package org.bouncycastle.jce.provider;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.math.BigInteger;
import java.security.interfaces.ECPrivateKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.EllipticCurve;
import java.util.Enumeration;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.sec.ECPrivateKeyStructure;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962Parameters;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.jce.interfaces.ECPointEncoder;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
import org.bouncycastle.jce.provider.asymmetric.ec.EC5Util;
import org.bouncycastle.jce.provider.asymmetric.ec.ECUtil;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.math.ec.ECCurve;
public class JCEECPrivateKey
implements ECPrivateKey, org.bouncycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder
{
private String algorithm = "EC";
private BigInteger d;
private ECParameterSpec ecSpec;
private boolean withCompression;
private DERBitString publicKey;
private PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
protected JCEECPrivateKey()
{
}
public JCEECPrivateKey(
ECPrivateKey key)
{
this.d = key.getS();
this.algorithm = key.getAlgorithm();
this.ecSpec = key.getParams();
}
public JCEECPrivateKey(
String algorithm,
org.bouncycastle.jce.spec.ECPrivateKeySpec spec)
{
this.algorithm = algorithm;
this.d = spec.getD();
if (spec.getParams() != null) // can be null if implicitlyCA
{
ECCurve curve = spec.getParams().getCurve();
EllipticCurve ellipticCurve;
ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
}
else
{
this.ecSpec = null;
}
}
public JCEECPrivateKey(
String algorithm,
ECPrivateKeySpec spec)
{
this.algorithm = algorithm;
this.d = spec.getS();
this.ecSpec = spec.getParams();
}
public JCEECPrivateKey(
String algorithm,
JCEECPrivateKey key)
{
this.algorithm = algorithm;
this.d = key.d;
this.ecSpec = key.ecSpec;
this.withCompression = key.withCompression;
this.attrCarrier = key.attrCarrier;
this.publicKey = key.publicKey;
}
public JCEECPrivateKey(
String algorithm,
ECPrivateKeyParameters params,
JCEECPublicKey pubKey,
ECParameterSpec spec)
{
ECDomainParameters dp = params.getParameters();
this.algorithm = algorithm;
this.d = params.getD();
if (spec == null)
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
dp.getG().getX().toBigInteger(),
dp.getG().getY().toBigInteger()),
dp.getN(),
dp.getH().intValue());
}
else
{
this.ecSpec = spec;
}
publicKey = getPublicKeyDetails(pubKey);
}
public JCEECPrivateKey(
String algorithm,
ECPrivateKeyParameters params,
JCEECPublicKey pubKey,
org.bouncycastle.jce.spec.ECParameterSpec spec)
{
ECDomainParameters dp = params.getParameters();
this.algorithm = algorithm;
this.d = params.getD();
if (spec == null)
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
dp.getG().getX().toBigInteger(),
dp.getG().getY().toBigInteger()),
dp.getN(),
dp.getH().intValue());
}
else
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
spec.getG().getX().toBigInteger(),
spec.getG().getY().toBigInteger()),
spec.getN(),
spec.getH().intValue());
}
publicKey = getPublicKeyDetails(pubKey);
}
public JCEECPrivateKey(
String algorithm,
ECPrivateKeyParameters params)
{
this.algorithm = algorithm;
this.d = params.getD();
this.ecSpec = null;
}
JCEECPrivateKey(
PrivateKeyInfo info)
{
populateFromPrivKeyInfo(info);
}
private void populateFromPrivKeyInfo(PrivateKeyInfo info)
{
X962Parameters params = new X962Parameters((DERObject)info.getAlgorithmId().getParameters());
if (params.isNamedCurve())
{
DERObjectIdentifier oid = (DERObjectIdentifier)params.getParameters();
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
if (ecP == null) // GOST Curve
{
ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
ecSpec = new ECNamedCurveSpec(
ECGOST3410NamedCurves.getName(oid),
ellipticCurve,
new ECPoint(
gParam.getG().getX().toBigInteger(),
gParam.getG().getY().toBigInteger()),
gParam.getN(),
gParam.getH());
}
else
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
ecSpec = new ECNamedCurveSpec(
ECUtil.getCurveName(oid),
ellipticCurve,
new ECPoint(
ecP.getG().getX().toBigInteger(),
ecP.getG().getY().toBigInteger()),
ecP.getN(),
ecP.getH());
}
}
else if (params.isImplicitlyCA())
{
ecSpec = null;
}
else
{
X9ECParameters ecP = new X9ECParameters((ASN1Sequence)params.getParameters());
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
ecP.getG().getX().toBigInteger(),
ecP.getG().getY().toBigInteger()),
ecP.getN(),
ecP.getH().intValue());
}
if (info.getPrivateKey() instanceof DERInteger)
{
DERInteger derD = (DERInteger)info.getPrivateKey();
this.d = derD.getValue();
}
else
{
ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence)info.getPrivateKey());
this.d = ec.getKey();
this.publicKey = ec.getPublicKey();
}
}
public String getAlgorithm()
{
return algorithm;
}
/**
* return the encoding format we produce in getEncoded().
*
* @return the string "PKCS#8"
*/
public String getFormat()
{
return "PKCS#8";
}
/**
* Return a PKCS8 representation of the key. The sequence returned
* represents a full PrivateKeyInfo object.
*
* @return a PKCS8 representation of the key.
*/
public byte[] getEncoded()
{
X962Parameters params;
if (ecSpec instanceof ECNamedCurveSpec)
{
DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
if (curveOid == null) // guess it's the OID
{
curveOid = new DERObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
}
params = new X962Parameters(curveOid);
}
else if (ecSpec == null)
{
params = new X962Parameters(DERNull.INSTANCE);
}
else
{
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(
curve,
EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
ecSpec.getOrder(),
BigInteger.valueOf(ecSpec.getCofactor()),
ecSpec.getCurve().getSeed());
params = new X962Parameters(ecP);
}
PrivateKeyInfo info;
ECPrivateKeyStructure keyStructure;
if (publicKey != null)
{
keyStructure = new ECPrivateKeyStructure(this.getS(), publicKey, params);
}
else
{
keyStructure = new ECPrivateKeyStructure(this.getS(), params);
}
if (algorithm.equals("ECGOST3410"))
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.getDERObject()), keyStructure.getDERObject());
}
else
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), keyStructure.getDERObject());
}
return info.getDEREncoded();
}
public ECParameterSpec getParams()
{
return ecSpec;
}
public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
{
if (ecSpec == null)
{
return null;
}
return EC5Util.convertSpec(ecSpec, withCompression);
}
org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
{
if (ecSpec != null)
{
return EC5Util.convertSpec(ecSpec, withCompression);
}
return ProviderUtil.getEcImplicitlyCa();
}
public BigInteger getS()
{
return d;
}
public BigInteger getD()
{
return d;
}
public void setBagAttribute(
DERObjectIdentifier oid,
DEREncodable attribute)
{
attrCarrier.setBagAttribute(oid, attribute);
}
public DEREncodable getBagAttribute(
DERObjectIdentifier oid)
{
return attrCarrier.getBagAttribute(oid);
}
public Enumeration getBagAttributeKeys()
{
return attrCarrier.getBagAttributeKeys();
}
public void setPointFormat(String style)
{
withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
}
public boolean equals(Object o)
{
if (!(o instanceof JCEECPrivateKey))
{
return false;
}
JCEECPrivateKey other = (JCEECPrivateKey)o;
return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec()));
}
public int hashCode()
{
return getD().hashCode() ^ engineGetSpec().hashCode();
}
public String toString()
{
StringBuffer buf = new StringBuffer();
String nl = System.getProperty("line.separator");
buf.append("EC Private Key").append(nl);
buf.append(" S: ").append(this.d.toString(16)).append(nl);
return buf.toString();
}
private DERBitString getPublicKeyDetails(JCEECPublicKey pub)
{
try
{
SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Object.fromByteArray(pub.getEncoded()));
return info.getPublicKeyData();
}
catch (IOException e)
{ // should never happen
return null;
}
}
private void readObject(
ObjectInputStream in)
throws IOException, ClassNotFoundException
{
byte[] enc = (byte[])in.readObject();
populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Object.fromByteArray(enc)));
this.algorithm = (String)in.readObject();
this.withCompression = in.readBoolean();
this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
attrCarrier.readObject(in);
}
private void writeObject(
ObjectOutputStream out)
throws IOException
{
out.writeObject(this.getEncoded());
out.writeObject(algorithm);
out.writeBoolean(withCompression);
attrCarrier.writeObject(out);
}
}