use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class McElieceKeyFactorySpi method engineGeneratePrivate.
/**
* Converts, if possible, a key specification into a {@link BCMcEliecePrivateKey}.
*
* @param keySpec the key specification
* @return the McEliece private key
* @throws InvalidKeySpecException if the KeySpec is not supported.
*/
protected PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
if (keySpec instanceof PKCS8EncodedKeySpec) {
// get the DER-encoded Key according to PKCS#8 from the spec
byte[] encKey = ((PKCS8EncodedKeySpec) keySpec).getEncoded();
// decode the PKCS#8 data structure to the pki object
PrivateKeyInfo pki;
try {
pki = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
} catch (IOException e) {
throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec: " + e);
}
try {
if (PQCObjectIdentifiers.mcEliece.equals(pki.getPrivateKeyAlgorithm().getAlgorithm())) {
McEliecePrivateKey key = McEliecePrivateKey.getInstance(pki.parsePrivateKey());
return new BCMcEliecePrivateKey(new McEliecePrivateKeyParameters(key.getN(), key.getK(), key.getField(), key.getGoppaPoly(), key.getP1(), key.getP2(), key.getSInv()));
} else {
throw new InvalidKeySpecException("Unable to recognise OID in McEliece private key");
}
} catch (IOException cce) {
throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec.");
}
}
throw new InvalidKeySpecException("Unsupported key specification: " + keySpec.getClass() + ".");
}
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class BCRainbowPrivateKey method getEncoded.
public byte[] getEncoded() {
RainbowPrivateKey privateKey = new RainbowPrivateKey(A1inv, b1, A2inv, b2, vi, layers);
PrivateKeyInfo pki;
try {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.rainbow, DERNull.INSTANCE);
pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
} catch (IOException e) {
return null;
}
try {
byte[] encoded = pki.getEncoded();
return encoded;
} catch (IOException e) {
return null;
}
}
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class PrivateKeyInfoFactory method createPrivateKeyInfo.
/**
* Create a PrivateKeyInfo representation of a private key with attributes.
*
* @param privateKey the key to be encoded into the info object.
* @param attributes the set of attributes to be included.
* @return the appropriate PrivateKeyInfo
* @throws IOException on an error encoding the key
*/
public static PrivateKeyInfo createPrivateKeyInfo(AsymmetricKeyParameter privateKey, ASN1Set attributes) throws IOException {
if (privateKey instanceof QTESLAPrivateKeyParameters) {
QTESLAPrivateKeyParameters keyParams = (QTESLAPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = Utils.qTeslaLookupAlgID(keyParams.getSecurityCategory());
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(keyParams.getSecret()), attributes);
} else if (privateKey instanceof SPHINCSPrivateKeyParameters) {
SPHINCSPrivateKeyParameters params = (SPHINCSPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256, new SPHINCS256KeyParams(Utils.sphincs256LookupTreeAlgID(params.getTreeDigest())));
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(params.getKeyData()));
} else if (privateKey instanceof NHPrivateKeyParameters) {
NHPrivateKeyParameters params = (NHPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.newHope);
short[] privateKeyData = params.getSecData();
byte[] octets = new byte[privateKeyData.length * 2];
for (int i = 0; i != privateKeyData.length; i++) {
Pack.shortToLittleEndian(privateKeyData[i], octets, i * 2);
}
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(octets));
} else if (privateKey instanceof LMSPrivateKeyParameters) {
LMSPrivateKeyParameters params = (LMSPrivateKeyParameters) privateKey;
byte[] encoding = Composer.compose().u32str(1).bytes(params).build();
byte[] pubEncoding = Composer.compose().u32str(1).bytes(params.getPublicKey()).build();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(encoding), attributes, pubEncoding);
} else if (privateKey instanceof HSSPrivateKeyParameters) {
HSSPrivateKeyParameters params = (HSSPrivateKeyParameters) privateKey;
byte[] encoding = Composer.compose().u32str(params.getL()).bytes(params).build();
byte[] pubEncoding = Composer.compose().u32str(params.getL()).bytes(params.getPublicKey().getLMSPublicKey()).build();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(encoding), attributes, pubEncoding);
} else if (privateKey instanceof XMSSPrivateKeyParameters) {
XMSSPrivateKeyParameters keyParams = (XMSSPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss, new XMSSKeyParams(keyParams.getParameters().getHeight(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
return new PrivateKeyInfo(algorithmIdentifier, xmssCreateKeyStructure(keyParams), attributes);
} else if (privateKey instanceof XMSSMTPrivateKeyParameters) {
XMSSMTPrivateKeyParameters keyParams = (XMSSMTPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss_mt, new XMSSMTKeyParams(keyParams.getParameters().getHeight(), keyParams.getParameters().getLayers(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
return new PrivateKeyInfo(algorithmIdentifier, xmssmtCreateKeyStructure(keyParams), attributes);
} else if (privateKey instanceof McElieceCCA2PrivateKeyParameters) {
McElieceCCA2PrivateKeyParameters priv = (McElieceCCA2PrivateKeyParameters) privateKey;
McElieceCCA2PrivateKey mcEliecePriv = new McElieceCCA2PrivateKey(priv.getN(), priv.getK(), priv.getField(), priv.getGoppaPoly(), priv.getP(), Utils.getAlgorithmIdentifier(priv.getDigest()));
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcElieceCca2);
return new PrivateKeyInfo(algorithmIdentifier, mcEliecePriv);
} else {
throw new IOException("key parameters not recognized");
}
}
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class EncryptedValueBuilder method build.
/**
* Build an EncryptedValue structure containing the private key contained in the passed info
* structure.
*
* @param privateKeyInfo a PKCS#8 private key info structure.
* @return an EncryptedValue containing an EncryptedPrivateKeyInfo structure.
* @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this
* value.
*/
public EncryptedValue build(PrivateKeyInfo privateKeyInfo) throws CRMFException {
PKCS8EncryptedPrivateKeyInfoBuilder encInfoBldr = new PKCS8EncryptedPrivateKeyInfoBuilder(privateKeyInfo);
AlgorithmIdentifier intendedAlg = privateKeyInfo.getPrivateKeyAlgorithm();
AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier();
DERBitString encSymmKey;
try {
PKCS8EncryptedPrivateKeyInfo encInfo = encInfoBldr.build(encryptor);
encSymmKey = new DERBitString(wrapper.generateWrappedKey(encryptor.getKey()));
AlgorithmIdentifier keyAlg = wrapper.getAlgorithmIdentifier();
ASN1OctetString valueHint = null;
return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, new DERBitString(encInfo.getEncryptedData()));
} catch (IllegalStateException e) {
throw new CRMFException("cannot encode key: " + e.getMessage(), e);
} catch (OperatorException e) {
throw new CRMFException("cannot wrap key: " + e.getMessage(), e);
}
}
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class JcaPKIXIdentityBuilder method build.
/**
* Build an identity from the passed in key and certificate stream in PEM format.
*
* @param keyStream the PEM stream containing the key
* @param certificateStream the PEM stream containing the certificate
* @return an identity object.
* @throws IOException on a general parsing error.
* @throws CertificateException on a certificate parsing error.
*/
public JcaPKIXIdentity build(InputStream keyStream, InputStream certificateStream) throws IOException, CertificateException {
PEMParser keyParser = new PEMParser(new InputStreamReader(keyStream));
PrivateKey privKey;
Object keyObj = keyParser.readObject();
if (keyObj instanceof PEMKeyPair) {
PEMKeyPair kp = (PEMKeyPair) keyObj;
privKey = keyConverter.getPrivateKey(kp.getPrivateKeyInfo());
} else if (keyObj instanceof PrivateKeyInfo) {
privKey = keyConverter.getPrivateKey((PrivateKeyInfo) keyObj);
} else {
// TODO: handle encrypted private keys
throw new IOException("unrecognised private key file");
}
PEMParser certParser = new PEMParser(new InputStreamReader(certificateStream));
List certs = new ArrayList();
Object certObj;
while ((certObj = certParser.readObject()) != null) {
certs.add(certConverter.getCertificate((X509CertificateHolder) certObj));
}
return new JcaPKIXIdentity(privKey, (X509Certificate[]) certs.toArray(new X509Certificate[certs.size()]));
}
Aggregations