public void initialize( AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException { if (!(params instanceof RSAKeyGenParameterSpec)) { throw new InvalidAlgorithmParameterException("parameter object not a RSAKeyGenParameterSpec"); } RSAKeyGenParameterSpec rsaParams = (RSAKeyGenParameterSpec)params; param = new RSAKeyGenerationParameters( rsaParams.getPublicExponent(), random, rsaParams.getKeysize(), defaultTests); engine.init(param); }
/** * Generates RSA key pair with the specified key size in bits and strength. * See http://stackoverflow.com/questions/3087049/bouncy-castle-rsa-keypair-generation-using-lightweight-api * suggested strength = 80000 * keySizeBits = 4096 */ public static AKeyPair createRSAKeyPair(int keySizeBits, int strength) throws Exception { BigInteger publicExponent = BigInteger.valueOf(0x10001); SecureRandom rnd = new SecureRandom(); RSAKeyGenerationParameters p = new RSAKeyGenerationParameters(publicExponent, rnd, keySizeBits, strength); RSAKeyPairGenerator g = new RSAKeyPairGenerator(); g.init(p); AsymmetricCipherKeyPair kp = g.generateKeyPair(); RSAPrivateCrtKeyParameters pri = (RSAPrivateCrtKeyParameters)kp.getPrivate(); RSAKeyParameters pub = (RSAKeyParameters)kp.getPublic(); return new AKeyPair(new APrivateKey(pri), new APublicKey(pub)); }
private RSAKeyGenerationParameters createRsaKeyGenerationParameters(final CreatePgpKeyParam createPgpKeyParam) { /* * This value should be a Fermat number. 0x10001 (F4) is current recommended value. 3 (F1) is known to be safe also. * 3, 5, 17, 257, 65537, 4294967297, 18446744073709551617, * <p> * Practically speaking, Windows does not tolerate public exponents which do not fit in a 32-bit unsigned integer. * Using e=3 or e=65537 works "everywhere". * <p> * See: <a href="http://stackoverflow.com/questions/11279595/rsa-public-exponent-defaults-to-65537-what-should-this-value-be-what-are-the">stackoverflow: RSA Public exponent defaults to 65537. ... What are the impacts of my choices?</a> */ final BigInteger publicExponent = BigInteger.valueOf(0x10001); /* * How certain do we want to be that the chosen primes are really primes. * <p> * The higher this number, the more tests are done to make sure they are primes (and not composites). * <p> * See: <a href="http://crypto.stackexchange.com/questions/3114/what-is-the-correct-value-for-certainty-in-rsa-key-pair-generation">What is the correct value for “certainty” in RSA key pair generation?</a> * and * <a href="http://crypto.stackexchange.com/questions/3126/does-a-high-exponent-compensate-for-a-low-degree-of-certainty?lq=1">Does a high exponent compensate for a low degree of certainty?</a> */ final int certainty = 12; return new RSAKeyGenerationParameters( publicExponent, getSecureRandom(), createPgpKeyParam.getStrength(), certainty); }
@Override public CryptoKeyPair generateRSA1024KeyPair() { RSAKeyPairGenerator generator = new RSAKeyPairGenerator(); generator.init(new RSAKeyGenerationParameters( RSA_EXPONENT, RuntimeRandomProvider.INSTANCE, RSA_1024_STREIGHT, RSA_CERTAINITY)); Log.d("RSA", "Starting key generation..."); AsymmetricCipherKeyPair res = generator.generateKeyPair(); // Building x.509 public key RSAKeyParameters rsaPublicKey = (RSAKeyParameters) res.getPublic(); byte[] publicKey = new X509RsaPublicKey(rsaPublicKey.getModulus(), rsaPublicKey.getExponent()).serialize(); // Building PKCS#8 key RSAPrivateCrtKeyParameters parameter = (RSAPrivateCrtKeyParameters) res.getPrivate(); byte[] privateKey = new PKS8RsaPrivateKey(parameter.getModulus(), parameter.getExponent()).serialize(); return new CryptoKeyPair(publicKey, privateKey); }
public KeyPairGeneratorSpi() { super("RSA"); engine = new RSAKeyPairGenerator(); param = new RSAKeyGenerationParameters(defaultPublicExponent, new SecureRandom(), 2048, defaultTests); engine.init(param); }
public void initialize( int strength, SecureRandom random) { param = new RSAKeyGenerationParameters(defaultPublicExponent, random, strength, defaultTests); engine.init(param); }
/** * Generates an asymmetric key pair * @param keySize The size of the key * @return An asymmetric key pair type of the Bouncy Castle */ public static AsymmetricCipherKeyPair generateKeys(int keySize) { RSAKeyPairGenerator r = new RSAKeyPairGenerator(); /* * a BigInteger for the exponent, a SecureRandom type object, the strength of the key, and the number of iterations to * the algorithm that verifies the generation of the keys based off prime numbers. 80 is more than enough */ r.init(new RSAKeyGenerationParameters(new BigInteger("10001", 16), new SecureRandom(), keySize, 80)); AsymmetricCipherKeyPair keys = r.generateKeyPair(); return keys; }
/** * creates and initializes a PGP Key Ring Generator * * @param userId * the user id to use * @param password * the password used for the private key * @param keySize * the key size used for the keys * @return the initialized key ring generator or null if something goes wrong */ private PGPKeyRingGenerator createKeyRingGenerator(String userId, String password, int keySize) { LOGGER.trace("createKeyRingGenerator(String, String, int)"); LOGGER.trace("User ID: {}, Password: {}, Key Size: {}", userId, password == null ? "not set" : "********", keySize); PGPKeyRingGenerator generator = null; try { LOGGER.debug("Creating RSA key pair generator"); RSAKeyPairGenerator generator1 = new RSAKeyPairGenerator(); generator1.init(new RSAKeyGenerationParameters(BigInteger.valueOf(0x10001), getSecureRandom(), keySize, 12)); LOGGER.debug("Generating Signing Key Pair"); BcPGPKeyPair signingKeyPair = new BcPGPKeyPair(PGPPublicKey.RSA_SIGN, generator1.generateKeyPair(), new Date()); LOGGER.debug("Generating Encyption Key Pair"); BcPGPKeyPair encryptionKeyPair = new BcPGPKeyPair(PGPPublicKey.RSA_ENCRYPT, generator1.generateKeyPair(), new Date()); LOGGER.debug("Generating Signature Key Properties"); PGPSignatureSubpacketGenerator signatureSubpacketGenerator = new PGPSignatureSubpacketGenerator(); signatureSubpacketGenerator.setKeyFlags(false, KeyFlags.SIGN_DATA | KeyFlags.CERTIFY_OTHER); signatureSubpacketGenerator.setPreferredSymmetricAlgorithms(false, getPreferredEncryptionAlgorithms()); signatureSubpacketGenerator.setPreferredHashAlgorithms(false, getPreferredHashingAlgorithms()); signatureSubpacketGenerator.setPreferredCompressionAlgorithms(false, getPreferredCompressionAlgorithms()); LOGGER.debug("Generating Encyption Key Properties"); PGPSignatureSubpacketGenerator encryptionSubpacketGenerator = new PGPSignatureSubpacketGenerator(); encryptionSubpacketGenerator.setKeyFlags(false, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE); LOGGER.info("Creating PGP Key Ring Generator"); generator = new PGPKeyRingGenerator(PGPPublicKey.RSA_SIGN, signingKeyPair, userId, new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA1), signatureSubpacketGenerator.generate(), null, new BcPGPContentSignerBuilder(PGPPublicKey.RSA_SIGN, HashAlgorithmTags.SHA256), new BcPBESecretKeyEncryptorBuilder(getEncryptionAlgorithm()).build(password.toCharArray())); generator.addSubKey(encryptionKeyPair, encryptionSubpacketGenerator.generate(), null); } catch (PGPException e) { LOGGER.error("{}", e.getMessage()); generator = null; } return generator; }
@Override public AsymmetricCipherKeyPairGenerator createAsymmetricCipherKeyPairGenerator(final boolean initWithDefaults) { final RSAKeyPairGenerator generator = new RSAKeyPairGenerator(); if (initWithDefaults) { if (random == null) random = new SecureRandom(); generator.init(new RSAKeyGenerationParameters(defaultPublicExponent, random, 4096, defaultCertainty)); } return generator; }
private static final String toString(final KeyGenerationParameters keyGenerationParameters) { if (keyGenerationParameters instanceof RSAKeyGenerationParameters) { final RSAKeyGenerationParameters kgp = (RSAKeyGenerationParameters) keyGenerationParameters; return String.format("publicExponent='%s' strength='%s' certainty='%s'", kgp.getPublicExponent(), kgp.getStrength(), kgp.getCertainty()); } return String.valueOf(keyGenerationParameters); }
public SecretKey generateKeyPair(final String id, final char[] pass) throws CryptoException { try { // This object generates individual key-pairs. final RSAKeyPairGenerator kpg = new RSAKeyPairGenerator(); kpg.init(new RSAKeyGenerationParameters(BigInteger.valueOf(0x10001), new SecureRandom(), 2048, 12)); // First create the master (signing) key with the generator. final PGPKeyPair keyPair = new BcPGPKeyPair(PGPPublicKey.RSA_GENERAL, kpg.generateKeyPair(), new Date()); // Add a self-signature on the id final PGPSignatureSubpacketGenerator signhashgen = new PGPSignatureSubpacketGenerator(); signhashgen.setKeyFlags(true, KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA | KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE); signhashgen.setPreferredCompressionAlgorithms(false, new int[] { CompressionAlgorithmTags.ZIP }); signhashgen.setPreferredHashAlgorithms(false, new int[] { HashAlgorithmTags.SHA1 }); signhashgen.setPreferredSymmetricAlgorithms(false, new int[] { SymmetricKeyAlgorithmTags.AES_256 }); signhashgen.setFeature(false, Features.FEATURE_MODIFICATION_DETECTION); // Create a signature on the encryption subkey. final PGPSignatureSubpacketGenerator enchashgen = new PGPSignatureSubpacketGenerator(); enchashgen.setKeyFlags(false, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE); // Objects used to encrypt the secret key. // Finally, create the keyring itself. The constructor // takes parameters that allow it to generate the self // signature. final PGPDigestCalculator sha1Calc = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA1); final PBESecretKeyEncryptor secretKeyEncryptor = new BcPBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_128, sha1Calc).build(pass); final BcPGPContentSignerBuilder contentSigner = new BcPGPContentSignerBuilder(keyPair.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA1); final PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, keyPair, id, sha1Calc, signhashgen.generate(), null, contentSigner, secretKeyEncryptor); // return new SimpleKeyPair(new BcPGPPublicKey(publicKeyRing.getPublicKey()), return new BcPGPSecretKey(keyRingGen.generateSecretKeyRing().getSecretKey()); } catch (final Exception e) { throw new CryptoException(e); } }
public AsymmetricCipherKeyPair generate() { RSAKeyPairGenerator keyGenerator = new RSAKeyPairGenerator(); keyGenerator.init(new RSAKeyGenerationParameters( PUBLIC_EXPONENT, random, KEY_LENGTH, 95 /* certainty in % */ )); return keyGenerator.generateKeyPair(); }
public void init( KeyGenerationParameters param) { this.param = (RSAKeyGenerationParameters)param; }
public final static PGPKeyRingGenerator generateKeyRingGenerator(String id, char[] pass, int s2kcount, KeyGenPane.BackgroundTask bgt) throws Exception { // This object generates individual key-pairs. RSAKeyPairGenerator kpg = new RSAKeyPairGenerator(); // Boilerplate RSA parameters, no need to change anything // except for the RSA key-size (2048). You can use whatever key-size // makes sense for you -- 4096, etc. kpg.init(new RSAKeyGenerationParameters(BigInteger.valueOf(0x10001), new SecureRandom(), 2048, 12)); bgt.setProgressPub(10); // First create the master (signing) key with the generator. PGPKeyPair rsakp_sign = new BcPGPKeyPair(PGPPublicKey.RSA_SIGN, kpg.generateKeyPair(), new Date()); // Then an encryption subkey. PGPKeyPair rsakp_enc = new BcPGPKeyPair(PGPPublicKey.RSA_ENCRYPT, kpg.generateKeyPair(), new Date()); bgt.setProgressPub(50); // Add a self-signature on the id PGPSignatureSubpacketGenerator signhashgen = new PGPSignatureSubpacketGenerator(); bgt.setProgressPub(55); // Add signed metadata on the signature. // 1) Declare its purpose signhashgen.setKeyFlags(false, KeyFlags.SIGN_DATA | KeyFlags.CERTIFY_OTHER); bgt.setProgressPub(60); // 2) Set preferences for secondary crypto algorithms to use when // sending messages to this key. signhashgen.setPreferredSymmetricAlgorithms(false, new int[] { SymmetricKeyAlgorithmTags.AES_256, SymmetricKeyAlgorithmTags.AES_192, SymmetricKeyAlgorithmTags.AES_128 }); signhashgen.setPreferredHashAlgorithms(false, new int[] { HashAlgorithmTags.SHA256, HashAlgorithmTags.SHA1, HashAlgorithmTags.SHA384, HashAlgorithmTags.SHA512, HashAlgorithmTags.SHA224, }); // 3) Request senders add additional checksums to the message (useful // when verifying unsigned messages.) signhashgen.setFeature(false, Features.FEATURE_MODIFICATION_DETECTION); // Create a signature on the encryption subkey. PGPSignatureSubpacketGenerator enchashgen = new PGPSignatureSubpacketGenerator(); // Add metadata to declare its purpose enchashgen.setKeyFlags(false, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE); // Objects used to encrypt the secret key. PGPDigestCalculator sha1Calc = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA1); PGPDigestCalculator sha256Calc = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA256); bgt.setProgressPub(70); // bcpg 1.48 exposes this API that includes s2kcount. Earlier versions // use a default of 0x60. PBESecretKeyEncryptor pske = (new BcPBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, sha256Calc, s2kcount)).build(pass); // Finally, create the keyring itself. The constructor takes parameters // that allow it to generate the self signature. PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, rsakp_sign, id, sha1Calc, signhashgen.generate(), null, new BcPGPContentSignerBuilder(rsakp_sign.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA1), pske); bgt.setProgressPub(80); // Add our encryption subkey, together with its signature. keyRingGen.addSubKey(rsakp_enc, enchashgen.generate(), null); bgt.setProgressPub(90); return keyRingGen; }
static PGPKeyRingGenerator generateKeyRingGenerator(String userId, int numBits, char[] passphrase) throws Exception { RSAKeyPairGenerator keyPairGenerator = new RSAKeyPairGenerator(); keyPairGenerator.init( new RSAKeyGenerationParameters( BigInteger.valueOf(0x10001), new SecureRandom(), numBits, 12 ) ); PGPKeyPair rsaKeyPairSign = new BcPGPKeyPair( PGPPublicKey.RSA_SIGN, keyPairGenerator.generateKeyPair(), new Date() ); PGPKeyPair rsaKeyPairEncrypt = new BcPGPKeyPair( PGPPublicKey.RSA_ENCRYPT, keyPairGenerator.generateKeyPair(), new Date() ); PGPSignatureSubpacketGenerator signHashGenerator = new PGPSignatureSubpacketGenerator(); signHashGenerator.setKeyFlags(false, KeyFlags.SIGN_DATA | KeyFlags.CERTIFY_OTHER); signHashGenerator.setPreferredSymmetricAlgorithms( false, new int[] { SymmetricKeyAlgorithmTags.AES_256, SymmetricKeyAlgorithmTags.AES_192, SymmetricKeyAlgorithmTags.AES_128 } ); signHashGenerator.setPreferredHashAlgorithms( false, new int[] { HashAlgorithmTags.SHA512, HashAlgorithmTags.SHA384, HashAlgorithmTags.SHA256, HashAlgorithmTags.SHA1, // Not recommended HashAlgorithmTags.SHA224, // Not recommended } ); signHashGenerator.setFeature(false, Features.FEATURE_MODIFICATION_DETECTION); PGPSignatureSubpacketGenerator encryptHashGenerator = new PGPSignatureSubpacketGenerator(); encryptHashGenerator.setKeyFlags(false, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE); PGPDigestCalculator sha1DigestCalculator = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA1); PGPDigestCalculator sha512DigestCalculator = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA512); PBESecretKeyEncryptor secretKeyEncryptor = ( new BcPBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, sha512DigestCalculator) ) .build(passphrase); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator( PGPSignature.NO_CERTIFICATION, rsaKeyPairSign, userId, sha1DigestCalculator, signHashGenerator.generate(), null, new BcPGPContentSignerBuilder(rsaKeyPairSign.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA512), secretKeyEncryptor ); keyRingGen.addSubKey(rsaKeyPairEncrypt, encryptHashGenerator.generate(), null); return keyRingGen; }
public void init(KeyGenerationParameters param) { this.param = (RSAKeyGenerationParameters)param; this.iterations = getNumberOfIterations(this.param.getStrength(), this.param.getCertainty()); }
public void performTest() throws Exception { testSig(1, pub1, prv1, slt1a, msg1a, sig1a); testSig(2, pub1, prv1, slt1b, msg1b, sig1b); testSig(3, pub2, prv2, slt2a, msg2a, sig2a); testSig(4, pub2, prv2, slt2b, msg2b, sig2b); testSig(5, pub4, prv4, slt4a, msg4a, sig4a); testSig(6, pub4, prv4, slt4b, msg4b, sig4b); testSig(7, pub8, prv8, slt8a, msg8a, sig8a); testSig(8, pub8, prv8, slt8b, msg8b, sig8b); testSig(9, pub9, prv9, slt9a, msg9a, sig9a); testSig(10, pub9, prv9, slt9b, msg9b, sig9b); // // loop test // int failed = 0; byte[] data = new byte[DATA_LENGTH]; SecureRandom random = new SecureRandom(); RSAKeyParameters[] kprv ={prv1, prv2, prv4, prv8, prv9}; RSAKeyParameters[] kpub ={pub1, pub2, pub4, pub8, pub9}; int i = 0; for (int j = 0; j < NUM_TESTS; j++, i++) { if (i == kprv.length) { i = 0; } if (!isProcessingOkay(kpub[i], kprv[i], data, random)) { failed++; } } if (failed != 0) { fail("loop test failed - failures: " + failed); } // // key generation test // RSAKeyPairGenerator pGen = new RSAKeyPairGenerator(); RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters( BigInteger.valueOf(0x11), new SecureRandom(), 1024, 25); pGen.init(genParam); failed = 0; for (int k = 0; k < NUM_TESTS_WITH_KEY_GENERATION; k++) { AsymmetricCipherKeyPair pair = pGen.generateKeyPair(); for (int j = 0; j < NUM_TESTS; j++) { if (!isProcessingOkay((RSAKeyParameters)pair.getPublic(), (RSAKeyParameters)pair.getPrivate(), data, random)) { failed++; } } } if (failed != 0) { fail("loop test with key generation failed - failures: " + failed); } }
private static PGPKeyRingGenerator generateKeyRingGenerator( String id, char[] pass, int s2kcount, int keySize, KeyPair keyPair ) throws PGPException { // This object generates individual key-pairs. RSAKeyPairGenerator kpg = new RSAKeyPairGenerator(); // Boilerplate RSA parameters, no need to change anything // except for the RSA key-size (2048). You can use whatever // key-size makes sense for you -- 4096, etc. kpg.init( new RSAKeyGenerationParameters( BigInteger.valueOf( 0x10001 ), new SecureRandom(), keySize, 12 ) ); // First create the master (signing) key with the generator. PGPKeyPair rsakp_sign = new BcPGPKeyPair( PGPPublicKey.RSA_GENERAL, kpg.generateKeyPair(), new Date() ); // Then an encryption subkey. PGPKeyPair rsakp_enc = new BcPGPKeyPair( PGPPublicKey.RSA_GENERAL, kpg.generateKeyPair(), new Date() ); keyPair.setPrimaryKeyId( Long.toHexString( rsakp_sign.getKeyID() ) ); keyPair.setPrimaryKeyFingerprint( BytesToHex( rsakp_sign.getPublicKey().getFingerprint() ) ); keyPair.setSubKeyId( Long.toHexString( rsakp_enc.getKeyID() ) ); keyPair.setSubKeyFingerprint( BytesToHex( rsakp_enc.getPublicKey().getFingerprint() ) ); // Add a self-signature on the id PGPSignatureSubpacketGenerator signhashgen = new PGPSignatureSubpacketGenerator(); // Add signed metadata on the signature. // 1) Declare its purpose signhashgen.setKeyFlags( false, KeyFlags.SIGN_DATA | KeyFlags.CERTIFY_OTHER ); // 2) Set preferences for secondary crypto algorithms to use // when sending messages to this key. signhashgen.setPreferredSymmetricAlgorithms( false, new int[] { SymmetricKeyAlgorithmTags.AES_256, SymmetricKeyAlgorithmTags.AES_192, SymmetricKeyAlgorithmTags.AES_128, SymmetricKeyAlgorithmTags.CAST5, SymmetricKeyAlgorithmTags.TRIPLE_DES } ); signhashgen.setPreferredHashAlgorithms( false, new int[] { HashAlgorithmTags.SHA256, HashAlgorithmTags.SHA1, HashAlgorithmTags.SHA384, HashAlgorithmTags.SHA512, HashAlgorithmTags.SHA224, } ); signhashgen.setPreferredCompressionAlgorithms( false, new int[] { CompressionAlgorithmTags.ZLIB, CompressionAlgorithmTags.BZIP2, CompressionAlgorithmTags.ZIP } ); // 3) Request senders add additional checksums to the // message (useful when verifying unsigned messages.) signhashgen.setFeature( false, Features.FEATURE_MODIFICATION_DETECTION ); // Create a signature on the encryption subkey. PGPSignatureSubpacketGenerator enchashgen = new PGPSignatureSubpacketGenerator(); // Add metadata to declare its purpose enchashgen.setKeyFlags( false, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE ); // Objects used to encrypt the secret key. PGPDigestCalculator sha1Calc = new BcPGPDigestCalculatorProvider().get( HashAlgorithmTags.SHA1 ); // bcpg 1.48 exposes this API that includes s2kcount. Earlier // versions use a default of 0x60. PBESecretKeyEncryptor pske = ( new BcPBESecretKeyEncryptorBuilder( PGPEncryptedData.CAST5, sha1Calc, s2kcount ) ).build( pass ); // Finally, create the keyring itself. The constructor // takes parameters that allow it to generate the self // signature. PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator( PGPSignature.POSITIVE_CERTIFICATION, rsakp_sign, id, sha1Calc, signhashgen.generate(), null, new BcPGPContentSignerBuilder( rsakp_sign.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA1 ), pske ); // Add our encryption subkey, together with its signature. keyRingGen.addSubKey( rsakp_enc, enchashgen.generate(), null ); return keyRingGen; }
public void init(KeyGenerationParameters param) { this.param = (RSAKeyGenerationParameters)param; }
public void init(KeyGenerationParameters param) { this.param = (RSAKeyGenerationParameters) param; }
private static AsymmetricCipherKeyPair generateKeyPair(int rsaKeyBits) throws Exception { RSAKeyPairGenerator generator = new RSAKeyPairGenerator(); generator.init(new RSAKeyGenerationParameters(SIGNING_EXPONENT, SECURE_RANDOM, rsaKeyBits, 12)); return generator.generateKeyPair(); }
private void nullPointerTest() throws Exception { AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator(); RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters( BigInteger.valueOf(0x1001), new SecureRandom(), 1024, 25); kpg.init(genParam); AsymmetricCipherKeyPair kp = kpg.generateKeyPair(); ExtensionsGenerator extGen = new ExtensionsGenerator(); extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign)); BcX509ExtensionUtils extUtils = new BcX509ExtensionUtils(new SHA1DigestCalculator()); SubjectKeyIdentifier subjectKeyIdentifier = extUtils.createSubjectKeyIdentifier(kp.getPublic()); extGen.addExtension(Extension.subjectKeyIdentifier, false, subjectKeyIdentifier); DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder(); AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withRSA"); AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId); BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId); PKCS10CertificationRequest p1 = new BcPKCS10CertificationRequestBuilder( new X500Name("cn=csr"), kp.getPublic()) .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate()) .build(contentSignerBuilder.build(kp.getPrivate())); PKCS10CertificationRequest p2 = new BcPKCS10CertificationRequestBuilder( new X500Name("cn=csr"), kp.getPublic()) .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate()) .build(contentSignerBuilder.build(kp.getPrivate())); if (!p1.equals(p2)) { fail("cert request comparison failed"); } Attribute[] attr1 = p1.getAttributes(); Attribute[] attr2 = p1.getAttributes(); checkAttrs(1, attr1, attr2); attr1 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); attr2 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); checkAttrs(1, attr1, attr2); }
