Examples with RsaSsaPkcs1Params com.google.crypto.tink.proto.RsaSsaPkcs1Params used on opensource projects

Example 1 with RsaSsaPkcs1Params

use of com.google.crypto.tink.proto.RsaSsaPkcs1Params in project tink by google.

the class RsaSsaPkcs1SignKeyManager method keyFactory.

@Override
public KeyFactory<RsaSsaPkcs1KeyFormat, RsaSsaPkcs1PrivateKey> keyFactory() {
    return new KeyFactory<RsaSsaPkcs1KeyFormat, RsaSsaPkcs1PrivateKey>(RsaSsaPkcs1KeyFormat.class) {

        @Override
        public void validateKeyFormat(RsaSsaPkcs1KeyFormat keyFormat) throws GeneralSecurityException {
            SigUtil.validateRsaSsaPkcs1Params(keyFormat.getParams());
            Validators.validateRsaModulusSize(keyFormat.getModulusSizeInBits());
            Validators.validateRsaPublicExponent(new BigInteger(1, keyFormat.getPublicExponent().toByteArray()));
        }

        @Override
        public RsaSsaPkcs1KeyFormat parseKeyFormat(ByteString byteString) throws InvalidProtocolBufferException {
            return RsaSsaPkcs1KeyFormat.parseFrom(byteString, ExtensionRegistryLite.getEmptyRegistry());
        }

        @Override
        public RsaSsaPkcs1PrivateKey createKey(RsaSsaPkcs1KeyFormat format) throws GeneralSecurityException {
            RsaSsaPkcs1Params params = format.getParams();
            KeyPairGenerator keyGen = EngineFactory.KEY_PAIR_GENERATOR.getInstance("RSA");
            RSAKeyGenParameterSpec spec = new RSAKeyGenParameterSpec(format.getModulusSizeInBits(), new BigInteger(1, format.getPublicExponent().toByteArray()));
            keyGen.initialize(spec);
            KeyPair keyPair = keyGen.generateKeyPair();
            RSAPublicKey pubKey = (RSAPublicKey) keyPair.getPublic();
            RSAPrivateCrtKey privKey = (RSAPrivateCrtKey) keyPair.getPrivate();
            // Creates RsaSsaPkcs1PublicKey.
            RsaSsaPkcs1PublicKey pkcs1PubKey = RsaSsaPkcs1PublicKey.newBuilder().setVersion(getVersion()).setParams(params).setE(ByteString.copyFrom(pubKey.getPublicExponent().toByteArray())).setN(ByteString.copyFrom(pubKey.getModulus().toByteArray())).build();
            // Creates RsaSsaPkcs1PrivateKey.
            return RsaSsaPkcs1PrivateKey.newBuilder().setVersion(getVersion()).setPublicKey(pkcs1PubKey).setD(ByteString.copyFrom(privKey.getPrivateExponent().toByteArray())).setP(ByteString.copyFrom(privKey.getPrimeP().toByteArray())).setQ(ByteString.copyFrom(privKey.getPrimeQ().toByteArray())).setDp(ByteString.copyFrom(privKey.getPrimeExponentP().toByteArray())).setDq(ByteString.copyFrom(privKey.getPrimeExponentQ().toByteArray())).setCrt(ByteString.copyFrom(privKey.getCrtCoefficient().toByteArray())).build();
        }

        @Override
        public Map<String, KeyFactory.KeyFormat<RsaSsaPkcs1KeyFormat>> keyFormats() throws GeneralSecurityException {
            Map<String, KeyFactory.KeyFormat<RsaSsaPkcs1KeyFormat>> result = new HashMap<>();
            result.put("RSA_SSA_PKCS1_3072_SHA256_F4", new KeyFormat<>(createKeyFormat(HashType.SHA256, 3072, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.TINK));
            result.put("RSA_SSA_PKCS1_3072_SHA256_F4_RAW", new KeyFormat<>(createKeyFormat(HashType.SHA256, 3072, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.RAW));
            // This is identical to RSA_SSA_PKCS1_3072_SHA256_F4_RAW. It is needed to maintain backward
            // compatibility with SignatureKeyTemplates.
            // TODO(b/185475349): remove this in Tink 2.0.0.
            result.put("RSA_SSA_PKCS1_3072_SHA256_F4_WITHOUT_PREFIX", new KeyFormat<>(createKeyFormat(HashType.SHA256, 3072, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.RAW));
            result.put("RSA_SSA_PKCS1_4096_SHA512_F4", new KeyFormat<>(createKeyFormat(HashType.SHA512, 4096, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.TINK));
            result.put("RSA_SSA_PKCS1_4096_SHA512_F4_RAW", new KeyFormat<>(createKeyFormat(HashType.SHA512, 4096, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.RAW));
            return Collections.unmodifiableMap(result);
        }
    };
}

Example 2 with RsaSsaPkcs1Params

use of com.google.crypto.tink.proto.RsaSsaPkcs1Params in project tink by google.

the class SignaturePemKeysetReader method convertRsaPublicKey.

private static KeyData convertRsaPublicKey(PemKeyType pemKeyType, RSAPublicKey key) throws IOException {
    if (pemKeyType.algorithm.equals("RSASSA-PKCS1-v1_5")) {
        RsaSsaPkcs1Params params = RsaSsaPkcs1Params.newBuilder().setHashType(getHashType(pemKeyType)).build();
        RsaSsaPkcs1PublicKey pkcs1PubKey = RsaSsaPkcs1PublicKey.newBuilder().setVersion(new RsaSsaPkcs1VerifyKeyManager().getVersion()).setParams(params).setE(SigUtil.toUnsignedIntByteString(key.getPublicExponent())).setN(SigUtil.toUnsignedIntByteString(key.getModulus())).build();
        return KeyData.newBuilder().setTypeUrl(new RsaSsaPkcs1VerifyKeyManager().getKeyType()).setValue(pkcs1PubKey.toByteString()).setKeyMaterialType(KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC).build();
    } else if (pemKeyType.algorithm.equals("RSASSA-PSS")) {
        RsaSsaPssParams params = RsaSsaPssParams.newBuilder().setSigHash(getHashType(pemKeyType)).setMgf1Hash(getHashType(pemKeyType)).setSaltLength(getDigestSizeInBytes(pemKeyType)).build();
        RsaSsaPssPublicKey pssPubKey = RsaSsaPssPublicKey.newBuilder().setVersion(new RsaSsaPssVerifyKeyManager().getVersion()).setParams(params).setE(SigUtil.toUnsignedIntByteString(key.getPublicExponent())).setN(SigUtil.toUnsignedIntByteString(key.getModulus())).build();
        return KeyData.newBuilder().setTypeUrl(new RsaSsaPssVerifyKeyManager().getKeyType()).setValue(pssPubKey.toByteString()).setKeyMaterialType(KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC).build();
    }
    throw new IOException("unsupported RSA signature algorithm: " + pemKeyType.algorithm);
}

Example 3 with RsaSsaPkcs1Params

use of com.google.crypto.tink.proto.RsaSsaPkcs1Params in project tink by google.

the class TestUtil method createRsaSsaPkcs1PubKey.

/**
 * @return a {@code RsaSsaPkcs1PublicKey} constructed from {@code modulus}, {@code exponent} and
 *     {@code hashType}.
 */
public static RsaSsaPkcs1PublicKey createRsaSsaPkcs1PubKey(byte[] modulus, byte[] exponent, HashType hashType) throws Exception {
    final int version = 0;
    RsaSsaPkcs1Params params = RsaSsaPkcs1Params.newBuilder().setHashType(hashType).build();
    return RsaSsaPkcs1PublicKey.newBuilder().setVersion(version).setParams(params).setN(ByteString.copyFrom(modulus)).setE(ByteString.copyFrom(exponent)).build();
}

Example 4 with RsaSsaPkcs1Params

use of com.google.crypto.tink.proto.RsaSsaPkcs1Params in project tink by google.

the class SignatureKeyTemplates method createRsaSsaPkcs1KeyTemplate.

/**
 * @return a {@link KeyTemplate} containing a {@link RsaSsaPkcs1KeyFormat} with some specified
 *     parameters.
 */
public static KeyTemplate createRsaSsaPkcs1KeyTemplate(HashType hashType, int modulusSize, BigInteger publicExponent, OutputPrefixType prefixType) {
    RsaSsaPkcs1Params params = RsaSsaPkcs1Params.newBuilder().setHashType(hashType).build();
    RsaSsaPkcs1KeyFormat format = RsaSsaPkcs1KeyFormat.newBuilder().setParams(params).setModulusSizeInBits(modulusSize).setPublicExponent(ByteString.copyFrom(publicExponent.toByteArray())).build();
    return KeyTemplate.newBuilder().setValue(format.toByteString()).setTypeUrl(new RsaSsaPkcs1SignKeyManager().getKeyType()).setOutputPrefixType(prefixType).build();
}