Examples with RSAKeyGenParameterSpec java.security.spec.RSAKeyGenParameterSpec used on opensource projects

Search in sources :

Example 46 with RSAKeyGenParameterSpec

use of java.security.spec.RSAKeyGenParameterSpec in project wycheproof by google.

the class RsaPssTest method testEncodeDecodePublic.

/**
 * Tries encoding and decoding of RSASSA-PSS keys generated with RSASSA-PSS.
 *
 * RSASSA-PSS keys contain the PSSParameters, hence their encodings are
 * somewhat different than plain RSA keys.
 */
@NoPresubmitTest(providers = { ProviderType.OPENJDK }, bugs = { "b/120406853" })
@Test
public void testEncodeDecodePublic() throws Exception {
    int keySizeInBits = 2048;
    PublicKey pub;
    try {
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSASSA-PSS");
        keyGen.initialize(keySizeInBits);
        KeyPair keypair = keyGen.genKeyPair();
        pub = keypair.getPublic();
    } catch (NoSuchAlgorithmException ex) {
        System.out.println("Key generation for RSASSA-PSS is not supported.");
        return;
    }
    byte[] encoded = pub.getEncoded();
    assertEquals("The test assumes that the public key is in X.509 format", "X.509", pub.getFormat());
    System.out.println("Generated RSA-PSS key");
    System.out.println(TestUtil.bytesToHex(encoded));
    KeyFactory kf = KeyFactory.getInstance("RSASSA-PSS");
    X509EncodedKeySpec spec = new X509EncodedKeySpec(encoded);
    kf.generatePublic(spec);
    // Tries to generate another pair or keys. This time the generator is given an
    // RSAKeyGenParameterSpec containing the key size an the PSS parameters.
    String sha = "SHA-256";
    String mgf = "MGF1";
    int saltLength = 20;
    try {
        RSAKeyGenParameterSpec params = getPssAlgorithmParameters(keySizeInBits, sha, mgf, sha, saltLength);
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSASSA-PSS");
        keyGen.initialize(params);
        KeyPair keypair = keyGen.genKeyPair();
        pub = keypair.getPublic();
    } catch (NoSuchAlgorithmException | NoSuchMethodException ex) {
        System.out.println("Key generation for RSASSA-PSS is not supported.");
        return;
    }
    byte[] encoded2 = pub.getEncoded();
    System.out.println("Generated RSA-PSS key with PSS parameters");
    System.out.println(TestUtil.bytesToHex(encoded2));
    X509EncodedKeySpec spec2 = new X509EncodedKeySpec(encoded2);
    kf.generatePublic(spec2);
}
Also used : KeyPair(java.security.KeyPair) PublicKey(java.security.PublicKey) RSAKeyGenParameterSpec(java.security.spec.RSAKeyGenParameterSpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) KeyPairGenerator(java.security.KeyPairGenerator) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyFactory(java.security.KeyFactory) Test(org.junit.Test) NoPresubmitTest(com.google.security.wycheproof.WycheproofRunner.NoPresubmitTest) NoPresubmitTest(com.google.security.wycheproof.WycheproofRunner.NoPresubmitTest)

Example 47 with RSAKeyGenParameterSpec

use of java.security.spec.RSAKeyGenParameterSpec in project wycheproof by google.

the class RsaPssTest method getPssAlgorithmParameters.

/**
 * Returns an AlgorithmParameterSpec for generating a RSASSA-PSS key,
 * which include the PSSParameters.
 * Requires jdk11.
 *
 * @param keySizeInBits the size of the modulus in bits.
 * @param sha the name of the hash function for hashing the input (e.g. "SHA-256")
 * @param mgf the name of the mask generating function (typically "MGF1")
 * @param mgfSha the name of the hash function for the mask generating function
 *        (typically the same as sha).
 * @param saltLength the length of the salt in bytes (typically the digest size of sha,
 *        i.e. 32 for "SHA-256")
 * @throws NoSuchMethodException if the AlgorithmParameterSpec is not
 *   supported (i.e. this happens before jdk11).
 */
public RSAKeyGenParameterSpec getPssAlgorithmParameters(int keySizeInBits, String sha, String mgf, String mgfSha, int saltLength) throws Exception {
    BigInteger publicExponent = new BigInteger("65537");
    PSSParameterSpec params = new PSSParameterSpec(sha, mgf, new MGF1ParameterSpec(mgfSha), saltLength, 1);
    // Uses reflection to call
    // public RSAKeyGenParameterSpec(int keysize, BigInteger publicExponent,
    // AlgorithmParameterSpec keyParams)
    // because this method is only supported in jdk11. This throws a NoSuchMethodException
    // for older jdks.
    Constructor<RSAKeyGenParameterSpec> c = RSAKeyGenParameterSpec.class.getConstructor(int.class, BigInteger.class, AlgorithmParameterSpec.class);
    return c.newInstance(keySizeInBits, publicExponent, params);
}
Also used : PSSParameterSpec(java.security.spec.PSSParameterSpec) BigInteger(java.math.BigInteger) RSAKeyGenParameterSpec(java.security.spec.RSAKeyGenParameterSpec) MGF1ParameterSpec(java.security.spec.MGF1ParameterSpec)

Example 48 with RSAKeyGenParameterSpec

use of java.security.spec.RSAKeyGenParameterSpec in project tink by google.

the class JwtRsaSsaPkcs1SignKeyManager method keyFactory.

@Override
public KeyFactory<JwtRsaSsaPkcs1KeyFormat, JwtRsaSsaPkcs1PrivateKey> keyFactory() {
    return new KeyFactory<JwtRsaSsaPkcs1KeyFormat, JwtRsaSsaPkcs1PrivateKey>(JwtRsaSsaPkcs1KeyFormat.class) {

        @Override
        public void validateKeyFormat(JwtRsaSsaPkcs1KeyFormat keyFormat) throws GeneralSecurityException {
            Validators.validateRsaModulusSize(keyFormat.getModulusSizeInBits());
            Validators.validateRsaPublicExponent(new BigInteger(1, keyFormat.getPublicExponent().toByteArray()));
        }

        @Override
        public JwtRsaSsaPkcs1KeyFormat parseKeyFormat(ByteString byteString) throws InvalidProtocolBufferException {
            return JwtRsaSsaPkcs1KeyFormat.parseFrom(byteString, ExtensionRegistryLite.getEmptyRegistry());
        }

        @Override
        public JwtRsaSsaPkcs1PrivateKey deriveKey(JwtRsaSsaPkcs1KeyFormat format, InputStream inputStream) {
            throw new UnsupportedOperationException();
        }

        @Override
        public JwtRsaSsaPkcs1PrivateKey createKey(JwtRsaSsaPkcs1KeyFormat format) throws GeneralSecurityException {
            JwtRsaSsaPkcs1Algorithm algorithm = format.getAlgorithm();
            KeyPairGenerator keyGen = EngineFactory.KEY_PAIR_GENERATOR.getInstance("RSA");
            RSAKeyGenParameterSpec spec = new RSAKeyGenParameterSpec(format.getModulusSizeInBits(), new BigInteger(1, format.getPublicExponent().toByteArray()));
            keyGen.initialize(spec);
            KeyPair keyPair = keyGen.generateKeyPair();
            RSAPublicKey pubKey = (RSAPublicKey) keyPair.getPublic();
            RSAPrivateCrtKey privKey = (RSAPrivateCrtKey) keyPair.getPrivate();
            // Creates JwtRsaSsaPkcs1PublicKey.
            JwtRsaSsaPkcs1PublicKey pkcs1PubKey = JwtRsaSsaPkcs1PublicKey.newBuilder().setVersion(getVersion()).setAlgorithm(algorithm).setE(ByteString.copyFrom(pubKey.getPublicExponent().toByteArray())).setN(ByteString.copyFrom(pubKey.getModulus().toByteArray())).build();
            // Creates JwtRsaSsaPkcs1PrivateKey.
            return JwtRsaSsaPkcs1PrivateKey.newBuilder().setVersion(getVersion()).setPublicKey(pkcs1PubKey).setD(ByteString.copyFrom(privKey.getPrivateExponent().toByteArray())).setP(ByteString.copyFrom(privKey.getPrimeP().toByteArray())).setQ(ByteString.copyFrom(privKey.getPrimeQ().toByteArray())).setDp(ByteString.copyFrom(privKey.getPrimeExponentP().toByteArray())).setDq(ByteString.copyFrom(privKey.getPrimeExponentQ().toByteArray())).setCrt(ByteString.copyFrom(privKey.getCrtCoefficient().toByteArray())).build();
        }

        /**
         * List of default templates to generate tokens with algorithms "RS256", "RS384" or "RS512".
         * Use the template with the "_RAW" suffix if you want to generate tokens without a "kid"
         * header.
         */
        @Override
        public Map<String, KeyFactory.KeyFormat<JwtRsaSsaPkcs1KeyFormat>> keyFormats() {
            Map<String, KeyFactory.KeyFormat<JwtRsaSsaPkcs1KeyFormat>> result = new HashMap<>();
            result.put("JWT_RS256_2048_F4_RAW", createKeyFormat(JwtRsaSsaPkcs1Algorithm.RS256, 2048, RSAKeyGenParameterSpec.F4, KeyTemplate.OutputPrefixType.RAW));
            result.put("JWT_RS256_2048_F4", createKeyFormat(JwtRsaSsaPkcs1Algorithm.RS256, 2048, RSAKeyGenParameterSpec.F4, KeyTemplate.OutputPrefixType.TINK));
            result.put("JWT_RS256_3072_F4_RAW", createKeyFormat(JwtRsaSsaPkcs1Algorithm.RS256, 3072, RSAKeyGenParameterSpec.F4, KeyTemplate.OutputPrefixType.RAW));
            result.put("JWT_RS256_3072_F4", createKeyFormat(JwtRsaSsaPkcs1Algorithm.RS256, 3072, RSAKeyGenParameterSpec.F4, KeyTemplate.OutputPrefixType.TINK));
            result.put("JWT_RS384_3072_F4_RAW", createKeyFormat(JwtRsaSsaPkcs1Algorithm.RS384, 3072, RSAKeyGenParameterSpec.F4, KeyTemplate.OutputPrefixType.RAW));
            result.put("JWT_RS384_3072_F4", createKeyFormat(JwtRsaSsaPkcs1Algorithm.RS384, 3072, RSAKeyGenParameterSpec.F4, KeyTemplate.OutputPrefixType.TINK));
            result.put("JWT_RS512_4096_F4_RAW", createKeyFormat(JwtRsaSsaPkcs1Algorithm.RS512, 4096, RSAKeyGenParameterSpec.F4, KeyTemplate.OutputPrefixType.RAW));
            result.put("JWT_RS512_4096_F4", createKeyFormat(JwtRsaSsaPkcs1Algorithm.RS512, 4096, RSAKeyGenParameterSpec.F4, KeyTemplate.OutputPrefixType.TINK));
            return Collections.unmodifiableMap(result);
        }
    };
}
Also used : KeyPair(java.security.KeyPair) RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey) HashMap(java.util.HashMap) JwtRsaSsaPkcs1KeyFormat(com.google.crypto.tink.proto.JwtRsaSsaPkcs1KeyFormat) ByteString(com.google.protobuf.ByteString) InputStream(java.io.InputStream) RSAKeyGenParameterSpec(java.security.spec.RSAKeyGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator) ByteString(com.google.protobuf.ByteString) JwtRsaSsaPkcs1PublicKey(com.google.crypto.tink.proto.JwtRsaSsaPkcs1PublicKey) JwtRsaSsaPkcs1KeyFormat(com.google.crypto.tink.proto.JwtRsaSsaPkcs1KeyFormat) RSAPublicKey(java.security.interfaces.RSAPublicKey) JwtRsaSsaPkcs1Algorithm(com.google.crypto.tink.proto.JwtRsaSsaPkcs1Algorithm) BigInteger(java.math.BigInteger)

Aggregations

RSAKeyGenParameterSpec (java.security.spec.RSAKeyGenParameterSpec)48 BigInteger (java.math.BigInteger)22 AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)19 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)14 KeyPair (java.security.KeyPair)14 KeyPairGenerator (java.security.KeyPairGenerator)12 RSAPublicKey (java.security.interfaces.RSAPublicKey)12 ECPublicKey (java.security.interfaces.ECPublicKey)7 PublicKey (java.security.PublicKey)6 KeyPairGeneratorSpec (android.security.KeyPairGeneratorSpec)5 ExportResult (android.security.keymaster.ExportResult)5 ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5 DERBitString (com.android.org.bouncycastle.asn1.DERBitString)5 DERInteger (com.android.org.bouncycastle.asn1.DERInteger)5 ByteArrayInputStream (java.io.ByteArrayInputStream)5 InvalidKeyException (java.security.InvalidKeyException)5 PrivateKey (java.security.PrivateKey)5 ProviderException (java.security.ProviderException)5 Certificate (java.security.cert.Certificate)5 CertificateFactory (java.security.cert.CertificateFactory)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial