Examples with ECNamedCurveParameterSpec org.bouncycastle.jce.spec.ECNamedCurveParameterSpec used on opensource projects

Example 1 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project webofneeds by researchstudio-sat.

the class WonKeysReaderWriter method readFromModel.

private void readFromModel(final Model model, final Map<String, PublicKey> keys, Resource keyAgent) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException {
    StmtIterator keyStmts = model.listStatements(keyAgent, CERT.KEY, RdfUtils.EMPTY_RDF_NODE);
    // TODO replace if with while if we allow multiple keys
    if (keyStmts.hasNext()) {
        Statement statement = keyStmts.next();
        keyAgent = statement.getSubject();
        RDFNode keyObj = statement.getObject();
        // pub key statements
        NodeIterator ni = model.listObjectsOfProperty(keyObj.asResource(), CERT.PUBLIC_KEY);
        if (ni.hasNext()) {
            RDFNode eccKeyObj = ni.next();
            // ECC pub key statements
            StmtIterator eccPubKeyStmts = model.listStatements(eccKeyObj.asResource(), RDF.type, WONCRYPT.ECC_PUBLIC_KEY);
            if (eccPubKeyStmts.hasNext()) {
                // extract properties of ECC public key:
                ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_ALGORITHM);
                String algName = null;
                String curveId = null;
                String qx = null;
                String qy = null;
                if (ni.hasNext()) {
                    algName = ni.next().asLiteral().toString();
                } else {
                    return;
                }
                ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_CURVE_ID);
                if (ni.hasNext()) {
                    curveId = ni.next().asLiteral().toString();
                } else {
                    return;
                }
                ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_QX);
                if (ni.hasNext()) {
                    qx = ni.next().asLiteral().toString();
                } else {
                    return;
                }
                ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_QY);
                if (ni.hasNext()) {
                    qy = ni.next().asLiteral().toString();
                } else {
                    return;
                }
                ECNamedCurveParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(curveId);
                org.bouncycastle.math.ec.ECPoint ecPoint = ecSpec.getCurve().createPoint(new BigInteger(qx, 16), new BigInteger(qy, 16));
                ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(ecPoint, ecSpec);
                // TODO add provider to RDF triples?
                KeyFactory keyFactory = KeyFactory.getInstance(algName, "BC");
                PublicKey key = keyFactory.generatePublic(pubKeySpec);
                keys.put(keyAgent.getURI(), key);
            }
        }
    }
}

Example 2 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project spring-security-oauth by spring-projects.

the class EllipticCurveKeyHelper method createPublicKey.

static ECPublicKey createPublicKey(final BigInteger x, final BigInteger y, final String curve) {
    ECNamedCurveParameterSpec curveParameterSpec;
    if ((curveParameterSpec = ECNamedCurveTable.getParameterSpec(curve)) == null) {
        throw new IllegalArgumentException("Unsupported named curve: " + curve);
    }
    ECParameterSpec parameterSpec = new ECNamedCurveSpec(curveParameterSpec.getName(), curveParameterSpec.getCurve(), curveParameterSpec.getG(), curveParameterSpec.getN());
    ECPublicKeySpec publicKeySpec = new ECPublicKeySpec(new ECPoint(x, y), parameterSpec);
    try {
        return (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(publicKeySpec);
    } catch (Exception ex) {
        throw new RuntimeException(ex);
    }
}

Example 3 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project habot by ghys.

the class NotificationService method generateVAPIDKeyPair.

/**
 * Generate an EC keypair on the prime256v1 curve and save them to a file for later usage.
 *
 * Some code borrowed from
 * <a href=
 * "https://github.com/web-push-libs/webpush-java/blob/master/src/main/java/nl/martijndwars/webpush/cli/handlers/GenerateKeyHandler.java">webpush-java</a>.
 *
 * @author Martijn Dwars
 *
 * @throws InvalidAlgorithmParameterException
 * @throws NoSuchProviderException
 * @throws NoSuchAlgorithmException
 * @throws IOException
 * @throws FileNotFoundException
 */
private void generateVAPIDKeyPair() throws InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchAlgorithmException, FileNotFoundException, IOException {
    ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(Utils.CURVE);
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(Utils.ALGORITHM, PROVIDER_NAME);
    keyPairGenerator.initialize(parameterSpec);
    KeyPair keyPair = keyPairGenerator.generateKeyPair();
    byte[] publicKey = Utils.savePublicKey((ECPublicKey) keyPair.getPublic());
    byte[] privateKey = Utils.savePrivateKey((ECPrivateKey) keyPair.getPrivate());
    List<String> encodedKeys = new ArrayList<String>();
    encodedKeys.add(BaseEncoding.base64Url().encode(publicKey));
    encodedKeys.add(BaseEncoding.base64Url().encode(privateKey));
    // write the public key, then the private key in encoded form on separate lines in the file
    File file = new File(ConfigConstants.getUserDataFolder() + File.separator + VAPID_KEYS_FILE_NAME);
    file.getParentFile().mkdirs();
    IOUtils.writeLines(encodedKeys, System.lineSeparator(), new FileOutputStream(file));
    this.publicVAPIDKey = encodedKeys.get(0);
    this.privateVAPIDKey = encodedKeys.get(1);
}

Example 4 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project habot by ghys.

the class PushService method encrypt.

/**
 * Encrypt the getPayload using the user's public key using Elliptic Curve
 * Diffie Hellman cryptography over the prime256v1 curve.
 *
 * @return An Encrypted object containing the public key, salt, and
 *         ciphertext, which can be sent to the other party.
 */
public static Encrypted encrypt(byte[] buffer, PublicKey userPublicKey, byte[] userAuth, int padSize) throws GeneralSecurityException, IOException {
    ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec("prime256v1");
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", "BC");
    keyPairGenerator.initialize(parameterSpec);
    KeyPair serverKey = keyPairGenerator.generateKeyPair();
    Map<String, KeyPair> keys = new HashMap<>();
    keys.put("server-key-id", serverKey);
    Map<String, String> labels = new HashMap<>();
    labels.put("server-key-id", "P-256");
    byte[] salt = new byte[16];
    SECURE_RANDOM.nextBytes(salt);
    HttpEce httpEce = new HttpEce(keys, labels);
    byte[] ciphertext = httpEce.encrypt(buffer, salt, null, "server-key-id", userPublicKey, userAuth, padSize);
    return new Encrypted.Builder().withSalt(salt).withPublicKey(serverKey.getPublic()).withCiphertext(ciphertext).build();
}

Example 5 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project xipki by xipki.

the class KeyUtil method generateECKeypair.

// CHECKSTYLE:SKIP
public static KeyPair generateECKeypair(ASN1ObjectIdentifier curveId, SecureRandom random) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
    ParamUtil.requireNonNull("curveId", curveId);
    ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(curveId.getId());
    KeyPairGenerator kpGen = getKeyPairGenerator("EC");
    synchronized (kpGen) {
        if (random == null) {
            kpGen.initialize(spec);
        } else {
            kpGen.initialize(spec, random);
        }
        return kpGen.generateKeyPair();
    }
}