Search in sources :

Example 1 with DSAParameters

use of org.bouncycastle.crypto.params.DSAParameters in project robovm by robovm.

the class PrivateKeyFactory method createKey.

/**
     * Create a private key parameter from the passed in PKCS8 PrivateKeyInfo object.
     * 
     * @param keyInfo the PrivateKeyInfo object containing the key material
     * @return a suitable private key parameter
     * @throws IOException on an error decoding the key
     */
public static AsymmetricKeyParameter createKey(PrivateKeyInfo keyInfo) throws IOException {
    AlgorithmIdentifier algId = keyInfo.getPrivateKeyAlgorithm();
    if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.rsaEncryption)) {
        RSAPrivateKey keyStructure = RSAPrivateKey.getInstance(keyInfo.parsePrivateKey());
        return new RSAPrivateCrtKeyParameters(keyStructure.getModulus(), keyStructure.getPublicExponent(), keyStructure.getPrivateExponent(), keyStructure.getPrime1(), keyStructure.getPrime2(), keyStructure.getExponent1(), keyStructure.getExponent2(), keyStructure.getCoefficient());
    } else //      else if (algId.getObjectId().equals(X9ObjectIdentifiers.dhpublicnumber))
    if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.dhKeyAgreement)) {
        DHParameter params = DHParameter.getInstance(algId.getParameters());
        ASN1Integer derX = (ASN1Integer) keyInfo.parsePrivateKey();
        BigInteger lVal = params.getL();
        int l = lVal == null ? 0 : lVal.intValue();
        DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
        return new DHPrivateKeyParameters(derX.getValue(), dhParams);
    } else // END android-removed
    if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) {
        ASN1Integer derX = (ASN1Integer) keyInfo.parsePrivateKey();
        ASN1Encodable de = algId.getParameters();
        DSAParameters parameters = null;
        if (de != null) {
            DSAParameter params = DSAParameter.getInstance(de.toASN1Primitive());
            parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
        }
        return new DSAPrivateKeyParameters(derX.getValue(), parameters);
    } else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
        X962Parameters params = new X962Parameters((ASN1Primitive) algId.getParameters());
        X9ECParameters x9;
        if (params.isNamedCurve()) {
            ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
            x9 = X962NamedCurves.getByOID(oid);
            if (x9 == null) {
                x9 = SECNamedCurves.getByOID(oid);
                if (x9 == null) {
                    x9 = NISTNamedCurves.getByOID(oid);
                // BEGIN android-removed
                // if (x9 == null)
                // {
                //     x9 = TeleTrusTNamedCurves.getByOID(oid);
                // }
                // END android-removed
                }
            }
        } else {
            x9 = X9ECParameters.getInstance(params.getParameters());
        }
        ECPrivateKey ec = ECPrivateKey.getInstance(keyInfo.parsePrivateKey());
        BigInteger d = ec.getKey();
        // TODO We lose any named parameters here
        ECDomainParameters dParams = new ECDomainParameters(x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
        return new ECPrivateKeyParameters(d, dParams);
    } else {
        throw new RuntimeException("algorithm identifier in key not recognised");
    }
}
Also used : ECPrivateKey(org.bouncycastle.asn1.sec.ECPrivateKey) ECDomainParameters(org.bouncycastle.crypto.params.ECDomainParameters) DHParameters(org.bouncycastle.crypto.params.DHParameters) DHPrivateKeyParameters(org.bouncycastle.crypto.params.DHPrivateKeyParameters) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) ECPrivateKeyParameters(org.bouncycastle.crypto.params.ECPrivateKeyParameters) DSAPrivateKeyParameters(org.bouncycastle.crypto.params.DSAPrivateKeyParameters) BigInteger(java.math.BigInteger) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) DSAParameter(org.bouncycastle.asn1.x509.DSAParameter) RSAPrivateKey(org.bouncycastle.asn1.pkcs.RSAPrivateKey) DHParameter(org.bouncycastle.asn1.pkcs.DHParameter) DSAParameters(org.bouncycastle.crypto.params.DSAParameters) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) RSAPrivateCrtKeyParameters(org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters)

Example 2 with DSAParameters

use of org.bouncycastle.crypto.params.DSAParameters in project robovm by robovm.

the class DSAParametersGenerator method generateParameters_FIPS186_2.

private DSAParameters generateParameters_FIPS186_2() {
    byte[] seed = new byte[20];
    byte[] part1 = new byte[20];
    byte[] part2 = new byte[20];
    byte[] u = new byte[20];
    int n = (L - 1) / 160;
    byte[] w = new byte[L / 8];
    // BEGIN android-changed
    if (!(digest.getAlgorithmName().equals("SHA-1"))) // END android-changed
    {
        throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters");
    }
    for (; ; ) {
        random.nextBytes(seed);
        hash(digest, seed, part1);
        System.arraycopy(seed, 0, part2, 0, seed.length);
        inc(part2);
        hash(digest, part2, part2);
        for (int i = 0; i != u.length; i++) {
            u[i] = (byte) (part1[i] ^ part2[i]);
        }
        u[0] |= (byte) 0x80;
        u[19] |= (byte) 0x01;
        BigInteger q = new BigInteger(1, u);
        if (!q.isProbablePrime(certainty)) {
            continue;
        }
        byte[] offset = Arrays.clone(seed);
        inc(offset);
        for (int counter = 0; counter < 4096; ++counter) {
            for (int k = 0; k < n; k++) {
                inc(offset);
                hash(digest, offset, part1);
                System.arraycopy(part1, 0, w, w.length - (k + 1) * part1.length, part1.length);
            }
            inc(offset);
            hash(digest, offset, part1);
            System.arraycopy(part1, part1.length - ((w.length - (n) * part1.length)), w, 0, w.length - n * part1.length);
            w[0] |= (byte) 0x80;
            BigInteger x = new BigInteger(1, w);
            BigInteger c = x.mod(q.shiftLeft(1));
            BigInteger p = x.subtract(c.subtract(ONE));
            if (p.bitLength() != L) {
                continue;
            }
            if (p.isProbablePrime(certainty)) {
                BigInteger g = calculateGenerator_FIPS186_2(p, q, random);
                return new DSAParameters(p, q, g, new DSAValidationParameters(seed, counter));
            }
        }
    }
}
Also used : DSAValidationParameters(org.bouncycastle.crypto.params.DSAValidationParameters) BigInteger(java.math.BigInteger) DSAParameters(org.bouncycastle.crypto.params.DSAParameters)

Example 3 with DSAParameters

use of org.bouncycastle.crypto.params.DSAParameters in project XobotOS by xamarin.

the class PrivateKeyFactory method createKey.

/**
     * Create a private key parameter from the passed in PKCS8 PrivateKeyInfo object.
     * 
     * @param keyInfo the PrivateKeyInfo object containing the key material
     * @return a suitable private key parameter
     * @throws IOException on an error decoding the key
     */
public static AsymmetricKeyParameter createKey(PrivateKeyInfo keyInfo) throws IOException {
    AlgorithmIdentifier algId = keyInfo.getAlgorithmId();
    if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.rsaEncryption)) {
        RSAPrivateKeyStructure keyStructure = new RSAPrivateKeyStructure((ASN1Sequence) keyInfo.getPrivateKey());
        return new RSAPrivateCrtKeyParameters(keyStructure.getModulus(), keyStructure.getPublicExponent(), keyStructure.getPrivateExponent(), keyStructure.getPrime1(), keyStructure.getPrime2(), keyStructure.getExponent1(), keyStructure.getExponent2(), keyStructure.getCoefficient());
    } else //      else if (algId.getObjectId().equals(X9ObjectIdentifiers.dhpublicnumber))
    if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement)) {
        DHParameter params = new DHParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters());
        DERInteger derX = (DERInteger) keyInfo.getPrivateKey();
        BigInteger lVal = params.getL();
        int l = lVal == null ? 0 : lVal.intValue();
        DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
        return new DHPrivateKeyParameters(derX.getValue(), dhParams);
    } else // END android-removed
    if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa)) {
        DERInteger derX = (DERInteger) keyInfo.getPrivateKey();
        DEREncodable de = keyInfo.getAlgorithmId().getParameters();
        DSAParameters parameters = null;
        if (de != null) {
            DSAParameter params = DSAParameter.getInstance(de.getDERObject());
            parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
        }
        return new DSAPrivateKeyParameters(derX.getValue(), parameters);
    } else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
        X962Parameters params = new X962Parameters((DERObject) keyInfo.getAlgorithmId().getParameters());
        ECDomainParameters dParams = null;
        if (params.isNamedCurve()) {
            DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters();
            X9ECParameters ecP = X962NamedCurves.getByOID(oid);
            if (ecP == null) {
                ecP = SECNamedCurves.getByOID(oid);
                if (ecP == null) {
                    ecP = NISTNamedCurves.getByOID(oid);
                // BEGIN android-removed
                // if (ecP == null)
                // {
                //     ecP = TeleTrusTNamedCurves.getByOID(oid);
                // }
                // END android-removed
                }
            }
            dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
        } else {
            X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters());
            dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
        }
        ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) keyInfo.getPrivateKey());
        return new ECPrivateKeyParameters(ec.getKey(), dParams);
    } else {
        throw new RuntimeException("algorithm identifier in key not recognised");
    }
}
Also used : ECDomainParameters(org.bouncycastle.crypto.params.ECDomainParameters) DHParameters(org.bouncycastle.crypto.params.DHParameters) DHPrivateKeyParameters(org.bouncycastle.crypto.params.DHPrivateKeyParameters) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERInteger(org.bouncycastle.asn1.DERInteger) X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) ECPrivateKeyParameters(org.bouncycastle.crypto.params.ECPrivateKeyParameters) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERObject(org.bouncycastle.asn1.DERObject) RSAPrivateKeyStructure(org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure) DEREncodable(org.bouncycastle.asn1.DEREncodable) DSAPrivateKeyParameters(org.bouncycastle.crypto.params.DSAPrivateKeyParameters) BigInteger(java.math.BigInteger) DSAParameter(org.bouncycastle.asn1.x509.DSAParameter) DHParameter(org.bouncycastle.asn1.pkcs.DHParameter) DSAParameters(org.bouncycastle.crypto.params.DSAParameters) RSAPrivateCrtKeyParameters(org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters)

Example 4 with DSAParameters

use of org.bouncycastle.crypto.params.DSAParameters in project XobotOS by xamarin.

the class DSAKeyPairGenerator method generateKeyPair.

public AsymmetricCipherKeyPair generateKeyPair() {
    DSAParameters dsaParams = param.getParameters();
    BigInteger x = generatePrivateKey(dsaParams.getQ(), param.getRandom());
    BigInteger y = calculatePublicKey(dsaParams.getP(), dsaParams.getG(), x);
    return new AsymmetricCipherKeyPair(new DSAPublicKeyParameters(y, dsaParams), new DSAPrivateKeyParameters(x, dsaParams));
}
Also used : DSAPublicKeyParameters(org.bouncycastle.crypto.params.DSAPublicKeyParameters) DSAPrivateKeyParameters(org.bouncycastle.crypto.params.DSAPrivateKeyParameters) BigInteger(java.math.BigInteger) DSAParameters(org.bouncycastle.crypto.params.DSAParameters) AsymmetricCipherKeyPair(org.bouncycastle.crypto.AsymmetricCipherKeyPair)

Example 5 with DSAParameters

use of org.bouncycastle.crypto.params.DSAParameters in project XobotOS by xamarin.

the class DSAParametersGenerator method generateParameters_FIPS186_3.

/**
     * generate suitable parameters for DSA, in line with
     * <i>FIPS 186-3 A.1 Generation of the FFC Primes p and q</i>.
     */
private DSAParameters generateParameters_FIPS186_3() {
    // A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function
    // FIXME This should be configurable (digest size in bits must be >= N)
    Digest d = new SHA256Digest();
    int outlen = d.getDigestSize() * 8;
    // 1. Check that the (L, N) pair is in the list of acceptable (L, N pairs) (see Section 4.2). If
    //    the pair is not in the list, then return INVALID.
    // Note: checked at initialisation
    // 2. If (seedlen < N), then return INVALID.
    // FIXME This should be configurable (must be >= N)
    int seedlen = N;
    byte[] seed = new byte[seedlen / 8];
    // 3. n = ceiling(L ⁄ outlen) – 1.
    int n = (L - 1) / outlen;
    // 4. b = L – 1 – (n ∗ outlen).
    int b = (L - 1) % outlen;
    byte[] output = new byte[d.getDigestSize()];
    for (; ; ) {
        // 5. Get an arbitrary sequence of seedlen bits as the domain_parameter_seed.
        random.nextBytes(seed);
        // 6. U = Hash (domain_parameter_seed) mod 2^(N–1).
        hash(d, seed, output);
        BigInteger U = new BigInteger(1, output).mod(ONE.shiftLeft(N - 1));
        // 7. q = 2^(N–1) + U + 1 – ( U mod 2).
        BigInteger q = ONE.shiftLeft(N - 1).add(U).add(ONE).subtract(U.mod(TWO));
        // TODO Review C.3 for primality checking
        if (!q.isProbablePrime(certainty)) {
            // 9. If q is not a prime, then go to step 5.
            continue;
        }
        // 10. offset = 1.
        // Note: 'offset' value managed incrementally
        byte[] offset = Arrays.clone(seed);
        // 11. For counter = 0 to (4L – 1) do
        int counterLimit = 4 * L;
        for (int counter = 0; counter < counterLimit; ++counter) {
            // 11.1 For j = 0 to n do
            //      Vj = Hash ((domain_parameter_seed + offset + j) mod 2^seedlen).
            // 11.2 W = V0 + (V1 ∗ 2^outlen) + ... + (V^(n–1) ∗ 2^((n–1) ∗ outlen)) + ((Vn mod 2^b) ∗ 2^(n ∗ outlen)).
            // TODO Assemble w as a byte array
            BigInteger W = ZERO;
            for (int j = 0, exp = 0; j <= n; ++j, exp += outlen) {
                inc(offset);
                hash(d, offset, output);
                BigInteger Vj = new BigInteger(1, output);
                if (j == n) {
                    Vj = Vj.mod(ONE.shiftLeft(b));
                }
                W = W.add(Vj.shiftLeft(exp));
            }
            // 11.3 X = W + 2^(L–1). Comment: 0 ≤ W < 2L–1; hence, 2L–1 ≤ X < 2L.
            BigInteger X = W.add(ONE.shiftLeft(L - 1));
            // 11.4 c = X mod 2q.
            BigInteger c = X.mod(q.shiftLeft(1));
            // 11.5 p = X - (c - 1). Comment: p ≡ 1 (mod 2q).
            BigInteger p = X.subtract(c.subtract(ONE));
            // 11.6 If (p < 2^(L - 1)), then go to step 11.9
            if (p.bitLength() != L) {
                continue;
            }
            // TODO Review C.3 for primality checking
            if (p.isProbablePrime(certainty)) {
                // 11.8 If p is determined to be prime, then return VALID and the values of p, q and
                //      (optionally) the values of domain_parameter_seed and counter.
                // TODO Make configurable (8-bit unsigned)?
                //                    int index = 1;
                //                    BigInteger g = calculateGenerator_FIPS186_3_Verifiable(d, p, q, seed, index);
                //                    if (g != null)
                //                    {
                //                        // TODO Should 'index' be a part of the validation parameters?
                //                        return new DSAParameters(p, q, g, new DSAValidationParameters(seed, counter));
                //                    }
                BigInteger g = calculateGenerator_FIPS186_3_Unverifiable(p, q, random);
                return new DSAParameters(p, q, g, new DSAValidationParameters(seed, counter));
            }
        // 11.9 offset = offset + n + 1.      Comment: Increment offset; then, as part of
        //                                    the loop in step 11, increment counter; if
        //                                    counter < 4L, repeat steps 11.1 through 11.8.
        // Note: 'offset' value already incremented in inner loop
        }
    // 12. Go to step 5.
    }
}
Also used : Digest(org.bouncycastle.crypto.Digest) SHA1Digest(org.bouncycastle.crypto.digests.SHA1Digest) SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest) SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest) DSAValidationParameters(org.bouncycastle.crypto.params.DSAValidationParameters) BigInteger(java.math.BigInteger) DSAParameters(org.bouncycastle.crypto.params.DSAParameters)

Aggregations

DSAParameters (org.bouncycastle.crypto.params.DSAParameters)18 BigInteger (java.math.BigInteger)16 DSAPrivateKeyParameters (org.bouncycastle.crypto.params.DSAPrivateKeyParameters)7 DSAPublicKeyParameters (org.bouncycastle.crypto.params.DSAPublicKeyParameters)7 DHParameter (org.bouncycastle.asn1.pkcs.DHParameter)4 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)4 DSAParameter (org.bouncycastle.asn1.x509.DSAParameter)4 X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)4 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)4 DHParameters (org.bouncycastle.crypto.params.DHParameters)4 DSAValidationParameters (org.bouncycastle.crypto.params.DSAValidationParameters)4 ECDomainParameters (org.bouncycastle.crypto.params.ECDomainParameters)4 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)2 DSAParameterSpec (java.security.spec.DSAParameterSpec)2 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)2 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)2 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)2 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)2 DEREncodable (org.bouncycastle.asn1.DEREncodable)2 DERInteger (org.bouncycastle.asn1.DERInteger)2