use of javax.crypto.interfaces.DHPublicKey in project derby by apache.
the class EncryptionManager method obtainPublicKey.
// This method generates the public key and returns it. This
// shared public key is the application requester's connection key and will
// be exchanged with the application server's connection key. This connection
// key will be put in the sectkn in ACCSEC command and send to the application
// server.
// @param null
// @return a byte array that is the application requester's public key
public byte[] obtainPublicKey() {
// we need to get the plain form public key because PROTOCOL accepts plain form
// public key only.
BigInteger aPub = ((DHPublicKey) keyPair_.getPublic()).getY();
byte[] aPubKey = aPub.toByteArray();
// we will just trim off the first byte (0) and get the rest of 32 bytes.
if (aPubKey.length == 33 && aPubKey[0] == 0) {
// System.out.println ("Adjust length");
byte[] newKey = new byte[32];
for (int i = 0; i < newKey.length; i++) {
newKey[i] = aPubKey[i + 1];
}
return newKey;
}
// is less than 32, we will pad 0 in the beginning to make the public key 32 bytes
if (aPubKey.length < 32) {
byte[] newKey = new byte[32];
int i;
for (i = 0; i < 32 - aPubKey.length; i++) {
newKey[i] = 0;
}
for (int j = i; j < newKey.length; j++) {
newKey[j] = aPubKey[j - i];
}
return newKey;
}
return aPubKey;
}
use of javax.crypto.interfaces.DHPublicKey in project derby by apache.
the class DecryptionManager method obtainPublicKey.
/**
* This method generates the public key and returns it. This
* shared public key is the application server's connection key and will
* be exchanged with the application requester's connection key. This connection
* key will be put in the sectkn in ACCSECRD command and send to the application
* requester.
*
* @return a byte array that is the application server's public key
*/
public byte[] obtainPublicKey() {
// The encoded public key
byte[] publicEnc = keyPair_.getPublic().getEncoded();
// we need to get the plain form public key because DRDA accepts plain form
// public key only.
BigInteger aPub = ((DHPublicKey) keyPair_.getPublic()).getY();
byte[] aPubKey = aPub.toByteArray();
// we will just trim off the first byte (0) and get the rest of 32 bytes.
if (aPubKey.length == 33 && aPubKey[0] == 0) {
byte[] newKey = new byte[32];
for (int i = 0; i < newKey.length; i++) newKey[i] = aPubKey[i + 1];
return newKey;
}
// is less than 32, we will pad 0 in the beginning to make the public key 32 bytes
if (aPubKey.length < 32) {
byte[] newKey = new byte[32];
int i;
for (i = 0; i < 32 - aPubKey.length; i++) {
newKey[i] = 0;
}
for (int j = i; j < newKey.length; j++) newKey[j] = aPubKey[j - i];
return newKey;
}
return aPubKey;
}
use of javax.crypto.interfaces.DHPublicKey in project ofbiz-framework by apache.
the class ValueLinkApi method outputKeyCreation.
private StringBuffer outputKeyCreation(int loop, boolean kekOnly, String kekTest) {
StringBuffer buf = new StringBuffer();
loop++;
if (loop > 100) {
// only loop 100 times; then throw an exception
throw new IllegalStateException("Unable to create 128 byte keys in 100 tries");
}
// place holder for the keys
DHPrivateKey privateKey = null;
DHPublicKey publicKey = null;
if (!kekOnly) {
KeyPair keyPair = null;
try {
keyPair = this.createKeys();
} catch (NoSuchAlgorithmException e) {
Debug.logError(e, module);
} catch (InvalidAlgorithmParameterException e) {
Debug.logError(e, module);
} catch (InvalidKeySpecException e) {
Debug.logError(e, module);
}
if (keyPair != null) {
publicKey = (DHPublicKey) keyPair.getPublic();
privateKey = (DHPrivateKey) keyPair.getPrivate();
if (publicKey == null || publicKey.getY().toByteArray().length != 128) {
// run again until we get a 128 byte public key for VL
return this.outputKeyCreation(loop, kekOnly, kekTest);
}
} else {
Debug.logInfo("Returned a null KeyPair", module);
return this.outputKeyCreation(loop, kekOnly, kekTest);
}
} else {
// use our existing private key to generate a KEK
try {
privateKey = (DHPrivateKey) this.getPrivateKey();
} catch (Exception e) {
Debug.logError(e, module);
}
}
// the KEK
byte[] kekBytes = null;
try {
kekBytes = this.generateKek(privateKey);
} catch (NoSuchAlgorithmException e) {
Debug.logError(e, module);
} catch (InvalidKeySpecException e) {
Debug.logError(e, module);
} catch (InvalidKeyException e) {
Debug.logError(e, module);
}
// the 3DES KEK value
SecretKey loadedKek = this.getDesEdeKey(kekBytes);
byte[] loadKekBytes = loadedKek.getEncoded();
// test the KEK
Cipher cipher = this.getCipher(this.getKekKey(), Cipher.ENCRYPT_MODE);
byte[] kekTestB = { 0, 0, 0, 0, 0, 0, 0, 0 };
byte[] kekTestC = new byte[0];
if (kekTest != null) {
kekTestB = StringUtil.fromHexString(kekTest);
}
// encrypt the test bytes
try {
kekTestC = cipher.doFinal(kekTestB);
} catch (Exception e) {
Debug.logError(e, module);
}
if (!kekOnly) {
// public key (just Y)
BigInteger y = publicKey.getY();
byte[] yBytes = y.toByteArray();
String yHex = StringUtil.toHexString(yBytes);
buf.append("======== Begin Public Key (Y @ ").append(yBytes.length).append(" / ").append(yHex.length()).append(") ========\n");
buf.append(yHex).append("\n");
buf.append("======== End Public Key ========\n\n");
// private key (just X)
BigInteger x = privateKey.getX();
byte[] xBytes = x.toByteArray();
String xHex = StringUtil.toHexString(xBytes);
buf.append("======== Begin Private Key (X @ ").append(xBytes.length).append(" / ").append(xHex.length()).append(") ========\n");
buf.append(xHex).append("\n");
buf.append("======== End Private Key ========\n\n");
// private key (full)
byte[] privateBytes = privateKey.getEncoded();
String privateHex = StringUtil.toHexString(privateBytes);
buf.append("======== Begin Private Key (Full @ ").append(privateBytes.length).append(" / ").append(privateHex.length()).append(") ========\n");
buf.append(privateHex).append("\n");
buf.append("======== End Private Key ========\n\n");
}
if (kekBytes != null) {
buf.append("======== Begin KEK (").append(kekBytes.length).append(") ========\n");
buf.append(StringUtil.toHexString(kekBytes)).append("\n");
buf.append("======== End KEK ========\n\n");
buf.append("======== Begin KEK (DES) (").append(loadKekBytes.length).append(") ========\n");
buf.append(StringUtil.toHexString(loadKekBytes)).append("\n");
buf.append("======== End KEK (DES) ========\n\n");
buf.append("======== Begin KEK Test (").append(kekTestC.length).append(") ========\n");
buf.append(StringUtil.toHexString(kekTestC)).append("\n");
buf.append("======== End KEK Test ========\n\n");
} else {
Debug.logError("KEK came back empty", module);
}
return buf;
}
use of javax.crypto.interfaces.DHPublicKey in project ofbiz-framework by apache.
the class ValueLinkApi method createKeys.
/**
* Create a set of public/private keys using ValueLinks defined parameters
* @return KeyPair object containing both public and private keys
* @throws NoSuchAlgorithmException
* @throws InvalidAlgorithmParameterException
*/
public KeyPair createKeys() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeySpecException {
// initialize the parameter spec
DHPublicKey publicKey = (DHPublicKey) this.getValueLinkPublicKey();
DHParameterSpec dhParamSpec = publicKey.getParams();
// create the public/private key pair using parameters defined by valuelink
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH");
keyGen.initialize(dhParamSpec);
KeyPair keyPair = keyGen.generateKeyPair();
return keyPair;
}
use of javax.crypto.interfaces.DHPublicKey in project remote-desktop-clients by iiordanov.
the class RFBSecurityARD method performDHKeyAgreement.
private DHResult performDHKeyAgreement(BigInteger prime, BigInteger generator, BigInteger peerKey, int keyLength) throws IOException {
// fetch instances of all needed Diffie-Hellman support classes
KeyPairGenerator keyPairGenerator;
KeyAgreement keyAgreement;
KeyFactory keyFactory;
try {
keyPairGenerator = KeyPairGenerator.getInstance("DH");
keyAgreement = KeyAgreement.getInstance("DH");
keyFactory = KeyFactory.getInstance("DH");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
throw new IOException(MSG_NO_SUPPORT + " (Diffie-Hellman)");
}
try {
// parse the peerKey
DHPublicKeySpec peerKeySpec = new DHPublicKeySpec(peerKey, prime, generator);
DHPublicKey peerPublicKey = (DHPublicKey) keyFactory.generatePublic(peerKeySpec);
// generate my public/private key pair
keyPairGenerator.initialize(new DHParameterSpec(prime, generator));
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// perform key agreement
keyAgreement.init(keyPair.getPrivate());
keyAgreement.doPhase(peerPublicKey, true);
// return the results
DHResult result = new DHResult();
result.publicKey = keyToBytes(keyPair.getPublic(), keyLength);
result.privateKey = keyToBytes(keyPair.getPrivate(), keyLength);
result.secretKey = keyAgreement.generateSecret();
return result;
} catch (GeneralSecurityException e) {
e.printStackTrace();
throw new IOException(MSG_ERROR + " (Key agreement)");
}
}
Aggregations