Example 86 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class McElieceKeyFactorySpi method engineGeneratePrivate.
/**
* Converts, if possible, a key specification into a {@link BCMcEliecePrivateKey}.
*
* @param keySpec the key specification
* @return the McEliece private key
* @throws InvalidKeySpecException if the KeySpec is not supported.
*/
protected PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
if (keySpec instanceof PKCS8EncodedKeySpec) {
// get the DER-encoded Key according to PKCS#8 from the spec
byte[] encKey = ((PKCS8EncodedKeySpec) keySpec).getEncoded();
// decode the PKCS#8 data structure to the pki object
PrivateKeyInfo pki;
try {
pki = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
} catch (IOException e) {
throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec: " + e);
}
try {
if (PQCObjectIdentifiers.mcEliece.equals(pki.getPrivateKeyAlgorithm().getAlgorithm())) {
McEliecePrivateKey key = McEliecePrivateKey.getInstance(pki.parsePrivateKey());
return new BCMcEliecePrivateKey(new McEliecePrivateKeyParameters(key.getN(), key.getK(), key.getField(), key.getGoppaPoly(), key.getP1(), key.getP2(), key.getSInv()));
} else {
throw new InvalidKeySpecException("Unable to recognise OID in McEliece private key");
}
} catch (IOException cce) {
throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec.");
}
}
throw new InvalidKeySpecException("Unsupported key specification: " + keySpec.getClass() + ".");
}
Also used :
McEliecePrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.mceliece.McEliecePrivateKeyParameters)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
IOException(java.io.IOException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)
McEliecePrivateKey(com.github.zhenwei.core.pqc.asn1.McEliecePrivateKey)
Example 87 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class BCRainbowPrivateKey method getEncoded.
public byte[] getEncoded() {
RainbowPrivateKey privateKey = new RainbowPrivateKey(A1inv, b1, A2inv, b2, vi, layers);
PrivateKeyInfo pki;
try {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.rainbow, DERNull.INSTANCE);
pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
} catch (IOException e) {
return null;
}
try {
byte[] encoded = pki.getEncoded();
return encoded;
} catch (IOException e) {
return null;
}
}
Also used :
RainbowPrivateKey(com.github.zhenwei.core.pqc.asn1.RainbowPrivateKey)
IOException(java.io.IOException)
PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Example 88 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class PrivateKeyInfoFactory method createPrivateKeyInfo.
/**
* Create a PrivateKeyInfo representation of a private key with attributes.
*
* @param privateKey the key to be encoded into the info object.
* @param attributes the set of attributes to be included.
* @return the appropriate PrivateKeyInfo
* @throws IOException on an error encoding the key
*/
public static PrivateKeyInfo createPrivateKeyInfo(AsymmetricKeyParameter privateKey, ASN1Set attributes) throws IOException {
if (privateKey instanceof QTESLAPrivateKeyParameters) {
QTESLAPrivateKeyParameters keyParams = (QTESLAPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = Utils.qTeslaLookupAlgID(keyParams.getSecurityCategory());
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(keyParams.getSecret()), attributes);
} else if (privateKey instanceof SPHINCSPrivateKeyParameters) {
SPHINCSPrivateKeyParameters params = (SPHINCSPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256, new SPHINCS256KeyParams(Utils.sphincs256LookupTreeAlgID(params.getTreeDigest())));
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(params.getKeyData()));
} else if (privateKey instanceof NHPrivateKeyParameters) {
NHPrivateKeyParameters params = (NHPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.newHope);
short[] privateKeyData = params.getSecData();
byte[] octets = new byte[privateKeyData.length * 2];
for (int i = 0; i != privateKeyData.length; i++) {
Pack.shortToLittleEndian(privateKeyData[i], octets, i * 2);
}
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(octets));
} else if (privateKey instanceof LMSPrivateKeyParameters) {
LMSPrivateKeyParameters params = (LMSPrivateKeyParameters) privateKey;
byte[] encoding = Composer.compose().u32str(1).bytes(params).build();
byte[] pubEncoding = Composer.compose().u32str(1).bytes(params.getPublicKey()).build();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(encoding), attributes, pubEncoding);
} else if (privateKey instanceof HSSPrivateKeyParameters) {
HSSPrivateKeyParameters params = (HSSPrivateKeyParameters) privateKey;
byte[] encoding = Composer.compose().u32str(params.getL()).bytes(params).build();
byte[] pubEncoding = Composer.compose().u32str(params.getL()).bytes(params.getPublicKey().getLMSPublicKey()).build();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(encoding), attributes, pubEncoding);
} else if (privateKey instanceof XMSSPrivateKeyParameters) {
XMSSPrivateKeyParameters keyParams = (XMSSPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss, new XMSSKeyParams(keyParams.getParameters().getHeight(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
return new PrivateKeyInfo(algorithmIdentifier, xmssCreateKeyStructure(keyParams), attributes);
} else if (privateKey instanceof XMSSMTPrivateKeyParameters) {
XMSSMTPrivateKeyParameters keyParams = (XMSSMTPrivateKeyParameters) privateKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss_mt, new XMSSMTKeyParams(keyParams.getParameters().getHeight(), keyParams.getParameters().getLayers(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
return new PrivateKeyInfo(algorithmIdentifier, xmssmtCreateKeyStructure(keyParams), attributes);
} else if (privateKey instanceof McElieceCCA2PrivateKeyParameters) {
McElieceCCA2PrivateKeyParameters priv = (McElieceCCA2PrivateKeyParameters) privateKey;
McElieceCCA2PrivateKey mcEliecePriv = new McElieceCCA2PrivateKey(priv.getN(), priv.getK(), priv.getField(), priv.getGoppaPoly(), priv.getP(), Utils.getAlgorithmIdentifier(priv.getDigest()));
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcElieceCca2);
return new PrivateKeyInfo(algorithmIdentifier, mcEliecePriv);
} else {
throw new IOException("key parameters not recognized");
}
}
Also used :
XMSSKeyParams(com.github.zhenwei.core.pqc.asn1.XMSSKeyParams)
McElieceCCA2PrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.mceliece.McElieceCCA2PrivateKeyParameters)
QTESLAPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.qtesla.QTESLAPrivateKeyParameters)
NHPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.newhope.NHPrivateKeyParameters)
McElieceCCA2PrivateKey(com.github.zhenwei.core.pqc.asn1.McElieceCCA2PrivateKey)
SPHINCSPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.sphincs.SPHINCSPrivateKeyParameters)
HSSPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.lms.HSSPrivateKeyParameters)
IOException(java.io.IOException)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
SPHINCS256KeyParams(com.github.zhenwei.core.pqc.asn1.SPHINCS256KeyParams)
LMSPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.lms.LMSPrivateKeyParameters)
XMSSPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.xmss.XMSSPrivateKeyParameters)
XMSSMTKeyParams(com.github.zhenwei.core.pqc.asn1.XMSSMTKeyParams)
PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)
XMSSMTPrivateKeyParameters(com.github.zhenwei.core.pqc.crypto.xmss.XMSSMTPrivateKeyParameters)
Example 89 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class EncryptedValueBuilder method build.
/**
* Build an EncryptedValue structure containing the private key contained in the passed info
* structure.
*
* @param privateKeyInfo a PKCS#8 private key info structure.
* @return an EncryptedValue containing an EncryptedPrivateKeyInfo structure.
* @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this
* value.
*/
public EncryptedValue build(PrivateKeyInfo privateKeyInfo) throws CRMFException {
PKCS8EncryptedPrivateKeyInfoBuilder encInfoBldr = new PKCS8EncryptedPrivateKeyInfoBuilder(privateKeyInfo);
AlgorithmIdentifier intendedAlg = privateKeyInfo.getPrivateKeyAlgorithm();
AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier();
DERBitString encSymmKey;
try {
PKCS8EncryptedPrivateKeyInfo encInfo = encInfoBldr.build(encryptor);
encSymmKey = new DERBitString(wrapper.generateWrappedKey(encryptor.getKey()));
AlgorithmIdentifier keyAlg = wrapper.getAlgorithmIdentifier();
ASN1OctetString valueHint = null;
return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, new DERBitString(encInfo.getEncryptedData()));
} catch (IllegalStateException e) {
throw new CRMFException("cannot encode key: " + e.getMessage(), e);
} catch (OperatorException e) {
throw new CRMFException("cannot wrap key: " + e.getMessage(), e);
}
}
Also used :
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
PKCS8EncryptedPrivateKeyInfoBuilder(com.github.zhenwei.pkix.pkcs.PKCS8EncryptedPrivateKeyInfoBuilder)
DERBitString(com.github.zhenwei.core.asn1.DERBitString)
PKCS8EncryptedPrivateKeyInfo(com.github.zhenwei.pkix.pkcs.PKCS8EncryptedPrivateKeyInfo)
EncryptedValue(com.github.zhenwei.pkix.util.asn1.crmf.EncryptedValue)
OperatorException(com.github.zhenwei.pkix.operator.OperatorException)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Example 90 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.
the class JcaPKIXIdentityBuilder method build.
/**
* Build an identity from the passed in key and certificate stream in PEM format.
*
* @param keyStream the PEM stream containing the key
* @param certificateStream the PEM stream containing the certificate
* @return an identity object.
* @throws IOException on a general parsing error.
* @throws CertificateException on a certificate parsing error.
*/
public JcaPKIXIdentity build(InputStream keyStream, InputStream certificateStream) throws IOException, CertificateException {
PEMParser keyParser = new PEMParser(new InputStreamReader(keyStream));
PrivateKey privKey;
Object keyObj = keyParser.readObject();
if (keyObj instanceof PEMKeyPair) {
PEMKeyPair kp = (PEMKeyPair) keyObj;
privKey = keyConverter.getPrivateKey(kp.getPrivateKeyInfo());
} else if (keyObj instanceof PrivateKeyInfo) {
privKey = keyConverter.getPrivateKey((PrivateKeyInfo) keyObj);
} else {
// TODO: handle encrypted private keys
throw new IOException("unrecognised private key file");
}
PEMParser certParser = new PEMParser(new InputStreamReader(certificateStream));
List certs = new ArrayList();
Object certObj;
while ((certObj = certParser.readObject()) != null) {
certs.add(certConverter.getCertificate((X509CertificateHolder) certObj));
}
return new JcaPKIXIdentity(privKey, (X509Certificate[]) certs.toArray(new X509Certificate[certs.size()]));
}
Also used :
PrivateKey(java.security.PrivateKey)
PEMParser(com.github.zhenwei.pkix.openssl.PEMParser)
InputStreamReader(java.io.InputStreamReader)
JcaPKIXIdentity(com.github.zhenwei.pkix.jcajce.JcaPKIXIdentity)
X509CertificateHolder(com.github.zhenwei.pkix.cert.X509CertificateHolder)
ArrayList(java.util.ArrayList)
PEMKeyPair(com.github.zhenwei.pkix.openssl.PEMKeyPair)
ArrayList(java.util.ArrayList)
List(java.util.List)
IOException(java.io.IOException)
PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)138
IOException (java.io.IOException)95
JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)66
PEMParser (org.bouncycastle.openssl.PEMParser)62
PrivateKey (java.security.PrivateKey)48
PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)41
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)35
PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)35
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)33
InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)27
PrivateKeyInfo (com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)26
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)26
KeyFactory (java.security.KeyFactory)23
JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)21
StringReader (java.io.StringReader)20
BigInteger (java.math.BigInteger)20
KeyPair (java.security.KeyPair)20
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)18
ByteArrayInputStream (java.io.ByteArrayInputStream)18
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)18
