Exemple #1
1
  public static void main(String[] args) throws Exception {

    // Generate 20 serial numbers with dup and a special order
    int count = 20;
    BigInteger[] serials = new BigInteger[count];
    for (int i = 0; i < count; i++) {
      serials[i] = BigInteger.valueOf(i * 7 % 10);
    }

    // Generates a CRL
    X509CRLEntry[] badCerts = new X509CRLEntry[count];
    for (int i = 0; i < count; i++) {
      badCerts[i] =
          new X509CRLEntryImpl(serials[i], new Date(System.currentTimeMillis() + i * 1000));
    }
    X500Name owner = new X500Name("CN=CA");
    X509CRLImpl crl = new X509CRLImpl(owner, new Date(), new Date(), badCerts);
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    crl.sign(kpg.genKeyPair().getPrivate(), "SHA1withRSA");
    byte[] data = crl.getEncodedInternal();

    // Check the encoding
    checkData(crl, data, serials);

    // Load a CRL from raw data
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    X509CRLImpl crl2 = (X509CRLImpl) cf.generateCRL(new ByteArrayInputStream(data));

    // Check the encoding again
    data = crl2.getEncodedInternal();
    checkData(crl2, data, serials);
  }
  public static void main(String[] args) throws Exception {
    byte[] input = new byte[] {(byte) 0xbe, (byte) 0xef};
    Cipher cipher = Cipher.getInstance("ElGamal/None/NoPadding", "BC");

    SecureRandom random = Utils.createFixedRandom();

    // create the keys
    KeyPairGenerator generator = KeyPairGenerator.getInstance("ElGamal", "BC");

    generator.initialize(256, random);

    KeyPair pair = generator.generateKeyPair();
    Key pubKey = pair.getPublic();
    Key privKey = pair.getPrivate();

    System.out.println("input : " + Utils.toHex(input));

    // encryption step

    cipher.init(Cipher.ENCRYPT_MODE, pubKey, random);

    byte[] cipherText = cipher.doFinal(input);

    System.out.println("cipher: " + Utils.toHex(cipherText));

    // decryption step

    cipher.init(Cipher.DECRYPT_MODE, privKey);

    byte[] plainText = cipher.doFinal(cipherText);

    System.out.println("plain : " + Utils.toHex(plainText));
  }
    @Override
    protected Boolean doInBackground(String... params) {
      final String alias = params[0];
      try {

        /*
         * Generate a new EC key pair entry in the Android Keystore by
         * using the KeyPairGenerator API. The private key can only be
         * used for signing or verification and only with SHA-256 or
         * SHA-512 as the message digest.
         */
        KeyPairGenerator kpg =
            KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore");
        kpg.initialize(
            new KeyGenParameterSpec.Builder(
                    alias, KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY)
                .setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512)
                .build());

        KeyPair kp = kpg.generateKeyPair();

        return true;
      } catch (NoSuchAlgorithmException e) {
        Log.w(TAG, "Could not generate key", e);
        return false;
      } catch (InvalidAlgorithmParameterException e) {
        Log.w(TAG, "Could not generate key", e);
        return false;
      } catch (NoSuchProviderException e) {
        Log.w(TAG, "Could not generate key", e);
        return false;
      }
    }
  /** 生成密钥对 */
  public static Map<String, String> generateKeyPair() throws Exception {
    /** RSA算法要求有一个可信任的随机数源 */
    SecureRandom sr = new SecureRandom();
    /** 为RSA算法创建一个KeyPairGenerator对象 */
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    /** 利用上面的随机数据源初始化这个KeyPairGenerator对象 */
    kpg.initialize(KEYSIZE, sr);
    /** 生成密匙对 */
    KeyPair kp = kpg.generateKeyPair();
    /** 得到公钥 */
    Key publicKey = kp.getPublic();
    byte[] publicKeyBytes = publicKey.getEncoded();
    String pub =
        new String(Base64.encodeBase64(publicKeyBytes), ConfigureEncryptAndDecrypt.CHAR_ENCODING);
    /** 得到私钥 */
    Key privateKey = kp.getPrivate();
    byte[] privateKeyBytes = privateKey.getEncoded();
    String pri =
        new String(Base64.encodeBase64(privateKeyBytes), ConfigureEncryptAndDecrypt.CHAR_ENCODING);

    Map<String, String> map = new HashMap<String, String>();
    map.put("publicKey", pub);
    map.put("privateKey", pri);
    RSAPublicKey rsp = (RSAPublicKey) kp.getPublic();
    BigInteger bint = rsp.getModulus();
    byte[] b = bint.toByteArray();
    byte[] deBase64Value = Base64.encodeBase64(b);
    String retValue = new String(deBase64Value);
    map.put("modulus", retValue);
    return map;
  }
Exemple #5
0
 public KeyPair generateKeyPair() throws NoSuchAlgorithmException {
   KeyPairGenerator keyGen =
       KeyPairGenerator.getInstance(ds().network.getProperty("PKAlgo", "DSA"));
   SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
   keyGen.initialize(1024, random);
   return keyGen.generateKeyPair();
 }
Exemple #6
0
  private void sealedObjectTest() throws Exception {
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECIES");
    kpg.initialize(new ECGenParameterSpec("secp256r1"));
    KeyPair keyPair = kpg.generateKeyPair();

    Cipher cipher = Cipher.getInstance("ECIES");
    cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());

    String toEncrypt = "Hello";

    // Check that cipher works ok
    cipher.doFinal(toEncrypt.getBytes());

    // Using a SealedObject to encrypt the same string fails with a NullPointerException
    SealedObject sealedObject = new SealedObject(toEncrypt, cipher);

    cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());

    String result = (String) sealedObject.getObject(cipher);

    isTrue("result wrong", result.equals(toEncrypt));

    result = (String) sealedObject.getObject(keyPair.getPrivate());

    isTrue("result wrong", result.equals(toEncrypt));
  }
  public void generateLocalKeyPair(String fullUserId) {

    String userId = Address.stripResource(fullUserId);

    OtrDebugLogger.log("generating local key pair for: " + userId);

    KeyPair keyPair;
    try {

      KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALG);
      kpg.initialize(KEY_SIZE);

      keyPair = kpg.genKeyPair();
    } catch (NoSuchAlgorithmException e) {
      OtrDebugLogger.log("no such algorithm", e);
      return;
    }

    OtrDebugLogger.log("SUCCESS! generating local key pair for: " + userId);

    // Store Private Key.
    PrivateKey privKey = keyPair.getPrivate();
    PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(privKey.getEncoded());

    this.store.setProperty(userId + ".privateKey", pkcs8EncodedKeySpec.getEncoded());

    // Store Public Key.
    PublicKey pubKey = keyPair.getPublic();
    storeLocalPublicKey(userId, pubKey);

    store.save();
  }
Exemple #8
0
  public boolean generateKeys() {

    PublicKey keyPub;
    PrivateKey keyPri;
    SecureRandom rand;

    Security.addProvider(new ABAProvider());

    rand = new SecureRandom();

    rand.setSeed(System.currentTimeMillis());

    try {
      KeyPairGenerator fact;
      KeyPair keyPair;

      fact = KeyPairGenerator.getInstance("RSA", "ABA");

      fact.initialize(1024, rand);

      keyPair = fact.generateKeyPair();

      keyPub = keyPair.getPublic();

      keyPri = keyPair.getPrivate();

      pubKey = bytesToHexStr(keyPub.getEncoded());

      priKey = bytesToHexStr(keyPri.getEncoded());
    } catch (Exception e) {
      return false;
    }
    return true;
  }
  @PostConstruct
  public void create() throws Exception {
    Realm cd = new Realm(REALM_CD_NAME);
    Realm storedRealm = partitionManager.getPartition(Realm.class, cd.getName());
    if (storedRealm == null) {
      cd.setEnforceSSL(true);
      KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
      cd.setPrivateKey(keyPair.getPrivate().getEncoded());
      cd.setPublickKey(keyPair.getPublic().getEncoded());
      cd.setNumberFailedLoginAttempts(3);
      partitionManager.add(cd);

      IdentityManager cdIdentityManager = partitionManager.createIdentityManager(cd);

      Role Administrator = new Role("Administrator");
      Role Customer = new Role("Customer");
      Role Consumer = new Role("Consumer");
      Role Vendor = new Role("Vendor");
      Role Contacts = new Role("Contacts");

      cdIdentityManager.add(Administrator);
      cdIdentityManager.add(Customer);
      cdIdentityManager.add(Consumer);
      cdIdentityManager.add(Vendor);
      cdIdentityManager.add(Contacts);

      User user = new User("admin");
      cdIdentityManager.add(user);
      Password password = new Password("admin");
      cdIdentityManager.updateCredential(user, password);

      RelationshipManager relationshipManager = partitionManager.createRelationshipManager();
      relationshipManager.add(new Grant(user, Administrator));

      Realm cdcustomer = new Realm(REALM_CDCustomer_NAME);
      Realm customerRealm = partitionManager.getPartition(Realm.class, cdcustomer.getName());

      if (customerRealm == null) {
        cdcustomer.setEnforceSSL(true);
        KeyPair keyPaircustomer = KeyPairGenerator.getInstance("RSA").generateKeyPair();
        cdcustomer.setPrivateKey(keyPaircustomer.getPrivate().getEncoded());
        cdcustomer.setPublickKey(keyPaircustomer.getPublic().getEncoded());
        cdcustomer.setNumberFailedLoginAttempts(3);
        partitionManager.add(cdcustomer);

        IdentityManager cdIdentityManagercst = partitionManager.createIdentityManager(cdcustomer);

        User customer = new User("customer");
        cdIdentityManagercst.add(customer);
        Password demo = new Password("demo");
        cdIdentityManagercst.updateCredential(customer, demo);
        relationshipManager.add(new Grant(customer, Customer));

        User consumer = new User("consumer");
        cdIdentityManagercst.add(consumer);
        cdIdentityManagercst.updateCredential(consumer, demo);
        relationshipManager.add(new Grant(consumer, Consumer));
      }
    }
  }
Exemple #10
0
 @Override
 public void setAlgorithm(KeyAgreementType dhMode) {
   if (keyType != null && keyType.keyType == dhMode.keyType) return;
   keyType = dhMode;
   KeyPairGenerator kpg = null;
   try {
     switch (keyType.keyType) {
       case KeyAgreementType.DH_MODE_DH3K:
         algorithm = "DH";
         kpg = KeyPairGenerator.getInstance(algorithm, "ZBC");
         kpg.initialize(576);
         keyPair = kpg.genKeyPair();
         break;
       case KeyAgreementType.DH_MODE_EC25:
         algorithm = "ECDH";
         kpg = KeyPairGenerator.getInstance(algorithm, "ZBC");
         // kpg.initialize(256);
         kpg.initialize(ECNamedCurveTable.getParameterSpec("P-256"));
         keyPair = kpg.genKeyPair();
         break;
       case KeyAgreementType.DH_MODE_EC38:
         algorithm = "ECDH";
         kpg = KeyPairGenerator.getInstance(algorithm, "ZBC");
         // kpg.initialize(384);
         kpg.initialize(ECNamedCurveTable.getParameterSpec("P-384"));
         keyPair = kpg.genKeyPair();
         break;
       default:
         break;
     }
     keyFactory = KeyFactory.getInstance(algorithm, "ZBC");
   } catch (Exception e) {
     e.printStackTrace();
   }
 }
  /*
   * Get a temporary RSA KeyPair.
   */
  KeyPair getRSAKeyPair(boolean export, SecureRandom random) {
    int length, index;
    if (ExportControl.hasStrongCrypto && !export) {
      length = 1024;
      index = INDEX_RSA512;
    } else {
      length = 512;
      index = INDEX_RSA1024;
    }

    KeyPair kp;
    EphemeralKeyPair ekp = keys[index];
    synchronized (ekp) {
      kp = ekp.getKeyPair();
      if (kp == null) {
        try {
          KeyPairGenerator kgen = KeyPairGenerator.getInstance("RSA");
          kgen.initialize(length, random);
          ekp = new EphemeralKeyPair(kgen.genKeyPair());
          kp = ekp.getKeyPair();
          keys[index] = ekp;
        } catch (Exception e) {
          // ignore
        }
      }
    }
    return kp;
  }
  public void main(Provider p) throws Exception {
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
    kpg.initialize(512);
    KeyPair kp = kpg.generateKeyPair();
    PrivateKey privateKey = kp.getPrivate();
    PublicKey publicKey = kp.getPublic();
    Signature sig = Signature.getInstance("MD5withRSA", p);
    byte[] data = new byte[10 * 1024];
    new Random().nextBytes(data);
    sig.initSign(privateKey);
    sig.initSign(privateKey);
    sig.update(data);
    sig.initSign(privateKey);
    sig.update(data);
    byte[] signature = sig.sign();
    sig.update(data);
    sig.initSign(privateKey);
    sig.update(data);
    sig.sign();
    sig.sign();
    sig.initSign(privateKey);
    sig.sign();

    System.out.println("All tests passed");
  }
  public void testProtectedMessage() throws Exception {
    KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);

    kGen.initialize(512);

    KeyPair kp = kGen.generateKeyPair();
    X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");

    GeneralName sender = new GeneralName(new X500Name("CN=Sender"));
    GeneralName recipient = new GeneralName(new X500Name("CN=Recip"));

    ContentSigner signer =
        new JcaContentSignerBuilder("MD5WithRSAEncryption").setProvider(BC).build(kp.getPrivate());
    ProtectedPKIMessage message =
        new ProtectedPKIMessageBuilder(sender, recipient)
            .setBody(
                new PKIBody(
                    PKIBody.TYPE_INIT_REP,
                    CertRepMessage.getInstance(new DERSequence(new DERSequence()))))
            .addCMPCertificate(cert)
            .build(signer);

    X509Certificate jcaCert =
        new JcaX509CertificateConverter()
            .setProvider(BC)
            .getCertificate(message.getCertificates()[0]);
    ContentVerifierProvider verifierProvider =
        new JcaContentVerifierProviderBuilder().setProvider(BC).build(jcaCert.getPublicKey());

    assertTrue(message.verify(verifierProvider));

    assertEquals(sender, message.getHeader().getSender());
    assertEquals(recipient, message.getHeader().getRecipient());
  }
Exemple #14
0
  public static void main(String[] args) throws NoSuchAlgorithmException {

    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
    keyGen.initialize(1024);
    KeyPair par = keyGen.generateKeyPair();
    prk = par.getPrivate();
    pbk = par.getPublic();

    Registry reg = null;
    System.out.println("Creando conexion remota");
    try {
      reg = LocateRegistry.createRegistry(5555);
    } catch (Exception e) {
      e.printStackTrace();
    }
    System.out.println("Creando objeto servidor");
    Servidor s = new Servidor();
    try {
      reg.rebind("Operaciones", (InterfaceRemota) UnicastRemoteObject.exportObject(s, 0));
    } catch (Exception e) {
      e.printStackTrace();
    }
    while (true) {
      try {
        Thread.sleep(1000);
      } catch (InterruptedException ex) {
        Logger.getLogger(Servidor.class.getName()).log(Level.SEVERE, null, ex);
      }
    }
  }
 private KeyPair generateKeyPair() throws Exception {
   KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
   SecureRandom random = new SecureRandom();
   keyPairGenerator.initialize(
       new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F4), random);
   return keyPairGenerator.generateKeyPair();
 }
  public void testMacProtectedMessage() throws Exception {
    KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);

    kGen.initialize(512);

    KeyPair kp = kGen.generateKeyPair();
    X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");

    GeneralName sender = new GeneralName(new X500Name("CN=Sender"));
    GeneralName recipient = new GeneralName(new X500Name("CN=Recip"));

    ProtectedPKIMessage message =
        new ProtectedPKIMessageBuilder(sender, recipient)
            .setBody(
                new PKIBody(
                    PKIBody.TYPE_INIT_REP,
                    CertRepMessage.getInstance(new DERSequence(new DERSequence()))))
            .addCMPCertificate(cert)
            .build(
                new PKMACBuilder(new JcePKMACValuesCalculator().setProvider(BC))
                    .build("secret".toCharArray()));

    PKMACBuilder pkMacBuilder = new PKMACBuilder(new JcePKMACValuesCalculator().setProvider(BC));

    assertTrue(message.verify(pkMacBuilder, "secret".toCharArray()));

    assertEquals(sender, message.getHeader().getSender());
    assertEquals(recipient, message.getHeader().getRecipient());
  }
  @Test
  public void testKeygenToFileOutputStream()
      throws NoSuchAlgorithmException, NoSuchProviderException, IOException {
    final KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");

    final SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
    keyGen.initialize(1024, random);

    KeyPair pair = keyGen.generateKeyPair();

    final PrivateKey priv = pair.getPrivate();
    final PublicKey pub = pair.getPublic();

    // Write the private key to a file
    FileOutputStream privOS = new FileOutputStream("RSAPrivateKey.key");
    Assert.assertNotNull(privOS);
    privOS.write(priv.getEncoded());
    privOS.close();

    // Write the private key to a file
    FileOutputStream publicOS = new FileOutputStream("RSAPublicKey.key");
    Assert.assertNotNull(publicOS);
    publicOS.write(pub.getEncoded());
    publicOS.close();
  }
Exemple #18
0
  public static ECPublicKey PrivateKeytoECPublicKey(byte[] privateKey)
      throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeySpecException {
    KeyPairGenerator kpg = null;
    kpg = KeyPairGenerator.getInstance("EC");

    ECGenParameterSpec gps = new ECGenParameterSpec("secp256k1"); // NIST P-256
    kpg.initialize(gps);
    KeyPair apair = kpg.generateKeyPair();
    ECPublicKey apub = (ECPublicKey) apair.getPublic();
    ECParameterSpec aspec = apub.getParams();

    byte[] publicKeyb = Address.privateKeyToPublicKey(Utils.toHex(privateKey), false);

    byte[] publicKeybx = new byte[32];
    byte[] publicKeyby = new byte[32];
    System.arraycopy(publicKeyb, 1, publicKeybx, 0, 32);
    System.arraycopy(publicKeyb, 33, publicKeyby, 0, 32);
    BigInteger x = new BigInteger(1, publicKeybx);
    BigInteger y = new BigInteger(1, publicKeyby);

    java.security.spec.ECPoint cpoint = new java.security.spec.ECPoint(x, y);
    ECPublicKeySpec cpubs = new ECPublicKeySpec(cpoint, aspec);
    ECPublicKey cpub = null;
    KeyFactory kfa = null;
    kfa = KeyFactory.getInstance("EC");
    return cpub = (ECPublicKey) kfa.generatePublic(cpubs);
  }
  private static String csr() {
    try {
      KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
      keyGen.initialize(2048);
      KeyPair keyPair = keyGen.generateKeyPair();
      X500Principal subject =
          new X500Principal(
              "CN = edea87b4-034d-48dc-94dd-e7cdcfdde370/10562468, OU = fgdfgretertgdfg, O = VW, L = US");
      ContentSigner signer = new JcaContentSignerBuilder("SHA1withRSA").build(keyPair.getPrivate());
      PKCS10CertificationRequestBuilder builder =
          new JcaPKCS10CertificationRequestBuilder(subject, keyPair.getPublic());
      PKCS10CertificationRequest csr = builder.build(signer);

      String type = "CERTIFICATE REQUEST";
      PemObject pem = new PemObject(type, csr.getEncoded());
      StringWriter str = new StringWriter();
      PEMWriter pemWriter = new PEMWriter(str);
      pemWriter.writeObject(pem);
      pemWriter.close();
      str.close();
      Log.d("Test", "" + str);
      return Base64Util.getStringAsBase64(str.toString());
    } catch (NoSuchAlgorithmException e) {
      e.printStackTrace();
    } catch (OperatorCreationException e) {
      e.printStackTrace();
    } catch (IOException e) {
      e.printStackTrace();
    }
    return "";
  }
 /** This method generates public and private keys. */
 public static void generateKey() throws Exception {
   KeyPairGenerator gen = KeyPairGenerator.getInstance(RSA);
   gen.initialize(512, new SecureRandom());
   KeyPair keyPair = gen.generateKeyPair();
   pubKey = keyPair.getPublic();
   priKey = keyPair.getPrivate();
 }
  @Test
  public void testApply() {
    final Crypto crypto = createMock(Crypto.class);
    KeyPairGenerator rsaKeyPairGenerator = createMock(KeyPairGenerator.class);
    final SecureRandom secureRandom = createMock(SecureRandom.class);

    expect(crypto.rsaKeyPairGenerator()).andReturn(rsaKeyPairGenerator);
    rsaKeyPairGenerator.initialize(2048, secureRandom);
    expect(rsaKeyPairGenerator.genKeyPair()).andReturn(keyPair);

    replay(crypto, rsaKeyPairGenerator, secureRandom);

    RsaSshKeyPairGenerator supplier =
        Guice.createInjector(
                new AbstractModule() {
                  protected void configure() {
                    bind(Crypto.class).toInstance(crypto);
                    bind(SecureRandom.class).toInstance(secureRandom);
                  }
                })
            .getInstance(RsaSshKeyPairGenerator.class);

    assertEquals(
        supplier.get(),
        ImmutableMap.of(
            "public", openSshKey, "private", PRIVATE_KEY.replaceAll("\n", lineSeparator)));

    verify(crypto, rsaKeyPairGenerator, secureRandom);
  }
Exemple #22
0
  public static void main(String[] args) {
    try {

      AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator.getInstance("DSA");
      paramGen.init(1024);

      AlgorithmParameters params = paramGen.generateParameters();

      DSAParameterSpec dsaParameterSpec = params.getParameterSpec(DSAParameterSpec.class);

      KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");
      keyPairGenerator.initialize(dsaParameterSpec);

      KeyPair keyPair = keyPairGenerator.generateKeyPair();

      PublicKey publicKey = keyPair.getPublic();
      PrivateKey privateKey = keyPair.getPrivate();

      saveKey("BpubKey", publicKey);
      saveKey("BprivKey", privateKey);

    } catch (NoSuchAlgorithmException
        | InvalidParameterSpecException
        | InvalidAlgorithmParameterException e) {
      e.printStackTrace();
    }
  }
Exemple #23
0
  public void init(int key_size) throws Exception {
    String name = null;
    if (key_size == 256) name = "secp256r1";
    else if (key_size == 384) name = "secp384r1";
    else if (key_size == 521) name = "secp521r1";
    else throw new JSchException("unsupported key size: " + key_size);

    for (int i = 0; i < 1000; i++) {
      KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC");
      ECGenParameterSpec ecsp = new ECGenParameterSpec(name);
      kpg.initialize(ecsp);
      KeyPair kp = kpg.genKeyPair();
      prvKey = (ECPrivateKey) kp.getPrivate();
      pubKey = (ECPublicKey) kp.getPublic();
      params = pubKey.getParams();
      d = ((ECPrivateKey) prvKey).getS().toByteArray();
      ECPoint w = pubKey.getW();
      r = w.getAffineX().toByteArray();
      s = w.getAffineY().toByteArray();

      if (r.length != s.length) continue;
      if (key_size == 256 && r.length == 32) break;
      if (key_size == 384 && r.length == 48) break;
      if (key_size == 521 && r.length == 66) break;
    }
    if (d.length < r.length) {
      d = insert0(d);
    }
  }
  private void testKeyFactory() throws Exception {
    KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "SC");

    ECCurve curve =
        new ECCurve.Fp(
            new BigInteger(
                "883423532389192164791648750360308885314476597252960362792450860609699839"), // q
            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
            new BigInteger(
                "6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b

    ECParameterSpec ecSpec =
        new ECParameterSpec(
            curve,
            curve.decodePoint(
                Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
            new BigInteger(
                "883423532389192164791648750360308884807550341691627752275345424702807307")); // n

    ConfigurableProvider config = (ConfigurableProvider) Security.getProvider("SC");

    config.setParameter(ConfigurableProvider.EC_IMPLICITLY_CA, ecSpec);

    g.initialize(null, new SecureRandom());

    KeyPair p = g.generateKeyPair();

    ECPrivateKey sKey = (ECPrivateKey) p.getPrivate();
    ECPublicKey vKey = (ECPublicKey) p.getPublic();

    KeyFactory fact = KeyFactory.getInstance("ECDSA", "SC");

    vKey = (ECPublicKey) fact.generatePublic(new ECPublicKeySpec(vKey.getQ(), null));
    sKey = (ECPrivateKey) fact.generatePrivate(new ECPrivateKeySpec(sKey.getD(), null));

    testECDSA(sKey, vKey);

    testBCParamsAndQ(sKey, vKey);
    testEC5Params(sKey, vKey);

    testEncoding(sKey, vKey);

    ECPublicKey vKey2 = (ECPublicKey) fact.generatePublic(new ECPublicKeySpec(vKey.getQ(), ecSpec));
    ECPrivateKey sKey2 =
        (ECPrivateKey) fact.generatePrivate(new ECPrivateKeySpec(sKey.getD(), ecSpec));

    if (!vKey.equals(vKey2) || vKey.hashCode() != vKey2.hashCode()) {
      fail("private equals/hashCode failed");
    }

    if (!sKey.equals(sKey2) || sKey.hashCode() != sKey2.hashCode()) {
      fail("private equals/hashCode failed");
    }

    // check we can get specs.
    fact.getKeySpec(vKey, java.security.spec.ECPublicKeySpec.class);

    fact.getKeySpec(sKey, java.security.spec.ECPrivateKeySpec.class);
  }
  public void run() {
    try {
      ObjectInputStream ois = new ObjectInputStream(s.getInputStream());
      ObjectOutputStream oos = new ObjectOutputStream(s.getOutputStream());

      BigInteger bg = dhSpec.getG();
      BigInteger bp = dhSpec.getP();
      oos.writeObject(bg);
      oos.writeObject(bp);

      KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH");
      kpg.initialize(1024);
      KeyPair kpa = (KeyPair) ois.readObject();
      KeyAgreement dh = KeyAgreement.getInstance("DH");
      KeyPair kp = kpg.generateKeyPair();

      oos.writeObject(kp);

      dh.init(kp.getPrivate());
      Key pk = dh.doPhase(kpa.getPublic(), true);

      MessageDigest sha256 = MessageDigest.getInstance("SHA-256");
      byte[] rawbits = sha256.digest(dh.generateSecret());

      Cipher c = Cipher.getInstance(CIPHER_MODE);
      SecretKey key = new SecretKeySpec(rawbits, 0, 16, "AES");
      byte ivbits[] = (byte[]) ois.readObject();
      IvParameterSpec iv = new IvParameterSpec(ivbits);
      c.init(Cipher.DECRYPT_MODE, key, iv);

      Mac m = Mac.getInstance("HmacSHA1");
      SecretKey mackey = new SecretKeySpec(rawbits, 16, 16, "HmacSHA1");
      m.init(mackey);

      byte ciphertext[], cleartext[], mac[];
      try {
        while (true) {
          ciphertext = (byte[]) ois.readObject();
          mac = (byte[]) ois.readObject();
          if (Arrays.equals(mac, m.doFinal(ciphertext))) {
            cleartext = c.update(ciphertext);
            System.out.println(ct + " : " + new String(cleartext, "UTF-8"));
          } else {
            // System.exit(1);
            System.out.println(ct + "error");
          }
        }
      } catch (EOFException e) {
        cleartext = c.doFinal();
        System.out.println(ct + " : " + new String(cleartext, "UTF-8"));
        System.out.println("[" + ct + "]");
      } finally {
        if (ois != null) ois.close();
        if (oos != null) oos.close();
      }
    } catch (Exception e) {
      e.printStackTrace();
    }
  }
Exemple #26
0
  public boolean createSelfSignedKeystore(
      String cn,
      String keystoreFile,
      String keystorePassword,
      String privateKeyPassword,
      String privateKeyAlias) {
    KeyStore ks = null;

    try {
      ks = KeyStore.getInstance("JKS");
      ks.load(null, null);

      KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
      keyGen.initialize(1024, new SecureRandom());
      KeyPair keypair = keyGen.generateKeyPair();
      PrivateKey privkey = keypair.getPrivate();
      PublicKey pubkey = keypair.getPublic();

      Hashtable<DERObjectIdentifier, String> attrs = new Hashtable<DERObjectIdentifier, String>();
      Vector<DERObjectIdentifier> ordering = new Vector<DERObjectIdentifier>();
      ordering.add(X509Name.CN);
      attrs.put(X509Name.CN, cn);
      X509Name issuerDN = new X509Name(ordering, attrs);
      X509Name subjectDN = new X509Name(ordering, attrs);

      Date validFrom = new Date();
      validFrom.setTime(validFrom.getTime() - (10 * 60 * 1000));
      Date validTo = new Date();
      validTo.setTime(validTo.getTime() + (20 * (24 * 60 * 60 * 1000)));

      X509V3CertificateGenerator x509 = new X509V3CertificateGenerator();
      x509.setSignatureAlgorithm("SHA1withDSA");
      x509.setIssuerDN(issuerDN);
      x509.setSubjectDN(subjectDN);
      x509.setPublicKey(pubkey);
      x509.setNotBefore(validFrom);
      x509.setNotAfter(validTo);
      x509.setSerialNumber(new BigInteger(128, new Random()));

      X509Certificate[] cert = new X509Certificate[1];
      cert[0] = x509.generate(privkey, "BC");
      java.security.cert.Certificate[] chain = new java.security.cert.Certificate[1];
      chain[0] = cert[0];

      ks.setKeyEntry(privateKeyAlias, privkey, privateKeyPassword.toCharArray(), cert);
      ks.setKeyEntry(privateKeyAlias, privkey, privateKeyPassword.toCharArray(), chain);
      ks.store(new FileOutputStream(keystoreFile), keystorePassword.toCharArray());

      String IDP_RFC_CERT = "WEB-INF/guanxi_idp/keystore/guanxi_idp_cert.txt";

      PEMWriter pemWriter = new PEMWriter(new FileWriter(servletContext.getRealPath(IDP_RFC_CERT)));
      pemWriter.writeObject(cert[0]);
      pemWriter.close();

      return true;
    } catch (Exception se) {
      return false;
    }
  }
 public static void testcaV3() throws Exception {
   KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
   kpg.initialize(2048);
   KeyPair keyPair = kpg.generateKeyPair();
   X509Certificate cer = buildCARootCertV3(keyPair);
   FileUtils.writeByteArrayToFile(new File("d:\\caV3.cer"), cer.getEncoded());
   System.out.println(cer);
 }
Exemple #28
0
 public void init(BigInteger p, BigInteger g) throws GeneralSecurityException {
   this.p = p;
   this.g = g;
   generator.initialize(new DHParameterSpec(p, g));
   final KeyPair kp = generator.generateKeyPair();
   agreement.init(kp.getPrivate());
   e = ((javax.crypto.interfaces.DHPublicKey) kp.getPublic()).getY();
 }
 static {
   try {
     keyPairGenerator = KeyPairGenerator.getInstance("RSA");
   } catch (NoSuchAlgorithmException e) {
     throw new RuntimeException(e);
   }
   keyPairGenerator.initialize(2048);
 }
  private static KeyPair generateKeyPair()
      throws NoSuchProviderException, NoSuchAlgorithmException {
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "SunRsaSign");

    kpg.initialize(512, new SecureRandom());

    return kpg.generateKeyPair();
  }