Search in sources :

Example 86 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class McElieceKeyFactorySpi method engineGeneratePrivate.

/**
 * Converts, if possible, a key specification into a {@link BCMcEliecePrivateKey}.
 *
 * @param keySpec the key specification
 * @return the McEliece private key
 * @throws InvalidKeySpecException if the KeySpec is not supported.
 */
protected PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
    if (keySpec instanceof PKCS8EncodedKeySpec) {
        // get the DER-encoded Key according to PKCS#8 from the spec
        byte[] encKey = ((PKCS8EncodedKeySpec) keySpec).getEncoded();
        // decode the PKCS#8 data structure to the pki object
        PrivateKeyInfo pki;
        try {
            pki = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
        } catch (IOException e) {
            throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec: " + e);
        }
        try {
            if (PQCObjectIdentifiers.mcEliece.equals(pki.getPrivateKeyAlgorithm().getAlgorithm())) {
                McEliecePrivateKey key = McEliecePrivateKey.getInstance(pki.parsePrivateKey());
                return new BCMcEliecePrivateKey(new McEliecePrivateKeyParameters(key.getN(), key.getK(), key.getField(), key.getGoppaPoly(), key.getP1(), key.getP2(), key.getSInv()));
            } else {
                throw new InvalidKeySpecException("Unable to recognise OID in McEliece private key");
            }
        } catch (IOException cce) {
            throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec.");
        }
    }
    throw new InvalidKeySpecException("Unsupported key specification: " + keySpec.getClass() + ".");
}
Also used : McEliecePrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.mceliece.McEliecePrivateKeyParameters) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) IOException(java.io.IOException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo) McEliecePrivateKey(com.github.zhenwei.core.pqc.asn1.McEliecePrivateKey)

Example 87 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class BCRainbowPrivateKey method getEncoded.

public byte[] getEncoded() {
    RainbowPrivateKey privateKey = new RainbowPrivateKey(A1inv, b1, A2inv, b2, vi, layers);
    PrivateKeyInfo pki;
    try {
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.rainbow, DERNull.INSTANCE);
        pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
    } catch (IOException e) {
        return null;
    }
    try {
        byte[] encoded = pki.getEncoded();
        return encoded;
    } catch (IOException e) {
        return null;
    }
}
Also used : RainbowPrivateKey(com.github.zhenwei.core.pqc.asn1.RainbowPrivateKey) IOException(java.io.IOException) PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 88 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class PrivateKeyInfoFactory method createPrivateKeyInfo.

/**
 * Create a PrivateKeyInfo representation of a private key with attributes.
 *
 * @param privateKey the key to be encoded into the info object.
 * @param attributes the set of attributes to be included.
 * @return the appropriate PrivateKeyInfo
 * @throws IOException on an error encoding the key
 */
public static PrivateKeyInfo createPrivateKeyInfo(AsymmetricKeyParameter privateKey, ASN1Set attributes) throws IOException {
    if (privateKey instanceof QTESLAPrivateKeyParameters) {
        QTESLAPrivateKeyParameters keyParams = (QTESLAPrivateKeyParameters) privateKey;
        AlgorithmIdentifier algorithmIdentifier = Utils.qTeslaLookupAlgID(keyParams.getSecurityCategory());
        return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(keyParams.getSecret()), attributes);
    } else if (privateKey instanceof SPHINCSPrivateKeyParameters) {
        SPHINCSPrivateKeyParameters params = (SPHINCSPrivateKeyParameters) privateKey;
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256, new SPHINCS256KeyParams(Utils.sphincs256LookupTreeAlgID(params.getTreeDigest())));
        return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(params.getKeyData()));
    } else if (privateKey instanceof NHPrivateKeyParameters) {
        NHPrivateKeyParameters params = (NHPrivateKeyParameters) privateKey;
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.newHope);
        short[] privateKeyData = params.getSecData();
        byte[] octets = new byte[privateKeyData.length * 2];
        for (int i = 0; i != privateKeyData.length; i++) {
            Pack.shortToLittleEndian(privateKeyData[i], octets, i * 2);
        }
        return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(octets));
    } else if (privateKey instanceof LMSPrivateKeyParameters) {
        LMSPrivateKeyParameters params = (LMSPrivateKeyParameters) privateKey;
        byte[] encoding = Composer.compose().u32str(1).bytes(params).build();
        byte[] pubEncoding = Composer.compose().u32str(1).bytes(params.getPublicKey()).build();
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
        return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(encoding), attributes, pubEncoding);
    } else if (privateKey instanceof HSSPrivateKeyParameters) {
        HSSPrivateKeyParameters params = (HSSPrivateKeyParameters) privateKey;
        byte[] encoding = Composer.compose().u32str(params.getL()).bytes(params).build();
        byte[] pubEncoding = Composer.compose().u32str(params.getL()).bytes(params.getPublicKey().getLMSPublicKey()).build();
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
        return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(encoding), attributes, pubEncoding);
    } else if (privateKey instanceof XMSSPrivateKeyParameters) {
        XMSSPrivateKeyParameters keyParams = (XMSSPrivateKeyParameters) privateKey;
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss, new XMSSKeyParams(keyParams.getParameters().getHeight(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
        return new PrivateKeyInfo(algorithmIdentifier, xmssCreateKeyStructure(keyParams), attributes);
    } else if (privateKey instanceof XMSSMTPrivateKeyParameters) {
        XMSSMTPrivateKeyParameters keyParams = (XMSSMTPrivateKeyParameters) privateKey;
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss_mt, new XMSSMTKeyParams(keyParams.getParameters().getHeight(), keyParams.getParameters().getLayers(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
        return new PrivateKeyInfo(algorithmIdentifier, xmssmtCreateKeyStructure(keyParams), attributes);
    } else if (privateKey instanceof McElieceCCA2PrivateKeyParameters) {
        McElieceCCA2PrivateKeyParameters priv = (McElieceCCA2PrivateKeyParameters) privateKey;
        McElieceCCA2PrivateKey mcEliecePriv = new McElieceCCA2PrivateKey(priv.getN(), priv.getK(), priv.getField(), priv.getGoppaPoly(), priv.getP(), Utils.getAlgorithmIdentifier(priv.getDigest()));
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcElieceCca2);
        return new PrivateKeyInfo(algorithmIdentifier, mcEliecePriv);
    } else {
        throw new IOException("key parameters not recognized");
    }
}
Also used : XMSSKeyParams(com.github.zhenwei.core.pqc.asn1.XMSSKeyParams) McElieceCCA2PrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.mceliece.McElieceCCA2PrivateKeyParameters) QTESLAPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.qtesla.QTESLAPrivateKeyParameters) NHPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.newhope.NHPrivateKeyParameters) McElieceCCA2PrivateKey(com.github.zhenwei.core.pqc.asn1.McElieceCCA2PrivateKey) SPHINCSPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.sphincs.SPHINCSPrivateKeyParameters) HSSPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.lms.HSSPrivateKeyParameters) IOException(java.io.IOException) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) SPHINCS256KeyParams(com.github.zhenwei.core.pqc.asn1.SPHINCS256KeyParams) LMSPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.lms.LMSPrivateKeyParameters) XMSSPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.xmss.XMSSPrivateKeyParameters) XMSSMTKeyParams(com.github.zhenwei.core.pqc.asn1.XMSSMTKeyParams) PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo) XMSSMTPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.xmss.XMSSMTPrivateKeyParameters)

Example 89 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class EncryptedValueBuilder method build.

/**
 * Build an EncryptedValue structure containing the private key contained in the passed info
 * structure.
 *
 * @param privateKeyInfo a PKCS#8 private key info structure.
 * @return an EncryptedValue containing an EncryptedPrivateKeyInfo structure.
 * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this
 *                       value.
 */
public EncryptedValue build(PrivateKeyInfo privateKeyInfo) throws CRMFException {
    PKCS8EncryptedPrivateKeyInfoBuilder encInfoBldr = new PKCS8EncryptedPrivateKeyInfoBuilder(privateKeyInfo);
    AlgorithmIdentifier intendedAlg = privateKeyInfo.getPrivateKeyAlgorithm();
    AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier();
    DERBitString encSymmKey;
    try {
        PKCS8EncryptedPrivateKeyInfo encInfo = encInfoBldr.build(encryptor);
        encSymmKey = new DERBitString(wrapper.generateWrappedKey(encryptor.getKey()));
        AlgorithmIdentifier keyAlg = wrapper.getAlgorithmIdentifier();
        ASN1OctetString valueHint = null;
        return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, new DERBitString(encInfo.getEncryptedData()));
    } catch (IllegalStateException e) {
        throw new CRMFException("cannot encode key: " + e.getMessage(), e);
    } catch (OperatorException e) {
        throw new CRMFException("cannot wrap key: " + e.getMessage(), e);
    }
}
Also used : ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) PKCS8EncryptedPrivateKeyInfoBuilder(com.github.zhenwei.pkix.pkcs.PKCS8EncryptedPrivateKeyInfoBuilder) DERBitString(com.github.zhenwei.core.asn1.DERBitString) PKCS8EncryptedPrivateKeyInfo(com.github.zhenwei.pkix.pkcs.PKCS8EncryptedPrivateKeyInfo) EncryptedValue(com.github.zhenwei.pkix.util.asn1.crmf.EncryptedValue) OperatorException(com.github.zhenwei.pkix.operator.OperatorException) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 90 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class JcaPKIXIdentityBuilder method build.

/**
 * Build an identity from the passed in key and certificate stream in PEM format.
 *
 * @param keyStream         the PEM stream containing the key
 * @param certificateStream the PEM stream containing the certificate
 * @return an identity object.
 * @throws IOException          on a general parsing error.
 * @throws CertificateException on a certificate parsing error.
 */
public JcaPKIXIdentity build(InputStream keyStream, InputStream certificateStream) throws IOException, CertificateException {
    PEMParser keyParser = new PEMParser(new InputStreamReader(keyStream));
    PrivateKey privKey;
    Object keyObj = keyParser.readObject();
    if (keyObj instanceof PEMKeyPair) {
        PEMKeyPair kp = (PEMKeyPair) keyObj;
        privKey = keyConverter.getPrivateKey(kp.getPrivateKeyInfo());
    } else if (keyObj instanceof PrivateKeyInfo) {
        privKey = keyConverter.getPrivateKey((PrivateKeyInfo) keyObj);
    } else {
        // TODO: handle encrypted private keys
        throw new IOException("unrecognised private key file");
    }
    PEMParser certParser = new PEMParser(new InputStreamReader(certificateStream));
    List certs = new ArrayList();
    Object certObj;
    while ((certObj = certParser.readObject()) != null) {
        certs.add(certConverter.getCertificate((X509CertificateHolder) certObj));
    }
    return new JcaPKIXIdentity(privKey, (X509Certificate[]) certs.toArray(new X509Certificate[certs.size()]));
}
Also used : PrivateKey(java.security.PrivateKey) PEMParser(com.github.zhenwei.pkix.openssl.PEMParser) InputStreamReader(java.io.InputStreamReader) JcaPKIXIdentity(com.github.zhenwei.pkix.jcajce.JcaPKIXIdentity) X509CertificateHolder(com.github.zhenwei.pkix.cert.X509CertificateHolder) ArrayList(java.util.ArrayList) PEMKeyPair(com.github.zhenwei.pkix.openssl.PEMKeyPair) ArrayList(java.util.ArrayList) List(java.util.List) IOException(java.io.IOException) PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo) X509Certificate(java.security.cert.X509Certificate)

Aggregations

PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)138 IOException (java.io.IOException)95 JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)66 PEMParser (org.bouncycastle.openssl.PEMParser)62 PrivateKey (java.security.PrivateKey)48 PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)41 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)35 PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)35 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)33 InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)27 PrivateKeyInfo (com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)26 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)26 KeyFactory (java.security.KeyFactory)23 JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)21 StringReader (java.io.StringReader)20 BigInteger (java.math.BigInteger)20 KeyPair (java.security.KeyPair)20 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)18 ByteArrayInputStream (java.io.ByteArrayInputStream)18 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)18