Search in sources :

Example 61 with X509EncodedKeySpec

use of java.security.spec.X509EncodedKeySpec in project jdk8u_jdk by JetBrains.

the class CipherWithWrappingSpi method constructPublicKey.

/**
     * Construct a public key from its encoding.
     *
     * @param encodedKey the encoding of a public key.
     *
     * @param encodedKeyAlgorithm the algorithm the encodedKey is for.
     *
     * @return a public key constructed from the encodedKey.
     */
private final PublicKey constructPublicKey(byte[] encodedKey, String encodedKeyAlgorithm) throws InvalidKeyException, NoSuchAlgorithmException {
    PublicKey key = null;
    try {
        KeyFactory keyFactory = KeyFactory.getInstance(encodedKeyAlgorithm, SunJCE.getInstance());
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
        key = keyFactory.generatePublic(keySpec);
    } catch (NoSuchAlgorithmException nsae) {
        // provider which supports this algorithm
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(encodedKeyAlgorithm);
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
            key = keyFactory.generatePublic(keySpec);
        } catch (NoSuchAlgorithmException nsae2) {
            throw new NoSuchAlgorithmException("No installed providers " + "can create keys for the " + encodedKeyAlgorithm + "algorithm");
        } catch (InvalidKeySpecException ikse2) {
        // Should never happen.
        }
    } catch (InvalidKeySpecException ikse) {
    // Should never happen.
    }
    return key;
}
Also used : PublicKey(java.security.PublicKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory)

Example 62 with X509EncodedKeySpec

use of java.security.spec.X509EncodedKeySpec in project jdk8u_jdk by JetBrains.

the class DEREncodedKeyValue method getEncodedDER.

/**
     * Method getEncodedDER
     *
     * @return the public key
     * @throws XMLSecurityException
     */
protected byte[] getEncodedDER(PublicKey publicKey) throws XMLSecurityException {
    try {
        KeyFactory keyFactory = KeyFactory.getInstance(publicKey.getAlgorithm());
        X509EncodedKeySpec keySpec = keyFactory.getKeySpec(publicKey, X509EncodedKeySpec.class);
        return keySpec.getEncoded();
    } catch (NoSuchAlgorithmException e) {
        Object[] exArgs = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
        throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedPublicKey", exArgs, e);
    } catch (InvalidKeySpecException e) {
        Object[] exArgs = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
        throw new XMLSecurityException("DEREncodedKeyValue.UnsupportedPublicKey", exArgs, e);
    }
}
Also used : X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory) XMLSecurityException(com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)

Example 63 with X509EncodedKeySpec

use of java.security.spec.X509EncodedKeySpec in project android_frameworks_base by crdroidandroid.

the class AndroidKeyStoreCipherSpiBase method engineWrap.

@Override
protected final byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException {
    if (mKey == null) {
        throw new IllegalStateException("Not initilized");
    }
    if (!isEncrypting()) {
        throw new IllegalStateException("Cipher must be initialized in Cipher.WRAP_MODE to wrap keys");
    }
    if (key == null) {
        throw new NullPointerException("key == null");
    }
    byte[] encoded = null;
    if (key instanceof SecretKey) {
        if ("RAW".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(key.getAlgorithm());
                SecretKeySpec spec = (SecretKeySpec) keyFactory.getKeySpec((SecretKey) key, SecretKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else if (key instanceof PrivateKey) {
        if ("PKCS8".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
                PKCS8EncodedKeySpec spec = keyFactory.getKeySpec(key, PKCS8EncodedKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else if (key instanceof PublicKey) {
        if ("X.509".equalsIgnoreCase(key.getFormat())) {
            encoded = key.getEncoded();
        }
        if (encoded == null) {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
                X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
                encoded = spec.getEncoded();
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
            }
        }
    } else {
        throw new InvalidKeyException("Unsupported key type: " + key.getClass().getName());
    }
    if (encoded == null) {
        throw new InvalidKeyException("Failed to wrap key because it does not export its key material");
    }
    try {
        return engineDoFinal(encoded, 0, encoded.length);
    } catch (BadPaddingException e) {
        throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
    }
}
Also used : PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) SecretKey(javax.crypto.SecretKey) SecretKeySpec(javax.crypto.spec.SecretKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SecretKeyFactory(javax.crypto.SecretKeyFactory) SecretKeyFactory(javax.crypto.SecretKeyFactory) KeyFactory(java.security.KeyFactory)

Example 64 with X509EncodedKeySpec

use of java.security.spec.X509EncodedKeySpec in project android_frameworks_base by crdroidandroid.

the class AndroidKeyStoreKeyFactorySpi method engineGetKeySpec.

@Override
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpecClass) throws InvalidKeySpecException {
    if (key == null) {
        throw new InvalidKeySpecException("key == null");
    } else if ((!(key instanceof AndroidKeyStorePrivateKey)) && (!(key instanceof AndroidKeyStorePublicKey))) {
        throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". This KeyFactory supports only Android Keystore asymmetric keys");
    }
    if (keySpecClass == null) {
        throw new InvalidKeySpecException("keySpecClass == null");
    } else if (KeyInfo.class.equals(keySpecClass)) {
        if (!(key instanceof AndroidKeyStorePrivateKey)) {
            throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". KeyInfo can be obtained only for Android Keystore private keys");
        }
        AndroidKeyStorePrivateKey keystorePrivateKey = (AndroidKeyStorePrivateKey) key;
        String keyAliasInKeystore = keystorePrivateKey.getAlias();
        String entryAlias;
        if (keyAliasInKeystore.startsWith(Credentials.USER_PRIVATE_KEY)) {
            entryAlias = keyAliasInKeystore.substring(Credentials.USER_PRIVATE_KEY.length());
        } else {
            throw new InvalidKeySpecException("Invalid key alias: " + keyAliasInKeystore);
        }
        @SuppressWarnings("unchecked") T result = (T) AndroidKeyStoreSecretKeyFactorySpi.getKeyInfo(mKeyStore, entryAlias, keyAliasInKeystore, keystorePrivateKey.getUid());
        return result;
    } else if (X509EncodedKeySpec.class.equals(keySpecClass)) {
        if (!(key instanceof AndroidKeyStorePublicKey)) {
            throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". X509EncodedKeySpec can be obtained only for Android Keystore public" + " keys");
        }
        @SuppressWarnings("unchecked") T result = (T) new X509EncodedKeySpec(((AndroidKeyStorePublicKey) key).getEncoded());
        return result;
    } else if (PKCS8EncodedKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStorePrivateKey) {
            throw new InvalidKeySpecException("Key material export of Android Keystore private keys is not supported");
        } else {
            throw new InvalidKeySpecException("Cannot export key material of public key in PKCS#8 format." + " Only X.509 format (X509EncodedKeySpec) supported for public keys.");
        }
    } else if (RSAPublicKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStoreRSAPublicKey) {
            AndroidKeyStoreRSAPublicKey rsaKey = (AndroidKeyStoreRSAPublicKey) key;
            @SuppressWarnings("unchecked") T result = (T) new RSAPublicKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent());
            return result;
        } else {
            throw new InvalidKeySpecException("Obtaining RSAPublicKeySpec not supported for " + key.getAlgorithm() + " " + ((key instanceof AndroidKeyStorePrivateKey) ? "private" : "public") + " key");
        }
    } else if (ECPublicKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStoreECPublicKey) {
            AndroidKeyStoreECPublicKey ecKey = (AndroidKeyStoreECPublicKey) key;
            @SuppressWarnings("unchecked") T result = (T) new ECPublicKeySpec(ecKey.getW(), ecKey.getParams());
            return result;
        } else {
            throw new InvalidKeySpecException("Obtaining ECPublicKeySpec not supported for " + key.getAlgorithm() + " " + ((key instanceof AndroidKeyStorePrivateKey) ? "private" : "public") + " key");
        }
    } else {
        throw new InvalidKeySpecException("Unsupported key spec: " + keySpecClass.getName());
    }
}
Also used : X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) ECPublicKeySpec(java.security.spec.ECPublicKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException)

Example 65 with X509EncodedKeySpec

use of java.security.spec.X509EncodedKeySpec in project android_frameworks_base by crdroidandroid.

the class AndroidKeyStoreProvider method getAndroidKeyStorePublicKey.

@NonNull
public static AndroidKeyStorePublicKey getAndroidKeyStorePublicKey(@NonNull String alias, int uid, @NonNull @KeyProperties.KeyAlgorithmEnum String keyAlgorithm, @NonNull byte[] x509EncodedForm) {
    PublicKey publicKey;
    try {
        KeyFactory keyFactory = KeyFactory.getInstance(keyAlgorithm);
        publicKey = keyFactory.generatePublic(new X509EncodedKeySpec(x509EncodedForm));
    } catch (NoSuchAlgorithmException e) {
        throw new ProviderException("Failed to obtain " + keyAlgorithm + " KeyFactory", e);
    } catch (InvalidKeySpecException e) {
        throw new ProviderException("Invalid X.509 encoding of public key", e);
    }
    if (KeyProperties.KEY_ALGORITHM_EC.equalsIgnoreCase(keyAlgorithm)) {
        return new AndroidKeyStoreECPublicKey(alias, uid, (ECPublicKey) publicKey);
    } else if (KeyProperties.KEY_ALGORITHM_RSA.equalsIgnoreCase(keyAlgorithm)) {
        return new AndroidKeyStoreRSAPublicKey(alias, uid, (RSAPublicKey) publicKey);
    } else {
        throw new ProviderException("Unsupported Android Keystore public key algorithm: " + keyAlgorithm);
    }
}
Also used : RSAPublicKey(java.security.interfaces.RSAPublicKey) ProviderException(java.security.ProviderException) NoSuchProviderException(java.security.NoSuchProviderException) RSAPublicKey(java.security.interfaces.RSAPublicKey) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory) NonNull(android.annotation.NonNull)

Aggregations

X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)162 KeyFactory (java.security.KeyFactory)112 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)93 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)80 PublicKey (java.security.PublicKey)65 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)45 InvalidKeyException (java.security.InvalidKeyException)30 PrivateKey (java.security.PrivateKey)27 IOException (java.io.IOException)26 RSAPublicKey (java.security.interfaces.RSAPublicKey)20 Signature (java.security.Signature)13 ByteArrayInputStream (java.io.ByteArrayInputStream)12 BigInteger (java.math.BigInteger)11 CertificateException (java.security.cert.CertificateException)10 X509Certificate (java.security.cert.X509Certificate)10 EncodedKeySpec (java.security.spec.EncodedKeySpec)10 SecretKey (javax.crypto.SecretKey)9 KeyPair (java.security.KeyPair)8 ECPublicKey (java.security.interfaces.ECPublicKey)8 EncryptionException (edu.umass.cs.gnscommon.exceptions.client.EncryptionException)7