/**
   * The method generates a DSAPublicKey object from the provided key.
   *
   * @param key - a DSAPublicKey object or DSAPrivateKey object.
   * @return object of the same type as the "key" argument
   * @throws InvalidKeyException if "key" is neither DSAPublicKey nor DSAPrivateKey
   */
  protected Key engineTranslateKey(Key key) throws InvalidKeyException {

    if (key != null) {
      if (key instanceof DSAPrivateKey) {

        DSAPrivateKey privateKey = (DSAPrivateKey) key;
        DSAParams params = privateKey.getParams();

        try {
          return engineGeneratePrivate(
              new DSAPrivateKeySpec(
                  privateKey.getX(), params.getP(), params.getQ(), params.getG()));
        } catch (InvalidKeySpecException e) {
          // Actually this exception shouldn't be thrown
          throw new InvalidKeyException(Messages.getString("security.1A0", e)); // $NON-NLS-1$
        }
      }

      if (key instanceof DSAPublicKey) {

        DSAPublicKey publicKey = (DSAPublicKey) key;
        DSAParams params = publicKey.getParams();

        try {
          return engineGeneratePublic(
              new DSAPublicKeySpec(publicKey.getY(), params.getP(), params.getQ(), params.getG()));
        } catch (InvalidKeySpecException e) {
          // Actually this exception shouldn't be thrown
          throw new InvalidKeyException(Messages.getString("security.1A1", e)); // $NON-NLS-1$
        }
      }
    }
    throw new InvalidKeyException(Messages.getString("security.19F")); // $NON-NLS-1$
  }
  protected void assertsDsaKey(DSAPublicKey pubKey) {
    final String y =
        "4075820517720311789755060432555041302495713535036194101055101600952719"
            + "8027506134078097330328538489864134942817893994891118803853518548361792777130885"
            + "0845452847199857520010376744070518762657897263318144714919719488458432611731877"
            + "3733795914935443964469170020723158291398484608457816805394280489144894060446820"
            + "2";
    final String p =
        "1562763388678684549676999956870179987376000994454452811488079320239653"
            + "8931971498715717466033996067243932790630000740882000826960832106054102246126902"
            + "3050793071435716238554837246001821695252267029019836147068133782812531548770882"
            + "6153064920839234179080884223223263305562612862165508525479239452754625899807548"
            + "07";
    final String q = "1325486242274701569333126235614816814166592776627";
    final String g =
        "1053939190524437845710740492266780383434946918308472822218659846206636"
            + "3468617688992758226678340652253001602083786669177050081112107298337364078312067"
            + "8593218571928390833559198136388601343715984061418418925932387956796945760464070"
            + "8605211665506462942166129968135830426818793738520715937903855564717876010412364"
            + "82";

    Assert.assertEquals(new BigInteger(y), pubKey.getY());
    Assert.assertEquals(new BigInteger(p), pubKey.getParams().getP());
    Assert.assertEquals(new BigInteger(q), pubKey.getParams().getQ());
    Assert.assertEquals(new BigInteger(g), pubKey.getParams().getG());
  }
Example #3
0
 private String getString(PublicKey key) throws FailedLoginException {
   try {
     if (key instanceof DSAPublicKey) {
       DSAPublicKey dsa = (DSAPublicKey) key;
       ByteArrayOutputStream baos = new ByteArrayOutputStream();
       DataOutputStream dos = new DataOutputStream(baos);
       write(dos, "ssh-dss");
       write(dos, dsa.getParams().getP());
       write(dos, dsa.getParams().getQ());
       write(dos, dsa.getParams().getG());
       write(dos, dsa.getY());
       dos.close();
       return base64Encode(baos.toByteArray());
     } else if (key instanceof RSAKey) {
       RSAPublicKey rsa = (RSAPublicKey) key;
       ByteArrayOutputStream baos = new ByteArrayOutputStream();
       DataOutputStream dos = new DataOutputStream(baos);
       write(dos, "ssh-rsa");
       write(dos, rsa.getPublicExponent());
       write(dos, rsa.getModulus());
       dos.close();
       return base64Encode(baos.toByteArray());
     } else {
       throw new FailedLoginException("Unsupported key type " + key.getClass().toString());
     }
   } catch (IOException e) {
     throw new FailedLoginException("Unable to check public key");
   }
 }
Example #4
0
  /**
   * The method generates a DSAPublicKey object from the provided key.
   *
   * @param key - a DSAPublicKey object or DSAPrivateKey object.
   * @return object of the same type as the "key" argument
   * @throws InvalidKeyException if "key" is neither DSAPublicKey nor DSAPrivateKey
   */
  protected Key engineTranslateKey(Key key) throws InvalidKeyException {

    if (key != null) {
      if (key instanceof DSAPrivateKey) {

        DSAPrivateKey privateKey = (DSAPrivateKey) key;
        DSAParams params = privateKey.getParams();

        try {
          return engineGeneratePrivate(
              new DSAPrivateKeySpec(
                  privateKey.getX(), params.getP(), params.getQ(), params.getG()));
        } catch (InvalidKeySpecException e) {
          // Actually this exception shouldn't be thrown
          throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
        }
      }

      if (key instanceof DSAPublicKey) {

        DSAPublicKey publicKey = (DSAPublicKey) key;
        DSAParams params = publicKey.getParams();

        try {
          return engineGeneratePublic(
              new DSAPublicKeySpec(publicKey.getY(), params.getP(), params.getQ(), params.getG()));
        } catch (InvalidKeySpecException e) {
          // Actually this exception shouldn't be thrown
          throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
        }
      }
    }
    throw new InvalidKeyException("'key' is neither DSAPublicKey nor DSAPrivateKey");
  }
Example #5
0
  /**
   * Creates a {@code KeyValueType} that wraps the specified public key. This method supports DSA
   * and RSA keys.
   *
   * @param key the {@code PublicKey} that will be represented as a {@code KeyValueType}.
   * @return the constructed {@code KeyValueType} or {@code null} if the specified key is neither a
   *     DSA nor a RSA key.
   */
  public static KeyValueType createKeyValue(PublicKey key) {
    if (key instanceof RSAPublicKey) {
      RSAPublicKey pubKey = (RSAPublicKey) key;
      byte[] modulus = pubKey.getModulus().toByteArray();
      byte[] exponent = pubKey.getPublicExponent().toByteArray();

      RSAKeyValueType rsaKeyValue = new RSAKeyValueType();
      rsaKeyValue.setModulus(Base64.encodeBytes(modulus).getBytes());
      rsaKeyValue.setExponent(Base64.encodeBytes(exponent).getBytes());
      return rsaKeyValue;
    } else if (key instanceof DSAPublicKey) {
      DSAPublicKey pubKey = (DSAPublicKey) key;
      byte[] P = pubKey.getParams().getP().toByteArray();
      byte[] Q = pubKey.getParams().getQ().toByteArray();
      byte[] G = pubKey.getParams().getG().toByteArray();
      byte[] Y = pubKey.getY().toByteArray();

      DSAKeyValueType dsaKeyValue = new DSAKeyValueType();
      dsaKeyValue.setP(Base64.encodeBytes(P).getBytes());
      dsaKeyValue.setQ(Base64.encodeBytes(Q).getBytes());
      dsaKeyValue.setG(Base64.encodeBytes(G).getBytes());
      dsaKeyValue.setY(Base64.encodeBytes(Y).getBytes());
      return dsaKeyValue;
    }
    throw logger.unsupportedType(key.toString());
  }
Example #6
0
  /**
   * This method returns a specification for the supplied key.
   *
   * <p>The specification will be returned in the form of an object of the type specified by
   * keySpec.
   *
   * @param key - either DSAPrivateKey or DSAPublicKey
   * @param keySpec - either DSAPrivateKeySpec.class or DSAPublicKeySpec.class
   * @return either a DSAPrivateKeySpec or a DSAPublicKeySpec
   * @throws InvalidKeySpecException if "keySpec" is not a specification for DSAPublicKey or
   *     DSAPrivateKey
   */
  protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
      throws InvalidKeySpecException {

    BigInteger p, q, g, x, y;

    if (key != null) {
      if (keySpec == null) {
        throw new NullPointerException("keySpec == null");
      }
      if (key instanceof DSAPrivateKey) {
        DSAPrivateKey privateKey = (DSAPrivateKey) key;

        if (keySpec.equals(DSAPrivateKeySpec.class)) {

          x = privateKey.getX();

          DSAParams params = privateKey.getParams();

          p = params.getP();
          q = params.getQ();
          g = params.getG();

          return (T) (new DSAPrivateKeySpec(x, p, q, g));
        }

        if (keySpec.equals(PKCS8EncodedKeySpec.class)) {
          return (T) (new PKCS8EncodedKeySpec(key.getEncoded()));
        }

        throw new InvalidKeySpecException(
            "'keySpec' is neither DSAPrivateKeySpec nor PKCS8EncodedKeySpec");
      }

      if (key instanceof DSAPublicKey) {
        DSAPublicKey publicKey = (DSAPublicKey) key;

        if (keySpec.equals(DSAPublicKeySpec.class)) {

          y = publicKey.getY();

          DSAParams params = publicKey.getParams();

          p = params.getP();
          q = params.getQ();
          g = params.getG();

          return (T) (new DSAPublicKeySpec(y, p, q, g));
        }

        if (keySpec.equals(X509EncodedKeySpec.class)) {
          return (T) (new X509EncodedKeySpec(key.getEncoded()));
        }

        throw new InvalidKeySpecException(
            "'keySpec' is neither DSAPublicKeySpec nor X509EncodedKeySpec");
      }
    }
    throw new InvalidKeySpecException("'key' is neither DSAPublicKey nor DSAPrivateKey");
  }
  /**
   * This method returns a specification for the supplied key.
   *
   * <p>The specification will be returned in the form of an object of the type specified by
   * keySpec.
   *
   * @param key - either DSAPrivateKey or DSAPublicKey
   * @param keySpec - either DSAPrivateKeySpec.class or DSAPublicKeySpec.class
   * @return either a DSAPrivateKeySpec or a DSAPublicKeySpec
   * @throws InvalidKeySpecException if "keySpec" is not a specification for DSAPublicKey or
   *     DSAPrivateKey
   */
  protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
      throws InvalidKeySpecException {

    BigInteger p, q, g, x, y;

    if (key != null) {
      if (keySpec == null) {
        throw new NullPointerException(Messages.getString("security.19E")); // $NON-NLS-1$
      }
      if (key instanceof DSAPrivateKey) {
        DSAPrivateKey privateKey = (DSAPrivateKey) key;

        if (keySpec.equals(DSAPrivateKeySpec.class)) {

          x = privateKey.getX();

          DSAParams params = privateKey.getParams();

          p = params.getP();
          q = params.getQ();
          g = params.getG();

          return (T) (new DSAPrivateKeySpec(x, p, q, g));
        }

        if (keySpec.equals(PKCS8EncodedKeySpec.class)) {
          return (T) (new PKCS8EncodedKeySpec(key.getEncoded()));
        }

        throw new InvalidKeySpecException(Messages.getString("security.19C")); // $NON-NLS-1$
      }

      if (key instanceof DSAPublicKey) {
        DSAPublicKey publicKey = (DSAPublicKey) key;

        if (keySpec.equals(DSAPublicKeySpec.class)) {

          y = publicKey.getY();

          DSAParams params = publicKey.getParams();

          p = params.getP();
          q = params.getQ();
          g = params.getG();

          return (T) (new DSAPublicKeySpec(y, p, q, g));
        }

        if (keySpec.equals(X509EncodedKeySpec.class)) {
          return (T) (new X509EncodedKeySpec(key.getEncoded()));
        }

        throw new InvalidKeySpecException(Messages.getString("security.19D")); // $NON-NLS-1$
      }
    }
    throw new InvalidKeySpecException(Messages.getString("security.19F")); // $NON-NLS-1$
  }
Example #8
0
 /** 根据公钥获取key */
 private static byte[] getPKBytes(PublicKey pk) {
   if (pk instanceof RSAPublicKey) {
     RSAPublicKey k = (RSAPublicKey) pk;
     return k.getModulus().toByteArray();
   } else if (pk instanceof DSAPublicKey) {
     DSAPublicKey k = (DSAPublicKey) pk;
     return k.getY().toByteArray();
   }
   return null;
 }
 private static DsaPublicKey readDsaX509Certificate(PublicKey publicKey) throws KeyczarException {
   DSAPublicKey jcePublicKey = (DSAPublicKey) publicKey;
   DsaPublicKey key = new DsaPublicKey();
   key.set(
       jcePublicKey.getY(),
       jcePublicKey.getParams().getP(),
       jcePublicKey.getParams().getQ(),
       jcePublicKey.getParams().getG());
   return key;
 }
 /**
  * Returns <code>true</code> if the designated object is an instance of {@link DSAPublicKey} and
  * has the same DSS (Digital Signature Standard) parameter values as this one.
  *
  * @param obj the other non-null DSS key to compare to.
  * @return <code>true</code> if the designated object is of the same type and value as this one.
  */
 public boolean equals(Object obj) {
   if (obj == null) {
     return false;
   }
   if (!(obj instanceof DSAPublicKey)) {
     return false;
   }
   DSAPublicKey that = (DSAPublicKey) obj;
   return super.equals(that) && y.equals(that.getY());
 }
Example #11
0
  /** {@inheritDoc} */
  public void initVerify() {
    if (verifyKey == null) {
      throw new IllegalStateException("Verify key must be set prior to initialization.");
    }

    final DSAPublicKey pubKey = (DSAPublicKey) verifyKey;
    final DSAParams params = pubKey.getParams();
    final DSAPublicKeyParameters bcParams =
        new DSAPublicKeyParameters(
            pubKey.getY(), new DSAParameters(params.getP(), params.getQ(), params.getG()));
    init(false, bcParams);
  }
Example #12
0
 @JRubyMethod(name = "pub_key")
 public synchronized IRubyObject get_pub_key() {
   DSAPublicKey key;
   BigInteger param;
   if ((key = this.pubKey) != null) {
     return BN.newBN(getRuntime(), key.getY());
   } else if (specValues != null) {
     if ((param = specValues[SPEC_Y]) != null) {
       return BN.newBN(getRuntime(), param);
     }
   }
   return getRuntime().getNil();
 }
Example #13
0
  static byte[] buildDSA(DSAPublicKey key) {
    DataByteOutputStream out = new DataByteOutputStream();
    BigInteger q = key.getParams().getQ();
    BigInteger p = key.getParams().getP();
    BigInteger g = key.getParams().getG();
    BigInteger y = key.getY();
    int t = (p.toByteArray().length - 64) / 8;

    out.writeByte(t);
    out.writeBigInteger(q);
    out.writeBigInteger(p);
    out.writeBigInteger(g);
    out.writeBigInteger(y);

    return out.toByteArray();
  }
Example #14
0
  private void checkPublic(DSAPublicKey k1, PublicKey vKey) {
    if (!k1.getY().equals(((DSAPublicKey) vKey).getY())) {
      fail("public number not decoded properly");
    }

    if (!k1.getParams().getG().equals(((DSAPublicKey) vKey).getParams().getG())) {
      fail("public generator not decoded properly");
    }

    if (!k1.getParams().getP().equals(((DSAPublicKey) vKey).getParams().getP())) {
      fail("public p value not decoded properly");
    }

    if (!k1.getParams().getQ().equals(((DSAPublicKey) vKey).getParams().getQ())) {
      fail("public q value not decoded properly");
    }
  }
Example #15
0
 @JRubyMethod
 public IRubyObject to_text() {
   StringBuilder result = new StringBuilder();
   if (privKey != null) {
     int len = privKey.getParams().getP().bitLength();
     result.append("Private-Key: (").append(len).append(" bit)").append("\n");
     result.append("priv:");
     addSplittedAndFormatted(result, privKey.getX());
   }
   result.append("pub:");
   addSplittedAndFormatted(result, pubKey.getY());
   result.append("P:");
   addSplittedAndFormatted(result, pubKey.getParams().getP());
   result.append("Q:");
   addSplittedAndFormatted(result, pubKey.getParams().getQ());
   result.append("G:");
   addSplittedAndFormatted(result, pubKey.getParams().getG());
   return getRuntime().newString(result.toString());
 }
  /** Given a DSA key pair, return the BIND9-style text encoding */
  private String generatePrivateDSA(DSAPrivateKey key, DSAPublicKey pub, int algorithm) {
    StringWriter sw = new StringWriter();
    PrintWriter out = new PrintWriter(sw);
    DnsKeyAlgorithm algs = DnsKeyAlgorithm.getInstance();

    DSAParams p = key.getParams();

    out.println("Private-key-format: v1.2");
    out.println("Algorithm: " + algorithm + " (" + algs.algToString(algorithm) + ")");
    out.print("Prime(p): ");
    out.println(b64BigInt(p.getP()));
    out.print("Subprime(q): ");
    out.println(b64BigInt(p.getQ()));
    out.print("Base(g): ");
    out.println(b64BigInt(p.getG()));
    out.print("Private_value(x): ");
    out.println(b64BigInt(key.getX()));
    out.print("Public_value(y): ");
    out.println(b64BigInt(pub.getY()));

    return sw.toString();
  }
 /**
  * Return the next working key inheriting DSA parameters if necessary.
  *
  * <p>This methods inherits DSA parameters from the indexed certificate or previous certificates
  * in the certificate chain to the returned <code>PublicKey</code>. The list is searched upwards,
  * meaning the end certificate is at position 0 and previous certificates are following.
  *
  * <p>If the indexed certificate does not contain a DSA key this method simply returns the public
  * key. If the DSA key already contains DSA parameters the key is also only returned.
  *
  * @param certs The certification path.
  * @param index The index of the certificate which contains the public key which should be
  *     extended with DSA parameters.
  * @return The public key of the certificate in list position <code>index</code> extended with DSA
  *     parameters if applicable.
  * @throws AnnotatedException if DSA parameters cannot be inherited.
  */
 protected static PublicKey getNextWorkingKey(List certs, int index)
     throws CertPathValidatorException {
   Certificate cert = (Certificate) certs.get(index);
   PublicKey pubKey = cert.getPublicKey();
   if (!(pubKey instanceof DSAPublicKey)) {
     return pubKey;
   }
   DSAPublicKey dsaPubKey = (DSAPublicKey) pubKey;
   if (dsaPubKey.getParams() != null) {
     return dsaPubKey;
   }
   for (int i = index + 1; i < certs.size(); i++) {
     X509Certificate parentCert = (X509Certificate) certs.get(i);
     pubKey = parentCert.getPublicKey();
     if (!(pubKey instanceof DSAPublicKey)) {
       throw new CertPathValidatorException(
           "DSA parameters cannot be inherited from previous certificate.");
     }
     DSAPublicKey prevDSAPubKey = (DSAPublicKey) pubKey;
     if (prevDSAPubKey.getParams() == null) {
       continue;
     }
     DSAParams dsaParams = prevDSAPubKey.getParams();
     DSAPublicKeySpec dsaPubKeySpec =
         new DSAPublicKeySpec(
             dsaPubKey.getY(), dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
     try {
       KeyFactory keyFactory = KeyFactory.getInstance("DSA", BouncyCastleProvider.PROVIDER_NAME);
       return keyFactory.generatePublic(dsaPubKeySpec);
     } catch (Exception exception) {
       throw new RuntimeException(exception.getMessage());
     }
   }
   throw new CertPathValidatorException(
       "DSA parameters cannot be inherited from previous certificate.");
 }
  /**
   * Create a PGPPublicKey from the passed in JCA one.
   *
   * <p>Note: the time passed in affects the value of the key's keyID, so you probably only want to
   * do this once for a JCA key, or make sure you keep track of the time you used.
   *
   * @param algorithm asymmetric algorithm type representing the public key.
   * @param pubKey actual public key to associate.
   * @param time date of creation.
   * @throws PGPException on key creation problem.
   */
  public PGPPublicKey getPGPPublicKey(int algorithm, PublicKey pubKey, Date time)
      throws PGPException {
    BCPGKey bcpgKey;

    if (pubKey instanceof RSAPublicKey) {
      RSAPublicKey rK = (RSAPublicKey) pubKey;

      bcpgKey = new RSAPublicBCPGKey(rK.getModulus(), rK.getPublicExponent());
    } else if (pubKey instanceof DSAPublicKey) {
      DSAPublicKey dK = (DSAPublicKey) pubKey;
      DSAParams dP = dK.getParams();

      bcpgKey = new DSAPublicBCPGKey(dP.getP(), dP.getQ(), dP.getG(), dK.getY());
    } else if (pubKey instanceof ElGamalPublicKey) {
      ElGamalPublicKey eK = (ElGamalPublicKey) pubKey;
      ElGamalParameterSpec eS = eK.getParameters();

      bcpgKey = new ElGamalPublicBCPGKey(eS.getP(), eS.getG(), eK.getY());
    } else {
      throw new PGPException("unknown key class");
    }

    return new PGPPublicKey(new PublicKeyPacket(algorithm, time, bcpgKey), fingerPrintCalculator);
  }
  /**
   * Appends an HTML representation of the given X509Certificate.
   *
   * @param sb StringBuilder to append to
   * @param certificate to print
   */
  private void renderX509(StringBuilder sb, X509Certificate certificate) {
    X500Principal issuer = certificate.getIssuerX500Principal();
    X500Principal subject = certificate.getSubjectX500Principal();

    sb.append("<table cellspacing='1' cellpadding='1'>\n");

    // subject
    addTitle(sb, R.getI18NString("service.gui.CERT_INFO_ISSUED_TO"));
    try {
      for (Rdn name : new LdapName(subject.getName()).getRdns()) {
        String nameType = name.getType();
        String lblKey = "service.gui.CERT_INFO_" + nameType;
        String lbl = R.getI18NString(lblKey);

        if ((lbl == null) || ("!" + lblKey + "!").equals(lbl)) lbl = nameType;

        final String value;
        Object nameValue = name.getValue();

        if (nameValue instanceof byte[]) {
          byte[] nameValueAsByteArray = (byte[]) nameValue;

          value = getHex(nameValueAsByteArray) + " (" + new String(nameValueAsByteArray) + ")";
        } else value = nameValue.toString();

        addField(sb, lbl, value);
      }
    } catch (InvalidNameException ine) {
      addField(sb, R.getI18NString("service.gui.CERT_INFO_CN"), subject.getName());
    }

    // issuer
    addTitle(sb, R.getI18NString("service.gui.CERT_INFO_ISSUED_BY"));
    try {
      for (Rdn name : new LdapName(issuer.getName()).getRdns()) {
        String nameType = name.getType();
        String lblKey = "service.gui.CERT_INFO_" + nameType;
        String lbl = R.getI18NString(lblKey);

        if ((lbl == null) || ("!" + lblKey + "!").equals(lbl)) lbl = nameType;

        final String value;
        Object nameValue = name.getValue();

        if (nameValue instanceof byte[]) {
          byte[] nameValueAsByteArray = (byte[]) nameValue;

          value = getHex(nameValueAsByteArray) + " (" + new String(nameValueAsByteArray) + ")";
        } else value = nameValue.toString();

        addField(sb, lbl, value);
      }
    } catch (InvalidNameException ine) {
      addField(sb, R.getI18NString("service.gui.CERT_INFO_CN"), issuer.getName());
    }

    // validity
    addTitle(sb, R.getI18NString("service.gui.CERT_INFO_VALIDITY"));
    addField(
        sb,
        R.getI18NString("service.gui.CERT_INFO_ISSUED_ON"),
        certificate.getNotBefore().toString());
    addField(
        sb,
        R.getI18NString("service.gui.CERT_INFO_EXPIRES_ON"),
        certificate.getNotAfter().toString());

    addTitle(sb, R.getI18NString("service.gui.CERT_INFO_FINGERPRINTS"));
    try {
      String sha1String = getThumbprint(certificate, "SHA1");
      String md5String = getThumbprint(certificate, "MD5");

      addField(sb, "SHA1:", sha1String);
      addField(sb, "MD5:", md5String);
    } catch (CertificateException e) {
      // do nothing as we cannot show this value
    }

    addTitle(sb, R.getI18NString("service.gui.CERT_INFO_CERT_DETAILS"));

    addField(
        sb,
        R.getI18NString("service.gui.CERT_INFO_SER_NUM"),
        certificate.getSerialNumber().toString());

    addField(
        sb, R.getI18NString("service.gui.CERT_INFO_VER"), String.valueOf(certificate.getVersion()));

    addField(
        sb,
        R.getI18NString("service.gui.CERT_INFO_SIGN_ALG"),
        String.valueOf(certificate.getSigAlgName()));

    addTitle(sb, R.getI18NString("service.gui.CERT_INFO_PUB_KEY_INFO"));

    addField(
        sb,
        R.getI18NString("service.gui.CERT_INFO_ALG"),
        certificate.getPublicKey().getAlgorithm());

    if (certificate.getPublicKey().getAlgorithm().equals("RSA")) {
      RSAPublicKey key = (RSAPublicKey) certificate.getPublicKey();

      addField(
          sb,
          R.getI18NString("service.gui.CERT_INFO_PUB_KEY"),
          R.getI18NString(
              "service.gui.CERT_INFO_KEY_BYTES_PRINT",
              new String[] {
                String.valueOf(key.getModulus().toByteArray().length - 1),
                key.getModulus().toString(16)
              }));

      addField(
          sb, R.getI18NString("service.gui.CERT_INFO_EXP"), key.getPublicExponent().toString());

      addField(
          sb,
          R.getI18NString("service.gui.CERT_INFO_KEY_SIZE"),
          R.getI18NString(
              "service.gui.CERT_INFO_KEY_BITS_PRINT",
              new String[] {String.valueOf(key.getModulus().bitLength())}));
    } else if (certificate.getPublicKey().getAlgorithm().equals("DSA")) {
      DSAPublicKey key = (DSAPublicKey) certificate.getPublicKey();

      addField(sb, "Y:", key.getY().toString(16));
    }

    addField(
        sb,
        R.getI18NString("service.gui.CERT_INFO_SIGN"),
        R.getI18NString(
            "service.gui.CERT_INFO_KEY_BYTES_PRINT",
            new String[] {
              String.valueOf(certificate.getSignature().length), getHex(certificate.getSignature())
            }));

    sb.append("</table>\n");
  }