List of usage examples for org.bouncycastle.jce ECNamedCurveTable getParameterSpec
public static ECNamedCurveParameterSpec getParameterSpec(String name)
From source file:ca.trustpoint.m2m.ecqv.EcqvProvider.java
License:Apache License
/** * Create a new instance./*w w w . j av a 2 s.com*/ * * @param algorithm Required. Signature algorithm OID. * @param parameters Optional. Algorithm parameters. (not currently used) */ public EcqvProvider(SignatureAlgorithms algorithm, byte[] parameters) throws IllegalArgumentException, UnsupportedOperationException, NoSuchAlgorithmException, NoSuchProviderException { if (algorithm == null) { throw new IllegalArgumentException("Missing algorithm OID"); } else if (!algorithm.isEcqv()) { throw new UnsupportedOperationException( "This provider can only be used with ECQV-based signature types"); } X962Parameters x9params = new X962Parameters(new ASN1ObjectIdentifier(algorithm.getSecOid())); digest = MessageDigest.getInstance(algorithm.getDigestAlgorithm().getDigestName(), BouncyCastleProvider.PROVIDER_NAME); curveParameters = ECNamedCurveTable.getParameterSpec(algorithm.getCryptoAlgorithm().getAlgorithmName()); algorithmId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, x9params.toASN1Primitive()); }
From source file:com.amazonaws.encryptionsdk.internal.DecryptionHandler.java
License:Open Source License
private PublicKey deserializeTrailingKeyFromEc(final String pubKey) throws GeneralSecurityException { final ECNamedCurveParameterSpec ecSpec; switch (cryptoAlgo_) { case ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256: ecSpec = ECNamedCurveTable.getParameterSpec("secp256r1"); break;/*w ww .j a v a2 s.c o m*/ case ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384: case ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384: ecSpec = ECNamedCurveTable.getParameterSpec("secp384r1"); break; default: throw new IllegalStateException("Algorithm does not support trailing signature"); } final ECPoint q = ecSpec.getCurve().decodePoint(Base64.decode(pubKey)); ECPublicKeyParameters keyParams = new ECPublicKeyParameters(q, new ECDomainParameters(ecSpec.getCurve(), ecSpec.getG(), ecSpec.getN(), ecSpec.getH())); return new BCECPublicKey("ECDSA", keyParams, ecSpec, BouncyCastleProvider.CONFIGURATION); }
From source file:com.amazonaws.encryptionsdk.internal.EncryptionHandler.java
License:Open Source License
private KeyPair generateTrailingSigKeyPair() throws GeneralSecurityException { final ECNamedCurveParameterSpec ecSpec; switch (cryptoAlgo_) { case ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256: ecSpec = ECNamedCurveTable.getParameterSpec("secp256r1"); break;/*from ww w .j a v a2s . co m*/ case ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384: case ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384: ecSpec = ECNamedCurveTable.getParameterSpec("secp384r1"); break; default: throw new IllegalStateException("Algorithm does not support trailing signature"); } KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA", "BC"); keyGen.initialize(ecSpec, RND); return keyGen.generateKeyPair(); }
From source file:com.amazonaws.services.dynamodbv2.datamodeling.encryption.DynamoDBEncryptorTest.java
License:Open Source License
private EncryptionMaterialsProvider getMaterialProviderwithECDSA() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException { Security.addProvider(new BouncyCastleProvider()); ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("secp384r1"); KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC"); g.initialize(ecSpec, Utils.getRng()); KeyPair keypair = g.generateKeyPair(); Map<String, String> description = new HashMap<String, String>(); description.put(DynamoDBEncryptor.DEFAULT_SIGNING_ALGORITHM_HEADER, "SHA384withECDSA"); return new SymmetricStaticProvider(null, keypair, description); }
From source file:com.amazonaws.services.dynamodbv2.datamodeling.encryption.DynamoDBSignerTest.java
License:Open Source License
@BeforeClass public static void setUpClass() throws Exception { //RSA key generation KeyPairGenerator rsaGen = KeyPairGenerator.getInstance("RSA"); rsaGen.initialize(2048, Utils.getRng()); KeyPair sigPair = rsaGen.generateKeyPair(); pubKeyRsa = sigPair.getPublic();//from ww w . j a va 2 s. com privKeyRsa = sigPair.getPrivate(); KeyGenerator macGen = KeyGenerator.getInstance("HmacSHA256"); macGen.init(256, Utils.getRng()); macKey = macGen.generateKey(); Security.addProvider(new BouncyCastleProvider()); ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("secp384r1"); KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC"); g.initialize(ecSpec, Utils.getRng()); KeyPair keypair = g.generateKeyPair(); pubKeyEcdsa = keypair.getPublic(); privKeyEcdsa = keypair.getPrivate(); }
From source file:com.DSC.crypto.ECKeyParam.java
License:Open Source License
/** * The default constructor, creates an instance of ECKeyParam object using the * default named curve which at the present moment is secp256r1. *//*from ww w .ja v a 2 s . c o m*/ public ECKeyParam() { /* Instantiate the ECParameterSpec and ECDomainParameters objects */ this.ECParamSpec = ECNamedCurveTable.getParameterSpec(defNamedCurve); this.ECDomainParam = new ECDomainParameters(ECParamSpec.getCurve(), // Curve ECParamSpec.getG(), // G ECParamSpec.getN()); // N }
From source file:com.DSC.crypto.ECKeyParam.java
License:Open Source License
/** * Creates an instance of the ECKeyParam object with using the named curve * specified for the elliptic curve.//w w w .ja v a2 s .c o m * * For a list of supported curves and more informations on named curves see the * following. * * @see http://www.secg.org/collateral/sec2_final.pdf * @see http://www.bouncycastle.org/wiki/display/JA1/Supported+Curves+%28ECDSA+and+ECGOST%29 * * @param namedCurve The named elliptic curve to use * * @throws InvalidParameterException if the named curve provided is not supported */ public ECKeyParam(String namedCurve) throws InvalidParameterException { /* Instantiate the ECParameterSpec and ECDomainParameters objects */ this.ECParamSpec = ECNamedCurveTable.getParameterSpec(namedCurve); if (this.ECParamSpec == null) { throw new InvalidParameterException("Invalid named elliptic curve provided!"); } this.ECDomainParam = new ECDomainParameters(ECParamSpec.getCurve(), // Curve ECParamSpec.getG(), // G ECParamSpec.getN()); // N }
From source file:com.facebook.delegatedrecovery.DelegatedRecoveryConfiguration.java
License:Open Source License
/** * Turn the JSON public key array from a configuration into a set of usable * public keys for ECDSA on secp256r1/*from ww w. j a va 2 s . c om*/ * * @param array The JSON public key array * @return array of public keys decoded from the JSON array of base64 encoded * strings */ protected static ECPublicKey[] keysFromJsonArray(final JsonArray array) { try { final ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("prime256v1"); final KeyFactory kf = KeyFactory.getInstance("EC", new BouncyCastleProvider()); final ECNamedCurveSpec params = new ECNamedCurveSpec("prime256v1", spec.getCurve(), spec.getG(), spec.getN()); final ArrayList<ECPublicKey> pubKeys = new ArrayList<ECPublicKey>(array.size()); for (int i = 0; i < array.size(); i++) { final String b64 = array.getString(i); final byte[] pubKeyAsn1 = Base64.getDecoder().decode(b64); final byte[] pubKey = new byte[pubKeyAsn1.length - PEM_ASN1_PREFIX.length]; // trim // PEM // ASN.1 // prefix System.arraycopy(pubKeyAsn1, PEM_ASN1_PREFIX.length, pubKey, 0, pubKey.length); final ECPoint point = ECPointUtil.decodePoint(params.getCurve(), pubKey); final ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(point, params); try { final ECPublicKey pk = (ECPublicKey) kf.generatePublic(pubKeySpec); pubKeys.add(pk); } catch (InvalidKeySpecException e) { System.err.println("InvalidKeySpecException while processing " + b64); } } return pubKeys.toArray(new ECPublicKey[pubKeys.size()]); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); System.err.println("Unable to initialize ECDSA key factor for prime256v1. Cannot continue."); System.exit(1); return null; // unreachable but Eclipse complier wants me to return // something. :P } }
From source file:com.pazdev.jose.JWK.java
License:Apache License
/** * <p>/*from w w w . ja v a 2 s .co m*/ * Converts the keys described in this JWK to JCE {@link Key} objects. The map * returned will either be empty, signifying that no keys could be obtained * based on the given information, or one of the following keys: * </p> * <ul> * <li>public</li> * <li>private</li> * <li>secret</li> * </ul> * @return a map containing all the obtainable keys. */ @JsonIgnore public Map<String, Key> getKeys() { HashMap<String, Key> retval = new HashMap<>(); try { if (null != keyType) switch (keyType) { case "EC": { KeyFactory fac = KeyFactory.getInstance("EC", "BC"); ECNamedCurveParameterSpec ecParamSpecBC = ECNamedCurveTable.getParameterSpec(curve); ECNamedCurveSpec ecParamSpec = new ECNamedCurveSpec(ecParamSpecBC.getName(), ecParamSpecBC.getCurve(), ecParamSpecBC.getG(), ecParamSpecBC.getN(), ecParamSpecBC.getH(), ecParamSpecBC.getSeed()); if (privateKey != null && privateKey.length > 0) { ECPrivateKeySpec privateSpec = new ECPrivateKeySpec(new BigInteger(1, privateKey), ecParamSpec); retval.put("private", fac.generatePrivate(privateSpec)); } if (xCoordinate != null && xCoordinate.length > 0) { ECPublicKeySpec publicSpec = new ECPublicKeySpec( new ECPoint(new BigInteger(1, xCoordinate), new BigInteger(1, yCoordinate)), ecParamSpec); retval.put("public", fac.generatePublic(publicSpec)); } break; } case "RSA": { KeyFactory fac = KeyFactory.getInstance("RSA", "BC"); BigInteger m = new BigInteger(1, modulus); BigInteger e = new BigInteger(1, exponent); retval.put("public", fac.generatePublic(new RSAPublicKeySpec(m, e))); if (privateKey != null && privateKey.length > 0) { BigInteger d = new BigInteger(1, privateKey); BigInteger p, q, dp, dq, qi; RSAOtherPrimeInfo[] otherPrimes = null; if (firstPrimeFactor != null && firstPrimeFactor.length > 0) { p = new BigInteger(1, firstPrimeFactor); } else { p = null; } if (secondPrimeFactor != null && secondPrimeFactor.length > 0) { q = new BigInteger(1, secondPrimeFactor); } else { q = null; } if (firstFactorCrtExponent != null && firstFactorCrtExponent.length > 0) { dp = new BigInteger(1, firstFactorCrtExponent); } else { dp = null; } if (secondFactorCrtExponent != null && secondFactorCrtExponent.length > 0) { dq = new BigInteger(1, secondFactorCrtExponent); } else { dq = null; } if (firstCrtCoefficient != null && firstCrtCoefficient.length > 0) { qi = new BigInteger(1, firstCrtCoefficient); } else { qi = null; } if (otherPrimesInfo != null && otherPrimesInfo.size() > 0) { otherPrimes = new RSAOtherPrimeInfo[otherPrimesInfo.size()]; for (int i = otherPrimes.length - 1; i >= 0; --i) { BigInteger or, od, ot; OtherPrimeInfo other = otherPrimesInfo.get(i); if (other.primeFactor != null && other.primeFactor.length > 0) { or = new BigInteger(1, other.primeFactor); } else { or = null; } if (other.factorCrtExponent != null && other.factorCrtExponent.length > 0) { od = new BigInteger(1, other.factorCrtExponent); } else { od = null; } if (other.factorCrtCoefficient != null && other.factorCrtCoefficient.length > 0) { ot = new BigInteger(1, other.factorCrtCoefficient); } else { ot = null; } otherPrimes[i] = new RSAOtherPrimeInfo(or, od, ot); } } if (p != null || q != null || dp != null || dq != null) { if (otherPrimes != null) { RSAMultiPrimePrivateCrtKeySpec spec = new RSAMultiPrimePrivateCrtKeySpec(m, e, d, p, q, dp, dq, qi, otherPrimes); retval.put("private", fac.generatePrivate(spec)); } else { RSAPrivateCrtKeySpec spec = new RSAPrivateCrtKeySpec(m, e, d, p, q, dp, dq, qi); retval.put("private", fac.generatePrivate(spec)); } } else { RSAPrivateKeySpec spec = new RSAPrivateKeySpec(m, d); retval.put("private", fac.generatePrivate(spec)); } } break; } case "oct": retval.put("secret", new SecretKeySpec(keyValue, algorithm != null ? algorithm : "AES")); break; } } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) { throw new RuntimeException(e); } return retval; }
From source file:com.redhat.akashche.keystoregen.KeystoreGenerator.java
License:Apache License
private Keys generateKeys(KeystoreConfig.Entry en) throws Exception { if ("RSA".equalsIgnoreCase(en.getKeyAlgorithm())) { KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA", BCPROV); keygen.initialize(en.getRsaKeySize(), new SecureRandom()); KeyPair pair = keygen.generateKeyPair(); KeyFactory kf = KeyFactory.getInstance("RSA", BCPROV); KeySpec privSpec = new PKCS8EncodedKeySpec(pair.getPrivate().getEncoded()); KeySpec pubSpec = new X509EncodedKeySpec(pair.getPublic().getEncoded()); return new Keys(kf.generatePrivate(privSpec), kf.generatePublic(pubSpec), kf.generatePrivate(privSpec), kf.generatePublic(pubSpec), kf.generatePrivate(privSpec), kf.generatePublic(pubSpec)); } else if ("ECDSA".equalsIgnoreCase(en.getKeyAlgorithm())) { ECParameterSpec spec = ECNamedCurveTable.getParameterSpec(en.getEcdsaNamedCurve()); if (null == spec) throw new IllegalArgumentException("Invalid 'ecdsaNamedCurve': [" + en.getEcdsaNamedCurve() + "]"); KeyPairGenerator keygen = KeyPairGenerator.getInstance("ECDSA", BCPROV); keygen.initialize(spec, new SecureRandom()); KeyPair pair = keygen.generateKeyPair(); KeyFactory kf = KeyFactory.getInstance("ECDSA", BCPROV); KeySpec privSpec = new PKCS8EncodedKeySpec(pair.getPrivate().getEncoded()); KeySpec pubSpec = new X509EncodedKeySpec(pair.getPublic().getEncoded()); return new Keys(kf.generatePrivate(privSpec), kf.generatePublic(pubSpec), kf.generatePrivate(privSpec), kf.generatePublic(pubSpec), kf.generatePrivate(privSpec), kf.generatePublic(pubSpec)); } else/*from ww w.j a v a2s.c o m*/ throw new IllegalArgumentException("Unsupported 'keyAlgorithm': [" + en.getKeyAlgorithm() + "]"); }