Java Examples for org.bouncycastle.jce.provider.BouncyCastleProvider

The following java examples will help you to understand the usage of org.bouncycastle.jce.provider.BouncyCastleProvider. These source code samples are taken from different open source projects.

Example 1
Project: cloudstore-master  File: BouncyCastleRegistrationUtil.java View source code
public static synchronized void registerBouncyCastleIfNeeded() {
    Provider provider = Security.getProvider("BC");
    if (provider != null)
        return;
    Security.addProvider(new BouncyCastleProvider());
    provider = Security.getProvider("BC");
    if (provider == null)
        throw new IllegalStateException("Registration of BouncyCastleProvider failed!");
}
Example 2
Project: atlas-lb-master  File: SignedFileProcessor.java View source code
public static void main(String[] args) throws Exception {
    Security.addProvider(new BouncyCastleProvider());
    if (args[0].equals("-s")) {
        if (args[1].equals("-a")) {
            FileInputStream keyIn = new FileInputStream(args[3]);
            FileOutputStream out = new FileOutputStream(args[2] + ".asc");
            signFile(args[2], keyIn, out, args[4].toCharArray(), true);
        } else {
            FileInputStream keyIn = new FileInputStream(args[2]);
            FileOutputStream out = new FileOutputStream(args[1] + ".bpg");
            signFile(args[1], keyIn, out, args[3].toCharArray(), false);
        }
    } else if (args[0].equals("-v")) {
        FileInputStream in = new FileInputStream(args[1]);
        FileInputStream keyIn = new FileInputStream(args[2]);
        verifyFile(in, keyIn);
    } else {
        System.err.println("usage: SignedFileProcessor -v|-s [-a] file keyfile [passPhrase]");
    }
}
Example 3
Project: irma_future_id-master  File: KeyPairGeneratorSpi.java View source code
public void initialize(AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException {
    if (params instanceof ECParameterSpec) {
        ECParameterSpec p = (ECParameterSpec) params;
        this.ecParams = p;
        param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), random);
        engine.init(param);
        initialised = true;
    } else if (params instanceof ECNamedCurveGenParameterSpec) {
        String curveName;
        curveName = ((ECNamedCurveGenParameterSpec) params).getName();
        ECDomainParameters ecP = ECGOST3410NamedCurves.getByName(curveName);
        if (ecP == null) {
            throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName);
        }
        this.ecParams = new ECNamedCurveParameterSpec(curveName, ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
        param = new ECKeyGenerationParameters(new ECDomainParameters(ecParams.getCurve(), ecParams.getG(), ecParams.getN()), random);
        engine.init(param);
        initialised = true;
    } else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() != null) {
        ECParameterSpec p = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
        this.ecParams = null;
        param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), random);
        engine.init(param);
        initialised = true;
    } else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() == null) {
        throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
    } else {
        throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName());
    }
}
Example 4
Project: bc-java-master  File: BasicTlsTest.java View source code
public Exception call() throws Exception {
    try {
        TrustManagerFactory trustMgrFact = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
        trustMgrFact.init(trustStore);
        SSLContext clientContext = SSLContext.getInstance("TLS", BouncyCastleJsseProvider.PROVIDER_NAME);
        clientContext.init(null, trustMgrFact.getTrustManagers(), SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
        SSLSocketFactory fact = clientContext.getSocketFactory();
        SSLSocket cSock = (SSLSocket) fact.createSocket(HOST, PORT_NO);
        TestProtocolUtil.doClientProtocol(cSock, "Hello");
    } finally {
        latch.countDown();
    }
    return null;
}
Example 5
Project: dcache-master  File: CertificateFactories.java View source code
/**
     * Returns an X.509 CertificateFactory.
     *
     * @throws RuntimeException if the factory could not be instantiated
     */
public static CertificateFactory newX509CertificateFactory() {
    try {
        return CertificateFactory.getInstance(X_509, BouncyCastleProvider.PROVIDER_NAME);
    } catch (CertificateException e) {
        throw new RuntimeException("Failed to create X.509 certificate factory: " + e.getMessage(), e);
    } catch (NoSuchProviderException e) {
        throw new RuntimeException("Failed to load bouncy castle provider: " + e.getMessage(), e);
    }
}
Example 6
Project: oxAuth-master  File: CertificateParser.java View source code
public static X509Certificate parsePem(String pemEncodedCert) throws CertificateException {
    StringReader sr = new StringReader(pemEncodedCert);
    PEMParser pemReader = new PEMParser(sr);
    try {
        X509CertificateHolder certificateHolder = ((X509CertificateHolder) pemReader.readObject());
        if (certificateHolder == null) {
            return null;
        }
        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(certificateHolder);
        return cert;
    } catch (IOException ex) {
        throw new CertificateException(ex);
    } finally {
        IOUtils.closeQuietly(pemReader);
    }
}
Example 7
Project: uma-master  File: CertificateParser.java View source code
public static X509Certificate parsePem(String pemEncodedCert) throws CertificateException {
    StringReader sr = new StringReader(pemEncodedCert);
    PEMParser pemReader = new PEMParser(sr);
    try {
        X509CertificateHolder certificateHolder = ((X509CertificateHolder) pemReader.readObject());
        if (certificateHolder == null) {
            return null;
        }
        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(certificateHolder);
        return cert;
    } catch (IOException ex) {
        throw new CertificateException(ex);
    } finally {
        IOUtils.closeQuietly(pemReader);
    }
}
Example 8
Project: thundernetwork-master  File: AuthenticationHandlerTest.java View source code
@Before
public void prepare() throws PropertyVetoException, SQLException {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    node1.isServer = false;
    node2.isServer = true;
    contextFactory1 = new MockContextFactory(nodeServer1);
    contextFactory2 = new MockContextFactory(nodeServer2);
    node1.ephemeralKeyClient = node2.ephemeralKeyServer;
    node2.ephemeralKeyClient = node1.ephemeralKeyServer;
    node1.ecdhKeySet = ECDH.getSharedSecret(node1.ephemeralKeyServer, node1.ephemeralKeyClient);
    node2.ecdhKeySet = ECDH.getSharedSecret(node2.ephemeralKeyServer, node2.ephemeralKeyClient);
    channel1 = new EmbeddedChannel(new ProcessorHandler(contextFactory1.getAuthenticationProcessor(node1), "Encryption1"));
    channel2 = new EmbeddedChannel(new ProcessorHandler(contextFactory2.getAuthenticationProcessor(node2), "Encryption2"));
    Message m = (Message) channel2.readOutbound();
    assertNull(m);
}
Example 9
Project: MSEC-master  File: Tools.java View source code
public static PrivateKey loadPrivKeyFromFile(String filename) {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    try {
        FileReader fr = new FileReader(filename);
        PEMReader pr = new PEMReader(fr);
        KeyPair key = (KeyPair) (pr.readObject());
        pr.close();
        fr.close();
        return key.getPrivate();
    } catch (Exception e) {
        e.printStackTrace();
        return null;
    }
}
Example 10
Project: AcademicTorrents-Downloader-master  File: CryptoECCUtils.java View source code
public static KeyPair createKeys() throws CryptoManagerException {
    try {
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
        keyGen.initialize(ECCparam);
        return keyGen.genKeyPair();
    } catch (Throwable e) {
        throw (new CryptoManagerException("Failed to create keys", e));
    }
}
Example 11
Project: cryptoapplet-master  File: ConexionTarjeta.java View source code
/**
	 * @param args
	 */
public static KeyStore conectar(char[] pin, String libreria) throws PKCS11Exception, ProviderException {
    KeyStore ks = null;
    try {
        if (Security.getProvider(SUNPCKS11_TOKEN) != null)
            Security.removeProvider(SUNPCKS11_TOKEN);
        String pkcs11config = NAME_IGUAL_TOKEN + LIBRARY_IGUAL + libreria;
        byte[] pkcs11configBytes = pkcs11config.getBytes();
        ByteArrayInputStream configStream = new ByteArrayInputStream(pkcs11configBytes);
        Provider pkcs11Provider = new SunPKCS11(configStream);
        Security.addProvider(new BouncyCastleProvider());
        Security.addProvider(pkcs11Provider);
        ks = KeyStore.getInstance(PKCS11, pkcs11Provider);
        ks.load(null, pin);
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (CertificateException e) {
        e.printStackTrace();
    } catch (IOException e) {
        Throwable t = null;
        if (e.getCause() != null) {
            t = e.getCause();
            if (t.getCause() != null && t.getCause() instanceof PKCS11Exception) {
                PKCS11Exception pke = (PKCS11Exception) t.getCause();
                throw new PKCS11Exception(pke.getErrorCode());
            }
        }
    } catch (KeyStoreException e) {
        throw new PKCS11Exception(-1);
    } catch (ProviderException e) {
        if (e.getCause() != null) {
            Throwable t = e.getCause();
            if (t instanceof PKCS11Exception) {
                PKCS11Exception pke = (PKCS11Exception) t;
                throw new PKCS11Exception(pke.getErrorCode());
            } else
                throw e;
        } else {
            throw new ProviderException(e.getMessage());
        }
    } catch (Throwable t) {
        t.printStackTrace();
    }
    return ks;
}
Example 12
Project: fast-serialization-master  File: I52.java View source code
@Test
public void test() throws Exception {
    // install BouncyCastle provider
    Security.addProvider(new BouncyCastleProvider());
    // generate a keypair
    KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", "BC");
    RSAKeyGenParameterSpec params = new RSAKeyGenParameterSpec(STRENGTH, PUBLIC_EXP);
    gen.initialize(params, new SecureRandom());
    KeyPair keyPair = gen.generateKeyPair();
    FSTConfiguration fst = FSTConfiguration.createDefaultConfiguration();
    // serialize
    byte[] serialized = fst.asByteArray(keyPair);
    // deserialize --> crash
    KeyPair deserialized = (KeyPair) fst.asObject(serialized);
}
Example 13
Project: TLS-Attacker-master  File: ConfigHandler.java View source code
/**
     * Initializes TLS Attacker according to the config file. In addition, it
     * adds the Bouncy Castle provider and removes the PKCS#11 security provider
     * since there are some problems when handling ECC.
     *
     * @param config
     */
public void initialize(GeneralConfig config) {
    // ECC does not work properly in the NSS provider
    Security.removeProvider("SunPKCS11-NSS");
    Security.addProvider(new BouncyCastleProvider());
    LOGGER.debug("Using the following security providers");
    for (Provider p : Security.getProviders()) {
        LOGGER.debug("Provider {}, version, {}", p.getName(), p.getVersion());
    }
    LoggerContext ctx = (LoggerContext) LogManager.getContext(false);
    Configuration ctxConfig = ctx.getConfiguration();
    LoggerConfig loggerConfig = ctxConfig.getLoggerConfig(LogManager.ROOT_LOGGER_NAME);
    if (config.isDebug()) {
        loggerConfig.setLevel(Level.DEBUG);
        ctx.updateLoggers();
    } else if (config.isQuiet()) {
        loggerConfig.setLevel(Level.OFF);
        ctx.updateLoggers();
    } else if (config.getLogLevel() != null) {
        loggerConfig.setLevel(config.getLogLevel());
        ctx.updateLoggers();
    }
    UnlimitedStrengthHelper.removeCryptoStrengthRestriction();
}
Example 14
Project: wso2-synapse-master  File: RevocationVerificationTest.java View source code
/**
     * Tests CRL Path Validation with the use of a real certificate chain. The verification process will make
     * HTTP calls to remote CRL server URLs extracted from the certificates in the chain. Usually these certificates
     * will not be revoked. So the path validation must be successful to pass the test. In case they are revoked
     * or expired, new certificates should be added to the resources directory and Constants should be modified
     * accordingly. See the interface Constants for expiry dates of the certificates.
     * @throws Exception
     */
public void testCRLPathValidation() throws Exception {
    //Add BouncyCastle as Security Provider.
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    Utils utils = new Utils();
    X509Certificate[] certificates = utils.getRealCertificateChain();
    Throwable throwable = null;
    try {
        crlPathValidation(certificates);
    } catch (CertificateVerificationException e) {
        throwable = e;
    }
    assertNull(throwable);
}
Example 15
Project: TwoFactorBtcWallet-master  File: MakeCertificate.java View source code
public static void generateSelfSignedCertificate(String hostname, File keystore, String keystorePassword) {
    try {
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
        kpGen.initialize(1024, new SecureRandom());
        KeyPair pair = kpGen.generateKeyPair();
        // Generate self-signed certificate
        X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
        builder.addRDN(BCStyle.CN, hostname);
        Date notBefore = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000);
        Date notAfter = new Date(System.currentTimeMillis() + 10 * 365 * 24 * 60 * 60 * 1000);
        BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), serial, notBefore, notAfter, builder.build(), pair.getPublic());
        ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(pair.getPrivate());
        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
        cert.checkValidity(new Date());
        cert.verify(cert.getPublicKey());
        // Save to keystore
        KeyStore store = KeyStore.getInstance("BKS");
        if (keystore.exists()) {
            FileInputStream fis = new FileInputStream(keystore);
            store.load(fis, keystorePassword.toCharArray());
            fis.close();
        } else {
            store.load(null);
        }
        store.setKeyEntry(hostname, pair.getPrivate(), keystorePassword.toCharArray(), new java.security.cert.Certificate[] { cert });
        FileOutputStream fos = new FileOutputStream(keystore);
        store.store(fos, keystorePassword.toCharArray());
        fos.close();
    } catch (Throwable t) {
        t.printStackTrace();
        throw new RuntimeException("Failed to generate self-signed certificate!", t);
    }
}
Example 16
Project: android-backup-extractor-master  File: Main.java View source code
public static void main(String[] args) {
    Security.addProvider(new BouncyCastleProvider());
    if (args.length < 3) {
        usage();
        System.exit(1);
    }
    String mode = args[0];
    if (!"pack".equals(mode) && !"unpack".equals(mode) && !"pack-kk".equals(mode)) {
        usage();
        System.exit(1);
    }
    boolean unpack = "unpack".equals(mode);
    String backupFilename = unpack ? args[1] : args[2];
    String tarFilename = unpack ? args[2] : args[1];
    String password = null;
    if (args.length > 3) {
        password = args[3];
    }
    if (password == null) {
        /* if password is not given, try to read it from environment */
        password = System.getenv("ABE_PASSWD");
    }
    if (unpack) {
        AndroidBackup.extractAsTar(backupFilename, tarFilename, password);
    } else {
        boolean isKitKat = "pack-kk".equals(mode);
        AndroidBackup.packTar(tarFilename, backupFilename, password, isKitKat);
    }
}
Example 17
Project: btpka3.github.com-master  File: DESTest.java View source code
public static void main(String[] args) throws InterruptedException, UnsupportedEncodingException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
    // 请注�����加入
    Security.addProvider(new BouncyCastleProvider());
    // 生��机秘钥
    KeyGenerator keygenerator = KeyGenerator.getInstance("DES");
    SecretKey desKey = keygenerator.generateKey();
    // 生�加密器
    Cipher cipher = Cipher.getInstance("DES/ECB/PKCS7Padding");
    cipher.init(Cipher.ENCRYPT_MODE, desKey);
    // 准备明文数�
    String txt = "Hello World~";
    // 加密
    byte[] encData = cipher.doFinal(txt.getBytes("UTF-8"));
    System.out.println("ENC DATA : " + DatatypeConverter.printHexBinary(encData));
    // 解密
    cipher.init(Cipher.DECRYPT_MODE, desKey);
    byte[] decData = cipher.doFinal(encData);
    System.out.println("DEC DATA : " + new String(decData, "UTF-8"));
}
Example 18
Project: bugvm-master  File: BaseCipherSpi.java View source code
protected Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType) throws InvalidKeyException {
    byte[] encoded;
    try {
        if (wrapEngine == null) {
            encoded = engineDoFinal(wrappedKey, 0, wrappedKey.length);
        } else {
            encoded = wrapEngine.unwrap(wrappedKey, 0, wrappedKey.length);
        }
    } catch (InvalidCipherTextException e) {
        throw new InvalidKeyException(e.getMessage());
    } catch (BadPaddingException e) {
        throw new InvalidKeyException(e.getMessage());
    } catch (IllegalBlockSizeException e2) {
        throw new InvalidKeyException(e2.getMessage());
    }
    if (wrappedKeyType == Cipher.SECRET_KEY) {
        return new SecretKeySpec(encoded, wrappedKeyAlgorithm);
    } else if (wrappedKeyAlgorithm.equals("") && wrappedKeyType == Cipher.PRIVATE_KEY) {
        /*
                 * The caller doesn't know the algorithm as it is part of
                 * the encrypted data.
                 */
        try {
            PrivateKeyInfo in = PrivateKeyInfo.getInstance(encoded);
            PrivateKey privKey = BouncyCastleProvider.getPrivateKey(in);
            if (privKey != null) {
                return privKey;
            } else {
                throw new InvalidKeyException("algorithm " + in.getPrivateKeyAlgorithm().getAlgorithm() + " not supported");
            }
        } catch (Exception e) {
            throw new InvalidKeyException("Invalid key encoding.");
        }
    } else {
        try {
            KeyFactory kf = KeyFactory.getInstance(wrappedKeyAlgorithm, BouncyCastleProvider.PROVIDER_NAME);
            if (wrappedKeyType == Cipher.PUBLIC_KEY) {
                return kf.generatePublic(new X509EncodedKeySpec(encoded));
            } else if (wrappedKeyType == Cipher.PRIVATE_KEY) {
                return kf.generatePrivate(new PKCS8EncodedKeySpec(encoded));
            }
        } catch (NoSuchProviderException e) {
            throw new InvalidKeyException("Unknown key type " + e.getMessage());
        } catch (NoSuchAlgorithmException e) {
            throw new InvalidKeyException("Unknown key type " + e.getMessage());
        } catch (InvalidKeySpecException e2) {
            throw new InvalidKeyException("Unknown key type " + e2.getMessage());
        }
        throw new InvalidKeyException("Unknown key type " + wrappedKeyType);
    }
}
Example 19
Project: keywhiz-master  File: CryptoFixtures.java View source code
/** @return a content cryptographer initialized with the testing derivation key. */
public static ContentCryptographer contentCryptographer() {
    if (cryptographer != null) {
        return cryptographer;
    }
    Provider provider = new BouncyCastleProvider();
    if (Security.getProvider(provider.getName()) == null) {
        Security.addProvider(provider);
    }
    SecretKey baseKey;
    char[] password = "CHANGE".toCharArray();
    try (InputStream in = Resources.getResource("derivation.jceks").openStream()) {
        KeyStore keyStore = KeyStore.getInstance("JCEKS");
        keyStore.load(in, password);
        baseKey = (SecretKey) keyStore.getKey("basekey", password);
    } catch (CertificateExceptionUnrecoverableKeyException | KeyStoreException | NoSuchAlgorithmException | IOException |  e) {
        throw Throwables.propagate(e);
    }
    cryptographer = new ContentCryptographer(baseKey, provider, provider, FakeRandom.create());
    return cryptographer;
}
Example 20
Project: OpenIDM-master  File: Activator.java View source code
@Override
public void start(BundleContext bundleContext) throws Exception {
    Security.addProvider(new BouncyCastleProvider());
    // Set System properties
    if (System.getProperty("javax.net.ssl.keyStore") == null) {
        System.setProperty("javax.net.ssl.keyStore", Param.getKeystoreLocation());
        System.setProperty("javax.net.ssl.keyStorePassword", Param.getKeystorePassword(false));
        System.setProperty("javax.net.ssl.keyStoreType", Param.getKeystoreType());
    }
    if (System.getProperty("javax.net.ssl.trustStore") == null) {
        System.setProperty("javax.net.ssl.trustStore", Param.getTruststoreLocation());
        System.setProperty("javax.net.ssl.trustStorePassword", Param.getTruststorePassword(false));
        System.setProperty("javax.net.ssl.trustStoreType", Param.getTruststoreType());
    }
}
Example 21
Project: oxalis-master  File: CertificateValidationTest.java View source code
public void validateCertificate(X509Certificate certificate) {
    try {
        List<X509Certificate> certificateList = new ArrayList<X509Certificate>();
        certificateList.add(certificate);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        CertPath certPath = certificateFactory.generateCertPath(certificateList);
        KeyStore trustStore = loadKeystore("security/oxalis-dummy-ca.jks", "peppol");
        // Create the parameters for the validator
        PKIXParameters params = new PKIXParameters(trustStore);
        // Disable revocation checking as we trust our own truststore (and do not have a CRL and don't want OCSP)
        params.setRevocationEnabled(false);
        // Validate the certificate path
        CertPathValidator pathValidator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
        CertPathValidatorResult validatorResult = pathValidator.validate(certPath, params);
        // Get the CA used to validate this path
        PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult) validatorResult;
        TrustAnchor ta = result.getTrustAnchor();
        X509Certificate trustCert = ta.getTrustedCert();
    } catch (Exception e) {
        throw new IllegalStateException("Unable to trust the signer : " + e.getMessage(), e);
    }
}
Example 22
Project: pdfbox-master  File: SecurityProvider.java View source code
/**
     * Returns the provider to be used for advanced encrypting/decrypting. Default is the BouncyCastleProvider.
     * 
     * @return the security provider
     * 
     * @throws IOException if the default provider can't be instantiated
     */
public static Provider getProvider() throws IOException {
    // TODO synchronize access
    if (provider == null) {
        try {
            Class<Provider> providerClass = (Class<Provider>) Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
            provider = providerClass.getDeclaredConstructor().newInstance();
        } catch (ClassNotFoundExceptionInstantiationException | IllegalAccessException | NoSuchMethodException | SecurityException | IllegalArgumentException | InvocationTargetException |  ex) {
            throw new IOException(ex);
        }
    }
    return provider;
}
Example 23
Project: robovm-master  File: KeyPairGeneratorSpi.java View source code
public KeyPair generateKeyPair() {
    if (!initialised) {
        Integer paramStrength = Integers.valueOf(strength);
        if (params.containsKey(paramStrength)) {
            param = (DHKeyGenerationParameters) params.get(paramStrength);
        } else {
            DHParameterSpec dhParams = BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(strength);
            if (dhParams != null) {
                param = new DHKeyGenerationParameters(random, new DHParameters(dhParams.getP(), dhParams.getG(), null, dhParams.getL()));
            } else {
                synchronized (lock) {
                    // our key size.
                    if (params.containsKey(paramStrength)) {
                        param = (DHKeyGenerationParameters) params.get(paramStrength);
                    } else {
                        DHParametersGenerator pGen = new DHParametersGenerator();
                        pGen.init(strength, certainty, random);
                        param = new DHKeyGenerationParameters(random, pGen.generateParameters());
                        params.put(paramStrength, param);
                    }
                }
            }
        }
        engine.init(param);
        initialised = true;
    }
    AsymmetricCipherKeyPair pair = engine.generateKeyPair();
    DHPublicKeyParameters pub = (DHPublicKeyParameters) pair.getPublic();
    DHPrivateKeyParameters priv = (DHPrivateKeyParameters) pair.getPrivate();
    return new KeyPair(new BCDHPublicKey(pub), new BCDHPrivateKey(priv));
}
Example 24
Project: SAMLRaider-master  File: CloneCertificateChainTest.java View source code
@Before
public void setUp() throws Exception {
    Security.addProvider(new BouncyCastleProvider());
    certificateTabController = new CertificateTabController(new CertificateTab());
    certificateChain = certificateTabController.importCertificateChain("src/test/resources/hsr_chain.pem");
    clonedCertificates = certificateTabController.cloneCertificateChain(certificateChain);
}
Example 25
Project: tesb-rt-se-master  File: TextEncryptor.java View source code
@Override
public Object execute() throws Exception {
    StandardPBEStringEncryptor enc = new StandardPBEStringEncryptor();
    EnvironmentStringPBEConfig env = new EnvironmentStringPBEConfig();
    env.setProvider(new BouncyCastleProvider());
    env.setProviderName(PROVIDER_NAME);
    env.setAlgorithm(ALGORITHM);
    if (encryptionPassword != null) {
        env.setPassword(encryptionPassword);
        System.out.println("Specified password for decryption should be set to " + PASSWORD_ENV_NAME + " env variable");
    } else {
        if (System.getenv(PASSWORD_ENV_NAME) != null) {
            env.setPasswordEnvName(PASSWORD_ENV_NAME);
        } else {
            System.out.println(PASSWORD_ENV_NAME + " system variable is not specified. ");
            System.out.println("Second parameter should be used to specify password.");
            return null;
        }
    }
    enc.setConfig(env);
    System.out.println(PropertyValueEncryptionUtils.encrypt(textToEncrypt, enc));
    return null;
}
Example 26
Project: token-crypt-master  File: BouncyCastleKeyPairGenerator.java View source code
@Override
public KeyPair generateKeyPair(Integer keyLength) {
    final KeyPairGenerator kpg;
    try {
        kpg = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
    } catch (NoSuchAlgorithmException e) {
        throw new IllegalStateException("RSA support could not be found. There is a problem with this JVM.", e);
    } catch (NoSuchProviderException e) {
        throw new IllegalStateException("BounceCastle support could not be found. There is a problem with this JVM.", e);
    }
    kpg.initialize(keyLength);
    return kpg.generateKeyPair();
}
Example 27
Project: nifi-master  File: StringEncryptor.java View source code
/**
     * Creates an instance of the nifi sensitive property encryptor. Validates
     * that the encryptor is actually working.
     *
     * @param niFiProperties properties
     * @return encryptor
     * @throws EncryptionException if any issues arise initializing or
     * validating the encryptor
     */
public static StringEncryptor createEncryptor(final NiFiProperties niFiProperties) throws EncryptionException {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    final String sensitivePropAlgorithmVal = niFiProperties.getProperty(NF_SENSITIVE_PROPS_ALGORITHM);
    final String sensitivePropProviderVal = niFiProperties.getProperty(NF_SENSITIVE_PROPS_PROVIDER);
    final String sensitivePropValueNifiPropVar = niFiProperties.getProperty(NF_SENSITIVE_PROPS_KEY, DEFAULT_SENSITIVE_PROPS_KEY);
    if (StringUtils.isBlank(sensitivePropAlgorithmVal)) {
        throw new EncryptionException(NF_SENSITIVE_PROPS_ALGORITHM + "must bet set");
    }
    if (StringUtils.isBlank(sensitivePropProviderVal)) {
        throw new EncryptionException(NF_SENSITIVE_PROPS_PROVIDER + "must bet set");
    }
    if (StringUtils.isBlank(sensitivePropValueNifiPropVar)) {
        throw new EncryptionException(NF_SENSITIVE_PROPS_KEY + "must bet set");
    }
    final StringEncryptor nifiEncryptor;
    try {
        nifiEncryptor = new StringEncryptor(sensitivePropAlgorithmVal, sensitivePropProviderVal, sensitivePropValueNifiPropVar);
        //test that we can infact encrypt and decrypt something
        if (!nifiEncryptor.decrypt(nifiEncryptor.encrypt(TEST_PLAINTEXT)).equals(TEST_PLAINTEXT)) {
            throw new EncryptionException("NiFi property encryptor does appear to be working - decrypt/encrypt return invalid results");
        }
    } catch (final EncryptionInitializationExceptionEncryptionOperationNotPossibleException |  ex) {
        throw new EncryptionException("Cannot initialize sensitive property encryptor", ex);
    }
    return nifiEncryptor;
}
Example 28
Project: Assignments-master  File: XadesTest.java View source code
@Test
public void XadesBesRsaCert() throws Exception {
    (new File(DestDirBes)).mkdirs();
    super.initialize();
    String filename = "xfa.signed.xades-bes.pdf";
    String output = DestDirBes + filename;
    BouncyCastleProvider provider = new BouncyCastleProvider();
    Security.addProvider(provider);
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    Certificate cert = cf.generateCertificate(new FileInputStream(CERTIFICATE));
    Certificate[] chain = new Certificate[] { cert };
    // Read Private Key.
    File filePrivateKey = new File(KEYSTORE);
    FileInputStream fis = new FileInputStream(KEYSTORE);
    byte[] encodedPrivateKey = new byte[(int) filePrivateKey.length()];
    fis.read(encodedPrivateKey);
    fis.close();
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(encodedPrivateKey);
    PrivateKey pk = keyFactory.generatePrivate(privateKeySpec);
    signXadesWithCertificate(Src, output, pk, chain, DigestAlgorithms.SHA1, provider.getName(), false);
    String cmp = saveXmlFromResult(output);
    Assert.assertTrue("Verification", verifyXmlDSig(cmp));
}
Example 29
Project: billing-ng-master  File: PublicKeyProfile.java View source code
public KeyPair generateKey() {
    KeyPairGenerator keyGen;
    try {
        keyGen = KeyPairGenerator.getInstance(identifier, BouncyCastleProvider.PROVIDER_NAME);
    } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException("Key generator algorithm not supported by the JCE provider.");
    } catch (NoSuchProviderException e) {
        throw new RuntimeException("BouncyCastle JCE provider not configured or not loaded.");
    }
    if (keysize != null)
        keyGen.initialize(keysize);
    return new KeyPair(keyGen.generateKeyPair());
}
Example 30
Project: canl-java-master  File: KeyStoreHelper.java View source code
/**
	 * Creates an instance of KeyStore which should be used as a truststore, 
	 * using our custom logic for choosing a provider: BC for PKCS12 and default for others.
	 * Usage of default provider for PKCS12 makes it not usable as a trust anchor store (bug/'feature' in JDK?).
	 * BC-created Keystore is universal but in many cases requires the unlimited strength crypto policy.
	 * @param type keystore type, usually PKCS12 or JKS
	 * @return keystore object instance. It is not loaded/initialized.
	 * @throws KeyStoreException if there is no provider supporting keystore type
	 */
public static KeyStore getInstanceForTrust(String type) throws KeyStoreException {
    KeyStore ks;
    try {
        if (type.equalsIgnoreCase("PKCS12"))
            ks = KeyStore.getInstance(type, BouncyCastleProvider.PROVIDER_NAME);
        else
            ks = KeyStore.getInstance(type);
        return ks;
    } catch (NoSuchProviderException e) {
        throw new IllegalStateException("Bouncy Castle provider is not " + "available in JDKFSTrustAnchorStore. This is a BUG.", e);
    }
}
Example 31
Project: commons-eid-master  File: CMSTest.java View source code
@Test
public void testCMSSignature() throws Exception {
    Security.addProvider(new BeIDProvider());
    Security.addProvider(new BouncyCastleProvider());
    KeyStore keyStore = KeyStore.getInstance("BeID");
    keyStore.load(null);
    PrivateKey privateKey = (PrivateKey) keyStore.getKey("Authentication", null);
    X509Certificate certificate = (X509Certificate) keyStore.getCertificate("Authentication");
    CMSTypedData msg = new CMSProcessableByteArray("Hello world!".getBytes());
    CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
    ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").build(privateKey);
    gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(sha1Signer, certificate));
    CMSSignedData sigData = gen.generate(msg, false);
}
Example 32
Project: diqube-master  File: BouncyCastleUtil.java View source code
/**
   * @return The java security {@link Provider} of bouncycastle, if available. Make sure to add the dependency to the
   *         projects pom.
   * @throws BouncyCastleUnavailableException
   *           if BC is unavailable.
   */
public static Provider getProvider() throws BouncyCastleUnavailableException {
    Provider res = Security.getProvider(BC_PROVIDER_NAME);
    if (res == null) {
        synchronized (BouncyCastleUtil.class) {
            res = Security.getProvider(BC_PROVIDER_NAME);
            if (res == null) {
                // disable BC "EC MQV" (patent issues).
                System.setProperty("org.bouncycastle.ec.disable_mqv", "true");
                try {
                    @SuppressWarnings("unchecked") Class<? extends Provider> providerClass = (Class<? extends Provider>) Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
                    Provider bcProvider = providerClass.newInstance();
                    Security.addProvider(bcProvider);
                    res = Security.getProvider(BC_PROVIDER_NAME);
                } catch (ClassNotFoundExceptionInstantiationException | IllegalAccessException |  e) {
                    throw new BouncyCastleUnavailableException(e);
                }
            }
        }
    }
    return res;
}
Example 33
Project: docker-java-master  File: CertificateUtils.java View source code
/**
     * "cert.pem" from reader
     */
public static List<Certificate> loadCertificates(final Reader reader) throws IOException, CertificateException {
    try (PEMParser pemParser = new PEMParser(reader)) {
        List<Certificate> certificates = new ArrayList<>();
        JcaX509CertificateConverter certificateConverter = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
        Object certObj = pemParser.readObject();
        if (certObj instanceof X509CertificateHolder) {
            X509CertificateHolder certificateHolder = (X509CertificateHolder) certObj;
            certificates.add(certificateConverter.getCertificate(certificateHolder));
        }
        return certificates;
    }
}
Example 34
Project: eid-applet-master  File: SignatureServiceImpl.java View source code
public void postSign(byte[] signatureValue, List<X509Certificate> signingCertificateChain) {
    LOG.debug("postSign");
    String signatureValueStr = new String(Hex.encodeHex(signatureValue));
    HttpSession session = getHttpSession();
    session.setAttribute("SignatureValue", signatureValueStr);
    session.setAttribute("SigningCertificateChain", signingCertificateChain);
    boolean signatureValid = false;
    String toBeSigned = (String) session.getAttribute("toBeSigned");
    LOG.debug("to be signed: " + toBeSigned);
    String digestAlgo = (String) session.getAttribute("digestAlgo");
    String signAlgo = digestAlgoToSignAlgo.get(digestAlgo);
    try {
        Signature signature = Signature.getInstance(signAlgo, BouncyCastleProvider.PROVIDER_NAME);
        signature.initVerify(signingCertificateChain.get(0).getPublicKey());
        signature.update(toBeSigned.getBytes());
        signatureValid = signature.verify(signatureValue);
    } catch (Exception e) {
        LOG.error("error validating the signature: " + e.getMessage(), e);
    }
    session.setAttribute("SignatureValid", signatureValid);
}
Example 35
Project: encryption-jvm-bootcamp-master  File: TestBCPGP.java View source code
@Test
public // @Ignore //Doesn't return the expected provider unless explicitly requested with BC as the 2nd param
void testBCPGPProviderRegistration() throws NoSuchAlgorithmException, GeneralSecurityException {
    //Test the algorithm brought back before the BC provider is inserted
    Cipher cipherSunRSA = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    Assert.assertEquals("SunJCE version 1.6", cipherSunRSA.getProvider().toString());
    //Add the BC provider. If no position it given, provider adds to end of list
    int positionAdded = Security.insertProviderAt(new BouncyCastleProvider(), 1);
    Assert.assertEquals(1, positionAdded);
    //Now that the BC provider is inserted at position 1, an unconstrained request for RSA will
    // still come from BC
    Cipher cipherDefaultRSA = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    Assert.assertEquals("BC version 1.45", cipherDefaultRSA.getProvider().toString());
    //When specifically requested via "BC", then BouncyCastle is returned.
    Cipher cipherBCRSA = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
    Assert.assertEquals("BC version 1.45", cipherBCRSA.getProvider().toString());
}
Example 36
Project: ExemplosDemoiselle-master  File: TesteLeituraAssinaturaPKCS7.java View source code
public static void main(String[] args) {
    String nomeArquivo = "/tmp/arquivo.txt.pkcs7.software";
    //		String nomeArquivo = "/tmp/arquivo.chain.enc.txt.pkcs7";
    //		String nomeArquivo = "/tmp/arquivo.chain.noenc.txt.pkcs7";
    //		String nomeArquivo = "/tmp/arquivo.nochain.enc.txt.pkcs7";
    //		String nomeArquivo = "/tmp/arquivo.nochain.noenc.txt.pkcs7";
    Security.addProvider(new BouncyCastleProvider());
    try {
        TabeliaoAssinaturaPKCS7 tabAssinatura = new TabeliaoAssinaturaPKCS7(new FileInputStream("/tmp/arquivo.txt"), new FileInputStream(nomeArquivo));
        TabeliaoCertificate tc = new TabeliaoCertificate(tabAssinatura.getCertificadoAssinante());
        System.out.println(tc.getCadeiaCertificados().size());
        TabeliaoResultadoValidacao trvCert = tc.valida();
        System.out.println("Carregando o certificado assinante");
        X509Certificate cert = tabAssinatura.getCertificadoAssinante();
        System.out.println(cert);
        TabeliaoResultadoValidacao trvAss = tabAssinatura.valida();
        System.out.println("*** Validação do certificado utilizado na assinatura: ");
        System.out.println(trvCert);
        System.out.println("*** Validação da assinatura: ");
        System.out.println(trvAss);
    } catch (Exception e) {
        e.printStackTrace();
    }
}
Example 37
Project: fred-master  File: ECDHTest.java View source code
public static void main(String[] args) throws InvalidKeyException, IllegalStateException, NoSuchAlgorithmException {
    Security.addProvider(new BouncyCastleProvider());
    ECDH alice = new ECDH(Curves.P256);
    ECDH bob = new ECDH(Curves.P256);
    PublicKey bobP = bob.getPublicKey();
    PublicKey aliceP = alice.getPublicKey();
    System.out.println("Alice C: " + alice.curve);
    System.out.println("Bob   C: " + bob.curve);
    System.out.println("Alice P: " + toHex(aliceP.getEncoded()));
    System.out.println("Bob   P: " + toHex(bobP.getEncoded()));
    System.out.println("Alice S: " + toHex(alice.getAgreedSecret(bob.getPublicKey())));
    System.out.println("Bob   S: " + toHex(bob.getAgreedSecret(alice.getPublicKey())));
}
Example 38
Project: gobblin-master  File: GPGFileDecryptor.java View source code
public static InputStream decryptFile(InputStream inputStream, String passPhrase) throws IOException {
    if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
        Security.addProvider(new BouncyCastleProvider());
    }
    inputStream = PGPUtil.getDecoderStream(inputStream);
    JcaPGPObjectFactory pgpF = new JcaPGPObjectFactory(inputStream);
    PGPEncryptedDataList enc;
    Object pgpfObject = pgpF.nextObject();
    if (pgpfObject instanceof PGPEncryptedDataList) {
        enc = (PGPEncryptedDataList) pgpfObject;
    } else {
        enc = (PGPEncryptedDataList) pgpF.nextObject();
    }
    PGPPBEEncryptedData pbe = (PGPPBEEncryptedData) enc.get(0);
    InputStream clear;
    try {
        clear = pbe.getDataStream(new JcePBEDataDecryptorFactoryBuilder(new JcaPGPDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build()).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(passPhrase.toCharArray()));
        JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(clear);
        pgpfObject = pgpFact.nextObject();
        if (pgpfObject instanceof PGPCompressedData) {
            PGPCompressedData cData = (PGPCompressedData) pgpfObject;
            pgpFact = new JcaPGPObjectFactory(cData.getDataStream());
            pgpfObject = pgpFact.nextObject();
        }
        PGPLiteralData ld = (PGPLiteralData) pgpfObject;
        return ld.getInputStream();
    } catch (PGPException e) {
        throw new IOException(e);
    }
}
Example 39
Project: java_security-master  File: DESTest.java View source code
// 用bouncy castle实现:
public static void bcDES() {
    try {
        Security.addProvider(new BouncyCastleProvider());
        // 生�KEY
        KeyGenerator keyGenerator = KeyGenerator.getInstance("DES", "BC");
        keyGenerator.getProvider();
        keyGenerator.init(56);
        // 产生密钥
        SecretKey secretKey = keyGenerator.generateKey();
        // 获�密钥
        byte[] bytesKey = secretKey.getEncoded();
        // KEY转�
        DESKeySpec desKeySpec = new DESKeySpec(bytesKey);
        SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
        Key convertSecretKey = factory.generateSecret(desKeySpec);
        // 加密
        Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
        byte[] result = cipher.doFinal(src.getBytes());
        System.out.println("bc des encrypt:" + Hex.encodeHexString(result));
        // 解密
        cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
        result = cipher.doFinal(result);
        System.out.println("bc des decrypt:" + new String(result));
    } catch (Exception e) {
        e.printStackTrace();
    }
}
Example 40
Project: JGlobus-master  File: SimpleMemoryKeyStoreTest.java View source code
@BeforeClass
public static void loadBouncyCastleProvider() throws Exception {
    Security.addProvider(new BouncyCastleProvider());
    CertificateFactory factory = CertificateFactory.getInstance("X.509");
    cert = (X509Certificate) factory.generateCertificate(new GlobusPathMatchingResourcePatternResolver().getResource("classpath:/validatorTest/testca.pem").getInputStream());
}
Example 41
Project: jts-tanks-master  File: RSAEngine.java View source code
/**
	 * @param data   - входной маÑ?Ñ?ив закриптованных данных
	 * @param from
	 * @param length
	 * @return - маÑ?Ñ?ив раÑ?шифрованных данных
	 */
private byte[] decrypt0(byte[] data, int from, int length) {
    ByteBuf buf = Unpooled.buffer().order(ByteOrder.LITTLE_ENDIAN);
    PrivateKey privateKey = KeyStore.getInstance().getPrivateKey();
    try {
        Cipher rsa = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", BouncyCastleProvider.PROVIDER_NAME);
        rsa.init(Cipher.DECRYPT_MODE, privateKey);
        final int blockSize = rsa.getBlockSize();
        for (int i = from; i < length; i += blockSize) {
            if (i + blockSize > length) {
                byte[] tempData = rsa.doFinal(data, i, length - i);
                buf.writeBytes(tempData);
            } else {
                byte[] tempData = rsa.doFinal(data, i, blockSize);
                buf.writeBytes(tempData);
            }
        }
    } catch (NoSuchAlgorithmExceptionNoSuchPaddingException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException | NoSuchProviderException |  e) {
        e.printStackTrace();
    }
    return buf.array();
}
Example 42
Project: ksi-java-sdk-master  File: CalendarAuthenticationRecordSignatureVerificationRule.java View source code
public VerificationResultCode verifySignature(VerificationContext context) throws KSIException {
    CalendarAuthenticationRecord authenticationRecord = context.getCalendarAuthenticationRecord();
    SignatureData signatureData = authenticationRecord.getSignatureData();
    Certificate certificate = context.getCertificate(signatureData.getCertificateId());
    try {
        Signature sig = Signature.getInstance(((X509Certificate) certificate).getSigAlgName(), BouncyCastleProvider.PROVIDER_NAME);
        sig.initVerify(certificate);
        sig.update(authenticationRecord.getPublicationData().getEncoded());
        if (!sig.verify(signatureData.getSignatureValue())) {
            LOGGER.info("Invalid calendar authentication record signature.");
            return VerificationResultCode.FAIL;
        }
    } catch (GeneralSecurityException e) {
        LOGGER.warn("General PKI security exception occurred when verifying KSI signature. " + e.getMessage(), e);
        return VerificationResultCode.FAIL;
    }
    return VerificationResultCode.OK;
}
Example 43
Project: mtools-master  File: InitServlet.java View source code
public void init() throws ServletException {
    try {
        //自定义log4j�置
        if (!FuncUtil.isEmpty(log4j)) {
            PropertyConfigurator.configure(SpringUtil.cfgPath(log4j));
        }
        log.info("�始化spring容器");
        log.info("SpringUtil init");
        ServletContext context = getServletContext();
        //		WebApplicationContext webAppContext = WebApplicationContextUtils
        //				.getWebApplicationContext(context);
        ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
        SpringUtil.initCxt(ctx);
        CoreDao dao = (CoreDao) SpringUtil.getAnoBean("dao");
        //		CoreDao daoExt = (CoreDao) SpringUtil.getAnoBean("daoExt");
        //		CoreDao daoExt = (CoreDao) SpringUtil.getBean("daoExt");
        List<String> values = dao.search("select 1 from dual", String.class, null);
        //		values = daoExt.search("select 1 from dual", String.class,
        //				null);
        //使用BouncyCastleProvideræ??供的安全策略 需è¦?引入bcprov-jdk16-1.46.jar
        Security.addProvider(new BouncyCastleProvider());
        log.info("加载系统�数�功");
    } catch (Exception e) {
        log.error("�始化�务应用�生异常", e);
        e.printStackTrace();
    }
}
Example 44
Project: nimbus_ezpz_ca-master  File: CertDN.java View source code
public static String dnFromPath(String path) throws IOException {
    final File certFile = new File(path);
    if (!certFile.canRead()) {
        final String msg = "File '" + path + "' can not be read.";
        throw new IOException(msg);
    }
    final FileReader fr = new FileReader(certFile);
    try {
        final PEMReader reader = new PEMReader(fr, null, BouncyCastleProvider.PROVIDER_NAME);
        try {
            final X509Certificate cert = (X509Certificate) reader.readObject();
            final X500Principal principal = cert.getSubjectX500Principal();
            final String DN = principal.getName(X500Principal.RFC2253);
            return CertUtil.toGlobusID(DN, false);
        } finally {
            reader.close();
        }
    } finally {
        fr.close();
    }
}
Example 45
Project: nomulus-master  File: GetKeyringSecretCommand.java View source code
@Override
public void run() throws Exception {
    OutputStream out = outputPath != null ? new FileOutputStream(outputPath.toFile()) : System.out;
    Security.addProvider(new BouncyCastleProvider());
    switch(keyringKeyName) {
        case BRAINTREE_PRIVATE_KEY:
            out.write(KeySerializer.serializeString(keyring.getBraintreePrivateKey()));
            break;
        case BRDA_RECEIVER_PUBLIC_KEY:
            out.write(KeySerializer.serializePublicKey(keyring.getBrdaReceiverKey()));
            break;
        case BRDA_SIGNING_KEY_PAIR:
            out.write(KeySerializer.serializeKeyPair(keyring.getBrdaSigningKey()));
            break;
        case ICANN_REPORTING_PASSWORD:
            out.write(KeySerializer.serializeString(keyring.getIcannReportingPassword()));
            break;
        case JSON_CREDENTIAL:
            out.write(KeySerializer.serializeString(keyring.getJsonCredential()));
            break;
        case MARKSDB_DNL_LOGIN:
            out.write(KeySerializer.serializeString(keyring.getMarksdbDnlLogin()));
            break;
        case MARKSDB_LORDN_PASSWORD:
            out.write(KeySerializer.serializeString(keyring.getMarksdbLordnPassword()));
            break;
        case MARKSDB_SMDRL_LOGIN:
            out.write(KeySerializer.serializeString(keyring.getMarksdbSmdrlLogin()));
            break;
        case RDE_RECEIVER_PUBLIC_KEY:
            out.write(KeySerializer.serializePublicKey(keyring.getRdeReceiverKey()));
            break;
        case RDE_SIGNING_KEY_PAIR:
            out.write(KeySerializer.serializeKeyPair(keyring.getRdeSigningKey()));
            break;
        case RDE_SSH_CLIENT_PRIVATE_KEY:
            out.write(KeySerializer.serializeString(keyring.getRdeSshClientPrivateKey()));
            break;
        case RDE_SSH_CLIENT_PUBLIC_KEY:
            out.write(KeySerializer.serializeString(keyring.getRdeSshClientPublicKey()));
            break;
        case RDE_STAGING_KEY_PAIR:
            // Note that we're saving a key pair rather than just the private key because we can't
            // serialize a private key on its own. See {@link KeySerializer}.
            out.write(KeySerializer.serializeKeyPair(new PGPKeyPair(keyring.getRdeStagingEncryptionKey(), keyring.getRdeStagingDecryptionKey())));
            break;
        case RDE_STAGING_PUBLIC_KEY:
            out.write(KeySerializer.serializePublicKey(keyring.getRdeStagingEncryptionKey()));
            break;
    }
}
Example 46
Project: qi4j-libraries-master  File: X509CredentialsPKIXPathMatcher.java View source code
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    try {
        X509AuthenticationToken x509AuthToken = (X509AuthenticationToken) token;
        X509AuthenticationInfo x509AuthInfo = (X509AuthenticationInfo) info;
        ExtendedPKIXBuilderParameters params = new ExtendedPKIXBuilderParameters(x509AuthInfo.getGrantedTrustAnchors(), x509AuthToken.getClientX509CertSelector());
        params.addStore(x509AuthToken.getClientCertChainStore());
        params.setRevocationEnabled(false);
        CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
        CertPathBuilderResult result = pathBuilder.build(params);
        if (LOGGER.isDebugEnabled()) {
            PKIXCertPathReviewer reviewer = new PKIXCertPathReviewer(result.getCertPath(), params);
            String certPathEnd = ((X509Certificate) reviewer.getCertPath().getCertificates().get(reviewer.getCertPathSize() - 1)).getSubjectX500Principal().getName();
            LOGGER.debug("A valid ({}) certification path (length: {}) was found for the following certificate: '{}' ending on: '{}'", new Object[] { reviewer.isValidCertPath(), reviewer.getCertPathSize(), x509AuthToken.getClientX509Certificate().getSubjectX500Principal().getName(), certPathEnd });
        }
        return true;
    } catch (GeneralSecurityException ex) {
        LOGGER.trace("Unable to do credentials matching", ex);
        return false;
    } catch (CertPathReviewerException ex) {
        LOGGER.trace("Unable to do credentials matching", ex);
        return false;
    }
}
Example 47
Project: Resteasy-master  File: GrantTest.java View source code
@Test
public void testPem() throws Exception {
    System.out.println("*******************");
    if (Security.getProvider("BC") == null)
        Security.addProvider(new BouncyCastleProvider());
    KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
    StringWriter writer = new StringWriter();
    PEMWriter pemWriter = new PEMWriter(writer);
    pemWriter.writeObject(keyPair.getPublic());
    pemWriter.flush();
    String s = writer.toString();
    System.out.println(s);
    s = PemUtils.removeBeginEnd(s);
    PublicKey pk = PemUtils.decodePublicKey(s);
    Assert.assertEquals(pk, keyPair.getPublic());
}
Example 48
Project: sandboxes-master  File: LoadPublicKeyFromKnownHosts_Test.java View source code
private void doStuff(String lineFromKnownHosts) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
    OpenSSHKnownHosts.HostEntry hostEntry = OpenSSHKnownHosts.EntryFactory.parseEntry(lineFromKnownHosts);
    KeyFactory dsa = KeyFactory.getInstance("DSA", new BouncyCastleProvider());
    KeySpec spec = new DSAPublicKeySpec(y, p, q, g);
    PublicKey publicKey = dsa.generatePublic(spec);
    System.out.println(hostEntry.getLine());
    assertThat(hostEntry.verify(publicKey), is(true));
    assertThat(hostEntry.appliesTo(KeyType.DSA, "[localhost]:2022"), is(true));
}
Example 49
Project: sikker-digital-post-klient-java-master  File: CreateCMSDocument.java View source code
public CMSDocument createCMS(byte[] bytes, Sertifikat sertifikat) {
    try {
        JceKeyTransRecipientInfoGenerator recipientInfoGenerator = new JceKeyTransRecipientInfoGenerator(sertifikat.getX509Certificate(), keyEncryptionScheme).setProvider(BouncyCastleProvider.PROVIDER_NAME);
        CMSEnvelopedDataGenerator envelopedDataGenerator = new CMSEnvelopedDataGenerator();
        envelopedDataGenerator.addRecipientInfoGenerator(recipientInfoGenerator);
        OutputEncryptor contentEncryptor = new JceCMSContentEncryptorBuilder(cmsEncryptionAlgorithm).build();
        CMSEnvelopedData cmsData = envelopedDataGenerator.generate(new CMSProcessableByteArray(bytes), contentEncryptor);
        return new CMSDocument(cmsData.getEncoded());
    } catch (CertificateEncodingException e) {
        throw new KonfigurasjonException("Feil med mottakers sertifikat", e);
    } catch (CMSException e) {
        throw new KonfigurasjonException("Kunne ikke generere Cryptographic Message Syntax for dokumentpakke", e);
    } catch (IOException e) {
        throw new RuntimeIOException(e);
    }
}
Example 50
Project: steamchat-master  File: RSA.java View source code
private void init(BigInteger mod, BigInteger exp, boolean oaep) {
    try {
        final RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(mod, exp);
        final KeyFactory factory = KeyFactory.getInstance("RSA");
        RSAkey = (RSAPublicKey) factory.generatePublic(publicKeySpec);
        Security.addProvider(new BouncyCastleProvider());
        if (oaep) {
            cipher = Cipher.getInstance("RSA/None/OAEPWithSHA1AndMGF1Padding", "BC");
        } else {
            cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
        }
        cipher.init(Cipher.ENCRYPT_MODE, RSAkey);
    } catch (final NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (final NoSuchPaddingException e) {
        e.printStackTrace();
    } catch (final InvalidKeyException e) {
        e.printStackTrace();
    } catch (final InvalidKeySpecException e) {
        e.printStackTrace();
    } catch (final NoSuchProviderException e) {
        e.printStackTrace();
    }
}
Example 51
Project: stickypunch-master  File: PackageZipSigner.java View source code
@Override
public byte[] sign(byte[] data) throws Exception {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    KeyStore inStore = KeyStore.getInstance("PKCS12");
    inStore.load(new FileInputStream(packageZipConfiguration.pushPackageSignerCertPath), packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
    Key key = inStore.getKey(packageZipConfiguration.pushPackageSignerCertName, packageZipConfiguration.pushPackageSignerCertPassword.toCharArray());
    PrivateKey privateKey = RSAPrivateKeyImpl.parseKey(new DerValue(key.getEncoded()));
    Certificate certificate = inStore.getCertificate(packageZipConfiguration.pushPackageSignerCertName);
    X509CertificateHolder certificateHolder = new X509CertificateHolder(certificate.getEncoded());
    List certList = new ArrayList();
    //Data to sign
    CMSTypedData msg = new CMSProcessableByteArray(data);
    //Adding the X509 Certificate
    certList.add(certificateHolder);
    Store certs = new JcaCertStore(certList);
    CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
    //Initializing the the BC's Signer
    ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privateKey);
    gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(sha1Signer, certificateHolder));
    //adding the certificate
    gen.addCertificates(certs);
    //Getting the signed data
    CMSSignedData sigData = gen.generate(msg, false);
    return sigData.getEncoded();
}
Example 52
Project: webpasswordsafe-master  File: JasyptBCAESEncryptionTest.java View source code
@Test
public void testEncrypt() {
    StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
    encryptor.setProvider(new BouncyCastleProvider());
    encryptor.setAlgorithm("PBEWITHSHA256AND256BITAES-CBC-BC");
    encryptor.setPassword("w3bp@$$w0rd$@f3k3y");
    encryptor.setKeyObtentionIterations(1000);
    String clearText = "1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890";
    System.out.println("clearText.length=" + clearText.length());
    System.out.println("clearText=" + clearText);
    String encryptedText1 = encryptor.encrypt(clearText);
    System.out.println("encryptedText1.length=" + encryptedText1.length());
    System.out.println("encryptedText1=" + encryptedText1);
    assertEquals(encryptedText1.length(), 172);
    String decryptedText1 = encryptor.decrypt(encryptedText1);
    assertEquals(decryptedText1, clearText);
    String encryptedText2 = encryptor.encrypt(clearText);
    System.out.println("encryptedText2.length=" + encryptedText2.length());
    System.out.println("encryptedText2=" + encryptedText2);
    assertEquals(encryptedText2.length(), 172);
    String decryptedText2 = encryptor.decrypt(encryptedText2);
    assertEquals(decryptedText2, clearText);
    String clearText2 = "1234567890123456";
    System.out.println("clearText2.length=" + clearText2.length());
    System.out.println("clearText2=" + clearText2);
    String encryptedText3 = encryptor.encrypt(clearText2);
    System.out.println("encryptedText3.length=" + encryptedText3.length());
    System.out.println("encryptedText3=" + encryptedText3);
}
Example 53
Project: moxie-master  File: MakeCertificate.java View source code
public static void generateSelfSignedCertificate(String hostname, File keystore, String keystorePassword) {
    try {
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
        kpGen.initialize(1024, new SecureRandom());
        KeyPair pair = kpGen.generateKeyPair();
        // Generate self-signed certificate
        X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
        builder.addRDN(BCStyle.OU, Constants.getName());
        builder.addRDN(BCStyle.O, Constants.getName());
        builder.addRDN(BCStyle.CN, hostname);
        Date notBefore = new Date(System.currentTimeMillis() - ONEDAY);
        Date notAfter = new Date(System.currentTimeMillis() + 10 * ONEYEAR);
        BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), serial, notBefore, notAfter, builder.build(), pair.getPublic());
        ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(pair.getPrivate());
        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
        cert.checkValidity(new Date());
        cert.verify(cert.getPublicKey());
        // Save to keystore
        KeyStore store = KeyStore.getInstance("JKS");
        if (keystore.exists()) {
            FileInputStream fis = new FileInputStream(keystore);
            store.load(fis, keystorePassword.toCharArray());
            fis.close();
        } else {
            store.load(null);
        }
        store.setKeyEntry(hostname, pair.getPrivate(), keystorePassword.toCharArray(), new java.security.cert.Certificate[] { cert });
        FileOutputStream fos = new FileOutputStream(keystore);
        store.store(fos, keystorePassword.toCharArray());
        fos.close();
    } catch (Throwable t) {
        t.printStackTrace();
        throw new RuntimeException("Failed to generate self-signed certificate!", t);
    }
}
Example 54
Project: alien4cloud-master  File: SSHUtil.java View source code
private static KeyPair loadKeyPair(String pemFile) {
    try {
        Security.addProvider(new BouncyCastleProvider());
        PEMParser pemParser = new PEMParser(new FileReader(pemFile));
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
        Object object = pemParser.readObject();
        return converter.getKeyPair((PEMKeyPair) object);
    } catch (Exception e) {
        log.error("Could not load key pair", e);
        throw new RuntimeException("Could not load key pair", e);
    }
}
Example 55
Project: android-privacy-guard-master  File: AskForSecretKeyPassPhrase.java View source code
public void onClick(DialogInterface dialog, int id) {
    activity.removeDialog(Id.dialog.pass_phrase);
    String passPhrase = "" + input.getText();
    long keyId;
    if (secretKey != null) {
        try {
            PGPPrivateKey testKey = secretKey.extractPrivateKey(passPhrase.toCharArray(), new BouncyCastleProvider());
        } catch (PGPException e) {
            Toast.makeText(activity, R.string.wrongPassPhrase, Toast.LENGTH_SHORT).show();
            return;
        }
        keyId = secretKey.getKeyID();
    } else {
        keyId = Id.key.symmetric;
    }
    cb.passPhraseCallback(keyId, passPhrase);
}
Example 56
Project: cagrid2-master  File: CreateHostCertificate.java View source code
public static void main(String[] args) {
    try {
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        String cert = org.cagrid.core.commandline.IOUtils.readLine("Please enter the location of the CA's certificate", true);
        String key = org.cagrid.core.commandline.IOUtils.readLine("Please enter the location of the CA's private key", true);
        String cn = org.cagrid.core.commandline.IOUtils.readLine("Please enter the hostname of the host you are requesting a certificate for", true);
        String syears = org.cagrid.core.commandline.IOUtils.readLine("Please enter the number of years the host certificate will be valid for", true);
        int years = Integer.valueOf(syears);
        PrivateKey cakey = KeyUtil.loadPrivateKey(new File(key), null);
        X509Certificate cacert = CertUtil.loadCertificate("BC", new File(cert));
        KeyPair pair = KeyUtil.generateRSAKeyPair1024("BC");
        String rootSub = cacert.getSubjectDN().toString();
        int index = rootSub.lastIndexOf(",");
        String subject = rootSub.substring(0, index) + ",CN=" + cn;
        GregorianCalendar date = new GregorianCalendar(TimeZone.getTimeZone("GMT"));
        Date start = new Date(date.getTimeInMillis());
        Date end = null;
        date.add(Calendar.YEAR, years);
        Date d = new Date(date.getTimeInMillis());
        if (cacert.getNotAfter().before(d)) {
            throw new GeneralSecurityException("Cannot create a certificate that expires after issuing certificate.");
        }
        end = d;
        X509Certificate userCert = CertUtil.generateCertificate("BC", new X509Name(subject), start, end, pair.getPublic(), cacert, cakey, CertUtil.SHA2_SIGNATURE_ALGORITHM, null);
        System.out.println("Successfully created the host certificate:");
        System.out.println(userCert.getSubjectDN().toString());
        System.out.println("Host certificate issued by:");
        System.out.println(cacert.getSubjectDN().toString());
        System.out.println("Host certificate valid till:");
        System.out.println(userCert.getNotAfter());
        String certOut = org.cagrid.core.commandline.IOUtils.readLine("Please enter a location/filename to write the certificate to", true);
        String keyOut = org.cagrid.core.commandline.IOUtils.readLine("Please enter a location/filename to write the private key to", true);
        KeyUtil.writePrivateKey(pair.getPrivate(), new File(keyOut));
        CertUtil.writeCertificate(userCert, new File(certOut));
        System.out.println("Host private key written to:");
        System.out.println(keyOut);
        System.out.println("Host certificate written to:");
        System.out.println(certOut);
    } catch (Exception e) {
        e.printStackTrace();
        System.exit(1);
    }
}
Example 57
Project: ccnx-master  File: KeyLocatorTest.java View source code
@BeforeClass
public static void setUpBeforeClass() throws Exception {
    try {
        name = new ContentName(baseName, subName2, document2);
        Security.addProvider(new BouncyCastleProvider());
        // generate key pair
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        // go for fast
        kpg.initialize(512);
        pair = kpg.generateKeyPair();
        MinimalCertificateGenerator mg = new MinimalCertificateGenerator(endDN, pair.getPublic(), new X500Principal(rootDN), MinimalCertificateGenerator.MSEC_IN_YEAR, false, null, false);
        cert = mg.sign(null, pair.getPrivate());
        pubID = new PublisherID(pair.getPublic(), false);
    } catch (Exception ex) {
        XMLEncodableTester.handleException(ex);
        System.out.println("Unable To Initialize Test!!!");
    }
}
Example 58
Project: CloudStack-archive-master  File: RSAHelper.java View source code
private static RSAPublicKey readKey(String key) throws Exception {
    byte[] encKey = Base64.decodeBase64(key.split(" ")[1]);
    DataInputStream dis = new DataInputStream(new ByteArrayInputStream(encKey));
    byte[] header = readElement(dis);
    String pubKeyFormat = new String(header);
    if (!pubKeyFormat.equals("ssh-rsa"))
        throw new RuntimeException("Unsupported format");
    byte[] publicExponent = readElement(dis);
    byte[] modulus = readElement(dis);
    KeySpec spec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(publicExponent));
    KeyFactory keyFactory = KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
    RSAPublicKey pubKey = (RSAPublicKey) keyFactory.generatePublic(spec);
    return pubKey;
}
Example 59
Project: cloudstack-master  File: RSAHelper.java View source code
private static RSAPublicKey readKey(String key) throws Exception {
    byte[] encKey = Base64.decodeBase64(key.split(" ")[1]);
    DataInputStream dis = new DataInputStream(new ByteArrayInputStream(encKey));
    byte[] header = readElement(dis);
    String pubKeyFormat = new String(header);
    if (!pubKeyFormat.equals("ssh-rsa"))
        throw new RuntimeException("Unsupported format");
    byte[] publicExponent = readElement(dis);
    byte[] modulus = readElement(dis);
    KeySpec spec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(publicExponent));
    KeyFactory keyFactory = KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
    RSAPublicKey pubKey = (RSAPublicKey) keyFactory.generatePublic(spec);
    return pubKey;
}
Example 60
Project: cosigner-master  File: Aes.java View source code
/**
   * Generate a key from a password and salt.
   */
public static byte[] generateKey(String password, byte[] salt) {
    try {
        PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, 50, 256);
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithSHA256And256BitAES-CBC-BC", new BouncyCastleProvider());
        SecretKeySpec secretKey = new SecretKeySpec(keyFactory.generateSecret(pbeKeySpec).getEncoded(), "AES");
        return secretKey.getEncoded();
    } catch (InvalidKeySpecExceptionNoSuchAlgorithmException |  e) {
        LOGGER.error(null, e);
        return new byte[0];
    }
}
Example 61
Project: digipost-api-client-java-master  File: FallbackTilPrintEksempel.java View source code
public static void main(final String[] args) {
    // 1. For å kunne kryptere brevet som skal sendes trenger vi
    // BouncyCastle
    Security.addProvider(new BouncyCastleProvider());
    // 2. Vi leser inn sertifikatet du har knyttet til din Digipost-konto (i
    // .p12-formatet)
    InputStream sertifikatInputStream = lesInnSertifikat();
    // 3. Vi oppretter en DigipostClient
    DigipostClient client = new DigipostClient(newBuilder().build(), "https://api.digipost.no", AVSENDERS_KONTOID, sertifikatInputStream, SERTIFIKAT_PASSORD);
    // 4. Vi oppretter et fødselsnummerobjekt som skal brukes til å
    // identifisere mottaker i Digipost
    PersonalIdentificationNumber pin = new PersonalIdentificationNumber("26079833787");
    // 5. Vi oppretter en forsendelse for sending av brevet i Digipost og med adresseinformasjon som vil
    // benyttes dersom mottaker ikke er Digipostbruker
    Document primaryDocument = new Document(UUID.randomUUID().toString(), "Dokumentets emne", PDF, null, new SmsNotification(), null, PASSWORD, NORMAL);
    PrintDetails printDetails = new PrintDetails(new PrintRecipient("Mottakers navn", new NorwegianAddress("postnummer", "Mottakers poststed")), new PrintRecipient("Avsenders navn", new NorwegianAddress("postnummer", "Avsenders poststed")), B, MONOCHROME, RETURN_TO_SENDER);
    String dinForsendelseId = UUID.randomUUID().toString();
    Message message = newMessage(dinForsendelseId, primaryDocument).recipient(new MessageRecipient(pin, printDetails)).build();
    // 7. Foreløpig støtter Digipost kun å sende krypterte brev til print. Kaller du på
    // encrypt() så vil klientbiblioteket krypterer filen for
    // deg før den oversendes Digipost.
    primaryDocument.encrypt();
    // 8. Vi oppretter forsendelsen, legger til innhold og alternativt
    // innhold for print, og til slutt sender forsendelsen. Alt håndteres
    // av klientbiblioteket.
    client.createMessage(message).addContent(primaryDocument, getMessageContent(), getPrintContent()).send();
}
Example 62
Project: dss-master  File: CRLGenerator.java View source code
public X509CRL generateCRL(X509Certificate certToRevoke, MockPrivateKeyEntry issuerEntry, Date dateOfRevoke, int reason) throws Exception {
    Date now = new Date();
    X500Name x500nameIssuer = new JcaX509CertificateHolder(issuerEntry.getCertificate().getCertificate()).getSubject();
    X509v2CRLBuilder crlGen = new X509v2CRLBuilder(x500nameIssuer, now);
    crlGen.setNextUpdate(new Date(now.getTime() + (60 * 60 * 1000)));
    crlGen.addCRLEntry(certToRevoke.getSerialNumber(), dateOfRevoke, reason);
    JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
    crlGen.addExtension(Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(issuerEntry.getCertificate().getPublicKey()));
    X509CRLHolder crlHolder = crlGen.build(new JcaContentSignerBuilder(issuerEntry.getCertificate().getCertificate().getSigAlgName()).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(issuerEntry.getPrivateKey()));
    JcaX509CRLConverter converter = new JcaX509CRLConverter();
    return converter.getCRL(crlHolder);
}
Example 63
Project: frostwire-common-master  File: SESecurityManagerBC.java View source code
protected static void initialise() {
    try {
        Security.addProvider(new org.minicastle.jce.provider.BouncyCastleProvider());
        KeyFactory kf = KeyFactory.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
        if (Constants.IS_CVS_VERSION) {
            String where = "";
            try {
                where = BouncyCastleProvider.class.getClassLoader().getResource("org/bouncycastle/jce/provider/BouncyCastleProvider.class").toExternalForm();
            } catch (Throwable e) {
                ClassLoader cl = BouncyCastleProvider.class.getClassLoader();
                if (cl == null) {
                    where = "<bootstrap>";
                } else {
                    where = cl.toString();
                }
            }
            if (!where.contains("Azureus2")) {
                Debug.outNoStack("BC Provider '" + BouncyCastleProvider.PROVIDER_NAME + "' initialised successfully (loaded from " + where + ")");
            }
        }
    } catch (Throwable e) {
        Debug.out("BC Provider initialisation failed", e);
    }
}
Example 64
Project: geoserver-master  File: GeoserverWicketEncrypterFactory.java View source code
protected ICrypt getEncrypterFromSession(HttpSession s) {
    ICrypt result = (ICrypt) s.getAttribute(ICRYPT_ATTR_NAME);
    if (result != null)
        return result;
    GeoServerSecurityManager manager = GeoServerApplication.get().getSecurityManager();
    char[] key = manager.getRandomPassworddProvider().getRandomPasswordWithDefaultLength();
    StandardPBEByteEncryptor enc = new StandardPBEByteEncryptor();
    enc.setPasswordCharArray(key);
    // since the password is copied, we can scramble it
    manager.disposePassword(key);
    if (manager.isStrongEncryptionAvailable()) {
        enc.setProvider(new BouncyCastleProvider());
        enc.setAlgorithm("PBEWITHSHA256AND128BITAES-CBC-BC");
    } else
        // US export restrictions
        enc.setAlgorithm("PBEWITHMD5ANDDES");
    result = new CryptImpl(enc);
    s.setAttribute(ICRYPT_ATTR_NAME, result);
    return result;
}
Example 65
Project: GNDMS-master  File: PemReaderTest.java View source code
public static void main(String[] args) throws Exception {
    if (args.length != 2) {
        System.err.println("usage: PemReaderTest <pem-location> <pk-pass-phase>");
        System.exit(1);
    }
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    CertStuffHolder certStuff = readKeyPair(new File(args[0]), args[1].toCharArray());
    System.out.println(certStuff.getKeyPair());
    // System.out.println( keyPair.getPrivate() );
    System.exit(0);
}
Example 66
Project: Hive2Hive-master  File: SerializerTest.java View source code
@Test
public void testKeyPair() throws IOException, ClassNotFoundException {
    // install the provider anyway because probably key pairs need to be generated
    if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
        Security.addProvider(new BouncyCastleProvider());
    }
    KeyPair keyPair = generateRSAKeyPair(RSA_KEYLENGTH.BIT_512);
    byte[] encoded = serializer.serialize(keyPair);
    KeyPair decoded = (KeyPair) serializer.deserialize(encoded);
    assertEquals(keyPair.getPrivate(), decoded.getPrivate());
    assertEquals(keyPair.getPublic(), decoded.getPublic());
}
Example 67
Project: hudson_plugins-master  File: EC2PrivateKey.java View source code
/**
     * Obtains the fingerprint of the key in the "ab:cd:ef:...:12" format.
     */
public String getFingerprint() throws IOException {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    Reader r = new BufferedReader(new StringReader(privateKey.toString()));
    PEMReader pem = new PEMReader(r);
    KeyPair pair = (KeyPair) pem.readObject();
    if (pair == null)
        return null;
    PrivateKey key = pair.getPrivate();
    return digest(key);
}
Example 68
Project: Izou-master  File: SecurityFunctions.java View source code
/**
     * Applies an AES decryption on the byte array {@code cipherBytes} with they given key. The key has to be the same
     * key used during encryption, else null is returned
     *
     * @param cipherBytes the byte array to decrypt
     * @param key the key to use during the decryption
     * @return the decrypted string if everything was successful, else null
     */
public String decryptAES(byte[] cipherBytes, SecretKey key) {
    String plainText = null;
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    try {
        Cipher cipher = Cipher.getInstance("AES", "BC");
        cipher.init(Cipher.DECRYPT_MODE, key);
        byte[] bytePlainText = cipher.doFinal(cipherBytes);
        plainText = new String(bytePlainText, "UTF-8");
    } catch (IllegalBlockSizeExceptionInvalidKeyException | NoSuchAlgorithmException | BadPaddingException | NoSuchPaddingException | UnsupportedEncodingException | NoSuchProviderException |  e) {
        logger.error("Unable to apply AES decryption", e);
    }
    return plainText;
}
Example 69
Project: java-csp-master  File: TestSignature.java View source code
@BeforeClass
public static void setUpBeforeClass() throws Exception {
    //		new NativeLibraryLoader().loadLibraries();
    LoadNative.loadProvider();
    if (Security.getProvider(CSP_PROVIDER) == null)
        Security.addProvider(new CSPProvider());
    if (Security.getProperty(BC_PROVIDER) == null)
        Security.addProvider(new BouncyCastleProvider());
}
Example 70
Project: jrs-rest-java-client-master  File: EncryptionUtils.java View source code
private static String getEncryptedPassword(PublicKey publicKey, String pwd) throws Exception {
    byte[] encryptedUtfPass;
    Cipher enc = Cipher.getInstance("RSA/NONE/NoPadding", new BouncyCastleProvider());
    enc.init(Cipher.ENCRYPT_MODE, publicKey);
    String utfPass = URLEncoder.encode(pwd, CharEncoding.UTF_8);
    encryptedUtfPass = enc.doFinal(utfPass.getBytes());
    return byteArrayToHexString(encryptedUtfPass);
}
Example 71
Project: jsign-master  File: PrivateKeyUtils.java View source code
private static PrivateKey readPrivateKeyPEM(File file, String password) throws IOException, GeneralSecurityException, OperatorCreationException, PKCSException {
    try (FileReader reader = new FileReader(file)) {
        PEMParser parser = new PEMParser(reader);
        Object object = parser.readObject();
        if (object == null) {
            throw new IllegalArgumentException("No key found in " + file);
        }
        BouncyCastleProvider provider = new BouncyCastleProvider();
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(provider);
        if (object instanceof PEMEncryptedKeyPair) {
            // PKCS1 encrypted key
            PEMDecryptorProvider decryptionProvider = new JcePEMDecryptorProviderBuilder().setProvider(provider).build(password.toCharArray());
            PEMKeyPair keypair = ((PEMEncryptedKeyPair) object).decryptKeyPair(decryptionProvider);
            return converter.getPrivateKey(keypair.getPrivateKeyInfo());
        } else if (object instanceof PKCS8EncryptedPrivateKeyInfo) {
            // PKCS8 encrypted key
            InputDecryptorProvider decryptionProvider = new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(provider).build(password.toCharArray());
            PrivateKeyInfo info = ((PKCS8EncryptedPrivateKeyInfo) object).decryptPrivateKeyInfo(decryptionProvider);
            return converter.getPrivateKey(info);
        } else if (object instanceof PEMKeyPair) {
            // PKCS1 unencrypted key
            return converter.getKeyPair((PEMKeyPair) object).getPrivate();
        } else if (object instanceof PrivateKeyInfo) {
            // PKCS8 unencrypted key
            return converter.getPrivateKey((PrivateKeyInfo) object);
        } else {
            throw new UnsupportedOperationException("Unsupported PEM object: " + object.getClass().getSimpleName());
        }
    }
}
Example 72
Project: launchkey-java-master  File: ApacheHttpTransportTestBase.java View source code
@Before
public void setUp() throws Exception {
    httpClient = mock(HttpClient.class);
    crypto = mock(Crypto.class);
    publicKeyCache = mock(Cache.class);
    jwtService = mock(JWTService.class);
    jweService = mock(JWEService.class);
    entityKeyMap = mock(EntityKeyMap.class);
    httpResponse = mock(HttpResponse.class);
    when(httpResponse.getFirstHeader("Content-Type")).thenReturn(new BasicHeader("Content-Type", "application/jose"));
    BasicHttpEntity entity = new BasicHttpEntity();
    entity.setContent(new ByteArrayInputStream("Hello World!".getBytes()));
    when(httpResponse.getEntity()).thenReturn(entity);
    when(httpResponse.getStatusLine()).thenReturn(new BasicStatusLine(new ProtocolVersion("HTTP", 1, 1), 200, "OK"));
    when(httpClient.execute(any(HttpUriRequest.class))).thenReturn(httpResponse);
    provider = new BouncyCastleProvider();
    objectMapper = mock(ObjectMapper.class);
    baseUrl = "https://base.url";
    issuer = mock(EntityIdentifier.class);
    audience = "Expected Audience";
    transport = new ApacheHttpTransport(httpClient, crypto, objectMapper, publicKeyCache, baseUrl, issuer, jwtService, jweService, 0, 0, entityKeyMap);
}
Example 73
Project: mqtt-spy-master  File: SecureSocketUtilsTest.java View source code
@Test
public void testLoadingKeyStores() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
    testKeyStore("src/test/resources/keystores/public_brokers.jks");
    testKeyStore("src/test/resources/keystores/public_brokers.jceks");
    testKeyStore("src/test/resources/keystores/public_brokers.p12");
    Security.addProvider(new BouncyCastleProvider());
    testKeyStore("src/test/resources/keystores/public_brokers.bks");
}
Example 74
Project: opencit-master  File: StartHttpServer.java View source code
@Override
public void execute(String[] args) throws Exception {
    configuration = TrustagentConfiguration.loadConfiguration();
    System.setProperty("org.eclipse.jetty.ssl.password", configuration.getTrustagentKeystorePassword());
    System.setProperty("org.eclipse.jetty.ssl.keypassword", configuration.getTrustagentKeystorePassword());
    Security.addProvider(new BouncyCastleProvider());
    server = createServer();
    server.start();
    addShutdownHook();
    server.join();
}
Example 75
Project: picketlink-master  File: RSA1_5.java View source code
/**
     * Encrypts the specified Content Encryption Key (CEK).
     *
     * @param pub The public RSA key. Must not be {@code null}.
     * @param cek The Content Encryption Key (CEK) to encrypt. Must not be {@code null}.
     *
     * @return The encrypted Content Encryption Key (CEK).
     *
     * @throws RuntimeException If encryption failed.
     */
public static byte[] encryptCEK(final RSAPublicKey pub, final SecretKey cek) {
    try {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", new BouncyCastleProvider());
        cipher.init(Cipher.ENCRYPT_MODE, pub);
        return cipher.doFinal(cek.getEncoded());
    } catch (Exception e) {
        throw new RuntimeException("Couldn't encrypt Content Encryption Key (CEK): " + e.getMessage(), e);
    }
}
Example 76
Project: QRCode-APG-master  File: AskForSecretKeyPassPhrase.java View source code
public void onClick(DialogInterface dialog, int id) {
    activity.removeDialog(Id.dialog.pass_phrase);
    String passPhrase = "" + input.getText();
    long keyId;
    if (secretKey != null) {
        try {
            PGPPrivateKey testKey = secretKey.extractPrivateKey(passPhrase.toCharArray(), new BouncyCastleProvider());
            if (testKey == null) {
                Toast.makeText(activity, R.string.error_couldNotExtractPrivateKey, Toast.LENGTH_SHORT).show();
                return;
            }
        } catch (PGPException e) {
            Toast.makeText(activity, R.string.wrongPassPhrase, Toast.LENGTH_SHORT).show();
            return;
        }
        keyId = secretKey.getKeyID();
    } else {
        keyId = Id.key.symmetric;
    }
    cb.passPhraseCallback(keyId, passPhrase);
}
Example 77
Project: shiro-ext-master  File: X509CredentialsPKIXPathMatcher.java View source code
@Override
public boolean doX509CredentialsMatch(X509AuthenticationToken token, X509AuthenticationInfo info) {
    try {
        ExtendedPKIXBuilderParameters params = new ExtendedPKIXBuilderParameters(info.getGrantedTrustAnchors(), token.getX509CertSelector());
        params.addStore(token.getX509CertChainStore());
        params.setRevocationEnabled(false);
        CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
        CertPathBuilderResult result = pathBuilder.build(params);
        if (LOGGER.isDebugEnabled()) {
            PKIXCertPathReviewer reviewer = new PKIXCertPathReviewer(result.getCertPath(), params);
            String certPathEnd = ((X509Certificate) reviewer.getCertPath().getCertificates().get(reviewer.getCertPathSize() - 1)).getSubjectX500Principal().getName();
            LOGGER.debug("A valid ({}) certification path (length: {}) was found for the following certificate: '{}' ending on: '{}'", new Object[] { reviewer.isValidCertPath(), reviewer.getCertPathSize(), token.getX509Certificate().getSubjectX500Principal().getName(), certPathEnd });
        }
        return true;
    } catch (GeneralSecurityException ex) {
        LOGGER.trace("Unable to do credentials matching", ex);
        return false;
    } catch (CertPathReviewerException ex) {
        LOGGER.trace("Unable to do credentials matching", ex);
        return false;
    }
}
Example 78
Project: symmetric-ds-master  File: BouncyCastleSecurityService.java View source code
@Override
public void installDefaultSslCert(String host) {
    synchronized (BouncyCastleSecurityService.class) {
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        try {
            KeyStore keyStore = getKeyStore(getKeyStorePassword());
            KeyStore.ProtectionParameter param = new KeyStore.PasswordProtection(getKeyStorePassword().toCharArray());
            String alias = System.getProperty(SecurityConstants.SYSPROP_KEYSTORE_CERT_ALIAS, SecurityConstants.ALIAS_SYM_PRIVATE_KEY);
            Entry entry = keyStore.getEntry(alias, param);
            if (entry == null) {
                KeyPair pair = generateRSAKeyPair();
                X509Certificate cert = generateV1Certificate(host, pair);
                X509Certificate[] serverChain = new X509Certificate[] { cert };
                keyStore.setEntry(alias, new KeyStore.PrivateKeyEntry(pair.getPrivate(), serverChain), param);
                saveKeyStore(keyStore, getKeyStorePassword());
            }
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
Example 79
Project: Tank-master  File: ProxyWrapper.java View source code
private void initializeProxy() {
    Security.addProvider(new BouncyCastleProvider());
    File certAuthority = new File(workspacePath + "/auto_generated_ca.p12");
    if (!certAuthority.exists()) {
        generateCertificate(certAuthority);
    }
    File tankScript = new File(workspacePath + "/tank-script.xml");
    if (tankScript.exists()) {
        LogPrinter.print("Tank Script found in workspace, deleting", logger);
        boolean deleted = tankScript.delete();
        LogPrinter.print("Tank Script Deleted? " + deleted, logger);
    }
    FixedProxyConfiguration config = new FixedProxyConfiguration(proxyPort, tankScript.getAbsolutePath());
    config.setCertificateAuthorityPath(certAuthority.getAbsolutePath());
    this.config = config;
    proxy = new EmbeddedProxy(config);
}
Example 80
Project: UNH_NDN-master  File: KeyLocatorTest.java View source code
@BeforeClass
public static void setUpBeforeClass() throws Exception {
    try {
        name = ContentName.fromURI(new String[] { baseName, subName2, document2 });
        Security.addProvider(new BouncyCastleProvider());
        // generate key pair
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        // go for fast
        kpg.initialize(512);
        pair = kpg.generateKeyPair();
        MinimalCertificateGenerator mg = new MinimalCertificateGenerator(endDN, pair.getPublic(), new X500Principal(rootDN), MinimalCertificateGenerator.MSEC_IN_YEAR, false, null, false);
        cert = mg.sign(null, pair.getPrivate());
        pubID = new PublisherID(pair.getPublic(), false);
    } catch (Exception ex) {
        XMLEncodableTester.handleException(ex);
        System.out.println("Unable To Initialize Test!!!");
    }
}
Example 81
Project: wss4j-master  File: SKITest.java View source code
@Test
public void testBouncyCastlePKCS12() throws Exception {
    try {
        Security.addProvider(new BouncyCastleProvider());
        // Load the keystore
        Crypto crypto = CryptoFactory.getInstance("alice_bouncycastle.properties");
        assertNotNull(crypto);
    } finally {
        Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
    }
}
Example 82
Project: authentication-master  File: KeyCodec.java View source code
/**
	 * Decode based on X, Y 32 byte integers
	 * 
	 * @param pubKey
	 * @param curveName
	 *            - Example secp256r1
	 * @return
	 * @throws InvalidKeySpecException
	 * @throws NoSuchAlgorithmException
	 * @throws NoSuchProviderException
	 */
public static PublicKey getPubKeyFromCurve(byte[] pubKey, String curveName) throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
    ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(curveName);
    KeyFactory kf = KeyFactory.getInstance("ECDSA", new BouncyCastleProvider());
    ECNamedCurveSpec params = new ECNamedCurveSpec(curveName, spec.getCurve(), spec.getG(), spec.getN());
    ECPoint point = ECPointUtil.decodePoint(params.getCurve(), pubKey);
    ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(point, params);
    ECPublicKey pk = (ECPublicKey) kf.generatePublic(pubKeySpec);
    return pk;
}
Example 83
Project: ivotingverification-master  File: BruteForceActivity.java View source code
@Override
public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    requestWindowFeature(Window.FEATURE_NO_TITLE);
    if (!Util.SpecialModels.contains(Util.getDeviceName())) {
        getWindow().setFlags(WindowManager.LayoutParams.FLAG_SECURE, WindowManager.LayoutParams.FLAG_SECURE);
    }
    Security.removeProvider(ext.org.bouncycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME);
    Security.addProvider(new ext.org.bouncycastle.jce.provider.BouncyCastleProvider());
    setContentView(R.layout.bruteforce_activity);
    countDownTimer = new CustomCountDownTimer(C.closeTimeout, C.closeInterval);
    Intent intent = getIntent();
    qrCode = intent.getStringExtra(Util.QR_CODE);
    webResult = intent.getStringExtra(Util.WEB_RESULT);
    versionNumber = intent.getStringExtra(Util.VERSION_NUMBER);
    list = (ListView) findViewById(R.id.list);
    lblChoice = (TextView) findViewById(R.id.choice_title_label);
    lblChoice.setText(C.lblChoice);
    lblChoice.setTypeface(C.typeFace);
    lblChoice.setTextColor(Util.generateHexColorValue(C.lblForeground));
    lblChoice.setBackgroundColor(Util.generateHexColorValue(C.lblBackground));
    lblShadow = (View) findViewById(R.id.choice_title_label_shadow);
    lblShadow.setBackgroundColor(Util.generateHexColorValue(C.lblShadow));
    lblCloseTimeout = (TextView) findViewById(R.id.close_timeout_label);
    lblCloseTimeout.setTypeface(C.typeFace);
    lblCloseTimeout.setText(C.lblCloseTimeout);
    lblCloseTimeout.setTextColor(Util.generateHexColorValue(C.lblCloseTimeoutForeground));
    int colors[] = new int[3];
    colors[0] = Util.generateHexColorValue(C.lblCloseTimeoutBackgroundStart);
    colors[1] = Util.generateHexColorValue(C.lblCloseTimeoutBackgroundCenter);
    colors[2] = Util.generateHexColorValue(C.lblCloseTimeoutBackgroundEnd);
    GradientDrawable bgCloseTimeoutShape = new GradientDrawable(GradientDrawable.Orientation.TOP_BOTTOM, colors);
    bgCloseTimeoutShape.setCornerRadius(5);
    lblCloseTimeout.setBackgroundDrawable(bgCloseTimeoutShape);
    lblcloseTimeoutShadow = (View) findViewById(R.id.close_timeout_label_shadow);
    GradientDrawable bgCloseTimeoutShadowShape = (GradientDrawable) lblcloseTimeoutShadow.getBackground();
    bgCloseTimeoutShadowShape.setColor(Util.generateHexColorValue(C.lblCloseTimeoutShadow));
    bgCloseTimeoutShadowShape.setCornerRadius(5);
    lblChoice.setVisibility(View.INVISIBLE);
    lblShadow.setVisibility(View.INVISIBLE);
    lblCloseTimeout.setVisibility(View.INVISIBLE);
    lblcloseTimeoutShadow.setVisibility(View.INVISIBLE);
    publicKey = C.publicKey;
    doBruteForce();
}
Example 84
Project: openclouddb-master  File: SecurityUtil.java View source code
/**
	 * 加密
	 * @param privateKey ç§?é’¥
	 * @param srcBytes 明文
	 * @return
	 */
public byte[] encrypt(PrivateKey privateKey, byte[] srcBytes) {
    if (privateKey != null) {
        try {
            //Cipher.getInstance("RSA/ECB/PKCS1Padding");    
            Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
            return cipher.doFinal(srcBytes);
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
    return null;
}
Example 85
Project: pades_signing_2.1.5-master  File: CMSVerifier.java View source code
public static boolean verify(SignerInformation signer, Store certStore) throws CMSException, IOException, NoSuchAlgorithmException, NoSuchProviderException, CertStoreException, OperatorCreationException, CertificateException {
    Collection certCollection = certStore.getMatches(signer.getSID());
    Iterator certIt = certCollection.iterator();
    X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
    Certificate x509Cert = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(cert.getEncoded()));
    JcaSimpleSignerInfoVerifierBuilder sigVerifBuilder = new JcaSimpleSignerInfoVerifierBuilder();
    SignerInformationVerifier signerInfoVerif = sigVerifBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME).build(x509Cert.getPublicKey());
    //the digest verification is included // Verif on public key so that cert verifications are not performed (done in dssl layer)
    boolean rawVerif = signer.verify(signerInfoVerif);
    // If RFC 3852 non-conformity -> CMSException
    log.debug(Channel.TECH, "Raw signature verification results in '%1$s'", rawVerif);
    // TODO : also done in dssl layer. Should this verification be removed from here ?
    boolean signerCertRefVerif = signingCertificateAttributeVerif(signer, x509Cert);
    log.debug(Channel.TECH, "Signer-cert-ref verification results in '%1$s'", signerCertRefVerif);
    return rawVerif && signerCertRefVerif;
}
Example 86
Project: rainbow-master  File: SecurityUtil.java View source code
/**
	 * 加密
	 * @param privateKey ç§?é’¥
	 * @param srcBytes 明文
	 * @return
	 */
public byte[] encrypt(PrivateKey privateKey, byte[] srcBytes) {
    if (privateKey != null) {
        try {
            //Cipher.getInstance("RSA/ECB/PKCS1Padding");    
            Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
            return cipher.doFinal(srcBytes);
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
    return null;
}
Example 87
Project: alien-ofelia-conet-ccnx-master  File: KeyLocatorTest.java View source code
@BeforeClass
public static void setUpBeforeClass() throws Exception {
    try {
        name = new ContentName(baseName, subName2, document2);
        Security.addProvider(new BouncyCastleProvider());
        // generate key pair
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        // go for fast
        kpg.initialize(512);
        pair = kpg.generateKeyPair();
        MinimalCertificateGenerator mg = new MinimalCertificateGenerator(endDN, pair.getPublic(), new X500Principal(rootDN), MinimalCertificateGenerator.MSEC_IN_YEAR, false, null, false);
        cert = mg.sign(null, pair.getPrivate());
        pubID = new PublisherID(pair.getPublic(), false);
    } catch (Exception ex) {
        XMLEncodableTester.handleException(ex);
        System.out.println("Unable To Initialize Test!!!");
    }
}
Example 88
Project: appverse-web-master  File: JWSJerseyFilter.java View source code
@Override
public //RequestFilter
void filter(final ClientRequestContext requestContext) throws IOException {
    try {
        /*

			//It doesn't work

			// use ServiceLocatorClientProvider to extract HK2 ServiceLocator from request
			final ServiceLocator locator = ServiceLocatorClientProvider
					.getServiceLocator(requestContext);

			// and ask for MyInjectedService:
			CertService certService = locator.getService(CertService.class);
			*/
        KeyStore keyStore = certService.getKeyStore("certificates/client/client.pfx", "PKCS12", "export");
        String keyPassword = "export";
        Key key = keyStore.getKey("client.restservices.gbs.db.com", keyPassword.toCharArray());
        //Create RSA-signer with the private key
        JWSSigner signer = new RSASSASigner((RSAPrivateKey) key);
        signer.setProvider(new BouncyCastleProvider());
        /*
			// RSA signatures require a public and private RSA key pair,
			// the public key must be made known to the JWS recipient in
			// order to verify the signatures
			 */
        // Prepare JWS object with simple string as payload
        String reqUri = requestContext.getUri().toString();
        if (logger.isDebugEnabled())
            logger.debug("URI:: " + reqUri);
        // buffer into which myBean will be serialized
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        Object object = requestContext.getEntity();
        Payload objectPay = null;
        if (object != null) {
            Class<Object> type = (Class<Object>) requestContext.getEntityClass();
            GenericType<Object> genericType = new GenericType<Object>(type) {
            };
            // get most appropriate MBW
            final MessageBodyWriter<Object> messageBodyWriter = workers.getMessageBodyWriter(type, type, new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE);
            try {
                // use the MBW to serialize myBean into baos
                messageBodyWriter.writeTo(object, object.getClass(), genericType.getType(), new Annotation[] {}, MediaType.APPLICATION_JSON_TYPE, new MultivaluedHashMap<String, Object>(), baos);
            } catch (IOException e) {
                throw new RuntimeException("Error while serializing MyBean.", e);
            }
            String stringJsonOutput = baos.toString();
            if (logger.isDebugEnabled())
                logger.debug("Entity.toString():: " + stringJsonOutput);
            //Same logic is applied in server side
            if (stringJsonOutput != null && stringJsonOutput.length() > JWSAuthenticationProcessingFilter.PAYLOAD_HEADER_MAX_SIZE)
                stringJsonOutput = stringJsonOutput.substring(0, JWSAuthenticationProcessingFilter.PAYLOAD_HEADER_MAX_SIZE);
            objectPay = new Payload(stringJsonOutput);
        } else
            //If request entity is null (usually GET methods) use URI as payload
            objectPay = new Payload(reqUri);
        JWSObject jwsObject = new JWSObject(new JWSHeader(JWSAlgorithm.RS256), objectPay);
        // Compute the RSA signature
        jwsObject.sign(signer);
        String s = jwsObject.serialize();
        if (logger.isDebugEnabled())
            logger.debug("serialized compact form: " + s);
        requestContext.getHeaders().add("Authorization", "Bearer " + s);
    } catch (Exception e) {
        logger.error("Error signing message", e);
        requestContext.abortWith(Response.status(Response.Status.BAD_REQUEST).entity("Error signing message").build());
    }
}
Example 89
Project: Asynchronous-SSHD-master  File: SecurityUtils.java View source code
public void run() throws Exception {
    if (java.security.Security.getProvider(BOUNCY_CASTLE) == null) {
        LOG.info("Trying to register BouncyCastle as a JCE provider");
        java.security.Security.addProvider(new BouncyCastleProvider());
        MessageDigest.getInstance("MD5", BOUNCY_CASTLE);
        KeyAgreement.getInstance("DH", BOUNCY_CASTLE);
        LOG.info("Registration succeeded");
    } else {
        LOG.info("BouncyCastle already registered as a JCE provider");
    }
    securityProvider = BOUNCY_CASTLE;
}
Example 90
Project: BitNomen-master  File: KeyLocatorTest.java View source code
@BeforeClass
public static void setUpBeforeClass() throws Exception {
    try {
        name = ContentName.fromURI(new String[] { baseName, subName2, document2 });
        Security.addProvider(new BouncyCastleProvider());
        // generate key pair
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        // go for fast
        kpg.initialize(512);
        pair = kpg.generateKeyPair();
        MinimalCertificateGenerator mg = new MinimalCertificateGenerator(endDN, pair.getPublic(), new X500Principal(rootDN), MinimalCertificateGenerator.MSEC_IN_YEAR, false, null, false);
        cert = mg.sign(null, pair.getPrivate());
        pubID = new PublisherID(pair.getPublic(), false);
    } catch (Exception ex) {
        XMLEncodableTester.handleException(ex);
        System.out.println("Unable To Initialize Test!!!");
    }
}
Example 91
Project: blynk-server-master  File: ServerLauncher.java View source code
public static void main(String[] args) throws Exception {
    Map<String, String> cmdProperties = ArgumentsParser.parse(args);
    ServerProperties serverProperties = new ServerProperties(cmdProperties);
    LoggerUtil.configureLogging(serverProperties);
    //required for logging dynamic context
    System.setProperty("data.folder", serverProperties.getProperty("data.folder"));
    //required to avoid dependencies within model to server.properties
    System.setProperty("terminal.strings.pool.size", serverProperties.getProperty("terminal.strings.pool.size", "25"));
    System.setProperty("initial.energy", serverProperties.getProperty("initial.energy", "2000"));
    boolean isUnpacked = JarUtil.unpackStaticFiles("static/");
    ServerProperties mailProperties = new MailProperties(cmdProperties);
    ServerProperties smsProperties = new SmsProperties(cmdProperties);
    ServerProperties gcmProperties = new GCMProperties(cmdProperties);
    Security.addProvider(new BouncyCastleProvider());
    boolean restore = Boolean.parseBoolean(cmdProperties.get(ArgumentsParser.RESTORE_OPTION));
    start(serverProperties, mailProperties, smsProperties, gcmProperties, isUnpacked, restore);
}
Example 92
Project: cloud-storage-vault-master  File: Processor.java View source code
public static void main(String[] args) throws Exception {
    Security.insertProviderAt(new org.bouncycastle.jce.provider.BouncyCastleProvider(), 1);
    if (args.length < 5 || args.length > 5 || args[0].equalsIgnoreCase("-h") || args[0].equalsIgnoreCase("--help")) {
        printHelp();
        System.exit(0);
    }
    JobConf conf = new JobConf(Processor.class);
    conf.setJobName("dictionaryattack");
    int[] dict_metadata = getDictionaryMetadata(args[0], conf);
    int MAPPERS = 0;
    try {
        MAPPERS = Integer.parseInt(args[3]);
    } catch (Exception e) {
        System.out.println("ERROR: The number of server nodes given is not a number.");
        System.exit(1);
    }
    int THREADS = 0;
    try {
        THREADS = Integer.parseInt(args[4]);
        if (THREADS > 0) {
            conf.setInt("THREADS", THREADS);
        } else {
            throw new Exception();
        }
        if (dict_metadata[1] >= THREADS) {
            conf.setInt("PASSWORDS_PER_LINE", dict_metadata[1]);
        } else {
            throw new Exception();
        }
    } catch (Exception e) {
        System.out.println("ERROR: The number of threads given is not a valid number. Make sure that the number of threads is greater than or equal to the number of passwords, per line, in the dictionary.\n\n Use the -h or --help option for more information.");
        System.exit(1);
    }
    conf.setOutputKeyClass(Text.class);
    conf.setOutputValueClass(LongWritable.class);
    conf.setMapperClass(CDAMapper.class);
    conf.setInputFormat(NLineInputFormat.class);
    conf.setOutputFormat(TextOutputFormat.class);
    FileInputFormat.setInputPaths(conf, new Path(args[0]));
    FileOutputFormat.setOutputPath(conf, new Path(args[1]));
    conf.setNumReduceTasks(0);
    conf.setNumMapTasks(MAPPERS);
    conf.setCompressMapOutput(true);
    int dict_lines = dict_metadata[0];
    double lines_per_mapper = dict_lines / MAPPERS;
    if (Math.floor(lines_per_mapper) == lines_per_mapper) {
        conf.setInt("mapred.line.input.format.linespermap", dict_lines / MAPPERS);
    } else {
        conf.setInt("mapred.line.input.format.linespermap", (dict_lines / MAPPERS) + 1);
    }
    DistributedCache.addCacheFile(new URI(args[2]), conf);
    JobClient.runJob(conf);
}
Example 93
Project: dasein-cloud-joyent-master  File: SignatureHttpAuth.java View source code
@Override
public void addPreemptiveAuth(@Nonnull HttpRequest request) throws CloudException, InternalException {
    if (provider.getContext() == null) {
        throw new CloudException("No context was defined for this request");
    }
    Date date = Calendar.getInstance(TimeZone.getTimeZone("UTC")).getTime();
    String now = RFC1123_DATE_FORMAT.format(date);
    request.setHeader("Date", now);
    try {
        Security.addProvider(new BouncyCastleProvider());
        Signature signature = Signature.getInstance(SIGN_ALGORITHM);
        List<ContextRequirements.Field> fields = provider.getContextRequirements().getConfigurableValues();
        String keyName = "";
        String privateKey = "";
        char[] keyPassword = null;
        for (ContextRequirements.Field f : fields) {
            if (f.type.equals(ContextRequirements.FieldType.KEYPAIR)) {
                byte[][] keyPair = (byte[][]) provider.getContext().getConfigurationValue(f);
                keyName = new String(keyPair[0], "utf-8");
                privateKey = new String(keyPair[1], "utf-8");
            } else if (f.type.equals(ContextRequirements.FieldType.PASSWORD)) {
                byte[] password = (byte[]) provider.getContext().getConfigurationValue(f);
                if (password != null) {
                    keyPassword = new String(password, "utf-8").toCharArray();
                }
            }
        }
        KeyPair keyPair = getKeyPair(privateKey, keyPassword);
        if (keyPair == null) {
            throw new InternalException("Unable to generate a key-pair from key data.");
        }
        signature.initSign(keyPair.getPrivate());
        String signingString = String.format(AUTH_SIGN, now);
        signature.update(signingString.getBytes("UTF-8"));
        byte[] signedDate = signature.sign();
        byte[] encodedSignedDate = Base64.encode(signedDate);
        request.addHeader("Authorization", String.format(AUTH_HEADER, provider.getContext().getAccountNumber(), keyName, new String(encodedSignedDate)));
    } catch (NoSuchAlgorithmException e) {
        throw new InternalException(e);
    } catch (UnsupportedEncodingException e) {
        throw new InternalException(e);
    } catch (SignatureException e) {
        throw new InternalException(e);
    } catch (InvalidKeyException e) {
        throw new InternalException(e);
    } catch (IOException e) {
        throw new InternalException(e);
    }
}
Example 94
Project: differ-master  File: DifferApplication.java View source code
/**
     * Called by the server to run the application and begin the session
     * FIXME: move same parts to firstApplicationStartup()
     */
@Override
public void applicationInit() {
    //Setup Apache Log4j Configuration
    BasicConfigurator.configure();
    //BouncyCastle Setup
    Security.addProvider(new BouncyCastleProvider());
    //Set to custom differ theme
    setTheme(DIFFER_THEME_NAME);
    LOGGER.trace("Loaded Vaadin theme: " + DIFFER_THEME_NAME);
    //Get Application Context
    WebApplicationContext context = (WebApplicationContext) getContext();
    //Set Context Locale to Browser Locale
    Locale locale = context.getBrowser().getLocale();
    setLocale(locale);
    LOGGER.trace("Session Locale: " + locale.getDisplayName());
    //Add this as a listener to the context transaction event pump
    context.addTransactionListener(this);
    ServletContext servletContext = ((WebApplicationContext) this.getContext()).getHttpSession().getServletContext();
    applicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
    userManager = (UserManager) applicationContext.getBean("userManager");
    imageManager = (ImageManager) applicationContext.getBean("imageManager");
    resultManager = (ResultManager) applicationContext.getBean("resultManager");
    MainDifferWindow mainWindow = new MainDifferWindow();
    mainWindow.setSizeUndefined();
    setMainWindow(mainWindow);
}
Example 95
Project: download-hls-master  File: Crypto.java View source code
private void initCipher() throws CryptoException {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    try {
        SecretKey secretKey = new SecretKeySpec(key, "AES");
        cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
        cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
    } catch (Exception e) {
        throw new CryptoException(e);
    }
}
Example 96
Project: dristhi-master  File: HttpAgent.java View source code
private SocketFactory sslSocketFactoryWithDrishtiCertificate() {
    try {
        Security.addProvider(new BouncyCastleProvider());
        KeyStore trustedKeystore = KeyStore.getInstance("BKS");
        InputStream inputStream = this.getClass().getResourceAsStream("/drishti_client.keystore");
        try {
            trustedKeystore.load(inputStream, "phone red pen".toCharArray());
        } finally {
            inputStream.close();
        }
        SSLSocketFactory socketFactory = new SSLSocketFactory(trustedKeystore);
        final X509HostnameVerifier oldVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
        socketFactory.setHostnameVerifier(oldVerifier);
        return socketFactory;
    } catch (Exception e) {
        throw new AssertionError(e);
    }
}
Example 97
Project: ebics-java-master  File: InitializationRequestElement.java View source code
/**
   * Generates the upload transaction key
   * @return the transaction key
   */
protected byte[] generateTransactionKey() throws EbicsException {
    try {
        Cipher cipher;
        cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", BouncyCastleProvider.PROVIDER_NAME);
        cipher.init(Cipher.ENCRYPT_MODE, session.getBankE002Key());
        return cipher.doFinal(nonce);
    } catch (Exception e) {
        throw new EbicsException(e.getMessage());
    }
}
Example 98
Project: ebics-master  File: InitializationRequestElement.java View source code
/**
   * Generates the upload transaction key
   * @return the transaction key
   */
protected byte[] generateTransactionKey() throws EbicsException {
    try {
        Cipher cipher;
        cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", BouncyCastleProvider.PROVIDER_NAME);
        cipher.init(Cipher.ENCRYPT_MODE, session.getBankE002Key());
        return cipher.doFinal(nonce);
    } catch (Exception e) {
        throw new EbicsException(e.getMessage());
    }
}
Example 99
Project: federation-master  File: ProvidersUtil.java View source code
/**
     * No-op call such that the default system properties are set
     */
public static synchronized void ensure() {
    AccessController.doPrivileged(new PrivilegedAction<Boolean>() {

        public Boolean run() {
            // register Apache Santuario 1.5.x XMLDSig version
            addXMLDSigRI();
            // register BC provider if available (to have additional encryption algorithms, etc.)
            addJceProvider("BC", "org.bouncycastle.jce.provider.BouncyCastleProvider");
            return true;
        }
    });
}
Example 100
Project: fiware-sdc-master  File: RSASignerImpl.java View source code
public String sign(String message, File pemFile) {
    try {
        Security.addProvider(new BouncyCastleProvider());
        PrivateKey privateKey = readKeyPair(pemFile, "".toCharArray()).getPrivate();
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
        byte[] digest = cipher.doFinal(message.getBytes());
        return Base64.encodeBase64String(digest);
    } catch (IOException e) {
        throw new SdcRuntimeException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new SdcRuntimeException(e);
    } catch (InvalidKeyException e) {
        throw new SdcRuntimeException(e);
    } catch (NoSuchPaddingException e) {
        throw new SdcRuntimeException(e);
    } catch (IllegalBlockSizeException e) {
        throw new SdcRuntimeException(e);
    } catch (BadPaddingException e) {
        throw new SdcRuntimeException(e);
    }
}
Example 101
Project: flashback-master  File: AbstractX509CertificateService.java View source code
protected X509Certificate createCertificate(PrivateKey privateKey, X509v3CertificateBuilder x509v3CertificateBuilder) throws OperatorCreationException, CertificateException {
    ContentSigner contentSigner = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(privateKey);
    X509Certificate x509Certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(x509v3CertificateBuilder.build(contentSigner));
    return x509Certificate;
}