Search in sources :

Example 11 with DSAParams

use of java.security.interfaces.DSAParams in project XobotOS by xamarin.

the class DSAKeyFactoryImpl method engineTranslateKey.

/**
     * The method generates a DSAPublicKey object from the provided key.
     *
     * @param
     *    key - a DSAPublicKey object or DSAPrivateKey object.
     *
     * @return
     *    object of the same type as the "key" argument
     *
     * @throws InvalidKeyException
     *     if "key" is neither DSAPublicKey nor DSAPrivateKey
     */
protected Key engineTranslateKey(Key key) throws InvalidKeyException {
    if (key != null) {
        if (key instanceof DSAPrivateKey) {
            DSAPrivateKey privateKey = (DSAPrivateKey) key;
            DSAParams params = privateKey.getParams();
            try {
                return engineGeneratePrivate(new DSAPrivateKeySpec(privateKey.getX(), params.getP(), params.getQ(), params.getG()));
            } catch (InvalidKeySpecException e) {
                // Actually this exception shouldn't be thrown
                throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
            }
        }
        if (key instanceof DSAPublicKey) {
            DSAPublicKey publicKey = (DSAPublicKey) key;
            DSAParams params = publicKey.getParams();
            try {
                return engineGeneratePublic(new DSAPublicKeySpec(publicKey.getY(), params.getP(), params.getQ(), params.getG()));
            } catch (InvalidKeySpecException e) {
                // Actually this exception shouldn't be thrown
                throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
            }
        }
    }
    throw new InvalidKeyException("'key' is neither DSAPublicKey nor DSAPrivateKey");
}
Also used : DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) DSAParams(java.security.interfaces.DSAParams) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidKeyException(java.security.InvalidKeyException) DSAPublicKey(java.security.interfaces.DSAPublicKey) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)

Example 12 with DSAParams

use of java.security.interfaces.DSAParams in project XobotOS by xamarin.

the class MiscPEMGenerator method createPemObject.

private PemObject createPemObject(Object obj, String algorithm, char[] password, SecureRandom random) throws IOException {
    if (obj instanceof KeyPair) {
        return createPemObject(((KeyPair) obj).getPrivate(), algorithm, password, random);
    }
    String type = null;
    byte[] keyData = null;
    if (obj instanceof RSAPrivateCrtKey) {
        type = "RSA PRIVATE KEY";
        RSAPrivateCrtKey k = (RSAPrivateCrtKey) obj;
        RSAPrivateKeyStructure keyStruct = new RSAPrivateKeyStructure(k.getModulus(), k.getPublicExponent(), k.getPrivateExponent(), k.getPrimeP(), k.getPrimeQ(), k.getPrimeExponentP(), k.getPrimeExponentQ(), k.getCrtCoefficient());
        // convert to bytearray
        keyData = keyStruct.getEncoded();
    } else if (obj instanceof DSAPrivateKey) {
        type = "DSA PRIVATE KEY";
        DSAPrivateKey k = (DSAPrivateKey) obj;
        DSAParams p = k.getParams();
        ASN1EncodableVector v = new ASN1EncodableVector();
        v.add(new DERInteger(0));
        v.add(new DERInteger(p.getP()));
        v.add(new DERInteger(p.getQ()));
        v.add(new DERInteger(p.getG()));
        BigInteger x = k.getX();
        BigInteger y = p.getG().modPow(x, p.getP());
        v.add(new DERInteger(y));
        v.add(new DERInteger(x));
        keyData = new DERSequence(v).getEncoded();
    } else if (obj instanceof PrivateKey && "ECDSA".equals(((PrivateKey) obj).getAlgorithm())) {
        type = "EC PRIVATE KEY";
        PrivateKeyInfo privInfo = PrivateKeyInfo.getInstance(ASN1Object.fromByteArray(((PrivateKey) obj).getEncoded()));
        keyData = privInfo.getPrivateKey().getEncoded();
    }
    if (type == null || keyData == null) {
        // TODO Support other types?
        throw new IllegalArgumentException("Object type not supported: " + obj.getClass().getName());
    }
    String dekAlgName = Strings.toUpperCase(algorithm);
    // Note: For backward compatibility
    if (dekAlgName.equals("DESEDE")) {
        dekAlgName = "DES-EDE3-CBC";
    }
    int ivLength = dekAlgName.startsWith("AES-") ? 16 : 8;
    byte[] iv = new byte[ivLength];
    random.nextBytes(iv);
    byte[] encData = PEMUtilities.crypt(true, provider, keyData, password, dekAlgName, iv);
    List headers = new ArrayList(2);
    headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
    headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv)));
    return new PemObject(type, headers, encData);
}
Also used : KeyPair(java.security.KeyPair) RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKey(java.security.PrivateKey) ArrayList(java.util.ArrayList) DSAParams(java.security.interfaces.DSAParams) DERInteger(org.bouncycastle.asn1.DERInteger) PemObject(org.bouncycastle.util.io.pem.PemObject) DERSequence(org.bouncycastle.asn1.DERSequence) RSAPrivateKeyStructure(org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) BigInteger(java.math.BigInteger) ArrayList(java.util.ArrayList) List(java.util.List) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) PemHeader(org.bouncycastle.util.io.pem.PemHeader)

Example 13 with DSAParams

use of java.security.interfaces.DSAParams in project XobotOS by xamarin.

the class CertPathValidatorUtilities method getNextWorkingKey.

/**
     * Return the next working key inheriting DSA parameters if necessary.
     * <p>
     * This methods inherits DSA parameters from the indexed certificate or
     * previous certificates in the certificate chain to the returned
     * <code>PublicKey</code>. The list is searched upwards, meaning the end
     * certificate is at position 0 and previous certificates are following.
     * </p>
     * <p>
     * If the indexed certificate does not contain a DSA key this method simply
     * returns the public key. If the DSA key already contains DSA parameters
     * the key is also only returned.
     * </p>
     * 
     * @param certs The certification path.
     * @param index The index of the certificate which contains the public key
     *            which should be extended with DSA parameters.
     * @return The public key of the certificate in list position
     *         <code>index</code> extended with DSA parameters if applicable.
     * @throws AnnotatedException if DSA parameters cannot be inherited.
     */
protected static PublicKey getNextWorkingKey(List certs, int index) throws CertPathValidatorException {
    Certificate cert = (Certificate) certs.get(index);
    PublicKey pubKey = cert.getPublicKey();
    if (!(pubKey instanceof DSAPublicKey)) {
        return pubKey;
    }
    DSAPublicKey dsaPubKey = (DSAPublicKey) pubKey;
    if (dsaPubKey.getParams() != null) {
        return dsaPubKey;
    }
    for (int i = index + 1; i < certs.size(); i++) {
        X509Certificate parentCert = (X509Certificate) certs.get(i);
        pubKey = parentCert.getPublicKey();
        if (!(pubKey instanceof DSAPublicKey)) {
            throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
        }
        DSAPublicKey prevDSAPubKey = (DSAPublicKey) pubKey;
        if (prevDSAPubKey.getParams() == null) {
            continue;
        }
        DSAParams dsaParams = prevDSAPubKey.getParams();
        DSAPublicKeySpec dsaPubKeySpec = new DSAPublicKeySpec(dsaPubKey.getY(), dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("DSA", BouncyCastleProvider.PROVIDER_NAME);
            return keyFactory.generatePublic(dsaPubKeySpec);
        } catch (Exception exception) {
            throw new RuntimeException(exception.getMessage());
        }
    }
    throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
}
Also used : CertPathValidatorException(java.security.cert.CertPathValidatorException) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) PublicKey(java.security.PublicKey) DSAPublicKey(java.security.interfaces.DSAPublicKey) DSAParams(java.security.interfaces.DSAParams) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) X509Certificate(java.security.cert.X509Certificate) KeyFactory(java.security.KeyFactory) GeneralSecurityException(java.security.GeneralSecurityException) CertPathValidatorException(java.security.cert.CertPathValidatorException) ParseException(java.text.ParseException) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) CertStoreException(java.security.cert.CertStoreException) CertificateParsingException(java.security.cert.CertificateParsingException) StoreException(org.bouncycastle.util.StoreException) IOException(java.io.IOException) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) X509AttributeCertificate(org.bouncycastle.x509.X509AttributeCertificate) DSAPublicKey(java.security.interfaces.DSAPublicKey) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)

Example 14 with DSAParams

use of java.security.interfaces.DSAParams in project OpenAM by OpenRock.

the class LibSecurityTokenProvider method createKeyInfo.

/**
     * Returns the <code>KeyInfo</code> object as a Document Element.
     */
private Element createKeyInfo() throws SecurityTokenException {
    X509Certificate cert = getX509Certificate();
    Document doc = null;
    try {
        doc = XMLUtils.newDocument();
    } catch (Exception e) {
        debug.error("createKeyInfo: ", e);
        throw new SecurityTokenException(e.getMessage());
    }
    String keyNameTextString = null;
    String base64CertString = null;
    PublicKey pk = null;
    try {
        pk = cert.getPublicKey();
        keyNameTextString = cert.getSubjectDN().getName();
        base64CertString = Base64.encode(cert.getEncoded());
    } catch (Exception e) {
        debug.error("createKeyInfo: ", e);
        throw new SecurityTokenException(e.getMessage());
    }
    Element keyInfo = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_KEYINFO);
    keyInfo.setAttribute("xmlns", SAMLConstants.XMLSIG_NAMESPACE_URI);
    if ((keyInfoType != null) && (keyInfoType.equalsIgnoreCase("certificate"))) {
        //put Certificate in KeyInfo
        Element x509Data = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_X509DATA);
        Element x509Certificate = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_X509CERTIFICATE);
        Text certText = doc.createTextNode(base64CertString);
        x509Certificate.appendChild(certText);
        keyInfo.appendChild(x509Data).appendChild(x509Certificate);
    } else {
        //put public key in keyinfo
        Element keyName = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_KEYNAME);
        Text keyNameText = doc.createTextNode(keyNameTextString);
        Element keyvalue = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_KEYVALUE);
        if (pk.getAlgorithm().equals("DSA")) {
            DSAPublicKey dsakey = (DSAPublicKey) pk;
            DSAParams dsaParams = dsakey.getParams();
            BigInteger _p = dsaParams.getP();
            BigInteger _q = dsaParams.getQ();
            BigInteger _g = dsaParams.getG();
            BigInteger _y = dsakey.getY();
            Element DSAKeyValue = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "DSAKeyValue");
            Element p = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "P");
            Text value_p = doc.createTextNode(Base64.encode(_p.toByteArray()));
            p.appendChild(value_p);
            DSAKeyValue.appendChild(p);
            Element q = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "Q");
            Text value_q = doc.createTextNode(Base64.encode(_q.toByteArray()));
            q.appendChild(value_q);
            DSAKeyValue.appendChild(q);
            Element g = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "G");
            Text value_g = doc.createTextNode(Base64.encode(_g.toByteArray()));
            g.appendChild(value_g);
            DSAKeyValue.appendChild(g);
            Element y = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "Y");
            Text value_y = doc.createTextNode(Base64.encode(_y.toByteArray()));
            y.appendChild(value_y);
            DSAKeyValue.appendChild(y);
            keyvalue.appendChild(DSAKeyValue);
        } else {
            // It is RSA
            RSAPublicKey rsakey = (RSAPublicKey) pk;
            BigInteger exponent = rsakey.getPublicExponent();
            BigInteger modulus = rsakey.getModulus();
            Element RSAKeyValue = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "RSAKeyValue");
            Element modulusNode = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "Modulus");
            Element exponentNode = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "Exponent");
            RSAKeyValue.appendChild(modulusNode);
            RSAKeyValue.appendChild(exponentNode);
            Text modulusValue = doc.createTextNode(Base64.encode(modulus.toByteArray()));
            modulusNode.appendChild(modulusValue);
            Text exponentValue = doc.createTextNode(Base64.encode(exponent.toByteArray()));
            exponentNode.appendChild(exponentValue);
            keyvalue.appendChild(RSAKeyValue);
        }
        keyInfo.appendChild(keyName).appendChild(keyNameText);
        keyInfo.appendChild(keyvalue);
    }
    return keyInfo;
}
Also used : RSAPublicKey(java.security.interfaces.RSAPublicKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) PublicKey(java.security.PublicKey) DSAPublicKey(java.security.interfaces.DSAPublicKey) Element(org.w3c.dom.Element) BigInteger(java.math.BigInteger) Text(org.w3c.dom.Text) DSAParams(java.security.interfaces.DSAParams) Document(org.w3c.dom.Document) X509Certificate(java.security.cert.X509Certificate) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) DSAPublicKey(java.security.interfaces.DSAPublicKey)

Example 15 with DSAParams

use of java.security.interfaces.DSAParams in project jdk8u_jdk by JetBrains.

the class DSAKeyFactory method engineGetKeySpec.

/**
     * Returns a specification (key material) of the given key object
     * in the requested format.
     *
     * @param key the key
     *
     * @param keySpec the requested format in which the key material shall be
     * returned
     *
     * @return the underlying key specification (key material) in the
     * requested format
     *
     * @exception InvalidKeySpecException if the requested key specification is
     * inappropriate for the given key, or the given key cannot be processed
     * (e.g., the given key has an unrecognized algorithm or format).
     */
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
    DSAParams params;
    try {
        if (key instanceof java.security.interfaces.DSAPublicKey) {
            // Determine valid key specs
            Class<?> dsaPubKeySpec = Class.forName("java.security.spec.DSAPublicKeySpec");
            Class<?> x509KeySpec = Class.forName("java.security.spec.X509EncodedKeySpec");
            if (dsaPubKeySpec.isAssignableFrom(keySpec)) {
                java.security.interfaces.DSAPublicKey dsaPubKey = (java.security.interfaces.DSAPublicKey) key;
                params = dsaPubKey.getParams();
                return keySpec.cast(new DSAPublicKeySpec(dsaPubKey.getY(), params.getP(), params.getQ(), params.getG()));
            } else if (x509KeySpec.isAssignableFrom(keySpec)) {
                return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
            } else {
                throw new InvalidKeySpecException("Inappropriate key specification");
            }
        } else if (key instanceof java.security.interfaces.DSAPrivateKey) {
            // Determine valid key specs
            Class<?> dsaPrivKeySpec = Class.forName("java.security.spec.DSAPrivateKeySpec");
            Class<?> pkcs8KeySpec = Class.forName("java.security.spec.PKCS8EncodedKeySpec");
            if (dsaPrivKeySpec.isAssignableFrom(keySpec)) {
                java.security.interfaces.DSAPrivateKey dsaPrivKey = (java.security.interfaces.DSAPrivateKey) key;
                params = dsaPrivKey.getParams();
                return keySpec.cast(new DSAPrivateKeySpec(dsaPrivKey.getX(), params.getP(), params.getQ(), params.getG()));
            } else if (pkcs8KeySpec.isAssignableFrom(keySpec)) {
                return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
            } else {
                throw new InvalidKeySpecException("Inappropriate key specification");
            }
        } else {
            throw new InvalidKeySpecException("Inappropriate key type");
        }
    } catch (ClassNotFoundException e) {
        throw new InvalidKeySpecException("Unsupported key specification: " + e.getMessage());
    }
}
Also used : X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) DSAParams(java.security.interfaces.DSAParams) DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)

Aggregations

DSAParams (java.security.interfaces.DSAParams)40 DSAPublicKey (java.security.interfaces.DSAPublicKey)19 BigInteger (java.math.BigInteger)16 DSAPrivateKey (java.security.interfaces.DSAPrivateKey)13 DSAParameterSpec (java.security.spec.DSAParameterSpec)11 DSAPublicKeySpec (java.security.spec.DSAPublicKeySpec)11 InvalidKeyException (java.security.InvalidKeyException)8 PublicKey (java.security.PublicKey)7 DSAPrivateKeySpec (java.security.spec.DSAPrivateKeySpec)7 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)7 KeyPairGenerator (java.security.KeyPairGenerator)6 SecureRandom (java.security.SecureRandom)5 X509Certificate (java.security.cert.X509Certificate)5 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)5 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)5 GeneralSecurityException (java.security.GeneralSecurityException)4 KeyFactory (java.security.KeyFactory)4 KeyPair (java.security.KeyPair)4 CertPathValidatorException (java.security.cert.CertPathValidatorException)4 IOException (java.io.IOException)3