Search in sources :

Example 1 with BCEdDSAPrivateKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey in project beckn-one by beckn.

the class SubscriberImpl method getRawPrivateKey.

public String getRawPrivateKey(String algo, String keyId) {
    Subscriber subscriber = getProxy();
    String pem = Request.getPrivateKey(subscriber.getSubscriberId(), keyId);
    try {
        if (!ObjectUtil.isVoid(pem)) {
            PrivateKey privateKey = Crypt.getInstance().getPrivateKey(algo, pem);
            if (privateKey instanceof BCEdDSAPrivateKey) {
                BCEdDSAPrivateKey privateKey1 = (BCEdDSAPrivateKey) privateKey;
                Field f = privateKey1.getClass().getDeclaredField("eddsaPrivateKey");
                // BC Desnot expose this hence this reflection stuff.
                f.setAccessible(true);
                Ed25519PrivateKeyParameters privateKeyParameters1 = (Ed25519PrivateKeyParameters) f.get(privateKey1);
                return Base64.getEncoder().encodeToString(privateKeyParameters1.getEncoded());
            } else if (privateKey instanceof BCXDHPrivateKey) {
                BCXDHPrivateKey privateKey1 = (BCXDHPrivateKey) privateKey;
                Field f = privateKey1.getClass().getDeclaredField("xdhPrivateKey");
                // BC Desnot expose this hence this reflection stuff.
                f.setAccessible(true);
                X25519PrivateKeyParameters privateKeyParameters1 = (X25519PrivateKeyParameters) f.get(privateKey1);
                return Base64.getEncoder().encodeToString(privateKeyParameters1.getEncoded());
            } else {
                throw new RuntimeException("Key not  identifiable!");
            }
        }
    } catch (Exception ex) {
        throw new RuntimeException(ex);
    }
    return null;
}
Also used : Field(java.lang.reflect.Field) PrivateKey(java.security.PrivateKey) BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey) BCXDHPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCXDHPrivateKey) BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey) X25519PrivateKeyParameters(org.bouncycastle.crypto.params.X25519PrivateKeyParameters) Ed25519PrivateKeyParameters(org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters) BCXDHPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCXDHPrivateKey)

Example 2 with BCEdDSAPrivateKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey in project jans by JanssenProject.

the class EDDSASigner method generateSignature.

/**
 * Generating a signature,
 * using URL safe based format.
 */
@Override
public String generateSignature(String signingInput) throws SignatureException {
    SignatureAlgorithm signatureAlgorithm = getSignatureAlgorithm();
    if (signatureAlgorithm == null) {
        throw new SignatureException("The signature algorithm is null");
    }
    if (!signatureAlgorithm.getFamily().equals(AlgorithmFamily.ED)) {
        throw new SignatureException(String.format("Wrong value of the signature algorithm: %s", signatureAlgorithm.getFamily().toString()));
    }
    if (eddsaPrivateKey == null) {
        throw new SignatureException("The EDDSA private key is null");
    }
    if (signingInput == null) {
        throw new SignatureException("The signing input is null");
    }
    try {
        PKCS8EncodedKeySpec privateKeySpec = eddsaPrivateKey.getPrivateKeySpec();
        java.security.KeyFactory keyFactory = java.security.KeyFactory.getInstance(signatureAlgorithm.getName());
        BCEdDSAPrivateKey privateKey = (BCEdDSAPrivateKey) keyFactory.generatePrivate(privateKeySpec);
        Signature signer = Signature.getInstance(signatureAlgorithm.getName(), "BC");
        signer.initSign(privateKey);
        signer.update(signingInput.getBytes());
        byte[] signature = signer.sign();
        return Base64Util.base64urlencode(signature);
    } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException | InvalidKeyException | IllegalArgumentException e) {
        throw new SignatureException(e);
    }
}
Also used : SignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm) SignatureException(java.security.SignatureException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) Signature(java.security.Signature) BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchProviderException(java.security.NoSuchProviderException)

Example 3 with BCEdDSAPrivateKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey in project jlibra by ketola.

the class KeyRotationExample method main.

public static void main(String[] args) throws Exception {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    DiemClient client = DiemClient.builder().withUrl("https://testnet.diem.com/v1").build();
    Faucet faucet = Faucet.builder().build();
    /*
         * Create a key pair, calculate the libra address and add some coins to the
         * account
         */
    KeyPairGenerator kpGen = KeyPairGenerator.getInstance("Ed25519", "BC");
    KeyPair keyPairOriginal = kpGen.generateKeyPair();
    BCEdDSAPrivateKey privateKeyOriginal = (BCEdDSAPrivateKey) keyPairOriginal.getPrivate();
    BCEdDSAPublicKey publicKeyOriginal = (BCEdDSAPublicKey) keyPairOriginal.getPublic();
    AuthenticationKey authenticationKeyOriginal = AuthenticationKey.fromPublicKey(publicKeyOriginal);
    AccountAddress addressOriginal = AccountAddress.fromAuthenticationKey(authenticationKeyOriginal);
    logger.info("Account address: {}", addressOriginal.toString());
    logger.info("Authentication key: {}", authenticationKeyOriginal.toString());
    faucet.mint(authenticationKeyOriginal, 100L * 1_000_000L, CURRENCY);
    Wait.until(accountHasPositiveBalance(addressOriginal, client));
    /*
         * Get the account state to verify that the account exists and the coins were
         * transferred. Notice, that at this point the address == authentication key.
         */
    logger.info("-----------------------------------------------------------------------------------------------");
    logger.info("Get the account state for the new account");
    getAccountState(addressOriginal, client);
    logger.info("-----------------------------------------------------------------------------------------------\n");
    /*
         * Create a new key pair. This keypair will be changed to be the signing keys of
         * the account created earlier
         */
    KeyPair keyPairNew = kpGen.generateKeyPair();
    BCEdDSAPrivateKey privateKeyNew = (BCEdDSAPrivateKey) keyPairNew.getPrivate();
    BCEdDSAPublicKey publicKeyNew = (BCEdDSAPublicKey) keyPairNew.getPublic();
    /*
         * Send the transaction for changing the signing keys
         */
    logger.info("Change the signing keys..");
    rotateAuthenticationKey(privateKeyOriginal, publicKeyOriginal, addressOriginal, publicKeyNew, 0, client);
    Wait.until(transactionFound(addressOriginal, 0, client));
    logger.info("-----------------------------------------------------------------------------------------------");
    logger.info("Get the account state for the account");
    getAccountState(addressOriginal, client);
    logger.info("-----------------------------------------------------------------------------------------------\n");
    /*
         * In this step a new key pair is created and an attempt is made to change these
         * to be the new signing keys. This should fail because we are using the
         * original signing keys which should not work anymore because the keys were
         * changed.
         */
    KeyPair keyPairNew2 = kpGen.generateKeyPair();
    BCEdDSAPrivateKey privateKeyNew2 = (BCEdDSAPrivateKey) keyPairNew2.getPrivate();
    BCEdDSAPublicKey publicKeyNew2 = (BCEdDSAPublicKey) keyPairNew2.getPublic();
    logger.info("Change the signing keys..");
    try {
        rotateAuthenticationKey(privateKeyOriginal, publicKeyOriginal, addressOriginal, publicKeyNew2, 1, client);
    } catch (DiemRuntimeException e) {
        logger.error(e.getMessage());
        logger.error("This failed because the the original keys cannot be used anymore");
    }
    logger.info("-----------------------------------------------------------------------------------------------");
    logger.info("Get the account state for the account");
    getAccountState(addressOriginal, client);
    logger.info("-----------------------------------------------------------------------------------------------\n");
    /*
         * Now a new attempt is done using the correct keys and this time the
         * transaction should go through.
         */
    logger.info("Change the signing keys..");
    rotateAuthenticationKey(privateKeyNew, publicKeyNew, addressOriginal, publicKeyNew2, 1, client);
    logger.info("This succeeded because now the updated keys were used.");
    Wait.until(transactionFound(addressOriginal, 1, client));
    /*
         * Get the account state to verify that the authentication key was changed.
         */
    logger.info("-----------------------------------------------------------------------------------------------");
    getAccountState(addressOriginal, client);
    logger.info("-----------------------------------------------------------------------------------------------");
}
Also used : DiemClient(dev.jlibra.client.DiemClient) DiemRuntimeException(dev.jlibra.DiemRuntimeException) KeyPair(java.security.KeyPair) AuthenticationKey(dev.jlibra.AuthenticationKey) Faucet(dev.jlibra.faucet.Faucet) KeyPairGenerator(java.security.KeyPairGenerator) BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) AccountAddress(dev.jlibra.AccountAddress)

Example 4 with BCEdDSAPrivateKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey in project jlibra by ketola.

the class GenerateKeysExample method main.

public static void main(String[] args) throws Exception {
    Security.addProvider(new BouncyCastleProvider());
    KeyPairGenerator kpGen = KeyPairGenerator.getInstance("Ed25519", "BC");
    KeyPair keyPair = kpGen.generateKeyPair();
    BCEdDSAPrivateKey privateKey = (BCEdDSAPrivateKey) keyPair.getPrivate();
    BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) keyPair.getPublic();
    AuthenticationKey authenticationKey = AuthenticationKey.fromPublicKey(publicKey);
    logger.info("Libra address: {}", AccountAddress.fromAuthenticationKey(authenticationKey));
    logger.info("Authentication key: {}", authenticationKey);
    logger.info("Public key: {}", ByteArray.from(publicKey.getEncoded()));
    logger.info("Private key: {}", ByteArray.from(privateKey.getEncoded()));
}
Also used : KeyPair(java.security.KeyPair) AuthenticationKey(dev.jlibra.AuthenticationKey) KeyPairGenerator(java.security.KeyPairGenerator) BCEdDSAPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Aggregations

BCEdDSAPrivateKey (org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey)4 AuthenticationKey (dev.jlibra.AuthenticationKey)2 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 BCEdDSAPublicKey (org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)2 AccountAddress (dev.jlibra.AccountAddress)1 DiemRuntimeException (dev.jlibra.DiemRuntimeException)1 DiemClient (dev.jlibra.client.DiemClient)1 Faucet (dev.jlibra.faucet.Faucet)1 SignatureAlgorithm (io.jans.as.model.crypto.signature.SignatureAlgorithm)1 Field (java.lang.reflect.Field)1 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 NoSuchProviderException (java.security.NoSuchProviderException)1 PrivateKey (java.security.PrivateKey)1 Signature (java.security.Signature)1 SignatureException (java.security.SignatureException)1 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)1 Ed25519PrivateKeyParameters (org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters)1