List of usage examples for org.bouncycastle.jce.provider JCEECPublicKey getParameters
public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
From source file:eu.europa.ec.markt.dss.DSSPKUtils.java
License:Open Source License
/** * This method returns the public key size extracted from public key infrastructure. * * @param publicKey//from www . j a va 2 s . c o m * @return */ public static int getPublicKeySize(final PublicKey publicKey) { int publicKeySize = -1; if (publicKey instanceof RSAPublicKey) { RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; publicKeySize = rsaPublicKey.getModulus().bitLength(); } else if (publicKey instanceof JCEECPublicKey) { /** * The security of EC systems relies on the size of q, and the size of an EC key refers to the bit-length of * the subgroup size q. */ final JCEECPublicKey jceecPublicKey = (JCEECPublicKey) publicKey; ECParameterSpec spec = jceecPublicKey.getParameters(); if (spec != null) { publicKeySize = spec.getN().bitLength(); } else { // We support the key, but we don't know the key length publicKeySize = 0; // publicKeySize = jceecPublicKey.getQ().getCurve().getFieldSize(); } } else if (publicKey instanceof ECPublicKey) { ECPublicKey ecPublicKey = (ECPublicKey) publicKey; java.security.spec.ECParameterSpec spec = ecPublicKey.getParams(); if (spec != null) { // TODO: (Bob: 20130528) To be checked (need an example) publicKeySize = spec.getCurve().getField().getFieldSize(); } else { publicKeySize = 0; } } else if (publicKey instanceof DSAPublicKey) { DSAPublicKey dsaPublicKey = (DSAPublicKey) publicKey; publicKeySize = dsaPublicKey.getParams().getP().bitLength(); } else { LOG.error("Unknown public key infrastructure: " + publicKey.getClass().getName()); } return publicKeySize; }
From source file:eu.europa.ec.markt.dss.validation102853.toolbox.PublicKeyUtils.java
License:Open Source License
/** * This method returns the public key size extracted from public key infrastructure. * * @param publicKey//w ww.j a v a2 s .com * @return */ public static int getPublicKeySize(final PublicKey publicKey) { int publicKeySize = -1; if (publicKey instanceof RSAPublicKeyImpl) { RSAPublicKeyImpl rsaPublicKey = (RSAPublicKeyImpl) publicKey; publicKeySize = rsaPublicKey.getModulus().bitLength(); } else if (publicKey instanceof JCERSAPublicKey) { final JCERSAPublicKey rsaPublicKey = (JCERSAPublicKey) publicKey; publicKeySize = rsaPublicKey.getModulus().bitLength(); } else if (publicKey instanceof JCEECPublicKey) { /** * The security of EC systems relies on the size of q, and the size of an EC key refers to the bit-length of * the subgroup size q. */ final JCEECPublicKey jceecPublicKey = (JCEECPublicKey) publicKey; ECParameterSpec spec = jceecPublicKey.getParameters(); if (spec != null) { publicKeySize = spec.getN().bitLength(); } else { // We support the key, but we don't know the key length publicKeySize = 0; // publicKeySize = jceecPublicKey.getQ().getCurve().getFieldSize(); } } else if (publicKey instanceof ECPublicKey) { ECPublicKey ecPublicKey = (ECPublicKey) publicKey; java.security.spec.ECParameterSpec spec = ecPublicKey.getParams(); if (spec != null) { // TODO: (Bob: 20130528) To be checked (need an example) publicKeySize = spec.getCurve().getField().getFieldSize(); } else { publicKeySize = 0; } } else if (publicKey instanceof DSAPublicKeyImpl) { DSAPublicKeyImpl dsaPublicKeyImpl = (DSAPublicKeyImpl) publicKey; publicKeySize = dsaPublicKeyImpl.getParams().getP().bitLength(); } else if (publicKey instanceof JDKDSAPublicKey) { JDKDSAPublicKey dsaPublicKeyImpl = (JDKDSAPublicKey) publicKey; publicKeySize = dsaPublicKeyImpl.getParams().getP().bitLength(); } else { LOG.warning("Unknown public key infrastructure: " + publicKey.getClass().getName()); } return publicKeySize; }
From source file:eu.europa.esig.dss.DSSPKUtils.java
License:Open Source License
/** * This method returns the public key size extracted from public key infrastructure. * * @param publicKey/* w w w . jav a 2 s . com*/ * @return */ public static int getPublicKeySize(final PublicKey publicKey) { int publicKeySize = -1; if (publicKey instanceof RSAPublicKey) { RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; publicKeySize = rsaPublicKey.getModulus().bitLength(); } else if (publicKey instanceof JCEECPublicKey) { /** * The security of EC systems relies on the size of q, and the size of an EC key refers to the bit-length of * the subgroup size q. */ final JCEECPublicKey jceecPublicKey = (JCEECPublicKey) publicKey; ECParameterSpec spec = jceecPublicKey.getParameters(); if (spec != null) { publicKeySize = spec.getN().bitLength(); } else { // We support the key, but we don't know the key length publicKeySize = 0; // publicKeySize = jceecPublicKey.getQ().getCurve().getFieldSize(); } } else if (publicKey instanceof ECPublicKey) { ECPublicKey ecPublicKey = (ECPublicKey) publicKey; java.security.spec.ECParameterSpec spec = ecPublicKey.getParams(); if (spec != null) { publicKeySize = spec.getCurve().getField().getFieldSize(); } else { publicKeySize = 0; } } else if (publicKey instanceof DSAPublicKey) { DSAPublicKey dsaPublicKey = (DSAPublicKey) publicKey; publicKeySize = dsaPublicKey.getParams().getP().bitLength(); } else { LOG.error("Unknown public key infrastructure: " + publicKey.getClass().getName()); } return publicKeySize; }
From source file:org.cesecore.keys.util.KeyTools.java
License:Open Source License
/** * Gets the key length of supported keys * //from w w w .j a va2s . c o m * @param pk * PublicKey used to derive the keysize * @return -1 if key is unsupported, otherwise a number >= 0. 0 usually means the length can not be calculated, for example if the key is an EC * key and the "implicitlyCA" encoding is used. */ public static int getKeyLength(final PublicKey pk) { int len = -1; if (pk instanceof RSAPublicKey) { final RSAPublicKey rsapub = (RSAPublicKey) pk; len = rsapub.getModulus().bitLength(); } else if (pk instanceof JCEECPublicKey) { final JCEECPublicKey ecpriv = (JCEECPublicKey) pk; final org.bouncycastle.jce.spec.ECParameterSpec spec = ecpriv.getParameters(); if (spec != null) { len = spec.getN().bitLength(); } else { // We support the key, but we don't know the key length len = 0; } } else if (pk instanceof BCECPublicKey) { final BCECPublicKey ecpriv = (BCECPublicKey) pk; final org.bouncycastle.jce.spec.ECParameterSpec spec = ecpriv.getParameters(); if (spec != null) { len = spec.getN().bitLength(); } else { // We support the key, but we don't know the key length len = 0; } } else if (pk instanceof ECPublicKey) { final ECPublicKey ecpriv = (ECPublicKey) pk; final java.security.spec.ECParameterSpec spec = ecpriv.getParams(); if (spec != null) { len = spec.getOrder().bitLength(); // does this really return something we expect? } else { // We support the key, but we don't know the key length len = 0; } } else if (pk instanceof DSAPublicKey) { final DSAPublicKey dsapub = (DSAPublicKey) pk; if (dsapub.getParams() != null) { len = dsapub.getParams().getP().bitLength(); } else { len = dsapub.getY().bitLength(); } } return len; }
From source file:org.ejbca.core.ejb.ca.caadmin.CAsTest.java
License:Open Source License
private void checkECKey(PublicKey pk) { if (pk instanceof JCEECPublicKey) { JCEECPublicKey ecpk = (JCEECPublicKey) pk; assertEquals(ecpk.getAlgorithm(), "EC"); org.bouncycastle.jce.spec.ECParameterSpec spec = ecpk.getParameters(); assertNotNull("Only ImplicitlyCA curves can have null spec", spec); } else if (pk instanceof BCECPublicKey) { BCECPublicKey ecpk = (BCECPublicKey) pk; assertEquals(ecpk.getAlgorithm(), "EC"); org.bouncycastle.jce.spec.ECParameterSpec spec = ecpk.getParameters(); assertNotNull("Only ImplicitlyCA curves can have null spec", spec); } else {//from w w w . ja v a2s . co m assertTrue("Public key is not EC: " + pk.getClass().getName(), false); } }
From source file:org.ejbca.core.ejb.ca.caadmin.CAsTest.java
License:Open Source License
/** Adds a CA Using ECDSA 'implicitlyCA' keys to the database. It also checks that the CA is stored correctly. */ @Test/*from w ww . ja v a 2 s .c o m*/ public void test05AddECDSAImplicitlyCACA() throws Exception { log.trace(">test05AddECDSAImplicitlyCACA()"); boolean ret = false; try { createEllipticCurveDsaImplicitCa(); CAInfo info = caSession.getCAInfo(admin, TEST_ECDSA_IMPLICIT_CA_NAME); X509Certificate cert = (X509Certificate) info.getCertificateChain().iterator().next(); assertTrue("Error in created ca certificate", cert.getSubjectDN().toString().equals("CN=TESTECDSAImplicitlyCA")); assertTrue("Creating CA failed", info.getSubjectDN().equals("CN=TESTECDSAImplicitlyCA")); PublicKey pk = cert.getPublicKey(); if (pk instanceof JCEECPublicKey) { JCEECPublicKey ecpk = (JCEECPublicKey) pk; assertEquals(ecpk.getAlgorithm(), "EC"); ECParameterSpec spec = ecpk.getParameters(); assertNull( "ImplicitlyCA must have null spec, because it should be explicitly set in ejbca.properties", spec); } else if (pk instanceof BCECPublicKey) { BCECPublicKey ecpk = (BCECPublicKey) pk; assertEquals(ecpk.getAlgorithm(), "EC"); org.bouncycastle.jce.spec.ECParameterSpec spec = ecpk.getParameters(); assertNull( "ImplicitlyCA must have null spec, because it should be explicitly set in ejbca.properties", spec); } else { assertTrue("Public key is not EC: " + pk.getClass().getName(), false); } ret = true; } catch (CAExistsException pee) { log.info("CA exists."); } finally { removeOldCa(TEST_ECDSA_IMPLICIT_CA_NAME); } assertTrue("Creating ECDSA ImplicitlyCA CA failed", ret); log.trace("<test05AddECDSAImplicitlyCACA()"); }
From source file:org.ejbca.core.ejb.ca.sign.SignSessionTest.java
License:Open Source License
/** * creates cert/*from w w w. j a v a 2s . c o m*/ * * @throws Exception * if en error occurs... */ public void test12SignSessionECDSAWithRSACA() throws Exception { log.trace(">test12SignSessionECDSAWithRSACA()"); userAdminSession.setUserStatus(admin, "foo", UserDataConstants.STATUS_NEW); log.debug("Reset status of 'foo' to NEW"); // user that we know exists... X509Certificate selfcert = CertTools.genSelfCert("CN=selfsigned", 1, null, ecdsakeys.getPrivate(), ecdsakeys.getPublic(), AlgorithmConstants.SIGALG_SHA256_WITH_ECDSA, false); X509Certificate cert = (X509Certificate) signSession.createCertificate(admin, "foo", "foo123", selfcert); assertNotNull("Misslyckades skapa cert", cert); log.debug("Cert=" + cert.toString()); PublicKey pk = cert.getPublicKey(); if (pk instanceof JCEECPublicKey) { JCEECPublicKey ecpk = (JCEECPublicKey) pk; assertEquals(ecpk.getAlgorithm(), "EC"); org.bouncycastle.jce.spec.ECParameterSpec spec = ecpk.getParameters(); assertNotNull("ImplicitlyCA must have null spec", spec); } else { assertTrue("Public key is not EC", false); } try { cert.verify(rsacacert.getPublicKey()); } catch (Exception e) { assertTrue("Verify failed: " + e.getMessage(), false); } // FileOutputStream fos = new FileOutputStream("testcert.crt"); // fos.write(cert.getEncoded()); // fos.close(); log.trace("<test12SignSessionECDSAWithRSACA()"); }
From source file:org.ejbca.core.ejb.ca.sign.SignSessionTest.java
License:Open Source License
/** * tests bouncy PKCS10/*from w w w .jav a2 s . co m*/ * * @throws Exception * if en error occurs... */ public void test13TestBCPKCS10ECDSAWithRSACA() throws Exception { log.trace(">test13TestBCPKCS10ECDSAWithRSACA()"); userAdminSession.setUserStatus(admin, "foo", UserDataConstants.STATUS_NEW); log.debug("Reset status of 'foo' to NEW"); // Create certificate request PKCS10CertificationRequest req = new PKCS10CertificationRequest("SHA256WithECDSA", CertTools.stringToBcX509Name("C=SE, O=AnaTom, CN=foo"), ecdsakeys.getPublic(), new DERSet(), ecdsakeys.getPrivate()); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); DEROutputStream dOut = new DEROutputStream(bOut); dOut.writeObject(req); dOut.close(); PKCS10CertificationRequest req2 = new PKCS10CertificationRequest(bOut.toByteArray()); boolean verify = req2.verify(); log.debug("Verify returned " + verify); assertTrue(verify); log.debug("CertificationRequest generated successfully."); byte[] bcp10 = bOut.toByteArray(); PKCS10RequestMessage p10 = new PKCS10RequestMessage(bcp10); p10.setUsername("foo"); p10.setPassword("foo123"); IResponseMessage resp = signSession.createCertificate(admin, p10, org.ejbca.core.protocol.X509ResponseMessage.class, null); Certificate cert = CertTools.getCertfromByteArray(resp.getResponseMessage()); assertNotNull("Failed to create certificate", cert); log.debug("Cert=" + cert.toString()); PublicKey pk = cert.getPublicKey(); if (pk instanceof JCEECPublicKey) { JCEECPublicKey ecpk = (JCEECPublicKey) pk; assertEquals(ecpk.getAlgorithm(), "EC"); org.bouncycastle.jce.spec.ECParameterSpec spec = ecpk.getParameters(); assertNotNull("ImplicitlyCA must have null spec", spec); } else { assertTrue("Public key is not EC", false); } try { cert.verify(rsacacert.getPublicKey()); } catch (Exception e) { assertTrue("Verify failed: " + e.getMessage(), false); } log.trace("<test13TestBCPKCS10ECDSAWithRSACA()"); }
From source file:org.ejbca.core.ejb.ca.sign.SignSessionTest.java
License:Open Source License
/** * creates cert//from w w w . ja v a2s. c o m * * @throws Exception * if en error occurs... */ public void test14SignSessionECDSAWithECDSACA() throws Exception { log.trace(">test14SignSessionECDSAWithECDSACA()"); userAdminSession.setUserStatus(admin, "fooecdsa", UserDataConstants.STATUS_NEW); log.debug("Reset status of 'fooecdsa' to NEW"); // user that we know exists... X509Certificate selfcert = CertTools.genSelfCert("CN=selfsigned", 1, null, ecdsakeys.getPrivate(), ecdsakeys.getPublic(), AlgorithmConstants.SIGALG_SHA256_WITH_ECDSA, false); X509Certificate cert = (X509Certificate) signSession.createCertificate(admin, "fooecdsa", "foo123", selfcert); assertNotNull("Misslyckades skapa cert", cert); log.debug("Cert=" + cert.toString()); PublicKey pk = cert.getPublicKey(); if (pk instanceof JCEECPublicKey) { JCEECPublicKey ecpk = (JCEECPublicKey) pk; assertEquals(ecpk.getAlgorithm(), "EC"); org.bouncycastle.jce.spec.ECParameterSpec spec = ecpk.getParameters(); assertNotNull("ImplicitlyCA must have null spec", spec); } else { assertTrue("Public key is not EC", false); } try { cert.verify(ecdsacacert.getPublicKey()); } catch (Exception e) { assertTrue("Verify failed: " + e.getMessage(), false); } // FileOutputStream fos = new FileOutputStream("testcert.crt"); // fos.write(cert.getEncoded()); // fos.close(); log.trace("<test14SignSessionECDSAWithECDSACA()"); }
From source file:org.ejbca.core.ejb.ca.sign.SignSessionTest.java
License:Open Source License
/** * tests bouncy PKCS10/*w w w .j a va 2s . c o m*/ * * @throws Exception * if en error occurs... */ public void test15TestBCPKCS10ECDSAWithECDSACA() throws Exception { log.trace(">test15TestBCPKCS10ECDSAWithECDSACA()"); userAdminSession.setUserStatus(admin, "fooecdsa", UserDataConstants.STATUS_NEW); log.debug("Reset status of 'foo' to NEW"); // Create certificate request PKCS10CertificationRequest req = new PKCS10CertificationRequest("SHA256WithECDSA", CertTools.stringToBcX509Name("C=SE, O=AnaTom, CN=fooecdsa"), ecdsakeys.getPublic(), new DERSet(), ecdsakeys.getPrivate()); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); DEROutputStream dOut = new DEROutputStream(bOut); dOut.writeObject(req); dOut.close(); PKCS10CertificationRequest req2 = new PKCS10CertificationRequest(bOut.toByteArray()); boolean verify = req2.verify(); log.debug("Verify returned " + verify); assertTrue(verify); log.debug("CertificationRequest generated successfully."); byte[] bcp10 = bOut.toByteArray(); PKCS10RequestMessage p10 = new PKCS10RequestMessage(bcp10); p10.setUsername("fooecdsa"); p10.setPassword("foo123"); IResponseMessage resp = signSession.createCertificate(admin, p10, org.ejbca.core.protocol.X509ResponseMessage.class, null); Certificate cert = CertTools.getCertfromByteArray(resp.getResponseMessage()); assertNotNull("Failed to create certificate", cert); log.debug("Cert=" + cert.toString()); PublicKey pk = cert.getPublicKey(); if (pk instanceof JCEECPublicKey) { JCEECPublicKey ecpk = (JCEECPublicKey) pk; assertEquals(ecpk.getAlgorithm(), "EC"); org.bouncycastle.jce.spec.ECParameterSpec spec = ecpk.getParameters(); assertNotNull("ImplicitlyCA must have null spec", spec); } else { assertTrue("Public key is not EC", false); } try { cert.verify(ecdsacacert.getPublicKey()); } catch (Exception e) { assertTrue("Verify failed: " + e.getMessage(), false); } log.trace("<test15TestBCPKCS10ECDSAWithECDSACA()"); }