@Override public EncryptionAlgorithm getEncryptionAlgorithm() { String encryptionAlgoUsedToSignThisToken = getEncryptionAlgoUsedToSignThisToken(); return EncryptionAlgorithm.forName(encryptionAlgoUsedToSignThisToken, null); }
private byte[] signDigest(byte[] digestToSign) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException { logger.debug("Signing digest"); PrivateKey privateKey = privateKeyEntry.getPrivateKey(); EncryptionAlgorithm encryptionAlgorithm = privateKeyEntry.getEncryptionAlgorithm(); String signatureAlgorithm = "NONEwith" + encryptionAlgorithm.getName(); return invokeSigning(digestToSign, privateKey, signatureAlgorithm); }
@Test public void getPublicKeyEncryptionAlgo() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/BA-QC-Wurzel-CA-2_PN.txt")); assertEquals(EncryptionAlgorithm.RSA, EncryptionAlgorithm.forKey(certificate.getPublicKey())); }
@Test public void getPublicKeyEncryptionAlgoECDSA() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/ecdsa.cer")); assertEquals(EncryptionAlgorithm.ECDSA, EncryptionAlgorithm.forKey(certificate.getPublicKey())); }
@Override public byte[] sign(DigestAlgorithm digestAlgorithm, byte[] dataToSign){ if (privateKeyEntry != null){ String encryptionAlg = privateKeyEntry.getEncryptionAlgorithm().getName(); if ("ECDSA".equals(encryptionAlg)){ logger.debug("Sign ECDSA"); return signECDSA(digestAlgorithm, dataToSign); } else if ("RSA".equals(encryptionAlg)){ logger.debug("Sign RSA"); return signRSA(digestAlgorithm, dataToSign); } throw new TechnicalException("Failed to sign with PKCS#11. Encryption Algorithm should be ECDSA or RSA " + "but actually is : " + encryptionAlg); } throw new TechnicalException("privateKeyEntry is null"); }
private KSPrivateKeyEntry findPrivateKey(X509Cert.KeyUsage keyUsage) { logger.debug("Searching key by usage: " + keyUsage.name()); List<DSSPrivateKeyEntry> keys = getPrivateKeyEntries(); X509CertSelector selector = new X509CertSelector(); selector.setKeyUsage(getUsageBitArray(keyUsage)); // TODO: Test this! for (DSSPrivateKeyEntry key : keys) { if (selector.match(key.getCertificate().getCertificate())) { if (label == null || ((KSPrivateKeyEntry) key).getAlias().contains(label)) { logger.debug("... Found key by keyUsage. Key encryption algorithm:" + key.getEncryptionAlgorithm().getName()); return (KSPrivateKeyEntry) key; } } } throw new TechnicalException("Error getting private key entry!"); }