Example 36 with AlgorithmIdentifier
use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.
the class KeyUtil method createECPublicKey.
// CHECKSTYLE:SKIP
public static ECPublicKey createECPublicKey(byte[] encodedAlgorithmIdParameters, byte[] encodedPoint) throws InvalidKeySpecException {
ParamUtil.requireNonNull("encodedAlgorithmIdParameters", encodedAlgorithmIdParameters);
ParamUtil.requireNonNull("encodedPoint", encodedPoint);
ASN1Encodable algParams;
if (encodedAlgorithmIdParameters[0] == 6) {
algParams = ASN1ObjectIdentifier.getInstance(encodedAlgorithmIdParameters);
} else {
algParams = X962Parameters.getInstance(encodedAlgorithmIdParameters);
}
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, algParams);
SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(algId, encodedPoint);
X509EncodedKeySpec keySpec;
try {
keySpec = new X509EncodedKeySpec(spki.getEncoded());
} catch (IOException ex) {
throw new InvalidKeySpecException(ex.getMessage(), ex);
}
KeyFactory kf;
try {
kf = KeyFactory.getInstance("EC", "BC");
} catch (NoSuchAlgorithmException | NoSuchProviderException ex) {
throw new InvalidKeySpecException(ex.getMessage(), ex);
}
return (ECPublicKey) kf.generatePublic(keySpec);
}
Also used :
ECPublicKey(java.security.interfaces.ECPublicKey)
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
IOException(java.io.IOException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
KeyFactory(java.security.KeyFactory)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 37 with AlgorithmIdentifier
use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.
the class SignerUtil method createPSSRSASigner.
// CHECKSTYLE:SKIP
public static PSSSigner createPSSRSASigner(AlgorithmIdentifier sigAlgId, AsymmetricBlockCipher cipher) throws XiSecurityException {
ParamUtil.requireNonNull("sigAlgId", sigAlgId);
if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
throw new XiSecurityException("signature algorithm " + sigAlgId.getAlgorithm() + " is not allowed");
}
AlgorithmIdentifier digAlgId;
try {
digAlgId = AlgorithmUtil.extractDigesetAlgFromSigAlg(sigAlgId);
} catch (NoSuchAlgorithmException ex) {
throw new XiSecurityException(ex.getMessage(), ex);
}
RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters());
AlgorithmIdentifier mfgDigAlgId = AlgorithmIdentifier.getInstance(param.getMaskGenAlgorithm().getParameters());
Digest dig = getDigest(digAlgId);
Digest mfgDig = getDigest(mfgDigAlgId);
int saltSize = param.getSaltLength().intValue();
int trailerField = param.getTrailerField().intValue();
AsymmetricBlockCipher tmpCipher = (cipher == null) ? new RSABlindedEngine() : cipher;
return new PSSSigner(tmpCipher, dig, mfgDig, saltSize, getTrailer(trailerField));
}
Also used :
XiSecurityException(org.xipki.security.exception.XiSecurityException)
Digest(org.bouncycastle.crypto.Digest)
RSABlindedEngine(org.bouncycastle.crypto.engines.RSABlindedEngine)
RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams)
PSSSigner(org.bouncycastle.crypto.signers.PSSSigner)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
AsymmetricBlockCipher(org.bouncycastle.crypto.AsymmetricBlockCipher)
Example 38 with AlgorithmIdentifier
use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.
the class CaClientExample method generateEcKeypair.
protected static MyKeypair generateEcKeypair() throws GeneralSecurityException {
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec spec = new ECGenParameterSpec("secp256r1");
kpGen.initialize(spec);
KeyPair kp = kpGen.generateKeyPair();
ECPublicKey pub = (ECPublicKey) kp.getPublic();
byte[] keyData = new byte[65];
keyData[0] = 4;
copyArray(pub.getW().getAffineX().toByteArray(), keyData, 1, 32);
copyArray(pub.getW().getAffineY().toByteArray(), keyData, 33, 32);
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, SECObjectIdentifiers.secp256r1);
SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algId, keyData);
return new MyKeypair(kp.getPrivate(), subjectPublicKeyInfo);
}
Also used :
KeyPair(java.security.KeyPair)
ECPublicKey(java.security.interfaces.ECPublicKey)
ECGenParameterSpec(java.security.spec.ECGenParameterSpec)
KeyPairGenerator(java.security.KeyPairGenerator)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 39 with AlgorithmIdentifier
use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.
the class OcspBenchRequestor method init.
public void init(OcspBenchmark responseHandler, String responderUrl, Certificate issuerCert, RequestOptions requestOptions, int queueSize) throws Exception {
ParamUtil.requireNonNull("issuerCert", issuerCert);
ParamUtil.requireNonNull("responseHandler", responseHandler);
this.requestOptions = ParamUtil.requireNonNull("requestOptions", requestOptions);
HashAlgo hashAlgo = HashAlgo.getInstance(requestOptions.getHashAlgorithmId());
if (hashAlgo == null) {
throw new OcspRequestorException("unknown HashAlgo " + requestOptions.getHashAlgorithmId().getId());
}
this.issuerhashAlg = hashAlgo.getAlgorithmIdentifier();
this.issuerNameHash = new DEROctetString(hashAlgo.hash(issuerCert.getSubject().getEncoded()));
this.issuerKeyHash = new DEROctetString(hashAlgo.hash(issuerCert.getSubjectPublicKeyInfo().getPublicKeyData().getOctets()));
List<AlgorithmIdentifier> prefSigAlgs = requestOptions.getPreferredSignatureAlgorithms();
if (prefSigAlgs == null || prefSigAlgs.size() == 0) {
this.extensions = null;
} else {
ASN1EncodableVector vec = new ASN1EncodableVector();
for (AlgorithmIdentifier algId : prefSigAlgs) {
ASN1Sequence prefSigAlgObj = new DERSequence(algId);
vec.add(prefSigAlgObj);
}
ASN1Sequence extnValue = new DERSequence(vec);
Extension extn;
try {
extn = new Extension(ObjectIdentifiers.id_pkix_ocsp_prefSigAlgs, false, new DEROctetString(extnValue));
} catch (IOException ex) {
throw new OcspRequestorException(ex.getMessage(), ex);
}
this.extensions = new Extension[] { extn };
}
URI uri = new URI(responderUrl);
this.responderRawPathPost = uri.getRawPath();
if (this.responderRawPathPost.endsWith("/")) {
this.responderRawPathGet = this.responderRawPathPost;
} else {
this.responderRawPathGet = this.responderRawPathPost + "/";
}
this.httpClient = new HttpClient(responderUrl, responseHandler, queueSize);
this.httpClient.start();
}
Also used :
OcspRequestorException(org.xipki.ocsp.client.api.OcspRequestorException)
Extension(org.bouncycastle.asn1.x509.Extension)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DERSequence(org.bouncycastle.asn1.DERSequence)
HashAlgo(org.xipki.security.HashAlgo)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
IOException(java.io.IOException)
URI(java.net.URI)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 40 with AlgorithmIdentifier
use of org.spongycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.
the class CaClientExample method generateRsaKeypair.
protected static MyKeypair generateRsaKeypair() throws Exception {
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA");
kpGen.initialize(2048);
KeyPair kp = kpGen.generateKeyPair();
RSAPublicKey pubKey = (RSAPublicKey) kp.getPublic();
SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPublicKey(pubKey.getModulus(), pubKey.getPublicExponent()));
return new MyKeypair(kp.getPrivate(), subjectPublicKeyInfo);
}
Also used :
KeyPair(java.security.KeyPair)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
KeyPairGenerator(java.security.KeyPairGenerator)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Aggregations
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)114
IOException (java.io.IOException)47
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)36
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)35
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)32
BigInteger (java.math.BigInteger)29
X509Certificate (java.security.cert.X509Certificate)27
X500Name (org.bouncycastle.asn1.x500.X500Name)27
DEROctetString (org.bouncycastle.asn1.DEROctetString)21
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)20
KeyPair (java.security.KeyPair)19
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)19
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)19
Date (java.util.Date)18
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)18
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)17
DERSequence (org.bouncycastle.asn1.DERSequence)16
KeyPairGenerator (java.security.KeyPairGenerator)15
PublicKey (java.security.PublicKey)14
ContentSigner (org.bouncycastle.operator.ContentSigner)14
