Example 1 with BCEdDSAPrivateKey
use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey in project beckn-one by beckn.
the class SubscriberImpl method getRawPrivateKey.
public String getRawPrivateKey(String algo, String keyId) {
Subscriber subscriber = getProxy();
String pem = Request.getPrivateKey(subscriber.getSubscriberId(), keyId);
try {
if (!ObjectUtil.isVoid(pem)) {
PrivateKey privateKey = Crypt.getInstance().getPrivateKey(algo, pem);
if (privateKey instanceof BCEdDSAPrivateKey) {
BCEdDSAPrivateKey privateKey1 = (BCEdDSAPrivateKey) privateKey;
Field f = privateKey1.getClass().getDeclaredField("eddsaPrivateKey");
// BC Desnot expose this hence this reflection stuff.
f.setAccessible(true);
Ed25519PrivateKeyParameters privateKeyParameters1 = (Ed25519PrivateKeyParameters) f.get(privateKey1);
return Base64.getEncoder().encodeToString(privateKeyParameters1.getEncoded());
} else if (privateKey instanceof BCXDHPrivateKey) {
BCXDHPrivateKey privateKey1 = (BCXDHPrivateKey) privateKey;
Field f = privateKey1.getClass().getDeclaredField("xdhPrivateKey");
// BC Desnot expose this hence this reflection stuff.
f.setAccessible(true);
X25519PrivateKeyParameters privateKeyParameters1 = (X25519PrivateKeyParameters) f.get(privateKey1);
return Base64.getEncoder().encodeToString(privateKeyParameters1.getEncoded());
} else {
throw new RuntimeException("Key not identifiable!");
}
}
} catch (Exception ex) {
throw new RuntimeException(ex);
}
return null;
}
Also used :
Field(java.lang.reflect.Field)
PrivateKey(java.security.PrivateKey)
BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey)
BCXDHPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCXDHPrivateKey)
BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey)
X25519PrivateKeyParameters(org.bouncycastle.crypto.params.X25519PrivateKeyParameters)
Ed25519PrivateKeyParameters(org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters)
BCXDHPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCXDHPrivateKey)
Example 2 with BCEdDSAPrivateKey
use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey in project jans by JanssenProject.
the class EDDSASigner method generateSignature.
/**
* Generating a signature,
* using URL safe based format.
*/
@Override
public String generateSignature(String signingInput) throws SignatureException {
SignatureAlgorithm signatureAlgorithm = getSignatureAlgorithm();
if (signatureAlgorithm == null) {
throw new SignatureException("The signature algorithm is null");
}
if (!signatureAlgorithm.getFamily().equals(AlgorithmFamily.ED)) {
throw new SignatureException(String.format("Wrong value of the signature algorithm: %s", signatureAlgorithm.getFamily().toString()));
}
if (eddsaPrivateKey == null) {
throw new SignatureException("The EDDSA private key is null");
}
if (signingInput == null) {
throw new SignatureException("The signing input is null");
}
try {
PKCS8EncodedKeySpec privateKeySpec = eddsaPrivateKey.getPrivateKeySpec();
java.security.KeyFactory keyFactory = java.security.KeyFactory.getInstance(signatureAlgorithm.getName());
BCEdDSAPrivateKey privateKey = (BCEdDSAPrivateKey) keyFactory.generatePrivate(privateKeySpec);
Signature signer = Signature.getInstance(signatureAlgorithm.getName(), "BC");
signer.initSign(privateKey);
signer.update(signingInput.getBytes());
byte[] signature = signer.sign();
return Base64Util.base64urlencode(signature);
} catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException | InvalidKeyException | IllegalArgumentException e) {
throw new SignatureException(e);
}
}
Also used :
SignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
Signature(java.security.Signature)
BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 3 with BCEdDSAPrivateKey
use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey in project jlibra by ketola.
the class KeyRotationExample method main.
public static void main(String[] args) throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
DiemClient client = DiemClient.builder().withUrl("https://testnet.diem.com/v1").build();
Faucet faucet = Faucet.builder().build();
/*
* Create a key pair, calculate the libra address and add some coins to the
* account
*/
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("Ed25519", "BC");
KeyPair keyPairOriginal = kpGen.generateKeyPair();
BCEdDSAPrivateKey privateKeyOriginal = (BCEdDSAPrivateKey) keyPairOriginal.getPrivate();
BCEdDSAPublicKey publicKeyOriginal = (BCEdDSAPublicKey) keyPairOriginal.getPublic();
AuthenticationKey authenticationKeyOriginal = AuthenticationKey.fromPublicKey(publicKeyOriginal);
AccountAddress addressOriginal = AccountAddress.fromAuthenticationKey(authenticationKeyOriginal);
logger.info("Account address: {}", addressOriginal.toString());
logger.info("Authentication key: {}", authenticationKeyOriginal.toString());
faucet.mint(authenticationKeyOriginal, 100L * 1_000_000L, CURRENCY);
Wait.until(accountHasPositiveBalance(addressOriginal, client));
/*
* Get the account state to verify that the account exists and the coins were
* transferred. Notice, that at this point the address == authentication key.
*/
logger.info("-----------------------------------------------------------------------------------------------");
logger.info("Get the account state for the new account");
getAccountState(addressOriginal, client);
logger.info("-----------------------------------------------------------------------------------------------\n");
/*
* Create a new key pair. This keypair will be changed to be the signing keys of
* the account created earlier
*/
KeyPair keyPairNew = kpGen.generateKeyPair();
BCEdDSAPrivateKey privateKeyNew = (BCEdDSAPrivateKey) keyPairNew.getPrivate();
BCEdDSAPublicKey publicKeyNew = (BCEdDSAPublicKey) keyPairNew.getPublic();
/*
* Send the transaction for changing the signing keys
*/
logger.info("Change the signing keys..");
rotateAuthenticationKey(privateKeyOriginal, publicKeyOriginal, addressOriginal, publicKeyNew, 0, client);
Wait.until(transactionFound(addressOriginal, 0, client));
logger.info("-----------------------------------------------------------------------------------------------");
logger.info("Get the account state for the account");
getAccountState(addressOriginal, client);
logger.info("-----------------------------------------------------------------------------------------------\n");
/*
* In this step a new key pair is created and an attempt is made to change these
* to be the new signing keys. This should fail because we are using the
* original signing keys which should not work anymore because the keys were
* changed.
*/
KeyPair keyPairNew2 = kpGen.generateKeyPair();
BCEdDSAPrivateKey privateKeyNew2 = (BCEdDSAPrivateKey) keyPairNew2.getPrivate();
BCEdDSAPublicKey publicKeyNew2 = (BCEdDSAPublicKey) keyPairNew2.getPublic();
logger.info("Change the signing keys..");
try {
rotateAuthenticationKey(privateKeyOriginal, publicKeyOriginal, addressOriginal, publicKeyNew2, 1, client);
} catch (DiemRuntimeException e) {
logger.error(e.getMessage());
logger.error("This failed because the the original keys cannot be used anymore");
}
logger.info("-----------------------------------------------------------------------------------------------");
logger.info("Get the account state for the account");
getAccountState(addressOriginal, client);
logger.info("-----------------------------------------------------------------------------------------------\n");
/*
* Now a new attempt is done using the correct keys and this time the
* transaction should go through.
*/
logger.info("Change the signing keys..");
rotateAuthenticationKey(privateKeyNew, publicKeyNew, addressOriginal, publicKeyNew2, 1, client);
logger.info("This succeeded because now the updated keys were used.");
Wait.until(transactionFound(addressOriginal, 1, client));
/*
* Get the account state to verify that the authentication key was changed.
*/
logger.info("-----------------------------------------------------------------------------------------------");
getAccountState(addressOriginal, client);
logger.info("-----------------------------------------------------------------------------------------------");
}
Also used :
DiemClient(dev.jlibra.client.DiemClient)
DiemRuntimeException(dev.jlibra.DiemRuntimeException)
KeyPair(java.security.KeyPair)
AuthenticationKey(dev.jlibra.AuthenticationKey)
Faucet(dev.jlibra.faucet.Faucet)
KeyPairGenerator(java.security.KeyPairGenerator)
BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey)
BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)
AccountAddress(dev.jlibra.AccountAddress)
Example 4 with BCEdDSAPrivateKey
use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey in project jlibra by ketola.
the class GenerateKeysExample method main.
public static void main(String[] args) throws Exception {
Security.addProvider(new BouncyCastleProvider());
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("Ed25519", "BC");
KeyPair keyPair = kpGen.generateKeyPair();
BCEdDSAPrivateKey privateKey = (BCEdDSAPrivateKey) keyPair.getPrivate();
BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) keyPair.getPublic();
AuthenticationKey authenticationKey = AuthenticationKey.fromPublicKey(publicKey);
logger.info("Libra address: {}", AccountAddress.fromAuthenticationKey(authenticationKey));
logger.info("Authentication key: {}", authenticationKey);
logger.info("Public key: {}", ByteArray.from(publicKey.getEncoded()));
logger.info("Private key: {}", ByteArray.from(privateKey.getEncoded()));
}
Also used :
KeyPair(java.security.KeyPair)
AuthenticationKey(dev.jlibra.AuthenticationKey)
KeyPairGenerator(java.security.KeyPairGenerator)
BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey)
BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)
BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)
Aggregations
BCEdDSAPrivateKey (org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey)4
AuthenticationKey (dev.jlibra.AuthenticationKey)2
KeyPair (java.security.KeyPair)2
KeyPairGenerator (java.security.KeyPairGenerator)2
BCEdDSAPublicKey (org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)2
AccountAddress (dev.jlibra.AccountAddress)1
DiemRuntimeException (dev.jlibra.DiemRuntimeException)1
DiemClient (dev.jlibra.client.DiemClient)1
Faucet (dev.jlibra.faucet.Faucet)1
SignatureAlgorithm (io.jans.as.model.crypto.signature.SignatureAlgorithm)1
Field (java.lang.reflect.Field)1
InvalidKeyException (java.security.InvalidKeyException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
NoSuchProviderException (java.security.NoSuchProviderException)1
PrivateKey (java.security.PrivateKey)1
Signature (java.security.Signature)1
SignatureException (java.security.SignatureException)1
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)1
Ed25519PrivateKeyParameters (org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters)1
