Search in sources :

Example 1 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project webofneeds by researchstudio-sat.

the class WonKeysReaderWriter method readFromModel.

private void readFromModel(final Model model, final Map<String, PublicKey> keys, Resource keyAgent) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException {
    StmtIterator keyStmts = model.listStatements(keyAgent, CERT.KEY, RdfUtils.EMPTY_RDF_NODE);
    // TODO replace if with while if we allow multiple keys
    if (keyStmts.hasNext()) {
        Statement statement = keyStmts.next();
        keyAgent = statement.getSubject();
        RDFNode keyObj = statement.getObject();
        // pub key statements
        NodeIterator ni = model.listObjectsOfProperty(keyObj.asResource(), CERT.PUBLIC_KEY);
        if (ni.hasNext()) {
            RDFNode eccKeyObj = ni.next();
            // ECC pub key statements
            StmtIterator eccPubKeyStmts = model.listStatements(eccKeyObj.asResource(), RDF.type, WONCRYPT.ECC_PUBLIC_KEY);
            if (eccPubKeyStmts.hasNext()) {
                // extract properties of ECC public key:
                ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_ALGORITHM);
                String algName = null;
                String curveId = null;
                String qx = null;
                String qy = null;
                if (ni.hasNext()) {
                    algName = ni.next().asLiteral().toString();
                } else {
                    return;
                }
                ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_CURVE_ID);
                if (ni.hasNext()) {
                    curveId = ni.next().asLiteral().toString();
                } else {
                    return;
                }
                ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_QX);
                if (ni.hasNext()) {
                    qx = ni.next().asLiteral().toString();
                } else {
                    return;
                }
                ni = model.listObjectsOfProperty(eccKeyObj.asResource(), WONCRYPT.ECC_QY);
                if (ni.hasNext()) {
                    qy = ni.next().asLiteral().toString();
                } else {
                    return;
                }
                ECNamedCurveParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(curveId);
                org.bouncycastle.math.ec.ECPoint ecPoint = ecSpec.getCurve().createPoint(new BigInteger(qx, 16), new BigInteger(qy, 16));
                ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(ecPoint, ecSpec);
                // TODO add provider to RDF triples?
                KeyFactory keyFactory = KeyFactory.getInstance(algName, "BC");
                PublicKey key = keyFactory.generatePublic(pubKeySpec);
                keys.put(keyAgent.getURI(), key);
            }
        }
    }
}
Also used : ECPublicKey(org.bouncycastle.jce.interfaces.ECPublicKey) PublicKey(java.security.PublicKey) ECPublicKeySpec(org.bouncycastle.jce.spec.ECPublicKeySpec) ECNamedCurveParameterSpec(org.bouncycastle.jce.spec.ECNamedCurveParameterSpec) BigInteger(java.math.BigInteger) ECNamedCurveParameterSpec(org.bouncycastle.jce.spec.ECNamedCurveParameterSpec) ECPublicKeySpec(org.bouncycastle.jce.spec.ECPublicKeySpec) KeyFactory(java.security.KeyFactory)

Example 2 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project spring-security-oauth by spring-projects.

the class EllipticCurveKeyHelper method createPublicKey.

static ECPublicKey createPublicKey(final BigInteger x, final BigInteger y, final String curve) {
    ECNamedCurveParameterSpec curveParameterSpec;
    if ((curveParameterSpec = ECNamedCurveTable.getParameterSpec(curve)) == null) {
        throw new IllegalArgumentException("Unsupported named curve: " + curve);
    }
    ECParameterSpec parameterSpec = new ECNamedCurveSpec(curveParameterSpec.getName(), curveParameterSpec.getCurve(), curveParameterSpec.getG(), curveParameterSpec.getN());
    ECPublicKeySpec publicKeySpec = new ECPublicKeySpec(new ECPoint(x, y), parameterSpec);
    try {
        return (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(publicKeySpec);
    } catch (Exception ex) {
        throw new RuntimeException(ex);
    }
}
Also used : ECPublicKey(java.security.interfaces.ECPublicKey) ECParameterSpec(java.security.spec.ECParameterSpec) ECNamedCurveParameterSpec(org.bouncycastle.jce.spec.ECNamedCurveParameterSpec) ECPoint(java.security.spec.ECPoint) ECPublicKeySpec(java.security.spec.ECPublicKeySpec) ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)

Example 3 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project habot by ghys.

the class NotificationService method generateVAPIDKeyPair.

/**
 * Generate an EC keypair on the prime256v1 curve and save them to a file for later usage.
 *
 * Some code borrowed from
 * <a href=
 * "https://github.com/web-push-libs/webpush-java/blob/master/src/main/java/nl/martijndwars/webpush/cli/handlers/GenerateKeyHandler.java">webpush-java</a>.
 *
 * @author Martijn Dwars
 *
 * @throws InvalidAlgorithmParameterException
 * @throws NoSuchProviderException
 * @throws NoSuchAlgorithmException
 * @throws IOException
 * @throws FileNotFoundException
 */
private void generateVAPIDKeyPair() throws InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchAlgorithmException, FileNotFoundException, IOException {
    ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(Utils.CURVE);
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(Utils.ALGORITHM, PROVIDER_NAME);
    keyPairGenerator.initialize(parameterSpec);
    KeyPair keyPair = keyPairGenerator.generateKeyPair();
    byte[] publicKey = Utils.savePublicKey((ECPublicKey) keyPair.getPublic());
    byte[] privateKey = Utils.savePrivateKey((ECPrivateKey) keyPair.getPrivate());
    List<String> encodedKeys = new ArrayList<String>();
    encodedKeys.add(BaseEncoding.base64Url().encode(publicKey));
    encodedKeys.add(BaseEncoding.base64Url().encode(privateKey));
    // write the public key, then the private key in encoded form on separate lines in the file
    File file = new File(ConfigConstants.getUserDataFolder() + File.separator + VAPID_KEYS_FILE_NAME);
    file.getParentFile().mkdirs();
    IOUtils.writeLines(encodedKeys, System.lineSeparator(), new FileOutputStream(file));
    this.publicVAPIDKey = encodedKeys.get(0);
    this.privateVAPIDKey = encodedKeys.get(1);
}
Also used : KeyPair(java.security.KeyPair) FileOutputStream(java.io.FileOutputStream) ECNamedCurveParameterSpec(org.bouncycastle.jce.spec.ECNamedCurveParameterSpec) ArrayList(java.util.ArrayList) KeyPairGenerator(java.security.KeyPairGenerator) File(java.io.File)

Example 4 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project habot by ghys.

the class PushService method encrypt.

/**
 * Encrypt the getPayload using the user's public key using Elliptic Curve
 * Diffie Hellman cryptography over the prime256v1 curve.
 *
 * @return An Encrypted object containing the public key, salt, and
 *         ciphertext, which can be sent to the other party.
 */
public static Encrypted encrypt(byte[] buffer, PublicKey userPublicKey, byte[] userAuth, int padSize) throws GeneralSecurityException, IOException {
    ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec("prime256v1");
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", "BC");
    keyPairGenerator.initialize(parameterSpec);
    KeyPair serverKey = keyPairGenerator.generateKeyPair();
    Map<String, KeyPair> keys = new HashMap<>();
    keys.put("server-key-id", serverKey);
    Map<String, String> labels = new HashMap<>();
    labels.put("server-key-id", "P-256");
    byte[] salt = new byte[16];
    SECURE_RANDOM.nextBytes(salt);
    HttpEce httpEce = new HttpEce(keys, labels);
    byte[] ciphertext = httpEce.encrypt(buffer, salt, null, "server-key-id", userPublicKey, userAuth, padSize);
    return new Encrypted.Builder().withSalt(salt).withPublicKey(serverKey.getPublic()).withCiphertext(ciphertext).build();
}
Also used : KeyPair(java.security.KeyPair) HashMap(java.util.HashMap) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) ClientBuilder(javax.ws.rs.client.ClientBuilder) ECNamedCurveParameterSpec(org.bouncycastle.jce.spec.ECNamedCurveParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator)

Example 5 with ECNamedCurveParameterSpec

use of org.bouncycastle.jce.spec.ECNamedCurveParameterSpec in project xipki by xipki.

the class KeyUtil method generateECKeypair.

// CHECKSTYLE:SKIP
public static KeyPair generateECKeypair(ASN1ObjectIdentifier curveId, SecureRandom random) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
    ParamUtil.requireNonNull("curveId", curveId);
    ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(curveId.getId());
    KeyPairGenerator kpGen = getKeyPairGenerator("EC");
    synchronized (kpGen) {
        if (random == null) {
            kpGen.initialize(spec);
        } else {
            kpGen.initialize(spec, random);
        }
        return kpGen.generateKeyPair();
    }
}
Also used : ECNamedCurveParameterSpec(org.bouncycastle.jce.spec.ECNamedCurveParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator)

Aggregations

ECNamedCurveParameterSpec (org.bouncycastle.jce.spec.ECNamedCurveParameterSpec)10 BigInteger (java.math.BigInteger)5 KeyPairGenerator (java.security.KeyPairGenerator)4 KeyPair (java.security.KeyPair)3 KeyFactory (java.security.KeyFactory)2 ECParameterSpec (java.security.spec.ECParameterSpec)2 ECPoint (java.security.spec.ECPoint)2 ECPublicKeySpec (java.security.spec.ECPublicKeySpec)2 ECPublicKey (org.bouncycastle.jce.interfaces.ECPublicKey)2 ECPoint (org.bouncycastle.math.ec.ECPoint)2 File (java.io.File)1 FileOutputStream (java.io.FileOutputStream)1 IOException (java.io.IOException)1 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 NoSuchProviderException (java.security.NoSuchProviderException)1 PublicKey (java.security.PublicKey)1 ECPrivateKey (java.security.interfaces.ECPrivateKey)1 ECPublicKey (java.security.interfaces.ECPublicKey)1 DSAPublicKeySpec (java.security.spec.DSAPublicKeySpec)1