Search in sources :

Example 11 with DHPublicKey

use of javax.crypto.interfaces.DHPublicKey in project derby by apache.

the class EncryptionManager method obtainPublicKey.

// This method generates the public key and returns it. This
// shared public key is the application requester's connection key and will
// be exchanged with the application server's connection key. This connection
// key will be put in the sectkn in ACCSEC command and send to the application
// server.
// @param   null
// @return  a byte array that is the application requester's public key
public byte[] obtainPublicKey() {
    // we need to get the plain form public key because PROTOCOL accepts plain form
    // public key only.
    BigInteger aPub = ((DHPublicKey) keyPair_.getPublic()).getY();
    byte[] aPubKey = aPub.toByteArray();
    // we will just trim off the first byte (0) and get the rest of 32 bytes.
    if (aPubKey.length == 33 && aPubKey[0] == 0) {
        // System.out.println ("Adjust length");
        byte[] newKey = new byte[32];
        for (int i = 0; i < newKey.length; i++) {
            newKey[i] = aPubKey[i + 1];
        }
        return newKey;
    }
    // is less than 32, we will pad 0 in the beginning to make the public key 32 bytes
    if (aPubKey.length < 32) {
        byte[] newKey = new byte[32];
        int i;
        for (i = 0; i < 32 - aPubKey.length; i++) {
            newKey[i] = 0;
        }
        for (int j = i; j < newKey.length; j++) {
            newKey[j] = aPubKey[j - i];
        }
        return newKey;
    }
    return aPubKey;
}
Also used : DHPublicKey(javax.crypto.interfaces.DHPublicKey) BigInteger(java.math.BigInteger)

Example 12 with DHPublicKey

use of javax.crypto.interfaces.DHPublicKey in project derby by apache.

the class DecryptionManager method obtainPublicKey.

/**
 * This method generates the public key and returns it. This
 * shared public key is the application server's connection key and will
 * be exchanged with the application requester's connection key. This connection
 * key will be put in the sectkn in ACCSECRD command and send to the application
 * requester.
 *
 * @return  a byte array that is the application server's public key
 */
public byte[] obtainPublicKey() {
    // The encoded public key
    byte[] publicEnc = keyPair_.getPublic().getEncoded();
    // we need to get the plain form public key because DRDA accepts plain form
    // public key only.
    BigInteger aPub = ((DHPublicKey) keyPair_.getPublic()).getY();
    byte[] aPubKey = aPub.toByteArray();
    // we will just trim off the first byte (0) and get the rest of 32 bytes.
    if (aPubKey.length == 33 && aPubKey[0] == 0) {
        byte[] newKey = new byte[32];
        for (int i = 0; i < newKey.length; i++) newKey[i] = aPubKey[i + 1];
        return newKey;
    }
    // is less than 32, we will pad 0 in the beginning to make the public key 32 bytes
    if (aPubKey.length < 32) {
        byte[] newKey = new byte[32];
        int i;
        for (i = 0; i < 32 - aPubKey.length; i++) {
            newKey[i] = 0;
        }
        for (int j = i; j < newKey.length; j++) newKey[j] = aPubKey[j - i];
        return newKey;
    }
    return aPubKey;
}
Also used : DHPublicKey(javax.crypto.interfaces.DHPublicKey) BigInteger(java.math.BigInteger)

Example 13 with DHPublicKey

use of javax.crypto.interfaces.DHPublicKey in project ofbiz-framework by apache.

the class ValueLinkApi method outputKeyCreation.

private StringBuffer outputKeyCreation(int loop, boolean kekOnly, String kekTest) {
    StringBuffer buf = new StringBuffer();
    loop++;
    if (loop > 100) {
        // only loop 100 times; then throw an exception
        throw new IllegalStateException("Unable to create 128 byte keys in 100 tries");
    }
    // place holder for the keys
    DHPrivateKey privateKey = null;
    DHPublicKey publicKey = null;
    if (!kekOnly) {
        KeyPair keyPair = null;
        try {
            keyPair = this.createKeys();
        } catch (NoSuchAlgorithmException e) {
            Debug.logError(e, module);
        } catch (InvalidAlgorithmParameterException e) {
            Debug.logError(e, module);
        } catch (InvalidKeySpecException e) {
            Debug.logError(e, module);
        }
        if (keyPair != null) {
            publicKey = (DHPublicKey) keyPair.getPublic();
            privateKey = (DHPrivateKey) keyPair.getPrivate();
            if (publicKey == null || publicKey.getY().toByteArray().length != 128) {
                // run again until we get a 128 byte public key for VL
                return this.outputKeyCreation(loop, kekOnly, kekTest);
            }
        } else {
            Debug.logInfo("Returned a null KeyPair", module);
            return this.outputKeyCreation(loop, kekOnly, kekTest);
        }
    } else {
        // use our existing private key to generate a KEK
        try {
            privateKey = (DHPrivateKey) this.getPrivateKey();
        } catch (Exception e) {
            Debug.logError(e, module);
        }
    }
    // the KEK
    byte[] kekBytes = null;
    try {
        kekBytes = this.generateKek(privateKey);
    } catch (NoSuchAlgorithmException e) {
        Debug.logError(e, module);
    } catch (InvalidKeySpecException e) {
        Debug.logError(e, module);
    } catch (InvalidKeyException e) {
        Debug.logError(e, module);
    }
    // the 3DES KEK value
    SecretKey loadedKek = this.getDesEdeKey(kekBytes);
    byte[] loadKekBytes = loadedKek.getEncoded();
    // test the KEK
    Cipher cipher = this.getCipher(this.getKekKey(), Cipher.ENCRYPT_MODE);
    byte[] kekTestB = { 0, 0, 0, 0, 0, 0, 0, 0 };
    byte[] kekTestC = new byte[0];
    if (kekTest != null) {
        kekTestB = StringUtil.fromHexString(kekTest);
    }
    // encrypt the test bytes
    try {
        kekTestC = cipher.doFinal(kekTestB);
    } catch (Exception e) {
        Debug.logError(e, module);
    }
    if (!kekOnly) {
        // public key (just Y)
        BigInteger y = publicKey.getY();
        byte[] yBytes = y.toByteArray();
        String yHex = StringUtil.toHexString(yBytes);
        buf.append("======== Begin Public Key (Y @ ").append(yBytes.length).append(" / ").append(yHex.length()).append(") ========\n");
        buf.append(yHex).append("\n");
        buf.append("======== End Public Key ========\n\n");
        // private key (just X)
        BigInteger x = privateKey.getX();
        byte[] xBytes = x.toByteArray();
        String xHex = StringUtil.toHexString(xBytes);
        buf.append("======== Begin Private Key (X @ ").append(xBytes.length).append(" / ").append(xHex.length()).append(") ========\n");
        buf.append(xHex).append("\n");
        buf.append("======== End Private Key ========\n\n");
        // private key (full)
        byte[] privateBytes = privateKey.getEncoded();
        String privateHex = StringUtil.toHexString(privateBytes);
        buf.append("======== Begin Private Key (Full @ ").append(privateBytes.length).append(" / ").append(privateHex.length()).append(") ========\n");
        buf.append(privateHex).append("\n");
        buf.append("======== End Private Key ========\n\n");
    }
    if (kekBytes != null) {
        buf.append("======== Begin KEK (").append(kekBytes.length).append(") ========\n");
        buf.append(StringUtil.toHexString(kekBytes)).append("\n");
        buf.append("======== End KEK ========\n\n");
        buf.append("======== Begin KEK (DES) (").append(loadKekBytes.length).append(") ========\n");
        buf.append(StringUtil.toHexString(loadKekBytes)).append("\n");
        buf.append("======== End KEK (DES) ========\n\n");
        buf.append("======== Begin KEK Test (").append(kekTestC.length).append(") ========\n");
        buf.append(StringUtil.toHexString(kekTestC)).append("\n");
        buf.append("======== End KEK Test ========\n\n");
    } else {
        Debug.logError("KEK came back empty", module);
    }
    return buf;
}
Also used : DHPrivateKey(javax.crypto.interfaces.DHPrivateKey) KeyPair(java.security.KeyPair) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) DHPublicKey(javax.crypto.interfaces.DHPublicKey) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) HttpClientException(org.apache.ofbiz.base.util.HttpClientException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) BadPaddingException(javax.crypto.BadPaddingException) GenericEntityException(org.apache.ofbiz.entity.GenericEntityException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) SecretKey(javax.crypto.SecretKey) BigInteger(java.math.BigInteger) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) Cipher(javax.crypto.Cipher)

Example 14 with DHPublicKey

use of javax.crypto.interfaces.DHPublicKey in project ofbiz-framework by apache.

the class ValueLinkApi method createKeys.

/**
 * Create a set of public/private keys using ValueLinks defined parameters
 * @return KeyPair object containing both public and private keys
 * @throws NoSuchAlgorithmException
 * @throws InvalidAlgorithmParameterException
 */
public KeyPair createKeys() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeySpecException {
    // initialize the parameter spec
    DHPublicKey publicKey = (DHPublicKey) this.getValueLinkPublicKey();
    DHParameterSpec dhParamSpec = publicKey.getParams();
    // create the public/private key pair using parameters defined by valuelink
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH");
    keyGen.initialize(dhParamSpec);
    KeyPair keyPair = keyGen.generateKeyPair();
    return keyPair;
}
Also used : KeyPair(java.security.KeyPair) DHPublicKey(javax.crypto.interfaces.DHPublicKey) DHParameterSpec(javax.crypto.spec.DHParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator)

Example 15 with DHPublicKey

use of javax.crypto.interfaces.DHPublicKey in project remote-desktop-clients by iiordanov.

the class RFBSecurityARD method performDHKeyAgreement.

private DHResult performDHKeyAgreement(BigInteger prime, BigInteger generator, BigInteger peerKey, int keyLength) throws IOException {
    // fetch instances of all needed Diffie-Hellman support classes
    KeyPairGenerator keyPairGenerator;
    KeyAgreement keyAgreement;
    KeyFactory keyFactory;
    try {
        keyPairGenerator = KeyPairGenerator.getInstance("DH");
        keyAgreement = KeyAgreement.getInstance("DH");
        keyFactory = KeyFactory.getInstance("DH");
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
        throw new IOException(MSG_NO_SUPPORT + " (Diffie-Hellman)");
    }
    try {
        // parse the peerKey
        DHPublicKeySpec peerKeySpec = new DHPublicKeySpec(peerKey, prime, generator);
        DHPublicKey peerPublicKey = (DHPublicKey) keyFactory.generatePublic(peerKeySpec);
        // generate my public/private key pair
        keyPairGenerator.initialize(new DHParameterSpec(prime, generator));
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        // perform key agreement
        keyAgreement.init(keyPair.getPrivate());
        keyAgreement.doPhase(peerPublicKey, true);
        // return the results
        DHResult result = new DHResult();
        result.publicKey = keyToBytes(keyPair.getPublic(), keyLength);
        result.privateKey = keyToBytes(keyPair.getPrivate(), keyLength);
        result.secretKey = keyAgreement.generateSecret();
        return result;
    } catch (GeneralSecurityException e) {
        e.printStackTrace();
        throw new IOException(MSG_ERROR + " (Key agreement)");
    }
}
Also used : KeyPair(java.security.KeyPair) DHPublicKey(javax.crypto.interfaces.DHPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) DHParameterSpec(javax.crypto.spec.DHParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) DHPublicKeySpec(javax.crypto.spec.DHPublicKeySpec) KeyAgreement(javax.crypto.KeyAgreement) KeyFactory(java.security.KeyFactory)

Aggregations

DHPublicKey (javax.crypto.interfaces.DHPublicKey)28 KeyPair (java.security.KeyPair)16 IOException (java.io.IOException)14 BigInteger (java.math.BigInteger)11 KeyPairGenerator (java.security.KeyPairGenerator)11 KeyFactory (java.security.KeyFactory)10 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9 PublicKey (java.security.PublicKey)9 DHParameterSpec (javax.crypto.spec.DHParameterSpec)8 DHPublicKeySpec (javax.crypto.spec.DHPublicKeySpec)8 CertificateException (java.security.cert.CertificateException)6 DHPrivateKey (javax.crypto.interfaces.DHPrivateKey)6 Cipher (javax.crypto.Cipher)5 KeyAgreement (javax.crypto.KeyAgreement)5 OtrCryptoEngineImpl (net.java.otr4j.crypto.OtrCryptoEngineImpl)5 X509Certificate (java.security.cert.X509Certificate)4 RSAPublicKey (java.security.interfaces.RSAPublicKey)4 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)4 X509ExtendedKeyManager (javax.net.ssl.X509ExtendedKeyManager)4 X509KeyManager (javax.net.ssl.X509KeyManager)4