Ejemplo n.º 1
0
  /**
   * Parse a secret key from one of the GPG S expression keys.
   *
   * @return a secret key object.
   */
  public static PGPSecretKey parseSecretKeyFromSExpr(
      InputStream inputStream,
      PBEProtectionRemoverFactory keyProtectionRemoverFactory,
      KeyFingerPrintCalculator fingerPrintCalculator)
      throws IOException, PGPException {
    SXprUtils.skipOpenParenthesis(inputStream);

    String type;

    type = SXprUtils.readString(inputStream, inputStream.read());
    if (type.equals("protected-private-key")) {
      SXprUtils.skipOpenParenthesis(inputStream);

      String curveName;

      String keyType = SXprUtils.readString(inputStream, inputStream.read());
      if (keyType.equals("ecc")) {
        SXprUtils.skipOpenParenthesis(inputStream);

        String curveID = SXprUtils.readString(inputStream, inputStream.read());
        curveName = SXprUtils.readString(inputStream, inputStream.read());

        if (curveName.startsWith("NIST ")) {
          curveName = curveName.substring("NIST ".length());
        }

        SXprUtils.skipCloseParenthesis(inputStream);
      } else {
        throw new PGPException("no curve details found");
      }

      byte[] qVal;

      SXprUtils.skipOpenParenthesis(inputStream);

      type = SXprUtils.readString(inputStream, inputStream.read());
      if (type.equals("q")) {
        qVal = SXprUtils.readBytes(inputStream, inputStream.read());
      } else {
        throw new PGPException("no q value found");
      }

      PublicKeyPacket pubPacket =
          new PublicKeyPacket(
              PublicKeyAlgorithmTags.ECDSA,
              new Date(),
              new ECDSAPublicBCPGKey(ECNamedCurveTable.getOID(curveName), new BigInteger(1, qVal)));

      SXprUtils.skipCloseParenthesis(inputStream);

      byte[] dValue = getDValue(inputStream, keyProtectionRemoverFactory, curveName);
      // TODO: check SHA-1 hash.

      return new PGPSecretKey(
          new SecretKeyPacket(
              pubPacket,
              SymmetricKeyAlgorithmTags.NULL,
              null,
              null,
              new ECSecretBCPGKey(new BigInteger(1, dValue)).getEncoded()),
          new PGPPublicKey(pubPacket, fingerPrintCalculator));
    }

    throw new PGPException("unknown key type found");
  }
Ejemplo n.º 2
0
  private static void addNamedCurves_jdk18on() {
    final Class<?>[] Param_CurveDB_add =
        new Class[] {
          String.class,
          String.class,
          int.class,
          String.class,
          String.class,
          String.class,
          String.class,
          String.class,
          String.class,
          int.class,
          Pattern.class
        };
    final Class<?>[] Param_getCurve = new Class[] {String.class};

    Method method_add = getMethod(class_CurveDB, "add", Param_CurveDB_add);
    if (method_add == null) {
      return;
    }

    Method method_getCurve = getMethod(class_CurveDB, "lookup", Param_getCurve);
    if (method_getCurve == null) {
      return;
    }

    Field field_oidMap = getField(class_CurveDB, "oidMap");
    if (field_oidMap == null) {
      return;
    }

    Field field_specCollection = getField(class_CurveDB, "specCollection");
    if (field_specCollection == null) {
      return;
    }

    Set<String> processedCurveOids = new HashSet<>();
    Map<String, String> addedCurves = new HashMap<>();

    Enumeration<?> curveNames = ECNamedCurveTable.getNames();
    while (curveNames.hasMoreElements()) {
      String curveName = (String) curveNames.nextElement();
      ASN1ObjectIdentifier curveId = getCurveId(curveName);
      if (curveId == null) {
        LOG.debug("cound not find curve OID for curve {}, ignore it", curveName);
        continue;
      }

      String curveDesc = "named curve " + curveName + " (" + curveId + ")";

      if (processedCurveOids.contains(curveId.getId())) {
        LOG.debug("{} is already processed, ignore it", curveDesc);
        continue;
      }

      processedCurveOids.add(curveId.getId());

      if (curve_isRegistered(method_getCurve, curveId)) {
        LOG.info("{} is already registered, ignore it", curveDesc);
        continue;
      }

      X9ECParameters params = ECNamedCurveTable.getByOID(curveId);
      ECCurve curve = params.getCurve();
      if (curve instanceof ECCurve.Fp || curve instanceof ECCurve.F2m) {
        CurveData c = new CurveData(params);
        boolean added =
            CurveDB_add(
                method_add,
                curveName,
                curveId.getId(),
                c.type,
                c.sfield,
                c.a,
                c.b,
                c.x,
                c.y,
                c.n,
                c.h);

        if (added) {
          LOG.debug("added {}", curveDesc);
          addedCurves.put(curveName, curveId.getId());
        } else {
          LOG.warn("could not add {}", curveDesc);
        }
      } else {
        LOG.info("unknown curve type {}", curve.getClass().getName());
      }
    }

    try {
      Map<?, ?> oidMap = (Map<?, ?>) field_oidMap.get(null);
      Collection<?> namedCurves = Collections.unmodifiableCollection(oidMap.values());

      field_specCollection.set(null, namedCurves);
    } catch (IllegalArgumentException | IllegalAccessException | ClassCastException e) {
      final String message = "could not update change the value of field CurveDB.specCollection.";
      if (LOG.isWarnEnabled()) {
        LOG.warn(LogUtil.buildExceptionLogFormat(message), e.getClass().getName(), e.getMessage());
      }
      LOG.debug(message, e);
    }

    logAddedCurves(addedCurves);
  }
  /**
   * Create a public key from the passed in SubjectPublicKeyInfo
   *
   * @param keyInfo the SubjectPublicKeyInfo containing the key data
   * @return the appropriate key parameter
   * @throws IOException on an error decoding the key
   */
  public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo) throws IOException {
    AlgorithmIdentifier algId = keyInfo.getAlgorithm();

    if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.rsaEncryption)
        || algId.getAlgorithm().equals(X509ObjectIdentifiers.id_ea_rsa)) {
      RSAPublicKey pubKey = RSAPublicKey.getInstance(keyInfo.parsePublicKey());

      return new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent());
    } else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.dhpublicnumber)) {
      DHPublicKey dhPublicKey = DHPublicKey.getInstance(keyInfo.parsePublicKey());

      BigInteger y = dhPublicKey.getY().getValue();

      DHDomainParameters dhParams = DHDomainParameters.getInstance(algId.getParameters());

      BigInteger p = dhParams.getP().getValue();
      BigInteger g = dhParams.getG().getValue();
      BigInteger q = dhParams.getQ().getValue();

      BigInteger j = null;
      if (dhParams.getJ() != null) {
        j = dhParams.getJ().getValue();
      }

      DHValidationParameters validation = null;
      DHValidationParms dhValidationParms = dhParams.getValidationParms();
      if (dhValidationParms != null) {
        byte[] seed = dhValidationParms.getSeed().getBytes();
        BigInteger pgenCounter = dhValidationParms.getPgenCounter().getValue();

        // TODO Check pgenCounter size?

        validation = new DHValidationParameters(seed, pgenCounter.intValue());
      }

      return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation));
    } else if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.dhKeyAgreement)) {
      DHParameter params = DHParameter.getInstance(algId.getParameters());
      ASN1Integer derY = (ASN1Integer) keyInfo.parsePublicKey();

      BigInteger lVal = params.getL();
      int l = lVal == null ? 0 : lVal.intValue();
      DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);

      return new DHPublicKeyParameters(derY.getValue(), dhParams);
    }
    // BEGIN android-removed
    // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
    // {
    //     ElGamalParameter params = new ElGamalParameter((ASN1Sequence)algId.getParameters());
    //     ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
    //
    //     return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
    //         params.getP(), params.getG()));
    // }
    // END android-removed
    else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)
        || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) {
      ASN1Integer derY = (ASN1Integer) keyInfo.parsePublicKey();
      ASN1Encodable de = algId.getParameters();

      DSAParameters parameters = null;
      if (de != null) {
        DSAParameter params = DSAParameter.getInstance(de.toASN1Primitive());
        parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
      }

      return new DSAPublicKeyParameters(derY.getValue(), parameters);
    } else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
      X962Parameters params = X962Parameters.getInstance(algId.getParameters());

      X9ECParameters x9;
      if (params.isNamedCurve()) {
        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) params.getParameters();
        x9 = ECNamedCurveTable.getByOID(oid);
      } else {
        x9 = X9ECParameters.getInstance(params.getParameters());
      }

      ASN1OctetString key = new DEROctetString(keyInfo.getPublicKeyData().getBytes());
      X9ECPoint derQ = new X9ECPoint(x9.getCurve(), key);

      // TODO We lose any named parameters here

      ECDomainParameters dParams =
          new ECDomainParameters(x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());

      return new ECPublicKeyParameters(derQ.getPoint(), dParams);
    } else {
      throw new RuntimeException("algorithm identifier in key not recognised");
    }
  }
Ejemplo n.º 4
0
  private static void addNamedCurves_jdk17() {
    final Class<?>[] Param_NamedCurve_add =
        new Class[] {
          String.class,
          String.class,
          int.class,
          String.class,
          String.class,
          String.class,
          String.class,
          String.class,
          String.class,
          int.class
        };
    final Class<?>[] Param_getCurve = new Class[] {String.class};

    Method method_add = getMethod(class_NamedCurve, "add", Param_NamedCurve_add);
    if (method_add == null) {
      return;
    }

    Method method_getCurve = getMethod(class_NamedCurve, "getECParameterSpec", Param_getCurve);
    if (method_getCurve == null) {
      return;
    }

    Field field_SPLIT_PATTERN = getField(class_NamedCurve, "SPLIT_PATTERN");
    if (field_SPLIT_PATTERN == null) {
      return;
    }

    try {
      field_SPLIT_PATTERN.set(null, SPLIT_PATTERN);
    } catch (IllegalArgumentException | IllegalAccessException e) {
      final String message = "could not set Field SPLIT_PATTERN";
      if (LOG.isWarnEnabled()) {
        LOG.warn(LogUtil.buildExceptionLogFormat(message), e.getClass().getName(), e.getMessage());
      }
      LOG.debug(message, e);
      return;
    }

    Set<String> processedCurveOids = new HashSet<>();
    Map<String, String> addedCurves = new HashMap<>();

    Enumeration<?> curveNames = ECNamedCurveTable.getNames();
    while (curveNames.hasMoreElements()) {
      String curveName = (String) curveNames.nextElement();
      ASN1ObjectIdentifier curveId = getCurveId(curveName);

      if (curveId == null) {
        LOG.info("cound not find curve OID for curve {}, ignore it", curveName);
        continue;
      }

      String curveDesc = "named curve " + curveName + " (" + curveId + ")";

      if (processedCurveOids.contains(curveId.getId())) {
        LOG.debug("{} is already processed, ignore it", curveDesc);
        continue;
      }

      processedCurveOids.add(curveId.getId());

      if (curve_isRegistered(method_getCurve, curveId)) {
        LOG.debug("{} is already registered, ignore it", curveDesc);
        continue;
      }

      X9ECParameters params = ECNamedCurveTable.getByOID(curveId);
      ECCurve curve = params.getCurve();

      if (curve instanceof ECCurve.Fp || curve instanceof ECCurve.F2m) {
        CurveData c = new CurveData(params);
        boolean added =
            NamedCurve_add(
                method_add,
                curveName,
                curveId.getId(),
                c.type,
                c.sfield,
                c.a,
                c.b,
                c.x,
                c.y,
                c.n,
                c.h);

        if (added) {
          LOG.debug("added {}", curveDesc);
          addedCurves.put(curveName, curveId.getId());
        } else {
          LOG.warn("could not add {}", curveDesc);
        }
      } else {
        LOG.info("unknown curve type {}", curve.getClass().getName());
      }
    }

    try {
      field_SPLIT_PATTERN.set(null, null);
    } catch (IllegalArgumentException | IllegalAccessException e) {
      final String message = "could not set Field SPLIT_PATTERN";
      if (LOG.isWarnEnabled()) {
        LOG.warn(LogUtil.buildExceptionLogFormat(message), e.getClass().getName(), e.getMessage());
      }
      LOG.debug(message, e);
      return;
    }

    logAddedCurves(addedCurves);
  }