Search in sources :

Example 16 with ECDomainParameters

use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.

the class ECUtil method getDomainParameters.

public static ECDomainParameters getDomainParameters(ProviderConfiguration configuration, com.github.zhenwei.provider.jce.spec.ECParameterSpec params) {
    ECDomainParameters domainParameters;
    if (params instanceof ECNamedCurveParameterSpec) {
        ECNamedCurveParameterSpec nParams = (ECNamedCurveParameterSpec) params;
        ASN1ObjectIdentifier nameOid = ECUtil.getNamedCurveOid(nParams.getName());
        domainParameters = new ECNamedDomainParameters(nameOid, nParams.getCurve(), nParams.getG(), nParams.getN(), nParams.getH(), nParams.getSeed());
    } else if (params == null) {
        com.github.zhenwei.provider.jce.spec.ECParameterSpec iSpec = configuration.getEcImplicitlyCa();
        domainParameters = new ECDomainParameters(iSpec.getCurve(), iSpec.getG(), iSpec.getN(), iSpec.getH(), iSpec.getSeed());
    } else {
        domainParameters = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed());
    }
    return domainParameters;
}
Also used : ECDomainParameters(com.github.zhenwei.core.crypto.params.ECDomainParameters) ECParameterSpec(com.github.zhenwei.provider.jce.spec.ECParameterSpec) ECNamedCurveParameterSpec(com.github.zhenwei.provider.jce.spec.ECNamedCurveParameterSpec) ECNamedDomainParameters(com.github.zhenwei.core.crypto.params.ECNamedDomainParameters) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)

Example 17 with ECDomainParameters

use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.

the class JCEECPrivateKey method populateFromPrivKeyInfo.

private void populateFromPrivKeyInfo(PrivateKeyInfo info) throws IOException {
    X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
    if (params.isNamedCurve()) {
        ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
        X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
        if (// GOST Curve
        ecP == null) {
            ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
            EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
            ecSpec = new ECNamedCurveSpec(ECGOST3410NamedCurves.getName(oid), ellipticCurve, EC5Util.convertPoint(gParam.getG()), gParam.getN(), gParam.getH());
        } else {
            EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
            ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH());
        }
    } else if (params.isImplicitlyCA()) {
        ecSpec = null;
    } else {
        X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
        EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
        this.ecSpec = new ECParameterSpec(ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH().intValue());
    }
    ASN1Encodable privKey = info.parsePrivateKey();
    if (privKey instanceof ASN1Integer) {
        ASN1Integer derD = ASN1Integer.getInstance(privKey);
        this.d = derD.getValue();
    } else {
        ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) privKey);
        this.d = ec.getKey();
        this.publicKey = ec.getPublicKey();
    }
}
Also used : X962Parameters(com.github.zhenwei.core.asn1.x9.X962Parameters) ECDomainParameters(com.github.zhenwei.core.crypto.params.ECDomainParameters) X9ECParameters(com.github.zhenwei.core.asn1.x9.X9ECParameters) EllipticCurve(java.security.spec.EllipticCurve) ECParameterSpec(java.security.spec.ECParameterSpec) ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable) ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer) ECPrivateKeyStructure(com.github.zhenwei.core.asn1.sec.ECPrivateKeyStructure) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) ECNamedCurveSpec(com.github.zhenwei.provider.jce.spec.ECNamedCurveSpec)

Example 18 with ECDomainParameters

use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.

the class CertBuilder method generateCertificate.

/**
 * @param [dn, publicKey, privateKey]
 * @return java.security.cert.Certificate
 * @author zhangzhenwei
 * @description 生成证书
 * todo just support sm2
 * @date 2022/3/15  9:09 下午
 * @since: 1.0.0
 */
public static byte[] generateCertificate(String subjectDn, String issuerDn, PublicKey publicKey, PrivateKey privateKey, SignAlgEnum signAlgEnum, int time, TimeUnit timeUnit) throws WeGooCryptoException {
    try {
        SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
        // SubjectPublicKeyInfo publicKeyInfo = (SubjectPublicKeyInfo)publicKey;
        X500Name subject = new X500Name(subjectDn);
        X500Name issuer = new X500Name(issuerDn);
        byte[] bytes = new byte[15];
        Random random = new Random();
        random.nextBytes(bytes);
        byte[] bytes1 = ByteArrayUtil.mergeBytes("9".getBytes(StandardCharsets.UTF_8), bytes);
        BigInteger sn = new BigInteger(bytes1);
        Date notBefore = DateUtil.now();
        int max = Math.max(1, (int) timeUnit.toDays(time));
        Date notAfter = DateUtil.nowPlusDays(max);
        BcX509ExtensionUtils x509ExtensionUtils = new BcX509ExtensionUtils();
        // 密钥用途:  签名和不可抵赖
        int usage = KeyUsage.digitalSignature | KeyUsage.nonRepudiation;
        // 使用者标识符
        SubjectKeyIdentifier subjectKeyIdentifier = x509ExtensionUtils.createSubjectKeyIdentifier(publicKeyInfo);
        // 授权者标识符
        AuthorityKeyIdentifier authorityKeyIdentifier = x509ExtensionUtils.createAuthorityKeyIdentifier(publicKeyInfo);
        // 判断是否签发根证书
        if (subject.toString().equals(subject.toString())) {
            // 根证书 颁发者标识符
            authorityKeyIdentifier = x509ExtensionUtils.createAuthorityKeyIdentifier(publicKeyInfo);
            // 补充证书签名用途
            usage = usage | KeyUsage.keyCertSign;
        }
        X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, sn, notBefore, notAfter, subject, publicKeyInfo);
        // 增加扩展项
        Extension keyUsage = new Extension(Extension.keyUsage, false, new KeyUsage(usage).getEncoded());
        Extension subjectKeyId = new Extension(Extension.subjectKeyIdentifier, false, subjectKeyIdentifier.getEncoded());
        Extension authorityKeyId = new Extension(Extension.authorityKeyIdentifier, false, authorityKeyIdentifier.getEncoded());
        AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(signAlgEnum.getOid());
        AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(signAlgEnum.getDigestAlgEnum().getOid());
        builder.addExtension(keyUsage);
        builder.addExtension(subjectKeyId);
        builder.addExtension(authorityKeyId);
        X509CertificateHolder holder;
        BcContentSignerBuilder signerBuilder;
        AsymmetricKeyParameter keyParameters;
        if (publicKey.getAlgorithm().equals("EC")) {
            signerBuilder = new BcECContentSignerBuilder(sigAlgId, digAlgId);
            BCECPrivateKey key = (BCECPrivateKey) privateKey;
            ECParameterSpec parameters = key.getParameters();
            ECDomainParameters params = new ECDomainParameters(parameters.getCurve(), parameters.getG(), parameters.getN());
            keyParameters = new ECPrivateKeyParameters(key.getD(), params);
            holder = builder.build(signerBuilder.build(keyParameters));
        } else {
            BCRSAPrivateKey key = (BCRSAPrivateKey) privateKey;
            signerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
            keyParameters = new RSAKeyParameters(true, key.getModulus(), key.getPrivateExponent());
            holder = builder.build(signerBuilder.build(keyParameters));
        }
        return holder.toASN1Structure().getEncoded();
    } catch (Exception e) {
        throw new WeGooCryptoException(CryptoExceptionMassageEnum.generate_cert_err, e);
    }
}
Also used : ECDomainParameters(com.github.zhenwei.core.crypto.params.ECDomainParameters) BCRSAPrivateKey(com.github.zhenwei.provider.jcajce.provider.asymmetric.rsa.BCRSAPrivateKey) X500Name(com.github.zhenwei.core.asn1.x500.X500Name) RSAKeyParameters(com.github.zhenwei.core.crypto.params.RSAKeyParameters) BcRSAContentSignerBuilder(com.github.zhenwei.pkix.operator.bc.BcRSAContentSignerBuilder) Random(java.util.Random) BcContentSignerBuilder(com.github.zhenwei.pkix.operator.bc.BcContentSignerBuilder) Date(java.util.Date) WeGooCryptoException(com.github.zhenwei.core.exception.WeGooCryptoException) BCECPrivateKey(com.github.zhenwei.provider.jcajce.provider.asymmetric.ec.BCECPrivateKey) ECPrivateKeyParameters(com.github.zhenwei.core.crypto.params.ECPrivateKeyParameters) WeGooCryptoException(com.github.zhenwei.core.exception.WeGooCryptoException) AsymmetricKeyParameter(com.github.zhenwei.core.crypto.params.AsymmetricKeyParameter) X509v3CertificateBuilder(com.github.zhenwei.pkix.cert.X509v3CertificateBuilder) ECParameterSpec(com.github.zhenwei.provider.jce.spec.ECParameterSpec) X509CertificateHolder(com.github.zhenwei.pkix.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) BcX509ExtensionUtils(com.github.zhenwei.pkix.cert.bc.BcX509ExtensionUtils) BcECContentSignerBuilder(com.github.zhenwei.pkix.operator.bc.BcECContentSignerBuilder)

Example 19 with ECDomainParameters

use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.

the class KeyPairGeneratorSpi method initialize.

public void initialize(AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof GOST3410ParameterSpec) {
        GOST3410ParameterSpec gostParams = (GOST3410ParameterSpec) params;
        init(gostParams, random);
    } else if (params instanceof ECParameterSpec) {
        ECParameterSpec p = (ECParameterSpec) params;
        this.ecParams = params;
        param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
        engine.init(param);
        initialised = true;
    } else if (params instanceof java.security.spec.ECParameterSpec) {
        java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec) params;
        this.ecParams = params;
        ECCurve curve = EC5Util.convertCurve(p.getCurve());
        ECPoint g = EC5Util.convertPoint(curve, p.getGenerator());
        param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random);
        engine.init(param);
        initialised = true;
    } else if (params instanceof ECGenParameterSpec || params instanceof ECNamedCurveGenParameterSpec) {
        String curveName;
        if (params instanceof ECGenParameterSpec) {
            curveName = ((ECGenParameterSpec) params).getName();
        } else {
            curveName = ((ECNamedCurveGenParameterSpec) params).getName();
        }
        init(new GOST3410ParameterSpec(curveName), random);
    } else if (params == null && WeGooProvider.CONFIGURATION.getEcImplicitlyCa() != null) {
        ECParameterSpec p = WeGooProvider.CONFIGURATION.getEcImplicitlyCa();
        this.ecParams = params;
        param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
        engine.init(param);
        initialised = true;
    } else if (params == null && WeGooProvider.CONFIGURATION.getEcImplicitlyCa() == null) {
        throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
    } else {
        throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName());
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) ECDomainParameters(com.github.zhenwei.core.crypto.params.ECDomainParameters) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) ECNamedCurveGenParameterSpec(com.github.zhenwei.provider.jce.spec.ECNamedCurveGenParameterSpec) ECPoint(com.github.zhenwei.core.math.ec.ECPoint) ECParameterSpec(com.github.zhenwei.provider.jce.spec.ECParameterSpec) ECCurve(com.github.zhenwei.core.math.ec.ECCurve) GOST3410ParameterSpec(com.github.zhenwei.provider.jcajce.spec.GOST3410ParameterSpec) ECKeyGenerationParameters(com.github.zhenwei.core.crypto.params.ECKeyGenerationParameters)

Example 20 with ECDomainParameters

use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.

the class BCDSTU4145PrivateKey method populateFromPrivKeyInfo.

private void populateFromPrivKeyInfo(PrivateKeyInfo info) throws IOException {
    X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
    if (params.isNamedCurve()) {
        ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
        X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
        if (// DSTU Curve
        ecP == null) {
            ECDomainParameters gParam = DSTU4145NamedCurves.getByOID(oid);
            EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
            ecSpec = new ECNamedCurveSpec(oid.getId(), ellipticCurve, EC5Util.convertPoint(gParam.getG()), gParam.getN(), gParam.getH());
        } else {
            EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
            ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH());
        }
    } else if (params.isImplicitlyCA()) {
        ecSpec = null;
    } else {
        ASN1Sequence seq = ASN1Sequence.getInstance(params.getParameters());
        if (seq.getObjectAt(0) instanceof ASN1Integer) {
            X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
            EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
            this.ecSpec = new ECParameterSpec(ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH().intValue());
        } else {
            DSTU4145Params dstuParams = DSTU4145Params.getInstance(seq);
            com.github.zhenwei.provider.jce.spec.ECParameterSpec spec;
            if (dstuParams.isNamedCurve()) {
                ASN1ObjectIdentifier curveOid = dstuParams.getNamedCurve();
                ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(curveOid);
                spec = new ECNamedCurveParameterSpec(curveOid.getId(), ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
            } else {
                DSTU4145ECBinary binary = dstuParams.getECBinary();
                byte[] b_bytes = binary.getB();
                if (info.getPrivateKeyAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) {
                    reverseBytes(b_bytes);
                }
                DSTU4145BinaryField field = binary.getField();
                ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes));
                byte[] g_bytes = binary.getG();
                if (info.getPrivateKeyAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) {
                    reverseBytes(g_bytes);
                }
                spec = new com.github.zhenwei.provider.jce.spec.ECParameterSpec(curve, DSTU4145PointEncoder.decodePoint(curve, g_bytes), binary.getN());
            }
            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
            this.ecSpec = new ECParameterSpec(ellipticCurve, EC5Util.convertPoint(spec.getG()), spec.getN(), spec.getH().intValue());
        }
    }
    ASN1Encodable privKey = info.parsePrivateKey();
    if (privKey instanceof ASN1Integer) {
        ASN1Integer derD = ASN1Integer.getInstance(privKey);
        this.d = derD.getValue();
    } else {
        com.github.zhenwei.core.asn1.sec.ECPrivateKey ec = com.github.zhenwei.core.asn1.sec.ECPrivateKey.getInstance(privKey);
        this.d = ec.getKey();
        this.publicKey = ec.getPublicKey();
    }
}
Also used : ECDomainParameters(com.github.zhenwei.core.crypto.params.ECDomainParameters) DSTU4145ECBinary(com.github.zhenwei.core.asn1.ua.DSTU4145ECBinary) X9ECParameters(com.github.zhenwei.core.asn1.x9.X9ECParameters) ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer) DSTU4145Params(com.github.zhenwei.core.asn1.ua.DSTU4145Params) X962Parameters(com.github.zhenwei.core.asn1.x9.X962Parameters) ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence) DSTU4145BinaryField(com.github.zhenwei.core.asn1.ua.DSTU4145BinaryField) EllipticCurve(java.security.spec.EllipticCurve) ECParameterSpec(java.security.spec.ECParameterSpec) ECNamedCurveParameterSpec(com.github.zhenwei.provider.jce.spec.ECNamedCurveParameterSpec) ECCurve(com.github.zhenwei.core.math.ec.ECCurve) BigInteger(java.math.BigInteger) ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) ECNamedCurveSpec(com.github.zhenwei.provider.jce.spec.ECNamedCurveSpec)

Aggregations

ECDomainParameters (com.github.zhenwei.core.crypto.params.ECDomainParameters)35 BigInteger (java.math.BigInteger)22 ECPoint (com.github.zhenwei.core.math.ec.ECPoint)21 ECPublicKeyParameters (com.github.zhenwei.core.crypto.params.ECPublicKeyParameters)12 ECPrivateKeyParameters (com.github.zhenwei.core.crypto.params.ECPrivateKeyParameters)10 ECCurve (com.github.zhenwei.core.math.ec.ECCurve)10 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)9 ECMultiplier (com.github.zhenwei.core.math.ec.ECMultiplier)9 ECParameterSpec (com.github.zhenwei.provider.jce.spec.ECParameterSpec)9 X9ECParameters (com.github.zhenwei.core.asn1.x9.X9ECParameters)7 ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)6 ECNamedDomainParameters (com.github.zhenwei.core.crypto.params.ECNamedDomainParameters)6 ASN1Encodable (com.github.zhenwei.core.asn1.ASN1Encodable)5 X962Parameters (com.github.zhenwei.core.asn1.x9.X962Parameters)5 ECKeyGenerationParameters (com.github.zhenwei.core.crypto.params.ECKeyGenerationParameters)4 IOException (java.io.IOException)4 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)4 ASN1Sequence (com.github.zhenwei.core.asn1.ASN1Sequence)3 DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)3 GOST3410PublicKeyAlgParameters (com.github.zhenwei.core.asn1.cryptopro.GOST3410PublicKeyAlgParameters)3