org.bouncycastle.jce.provider.JCEECPublicKey Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bcprov-ext-debug-jdk18on Show documentation
Show all versions of bcprov-ext-debug-jdk18on Show documentation
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for Java 1.8 and later with debug enabled.
The newest version!
package org.bouncycastle.jce.provider;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.math.BigInteger;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import org.bouncycastle.asn1.ASN1BitString;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962Parameters;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.asn1.x9.X9ECPoint;
import org.bouncycastle.asn1.x9.X9IntegerConverter;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
import org.bouncycastle.jce.interfaces.ECPointEncoder;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.math.ec.ECCurve;
import org.bouncycastle.util.Strings;
public class JCEECPublicKey
implements ECPublicKey, org.bouncycastle.jce.interfaces.ECPublicKey, ECPointEncoder
{
private String algorithm = "EC";
private org.bouncycastle.math.ec.ECPoint q;
private ECParameterSpec ecSpec;
private boolean withCompression;
private GOST3410PublicKeyAlgParameters gostParams;
public JCEECPublicKey(
String algorithm,
JCEECPublicKey key)
{
this.algorithm = algorithm;
this.q = key.q;
this.ecSpec = key.ecSpec;
this.withCompression = key.withCompression;
this.gostParams = key.gostParams;
}
public JCEECPublicKey(
String algorithm,
ECPublicKeySpec spec)
{
this.algorithm = algorithm;
this.ecSpec = spec.getParams();
this.q = EC5Util.convertPoint(ecSpec, spec.getW());
}
public JCEECPublicKey(
String algorithm,
org.bouncycastle.jce.spec.ECPublicKeySpec spec)
{
this.algorithm = algorithm;
this.q = spec.getQ();
if (spec.getParams() != null) // can be null if implictlyCa
{
ECCurve curve = spec.getParams().getCurve();
EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
}
else
{
if (q.getCurve() == null)
{
org.bouncycastle.jce.spec.ECParameterSpec s = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
q = s.getCurve().createPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger());
}
this.ecSpec = null;
}
}
public JCEECPublicKey(
String algorithm,
ECPublicKeyParameters params,
ECParameterSpec spec)
{
ECDomainParameters dp = params.getParameters();
this.algorithm = algorithm;
this.q = params.getQ();
if (spec == null)
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
this.ecSpec = createSpec(ellipticCurve, dp);
}
else
{
this.ecSpec = spec;
}
}
public JCEECPublicKey(
String algorithm,
ECPublicKeyParameters params,
org.bouncycastle.jce.spec.ECParameterSpec spec)
{
ECDomainParameters dp = params.getParameters();
this.algorithm = algorithm;
this.q = params.getQ();
if (spec == null)
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
this.ecSpec = createSpec(ellipticCurve, dp);
}
else
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec);
}
}
/*
* called for implicitCA
*/
public JCEECPublicKey(
String algorithm,
ECPublicKeyParameters params)
{
this.algorithm = algorithm;
this.q = params.getQ();
this.ecSpec = null;
}
private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp)
{
return new ECParameterSpec(
ellipticCurve,
EC5Util.convertPoint(dp.getG()),
dp.getN(),
dp.getH().intValue());
}
public JCEECPublicKey(
ECPublicKey key)
{
this.algorithm = key.getAlgorithm();
this.ecSpec = key.getParams();
this.q = EC5Util.convertPoint(this.ecSpec, key.getW());
}
JCEECPublicKey(
SubjectPublicKeyInfo info)
{
populateFromPubKeyInfo(info);
}
private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
{
AlgorithmIdentifier algID = info.getAlgorithm();
if (algID.getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001))
{
ASN1BitString bits = info.getPublicKeyData();
ASN1OctetString key;
this.algorithm = "ECGOST3410";
try
{
key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
}
catch (IOException ex)
{
throw new IllegalArgumentException("error recovering public key");
}
byte[] keyEnc = key.getOctets();
byte[] x9Encoding = new byte[65];
x9Encoding[0] = 0x04;
for (int i = 1; i <= 32; ++i)
{
x9Encoding[i ] = keyEnc[32 - i];
x9Encoding[i + 32] = keyEnc[64 - i];
}
gostParams = GOST3410PublicKeyAlgParameters.getInstance(algID.getParameters());
ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
ECCurve curve = spec.getCurve();
EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
this.q = curve.decodePoint(x9Encoding);
ecSpec = new ECNamedCurveSpec(
ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
ellipticCurve,
EC5Util.convertPoint(spec.getG()),
spec.getN(),
spec.getH());
}
else
{
X962Parameters params = X962Parameters.getInstance(algID.getParameters());
ECCurve curve;
EllipticCurve ellipticCurve;
if (params.isNamedCurve())
{
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)params.getParameters();
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
curve = ecP.getCurve();
ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
ecSpec = new ECNamedCurveSpec(
ECUtil.getCurveName(oid),
ellipticCurve,
EC5Util.convertPoint(ecP.getG()),
ecP.getN(),
ecP.getH());
}
else if (params.isImplicitlyCA())
{
ecSpec = null;
curve = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getCurve();
}
else
{
X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
curve = ecP.getCurve();
ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
this.ecSpec = new ECParameterSpec(
ellipticCurve,
EC5Util.convertPoint(ecP.getG()),
ecP.getN(),
ecP.getH().intValue());
}
ASN1BitString bits = info.getPublicKeyData();
byte[] data = bits.getBytes();
ASN1OctetString key = new DEROctetString(data);
//
// extra octet string - one of our old certs...
//
if (data[0] == 0x04 && data[1] == data.length - 2
&& (data[2] == 0x02 || data[2] == 0x03))
{
int qLength = new X9IntegerConverter().getByteLength(curve);
if (qLength >= data.length - 3)
{
try
{
key = (ASN1OctetString) ASN1Primitive.fromByteArray(data);
}
catch (IOException ex)
{
throw new IllegalArgumentException("error recovering public key");
}
}
}
X9ECPoint derQ = new X9ECPoint(curve, key);
this.q = derQ.getPoint();
}
}
public String getAlgorithm()
{
return algorithm;
}
public String getFormat()
{
return "X.509";
}
public byte[] getEncoded()
{
ASN1Encodable params;
SubjectPublicKeyInfo info;
if (algorithm.equals("ECGOST3410"))
{
if (gostParams != null)
{
params = gostParams;
}
else
{
if (ecSpec instanceof ECNamedCurveSpec)
{
params = new GOST3410PublicKeyAlgParameters(
ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
}
else
{ // strictly speaking this may not be applicable...
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(
curve,
new X9ECPoint(EC5Util.convertPoint(curve, ecSpec.getGenerator()), withCompression),
ecSpec.getOrder(),
BigInteger.valueOf(ecSpec.getCofactor()),
ecSpec.getCurve().getSeed());
params = new X962Parameters(ecP);
}
}
BigInteger bX = this.q.getAffineXCoord().toBigInteger();
BigInteger bY = this.q.getAffineYCoord().toBigInteger();
byte[] encKey = new byte[64];
extractBytes(encKey, 0, bX);
extractBytes(encKey, 32, bY);
try
{
info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
}
catch (IOException e)
{
return null;
}
}
else
{
if (ecSpec instanceof ECNamedCurveSpec)
{
ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
if (curveOid == null)
{
curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
}
params = new X962Parameters(curveOid);
}
else if (ecSpec == null)
{
params = new X962Parameters(DERNull.INSTANCE);
}
else
{
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(
curve,
new X9ECPoint(EC5Util.convertPoint(curve, ecSpec.getGenerator()), withCompression),
ecSpec.getOrder(),
BigInteger.valueOf(ecSpec.getCofactor()),
ecSpec.getCurve().getSeed());
params = new X962Parameters(ecP);
}
byte[] pubKeyOctets = this.getQ().getEncoded(withCompression);
info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), pubKeyOctets);
}
return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
}
private void extractBytes(byte[] encKey, int offSet, BigInteger bI)
{
byte[] val = bI.toByteArray();
if (val.length < 32)
{
byte[] tmp = new byte[32];
System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
val = tmp;
}
for (int i = 0; i != 32; i++)
{
encKey[offSet + i] = val[val.length - 1 - i];
}
}
public ECParameterSpec getParams()
{
return ecSpec;
}
public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
{
if (ecSpec == null) // implictlyCA
{
return null;
}
return EC5Util.convertSpec(ecSpec);
}
public ECPoint getW()
{
return EC5Util.convertPoint(q);
}
public org.bouncycastle.math.ec.ECPoint getQ()
{
if (ecSpec == null)
{
return q.getDetachedPoint();
}
return q;
}
public org.bouncycastle.math.ec.ECPoint engineGetQ()
{
return q;
}
org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
{
if (ecSpec != null)
{
return EC5Util.convertSpec(ecSpec);
}
return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
}
public String toString()
{
StringBuffer buf = new StringBuffer();
String nl = Strings.lineSeparator();
buf.append("EC Public Key").append(nl);
buf.append(" X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl);
buf.append(" Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl);
return buf.toString();
}
public void setPointFormat(String style)
{
withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
}
public boolean equals(Object o)
{
if (!(o instanceof JCEECPublicKey))
{
return false;
}
JCEECPublicKey other = (JCEECPublicKey)o;
return engineGetQ().equals(other.engineGetQ()) && (engineGetSpec().equals(other.engineGetSpec()));
}
public int hashCode()
{
return engineGetQ().hashCode() ^ engineGetSpec().hashCode();
}
private void readObject(
ObjectInputStream in)
throws IOException, ClassNotFoundException
{
byte[] enc = (byte[])in.readObject();
populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
this.algorithm = (String)in.readObject();
this.withCompression = in.readBoolean();
}
private void writeObject(
ObjectOutputStream out)
throws IOException
{
out.writeObject(this.getEncoded());
out.writeObject(algorithm);
out.writeBoolean(withCompression);
}
}