Search in sources :

Example 26 with X9ECParameters

use of org.spongycastle.asn1.x9.X9ECParameters in project oxAuth by GluuFederation.

the class SHA256withECDSASignatureVerification method decodePublicKey.

@Override
public PublicKey decodePublicKey(byte[] encodedPublicKey) throws SignatureException {
    X9ECParameters curve = SECNamedCurves.getByName("secp256r1");
    ECPoint point = curve.getCurve().decodePoint(encodedPublicKey);
    try {
        return KeyFactory.getInstance("ECDSA").generatePublic(new ECPublicKeySpec(point, new ECParameterSpec(curve.getCurve(), curve.getG(), curve.getN(), curve.getH())));
    } catch (GeneralSecurityException ex) {
        throw new SignatureException(ex);
    }
}
Also used : X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec) GeneralSecurityException(java.security.GeneralSecurityException) SignatureException(org.xdi.oxauth.model.exception.SignatureException) ECPoint(org.bouncycastle.math.ec.ECPoint) ECPublicKeySpec(org.bouncycastle.jce.spec.ECPublicKeySpec)

Example 27 with X9ECParameters

use of org.spongycastle.asn1.x9.X9ECParameters in project OsmAnd-tools by osmandapp.

the class SigningUtils method derivePublicKey.

/**
 * Step (8) to (11): Derive pubkey from passphrase
 * @param privBytes
 * @return
 * @throws BlockIOException
 */
static byte[] derivePublicKey(byte[] privBytes) throws BlockIOException {
    X9ECParameters params = SECNamedCurves.getByName("secp256k1");
    ECDomainParameters ecParams = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH());
    BigInteger priv = new BigInteger(1, privBytes);
    byte[] pubBytes = ecParams.getG().multiply(priv).getEncoded(true);
    return pubBytes;
}
Also used : ECDomainParameters(org.bouncycastle.crypto.params.ECDomainParameters) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) BigInteger(java.math.BigInteger)

Example 28 with X9ECParameters

use of org.spongycastle.asn1.x9.X9ECParameters in project OsmAnd-tools by osmandapp.

the class SigningUtils method signData.

static String signData(String input, byte[] key) throws BlockIOException {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    X9ECParameters params = SECNamedCurves.getByName("secp256k1");
    ECDomainParameters ecParams = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH());
    BigInteger priv = new BigInteger(1, key);
    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(priv, ecParams);
    signer.init(true, privKey);
    BigInteger[] sigs = signer.generateSignature(fromHex(input));
    BigInteger r = sigs[0];
    BigInteger s = sigs[1];
    // BIP62: "S must be less than or equal to half of the Group Order N"
    BigInteger overTwo = params.getN().shiftRight(1);
    if (s.compareTo(overTwo) == 1) {
        s = params.getN().subtract(s);
    }
    try {
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        DERSequenceGenerator seq = new DERSequenceGenerator(bos);
        seq.addObject(new ASN1Integer(r));
        seq.addObject(new ASN1Integer(s));
        seq.close();
        return toHex(bos.toByteArray());
    } catch (IOException e) {
        // Cannot happen.
        throw new BlockIOException("That should never happen... File an issue report.");
    }
}
Also used : ECDomainParameters(org.bouncycastle.crypto.params.ECDomainParameters) ECDSASigner(org.bouncycastle.crypto.signers.ECDSASigner) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IOException(java.io.IOException) HMacDSAKCalculator(org.bouncycastle.crypto.signers.HMacDSAKCalculator) ECPrivateKeyParameters(org.bouncycastle.crypto.params.ECPrivateKeyParameters) SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest) BigInteger(java.math.BigInteger) DERSequenceGenerator(org.bouncycastle.asn1.DERSequenceGenerator)

Example 29 with X9ECParameters

use of org.spongycastle.asn1.x9.X9ECParameters in project xipki by xipki.

the class IaikP11Slot method generateECKeypair0.

@Override
protected P11Identity generateECKeypair0(ASN1ObjectIdentifier curveId, String label, P11NewKeyControl control) throws P11TokenException {
    long mech = PKCS11Constants.CKM_EC_KEY_PAIR_GEN;
    assertMechanismSupported(mech);
    ECPrivateKey privateKey = new ECPrivateKey();
    ECPublicKey publicKey = new ECPublicKey();
    setKeyAttributes(label, PKCS11Constants.CKK_EC, control, publicKey, privateKey);
    byte[] encodedCurveId;
    try {
        encodedCurveId = curveId.getEncoded();
    } catch (IOException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    }
    try {
        publicKey.getEcdsaParams().setByteArrayValue(encodedCurveId);
        return generateKeyPair(mech, privateKey, publicKey);
    } catch (P11TokenException ex) {
        X9ECParameters ecParams = ECNamedCurveTable.getByOID(curveId);
        if (ecParams == null) {
            throw new IllegalArgumentException("could not get X9ECParameters for curve " + curveId.getId());
        }
        try {
            publicKey.getEcdsaParams().setByteArrayValue(ecParams.getEncoded());
        } catch (IOException ex2) {
            throw new P11TokenException(ex.getMessage(), ex);
        }
        return generateKeyPair(mech, privateKey, publicKey);
    }
}
Also used : ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) ECPublicKey(iaik.pkcs.pkcs11.objects.ECPublicKey) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) P11TokenException(org.xipki.security.exception.P11TokenException) IOException(java.io.IOException)

Example 30 with X9ECParameters

use of org.spongycastle.asn1.x9.X9ECParameters in project incubator-pulsar by apache.

the class MessageCrypto method loadPublicKey.

private PublicKey loadPublicKey(byte[] keyBytes) throws Exception {
    Reader keyReader = new StringReader(new String(keyBytes));
    PublicKey publicKey = null;
    try (org.bouncycastle.openssl.PEMParser pemReader = new org.bouncycastle.openssl.PEMParser(keyReader)) {
        Object pemObj = pemReader.readObject();
        JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
        SubjectPublicKeyInfo keyInfo = null;
        X9ECParameters ecParam = null;
        if (pemObj instanceof ASN1ObjectIdentifier) {
            // make sure this is EC Parameter we're handling. In which case
            // we'll store it and read the next object which should be our
            // EC Public Key
            ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier) pemObj;
            ecParam = ECNamedCurveTable.getByOID(ecOID);
            if (ecParam == null) {
                throw new PEMException("Unable to find EC Parameter for the given curve oid: " + ((ASN1ObjectIdentifier) pemObj).getId());
            }
            pemObj = pemReader.readObject();
        } else if (pemObj instanceof X9ECParameters) {
            ecParam = (X9ECParameters) pemObj;
            pemObj = pemReader.readObject();
        }
        if (pemObj instanceof org.bouncycastle.cert.X509CertificateHolder) {
            keyInfo = ((org.bouncycastle.cert.X509CertificateHolder) pemObj).getSubjectPublicKeyInfo();
        } else {
            keyInfo = (SubjectPublicKeyInfo) pemObj;
        }
        publicKey = pemConverter.getPublicKey(keyInfo);
        if (ecParam != null && ECDSA.equals(publicKey.getAlgorithm())) {
            ECParameterSpec ecSpec = new ECParameterSpec(ecParam.getCurve(), ecParam.getG(), ecParam.getN(), ecParam.getH(), ecParam.getSeed());
            KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BouncyCastleProvider.PROVIDER_NAME);
            ECPublicKeySpec keySpec = new ECPublicKeySpec(((BCECPublicKey) publicKey).getQ(), ecSpec);
            publicKey = (PublicKey) keyFactory.generatePublic(keySpec);
        }
    } catch (IOException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
        throw new Exception(e);
    }
    return publicKey;
}
Also used : X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) Reader(java.io.Reader) CryptoKeyReader(org.apache.pulsar.client.api.CryptoKeyReader) StringReader(java.io.StringReader) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) ByteString(com.google.protobuf.ByteString) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) ECPublicKeySpec(org.bouncycastle.jce.spec.ECPublicKeySpec) PEMParser(org.bouncycastle.openssl.PEMParser) StringReader(java.io.StringReader) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory) BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) PublicKey(java.security.PublicKey) PEMParser(org.bouncycastle.openssl.PEMParser) IOException(java.io.IOException) PulsarClientException(org.apache.pulsar.client.api.PulsarClientException) ShortBufferException(javax.crypto.ShortBufferException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) CryptoException(org.apache.pulsar.client.api.PulsarClientException.CryptoException) PEMException(org.bouncycastle.openssl.PEMException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) NoSuchProviderException(java.security.NoSuchProviderException) ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec) PEMException(org.bouncycastle.openssl.PEMException) NoSuchProviderException(java.security.NoSuchProviderException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)29 X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)16 IOException (java.io.IOException)14 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)12 ECNamedCurveSpec (org.bouncycastle.jce.spec.ECNamedCurveSpec)12 ECCurve (org.bouncycastle.math.ec.ECCurve)11 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)10 BigInteger (java.math.BigInteger)9 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)8 DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)8 X9ECPoint (org.bouncycastle.asn1.x9.X9ECPoint)8 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)7 ECParameterSpec (java.security.spec.ECParameterSpec)6 ECPoint (java.security.spec.ECPoint)6 EllipticCurve (java.security.spec.EllipticCurve)6 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)6 ECDomainParameters (org.bouncycastle.crypto.params.ECDomainParameters)6 DERInteger (org.bouncycastle.asn1.DERInteger)5 PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)5 ECPrivateKeyStructure (org.bouncycastle.asn1.sec.ECPrivateKeyStructure)5