/** * Get the public key algorithm. * * @return the public key algorithm name */ public String getAlgorithm() { return publicKey.getAlgorithm(); }
@Override public String getAlgorithm() { return publicKey.getAlgorithm(); }
@SuppressWarnings("unchecked") static Certificate<PublicKey> toCertificate(PublicKey key) { if (!(key instanceof Certificate)) { throw new UnsupportedOperationException("Can't convert non-certificate key " + key.getAlgorithm() + " to certificate"); } return ((Certificate<PublicKey>) key); }
public String getAlgorithm() { return keyPair.getPublic().getAlgorithm(); }
/** * Returns the names of JAR entries which this signer will produce as part of v1 signature. */ public static Set<String> getOutputEntryNames(List<SignerConfig> signerConfigs) { Set<String> result = new HashSet<>(2 * signerConfigs.size() + 1); for (SignerConfig signerConfig : signerConfigs) { String signerName = signerConfig.name; result.add("META-INF/" + signerName + ".SF"); PublicKey publicKey = signerConfig.certificates.get(0).getPublicKey(); String signatureBlockFileName = "META-INF/" + signerName + "." + publicKey.getAlgorithm().toUpperCase(Locale.US); result.add(signatureBlockFileName); } result.add(MANIFEST_ENTRY_NAME); return result; }
/** * Creates a {@link EncrypterImpl} with the given {@link PublicKey} for use with "RSA"-based * asymmetric encryption. */ public Encrypter create(PublicKey key) { Preconditions.checkArgument(key.getAlgorithm().equals("RSA")); return new EncrypterImpl("RSA/ECB/PKCS1Padding", key, monitor); }
/** * Creates a {@link DecrypterImpl} with the given {@link PublicKey} for use with "RSA"-based * asymmetric encryption. */ public Decrypter create(PublicKey key) { Preconditions.checkArgument(key.getAlgorithm().equals("RSA")); return new DecrypterImpl("RSA/ECB/PKCS1Padding", key, monitor); }
/** * Get the certificate public key algorithm. * * @return the certificate public key algorithm (not {@code null}) */ public String getAlgorithm() { return getFirstCertificate().getPublicKey().getAlgorithm(); }
public String getAlgorithm() { return getFirstCertificate().getPublicKey().getAlgorithm(); }
private static String getJcaSignatureAlgorithm( PublicKey publicKey, DigestAlgorithm digestAlgorithm) throws InvalidKeyException { String keyAlgorithm = publicKey.getAlgorithm(); String digestPrefixForSigAlg; switch (digestAlgorithm) { case SHA1: digestPrefixForSigAlg = "SHA1"; break; case SHA256: digestPrefixForSigAlg = "SHA256"; break; default: throw new IllegalArgumentException( "Unexpected digest algorithm: " + digestAlgorithm); } if ("RSA".equalsIgnoreCase(keyAlgorithm)) { return digestPrefixForSigAlg + "withRSA"; } else if ("DSA".equalsIgnoreCase(keyAlgorithm)) { return digestPrefixForSigAlg + "withDSA"; } else if ("EC".equalsIgnoreCase(keyAlgorithm)) { return digestPrefixForSigAlg + "withECDSA"; } else { throw new InvalidKeyException("Unsupported key algorithm: " + keyAlgorithm); } } }
private static List<Identity> getSshIdentities(final Optional<AgentProxy> agentProxyOpt) { // ssh identities (potentially) used in authentication final ImmutableList.Builder<Identity> listBuilder = ImmutableList.builder(); if (agentProxyOpt.isPresent()) { try { final List<Identity> identities = agentProxyOpt.get().list(); for (final Identity identity : identities) { if (identity.getPublicKey().getAlgorithm().equals("RSA")) { // only RSA keys will work with our TLS implementation listBuilder.add(identity); } } } catch (Exception e) { // We catch everything because right now the masters do not require authentication. // So delay reporting errors to the user until the servers return 401 Unauthorized. log.debug("Unable to get identities from ssh-agent. Note that this might not indicate" + " an actual problem unless your Helios cluster requires authentication" + " for all requests.", e); } } return listBuilder.build(); }
byte[] fingerprint = md.digest(); String keyAlgorithm = publicKey.getAlgorithm(); Cipher keyCipher = Cipher.getInstance(keyAlgorithm); if (_secureRandom != null)
String keyAlgorithm = signingKey.getAlgorithm(); if ("RSA".equalsIgnoreCase(keyAlgorithm)) {
/** * Construct a new instance. * * @param privateKey the private key (not {@code null}) * @param certificateChain the certificate chain (not {@code null}, cannot contain {@code null} elements) */ public X509CertificateChainPrivateCredential(final PrivateKey privateKey, final X509Certificate... certificateChain) { super(certificateChain); Assert.checkNotNullParam("privateKey", privateKey); if (! getFirstCertificate().getPublicKey().getAlgorithm().equals(privateKey.getAlgorithm())) { throw ElytronMessages.log.mismatchedPublicPrivateKeyAlgorithms(); } /* * Where keys from PKCS#11 are in use we can not guarantee to convert them to a comparable parameter spec * which leads to the check below returning false - the most we can check is matching algorithms which are checked above. */ //if (! KeyUtil.hasSameParameters(getFirstCertificate().getPublicKey(), privateKey)) { // throw ElytronMessages.log.mismatchedPublicPrivateKeyParameters(); //} this.privateKey = privateKey; }
private static byte[] encodePublicKey(PublicKey publicKey) throws InvalidKeyException { byte[] encodedPublicKey = null; if ("X.509".equals(publicKey.getFormat())) { encodedPublicKey = publicKey.getEncoded(); } if (encodedPublicKey == null) { try { encodedPublicKey = KeyFactory.getInstance(publicKey.getAlgorithm()) .getKeySpec(publicKey, X509EncodedKeySpec.class) .getEncoded(); } catch (NoSuchAlgorithmException e) { throw new InvalidKeyException( "Failed to obtain X.509 encoded form of public key " + publicKey + " of class " + publicKey.getClass().getName(), e); } catch (InvalidKeySpecException e) { throw new InvalidKeyException( "Failed to obtain X.509 encoded form of public key " + publicKey + " of class " + publicKey.getClass().getName(), e); } } if ((encodedPublicKey == null) || (encodedPublicKey.length == 0)) { throw new InvalidKeyException( "Failed to obtain X.509 encoded form of public key " + publicKey + " of class " + publicKey.getClass().getName()); } return encodedPublicKey; }
clientCert.getPublicKey().getAlgorithm()); } catch (CertificateException ce) { LOG.error("Failed to trust certificate for session 0x" +
/** * Construct a new instance. * * @param keyPair the key pair (may not be {@code null}) */ public KeyPairCredential(final KeyPair keyPair) { Assert.checkNotNullParam("keyPair", keyPair); final PublicKey publicKey = keyPair.getPublic(); if (publicKey == null) { throw ElytronMessages.log.publicKeyIsNull(); } final PrivateKey privateKey = keyPair.getPrivate(); if (privateKey == null) { throw ElytronMessages.log.privateKeyIsNull(); } if (! publicKey.getAlgorithm().equals(privateKey.getAlgorithm())) { throw ElytronMessages.log.mismatchedPublicPrivateKeyAlgorithms(); } if (! KeyUtil.hasSameParameters(publicKey, privateKey)) { throw ElytronMessages.log.mismatchedPublicPrivateKeyParameters(); } this.keyPair = keyPair; }
static JsonObject getJwk(PublicKey publicKey, String algHeader) { if (publicKey instanceof RSAPublicKey) { RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; return Json.createObjectBuilder() .add(EXPONENT, base64UrlEncode(rsaPublicKey.getPublicExponent().toByteArray())) .add(KEY_TYPE, "RSA") .add(MODULUS, base64UrlEncode(modulusToByteArray(rsaPublicKey.getModulus()))) .build(); } else if (publicKey instanceof ECPublicKey) { ECPublicKey ecPublicKey = (ECPublicKey) publicKey; int fieldSize = ecPublicKey.getParams().getCurve().getField().getFieldSize(); return Json.createObjectBuilder() .add(CURVE, getCurveParameterFromAlgHeader(algHeader)) .add(KEY_TYPE, "EC") .add(X_COORDINATE, base64UrlEncode(coordinateToByteArray(fieldSize, ecPublicKey.getW().getAffineX()))) .add(Y_COORDINATE, base64UrlEncode(coordinateToByteArray(fieldSize, ecPublicKey.getW().getAffineY()))) .build(); } else { throw acme.unsupportedAcmeAccountPublicKeyType(publicKey.getAlgorithm()); } }
/** * Generate PEM content containing a {@link PublicKey}. * * @param target the target byte string builder (must not be {@code null}) * @param publicKey the {@link PublicKey} (must not be {@code null}) */ public static void generatePemPublicKey(ByteStringBuilder target, PublicKey publicKey) { Assert.checkNotNullParam("target", target); Assert.checkNotNullParam("publicKey", publicKey); try { KeyFactory instance = KeyFactory.getInstance(publicKey.getAlgorithm()); X509EncodedKeySpec keySpec = instance.getKeySpec(publicKey, X509EncodedKeySpec.class); generatePemContent(target, PUBLIC_KEY_FORMAT, ByteIterator.ofBytes(keySpec.getEncoded())); } catch (Exception e) { throw log.publicKeyParseError(e); } }
@Test public void shouldSuccessfullyLoadSignedDSAPublicKey() throws IOException { FileKeyProvider keyFile = new OpenSSHKeyFile(); keyFile.init(new File("src/test/resources/keytypes/certificate/test_dsa"), PasswordUtils.createOneOff(correctPassphrase)); assertNotNull(keyFile.getPrivate()); PublicKey pubKey = keyFile.getPublic(); assertEquals("DSA", pubKey.getAlgorithm()); @SuppressWarnings("unchecked") Certificate<RSAPublicKey> certificate = (Certificate<RSAPublicKey>) pubKey; assertEquals(new BigInteger("123"), certificate.getSerial()); assertEquals("testdsa", certificate.getId()); assertEquals(1, certificate.getValidPrincipals().size()); assertTrue(certificate.getValidPrincipals().contains("jeroen")); assertEquals(parseDate("2017-04-11 17:37:00 -0400"), certificate.getValidAfter()); assertEquals(parseDate("2017-04-12 03:38:49 -0400"), certificate.getValidBefore()); assertEquals(1, certificate.getCritOptions().size()); assertEquals("10.0.0.0/8", certificate.getCritOptions().get("source-address")); assertEquals(1, certificate.getExtensions().size()); assertEquals("", certificate.getExtensions().get("permit-pty")); }