use of java.security.interfaces.DSAParams in project XobotOS by xamarin.
the class DSAKeyFactoryImpl method engineTranslateKey.
/**
* The method generates a DSAPublicKey object from the provided key.
*
* @param
* key - a DSAPublicKey object or DSAPrivateKey object.
*
* @return
* object of the same type as the "key" argument
*
* @throws InvalidKeyException
* if "key" is neither DSAPublicKey nor DSAPrivateKey
*/
protected Key engineTranslateKey(Key key) throws InvalidKeyException {
if (key != null) {
if (key instanceof DSAPrivateKey) {
DSAPrivateKey privateKey = (DSAPrivateKey) key;
DSAParams params = privateKey.getParams();
try {
return engineGeneratePrivate(new DSAPrivateKeySpec(privateKey.getX(), params.getP(), params.getQ(), params.getG()));
} catch (InvalidKeySpecException e) {
// Actually this exception shouldn't be thrown
throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
}
}
if (key instanceof DSAPublicKey) {
DSAPublicKey publicKey = (DSAPublicKey) key;
DSAParams params = publicKey.getParams();
try {
return engineGeneratePublic(new DSAPublicKeySpec(publicKey.getY(), params.getP(), params.getQ(), params.getG()));
} catch (InvalidKeySpecException e) {
// Actually this exception shouldn't be thrown
throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
}
}
}
throw new InvalidKeyException("'key' is neither DSAPublicKey nor DSAPrivateKey");
}
use of java.security.interfaces.DSAParams in project XobotOS by xamarin.
the class MiscPEMGenerator method createPemObject.
private PemObject createPemObject(Object obj, String algorithm, char[] password, SecureRandom random) throws IOException {
if (obj instanceof KeyPair) {
return createPemObject(((KeyPair) obj).getPrivate(), algorithm, password, random);
}
String type = null;
byte[] keyData = null;
if (obj instanceof RSAPrivateCrtKey) {
type = "RSA PRIVATE KEY";
RSAPrivateCrtKey k = (RSAPrivateCrtKey) obj;
RSAPrivateKeyStructure keyStruct = new RSAPrivateKeyStructure(k.getModulus(), k.getPublicExponent(), k.getPrivateExponent(), k.getPrimeP(), k.getPrimeQ(), k.getPrimeExponentP(), k.getPrimeExponentQ(), k.getCrtCoefficient());
// convert to bytearray
keyData = keyStruct.getEncoded();
} else if (obj instanceof DSAPrivateKey) {
type = "DSA PRIVATE KEY";
DSAPrivateKey k = (DSAPrivateKey) obj;
DSAParams p = k.getParams();
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(p.getP()));
v.add(new DERInteger(p.getQ()));
v.add(new DERInteger(p.getG()));
BigInteger x = k.getX();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new DERInteger(y));
v.add(new DERInteger(x));
keyData = new DERSequence(v).getEncoded();
} else if (obj instanceof PrivateKey && "ECDSA".equals(((PrivateKey) obj).getAlgorithm())) {
type = "EC PRIVATE KEY";
PrivateKeyInfo privInfo = PrivateKeyInfo.getInstance(ASN1Object.fromByteArray(((PrivateKey) obj).getEncoded()));
keyData = privInfo.getPrivateKey().getEncoded();
}
if (type == null || keyData == null) {
// TODO Support other types?
throw new IllegalArgumentException("Object type not supported: " + obj.getClass().getName());
}
String dekAlgName = Strings.toUpperCase(algorithm);
// Note: For backward compatibility
if (dekAlgName.equals("DESEDE")) {
dekAlgName = "DES-EDE3-CBC";
}
int ivLength = dekAlgName.startsWith("AES-") ? 16 : 8;
byte[] iv = new byte[ivLength];
random.nextBytes(iv);
byte[] encData = PEMUtilities.crypt(true, provider, keyData, password, dekAlgName, iv);
List headers = new ArrayList(2);
headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv)));
return new PemObject(type, headers, encData);
}
use of java.security.interfaces.DSAParams in project XobotOS by xamarin.
the class CertPathValidatorUtilities method getNextWorkingKey.
/**
* Return the next working key inheriting DSA parameters if necessary.
* <p>
* This methods inherits DSA parameters from the indexed certificate or
* previous certificates in the certificate chain to the returned
* <code>PublicKey</code>. The list is searched upwards, meaning the end
* certificate is at position 0 and previous certificates are following.
* </p>
* <p>
* If the indexed certificate does not contain a DSA key this method simply
* returns the public key. If the DSA key already contains DSA parameters
* the key is also only returned.
* </p>
*
* @param certs The certification path.
* @param index The index of the certificate which contains the public key
* which should be extended with DSA parameters.
* @return The public key of the certificate in list position
* <code>index</code> extended with DSA parameters if applicable.
* @throws AnnotatedException if DSA parameters cannot be inherited.
*/
protected static PublicKey getNextWorkingKey(List certs, int index) throws CertPathValidatorException {
Certificate cert = (Certificate) certs.get(index);
PublicKey pubKey = cert.getPublicKey();
if (!(pubKey instanceof DSAPublicKey)) {
return pubKey;
}
DSAPublicKey dsaPubKey = (DSAPublicKey) pubKey;
if (dsaPubKey.getParams() != null) {
return dsaPubKey;
}
for (int i = index + 1; i < certs.size(); i++) {
X509Certificate parentCert = (X509Certificate) certs.get(i);
pubKey = parentCert.getPublicKey();
if (!(pubKey instanceof DSAPublicKey)) {
throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
}
DSAPublicKey prevDSAPubKey = (DSAPublicKey) pubKey;
if (prevDSAPubKey.getParams() == null) {
continue;
}
DSAParams dsaParams = prevDSAPubKey.getParams();
DSAPublicKeySpec dsaPubKeySpec = new DSAPublicKeySpec(dsaPubKey.getY(), dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
try {
KeyFactory keyFactory = KeyFactory.getInstance("DSA", BouncyCastleProvider.PROVIDER_NAME);
return keyFactory.generatePublic(dsaPubKeySpec);
} catch (Exception exception) {
throw new RuntimeException(exception.getMessage());
}
}
throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
}
use of java.security.interfaces.DSAParams in project OpenAM by OpenRock.
the class LibSecurityTokenProvider method createKeyInfo.
/**
* Returns the <code>KeyInfo</code> object as a Document Element.
*/
private Element createKeyInfo() throws SecurityTokenException {
X509Certificate cert = getX509Certificate();
Document doc = null;
try {
doc = XMLUtils.newDocument();
} catch (Exception e) {
debug.error("createKeyInfo: ", e);
throw new SecurityTokenException(e.getMessage());
}
String keyNameTextString = null;
String base64CertString = null;
PublicKey pk = null;
try {
pk = cert.getPublicKey();
keyNameTextString = cert.getSubjectDN().getName();
base64CertString = Base64.encode(cert.getEncoded());
} catch (Exception e) {
debug.error("createKeyInfo: ", e);
throw new SecurityTokenException(e.getMessage());
}
Element keyInfo = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_KEYINFO);
keyInfo.setAttribute("xmlns", SAMLConstants.XMLSIG_NAMESPACE_URI);
if ((keyInfoType != null) && (keyInfoType.equalsIgnoreCase("certificate"))) {
//put Certificate in KeyInfo
Element x509Data = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_X509DATA);
Element x509Certificate = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_X509CERTIFICATE);
Text certText = doc.createTextNode(base64CertString);
x509Certificate.appendChild(certText);
keyInfo.appendChild(x509Data).appendChild(x509Certificate);
} else {
//put public key in keyinfo
Element keyName = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_KEYNAME);
Text keyNameText = doc.createTextNode(keyNameTextString);
Element keyvalue = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, SAMLConstants.TAG_KEYVALUE);
if (pk.getAlgorithm().equals("DSA")) {
DSAPublicKey dsakey = (DSAPublicKey) pk;
DSAParams dsaParams = dsakey.getParams();
BigInteger _p = dsaParams.getP();
BigInteger _q = dsaParams.getQ();
BigInteger _g = dsaParams.getG();
BigInteger _y = dsakey.getY();
Element DSAKeyValue = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "DSAKeyValue");
Element p = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "P");
Text value_p = doc.createTextNode(Base64.encode(_p.toByteArray()));
p.appendChild(value_p);
DSAKeyValue.appendChild(p);
Element q = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "Q");
Text value_q = doc.createTextNode(Base64.encode(_q.toByteArray()));
q.appendChild(value_q);
DSAKeyValue.appendChild(q);
Element g = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "G");
Text value_g = doc.createTextNode(Base64.encode(_g.toByteArray()));
g.appendChild(value_g);
DSAKeyValue.appendChild(g);
Element y = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "Y");
Text value_y = doc.createTextNode(Base64.encode(_y.toByteArray()));
y.appendChild(value_y);
DSAKeyValue.appendChild(y);
keyvalue.appendChild(DSAKeyValue);
} else {
// It is RSA
RSAPublicKey rsakey = (RSAPublicKey) pk;
BigInteger exponent = rsakey.getPublicExponent();
BigInteger modulus = rsakey.getModulus();
Element RSAKeyValue = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "RSAKeyValue");
Element modulusNode = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "Modulus");
Element exponentNode = doc.createElementNS(SAMLConstants.XMLSIG_NAMESPACE_URI, "Exponent");
RSAKeyValue.appendChild(modulusNode);
RSAKeyValue.appendChild(exponentNode);
Text modulusValue = doc.createTextNode(Base64.encode(modulus.toByteArray()));
modulusNode.appendChild(modulusValue);
Text exponentValue = doc.createTextNode(Base64.encode(exponent.toByteArray()));
exponentNode.appendChild(exponentValue);
keyvalue.appendChild(RSAKeyValue);
}
keyInfo.appendChild(keyName).appendChild(keyNameText);
keyInfo.appendChild(keyvalue);
}
return keyInfo;
}
use of java.security.interfaces.DSAParams in project jdk8u_jdk by JetBrains.
the class DSAKeyFactory method engineGetKeySpec.
/**
* Returns a specification (key material) of the given key object
* in the requested format.
*
* @param key the key
*
* @param keySpec the requested format in which the key material shall be
* returned
*
* @return the underlying key specification (key material) in the
* requested format
*
* @exception InvalidKeySpecException if the requested key specification is
* inappropriate for the given key, or the given key cannot be processed
* (e.g., the given key has an unrecognized algorithm or format).
*/
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
DSAParams params;
try {
if (key instanceof java.security.interfaces.DSAPublicKey) {
// Determine valid key specs
Class<?> dsaPubKeySpec = Class.forName("java.security.spec.DSAPublicKeySpec");
Class<?> x509KeySpec = Class.forName("java.security.spec.X509EncodedKeySpec");
if (dsaPubKeySpec.isAssignableFrom(keySpec)) {
java.security.interfaces.DSAPublicKey dsaPubKey = (java.security.interfaces.DSAPublicKey) key;
params = dsaPubKey.getParams();
return keySpec.cast(new DSAPublicKeySpec(dsaPubKey.getY(), params.getP(), params.getQ(), params.getG()));
} else if (x509KeySpec.isAssignableFrom(keySpec)) {
return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
} else {
throw new InvalidKeySpecException("Inappropriate key specification");
}
} else if (key instanceof java.security.interfaces.DSAPrivateKey) {
// Determine valid key specs
Class<?> dsaPrivKeySpec = Class.forName("java.security.spec.DSAPrivateKeySpec");
Class<?> pkcs8KeySpec = Class.forName("java.security.spec.PKCS8EncodedKeySpec");
if (dsaPrivKeySpec.isAssignableFrom(keySpec)) {
java.security.interfaces.DSAPrivateKey dsaPrivKey = (java.security.interfaces.DSAPrivateKey) key;
params = dsaPrivKey.getParams();
return keySpec.cast(new DSAPrivateKeySpec(dsaPrivKey.getX(), params.getP(), params.getQ(), params.getG()));
} else if (pkcs8KeySpec.isAssignableFrom(keySpec)) {
return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
} else {
throw new InvalidKeySpecException("Inappropriate key specification");
}
} else {
throw new InvalidKeySpecException("Inappropriate key type");
}
} catch (ClassNotFoundException e) {
throw new InvalidKeySpecException("Unsupported key specification: " + e.getMessage());
}
}
Aggregations