/** * @param pair KeyPair to convert to an OpenSSH public key * @return OpenSSH-encoded pubkey */ public static byte[] extractOpenSSHPublic(KeyPair pair) { try { PublicKey pubKey = pair.getPublic(); if (pubKey instanceof RSAPublicKey) { return RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey) pubKey); } else if (pubKey instanceof DSAPublicKey) { return DSASHA1Verify.encodeSSHDSAPublicKey((DSAPublicKey) pubKey); } else if (pubKey instanceof ECPublicKey) { return ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECPublicKey) pubKey); } else if (pubKey instanceof EdDSAPublicKey) { return Ed25519Verify.encodeSSHEd25519PublicKey((EdDSAPublicKey) pubKey); } else { return null; } } catch (IOException e) { return null; } }
public static AlgorithmIdentifier getSigAlgId(PublicKey pubKey, HashAlgoType hashAlgo, SignatureAlgoControl algoControl) throws NoSuchAlgorithmException { ParamUtil.requireNonNull("hashAlgo", hashAlgo); if (pubKey instanceof RSAPublicKey) { boolean rsaMgf1 = (algoControl == null) ? false : algoControl.isRsaMgf1(); return getRSASigAlgId(hashAlgo, rsaMgf1); } else if (pubKey instanceof ECPublicKey) { boolean dsaPlain = (algoControl == null) ? false : algoControl.isDsaPlain(); boolean gm = (algoControl == null) ? false : algoControl.isGm(); return getECSigAlgId(hashAlgo, dsaPlain, gm); } else if (pubKey instanceof DSAPublicKey) { return getDSASigAlgId(hashAlgo); } else { throw new NoSuchAlgorithmException("Unknown public key '" + pubKey.getClass().getName()); } }
IaikP11Identity(IaikP11Slot slot, P11EntityIdentifier identityId, PrivateKey privateKey, PublicKey publicKey, X509Certificate[] certificateChain) { super(slot, identityId, publicKey, certificateChain); this.signingKey = ParamUtil.requireNonNull("privateKey", privateKey); int keyBitLen = signatureKeyBitLength(); if (publicKey instanceof RSAPublicKey) { expectedSignatureLen = (keyBitLen + 7) / 8; } else if (publicKey instanceof ECPublicKey) { expectedSignatureLen = (keyBitLen + 7) / 8 * 2; } else if (publicKey instanceof DSAPublicKey) { expectedSignatureLen = (keyBitLen + 7) / 8 * 2; } else { throw new IllegalArgumentException( "currently only RSA, DSA and EC public key are supported, but not " + this.publicKey.getAlgorithm() + " (class: " + publicKey.getClass().getName() + ")"); } }
public P11PrivateKey(P11CryptService p11CryptService, P11EntityIdentifier identityId) throws P11TokenException { this.p11CryptService = ParamUtil.requireNonNull("identityId", p11CryptService); this.identityId = ParamUtil.requireNonNull("entityId", identityId); this.publicKey = p11CryptService.getIdentity(identityId).publicKey(); if (this.publicKey instanceof RSAPublicKey) { algorithm = "RSA"; keysize = ((RSAPublicKey) publicKey).getModulus().bitLength(); } else if (this.publicKey instanceof DSAPublicKey) { algorithm = "DSA"; keysize = ((DSAPublicKey) publicKey).getParams().getP().bitLength(); } else if (this.publicKey instanceof ECPublicKey) { algorithm = "EC"; keysize = ((ECPublicKey) publicKey).getParams().getCurve().getField().getFieldSize(); } else { throw new P11TokenException("unknown public key: " + publicKey); } }
/** * Converts a Java DSA or RSA public key into the corresponding XMLObject and stores it * in a {@link KeyInfo} in a new {@link KeyValue} element. * * As input, only supports {@link PublicKey}s which are instances of either * {@link java.security.interfaces.DSAPublicKey} or * {@link java.security.interfaces.RSAPublicKey} * * @param keyInfo the {@link KeyInfo} element to which to add the key * @param pk the native Java {@link PublicKey} to add * @throws IllegalArgumentException thrown if an unsupported public key * type is passed */ public static void addPublicKey(KeyInfo keyInfo, PublicKey pk) throws IllegalArgumentException { KeyValue keyValue = (KeyValue) Configuration.getBuilderFactory() .getBuilder(KeyValue.DEFAULT_ELEMENT_NAME) .buildObject(KeyValue.DEFAULT_ELEMENT_NAME); if (pk instanceof RSAPublicKey) { keyValue.setRSAKeyValue(buildRSAKeyValue((RSAPublicKey) pk)); } else if (pk instanceof DSAPublicKey) { keyValue.setDSAKeyValue(buildDSAKeyValue((DSAPublicKey) pk)); } else { throw new IllegalArgumentException("Only RSAPublicKey and DSAPublicKey are supported"); } keyInfo.getKeyValues().add(keyValue); }
/** * Builds a {@link DSAKeyValue} XMLObject from the Java security DSA public key type. * * @param dsaPubKey a native Java {@link DSAPublicKey} * @return an {@link DSAKeyValue} XMLObject */ public static DSAKeyValue buildDSAKeyValue(DSAPublicKey dsaPubKey) { XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory(); DSAKeyValue dsaKeyValue = (DSAKeyValue) builderFactory .getBuilder(DSAKeyValue.DEFAULT_ELEMENT_NAME) .buildObject(DSAKeyValue.DEFAULT_ELEMENT_NAME); Y y = (Y) builderFactory.getBuilder(Y.DEFAULT_ELEMENT_NAME).buildObject(Y.DEFAULT_ELEMENT_NAME); G g = (G) builderFactory.getBuilder(G.DEFAULT_ELEMENT_NAME).buildObject(G.DEFAULT_ELEMENT_NAME); P p = (P) builderFactory.getBuilder(P.DEFAULT_ELEMENT_NAME).buildObject(P.DEFAULT_ELEMENT_NAME); Q q = (Q) builderFactory.getBuilder(Q.DEFAULT_ELEMENT_NAME).buildObject(Q.DEFAULT_ELEMENT_NAME); y.setValueBigInt(dsaPubKey.getY()); dsaKeyValue.setY(y); g.setValueBigInt(dsaPubKey.getParams().getG()); dsaKeyValue.setG(g); p.setValueBigInt(dsaPubKey.getParams().getP()); dsaKeyValue.setP(p); q.setValueBigInt(dsaPubKey.getParams().getQ()); dsaKeyValue.setQ(q); return dsaKeyValue; }
/** * Check key encryption parameters for consistency and required values. * * @param kekParams the key encryption parameters to check * @param allowEmpty if false, a null parameter is treated as an error * * @throws EncryptionException thrown if any parameters are missing or have invalid values */ protected void checkParams(KeyEncryptionParameters kekParams, boolean allowEmpty) throws EncryptionException { if (kekParams == null) { if (allowEmpty) { return; } else { log.error("Key encryption parameters are required"); throw new EncryptionException("Key encryption parameters are required"); } } Key key = SecurityHelper.extractEncryptionKey(kekParams.getEncryptionCredential()); if (key == null) { log.error("Key encryption credential and contained key are required"); throw new EncryptionException("Key encryption credential and contained key are required"); } else if (key instanceof DSAPublicKey) { log.error("Attempt made to use DSA key for encrypted key transport"); throw new EncryptionException("DSA keys may not be used for encrypted key transport"); } else if (key instanceof ECPublicKey) { log.error("Attempt made to use EC key for encrypted key transport"); throw new EncryptionException("EC keys may not be used for encrypted key transport"); } else if (DatatypeHelper.isEmpty(kekParams.getAlgorithm())) { log.error("Key encryption algorithm URI is required"); throw new EncryptionException("Key encryption algorithm URI is required"); } }
public static VerifyingPublicKey createPublicKey(BigInteger y, BigInteger p, BigInteger q, BigInteger g) throws NoSuchAlgorithmException, InvalidKeySpecException { if (y == null) { throw new IllegalArgumentException("n must not be null"); } if (p == null) { throw new IllegalArgumentException("p must not be null"); } if (q == null) { throw new IllegalArgumentException("q must not be null"); } if (g == null) { throw new IllegalArgumentException("g must not be null"); } KeySpec keySpec = new DSAPublicKeySpec(y, p, q, g); KeyFactory keyFactory = KeyFactory.getInstance("DSA"); DSAPublicKey publicKey = (DSAPublicKey) keyFactory.generatePublic(keySpec); return new DSAVerifyingPublicKey(publicKey); }
/** * Internal method to create a new key with inherited key parameters. * * @param keyValueKey key from which to obtain key value * @param keyParamsKey key from which to obtain key parameters * @return new public key having value and parameters * @throws CertPathValidatorException if keys are not appropriate types * for this operation */ static PublicKey makeInheritedParamsKey(PublicKey keyValueKey, PublicKey keyParamsKey) throws CertPathValidatorException { if (!(keyValueKey instanceof DSAPublicKey) || !(keyParamsKey instanceof DSAPublicKey)) throw new CertPathValidatorException("Input key is not " + "appropriate type for " + "inheriting parameters"); DSAParams params = ((DSAPublicKey)keyParamsKey).getParams(); if (params == null) throw new CertPathValidatorException("Key parameters missing"); try { BigInteger y = ((DSAPublicKey)keyValueKey).getY(); KeyFactory kf = KeyFactory.getInstance("DSA"); DSAPublicKeySpec ks = new DSAPublicKeySpec(y, params.getP(), params.getQ(), params.getG()); return kf.generatePublic(ks); } catch (GeneralSecurityException e) { throw new CertPathValidatorException("Unable to generate key with" + " inherited parameters: " + e.getMessage(), e); } }
/** * Constructor DSAKeyValue * * @param doc * @param key * @throws IllegalArgumentException */ public DSAKeyValue(Document doc, Key key) throws IllegalArgumentException { super(doc); XMLUtils.addReturnToElement(this.constructionElement); if (key instanceof java.security.interfaces.DSAPublicKey) { this.addBigIntegerElement(((DSAPublicKey) key).getParams().getP(), Constants._TAG_P); this.addBigIntegerElement(((DSAPublicKey) key).getParams().getQ(), Constants._TAG_Q); this.addBigIntegerElement(((DSAPublicKey) key).getParams().getG(), Constants._TAG_G); this.addBigIntegerElement(((DSAPublicKey) key).getY(), Constants._TAG_Y); } else { Object exArgs[] = { Constants._TAG_DSAKEYVALUE, key.getClass().getName() }; throw new IllegalArgumentException(I18n.translate("KeyValue.IllegalArgument", exArgs)); } }
public String getOtrFingerprint() { if (this.otrFingerprint == null) { try { if (this.mOtrService == null) { return null; } final PublicKey publicKey = this.mOtrService.getPublicKey(); if (publicKey == null || !(publicKey instanceof DSAPublicKey)) { return null; } this.otrFingerprint = new OtrCryptoEngineImpl().getFingerprint(publicKey).toLowerCase(Locale.US); return this.otrFingerprint; } catch (final OtrCryptoException ignored) { return null; } } else { return this.otrFingerprint; } }
public String getOtrFingerprint() { if (this.otrFingerprint == null) { try { if (this.mOtrService == null) { return null; } final PublicKey publicKey = this.mOtrService.getPublicKey(); if (publicKey == null || !(publicKey instanceof DSAPublicKey)) { return null; } this.otrFingerprint = new OtrCryptoEngineImpl().getFingerprint(publicKey); return this.otrFingerprint; } catch (final OtrCryptoException ignored) { return null; } } else { return this.otrFingerprint; } }
@Override void marshalPublicKey(XmlWriter xwriter, DSAPublicKey publicKey, String dsPrefix, XMLCryptoContext context) throws MarshalException { DSAParams params = publicKey.getParams(); xwriter.writeStartElement(dsPrefix, "DSAKeyValue", XMLSignature.XMLNS); // parameters J, Seed & PgenCounter are not included writeBase64BigIntegerElement(xwriter, dsPrefix, "P", XMLSignature.XMLNS, params.getP()); writeBase64BigIntegerElement(xwriter, dsPrefix, "Q", XMLSignature.XMLNS, params.getQ()); writeBase64BigIntegerElement(xwriter, dsPrefix, "G", XMLSignature.XMLNS, params.getG()); writeBase64BigIntegerElement(xwriter, dsPrefix, "Y", XMLSignature.XMLNS, publicKey.getY() ); xwriter.writeEndElement(); // "DSAKeyValue" }
/** * Constructor DSAKeyValue * * @param doc * @param key * @throws IllegalArgumentException */ public DSAKeyValue(Document doc, Key key) throws IllegalArgumentException { super(doc); addReturnToSelf(); if (key instanceof DSAPublicKey) { DSAParams params = ((DSAPublicKey) key).getParams(); this.addBigIntegerElement(params.getP(), Constants._TAG_P); this.addBigIntegerElement(params.getQ(), Constants._TAG_Q); this.addBigIntegerElement(params.getG(), Constants._TAG_G); this.addBigIntegerElement(((DSAPublicKey) key).getY(), Constants._TAG_Y); } else { Object exArgs[] = { Constants._TAG_DSAKEYVALUE, key.getClass().getName() }; throw new IllegalArgumentException(I18n.translate("KeyValue.IllegalArgument", exArgs)); } }
/** * @param trileadKey * @return OpenSSH-encoded pubkey */ public static byte[] extractOpenSSHPublic(KeyPair pair) { try { PublicKey pubKey = pair.getPublic(); if (pubKey instanceof RSAPublicKey) { return RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey) pair.getPublic()); } else if (pubKey instanceof DSAPublicKey) { return DSASHA1Verify.encodeSSHDSAPublicKey((DSAPublicKey) pair.getPublic()); } else if (pubKey instanceof ECPublicKey) { return ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECPublicKey) pair.getPublic()); } else { return null; } } catch (IOException e) { return null; } }
@Test public void shouldParseAnX509DSAPublicKey() throws Exception { String keyString = "" + "-----BEGIN PUBLIC KEY-----\n" + "MIHyMIGpBgcqhkjOOAQBMIGdAkEA/8/aIwYwD4TUzee5AQvz4Bk24nAozkCJOOK/\n" + "WEtLmlfdK3pWeZ7WttD65kJFgFZE1hDi0D0ipuXwFIJhqzoMcQIVAORLzKnx1wfB\n" + "s3Mngrh3XfyqOmUlAkEAvjDa+zB5mfAfIaYOgpuJzEGnLnj9VGLZEGVC/w3l5ML3\n" + "PblMCLMniHzIT3UQjQtTwOfiWa7RdAFrmjU7OQxJCQNEAAJBALhjbXYy4uG3yMV+\n" + "h/Sd6SgxqgDr17n1dk2QH2r/4sMppgtMgCLNvb/3kuvK8novAEaHDEojWUkwtsSr\n" + "sgXFLac=\n" + "-----END PUBLIC KEY-----"; Key key = CryptoParser.parseKey(keyString); assertThat(((DSAPublicKey) key).getY(), hasToString(startsWith("9657203532"))); }
private ASN1Sequence createPublicKeyAndChallenge() throws SpkacException { ASN1EncodableVector publicKeyAlgorithm = new ASN1EncodableVector(); publicKeyAlgorithm.add(new ASN1ObjectIdentifier(getPublicKeyAlg().oid())); if (getPublicKey() instanceof RSAPublicKey) { publicKeyAlgorithm.add(DERNull.INSTANCE); } else { DSAParams dsaParams = ((DSAPublicKey) getPublicKey()).getParams(); ASN1EncodableVector dssParams = new ASN1EncodableVector(); dssParams.add(new ASN1Integer(dsaParams.getP())); dssParams.add(new ASN1Integer(dsaParams.getQ())); dssParams.add(new ASN1Integer(dsaParams.getG())); publicKeyAlgorithm.add(new DERSequence(dssParams)); } ASN1EncodableVector spki = new ASN1EncodableVector(); spki.add(new DERSequence(publicKeyAlgorithm)); spki.add(encodePublicKeyAsBitString(getPublicKey())); ASN1EncodableVector publicKeyAndChallenge = new ASN1EncodableVector(); publicKeyAndChallenge.add(new DERSequence(spki)); publicKeyAndChallenge.add(new DERIA5String(getChallenge())); return new DERSequence(publicKeyAndChallenge); }
private void populateDialog() throws CryptoException { KeyInfo keyInfo = KeyPairUtil.getKeyInfo(publicKey); jtfAlgorithm.setText(keyInfo.getAlgorithm()); Integer keyLength = keyInfo.getSize(); if (keyLength != null) { jtfKeySize.setText(MessageFormat.format(res.getString("DViewPublicKey.jtfKeySize.text"), "" + keyLength)); } else { jtfKeySize.setText(MessageFormat.format(res.getString("DViewPublicKey.jtfKeySize.text"), "?")); } jtfFormat.setText(publicKey.getFormat()); jtfEncoded.setText("0x" + new BigInteger(1, publicKey.getEncoded()).toString(16).toUpperCase()); jtfEncoded.setCaretPosition(0); if ((publicKey instanceof RSAPublicKey) || (publicKey instanceof DSAPublicKey)) { jbFields.setEnabled(true); } else { jbFields.setEnabled(false); } }
final void initFromJson() throws KeyczarException { BigInteger localBigInteger1 = new BigInteger(Base64Coder.decodeWebSafe(this.y)); BigInteger localBigInteger2 = new BigInteger(Base64Coder.decodeWebSafe(this.p)); BigInteger localBigInteger3 = new BigInteger(Base64Coder.decodeWebSafe(this.q)); BigInteger localBigInteger4 = new BigInteger(Base64Coder.decodeWebSafe(this.g)); try { this.jcePublicKey = ((DSAPublicKey)KeyFactory.getInstance("DSA").generatePublic(new DSAPublicKeySpec(localBigInteger1, localBigInteger2, localBigInteger3, localBigInteger4))); DSAParams localDSAParams = this.jcePublicKey.getParams(); byte[][] arrayOfByte = new byte[4][]; arrayOfByte[0] = Util.stripLeadingZeros(localDSAParams.getP().toByteArray()); arrayOfByte[1] = Util.stripLeadingZeros(localDSAParams.getQ().toByteArray()); arrayOfByte[2] = Util.stripLeadingZeros(localDSAParams.getG().toByteArray()); arrayOfByte[3] = Util.stripLeadingZeros(this.jcePublicKey.getY().toByteArray()); System.arraycopy(Util.prefixHash(arrayOfByte), 0, this.hash, 0, this.hash.length); return; } catch (GeneralSecurityException localGeneralSecurityException) { throw new KeyczarException(localGeneralSecurityException); } }
public void writePublicKey(PublicKey pubKey) throws IOException { if (!(pubKey instanceof DSAPublicKey)) throw new UnsupportedOperationException( "Key types other than DSA are not supported at the moment."); DSAPublicKey dsaKey = (DSAPublicKey) pubKey; writeShort(0); DSAParams dsaParams = dsaKey.getParams(); writeBigInt(dsaParams.getP()); writeBigInt(dsaParams.getQ()); writeBigInt(dsaParams.getG()); writeBigInt(dsaKey.getY()); }
private static byte [] fromDSAPublicKey(DSAPublicKey key) { DNSOutput out = new DNSOutput(); BigInteger q = key.getParams().getQ(); BigInteger p = key.getParams().getP(); BigInteger g = key.getParams().getG(); BigInteger y = key.getY(); int t = (p.toByteArray().length - 64) / 8; out.writeU8(t); writeBigInteger(out, q); writeBigInteger(out, p); writeBigInteger(out, g); writeBigInteger(out, y); return out.toByteArray(); }
/** Builds a DNSKEY record from a PublicKey */ static byte [] fromPublicKey(PublicKey key, int alg) throws DNSSECException { byte [] data = null; switch (alg) { case Algorithm.RSAMD5: case Algorithm.RSASHA1: case Algorithm.RSA_NSEC3_SHA1: case Algorithm.RSASHA256: case Algorithm.RSASHA512: if (! (key instanceof RSAPublicKey)) throw new IncompatibleKeyException(); return fromRSAPublicKey((RSAPublicKey) key); case Algorithm.DSA: case Algorithm.DSA_NSEC3_SHA1: if (! (key instanceof DSAPublicKey)) throw new IncompatibleKeyException(); return fromDSAPublicKey((DSAPublicKey) key); default: throw new UnsupportedAlgorithmException(alg); } }
static byte [] buildDSA(DSAPublicKey key) { ByteArrayOutputStream out = new ByteArrayOutputStream(); BigInteger q = key.getParams().getQ(); BigInteger p = key.getParams().getP(); BigInteger g = key.getParams().getG(); BigInteger y = key.getY(); int t = (p.toByteArray().length - 64) / 8; out.write(t); writeBigInteger(out, q); writeBigInteger(out, p); writeBigInteger(out, g); writeBigInteger(out, y); return out.toByteArray(); }
/** Builds a KEY record from a PublicKey */ public static KEYRecord buildRecord(Name name, int dclass, long ttl, int flags, int proto, PublicKey key) { byte alg; if (key instanceof RSAPublicKey) { alg = DNSSEC.RSAMD5; } else if (key instanceof DHPublicKey) { alg = DNSSEC.DH; } else if (key instanceof DSAPublicKey) { alg = DNSSEC.DSA; } else return null; return (KEYRecord) buildRecord(name, Type.KEY, dclass, ttl, flags, proto, alg, key); }
