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key; return new RSAPrivateCrtKeyParameters(rsaKey.getModulus(), rsaKey.getPublicExponent(), rsaKey.getPrivateExponent(), rsaKey.getPrimeP(), rsaKey.getPrimeQ(), rsaKey.getPrimeExponentP(), rsaKey.getPrimeExponentQ(), rsaKey.getCrtCoefficient()); } else if (key instanceof RSAPrivateKey) { RSAPrivateKey rsaKey = (RSAPrivateKey) key; return new RSAKeyParameters(true, rsaKey.getModulus(), rsaKey.getPrivateExponent()); } else if (key instanceof ECPrivateKey) { return ECUtil.generatePrivateKeyParameter(key); } else if (key instanceof DSAPrivateKey) { return DSAUtil.generatePrivateKeyParameter(key); } else {//from w w w .j a v a 2 s .c om throw new InvalidKeyException("unknown key " + key.getClass().getName()); } }
From source file:org.xipki.security.KeyUtil.java
License:Open Source License
public static AsymmetricKeyParameter generatePrivateKeyParameter(final PrivateKey key) throws InvalidKeyException { if (key instanceof RSAPrivateCrtKey) { RSAPrivateCrtKey k = (RSAPrivateCrtKey) key; return new RSAPrivateCrtKeyParameters(k.getModulus(), k.getPublicExponent(), k.getPrivateExponent(), k.getPrimeP(), k.getPrimeQ(), k.getPrimeExponentP(), k.getPrimeExponentQ(), k.getCrtCoefficient());//from w w w .j a v a 2 s. c o m } else if (key instanceof RSAPrivateKey) { RSAPrivateKey k = (RSAPrivateKey) key; return new RSAKeyParameters(true, k.getModulus(), k.getPrivateExponent()); } else if (key instanceof ECPrivateKey) { return ECUtil.generatePrivateKeyParameter(key); } else if (key instanceof DSAPrivateKey) { return DSAUtil.generatePrivateKeyParameter(key); } else { throw new InvalidKeyException("unknown key " + key.getClass().getName()); } }
From source file:org.xipki.security.SoftTokenContentSignerBuilder.java
License:Open Source License
public ConcurrentContentSigner createSigner(final AlgorithmIdentifier signatureAlgId, final int parallelism) throws OperatorCreationException, NoSuchPaddingException { if (parallelism < 1) { throw new IllegalArgumentException("non-positive parallelism is not allowed: " + parallelism); }//from ww w . j a v a 2 s .co m List<ContentSigner> signers = new ArrayList<>(parallelism); ASN1ObjectIdentifier algOid = signatureAlgId.getAlgorithm(); if (Security.getProvider(PROVIDER_XIPKI_NSS) != null && algOid.equals(PKCSObjectIdentifiers.id_RSASSA_PSS) == false && key instanceof ECPrivateKey == false) { String algoName; try { algoName = AlgorithmUtil.getSignatureAlgoName(signatureAlgId); } catch (NoSuchAlgorithmException e) { throw new OperatorCreationException(e.getMessage()); } boolean useGivenProvider = true; for (int i = 0; i < parallelism; i++) { try { Signature signature = Signature.getInstance(algoName, PROVIDER_XIPKI_NSS); signature.initSign(key); if (i == 0) { signature.update(new byte[] { 1, 2, 3, 4 }); signature.sign(); } ContentSigner signer = new SignatureSigner(signatureAlgId, signature, key); signers.add(signer); } catch (Exception e) { useGivenProvider = false; signers.clear(); break; } } if (useGivenProvider) { LOG.info("use {} to sign {} signature", PROVIDER_XIPKI_NSS, algoName); } else { LOG.info("could not use {} to sign {} signature", PROVIDER_XIPKI_NSS, algoName); } } if (CollectionUtil.isEmpty(signers)) { BcContentSignerBuilder signerBuilder; AsymmetricKeyParameter keyparam; try { if (key instanceof RSAPrivateKey) { keyparam = SignerUtil.generateRSAPrivateKeyParameter((RSAPrivateKey) key); signerBuilder = new RSAContentSignerBuilder(signatureAlgId); } else if (key instanceof DSAPrivateKey) { keyparam = DSAUtil.generatePrivateKeyParameter(key); signerBuilder = new DSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)); } else if (key instanceof ECPrivateKey) { keyparam = ECUtil.generatePrivateKeyParameter(key); signerBuilder = new ECDSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)); } else { throw new OperatorCreationException("unsupported key " + key.getClass().getName()); } } catch (InvalidKeyException e) { throw new OperatorCreationException("invalid key", e); } catch (NoSuchAlgorithmException e) { throw new OperatorCreationException("no such algorithm", e); } for (int i = 0; i < parallelism; i++) { ContentSigner signer = signerBuilder.build(keyparam); signers.add(signer); } } ConcurrentContentSigner concurrentSigner = new DefaultConcurrentContentSigner(signers, key); if (certificateChain != null) { concurrentSigner.setCertificateChain(certificateChain); } return concurrentSigner; }