package org.bouncycastle.jcajce.provider.asymmetric.rsa;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
import org.bouncycastle.jcajce.provider.asymmetric.util.ExtendedInvalidKeySpecException;
import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
public class KeyFactorySpi
extends BaseKeyFactorySpi
{
public KeyFactorySpi()
{
}
protected KeySpec engineGetKeySpec(
Key key,
Class spec)
throws InvalidKeySpecException
{
if (spec.isAssignableFrom(RSAPublicKeySpec.class) && key instanceof RSAPublicKey)
{
RSAPublicKey k = (RSAPublicKey)key;
return new RSAPublicKeySpec(k.getModulus(), k.getPublicExponent());
}
else if (spec.isAssignableFrom(RSAPrivateKeySpec.class) && key instanceof java.security.interfaces.RSAPrivateKey)
{
java.security.interfaces.RSAPrivateKey k = (java.security.interfaces.RSAPrivateKey)key;
return new RSAPrivateKeySpec(k.getModulus(), k.getPrivateExponent());
}
else if (spec.isAssignableFrom(RSAPrivateCrtKeySpec.class) && key instanceof RSAPrivateCrtKey)
{
RSAPrivateCrtKey k = (RSAPrivateCrtKey)key;
return new RSAPrivateCrtKeySpec(
k.getModulus(), k.getPublicExponent(),
k.getPrivateExponent(),
k.getPrimeP(), k.getPrimeQ(),
k.getPrimeExponentP(), k.getPrimeExponentQ(),
k.getCrtCoefficient());
}
else if (spec.isAssignableFrom(OpenSSHPublicKeySpec.class) && key instanceof RSAPublicKey)
{
try
{
return new OpenSSHPublicKeySpec(
OpenSSHPublicKeyUtil.encodePublicKey(
new RSAKeyParameters(
false,
((RSAPublicKey)key).getModulus(),
((RSAPublicKey)key).getPublicExponent())
)
);
}
catch (IOException e)
{
throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
}
}
else if (spec.isAssignableFrom(OpenSSHPrivateKeySpec.class) && key instanceof RSAPrivateCrtKey)
{
try
{
return new OpenSSHPrivateKeySpec(OpenSSHPrivateKeyUtil.encodePrivateKey(new RSAPrivateCrtKeyParameters(
((RSAPrivateCrtKey)key).getModulus(),
((RSAPrivateCrtKey)key).getPublicExponent(),
((RSAPrivateCrtKey)key).getPrivateExponent(),
((RSAPrivateCrtKey)key).getPrimeP(),
((RSAPrivateCrtKey)key).getPrimeQ(),
((RSAPrivateCrtKey)key).getPrimeExponentP(),
((RSAPrivateCrtKey)key).getPrimeExponentQ(),
((RSAPrivateCrtKey)key).getCrtCoefficient()
)));
}
catch (IOException e)
{
throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
}
}
return super.engineGetKeySpec(key, spec);
}
protected Key engineTranslateKey(
Key key)
throws InvalidKeyException
{
if (key instanceof RSAPublicKey)
{
return new BCRSAPublicKey((RSAPublicKey)key);
}
else if (key instanceof RSAPrivateCrtKey)
{
return new BCRSAPrivateCrtKey((RSAPrivateCrtKey)key);
}
else if (key instanceof java.security.interfaces.RSAPrivateKey)
{
return new BCRSAPrivateKey((java.security.interfaces.RSAPrivateKey)key);
}
throw new InvalidKeyException("key type unknown");
}
protected PrivateKey engineGeneratePrivate(
KeySpec keySpec)
throws InvalidKeySpecException
{
if (keySpec instanceof PKCS8EncodedKeySpec)
{
try
{
return generatePrivate(PrivateKeyInfo.getInstance(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
}
catch (Exception e)
{
try
{
return new BCRSAPrivateCrtKey(
RSAPrivateKey.getInstance(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
}
catch (Exception ex)
{
throw new ExtendedInvalidKeySpecException("unable to process key spec: " + e.toString(), e);
}
}
}
else if (keySpec instanceof RSAPrivateCrtKeySpec)
{
return new BCRSAPrivateCrtKey((RSAPrivateCrtKeySpec)keySpec);
}
else if (keySpec instanceof RSAPrivateKeySpec)
{
return new BCRSAPrivateKey((RSAPrivateKeySpec)keySpec);
}
else if (keySpec instanceof OpenSSHPrivateKeySpec)
{
CipherParameters parameters = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(((OpenSSHPrivateKeySpec)keySpec).getEncoded());
if (parameters instanceof RSAPrivateCrtKeyParameters)
{
return new BCRSAPrivateCrtKey((RSAPrivateCrtKeyParameters)parameters);
}
throw new InvalidKeySpecException("open SSH public key is not RSA private key");
}
throw new InvalidKeySpecException("unknown KeySpec type: " + keySpec.getClass().getName());
}
protected PublicKey engineGeneratePublic(
KeySpec keySpec)
throws InvalidKeySpecException
{
if (keySpec instanceof RSAPublicKeySpec)
{
return new BCRSAPublicKey((RSAPublicKeySpec)keySpec);
}
else if (keySpec instanceof OpenSSHPublicKeySpec)
{
CipherParameters parameters = OpenSSHPublicKeyUtil.parsePublicKey(((OpenSSHPublicKeySpec)keySpec).getEncoded());
if (parameters instanceof RSAKeyParameters)
{
return new BCRSAPublicKey((RSAKeyParameters)parameters);
}
throw new InvalidKeySpecException("Open SSH public key is not RSA public key");
}
return super.engineGeneratePublic(keySpec);
}
public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
throws IOException
{
ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
if (RSAUtil.isRsaOid(algOid))
{
RSAPrivateKey rsaPrivKey = RSAPrivateKey.getInstance(keyInfo.parsePrivateKey());
if (rsaPrivKey.getCoefficient().intValue() == 0)
{
return new BCRSAPrivateKey(rsaPrivKey);
}
else
{
return new BCRSAPrivateCrtKey(keyInfo);
}
}
else
{
throw new IOException("algorithm identifier " + algOid + " in key not recognised");
}
}
public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
throws IOException
{
ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
if (RSAUtil.isRsaOid(algOid))
{
return new BCRSAPublicKey(keyInfo);
}
else
{
throw new IOException("algorithm identifier " + algOid + " in key not recognised");
}
}
}