private void testEncoding(ECPrivateKey privKey, ECPublicKey pubKey) throws Exception {
KeyFactory kFact = KeyFactory.getInstance("ECDSA", "SC");
byte[] bytes = privKey.getEncoded();
PrivateKeyInfo sInfo = PrivateKeyInfo.getInstance(new ASN1InputStream(bytes).readObject());
if (!sInfo.getPrivateKeyAlgorithm().getParameters().equals(DERNull.INSTANCE)) {
fail("private key parameters wrong");
}
ECPrivateKey sKey = (ECPrivateKey) kFact.generatePrivate(new PKCS8EncodedKeySpec(bytes));
if (!sKey.equals(privKey)) {
fail("private equals failed");
}
if (sKey.hashCode() != privKey.hashCode()) {
fail("private hashCode failed");
}
bytes = pubKey.getEncoded();
SubjectPublicKeyInfo vInfo =
SubjectPublicKeyInfo.getInstance(new ASN1InputStream(bytes).readObject());
if (!vInfo.getAlgorithm().getParameters().equals(DERNull.INSTANCE)) {
fail("public key parameters wrong");
}
ECPublicKey vKey = (ECPublicKey) kFact.generatePublic(new X509EncodedKeySpec(bytes));
if (!vKey.equals(pubKey) || vKey.hashCode() != pubKey.hashCode()) {
fail("public equals/hashCode failed");
}
testBCParamsAndQ(sKey, vKey);
testEC5Params(sKey, vKey);
testECDSA(sKey, vKey);
}
public static X509Certificate makeOaepCertificate(
KeyPair subKP, String _subDN, KeyPair issKP, String _issDN, boolean _ca)
throws GeneralSecurityException, IOException, OperatorCreationException {
SubjectPublicKeyInfo subPub = SubjectPublicKeyInfo.getInstance(subKP.getPublic().getEncoded());
PrivateKey issPriv = issKP.getPrivate();
PublicKey issPub = issKP.getPublic();
X509v3CertificateBuilder v3CertGen =
new X509v3CertificateBuilder(
new X500Name(_issDN),
allocateSerialNumber(),
new Date(System.currentTimeMillis()),
new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
new X500Name(_subDN),
new SubjectPublicKeyInfo(
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, new RSAESOAEPparams()),
subPub.parsePublicKey()));
JcaContentSignerBuilder contentSignerBuilder = makeContentSignerBuilder(issPub);
v3CertGen.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyId(subPub));
v3CertGen.addExtension(Extension.authorityKeyIdentifier, false, createAuthorityKeyId(issPub));
v3CertGen.addExtension(Extension.basicConstraints, false, new BasicConstraints(_ca));
X509Certificate _cert =
new JcaX509CertificateConverter()
.setProvider("SC")
.getCertificate(v3CertGen.build(contentSignerBuilder.build(issPriv)));
_cert.checkValidity(new Date());
_cert.verify(issPub);
return _cert;
}
/**
* Initialise the builder using a PublicKey.
*
* @param issuer X500Name representing the issuer of this certificate.
* @param serial the serial number for the certificate.
* @param notBefore date before which the certificate is not valid.
* @param notAfter date after which the certificate is not valid.
* @param subject X500Name representing the subject of this certificate.
* @param publicKey the public key to be associated with the certificate.
*/
public JcaX509v3CertificateBuilder(
X500Name issuer,
BigInteger serial,
Date notBefore,
Date notAfter,
X500Name subject,
PublicKey publicKey) {
super(
issuer,
serial,
notBefore,
notAfter,
subject,
SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
}
static SubjectKeyIdentifier createSubjectKeyId(PublicKey _pubKey) throws IOException {
return extUtils.createSubjectKeyIdentifier(
SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded()));
}