use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project jmulticard by ctt-gob-es.
the class SubjectPublicKeyInfoFactory method createSubjectPublicKeyInfo.
/**
* Create a SubjectPublicKeyInfo public key.
*
* @param publicKey the key to be encoded into the info object.
* @return a SubjectPublicKeyInfo representing the key.
* @throws java.io.IOException on an error encoding the key
*/
public static SubjectPublicKeyInfo createSubjectPublicKeyInfo(AsymmetricKeyParameter publicKey) throws IOException {
if (publicKey instanceof QTESLAPublicKeyParameters) {
QTESLAPublicKeyParameters keyParams = (QTESLAPublicKeyParameters) publicKey;
AlgorithmIdentifier algorithmIdentifier = Utils.qTeslaLookupAlgID(keyParams.getSecurityCategory());
return new SubjectPublicKeyInfo(algorithmIdentifier, keyParams.getPublicData());
} else if (publicKey instanceof SPHINCSPublicKeyParameters) {
SPHINCSPublicKeyParameters params = (SPHINCSPublicKeyParameters) publicKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256, new SPHINCS256KeyParams(Utils.sphincs256LookupTreeAlgID(params.getTreeDigest())));
return new SubjectPublicKeyInfo(algorithmIdentifier, params.getKeyData());
} else if (publicKey instanceof NHPublicKeyParameters) {
NHPublicKeyParameters params = (NHPublicKeyParameters) publicKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.newHope);
return new SubjectPublicKeyInfo(algorithmIdentifier, params.getPubData());
} else if (publicKey instanceof LMSPublicKeyParameters) {
LMSPublicKeyParameters params = (LMSPublicKeyParameters) publicKey;
byte[] encoding = Composer.compose().u32str(1).bytes(params).build();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(encoding));
} else if (publicKey instanceof HSSPublicKeyParameters) {
HSSPublicKeyParameters params = (HSSPublicKeyParameters) publicKey;
byte[] encoding = Composer.compose().u32str(params.getL()).bytes(params.getLMSPublicKey()).build();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(encoding));
} else if (publicKey instanceof SPHINCSPlusPublicKeyParameters) {
SPHINCSPlusPublicKeyParameters params = (SPHINCSPlusPublicKeyParameters) publicKey;
byte[] encoding = params.getEncoded();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(Utils.sphincsPlusOidLookup(params.getParameters()));
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(encoding));
} else if (publicKey instanceof CMCEPublicKeyParameters) {
CMCEPublicKeyParameters params = (CMCEPublicKeyParameters) publicKey;
byte[] encoding = params.getEncoded();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(Utils.mcElieceOidLookup(params.getParameters()));
// https://datatracker.ietf.org/doc/draft-uni-qsckeys/
return new SubjectPublicKeyInfo(algorithmIdentifier, new CMCEPublicKey(encoding));
} else if (publicKey instanceof XMSSPublicKeyParameters) {
XMSSPublicKeyParameters keyParams = (XMSSPublicKeyParameters) publicKey;
byte[] publicSeed = keyParams.getPublicSeed();
byte[] root = keyParams.getRoot();
byte[] keyEnc = keyParams.getEncoded();
if (keyEnc.length > publicSeed.length + root.length) {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(IsaraObjectIdentifiers.id_alg_xmss);
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(keyEnc));
} else {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss, new XMSSKeyParams(keyParams.getParameters().getHeight(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
return new SubjectPublicKeyInfo(algorithmIdentifier, new XMSSPublicKey(publicSeed, root));
}
} else if (publicKey instanceof XMSSMTPublicKeyParameters) {
XMSSMTPublicKeyParameters keyParams = (XMSSMTPublicKeyParameters) publicKey;
byte[] publicSeed = keyParams.getPublicSeed();
byte[] root = keyParams.getRoot();
byte[] keyEnc = keyParams.getEncoded();
if (keyEnc.length > publicSeed.length + root.length) {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(IsaraObjectIdentifiers.id_alg_xmssmt);
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(keyEnc));
} else {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss_mt, new XMSSMTKeyParams(keyParams.getParameters().getHeight(), keyParams.getParameters().getLayers(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
return new SubjectPublicKeyInfo(algorithmIdentifier, new XMSSMTPublicKey(keyParams.getPublicSeed(), keyParams.getRoot()));
}
} else if (publicKey instanceof McElieceCCA2PublicKeyParameters) {
McElieceCCA2PublicKeyParameters pub = (McElieceCCA2PublicKeyParameters) publicKey;
McElieceCCA2PublicKey mcEliecePub = new McElieceCCA2PublicKey(pub.getN(), pub.getT(), pub.getG(), Utils.getAlgorithmIdentifier(pub.getDigest()));
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcElieceCca2);
return new SubjectPublicKeyInfo(algorithmIdentifier, mcEliecePub);
} else if (publicKey instanceof FrodoPublicKeyParameters) {
FrodoPublicKeyParameters params = (FrodoPublicKeyParameters) publicKey;
byte[] encoding = params.getEncoded();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(Utils.frodoOidLookup(params.getParameters()));
return new SubjectPublicKeyInfo(algorithmIdentifier, (new DEROctetString(encoding)));
} else if (publicKey instanceof SABERPublicKeyParameters) {
SABERPublicKeyParameters params = (SABERPublicKeyParameters) publicKey;
byte[] encoding = params.getEncoded();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(Utils.saberOidLookup(params.getParameters()));
// https://datatracker.ietf.org/doc/draft-uni-qsckeys/
return new SubjectPublicKeyInfo(algorithmIdentifier, new DERSequence(new DEROctetString(encoding)));
} else {
throw new IOException("key parameters not recognized");
}
}
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project signer by demoiselle.
the class CreateCA method main.
// http://stackoverflow.com/questions/18633273/correctly-creating-a-new-certificate-with-an-intermediate-certificate-using-boun
// http://stackoverflow.com/questions/31618568/how-can-i-create-a-ca-root-certificate-with-bouncy-castle
public static void main(String[] args) throws IOException, OperatorCreationException, NoSuchAlgorithmException {
// ---------------------- CA Creation ----------------------
// System.out.println("Generating Keys");
KeyPairGenerator rsa = KeyPairGenerator.getInstance("RSA");
rsa.initialize(1024);
KeyPair kp = rsa.generateKeyPair();
Calendar cal = Calendar.getInstance();
cal.add(Calendar.YEAR, 100);
// System.out.println("Getting data");
byte[] pk = kp.getPublic().getEncoded();
SubjectPublicKeyInfo bcPk = SubjectPublicKeyInfo.getInstance(pk);
// System.out.println("Creating cert");
X509v1CertificateBuilder certGen = new X509v1CertificateBuilder(new X500Name("CN=CA Cert"), BigInteger.ONE, new Date(), cal.getTime(), new X500Name("CN=CA Cert"), bcPk);
X509CertificateHolder certHolder = certGen.build(new JcaContentSignerBuilder("SHA1withRSA").build(kp.getPrivate()));
StringBuffer s = new StringBuffer();
s.append(X509Factory.BEGIN_CERT + "\n");
s.append(Base64Utils.base64Encode(certHolder.getEncoded()) + "\n");
s.append(X509Factory.END_CERT);
saveFile(s.toString().getBytes());
// ---------------------- ISSUER Creation ----------------------
}
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project smoke by textbrowser.
the class Cryptography method publicKeyAlgorithm.
public static String publicKeyAlgorithm(PublicKey publicKey) {
if (publicKey == null)
return "";
try {
ASN1ObjectIdentifier asn1ObjectIdentifier = null;
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
asn1ObjectIdentifier = subjectPublicKeyInfo.getAlgorithm().getAlgorithm();
if (asn1ObjectIdentifier.equals(PQCObjectIdentifiers.mcElieceCca2))
return "McEliece-CCA2";
else if (asn1ObjectIdentifier.equals(PQCObjectIdentifiers.mcElieceFujisaki))
return "McEliece-Fujisaki";
else if (asn1ObjectIdentifier.equals(PQCObjectIdentifiers.mcEliecePointcheval))
return "McEliece-Pointcheval";
else if (publicKey instanceof BCRainbowPublicKey)
return "Rainbow";
else if (publicKey instanceof BCSphincs256PublicKey)
return "SPHINCS";
else if (publicKey.getAlgorithm().equals("EC"))
return "ECDSA";
else
return "RSA";
} catch (Exception exception) {
}
return "";
}
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project fdroidclient by f-droid.
the class LocalRepoKeyStore method generateSelfSignedCertChain.
private Certificate generateSelfSignedCertChain(KeyPair kp, X500Name subject, String hostname) throws CertificateException, OperatorCreationException, IOException {
SecureRandom rand = new SecureRandom();
PrivateKey privKey = kp.getPrivate();
PublicKey pubKey = kp.getPublic();
ContentSigner sigGen = new JcaContentSignerBuilder(DEFAULT_SIG_ALG).build(privKey);
SubjectPublicKeyInfo subPubKeyInfo = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(pubKey.getEncoded()));
// now
Date now = new Date();
/* force it to use a English/Gregorian dates for the cert, hardly anyone
ever looks at the cert metadata anyway, and its very likely that they
understand English/Gregorian dates */
Calendar c = new GregorianCalendar(Locale.ENGLISH);
c.setTime(now);
c.add(Calendar.YEAR, 1);
Time startTime = new Time(now, Locale.ENGLISH);
Time endTime = new Time(c.getTime(), Locale.ENGLISH);
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(subject, BigInteger.valueOf(rand.nextLong()), startTime, endTime, subject, subPubKeyInfo);
if (hostname != null) {
GeneralNames subjectAltName = new GeneralNames(new GeneralName(GeneralName.iPAddress, hostname));
v3CertGen.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
}
X509CertificateHolder certHolder = v3CertGen.build(sigGen);
return new JcaX509CertificateConverter().getCertificate(certHolder);
}
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project amazon-corretto-crypto-provider by corretto.
the class EcGenTest method knownCurves.
@ParameterizedTest
@MethodSource("knownCurveParams")
public void knownCurves(ArgumentsAccessor arguments) throws GeneralSecurityException {
for (final Object name : arguments.toArray()) {
ECGenParameterSpec spec = new ECGenParameterSpec((String) name);
nativeGen.initialize(spec);
KeyPair nativePair = nativeGen.generateKeyPair();
jceGen.initialize(spec);
KeyPair jcePair = jceGen.generateKeyPair();
final ECParameterSpec jceParams = ((ECPublicKey) jcePair.getPublic()).getParams();
final ECParameterSpec nativeParams = ((ECPublicKey) nativePair.getPublic()).getParams();
assertECEquals((String) name, jceParams, nativeParams);
// Ensure we can construct the curve using raw numbers rather than the name
nativeGen.initialize(jceParams);
nativePair = nativeGen.generateKeyPair();
assertECEquals(name + "-explicit", jceParams, nativeParams);
final SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(nativePair.getPublic().getEncoded());
ASN1Encodable algorithmParameters = publicKeyInfo.getAlgorithm().getParameters();
assertTrue(algorithmParameters instanceof ASN1ObjectIdentifier, "Public key uses named curve");
// PKCS #8 = SEQ [ Integer, AlgorithmIdentifier, Octet String, ???]
// AlgorithmIdentifier = SEQ [ OID, {OID | SEQ}]
final ASN1Sequence p8 = ASN1Sequence.getInstance(nativePair.getPrivate().getEncoded());
final ASN1Sequence algIdentifier = (ASN1Sequence) p8.getObjectAt(1);
assertTrue(algIdentifier.getObjectAt(1) instanceof ASN1ObjectIdentifier, "Private key uses named curve");
// Check encoding/decoding
Key bouncedKey = KEY_FACTORY.generatePublic(new X509EncodedKeySpec(nativePair.getPublic().getEncoded()));
assertEquals(nativePair.getPublic(), bouncedKey, "Public key survives encoding");
bouncedKey = KEY_FACTORY.generatePrivate(new PKCS8EncodedKeySpec(nativePair.getPrivate().getEncoded()));
assertEquals(nativePair.getPrivate(), bouncedKey, "Private key survives encoding");
}
}
Aggregations