Example 11 with DSAParameter
use of com.github.zhenwei.core.asn1.x509.DSAParameter in project robovm by robovm.
the class AlgorithmParametersSpi method engineInit.
protected void engineInit(byte[] params) throws IOException {
try {
DSAParameter dsaP = DSAParameter.getInstance(ASN1Primitive.fromByteArray(params));
currentSpec = new DSAParameterSpec(dsaP.getP(), dsaP.getQ(), dsaP.getG());
} catch (ClassCastException e) {
throw new IOException("Not a valid DSA Parameter encoding.");
} catch (ArrayIndexOutOfBoundsException e) {
throw new IOException("Not a valid DSA Parameter encoding.");
}
}
Also used :
DSAParameterSpec(java.security.spec.DSAParameterSpec)
DSAParameter(org.bouncycastle.asn1.x509.DSAParameter)
IOException(java.io.IOException)
Example 12 with DSAParameter
use of com.github.zhenwei.core.asn1.x509.DSAParameter in project xipki by xipki.
the class SoftwareKeypairGenerator method generateKeypair0.
private PrivateKeyInfo generateKeypair0(String keyspec) throws Exception {
String[] tokens = keyspec.split("/");
String type = tokens[0].toUpperCase(Locale.ROOT);
switch(type) {
case "RSA":
{
int keysize = Integer.parseInt(tokens[1]);
if (keysize > 4096) {
throw new XiSecurityException("keysize too large");
}
KeyPair kp = KeyUtil.generateRSAKeypair(keysize, rsaE, random);
java.security.interfaces.RSAPublicKey rsaPubKey = (java.security.interfaces.RSAPublicKey) kp.getPublic();
return KeyUtil.toPrivateKeyInfo((RSAPrivateCrtKey) kp.getPrivate());
}
case "EC":
{
ASN1ObjectIdentifier curveOid = new ASN1ObjectIdentifier(tokens[1]);
KeyPair kp = KeyUtil.generateECKeypair(curveOid, random);
ECPublicKey pub = (ECPublicKey) kp.getPublic();
int orderBitLength = pub.getParams().getOrder().bitLength();
byte[] publicKey = KeyUtil.getUncompressedEncodedECPoint(pub.getW(), orderBitLength);
/*
* ECPrivateKey ::= SEQUENCE {
* Version INTEGER { ecPrivkeyVer1(1) }
* (ecPrivkeyVer1),
* privateKey OCTET STRING,
* parameters [0] Parameters OPTIONAL,
* publicKey [1] BIT STRING OPTIONAL
* }
*
* Since the EC domain parameters are placed in the PKCS#8’s privateKeyAlgorithm field,
* the optional parameters field in an ECPrivateKey must be omitted. A Cryptoki
* application must be able to unwrap an ECPrivateKey that contains the optional publicKey
* field; however, what is done with this publicKey field is outside the scope of
* Cryptoki.
*/
ECPrivateKey priv = (ECPrivateKey) kp.getPrivate();
return new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, curveOid), new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, priv.getS(), new DERBitString(publicKey), null));
}
case "DSA":
{
int pLength = Integer.parseInt(tokens[1]);
int qLength = Integer.parseInt(tokens[2]);
DSAParameterSpec spec = DSAParameterCache.getDSAParameterSpec(pLength, qLength, null);
KeyPair kp = KeyUtil.generateDSAKeypair(spec, random);
DSAParameter parameter = new DSAParameter(spec.getP(), spec.getQ(), spec.getG());
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, parameter);
byte[] publicKey = new ASN1Integer(((DSAPublicKey) kp.getPublic()).getY()).getEncoded();
// DSA private keys are represented as BER-encoded ASN.1 type INTEGER.
DSAPrivateKey priv = (DSAPrivateKey) kp.getPrivate();
return new PrivateKeyInfo(algId, new ASN1Integer(priv.getX()), null, publicKey);
}
case "ED25519":
case "ED448":
case "X25519":
case "X448":
{
ASN1ObjectIdentifier curveId = EdECConstants.getCurveOid(keyspec);
KeyPair kp = KeyUtil.generateEdECKeypair(curveId, random);
return PrivateKeyInfo.getInstance(kp.getPrivate().getEncoded());
}
default:
{
throw new IllegalArgumentException("unknown keyspec " + keyspec);
}
}
}
Also used :
DSAParameterSpec(java.security.spec.DSAParameterSpec)
KeyPair(java.security.KeyPair)
java.security.interfaces(java.security.interfaces)
DERBitString(org.bouncycastle.asn1.DERBitString)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
XiSecurityException(org.xipki.security.XiSecurityException)
DSAParameter(org.bouncycastle.asn1.x509.DSAParameter)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
Example 13 with DSAParameter
use of com.github.zhenwei.core.asn1.x509.DSAParameter in project xipki by xipki.
the class IaikP11Slot method generateDSAKeypairOtf0.
// method generateDSAKeypair0
@Override
protected PrivateKeyInfo generateDSAKeypairOtf0(BigInteger p, BigInteger q, BigInteger g) throws P11TokenException {
DSAPublicKey publicKeyTemplate = new DSAPublicKey();
publicKeyTemplate.getPrime().setByteArrayValue(Util.unsignedBigIntergerToByteArray(p));
publicKeyTemplate.getSubprime().setByteArrayValue(Util.unsignedBigIntergerToByteArray(q));
publicKeyTemplate.getBase().setByteArrayValue(Util.unsignedBigIntergerToByteArray(g));
DSAPrivateKey privateKeyTemplate = new DSAPrivateKey();
setPrivateKeyAttrsOtf(privateKeyTemplate);
long mech = CKM_DSA_KEY_PAIR_GEN;
ConcurrentBagEntry<Session> bagEntry = borrowSession();
try {
Session session = bagEntry.value();
KeyPair keypair = null;
try {
DSAParameter parameter = new DSAParameter(p, q, g);
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, parameter);
keypair = session.generateKeyPair(Mechanism.get(mech), publicKeyTemplate, privateKeyTemplate);
DSAPrivateKey sk = (DSAPrivateKey) keypair.getPrivateKey();
DSAPublicKey pk = (DSAPublicKey) keypair.getPublicKey();
// y
BigInteger value = toBigInt(pk.getValue());
byte[] publicKey = new ASN1Integer(value).getEncoded();
return new PrivateKeyInfo(algId, // x
new ASN1Integer(toBigInt(sk.getValue())), null, publicKey);
} catch (TokenException | IOException ex) {
throw new P11TokenException("could not generate keypair " + Functions.mechanismCodeToString(mech), ex);
} finally {
if (keypair != null) {
destroyObject(session, keypair.getPrivateKey());
destroyObject(session, keypair.getPublicKey());
}
}
} finally {
sessions.requite(bagEntry);
}
}
Also used :
IOException(java.io.IOException)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
BigInteger(java.math.BigInteger)
DSAParameter(org.bouncycastle.asn1.x509.DSAParameter)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
Example 14 with DSAParameter
use of com.github.zhenwei.core.asn1.x509.DSAParameter in project BiglyBT by BiglySoftware.
the class PEMWriter method writeObject.
public void writeObject(Object o) throws IOException {
String type;
byte[] encoding;
if (o instanceof X509Certificate) {
type = "CERTIFICATE";
try {
encoding = ((X509Certificate) o).getEncoded();
} catch (CertificateEncodingException e) {
throw new IOException("Cannot encode object: " + e.toString());
}
} else if (o instanceof X509CRL) {
type = "X509 CRL";
try {
encoding = ((X509CRL) o).getEncoded();
} catch (CRLException e) {
throw new IOException("Cannot encode object: " + e.toString());
}
} else if (o instanceof KeyPair) {
writeObject(((KeyPair) o).getPrivate());
return;
} else if (o instanceof PrivateKey) {
PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) ASN1Object.fromByteArray(((Key) o).getEncoded()));
if (o instanceof RSAPrivateKey) {
type = "RSA PRIVATE KEY";
encoding = info.getPrivateKey().getEncoded();
} else if (o instanceof DSAPrivateKey) {
type = "DSA PRIVATE KEY";
DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters());
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(p.getP()));
v.add(new DERInteger(p.getQ()));
v.add(new DERInteger(p.getG()));
BigInteger x = ((DSAPrivateKey) o).getX();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new DERInteger(y));
v.add(new DERInteger(x));
encoding = new DERSequence(v).getEncoded();
} else {
throw new IOException("Cannot identify private key");
}
} else if (o instanceof PublicKey) {
type = "PUBLIC KEY";
encoding = ((PublicKey) o).getEncoded();
} else if (o instanceof X509AttributeCertificate) {
type = "ATTRIBUTE CERTIFICATE";
encoding = ((X509V2AttributeCertificate) o).getEncoded();
} else if (o instanceof PKCS10CertificationRequest) {
type = "CERTIFICATE REQUEST";
encoding = ((PKCS10CertificationRequest) o).getEncoded();
} else if (o instanceof ContentInfo) {
type = "PKCS7";
encoding = ((ContentInfo) o).getEncoded();
} else {
throw new IOException("unknown object passed - can't encode.");
}
writeHeader(type);
writeEncoded(encoding);
writeFooter(type);
}
Also used :
PKCS10CertificationRequest(org.gudy.bouncycastle.jce.PKCS10CertificationRequest)
X509CRL(java.security.cert.X509CRL)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
X509AttributeCertificate(org.gudy.bouncycastle.x509.X509AttributeCertificate)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
X509V2AttributeCertificate(org.gudy.bouncycastle.x509.X509V2AttributeCertificate)
X509Certificate(java.security.cert.X509Certificate)
ContentInfo(org.gudy.bouncycastle.asn1.cms.ContentInfo)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
BigInteger(java.math.BigInteger)
DSAParameter(org.gudy.bouncycastle.asn1.x509.DSAParameter)
CRLException(java.security.cert.CRLException)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
PrivateKeyInfo(org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey)
Example 15 with DSAParameter
use of com.github.zhenwei.core.asn1.x509.DSAParameter in project jruby-openssl by jruby.
the class PEMInputOutput method writeDSAPrivateKey.
public static void writeDSAPrivateKey(Writer _out, DSAPrivateKey obj, CipherSpec cipher, char[] passwd) throws IOException {
BufferedWriter out = makeBuffered(_out);
PrivateKeyInfo info = PrivateKeyInfo.getInstance(new ASN1InputStream(getEncoded(obj)).readObject());
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
ASN1OutputStream aOut = new ASN1OutputStream(bOut);
DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new ASN1Integer(BigInteger.ZERO));
v.add(new ASN1Integer(p.getP()));
v.add(new ASN1Integer(p.getQ()));
v.add(new ASN1Integer(p.getG()));
BigInteger x = obj.getX();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new ASN1Integer(y));
v.add(new ASN1Integer(x));
aOut.writeObject(new DLSequence(v));
if (cipher != null && passwd != null) {
writePemEncrypted(out, PEM_STRING_DSA, bOut.buffer(), bOut.size(), cipher, passwd);
} else {
writePemPlain(out, PEM_STRING_DSA, bOut.buffer(), bOut.size());
}
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
DLSequence(org.bouncycastle.asn1.DLSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
BigInteger(java.math.BigInteger)
ByteArrayOutputStream(org.jruby.ext.openssl.util.ByteArrayOutputStream)
DSAParameter(org.bouncycastle.asn1.x509.DSAParameter)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
ASN1OutputStream(org.bouncycastle.asn1.ASN1OutputStream)
EncryptedPrivateKeyInfo(org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
BufferedWriter(java.io.BufferedWriter)
Aggregations
DSAParameter (org.bouncycastle.asn1.x509.DSAParameter)13
BigInteger (java.math.BigInteger)12
IOException (java.io.IOException)9
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)9
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)8
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)8
DSAParameter (com.github.zhenwei.core.asn1.x509.DSAParameter)5
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)5
DSAParameters (org.bouncycastle.crypto.params.DSAParameters)5
ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)4
ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)4
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)4
DHParameter (org.bouncycastle.asn1.pkcs.DHParameter)4
X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)4
X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)4
DHParameters (org.bouncycastle.crypto.params.DHParameters)4
ECDomainParameters (org.bouncycastle.crypto.params.ECDomainParameters)4
ASN1Encodable (com.github.zhenwei.core.asn1.ASN1Encodable)3
GOST3410PublicKeyAlgParameters (com.github.zhenwei.core.asn1.cryptopro.GOST3410PublicKeyAlgParameters)3
DSAParameterSpec (java.security.spec.DSAParameterSpec)3
