use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project webofneeds by researchstudio-sat.
the class WonKeysReaderWriter method readFromModel.
private void readFromModel(final Model model, final Map<String, PublicKey> keys, Resource keyAgent) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException {
StmtIterator keyStmts = model.listStatements(keyAgent, CERT.KEY, RdfUtils.EMPTY_RDF_NODE);
// TODO replace if with while if we allow multiple keys
if (keyStmts.hasNext()) {
Statement statement = keyStmts.next();
keyAgent = statement.getSubject();
RDFNode keyObj = statement.getObject();
// pub key statements
NodeIterator ni = model.listObjectsOfProperty(keyObj.asResource(), CERT.PUBLIC_KEY);
if (ni.hasNext()) {
RDFNode eccKeyObj = ni.next();
// ECC pub key statements
StmtIterator eccPubKeyStmts = model.listStatements(eccKeyObj.asResource(), RDF.type, WONCRYPT.ECC_PUBLIC_KEY);
if (eccPubKeyStmts.hasNext()) {
// extract properties of ECC public key:
ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_ALGORITHM);
String algName = null;
String curveId = null;
String qx = null;
String qy = null;
if (ni.hasNext()) {
algName = ni.next().asLiteral().toString();
} else {
return;
}
ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_CURVE_ID);
if (ni.hasNext()) {
curveId = ni.next().asLiteral().toString();
} else {
return;
}
ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_QX);
if (ni.hasNext()) {
qx = ni.next().asLiteral().toString();
} else {
return;
}
ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_QY);
if (ni.hasNext()) {
qy = ni.next().asLiteral().toString();
} else {
return;
}
ECNamedCurveParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(curveId);
org.bouncycastle.math.ec.ECPoint ecPoint = ecSpec.getCurve().createPoint(new BigInteger(qx, 16), new BigInteger(qy, 16));
ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(ecPoint, ecSpec);
// TODO add provider to RDF triples?
KeyFactory keyFactory = KeyFactory.getInstance(algName, "BC");
PublicKey key = keyFactory.generatePublic(pubKeySpec);
keys.put(keyAgent.getURI(), key);
}
}
}
}
use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project spring-security-oauth by spring-projects.
the class EllipticCurveKeyHelper method createPublicKey.
static ECPublicKey createPublicKey(final BigInteger x, final BigInteger y, final String curve) {
ECNamedCurveParameterSpec curveParameterSpec;
if ((curveParameterSpec = ECNamedCurveTable.getParameterSpec(curve)) == null) {
throw new IllegalArgumentException("Unsupported named curve: " + curve);
}
ECParameterSpec parameterSpec = new ECNamedCurveSpec(curveParameterSpec.getName(), curveParameterSpec.getCurve(), curveParameterSpec.getG(), curveParameterSpec.getN());
ECPublicKeySpec publicKeySpec = new ECPublicKeySpec(new ECPoint(x, y), parameterSpec);
try {
return (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(publicKeySpec);
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}
use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project habot by ghys.
the class NotificationService method generateVAPIDKeyPair.
/**
* Generate an EC keypair on the prime256v1 curve and save them to a file for later usage.
*
* Some code borrowed from
* <a href=
* "https://github.com/web-push-libs/webpush-java/blob/master/src/main/java/nl/martijndwars/webpush/cli/handlers/GenerateKeyHandler.java">webpush-java</a>.
*
* @author Martijn Dwars
*
* @throws InvalidAlgorithmParameterException
* @throws NoSuchProviderException
* @throws NoSuchAlgorithmException
* @throws IOException
* @throws FileNotFoundException
*/
private void generateVAPIDKeyPair() throws InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchAlgorithmException, FileNotFoundException, IOException {
ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(Utils.CURVE);
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(Utils.ALGORITHM, PROVIDER_NAME);
keyPairGenerator.initialize(parameterSpec);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
byte[] publicKey = Utils.savePublicKey((ECPublicKey) keyPair.getPublic());
byte[] privateKey = Utils.savePrivateKey((ECPrivateKey) keyPair.getPrivate());
List<String> encodedKeys = new ArrayList<String>();
encodedKeys.add(BaseEncoding.base64Url().encode(publicKey));
encodedKeys.add(BaseEncoding.base64Url().encode(privateKey));
// write the public key, then the private key in encoded form on separate lines in the file
File file = new File(ConfigConstants.getUserDataFolder() + File.separator + VAPID_KEYS_FILE_NAME);
file.getParentFile().mkdirs();
IOUtils.writeLines(encodedKeys, System.lineSeparator(), new FileOutputStream(file));
this.publicVAPIDKey = encodedKeys.get(0);
this.privateVAPIDKey = encodedKeys.get(1);
}
use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project habot by ghys.
the class PushService method encrypt.
/**
* Encrypt the getPayload using the user's public key using Elliptic Curve
* Diffie Hellman cryptography over the prime256v1 curve.
*
* @return An Encrypted object containing the public key, salt, and
* ciphertext, which can be sent to the other party.
*/
public static Encrypted encrypt(byte[] buffer, PublicKey userPublicKey, byte[] userAuth, int padSize) throws GeneralSecurityException, IOException {
ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec("prime256v1");
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", "BC");
keyPairGenerator.initialize(parameterSpec);
KeyPair serverKey = keyPairGenerator.generateKeyPair();
Map<String, KeyPair> keys = new HashMap<>();
keys.put("server-key-id", serverKey);
Map<String, String> labels = new HashMap<>();
labels.put("server-key-id", "P-256");
byte[] salt = new byte[16];
SECURE_RANDOM.nextBytes(salt);
HttpEce httpEce = new HttpEce(keys, labels);
byte[] ciphertext = httpEce.encrypt(buffer, salt, null, "server-key-id", userPublicKey, userAuth, padSize);
return new Encrypted.Builder().withSalt(salt).withPublicKey(serverKey.getPublic()).withCiphertext(ciphertext).build();
}
use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project xipki by xipki.
the class KeyUtil method generateECKeypair.
// CHECKSTYLE:SKIP
public static KeyPair generateECKeypair(ASN1ObjectIdentifier curveId, SecureRandom random) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
ParamUtil.requireNonNull("curveId", curveId);
ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(curveId.getId());
KeyPairGenerator kpGen = getKeyPairGenerator("EC");
synchronized (kpGen) {
if (random == null) {
kpGen.initialize(spec);
} else {
kpGen.initialize(spec, random);
}
return kpGen.generateKeyPair();
}
}
Aggregations