use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.
the class ECUtil method getDomainParameters.
public static ECDomainParameters getDomainParameters(ProviderConfiguration configuration, com.github.zhenwei.provider.jce.spec.ECParameterSpec params) {
ECDomainParameters domainParameters;
if (params instanceof ECNamedCurveParameterSpec) {
ECNamedCurveParameterSpec nParams = (ECNamedCurveParameterSpec) params;
ASN1ObjectIdentifier nameOid = ECUtil.getNamedCurveOid(nParams.getName());
domainParameters = new ECNamedDomainParameters(nameOid, nParams.getCurve(), nParams.getG(), nParams.getN(), nParams.getH(), nParams.getSeed());
} else if (params == null) {
com.github.zhenwei.provider.jce.spec.ECParameterSpec iSpec = configuration.getEcImplicitlyCa();
domainParameters = new ECDomainParameters(iSpec.getCurve(), iSpec.getG(), iSpec.getN(), iSpec.getH(), iSpec.getSeed());
} else {
domainParameters = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed());
}
return domainParameters;
}
use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.
the class JCEECPrivateKey method populateFromPrivKeyInfo.
private void populateFromPrivKeyInfo(PrivateKeyInfo info) throws IOException {
X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
if (params.isNamedCurve()) {
ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
if (// GOST Curve
ecP == null) {
ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
ecSpec = new ECNamedCurveSpec(ECGOST3410NamedCurves.getName(oid), ellipticCurve, EC5Util.convertPoint(gParam.getG()), gParam.getN(), gParam.getH());
} else {
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH());
}
} else if (params.isImplicitlyCA()) {
ecSpec = null;
} else {
X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
this.ecSpec = new ECParameterSpec(ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH().intValue());
}
ASN1Encodable privKey = info.parsePrivateKey();
if (privKey instanceof ASN1Integer) {
ASN1Integer derD = ASN1Integer.getInstance(privKey);
this.d = derD.getValue();
} else {
ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) privKey);
this.d = ec.getKey();
this.publicKey = ec.getPublicKey();
}
}
use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.
the class CertBuilder method generateCertificate.
/**
* @param [dn, publicKey, privateKey]
* @return java.security.cert.Certificate
* @author zhangzhenwei
* @description 生成证书
* todo just support sm2
* @date 2022/3/15 9:09 下午
* @since: 1.0.0
*/
public static byte[] generateCertificate(String subjectDn, String issuerDn, PublicKey publicKey, PrivateKey privateKey, SignAlgEnum signAlgEnum, int time, TimeUnit timeUnit) throws WeGooCryptoException {
try {
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
// SubjectPublicKeyInfo publicKeyInfo = (SubjectPublicKeyInfo)publicKey;
X500Name subject = new X500Name(subjectDn);
X500Name issuer = new X500Name(issuerDn);
byte[] bytes = new byte[15];
Random random = new Random();
random.nextBytes(bytes);
byte[] bytes1 = ByteArrayUtil.mergeBytes("9".getBytes(StandardCharsets.UTF_8), bytes);
BigInteger sn = new BigInteger(bytes1);
Date notBefore = DateUtil.now();
int max = Math.max(1, (int) timeUnit.toDays(time));
Date notAfter = DateUtil.nowPlusDays(max);
BcX509ExtensionUtils x509ExtensionUtils = new BcX509ExtensionUtils();
// 密钥用途: 签名和不可抵赖
int usage = KeyUsage.digitalSignature | KeyUsage.nonRepudiation;
// 使用者标识符
SubjectKeyIdentifier subjectKeyIdentifier = x509ExtensionUtils.createSubjectKeyIdentifier(publicKeyInfo);
// 授权者标识符
AuthorityKeyIdentifier authorityKeyIdentifier = x509ExtensionUtils.createAuthorityKeyIdentifier(publicKeyInfo);
// 判断是否签发根证书
if (subject.toString().equals(subject.toString())) {
// 根证书 颁发者标识符
authorityKeyIdentifier = x509ExtensionUtils.createAuthorityKeyIdentifier(publicKeyInfo);
// 补充证书签名用途
usage = usage | KeyUsage.keyCertSign;
}
X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, sn, notBefore, notAfter, subject, publicKeyInfo);
// 增加扩展项
Extension keyUsage = new Extension(Extension.keyUsage, false, new KeyUsage(usage).getEncoded());
Extension subjectKeyId = new Extension(Extension.subjectKeyIdentifier, false, subjectKeyIdentifier.getEncoded());
Extension authorityKeyId = new Extension(Extension.authorityKeyIdentifier, false, authorityKeyIdentifier.getEncoded());
AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(signAlgEnum.getOid());
AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(signAlgEnum.getDigestAlgEnum().getOid());
builder.addExtension(keyUsage);
builder.addExtension(subjectKeyId);
builder.addExtension(authorityKeyId);
X509CertificateHolder holder;
BcContentSignerBuilder signerBuilder;
AsymmetricKeyParameter keyParameters;
if (publicKey.getAlgorithm().equals("EC")) {
signerBuilder = new BcECContentSignerBuilder(sigAlgId, digAlgId);
BCECPrivateKey key = (BCECPrivateKey) privateKey;
ECParameterSpec parameters = key.getParameters();
ECDomainParameters params = new ECDomainParameters(parameters.getCurve(), parameters.getG(), parameters.getN());
keyParameters = new ECPrivateKeyParameters(key.getD(), params);
holder = builder.build(signerBuilder.build(keyParameters));
} else {
BCRSAPrivateKey key = (BCRSAPrivateKey) privateKey;
signerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
keyParameters = new RSAKeyParameters(true, key.getModulus(), key.getPrivateExponent());
holder = builder.build(signerBuilder.build(keyParameters));
}
return holder.toASN1Structure().getEncoded();
} catch (Exception e) {
throw new WeGooCryptoException(CryptoExceptionMassageEnum.generate_cert_err, e);
}
}
use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.
the class KeyPairGeneratorSpi method initialize.
public void initialize(AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof GOST3410ParameterSpec) {
GOST3410ParameterSpec gostParams = (GOST3410ParameterSpec) params;
init(gostParams, random);
} else if (params instanceof ECParameterSpec) {
ECParameterSpec p = (ECParameterSpec) params;
this.ecParams = params;
param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
engine.init(param);
initialised = true;
} else if (params instanceof java.security.spec.ECParameterSpec) {
java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec) params;
this.ecParams = params;
ECCurve curve = EC5Util.convertCurve(p.getCurve());
ECPoint g = EC5Util.convertPoint(curve, p.getGenerator());
param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random);
engine.init(param);
initialised = true;
} else if (params instanceof ECGenParameterSpec || params instanceof ECNamedCurveGenParameterSpec) {
String curveName;
if (params instanceof ECGenParameterSpec) {
curveName = ((ECGenParameterSpec) params).getName();
} else {
curveName = ((ECNamedCurveGenParameterSpec) params).getName();
}
init(new GOST3410ParameterSpec(curveName), random);
} else if (params == null && WeGooProvider.CONFIGURATION.getEcImplicitlyCa() != null) {
ECParameterSpec p = WeGooProvider.CONFIGURATION.getEcImplicitlyCa();
this.ecParams = params;
param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
engine.init(param);
initialised = true;
} else if (params == null && WeGooProvider.CONFIGURATION.getEcImplicitlyCa() == null) {
throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
} else {
throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName());
}
}
use of com.github.zhenwei.core.crypto.params.ECDomainParameters in project LinLong-Java by zhenwei1108.
the class BCDSTU4145PrivateKey method populateFromPrivKeyInfo.
private void populateFromPrivKeyInfo(PrivateKeyInfo info) throws IOException {
X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
if (params.isNamedCurve()) {
ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
if (// DSTU Curve
ecP == null) {
ECDomainParameters gParam = DSTU4145NamedCurves.getByOID(oid);
EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
ecSpec = new ECNamedCurveSpec(oid.getId(), ellipticCurve, EC5Util.convertPoint(gParam.getG()), gParam.getN(), gParam.getH());
} else {
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH());
}
} else if (params.isImplicitlyCA()) {
ecSpec = null;
} else {
ASN1Sequence seq = ASN1Sequence.getInstance(params.getParameters());
if (seq.getObjectAt(0) instanceof ASN1Integer) {
X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
this.ecSpec = new ECParameterSpec(ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH().intValue());
} else {
DSTU4145Params dstuParams = DSTU4145Params.getInstance(seq);
com.github.zhenwei.provider.jce.spec.ECParameterSpec spec;
if (dstuParams.isNamedCurve()) {
ASN1ObjectIdentifier curveOid = dstuParams.getNamedCurve();
ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(curveOid);
spec = new ECNamedCurveParameterSpec(curveOid.getId(), ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
} else {
DSTU4145ECBinary binary = dstuParams.getECBinary();
byte[] b_bytes = binary.getB();
if (info.getPrivateKeyAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) {
reverseBytes(b_bytes);
}
DSTU4145BinaryField field = binary.getField();
ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes));
byte[] g_bytes = binary.getG();
if (info.getPrivateKeyAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) {
reverseBytes(g_bytes);
}
spec = new com.github.zhenwei.provider.jce.spec.ECParameterSpec(curve, DSTU4145PointEncoder.decodePoint(curve, g_bytes), binary.getN());
}
EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
this.ecSpec = new ECParameterSpec(ellipticCurve, EC5Util.convertPoint(spec.getG()), spec.getN(), spec.getH().intValue());
}
}
ASN1Encodable privKey = info.parsePrivateKey();
if (privKey instanceof ASN1Integer) {
ASN1Integer derD = ASN1Integer.getInstance(privKey);
this.d = derD.getValue();
} else {
com.github.zhenwei.core.asn1.sec.ECPrivateKey ec = com.github.zhenwei.core.asn1.sec.ECPrivateKey.getInstance(privKey);
this.d = ec.getKey();
this.publicKey = ec.getPublicKey();
}
}
Aggregations