Search in sources :

Example 11 with RSAPrivateKey

use of com.github.zhenwei.core.asn1.pkcs.RSAPrivateKey in project LinLong-Java by zhenwei1108.

the class OpenSSHPrivateKeyUtil method parsePrivateKeyBlob.

/**
 * Parse a private key.
 * <p>
 * This method accepts the body of the OpenSSH private key. The easiest way to extract the body is
 * to use PemReader, for example:
 * <p>
 * byte[] blob = new PemReader([reader]).readPemObject().getContent(); CipherParameters params =
 * parsePrivateKeyBlob(blob);
 *
 * @param blob The key.
 * @return A cipher parameters instance.
 */
public static AsymmetricKeyParameter parsePrivateKeyBlob(byte[] blob) {
    AsymmetricKeyParameter result = null;
    if (blob[0] == 0x30) {
        ASN1Sequence sequence = ASN1Sequence.getInstance(blob);
        if (sequence.size() == 6) {
            if (allIntegers(sequence) && ((ASN1Integer) sequence.getObjectAt(0)).getPositiveValue().equals(BigIntegers.ZERO)) {
                // length of 6 and all Integers -- DSA
                result = new DSAPrivateKeyParameters(((ASN1Integer) sequence.getObjectAt(5)).getPositiveValue(), new DSAParameters(((ASN1Integer) sequence.getObjectAt(1)).getPositiveValue(), ((ASN1Integer) sequence.getObjectAt(2)).getPositiveValue(), ((ASN1Integer) sequence.getObjectAt(3)).getPositiveValue()));
            }
        } else if (sequence.size() == 9) {
            if (allIntegers(sequence) && ((ASN1Integer) sequence.getObjectAt(0)).getPositiveValue().equals(BigIntegers.ZERO)) {
                // length of 8 and all Integers -- RSA
                RSAPrivateKey rsaPrivateKey = RSAPrivateKey.getInstance(sequence);
                result = new RSAPrivateCrtKeyParameters(rsaPrivateKey.getModulus(), rsaPrivateKey.getPublicExponent(), rsaPrivateKey.getPrivateExponent(), rsaPrivateKey.getPrime1(), rsaPrivateKey.getPrime2(), rsaPrivateKey.getExponent1(), rsaPrivateKey.getExponent2(), rsaPrivateKey.getCoefficient());
            }
        } else if (sequence.size() == 4) {
            if (sequence.getObjectAt(3) instanceof ASN1TaggedObject && sequence.getObjectAt(2) instanceof ASN1TaggedObject) {
                ECPrivateKey ecPrivateKey = ECPrivateKey.getInstance(sequence);
                ASN1ObjectIdentifier curveOID = ASN1ObjectIdentifier.getInstance(ecPrivateKey.getParametersObject());
                X9ECParameters x9Params = ECNamedCurveTable.getByOID(curveOID);
                result = new ECPrivateKeyParameters(ecPrivateKey.getKey(), new ECNamedDomainParameters(curveOID, x9Params));
            }
        }
    } else {
        SSHBuffer kIn = new SSHBuffer(AUTH_MAGIC, blob);
        String cipherName = kIn.readString();
        if (!"none".equals(cipherName)) {
            throw new IllegalStateException("encrypted keys not supported");
        }
        // KDF name
        kIn.skipBlock();
        // KDF options
        kIn.skipBlock();
        int publicKeyCount = kIn.readU32();
        if (publicKeyCount != 1) {
            throw new IllegalStateException("multiple keys not supported");
        }
        // Burn off public key.
        OpenSSHPublicKeyUtil.parsePublicKey(kIn.readBlock());
        byte[] privateKeyBlock = kIn.readPaddedBlock();
        if (kIn.hasRemaining()) {
            throw new IllegalArgumentException("decoded key has trailing data");
        }
        SSHBuffer pkIn = new SSHBuffer(privateKeyBlock);
        int check1 = pkIn.readU32();
        int check2 = pkIn.readU32();
        if (check1 != check2) {
            throw new IllegalStateException("private key check values are not the same");
        }
        String keyType = pkIn.readString();
        if ("ssh-ed25519".equals(keyType)) {
            // Public key
            pkIn.readBlock();
            // Private key value..
            byte[] edPrivateKey = pkIn.readBlock();
            if (edPrivateKey.length != Ed25519PrivateKeyParameters.KEY_SIZE + Ed25519PublicKeyParameters.KEY_SIZE) {
                throw new IllegalStateException("private key value of wrong length");
            }
            result = new Ed25519PrivateKeyParameters(edPrivateKey, 0);
        } else if (keyType.startsWith("ecdsa")) {
            ASN1ObjectIdentifier oid = SSHNamedCurves.getByName(Strings.fromByteArray(pkIn.readBlock()));
            if (oid == null) {
                throw new IllegalStateException("OID not found for: " + keyType);
            }
            X9ECParameters curveParams = NISTNamedCurves.getByOID(oid);
            if (curveParams == null) {
                throw new IllegalStateException("Curve not found for: " + oid);
            }
            // Skip public key.
            pkIn.readBlock();
            byte[] privKey = pkIn.readBlock();
            result = new ECPrivateKeyParameters(new BigInteger(1, privKey), new ECNamedDomainParameters(oid, curveParams));
        }
        // Comment for private key
        pkIn.skipBlock();
        if (pkIn.hasRemaining()) {
            throw new IllegalArgumentException("private key block has trailing data");
        }
    }
    if (result == null) {
        throw new IllegalArgumentException("unable to parse key");
    }
    return result;
}
Also used : ECPrivateKey(com.github.zhenwei.core.asn1.sec.ECPrivateKey) X9ECParameters(com.github.zhenwei.core.asn1.x9.X9ECParameters) ASN1TaggedObject(com.github.zhenwei.core.asn1.ASN1TaggedObject) ECNamedDomainParameters(com.github.zhenwei.core.crypto.params.ECNamedDomainParameters) ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer) Ed25519PrivateKeyParameters(com.github.zhenwei.core.crypto.params.Ed25519PrivateKeyParameters) ECPrivateKeyParameters(com.github.zhenwei.core.crypto.params.ECPrivateKeyParameters) ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence) AsymmetricKeyParameter(com.github.zhenwei.core.crypto.params.AsymmetricKeyParameter) DSAPrivateKeyParameters(com.github.zhenwei.core.crypto.params.DSAPrivateKeyParameters) BigInteger(java.math.BigInteger) DSAParameters(com.github.zhenwei.core.crypto.params.DSAParameters) RSAPrivateKey(com.github.zhenwei.core.asn1.pkcs.RSAPrivateKey) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) RSAPrivateCrtKeyParameters(com.github.zhenwei.core.crypto.params.RSAPrivateCrtKeyParameters)

Aggregations

RSAPrivateKey (org.bouncycastle.asn1.pkcs.RSAPrivateKey)6 ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)5 BigInteger (java.math.BigInteger)5 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)3 RSAPrivateKey (com.github.zhenwei.core.asn1.pkcs.RSAPrivateKey)3 ECPrivateKey (com.github.zhenwei.core.asn1.sec.ECPrivateKey)3 X9ECParameters (com.github.zhenwei.core.asn1.x9.X9ECParameters)3 DSAParameters (com.github.zhenwei.core.crypto.params.DSAParameters)3 DSAPrivateKeyParameters (com.github.zhenwei.core.crypto.params.DSAPrivateKeyParameters)3 ECNamedDomainParameters (com.github.zhenwei.core.crypto.params.ECNamedDomainParameters)3 ECPrivateKeyParameters (com.github.zhenwei.core.crypto.params.ECPrivateKeyParameters)3 Ed25519PrivateKeyParameters (com.github.zhenwei.core.crypto.params.Ed25519PrivateKeyParameters)3 RSAPrivateCrtKeyParameters (com.github.zhenwei.core.crypto.params.RSAPrivateCrtKeyParameters)3 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)3 ASN1Encodable (com.github.zhenwei.core.asn1.ASN1Encodable)2 ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)2 ASN1Sequence (com.github.zhenwei.core.asn1.ASN1Sequence)2 DERSequence (com.github.zhenwei.core.asn1.DERSequence)2 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)2 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)2