aboutsummaryrefslogtreecommitdiff
path: root/spss.test/src/ExportECDSA.java
diff options
context:
space:
mode:
Diffstat (limited to 'spss.test/src/ExportECDSA.java')
-rw-r--r--spss.test/src/ExportECDSA.java249
1 files changed, 249 insertions, 0 deletions
diff --git a/spss.test/src/ExportECDSA.java b/spss.test/src/ExportECDSA.java
new file mode 100644
index 000000000..d47a0841b
--- /dev/null
+++ b/spss.test/src/ExportECDSA.java
@@ -0,0 +1,249 @@
+import iaik.asn1.structures.Name;
+import iaik.pkcs.pkcs11.provider.IAIKPkcs11;
+import iaik.pkcs.pkcs12.CertificateBag;
+import iaik.pkcs.pkcs12.KeyBag;
+import iaik.pkcs.pkcs12.PKCS12;
+import iaik.security.provider.IAIK;
+
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.Security;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.Properties;
+
+/**
+ * @author Administrator
+ *
+ * To change this generated comment edit the template variable "typecomment":
+ * Window>Preferences>Java>Templates.
+ * To enable and disable the creation of type comments go to
+ * Window>Preferences>Java>Code Generation.
+ */
+public class ExportECDSA {
+
+ public static void main(String[] args) throws Exception {
+ iaik.security.provider.IAIK.addAsJDK14Provider();
+ iaik.security.ecc.provider.ECCProvider.addAsProvider();
+
+ PKCS12 input = new PKCS12(new FileInputStream("C:\\eclipse\\workspace\\spss.server\\data\\deploy\\conf\\moa-spss\\keys\\ecc(ego).p12"));
+ input.decrypt("ego".toCharArray());
+ KeyBag newkb = input.getKeyBag();
+ System.out.println("KeyNew:"+newkb.getFriendlyName());
+ System.out.println(newkb.getPrivateKey());
+ CertificateBag newcbs[] = input.getCertificateBags();
+ System.out.println(newcbs.length);
+ System.out.println("CertNew:"+newcbs[0].getFriendlyName());
+ System.out.println(newcbs[0]);
+ System.out.println(newcbs[0].getCertificate().getSerialNumber().toString());
+ System.out.println(((Name)newcbs[0].getCertificate().getSubjectDN()).getRFC2253String());
+ }
+
+ public static void main2(String[] args) throws Exception {
+
+
+
+ /* Export P12 Cert in .Cer File *
+ PKCS12 pkcs12 = new PKCS12(new FileInputStream("resources/ecc(ego).p12"));
+ pkcs12.decrypt("ego".toCharArray());
+ X509Certificate[] ret = CertificateBag.getCertificates(pkcs12.getCertificateBags());
+
+ byte []cert = ret[0].getEncoded();
+ FileOutputStream fos = new FileOutputStream("cert1.cer");
+ fos.write(cert);
+ fos.close();
+ */
+
+ Properties config = new Properties();
+ config.put("PKCS11_NATIVE_MODULE","cryptoki.dll");
+ config.put("SLOT_ID","0");
+
+ IAIK iaik = new IAIK();
+ Security.addProvider(iaik);
+ IAIKPkcs11 pkcs11Provider_ = new IAIKPkcs11(config);
+ Security.addProvider(pkcs11Provider_);
+
+ KeyStore tokenKeyStore = pkcs11Provider_.getTokenManager().getKeyStore();
+ tokenKeyStore.load(null,"0000".toCharArray());
+
+ byte [] keyid = {0x01,0x02,0x03,0x04};
+
+ PrivateKey k = (PrivateKey)tokenKeyStore.getKey("MOAHSMRSAKEY_cert",null);
+ KeyBag kb = new KeyBag(k,"MOAHSMRSAKEY_pri",keyid);
+ System.out.println("Key:"+k);
+
+ java.security.cert.Certificate[] ret = tokenKeyStore.getCertificateChain("MOAHSMRSAKEY_cert");
+
+ System.out.println(ret.getClass().getName());
+
+ CertificateBag cb = new CertificateBag((iaik.x509.X509Certificate)ret[0],"MOAHSMRSAKEY_cert",keyid);
+ CertificateBag chain[] = new CertificateBag[1];
+ chain[0] = cb;
+ System.out.println("Cert:"+cb);
+ FileOutputStream fos = new FileOutputStream("hsm.p12");
+
+ PKCS12 pkcs12 = new PKCS12(kb,chain);
+ System.out.println("Encrypting...");
+ pkcs12.encrypt("moa".toCharArray());
+ System.out.println("Write...");
+ pkcs12.writeTo(fos);
+ fos.close();
+
+
+ PKCS12 input = new PKCS12(new FileInputStream("hsm.p12"));
+ input.decrypt("moa".toCharArray());
+ KeyBag newkb = input.getKeyBag();
+ System.out.println("KeyNew:"+newkb.getFriendlyName());
+ System.out.println(newkb.getPrivateKey());
+ CertificateBag newcbs[] = input.getCertificateBags();
+ System.out.println("CertNew:"+newcbs[0].getFriendlyName());
+ System.out.println(newcbs[0]);
+
+ }
+
+ public static void test(String[] args) throws Exception {
+ iaik.security.provider.IAIK.addAsJDK14Provider();
+ iaik.security.ecc.provider.ECCProvider.addAsProvider();
+
+ Properties config = new Properties();
+ config.put("PKCS11_NATIVE_MODULE","cryptoki.dll");
+ config.put("SLOT_ID","0");
+
+ IAIK iaik = new IAIK();
+ Security.addProvider(iaik);
+ IAIKPkcs11 pkcs11Provider_ = new IAIKPkcs11(config);
+ Security.addProvider(pkcs11Provider_);
+
+ KeyStore tokenKeyStore = pkcs11Provider_.getTokenManager().getKeyStore();
+ tokenKeyStore.load(null,"0000".toCharArray());
+
+ FileInputStream inputStream = new FileInputStream("MOA.Serversignatur.TestECDSA.der");
+ CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", "IAIK");
+ Collection certificateCollection = certificateFactory.generateCertificates(inputStream);
+ X509Certificate[] certificateChain =
+ (X509Certificate[]) certificateCollection.toArray(new X509Certificate[certificateCollection.size()]);
+
+ System.out.println("Number of Cert:"+certificateCollection.size());
+
+ tokenKeyStore.setCertificateEntry("ECDSA_cert",certificateChain[0]);
+
+ System.out.println("DONE");
+
+ Enumeration enum2 = tokenKeyStore.aliases();
+
+ while (enum2.hasMoreElements()) {
+ String alias = enum2.nextElement().toString();
+
+ if (tokenKeyStore.isKeyEntry(alias)) {
+ System.out.println("________________________________________________________________________________");
+ System.out.println("Key entry with alias: " + alias);
+ Key key = tokenKeyStore.getKey(alias, null);
+ System.out.println(key);
+ java.security.cert.Certificate[] certificateChain2 = tokenKeyStore.getCertificateChain(alias);
+ if (certificateChain2 != null) {
+ System.out.println("Certificate chain of length: " + certificateChain2.length);
+ for (int i = 0; i < certificateChain2.length; i++) {
+ System.out.println("--------------------------------------------------------------------------------");
+ System.out.println(certificateChain2[i]);
+ }
+ } else {
+ System.out.println("Certificate chain is null!");
+ }
+ System.out.println("________________________________________________________________________________");
+ } else if (tokenKeyStore.isCertificateEntry(alias)) {
+ System.out.println("________________________________________________________________________________");
+ System.out.println("Certificate entry with alias: " + alias);
+ java.security.cert.Certificate certificate = tokenKeyStore.getCertificate(alias);
+ System.out.println(certificate);
+ System.out.println("________________________________________________________________________________");
+ } else {
+ System.out.println("________________________________________________________________________________");
+ System.out.println("ERROR! Unknown entry type with alias: " + alias);
+ System.out.println("________________________________________________________________________________");
+ }
+ }
+
+ //tokenKeyStore.setCertificateEntry()
+
+ /*IAIKPKCS11PublicKey key = (IAIKPKCS11PublicKey)tokenKeyStore.getKey("ECDSA_pub",null);
+
+ ECDSAPublicKey pkcs11EcDsaPublicKey = (ECDSAPublicKey)key.getKeyObject();
+
+ ByteArrayAttribute ecdsaParamsAttribute = (ByteArrayAttribute) pkcs11EcDsaPublicKey.getEcdsaParams();
+ ByteArrayAttribute ecPointAttribute = (ByteArrayAttribute) pkcs11EcDsaPublicKey.getEcPoint();
+
+ if (!ecdsaParamsAttribute.isPresent()) {
+ throw new IAIKPkcs11Exception("The PKCS#11 ECDSA key object does not possess a ECDSA parameters attribute.");
+ }
+ if (!ecPointAttribute.isPresent()) {
+ throw new IAIKPkcs11Exception("The PKCS#11 ECDSA key object does not possess a EC point attribute.");
+ }
+
+ byte[] x509encodedPublicKey;
+ try {
+ byte[] encodedParameters = ecdsaParamsAttribute.getByteArrayValue();
+ byte[] encodedPublicKeyValue = ecPointAttribute.getByteArrayValue();
+
+ ECDSAKeyFactory fact = new ECDSAKeyFactory();
+
+ // encoding the algorithm ID with the parameters
+ ObjectID OBJECT_ID_EC_KEY = new ObjectID("1.2.840.10045.2.1");
+ AlgorithmID EC_ALGORITHM_ID = new AlgorithmID(OBJECT_ID_EC_KEY);
+
+
+ ASN1 parametersASN1 = new ASN1(encodedParameters);
+
+ EC_ALGORITHM_ID.setParameter(parametersASN1.toASN1Object());
+
+ // encoding the X.509 subject public key info structure
+ SEQUENCE publicKeyInfo = new SEQUENCE();
+
+ publicKeyInfo.addComponent(EC_ALGORITHM_ID.toASN1Object());
+ publicKeyInfo.addComponent(new BIT_STRING(encodedPublicKeyValue));
+
+ x509encodedPublicKey = DerCoder.encode(publicKeyInfo);
+
+ } catch (CodingException ex) {
+ ex.printStackTrace();
+ throw new InvalidKeySpecException("Error during encoding of ECDSA public key: " + ex.toString());
+ }
+
+ int size = 0;
+
+ X509EncodedKeySpec keySpec = new X509EncodedKeySpec(x509encodedPublicKey);
+ byte [] enc = keySpec.getEncoded();
+ size = enc.length;
+
+ BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream("ecdsakey.key"));
+ bos.write(enc);
+ bos.flush();
+ bos.close();
+
+ byte [] data = new byte[size];
+
+ BufferedInputStream bis = new BufferedInputStream(new FileInputStream("ecdsakey.key"));
+ bis.read(data);
+ bis.close();
+
+
+ ASN1Object asn1 = DerCoder.decode(data);
+ System.out.println("Objectcount:"+asn1.countComponents());
+ ASN1Object asnobject1 = asn1.getComponentAt(0);
+ System.out.println(asnobject1);
+
+ ASN1Object asnobject1_1 = asnobject1.getComponentAt(0);
+ System.out.println(asnobject1_1);
+
+ ASN1Object asnobject1_2 = asnobject1.getComponentAt(1);
+ System.out.println(asnobject1_2);
+
+ ASN1Object asnobject2 = asn1.getComponentAt(1);
+ System.out.println(asnobject2);*/
+
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 11:56:03 +0000