use of java.security.spec.KeySpec in project hutool by looly.
the class KeyUtil method generateDESKey.
/**
* 生成 {@link SecretKey}
*
* @param algorithm DES算法,包括DES、DESede等
* @param key 密钥
* @return {@link SecretKey}
*/
public static SecretKey generateDESKey(String algorithm, byte[] key) {
if (StrUtil.isBlank(algorithm) || false == algorithm.startsWith("DES")) {
throw new CryptoException("Algorithm [{}] is not a DES algorithm!", algorithm);
}
SecretKey secretKey;
if (null == key) {
secretKey = generateKey(algorithm);
} else {
KeySpec keySpec;
try {
if (algorithm.startsWith("DESede")) {
// DESede兼容
keySpec = new DESedeKeySpec(key);
} else {
keySpec = new DESKeySpec(key);
}
} catch (InvalidKeyException e) {
throw new CryptoException(e);
}
secretKey = generateKey(algorithm, keySpec);
}
return secretKey;
}
use of java.security.spec.KeySpec in project karaf by apache.
the class PublickeyLoginModule method equals.
public static boolean equals(PublicKey key, String storedKey) throws FailedLoginException {
try {
DataInputStream dis = new DataInputStream(new ByteArrayInputStream(Base64.getDecoder().decode(storedKey)));
String identifier = readString(dis);
if (key instanceof DSAPublicKey) {
if (!"ssh-dss".equals(identifier)) {
return false;
}
BigInteger p = readBigInteger(dis);
BigInteger q = readBigInteger(dis);
BigInteger g = readBigInteger(dis);
BigInteger y = readBigInteger(dis);
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
KeySpec publicKeySpec = new DSAPublicKeySpec(y, p, q, g);
PublicKey generatedPublicKey = keyFactory.generatePublic(publicKeySpec);
return key.equals(generatedPublicKey);
} else if (key instanceof RSAKey) {
if (!"ssh-rsa".equals(identifier)) {
return false;
}
BigInteger exponent = readBigInteger(dis);
BigInteger modulus = readBigInteger(dis);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec publicKeySpec = new RSAPublicKeySpec(modulus, exponent);
PublicKey generatedPublicKey = keyFactory.generatePublic(publicKeySpec);
return key.equals(generatedPublicKey);
} else if (key instanceof ECPublicKey) {
String ecIdentifier = readString(dis);
if (!identifier.equals("ecdsa-sha2-" + ecIdentifier) || !nistSecMap.containsKey(ecIdentifier)) {
return false;
}
// Overall size of the x + y coordinates. We only support uncompressed points here, so
// to read x + y we ignore the "04" byte using (size - 1) / 2
int size = dis.readInt();
byte[] bytes = new byte[(size - 1) / 2];
dis.skipBytes(1);
dis.read(bytes, 0, bytes.length);
BigInteger x = new BigInteger(bytes);
dis.read(bytes, 0, bytes.length);
BigInteger y = new BigInteger(bytes);
KeyFactory keyFactory = KeyFactory.getInstance("EC");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC");
parameters.init(new ECGenParameterSpec(nistSecMap.get(ecIdentifier)));
ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
ECPoint pubPoint = new ECPoint(x, y);
KeySpec keySpec = new ECPublicKeySpec(pubPoint, ecParameters);
PublicKey generatedPublicKey = keyFactory.generatePublic(keySpec);
return key.equals(generatedPublicKey);
} else {
throw new FailedLoginException("Unsupported key type " + key.getClass().toString());
}
} catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException | InvalidParameterSpecException e) {
throw new FailedLoginException("Unable to check public key");
}
}
use of java.security.spec.KeySpec in project karaf by apache.
the class PublicKeyEncodingTest method testRSAKeys.
@Test
public void testRSAKeys() throws FailedLoginException, NoSuchAlgorithmException, InvalidKeySpecException {
// Generated using: ssh-keygen -t rsa
String storedKey = "AAAAB3NzaC1yc2EAAAADAQABAAABAQDGX4CpCL49sWHaIuDE4VbGkdTMhsDLV3b8MDZ37Llsx3kRBs/x7G3OhSvQPhI" + "jMNcbnUnCr+6O6poKjRcFI1Aj76TiSSYlvz9QbsWqc50ZwCuR39h6F9u8f9k62AV7IVA4aNVSJBFn2nOA00HOWvDDrU3ykG0cPeJcmP1l" + "PeOO9WJVG7dc37v3soZZniIH+uop/UFQ4Ga0zWy4xjggAy2rE2p0BYHchrJb43ovInh5cGgXx2vNVwURsAf0TAPJwn7GLNpMYr3IFbRC3" + "Tbe1wPdy9YM4rFlKL78o/dFbvUOH+Vd1BlYDofoxT4kHxod7W5wPALBr/Bm8CD2tR6OLLoD";
String knownModulus = "2504227846033126752625313329217708474924890377669312098933267135871562327792150810915433595733" + "979130785790337621243914845149325143098632580183245971502051291613503136182182218708721890923769091345704" + "119963221758691543226829294312457492456071842409242817598014777158790065648435489978774648853589909638928" + "448069481622573966178879417253888452317622624006445863588961367514293886664167742695648199055900918338245" + "701727653606086096756173044470526840851957391900922886984556493506186438991284463663361749451775578708454" + "0181594148839238901052763862484299588887844606103377160953183624788815045644521767391398467190125279747";
// Generate a PublicKey using the known values
BigInteger modulus = new BigInteger(knownModulus);
BigInteger exponent = new BigInteger("65537");
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec publicKeySpec = new RSAPublicKeySpec(modulus, exponent);
PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
assertTrue(PublickeyLoginModule.equals(publicKey, storedKey));
// Make sure a different stored key does not work
String differentKey = "AAAAB3NzaC1yc2EAAAADAQABAAABAQC9nIk6uBMouH2KhMZnnVhkEGC7ZdSOHZbCcmQSsvK3bl/Ly2yzvXNdqqRhlyv" + "Lv/Qjq0i4HnZsOUFAsfarYh8A0IP238AhTCoAeZf+ga+Mpm2uc+AOgDzwupfMYs6Zz81HWr1UsDr+LCOJkCC1/zzh5lub/Obif49j+nC1XX" + "0fT0AJ9BeGnR9HWg3m72SCUmWYMSYGwgfjNqTtqA9IHxCfEr29J8YO7HiJME3zwj0ok133RuZASEclTYXtJkKYvAzE6obhBPw7J6kqETJIH" + "0G0SkNjIm7cWThBalzyqcfydZ+0O+f/3LuSSp7EawaKu3g8mHkjt8b8ZxtjhgY0BZNV";
assertFalse(PublickeyLoginModule.equals(publicKey, differentKey));
}
use of java.security.spec.KeySpec in project karaf by apache.
the class PublicKeyEncodingTest method testRSA1024.
@Test
public void testRSA1024() throws FailedLoginException, NoSuchAlgorithmException, InvalidKeySpecException {
// Generated using: ssh-keygen -t rsa -b 1024
String storedKey = "AAAAB3NzaC1yc2EAAAADAQABAAAAgQCpvuUWHwGUbRtunzgNaiKo9varvw3rZ6xRwV37/tNsMcdE98T07zF3UiUzfm79vv" + "u6LrsMX6yzR3j1hSKxGtHoCuLO+wdx20Cxn+aqDsQsjTEgOE3SnqUhqX0aFRWs9GUo2sXRZooR7+5EKhSzFTmkgmx0b/FhlJQ2/Bdc9woZAw==";
String knownModulus = "1191994723232881252194746074531692276628392720352218105656446277364105948933208899459090143" + "34485583082055798404847857986526198262831735131892900109314572095535330090724020090628526184947685186417937" + "713630451839747221181072495928766941603698696083904958230358940260930311021743608730447712164571127205526640899";
// Generate a PublicKey using the known values
BigInteger modulus = new BigInteger(knownModulus);
BigInteger exponent = new BigInteger("65537");
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec publicKeySpec = new RSAPublicKeySpec(modulus, exponent);
PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
assertTrue(PublickeyLoginModule.equals(publicKey, storedKey));
// Make sure a different stored key does not work
String differentKey = "AAAAB3NzaC1yc2EAAAADAQABAAABAQC9nIk6uBMouH2KhMZnnVhkEGC7ZdSOHZbCcmQSsvK3bl/Ly2yzvXNdqqRhlyv" + "Lv/Qjq0i4HnZsOUFAsfarYh8A0IP238AhTCoAeZf+ga+Mpm2uc+AOgDzwupfMYs6Zz81HWr1UsDr+LCOJkCC1/zzh5lub/Obif49j+nC1XX" + "0fT0AJ9BeGnR9HWg3m72SCUmWYMSYGwgfjNqTtqA9IHxCfEr29J8YO7HiJME3zwj0ok133RuZASEclTYXtJkKYvAzE6obhBPw7J6kqETJIH" + "0G0SkNjIm7cWThBalzyqcfydZ+0O+f/3LuSSp7EawaKu3g8mHkjt8b8ZxtjhgY0BZNV";
assertFalse(PublickeyLoginModule.equals(publicKey, differentKey));
}
use of java.security.spec.KeySpec in project karaf by apache.
the class PublicKeyLoginModuleTest method testRSALogin.
@Test
public void testRSALogin() throws Exception {
Properties options = getLoginModuleOptions();
PublickeyLoginModule module = new PublickeyLoginModule();
Subject subject = new Subject();
String knownModulus = "2504227846033126752625313329217708474924890377669312098933267135871562327792150810915433595733" + "979130785790337621243914845149325143098632580183245971502051291613503136182182218708721890923769091345704" + "119963221758691543226829294312457492456071842409242817598014777158790065648435489978774648853589909638928" + "448069481622573966178879417253888452317622624006445863588961367514293886664167742695648199055900918338245" + "701727653606086096756173044470526840851957391900922886984556493506186438991284463663361749451775578708454" + "0181594148839238901052763862484299588887844606103377160953183624788815045644521767391398467190125279747";
// Generate a PublicKey using the known values
BigInteger modulus = new BigInteger(knownModulus);
BigInteger exponent = new BigInteger("65537");
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec publicKeySpec = new RSAPublicKeySpec(modulus, exponent);
PublicKey publicKey = keyFactory.generatePublic(publicKeySpec);
module.initialize(subject, new NamePubkeyCallbackHandler("rsa", publicKey), null, options);
assertEquals("Precondition", 0, subject.getPrincipals().size());
assertTrue(module.login());
assertTrue(module.commit());
assertFalse(subject.getPrincipals().isEmpty());
assertThat("rsa", isIn(names(subject.getPrincipals(UserPrincipal.class))));
assertThat("ssh", isIn(names(subject.getPrincipals(RolePrincipal.class))));
assertTrue(module.logout());
assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size());
}
Aggregations