Search in sources :

Example 1 with BCEdDSAPublicKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey in project jans by JanssenProject.

the class ECDSAKeyFactory method generateV3Certificate.

public Certificate generateV3Certificate(Date startDate, Date expirationDate, String dnName) throws OperatorCreationException, CertificateException {
    // Create certificate
    Certificate resCertificate = null;
    BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) keyPair.getPublic();
    // serial number for certificate
    BigInteger serialNumber = new BigInteger(1024, new SecureRandom());
    X500Name name = new X500Name(dnName);
    JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(name, serialNumber, startDate, expirationDate, name, publicKey);
    X509CertificateHolder certHolder = certGen.build(new JcaContentSignerBuilder(signatureAlgorithm.getAlgorithm()).setProvider(DEF_BC).build(keyPair.getPrivate()));
    X509Certificate cert = new JcaX509CertificateConverter().setProvider(DEF_BC).getCertificate(certHolder);
    resCertificate = new Certificate(signatureAlgorithm, cert);
    return resCertificate;
}
Also used : JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) SecureRandom(java.security.SecureRandom) X500Name(org.bouncycastle.asn1.x500.X500Name) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(io.jans.as.model.crypto.Certificate)

Example 2 with BCEdDSAPublicKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey in project jans by JanssenProject.

the class EDDSAKeyFactory method generateV3Certificate.

/**
 * Generates certificate X509 v3
 *
 * @param startDate
 * @param expirationDate
 * @param dnName
 * @return
 * @throws CertificateEncodingException
 * @throws InvalidKeyException
 * @throws IllegalStateException
 * @throws NoSuchProviderException
 * @throws NoSuchAlgorithmException
 * @throws SignatureException
 */
public Certificate generateV3Certificate(final Date startDate, final Date expirationDate, final String dnName) throws SignatureException {
    // Creating the certificate
    Certificate resCertificate = null;
    try {
        BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) keyPair.getPublic();
        // serial number for certificate
        BigInteger serialNumber = new BigInteger(1024, new SecureRandom());
        X500Name name = new X500Name(dnName);
        JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(name, serialNumber, startDate, expirationDate, name, publicKey);
        X509CertificateHolder certHolder = certGen.build(new JcaContentSignerBuilder(signatureAlgorithm.getAlgorithm()).setProvider(DEF_BC).build(keyPair.getPrivate()));
        X509Certificate cert = new JcaX509CertificateConverter().setProvider(DEF_BC).getCertificate(certHolder);
        resCertificate = new Certificate(signatureAlgorithm, cert);
    } catch (Exception e) {
        throw new SignatureException(e);
    }
    return resCertificate;
}
Also used : JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) SecureRandom(java.security.SecureRandom) X500Name(org.bouncycastle.asn1.x500.X500Name) SignatureException(java.security.SignatureException) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) X509Certificate(java.security.cert.X509Certificate) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) InvalidParameterException(java.security.InvalidParameterException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException) CertificateEncodingException(java.security.cert.CertificateEncodingException) X509Certificate(java.security.cert.X509Certificate) Certificate(io.jans.as.model.crypto.Certificate)

Example 3 with BCEdDSAPublicKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey in project jans by JanssenProject.

the class EDDSASigner method validateSignature.

/**
 * Validating a signature.
 */
@Override
public boolean validateSignature(String signingInput, String signature) throws SignatureException {
    SignatureAlgorithm signatureAlgorithm = getSignatureAlgorithm();
    if (signatureAlgorithm == null) {
        throw new SignatureException("The signature algorithm is null");
    }
    if (!signatureAlgorithm.getFamily().equals(AlgorithmFamily.ED)) {
        throw new SignatureException(String.format("Wrong value of the signature algorithm: %s", signatureAlgorithm.getFamily().toString()));
    }
    if (eddsaPublicKey == null) {
        throw new SignatureException("The EDDSA public key is null");
    }
    if (signingInput == null) {
        throw new SignatureException("The signing input is null");
    }
    try {
        X509EncodedKeySpec publicKeySpec = eddsaPublicKey.getPublicKeySpec();
        java.security.KeyFactory keyFactory = java.security.KeyFactory.getInstance(signatureAlgorithm.getName());
        BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) keyFactory.generatePublic(publicKeySpec);
        Signature virifier = Signature.getInstance(signatureAlgorithm.getName(), "BC");
        virifier.initVerify(publicKey);
        virifier.update(signingInput.getBytes());
        return virifier.verify(Base64Util.base64urldecode(signature));
    } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException | InvalidKeyException | IllegalArgumentException e) {
        throw new SignatureException(e);
    }
}
Also used : SignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) SignatureException(java.security.SignatureException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) Signature(java.security.Signature) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchProviderException(java.security.NoSuchProviderException)

Example 4 with BCEdDSAPublicKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey in project jans by JanssenProject.

the class Certificate method getPublicKey.

/**
 * Returns Public Key from X509 Certificate.
 *
 * @return Public Key from X509 Certificate.
 */
public PublicKey getPublicKey() {
    if (x509Certificate == null) {
        return null;
    }
    PublicKey publicKey = null;
    if (x509Certificate.getPublicKey() instanceof BCRSAPublicKey) {
        BCRSAPublicKey jcersaPublicKey = (BCRSAPublicKey) x509Certificate.getPublicKey();
        publicKey = new RSAPublicKey(jcersaPublicKey.getModulus(), jcersaPublicKey.getPublicExponent());
    } else if (x509Certificate.getPublicKey() instanceof BCECPublicKey) {
        BCECPublicKey jceecPublicKey = (BCECPublicKey) x509Certificate.getPublicKey();
        publicKey = new ECDSAPublicKey(signatureAlgorithm, jceecPublicKey.getQ().getXCoord().toBigInteger(), jceecPublicKey.getQ().getYCoord().toBigInteger());
    } else if (x509Certificate.getPublicKey() instanceof BCEdDSAPublicKey) {
        BCEdDSAPublicKey jceedPublicKey = (BCEdDSAPublicKey) x509Certificate.getPublicKey();
        publicKey = new EDDSAPublicKey(signatureAlgorithm, jceedPublicKey.getEncoded());
    }
    return publicKey;
}
Also used : EDDSAPublicKey(io.jans.as.model.crypto.signature.EDDSAPublicKey) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey) BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) EDDSAPublicKey(io.jans.as.model.crypto.signature.EDDSAPublicKey) BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey) ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey) BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) BCRSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey)

Example 5 with BCEdDSAPublicKey

use of org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey in project jans by JanssenProject.

the class Certificate method getEddsaPublicKey.

/**
 * Returns EDDSA Public Key from X509 Certificate.
 *
 * @return EDDSA Public Key from X509 Certificate.
 */
public EDDSAPublicKey getEddsaPublicKey() {
    EDDSAPublicKey eddsaPublicKey = null;
    if (x509Certificate != null && x509Certificate.getPublicKey() instanceof BCEdDSAPublicKey) {
        BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) x509Certificate.getPublicKey();
        eddsaPublicKey = new EDDSAPublicKey(signatureAlgorithm, publicKey.getEncoded());
    }
    return eddsaPublicKey;
}
Also used : EDDSAPublicKey(io.jans.as.model.crypto.signature.EDDSAPublicKey) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)

Aggregations

BCEdDSAPublicKey (org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey)7 AuthenticationKey (dev.jlibra.AuthenticationKey)2 Certificate (io.jans.as.model.crypto.Certificate)2 EDDSAPublicKey (io.jans.as.model.crypto.signature.EDDSAPublicKey)2 BigInteger (java.math.BigInteger)2 InvalidKeyException (java.security.InvalidKeyException)2 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 NoSuchProviderException (java.security.NoSuchProviderException)2 SecureRandom (java.security.SecureRandom)2 SignatureException (java.security.SignatureException)2 X509Certificate (java.security.cert.X509Certificate)2 X500Name (org.bouncycastle.asn1.x500.X500Name)2 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)2 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)2 JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)2 BCEdDSAPrivateKey (org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPrivateKey)2 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)2 AccountAddress (dev.jlibra.AccountAddress)1