Search in sources :

Example 11 with DSAParameter

use of com.github.zhenwei.core.asn1.x509.DSAParameter in project robovm by robovm.

the class AlgorithmParametersSpi method engineInit.

protected void engineInit(byte[] params) throws IOException {
    try {
        DSAParameter dsaP = DSAParameter.getInstance(ASN1Primitive.fromByteArray(params));
        currentSpec = new DSAParameterSpec(dsaP.getP(), dsaP.getQ(), dsaP.getG());
    } catch (ClassCastException e) {
        throw new IOException("Not a valid DSA Parameter encoding.");
    } catch (ArrayIndexOutOfBoundsException e) {
        throw new IOException("Not a valid DSA Parameter encoding.");
    }
}
Also used : DSAParameterSpec(java.security.spec.DSAParameterSpec) DSAParameter(org.bouncycastle.asn1.x509.DSAParameter) IOException(java.io.IOException)

Example 12 with DSAParameter

use of com.github.zhenwei.core.asn1.x509.DSAParameter in project xipki by xipki.

the class SoftwareKeypairGenerator method generateKeypair0.

private PrivateKeyInfo generateKeypair0(String keyspec) throws Exception {
    String[] tokens = keyspec.split("/");
    String type = tokens[0].toUpperCase(Locale.ROOT);
    switch(type) {
        case "RSA":
            {
                int keysize = Integer.parseInt(tokens[1]);
                if (keysize > 4096) {
                    throw new XiSecurityException("keysize too large");
                }
                KeyPair kp = KeyUtil.generateRSAKeypair(keysize, rsaE, random);
                java.security.interfaces.RSAPublicKey rsaPubKey = (java.security.interfaces.RSAPublicKey) kp.getPublic();
                return KeyUtil.toPrivateKeyInfo((RSAPrivateCrtKey) kp.getPrivate());
            }
        case "EC":
            {
                ASN1ObjectIdentifier curveOid = new ASN1ObjectIdentifier(tokens[1]);
                KeyPair kp = KeyUtil.generateECKeypair(curveOid, random);
                ECPublicKey pub = (ECPublicKey) kp.getPublic();
                int orderBitLength = pub.getParams().getOrder().bitLength();
                byte[] publicKey = KeyUtil.getUncompressedEncodedECPoint(pub.getW(), orderBitLength);
                /*
         * ECPrivateKey ::= SEQUENCE {
         *   Version INTEGER { ecPrivkeyVer1(1) }
         *                   (ecPrivkeyVer1),
         *   privateKey      OCTET STRING,
         *   parameters [0]  Parameters OPTIONAL,
         *   publicKey  [1]  BIT STRING OPTIONAL
         * }
         *
         * Since the EC domain parameters are placed in the PKCS#8’s privateKeyAlgorithm field,
         * the optional parameters field in an ECPrivateKey must be omitted. A Cryptoki
         * application must be able to unwrap an ECPrivateKey that contains the optional publicKey
         * field; however, what is done with this publicKey field is outside the scope of
         * Cryptoki.
         */
                ECPrivateKey priv = (ECPrivateKey) kp.getPrivate();
                return new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, curveOid), new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, priv.getS(), new DERBitString(publicKey), null));
            }
        case "DSA":
            {
                int pLength = Integer.parseInt(tokens[1]);
                int qLength = Integer.parseInt(tokens[2]);
                DSAParameterSpec spec = DSAParameterCache.getDSAParameterSpec(pLength, qLength, null);
                KeyPair kp = KeyUtil.generateDSAKeypair(spec, random);
                DSAParameter parameter = new DSAParameter(spec.getP(), spec.getQ(), spec.getG());
                AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, parameter);
                byte[] publicKey = new ASN1Integer(((DSAPublicKey) kp.getPublic()).getY()).getEncoded();
                // DSA private keys are represented as BER-encoded ASN.1 type INTEGER.
                DSAPrivateKey priv = (DSAPrivateKey) kp.getPrivate();
                return new PrivateKeyInfo(algId, new ASN1Integer(priv.getX()), null, publicKey);
            }
        case "ED25519":
        case "ED448":
        case "X25519":
        case "X448":
            {
                ASN1ObjectIdentifier curveId = EdECConstants.getCurveOid(keyspec);
                KeyPair kp = KeyUtil.generateEdECKeypair(curveId, random);
                return PrivateKeyInfo.getInstance(kp.getPrivate().getEncoded());
            }
        default:
            {
                throw new IllegalArgumentException("unknown keyspec " + keyspec);
            }
    }
}
Also used : DSAParameterSpec(java.security.spec.DSAParameterSpec) KeyPair(java.security.KeyPair) java.security.interfaces(java.security.interfaces) DERBitString(org.bouncycastle.asn1.DERBitString) DERBitString(org.bouncycastle.asn1.DERBitString) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) XiSecurityException(org.xipki.security.XiSecurityException) DSAParameter(org.bouncycastle.asn1.x509.DSAParameter) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)

Example 13 with DSAParameter

use of com.github.zhenwei.core.asn1.x509.DSAParameter in project xipki by xipki.

the class IaikP11Slot method generateDSAKeypairOtf0.

// method generateDSAKeypair0
@Override
protected PrivateKeyInfo generateDSAKeypairOtf0(BigInteger p, BigInteger q, BigInteger g) throws P11TokenException {
    DSAPublicKey publicKeyTemplate = new DSAPublicKey();
    publicKeyTemplate.getPrime().setByteArrayValue(Util.unsignedBigIntergerToByteArray(p));
    publicKeyTemplate.getSubprime().setByteArrayValue(Util.unsignedBigIntergerToByteArray(q));
    publicKeyTemplate.getBase().setByteArrayValue(Util.unsignedBigIntergerToByteArray(g));
    DSAPrivateKey privateKeyTemplate = new DSAPrivateKey();
    setPrivateKeyAttrsOtf(privateKeyTemplate);
    long mech = CKM_DSA_KEY_PAIR_GEN;
    ConcurrentBagEntry<Session> bagEntry = borrowSession();
    try {
        Session session = bagEntry.value();
        KeyPair keypair = null;
        try {
            DSAParameter parameter = new DSAParameter(p, q, g);
            AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, parameter);
            keypair = session.generateKeyPair(Mechanism.get(mech), publicKeyTemplate, privateKeyTemplate);
            DSAPrivateKey sk = (DSAPrivateKey) keypair.getPrivateKey();
            DSAPublicKey pk = (DSAPublicKey) keypair.getPublicKey();
            // y
            BigInteger value = toBigInt(pk.getValue());
            byte[] publicKey = new ASN1Integer(value).getEncoded();
            return new PrivateKeyInfo(algId, // x
            new ASN1Integer(toBigInt(sk.getValue())), null, publicKey);
        } catch (TokenException | IOException ex) {
            throw new P11TokenException("could not generate keypair " + Functions.mechanismCodeToString(mech), ex);
        } finally {
            if (keypair != null) {
                destroyObject(session, keypair.getPrivateKey());
                destroyObject(session, keypair.getPublicKey());
            }
        }
    } finally {
        sessions.requite(bagEntry);
    }
}
Also used : IOException(java.io.IOException) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) BigInteger(java.math.BigInteger) DSAParameter(org.bouncycastle.asn1.x509.DSAParameter) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)

Example 14 with DSAParameter

use of com.github.zhenwei.core.asn1.x509.DSAParameter in project BiglyBT by BiglySoftware.

the class PEMWriter method writeObject.

public void writeObject(Object o) throws IOException {
    String type;
    byte[] encoding;
    if (o instanceof X509Certificate) {
        type = "CERTIFICATE";
        try {
            encoding = ((X509Certificate) o).getEncoded();
        } catch (CertificateEncodingException e) {
            throw new IOException("Cannot encode object: " + e.toString());
        }
    } else if (o instanceof X509CRL) {
        type = "X509 CRL";
        try {
            encoding = ((X509CRL) o).getEncoded();
        } catch (CRLException e) {
            throw new IOException("Cannot encode object: " + e.toString());
        }
    } else if (o instanceof KeyPair) {
        writeObject(((KeyPair) o).getPrivate());
        return;
    } else if (o instanceof PrivateKey) {
        PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) ASN1Object.fromByteArray(((Key) o).getEncoded()));
        if (o instanceof RSAPrivateKey) {
            type = "RSA PRIVATE KEY";
            encoding = info.getPrivateKey().getEncoded();
        } else if (o instanceof DSAPrivateKey) {
            type = "DSA PRIVATE KEY";
            DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters());
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new DERInteger(0));
            v.add(new DERInteger(p.getP()));
            v.add(new DERInteger(p.getQ()));
            v.add(new DERInteger(p.getG()));
            BigInteger x = ((DSAPrivateKey) o).getX();
            BigInteger y = p.getG().modPow(x, p.getP());
            v.add(new DERInteger(y));
            v.add(new DERInteger(x));
            encoding = new DERSequence(v).getEncoded();
        } else {
            throw new IOException("Cannot identify private key");
        }
    } else if (o instanceof PublicKey) {
        type = "PUBLIC KEY";
        encoding = ((PublicKey) o).getEncoded();
    } else if (o instanceof X509AttributeCertificate) {
        type = "ATTRIBUTE CERTIFICATE";
        encoding = ((X509V2AttributeCertificate) o).getEncoded();
    } else if (o instanceof PKCS10CertificationRequest) {
        type = "CERTIFICATE REQUEST";
        encoding = ((PKCS10CertificationRequest) o).getEncoded();
    } else if (o instanceof ContentInfo) {
        type = "PKCS7";
        encoding = ((ContentInfo) o).getEncoded();
    } else {
        throw new IOException("unknown object passed - can't encode.");
    }
    writeHeader(type);
    writeEncoded(encoding);
    writeFooter(type);
}
Also used : PKCS10CertificationRequest(org.gudy.bouncycastle.jce.PKCS10CertificationRequest) X509CRL(java.security.cert.X509CRL) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) X509AttributeCertificate(org.gudy.bouncycastle.x509.X509AttributeCertificate) CertificateEncodingException(java.security.cert.CertificateEncodingException) IOException(java.io.IOException) X509V2AttributeCertificate(org.gudy.bouncycastle.x509.X509V2AttributeCertificate) X509Certificate(java.security.cert.X509Certificate) ContentInfo(org.gudy.bouncycastle.asn1.cms.ContentInfo) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) BigInteger(java.math.BigInteger) DSAParameter(org.gudy.bouncycastle.asn1.x509.DSAParameter) CRLException(java.security.cert.CRLException) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKeyInfo(org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey)

Example 15 with DSAParameter

use of com.github.zhenwei.core.asn1.x509.DSAParameter in project jruby-openssl by jruby.

the class PEMInputOutput method writeDSAPrivateKey.

public static void writeDSAPrivateKey(Writer _out, DSAPrivateKey obj, CipherSpec cipher, char[] passwd) throws IOException {
    BufferedWriter out = makeBuffered(_out);
    PrivateKeyInfo info = PrivateKeyInfo.getInstance(new ASN1InputStream(getEncoded(obj)).readObject());
    ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    ASN1OutputStream aOut = new ASN1OutputStream(bOut);
    DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(new ASN1Integer(BigInteger.ZERO));
    v.add(new ASN1Integer(p.getP()));
    v.add(new ASN1Integer(p.getQ()));
    v.add(new ASN1Integer(p.getG()));
    BigInteger x = obj.getX();
    BigInteger y = p.getG().modPow(x, p.getP());
    v.add(new ASN1Integer(y));
    v.add(new ASN1Integer(x));
    aOut.writeObject(new DLSequence(v));
    if (cipher != null && passwd != null) {
        writePemEncrypted(out, PEM_STRING_DSA, bOut.buffer(), bOut.size(), cipher, passwd);
    } else {
        writePemPlain(out, PEM_STRING_DSA, bOut.buffer(), bOut.size());
    }
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DLSequence(org.bouncycastle.asn1.DLSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) BigInteger(java.math.BigInteger) ByteArrayOutputStream(org.jruby.ext.openssl.util.ByteArrayOutputStream) DSAParameter(org.bouncycastle.asn1.x509.DSAParameter) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) ASN1OutputStream(org.bouncycastle.asn1.ASN1OutputStream) EncryptedPrivateKeyInfo(org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) BufferedWriter(java.io.BufferedWriter)

Aggregations

DSAParameter (org.bouncycastle.asn1.x509.DSAParameter)13 BigInteger (java.math.BigInteger)12 IOException (java.io.IOException)9 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)9 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)8 PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)8 DSAParameter (com.github.zhenwei.core.asn1.x509.DSAParameter)5 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)5 DSAParameters (org.bouncycastle.crypto.params.DSAParameters)5 ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)4 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)4 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)4 DHParameter (org.bouncycastle.asn1.pkcs.DHParameter)4 X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)4 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)4 DHParameters (org.bouncycastle.crypto.params.DHParameters)4 ECDomainParameters (org.bouncycastle.crypto.params.ECDomainParameters)4 ASN1Encodable (com.github.zhenwei.core.asn1.ASN1Encodable)3 GOST3410PublicKeyAlgParameters (com.github.zhenwei.core.asn1.cryptopro.GOST3410PublicKeyAlgParameters)3 DSAParameterSpec (java.security.spec.DSAParameterSpec)3