'Re: [dev-crypto] RSAKeyParameters, Certificate and KeyStore'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    Re: [dev-crypto] RSAKeyParameters, Certificate and KeyStore
From:       Franck Farina <franck.farina () gmail ! com>
Date:       2007-05-25 23:27:33
Message-ID: 465770E5.4000509 () gmail ! com
[Download RAW message or body]

Sorry for the flood :( my bad.

I just found out how to the equivalent of RSAUtil.

Still sorry :/

Thanks you for you help !

Karsten Ohme wrote:
> Franck Farina schrieb:
>   
>> Hi,
>>
>> I use RSAKeyParameters because later in my implementation i need to use
>> PSSSigner. And for the initialization of PSSSigner, we need a
>> CipherParameter, that's why i use RSAKeyParameters, and
>> RSAPrivateCrtKeyParameters.
>>     
>
> ... It contains the same
> information and you can transform it into each other.
>
> RSAUtil
>
> But, why not use the Signature class and use initVerify with the public key?
>
> Use something form this algorithms:
>
>         put("Signature.RSASSA-PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$PSSwithRSA");
>         put("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS,
> "org.bouncycastle.jce.provider.JDKPSSSigner$PSSwithRSA");
>         put("Signature.SHA1withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA1withRSA");
>         put("Signature.SHA224withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA224withRSA");
>         put("Signature.SHA256withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA256withRSA");
>         put("Signature.SHA384withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA384withRSA");
>         put("Signature.SHA512withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA512withRSA");
>
> Use the name for the algorithm instance for getInstance() of Signature,
> e.g. "PSSwithRSA" (the name after Signature.)
>
> Karsten
>
>   
>> So, i would like to sign (certificate) this keys, and find a way to
>> store them.
>>
>> That's why i thought about a KeyStore and Certificate. Is there another
>> way to do that ?
>>
>> Karsten Ohme wrote:
>>     
>>> Franck Farina schrieb:
>>>  
>>>       
>>>> Hi,
>>>> I would like to know, if it's possible to generate a certificate for a
>>>> RSAKeyParameters,
>>>>     
>>>>         
>>> Certificate sign keys. So you can sign the RSAPublicKey. See
>>> org.bouncycastle.x509.X509V3CertificateGenerator for generating a
>>> certificate for the key. Why do you need RSAKeyParameters, this is
>>> unusual for storing key material.
>>>
>>>  
>>>       
>>>> and if it's possible to store in a KeyStore this
>>>> RSAKeyParameters ?
>>>>     
>>>>         
>>> No. You might store the public key in the KeyStore, but usually only
>>> SecretKeys and PrivateKeys are stored. But why do you not use
>>> java.security.interfaces.RSAPublicKey, generate a certificate and store
>>> the public key implicit with the certificate? It contains the same
>>> information and you can transform it into each other.
>>>
>>> Regards,
>>> Karsten
>>>
>>>  
>>>       
>>>> I'm using RSAKeyParameters for my public key, and
>>>> RSAPrivateCrtKeyParameters for my private key.
>>>>
>>>>     
>>>>         
>>>   
>>>       
>>     
>
>
>   


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic