Example 36 with RSAKeyGenParameterSpec
use of java.security.spec.RSAKeyGenParameterSpec in project android_frameworks_base by ResurrectionRemix.
the class AndroidKeyPairGeneratorTest method assertKeyPairCorrect.
private void assertKeyPairCorrect(KeyPair pair, String alias, String keyType, int keySize, AlgorithmParameterSpec spec, X500Principal dn, BigInteger serial, Date start, Date end) throws Exception {
final PublicKey pubKey = pair.getPublic();
assertNotNull("The PublicKey for the KeyPair should be not null", pubKey);
assertEquals(keyType, pubKey.getAlgorithm());
if ("EC".equalsIgnoreCase(keyType)) {
assertEquals("Curve should be what was specified during initialization", keySize, ((ECPublicKey) pubKey).getParams().getCurve().getField().getFieldSize());
} else if ("RSA".equalsIgnoreCase(keyType)) {
RSAPublicKey rsaPubKey = (RSAPublicKey) pubKey;
assertEquals("Modulus size should be what is specified during initialization", (keySize + 7) & ~7, (rsaPubKey.getModulus().bitLength() + 7) & ~7);
if (spec != null) {
RSAKeyGenParameterSpec params = (RSAKeyGenParameterSpec) spec;
assertEquals((keySize + 7) & ~7, (params.getKeysize() + 7) & ~7);
assertEquals(params.getPublicExponent(), rsaPubKey.getPublicExponent());
}
}
final PrivateKey privKey = pair.getPrivate();
assertNotNull("The PrivateKey for the KeyPair should be not null", privKey);
assertEquals(keyType, privKey.getAlgorithm());
if ("EC".equalsIgnoreCase(keyType)) {
assertTrue("EC private key must be instanceof ECKey: " + privKey.getClass().getName(), privKey instanceof ECKey);
assertEquals("Private and public key must have the same EC parameters", ((ECKey) pubKey).getParams(), ((ECKey) privKey).getParams());
} else if ("RSA".equalsIgnoreCase(keyType)) {
assertTrue("RSA private key must be instance of RSAKey: " + privKey.getClass().getName(), privKey instanceof RSAKey);
assertEquals("Private and public key must have the same RSA modulus", ((RSAKey) pubKey).getModulus(), ((RSAKey) privKey).getModulus());
}
final byte[] userCertBytes = mAndroidKeyStore.get(Credentials.USER_CERTIFICATE + alias);
assertNotNull("The user certificate should exist for the generated entry", userCertBytes);
final CertificateFactory cf = CertificateFactory.getInstance("X.509");
final Certificate userCert = cf.generateCertificate(new ByteArrayInputStream(userCertBytes));
assertTrue("Certificate should be in X.509 format", userCert instanceof X509Certificate);
final X509Certificate x509userCert = (X509Certificate) userCert;
assertEquals("Public key used to sign certificate should have the same algorithm as in KeyPair", pubKey.getAlgorithm(), x509userCert.getPublicKey().getAlgorithm());
assertEquals("PublicKey used to sign certificate should match one returned in KeyPair", pubKey, AndroidKeyStoreProvider.getAndroidKeyStorePublicKey(Credentials.USER_PRIVATE_KEY + alias, KeyStore.UID_SELF, x509userCert.getPublicKey().getAlgorithm(), x509userCert.getPublicKey().getEncoded()));
assertEquals("The Subject DN should be the one passed into the params", dn, x509userCert.getSubjectDN());
assertEquals("The Issuer DN should be the same as the Subject DN", dn, x509userCert.getIssuerDN());
assertEquals("The Serial should be the one passed into the params", serial, x509userCert.getSerialNumber());
assertDateEquals("The notBefore date should be the one passed into the params", start, x509userCert.getNotBefore());
assertDateEquals("The notAfter date should be the one passed into the params", end, x509userCert.getNotAfter());
// Assert that the cert's signature verifies using the public key from generated KeyPair
x509userCert.verify(pubKey);
// Assert that the cert's signature verifies using the public key from the cert itself.
x509userCert.verify(x509userCert.getPublicKey());
final byte[] caCerts = mAndroidKeyStore.get(Credentials.CA_CERTIFICATE + alias);
assertNull("A list of CA certificates should not exist for the generated entry", caCerts);
ExportResult exportResult = mAndroidKeyStore.exportKey(Credentials.USER_PRIVATE_KEY + alias, KeymasterDefs.KM_KEY_FORMAT_X509, null, null);
assertEquals(KeyStore.NO_ERROR, exportResult.resultCode);
final byte[] pubKeyBytes = exportResult.exportData;
assertNotNull("The keystore should return the public key for the generated key", pubKeyBytes);
assertTrue("Public key X.509 format should be as expected", Arrays.equals(pubKey.getEncoded(), pubKeyBytes));
}
Also used :
RSAKey(java.security.interfaces.RSAKey)
PrivateKey(java.security.PrivateKey)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
PublicKey(java.security.PublicKey)
ECPublicKey(java.security.interfaces.ECPublicKey)
RSAKeyGenParameterSpec(java.security.spec.RSAKeyGenParameterSpec)
ECKey(java.security.interfaces.ECKey)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
ECPublicKey(java.security.interfaces.ECPublicKey)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
ExportResult(android.security.keymaster.ExportResult)
Example 37 with RSAKeyGenParameterSpec
use of java.security.spec.RSAKeyGenParameterSpec in project android_frameworks_base by ResurrectionRemix.
the class AndroidKeyPairGeneratorTest method testKeyPairGenerator_GenerateKeyPair_RSA_WithParams_Unencrypted_Success.
public void testKeyPairGenerator_GenerateKeyPair_RSA_WithParams_Unencrypted_Success() throws Exception {
AlgorithmParameterSpec spec = new RSAKeyGenParameterSpec(1024, BigInteger.valueOf(3L));
mGenerator.initialize(new KeyPairGeneratorSpec.Builder(getContext()).setAlias(TEST_ALIAS_1).setKeySize(1024).setAlgorithmParameterSpec(spec).setSubject(TEST_DN_1).setSerialNumber(TEST_SERIAL_1).setStartDate(NOW).setEndDate(NOW_PLUS_10_YEARS).build());
final KeyPair pair = mGenerator.generateKeyPair();
assertNotNull("The KeyPair returned should not be null", pair);
assertKeyPairCorrect(pair, TEST_ALIAS_1, "RSA", 1024, spec, TEST_DN_1, TEST_SERIAL_1, NOW, NOW_PLUS_10_YEARS);
}
Also used :
KeyPairGeneratorSpec(android.security.KeyPairGeneratorSpec)
KeyPair(java.security.KeyPair)
RSAKeyGenParameterSpec(java.security.spec.RSAKeyGenParameterSpec)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
Example 38 with RSAKeyGenParameterSpec
use of java.security.spec.RSAKeyGenParameterSpec in project jdk8u_jdk by JetBrains.
the class RSAKeyPairGenerator method initialize.
// second initialize method. See JCA doc.
public void initialize(AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException {
if (params instanceof RSAKeyGenParameterSpec == false) {
throw new InvalidAlgorithmParameterException("Params must be instance of RSAKeyGenParameterSpec");
}
RSAKeyGenParameterSpec rsaSpec = (RSAKeyGenParameterSpec) params;
int tmpKeySize = rsaSpec.getKeysize();
BigInteger tmpPublicExponent = rsaSpec.getPublicExponent();
if (tmpPublicExponent == null) {
tmpPublicExponent = RSAKeyGenParameterSpec.F4;
} else {
if (tmpPublicExponent.compareTo(RSAKeyGenParameterSpec.F0) < 0) {
throw new InvalidAlgorithmParameterException("Public exponent must be 3 or larger");
}
if (tmpPublicExponent.bitLength() > tmpKeySize) {
throw new InvalidAlgorithmParameterException("Public exponent must be smaller than key size");
}
}
// do not allow unreasonably large key sizes, probably user error
try {
RSAKeyFactory.checkKeyLengths(tmpKeySize, tmpPublicExponent, 512, 64 * 1024);
} catch (InvalidKeyException e) {
throw new InvalidAlgorithmParameterException("Invalid key sizes", e);
}
this.keySize = tmpKeySize;
this.publicExponent = tmpPublicExponent;
this.random = random;
}
Also used :
RSAKeyGenParameterSpec(java.security.spec.RSAKeyGenParameterSpec)
BigInteger(java.math.BigInteger)
Example 39 with RSAKeyGenParameterSpec
use of java.security.spec.RSAKeyGenParameterSpec in project jdk8u_jdk by JetBrains.
the class GenerateRSAKeyPair method main.
public static void main(String[] args) throws Exception {
RSAKeyGenParameterSpec rsaSpec = new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F4);
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "SunRsaSign");
kpg.initialize(rsaSpec);
// test generateKeyPair
KeyPair kpair = kpg.generateKeyPair();
if (kpair == null) {
throw new Exception("no keypair generated");
}
}
Also used :
KeyPair(java.security.KeyPair)
RSAKeyGenParameterSpec(java.security.spec.RSAKeyGenParameterSpec)
KeyPairGenerator(java.security.KeyPairGenerator)
Example 40 with RSAKeyGenParameterSpec
use of java.security.spec.RSAKeyGenParameterSpec in project android_frameworks_base by crdroidandroid.
the class AndroidKeyPairGeneratorTest method testKeyPairGenerator_GenerateKeyPair_RSA_WithParams_Unencrypted_Success.
public void testKeyPairGenerator_GenerateKeyPair_RSA_WithParams_Unencrypted_Success() throws Exception {
AlgorithmParameterSpec spec = new RSAKeyGenParameterSpec(1024, BigInteger.valueOf(3L));
mGenerator.initialize(new KeyPairGeneratorSpec.Builder(getContext()).setAlias(TEST_ALIAS_1).setKeySize(1024).setAlgorithmParameterSpec(spec).setSubject(TEST_DN_1).setSerialNumber(TEST_SERIAL_1).setStartDate(NOW).setEndDate(NOW_PLUS_10_YEARS).build());
final KeyPair pair = mGenerator.generateKeyPair();
assertNotNull("The KeyPair returned should not be null", pair);
assertKeyPairCorrect(pair, TEST_ALIAS_1, "RSA", 1024, spec, TEST_DN_1, TEST_SERIAL_1, NOW, NOW_PLUS_10_YEARS);
}
Also used :
KeyPairGeneratorSpec(android.security.KeyPairGeneratorSpec)
KeyPair(java.security.KeyPair)
RSAKeyGenParameterSpec(java.security.spec.RSAKeyGenParameterSpec)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
Aggregations
RSAKeyGenParameterSpec (java.security.spec.RSAKeyGenParameterSpec)48
BigInteger (java.math.BigInteger)22
AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)19
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)14
KeyPair (java.security.KeyPair)14
KeyPairGenerator (java.security.KeyPairGenerator)12
RSAPublicKey (java.security.interfaces.RSAPublicKey)12
ECPublicKey (java.security.interfaces.ECPublicKey)7
PublicKey (java.security.PublicKey)6
KeyPairGeneratorSpec (android.security.KeyPairGeneratorSpec)5
ExportResult (android.security.keymaster.ExportResult)5
ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5
DERBitString (com.android.org.bouncycastle.asn1.DERBitString)5
DERInteger (com.android.org.bouncycastle.asn1.DERInteger)5
ByteArrayInputStream (java.io.ByteArrayInputStream)5
InvalidKeyException (java.security.InvalidKeyException)5
PrivateKey (java.security.PrivateKey)5
ProviderException (java.security.ProviderException)5
Certificate (java.security.cert.Certificate)5
CertificateFactory (java.security.cert.CertificateFactory)5
