List of usage examples for org.bouncycastle.jce ECNamedCurveTable getNames
public static Enumeration getNames()
From source file:org.cesecore.certificates.util.AlgorithmTools.java
License:Open Source License
/** * Gets the key specification from a public key. Example: "2048" for a RSA * or DSA key or "secp256r1" for EC key. The EC curve is only detected * if <i>publickey</i> is an object known by the bouncy castle provider. * @param publicKey The public key to get the key specification from * @return The key specification, "unknown" if it could not be determined and * null if the key algorithm is not supported *///from w ww .j av a2s . c om public static String getKeySpecification(final PublicKey publicKey) { if (log.isTraceEnabled()) { log.trace(">getKeySpecification"); } String keyspec = null; if (publicKey instanceof RSAPublicKey) { keyspec = Integer.toString(((RSAPublicKey) publicKey).getModulus().bitLength()); } else if (publicKey instanceof DSAPublicKey) { keyspec = Integer.toString(((DSAPublicKey) publicKey).getParams().getP().bitLength()); } else if (publicKey instanceof ECPublicKey) { final ECPublicKey ecPublicKey = (ECPublicKey) publicKey; if (ecPublicKey.getParams() instanceof ECNamedCurveSpec) { keyspec = ((ECNamedCurveSpec) ecPublicKey.getParams()).getName(); // Prefer to return a curve name alias that also works with the default and BC provider for (String keySpecAlias : getEcKeySpecAliases(keyspec)) { if (isNamedECKnownInDefaultProvider(keySpecAlias)) { keyspec = keySpecAlias; break; } } } else { keyspec = KEYSPEC_UNKNOWN; // Try to detect if it is a curve name known by BC even though the public key isn't a BC key final ECParameterSpec namedCurve = ecPublicKey.getParams(); if (namedCurve != null) { final int c1 = namedCurve.getCofactor(); final EllipticCurve ec1 = namedCurve.getCurve(); final BigInteger a1 = ec1.getA(); final BigInteger b1 = ec1.getB(); final int fs1 = ec1.getField().getFieldSize(); //final byte[] s1 = ec1.getSeed(); final ECPoint g1 = namedCurve.getGenerator(); final BigInteger ax1 = g1.getAffineX(); final BigInteger ay1 = g1.getAffineY(); final BigInteger o1 = namedCurve.getOrder(); if (log.isDebugEnabled()) { log.debug("a1=" + a1 + " b1=" + b1 + " fs1=" + fs1 + " ax1=" + ax1 + " ay1=" + ay1 + " o1=" + o1 + " c1=" + c1); } @SuppressWarnings("unchecked") final Enumeration<String> ecNamedCurves = ECNamedCurveTable.getNames(); while (ecNamedCurves.hasMoreElements()) { final String ecNamedCurveBc = ecNamedCurves.nextElement(); final ECNamedCurveParameterSpec parameterSpec2 = ECNamedCurveTable .getParameterSpec(ecNamedCurveBc); final ECCurve ec2 = parameterSpec2.getCurve(); final BigInteger a2 = ec2.getA().toBigInteger(); final BigInteger b2 = ec2.getB().toBigInteger(); final int fs2 = ec2.getFieldSize(); final org.bouncycastle.math.ec.ECPoint g2 = parameterSpec2.getG(); final BigInteger ax2 = g2.getX().toBigInteger(); final BigInteger ay2 = g2.getY().toBigInteger(); final BigInteger h2 = parameterSpec2.getH(); final BigInteger n2 = parameterSpec2.getN(); if (a1.equals(a2) && ax1.equals(ax2) && b1.equals(b2) && ay1.equals(ay2) && fs1 == fs2 && o1.equals(n2) && c1 == h2.intValue()) { // We have a matching curve here! if (log.isDebugEnabled()) { log.debug("a2=" + a2 + " b2=" + b2 + " fs2=" + fs2 + " ax2=" + ax2 + " ay2=" + ay2 + " h2=" + h2 + " n2=" + n2 + " " + ecNamedCurveBc); } // Since this public key is a SUN PKCS#11 pub key if we get here, we only return an alias if it is recognized by the provider if (isNamedECKnownInDefaultProvider(ecNamedCurveBc)) { keyspec = ecNamedCurveBc; break; } } } } } } if (log.isTraceEnabled()) { log.trace("<getKeySpecification: " + keyspec); } return keyspec; }
From source file:org.cesecore.certificates.util.AlgorithmTools.java
License:Open Source License
/** @return a list of aliases for the provided curve name (including the provided name) */ public static List<String> getEcKeySpecAliases(final String namedEllipticCurve) { final ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(namedEllipticCurve); final List<String> ret = new ArrayList<String>(); ret.add(namedEllipticCurve);/*from w w w . jav a 2s . c om*/ if (parameterSpec != null) { // GOST and DSTU aren't present in ECNamedCurveTable (and don't have aliases) @SuppressWarnings("unchecked") final Enumeration<String> ecNamedCurves = ECNamedCurveTable.getNames(); while (ecNamedCurves.hasMoreElements()) { final String currentCurve = ecNamedCurves.nextElement(); if (!namedEllipticCurve.equals(currentCurve)) { final ECNamedCurveParameterSpec parameterSpec2 = ECNamedCurveTable .getParameterSpec(currentCurve); if (parameterSpec.equals(parameterSpec2)) { ret.add(currentCurve); } } } } return ret; }
From source file:org.ejbca.ui.web.admin.cainterface.CAInterfaceBean.java
License:Open Source License
public List<Entry<String, String>> getAvailbleKeySpecs() { final List<Entry<String, String>> ret = new ArrayList<Entry<String, String>>(); // Legacy idea: Never use larger keys than 2048 bit RSA for CMS and XKMS signing final int[] SIZES_RSA = { 1024, 1536, 2048, /*4096, 8192*/ }; final int[] SIZES_DSA = { 1024 }; for (int size : SIZES_RSA) { ret.add(new SimpleEntry<String, String>(String.valueOf(size), "RSA " + size)); }/*from ww w . j a v a2 s . co m*/ for (int size : SIZES_DSA) { ret.add(new SimpleEntry<String, String>("DSA" + size, "DSA " + size)); } @SuppressWarnings("unchecked") final Enumeration<String> ecNamedCurves = ECNamedCurveTable.getNames(); while (ecNamedCurves.hasMoreElements()) { final String ecNamedCurve = ecNamedCurves.nextElement(); ret.add(new SimpleEntry<String, String>(ecNamedCurve, "ECDSA " + ecNamedCurve)); } for (String alg : CesecoreConfiguration.getExtraAlgs()) { for (String subalg : CesecoreConfiguration.getExtraAlgSubAlgs(alg)) { final String title = CesecoreConfiguration.getExtraAlgSubAlgTitle(alg, subalg); final String name = CesecoreConfiguration.getExtraAlgSubAlgName(alg, subalg); ret.add(new SimpleEntry<String, String>(name, title)); } } return ret; }
From source file:org.ejbca.ui.web.admin.cryptotoken.CryptoTokenMBean.java
License:Open Source License
/** @return a List of available (but not neccessarly supported by the underlying CryptoToken) key specs */ public List<SelectItem> getAvailbleKeySpecs() { final List<SelectItem> availableKeySpecs = new ArrayList<SelectItem>(); final int[] SIZES_RSA = { 1024, 1536, 2048, 3072, 4096, 6144, 8192 }; final int[] SIZES_DSA = { 1024 }; for (int size : SIZES_RSA) { availableKeySpecs.add(new SelectItem(AlgorithmConstants.KEYALGORITHM_RSA + size, AlgorithmConstants.KEYALGORITHM_RSA + " " + size)); }/*w w w . j ava2 s . com*/ for (int size : SIZES_DSA) { availableKeySpecs.add(new SelectItem(AlgorithmConstants.KEYALGORITHM_DSA + size, AlgorithmConstants.KEYALGORITHM_DSA + " " + size)); } final Map<String, String> processedCurveNames = new HashMap<String, String>(); @SuppressWarnings("unchecked") final Enumeration<String> ecNamedCurves = ECNamedCurveTable.getNames(); while (ecNamedCurves.hasMoreElements()) { final String ecNamedCurve = ecNamedCurves.nextElement(); // Only add it if the key-length is sufficient try { final ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(ecNamedCurve); final int bitLength = parameterSpec.getN().bitLength(); KeyTools.checkValidKeyLength(AlgorithmConstants.KEYALGORITHM_ECDSA, bitLength); // Check if this exists under another alias boolean added = false; for (final String name : processedCurveNames.keySet()) { final ECNamedCurveParameterSpec parameterSpec2 = ECNamedCurveTable.getParameterSpec(name); if (parameterSpec.equals(parameterSpec2)) { // We have already listed this curve under another name added = true; break; } } if (!added) { if (PKCS11CryptoToken.class.getSimpleName().equals(getCurrentCryptoToken().getType())) { if (AlgorithmTools.isNamedECKnownInDefaultProvider(ecNamedCurve)) { processedCurveNames.put(ecNamedCurve, getEcKeySpecAliases(ecNamedCurve)); } } else { processedCurveNames.put(ecNamedCurve, getEcKeySpecAliases(ecNamedCurve)); } } } catch (InvalidKeyException e) { // Ignore very silently if (log.isTraceEnabled()) { log.trace("Not adding keys that are not allowed to key list: " + e.getMessage()); } } catch (Exception e) { // Ignore if (log.isDebugEnabled()) { log.debug(e); } } } String[] keys = processedCurveNames.keySet().toArray(new String[0]); Arrays.sort(keys, new Comparator<String>() { @Override public int compare(String o1, String o2) { return o1.compareTo(o2); } }); for (String name : keys) { availableKeySpecs.add(new SelectItem(name, AlgorithmConstants.KEYALGORITHM_ECDSA + " " + processedCurveNames.get(name))); } for (String alg : CesecoreConfiguration.getExtraAlgs()) { for (String subalg : CesecoreConfiguration.getExtraAlgSubAlgs(alg)) { final String title = CesecoreConfiguration.getExtraAlgSubAlgTitle(alg, subalg); final String name = CesecoreConfiguration.getExtraAlgSubAlgName(alg, subalg); availableKeySpecs.add(new SelectItem(name, title)); } } return availableKeySpecs; }
From source file:org.jmrtd.Util.java
License:Open Source License
private static org.bouncycastle.jce.spec.ECNamedCurveSpec toNamedCurveSpec(ECParameterSpec ecParamSpec) { if (ecParamSpec == null) { return null; }/* w w w .j av a 2 s. c o m*/ if (ecParamSpec instanceof org.bouncycastle.jce.spec.ECNamedCurveSpec) { return (org.bouncycastle.jce.spec.ECNamedCurveSpec) ecParamSpec; } @SuppressWarnings("unchecked") List<String> names = (List<String>) Collections.list(ECNamedCurveTable.getNames()); List<org.bouncycastle.jce.spec.ECNamedCurveSpec> namedSpecs = new ArrayList<org.bouncycastle.jce.spec.ECNamedCurveSpec>(); for (String name : names) { org.bouncycastle.jce.spec.ECNamedCurveSpec namedSpec = toECNamedCurveSpec( ECNamedCurveTable.getParameterSpec(name)); if (namedSpec.getCurve().equals(ecParamSpec.getCurve()) && namedSpec.getGenerator().equals(ecParamSpec.getGenerator()) && namedSpec.getOrder().equals(ecParamSpec.getOrder()) && namedSpec.getCofactor() == ecParamSpec.getCofactor()) { namedSpecs.add(namedSpec); } } if (namedSpecs.size() == 0) { // throw new IllegalArgumentException("No named curve found"); return null; } else if (namedSpecs.size() == 1) { return namedSpecs.get(0); } else { return namedSpecs.get(0); } }