List of usage examples for java.security.spec ECParameterSpec getOrder
public BigInteger getOrder()
From source file:org.cesecore.certificates.util.AlgorithmTools.java
/** * Gets the key specification from a public key. Example: "2048" for a RSA * or DSA key or "secp256r1" for EC key. The EC curve is only detected * if <i>publickey</i> is an object known by the bouncy castle provider. * @param publicKey The public key to get the key specification from * @return The key specification, "unknown" if it could not be determined and * null if the key algorithm is not supported */// w w w . ja v a 2s . c o m public static String getKeySpecification(final PublicKey publicKey) { if (log.isTraceEnabled()) { log.trace(">getKeySpecification"); } String keyspec = null; if (publicKey instanceof RSAPublicKey) { keyspec = Integer.toString(((RSAPublicKey) publicKey).getModulus().bitLength()); } else if (publicKey instanceof DSAPublicKey) { keyspec = Integer.toString(((DSAPublicKey) publicKey).getParams().getP().bitLength()); } else if (publicKey instanceof ECPublicKey) { final ECPublicKey ecPublicKey = (ECPublicKey) publicKey; if (ecPublicKey.getParams() instanceof ECNamedCurveSpec) { keyspec = ((ECNamedCurveSpec) ecPublicKey.getParams()).getName(); // Prefer to return a curve name alias that also works with the default and BC provider for (String keySpecAlias : getEcKeySpecAliases(keyspec)) { if (isNamedECKnownInDefaultProvider(keySpecAlias)) { keyspec = keySpecAlias; break; } } } else { keyspec = KEYSPEC_UNKNOWN; // Try to detect if it is a curve name known by BC even though the public key isn't a BC key final ECParameterSpec namedCurve = ecPublicKey.getParams(); if (namedCurve != null) { final int c1 = namedCurve.getCofactor(); final EllipticCurve ec1 = namedCurve.getCurve(); final BigInteger a1 = ec1.getA(); final BigInteger b1 = ec1.getB(); final int fs1 = ec1.getField().getFieldSize(); //final byte[] s1 = ec1.getSeed(); final ECPoint g1 = namedCurve.getGenerator(); final BigInteger ax1 = g1.getAffineX(); final BigInteger ay1 = g1.getAffineY(); final BigInteger o1 = namedCurve.getOrder(); if (log.isDebugEnabled()) { log.debug("a1=" + a1 + " b1=" + b1 + " fs1=" + fs1 + " ax1=" + ax1 + " ay1=" + ay1 + " o1=" + o1 + " c1=" + c1); } @SuppressWarnings("unchecked") final Enumeration<String> ecNamedCurves = ECNamedCurveTable.getNames(); while (ecNamedCurves.hasMoreElements()) { final String ecNamedCurveBc = ecNamedCurves.nextElement(); final ECNamedCurveParameterSpec parameterSpec2 = ECNamedCurveTable .getParameterSpec(ecNamedCurveBc); final ECCurve ec2 = parameterSpec2.getCurve(); final BigInteger a2 = ec2.getA().toBigInteger(); final BigInteger b2 = ec2.getB().toBigInteger(); final int fs2 = ec2.getFieldSize(); final org.bouncycastle.math.ec.ECPoint g2 = parameterSpec2.getG(); final BigInteger ax2 = g2.getX().toBigInteger(); final BigInteger ay2 = g2.getY().toBigInteger(); final BigInteger h2 = parameterSpec2.getH(); final BigInteger n2 = parameterSpec2.getN(); if (a1.equals(a2) && ax1.equals(ax2) && b1.equals(b2) && ay1.equals(ay2) && fs1 == fs2 && o1.equals(n2) && c1 == h2.intValue()) { // We have a matching curve here! if (log.isDebugEnabled()) { log.debug("a2=" + a2 + " b2=" + b2 + " fs2=" + fs2 + " ax2=" + ax2 + " ay2=" + ay2 + " h2=" + h2 + " n2=" + n2 + " " + ecNamedCurveBc); } // Since this public key is a SUN PKCS#11 pub key if we get here, we only return an alias if it is recognized by the provider if (isNamedECKnownInDefaultProvider(ecNamedCurveBc)) { keyspec = ecNamedCurveBc; break; } } } } } } if (log.isTraceEnabled()) { log.trace("<getKeySpecification: " + keyspec); } return keyspec; }
From source file:org.cesecore.keys.util.KeyTools.java
/** * Gets the key length of supported keys * // w w w. j ava2 s. c o m * @param pk * PublicKey used to derive the keysize * @return -1 if key is unsupported, otherwise a number >= 0. 0 usually means the length can not be calculated, for example if the key is an EC * key and the "implicitlyCA" encoding is used. */ public static int getKeyLength(final PublicKey pk) { int len = -1; if (pk instanceof RSAPublicKey) { final RSAPublicKey rsapub = (RSAPublicKey) pk; len = rsapub.getModulus().bitLength(); } else if (pk instanceof JCEECPublicKey) { final JCEECPublicKey ecpriv = (JCEECPublicKey) pk; final org.bouncycastle.jce.spec.ECParameterSpec spec = ecpriv.getParameters(); if (spec != null) { len = spec.getN().bitLength(); } else { // We support the key, but we don't know the key length len = 0; } } else if (pk instanceof BCECPublicKey) { final BCECPublicKey ecpriv = (BCECPublicKey) pk; final org.bouncycastle.jce.spec.ECParameterSpec spec = ecpriv.getParameters(); if (spec != null) { len = spec.getN().bitLength(); } else { // We support the key, but we don't know the key length len = 0; } } else if (pk instanceof ECPublicKey) { final ECPublicKey ecpriv = (ECPublicKey) pk; final java.security.spec.ECParameterSpec spec = ecpriv.getParams(); if (spec != null) { len = spec.getOrder().bitLength(); // does this really return something we expect? } else { // We support the key, but we don't know the key length len = 0; } } else if (pk instanceof DSAPublicKey) { final DSAPublicKey dsapub = (DSAPublicKey) pk; if (dsapub.getParams() != null) { len = dsapub.getParams().getP().bitLength(); } else { len = dsapub.getY().bitLength(); } } return len; }
From source file:org.cesecore.keys.util.KeyTools.java
/** * Gets the key AlgorithmParameterSpec of supported keys. Can be used to initialize a KeyPairGenerator to generate a key of equal type and size. * /*from ww w . ja v a2s.c o m*/ * @param pk * PublicKey used to derive the AlgorithmParameterSpec * @return null if key is unsupported or pk is null, otherwise a AlgorithmParameterSpec. */ public static AlgorithmParameterSpec getKeyGenSpec(final PublicKey pk) { if (pk == null) { return null; } AlgorithmParameterSpec ret = null; if (pk instanceof RSAPublicKey) { log.debug("getKeyGenSpec: RSA"); final RSAPublicKey rpk = (RSAPublicKey) pk; ret = new RSAKeyGenParameterSpec(getKeyLength(pk), rpk.getPublicExponent()); } else if (pk instanceof DSAPublicKey) { log.debug("getKeyGenSpec: DSA"); final DSAPublicKey dpk = (DSAPublicKey) pk; final DSAParams params = dpk.getParams(); ret = new DSAParameterSpec(params.getP(), params.getQ(), params.getG()); } else if (pk instanceof ECPublicKey) { log.debug("getKeyGenSpec: ECPublicKey"); final ECPublicKey ecpub = (ECPublicKey) pk; final java.security.spec.ECParameterSpec sunsp = ecpub.getParams(); final EllipticCurve ecurve = new EllipticCurve(sunsp.getCurve().getField(), sunsp.getCurve().getA(), sunsp.getCurve().getB()); // ECParameterSpec par = new ECNamedCurveSpec(null, sunsp.getCurve(), sunsp.getGenerator(), sunsp.getOrder(), // BigInteger.valueOf(sunsp.getCofactor())); final ECParameterSpec params = new ECParameterSpec(ecurve, sunsp.getGenerator(), sunsp.getOrder(), sunsp.getCofactor()); if (log.isDebugEnabled()) { log.debug("Fieldsize: " + params.getCurve().getField().getFieldSize()); final EllipticCurve curve = params.getCurve(); log.debug("CurveA: " + curve.getA().toString(16)); log.debug("CurveB: " + curve.getB().toString(16)); log.debug("CurveSeed: " + curve.getSeed()); final ECFieldFp field = (ECFieldFp) curve.getField(); log.debug("CurveSfield: " + field.getP().toString(16)); final ECPoint p = params.getGenerator(); log.debug("Generator: " + p.getAffineX().toString(16) + ", " + p.getAffineY().toString(16)); log.debug("Order: " + params.getOrder().toString(16)); log.debug("CoFactor: " + params.getCofactor()); } ret = params; } else if (pk instanceof JCEECPublicKey) { log.debug("getKeyGenSpec: JCEECPublicKey"); final JCEECPublicKey ecpub = (JCEECPublicKey) pk; final org.bouncycastle.jce.spec.ECParameterSpec bcsp = ecpub.getParameters(); final ECCurve curve = bcsp.getCurve(); // TODO: this probably does not work for key generation with the Sun PKCS#11 provider. Maybe seed needs to be set to null as above? Or // something else, the BC curve is it the same? final ECParameterSpec params = new ECNamedCurveSpec(null, curve, bcsp.getG(), bcsp.getN(), bcsp.getH()); ret = params; // EllipticCurve ecc = new EllipticCurve(curve.) // ECParameterSpec sp = new ECParameterSpec(, bcsp.getG(), bcsp.getN(), bcsp.getH().intValue()); } return ret; }
From source file:org.ejbca.util.keystore.KeyTools.java
/** * Gets the key length of supported keys * @param pk PublicKey used to derive the keysize * @return -1 if key is unsupported, otherwise a number >= 0. 0 usually means the length can not be calculated, * for example if the key is an EC key and the "implicitlyCA" encoding is used. *///from www. ja v a 2 s . c o m public static int getKeyLength(final PublicKey pk) { int len = -1; if (pk instanceof RSAPublicKey) { final RSAPublicKey rsapub = (RSAPublicKey) pk; len = rsapub.getModulus().bitLength(); } else if (pk instanceof JCEECPublicKey) { final JCEECPublicKey ecpriv = (JCEECPublicKey) pk; final org.bouncycastle.jce.spec.ECParameterSpec spec = ecpriv.getParameters(); if (spec != null) { len = spec.getN().bitLength(); } else { // We support the key, but we don't know the key length len = 0; } } else if (pk instanceof ECPublicKey) { final ECPublicKey ecpriv = (ECPublicKey) pk; final java.security.spec.ECParameterSpec spec = ecpriv.getParams(); if (spec != null) { len = spec.getOrder().bitLength(); // does this really return something we expect? } else { // We support the key, but we don't know the key length len = 0; } } else if (pk instanceof DSAPublicKey) { final DSAPublicKey dsapub = (DSAPublicKey) pk; if (dsapub.getParams() != null) { len = dsapub.getParams().getP().bitLength(); } else { len = dsapub.getY().bitLength(); } } return len; }
From source file:org.ejbca.util.keystore.KeyTools.java
/** * Gets the key AlgorithmParameterSpec of supported keys. Can be used to initialize a KeyPairGenerator to generate a key of equal type and size. * @param pk PublicKey used to derive the AlgorithmParameterSpec * @return null if key is unsupported or pk is null, otherwise a AlgorithmParameterSpec. *///from www. ja v a2 s . c o m public static AlgorithmParameterSpec getKeyGenSpec(final PublicKey pk) { if (pk == null) { return null; } AlgorithmParameterSpec ret = null; if (pk instanceof RSAPublicKey) { log.debug("getKeyGenSpec: RSA"); final RSAPublicKey rpk = (RSAPublicKey) pk; ret = new RSAKeyGenParameterSpec(getKeyLength(pk), rpk.getPublicExponent()); } else if (pk instanceof DSAPublicKey) { log.debug("getKeyGenSpec: DSA"); final DSAPublicKey dpk = (DSAPublicKey) pk; final DSAParams params = dpk.getParams(); ret = new DSAParameterSpec(params.getP(), params.getQ(), params.getG()); } else if (pk instanceof ECPublicKey) { log.debug("getKeyGenSpec: ECPublicKey"); final ECPublicKey ecpub = (ECPublicKey) pk; final java.security.spec.ECParameterSpec sunsp = ecpub.getParams(); final EllipticCurve ecurve = new EllipticCurve(sunsp.getCurve().getField(), sunsp.getCurve().getA(), sunsp.getCurve().getB()); //ECParameterSpec par = new ECNamedCurveSpec(null, sunsp.getCurve(), sunsp.getGenerator(), sunsp.getOrder(), BigInteger.valueOf(sunsp.getCofactor())); final ECParameterSpec params = new ECParameterSpec(ecurve, sunsp.getGenerator(), sunsp.getOrder(), sunsp.getCofactor()); if (log.isDebugEnabled()) { log.debug("Fieldsize: " + params.getCurve().getField().getFieldSize()); final EllipticCurve curve = params.getCurve(); log.debug("CurveA: " + curve.getA().toString(16)); log.debug("CurveB: " + curve.getB().toString(16)); log.debug("CurveSeed: " + curve.getSeed()); final ECFieldFp field = (ECFieldFp) curve.getField(); log.debug("CurveSfield: " + field.getP().toString(16)); final ECPoint p = params.getGenerator(); log.debug("Generator: " + p.getAffineX().toString(16) + ", " + p.getAffineY().toString(16)); log.debug("Order: " + params.getOrder().toString(16)); log.debug("CoFactor: " + params.getCofactor()); } ret = params; } else if (pk instanceof JCEECPublicKey) { log.debug("getKeyGenSpec: JCEECPublicKey"); final JCEECPublicKey ecpub = (JCEECPublicKey) pk; final org.bouncycastle.jce.spec.ECParameterSpec bcsp = ecpub.getParameters(); final ECCurve curve = bcsp.getCurve(); //TODO: this probably does not work for key generation with the Sun PKCS#11 provider. Maybe seed needs to be set to null as above? Or something else, the BC curve is it the same? final ECParameterSpec params = new ECNamedCurveSpec(null, curve, bcsp.getG(), bcsp.getN(), bcsp.getH()); ret = params; //EllipticCurve ecc = new EllipticCurve(curve.) //ECParameterSpec sp = new ECParameterSpec(, bcsp.getG(), bcsp.getN(), bcsp.getH().intValue()); } return ret; }