[prev in list] [next in list] [prev in thread] [next in thread]
List: bouncycastle-crypto-dev
Subject: Re: [dev-crypto] RSAKeyParameters, Certificate and KeyStore
From: Franck Farina <franck.farina () gmail ! com>
Date: 2007-05-25 23:27:33
Message-ID: 465770E5.4000509 () gmail ! com
[Download RAW message or body]
Sorry for the flood :( my bad.
I just found out how to the equivalent of RSAUtil.
Still sorry :/
Thanks you for you help !
Karsten Ohme wrote:
> Franck Farina schrieb:
>
>> Hi,
>>
>> I use RSAKeyParameters because later in my implementation i need to use
>> PSSSigner. And for the initialization of PSSSigner, we need a
>> CipherParameter, that's why i use RSAKeyParameters, and
>> RSAPrivateCrtKeyParameters.
>>
>
> ... It contains the same
> information and you can transform it into each other.
>
> RSAUtil
>
> But, why not use the Signature class and use initVerify with the public key?
>
> Use something form this algorithms:
>
> put("Signature.RSASSA-PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$PSSwithRSA");
> put("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS,
> "org.bouncycastle.jce.provider.JDKPSSSigner$PSSwithRSA");
> put("Signature.SHA1withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA1withRSA");
> put("Signature.SHA224withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA224withRSA");
> put("Signature.SHA256withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA256withRSA");
> put("Signature.SHA384withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA384withRSA");
> put("Signature.SHA512withRSA/PSS",
> "org.bouncycastle.jce.provider.JDKPSSSigner$SHA512withRSA");
>
> Use the name for the algorithm instance for getInstance() of Signature,
> e.g. "PSSwithRSA" (the name after Signature.)
>
> Karsten
>
>
>> So, i would like to sign (certificate) this keys, and find a way to
>> store them.
>>
>> That's why i thought about a KeyStore and Certificate. Is there another
>> way to do that ?
>>
>> Karsten Ohme wrote:
>>
>>> Franck Farina schrieb:
>>>
>>>
>>>> Hi,
>>>> I would like to know, if it's possible to generate a certificate for a
>>>> RSAKeyParameters,
>>>>
>>>>
>>> Certificate sign keys. So you can sign the RSAPublicKey. See
>>> org.bouncycastle.x509.X509V3CertificateGenerator for generating a
>>> certificate for the key. Why do you need RSAKeyParameters, this is
>>> unusual for storing key material.
>>>
>>>
>>>
>>>> and if it's possible to store in a KeyStore this
>>>> RSAKeyParameters ?
>>>>
>>>>
>>> No. You might store the public key in the KeyStore, but usually only
>>> SecretKeys and PrivateKeys are stored. But why do you not use
>>> java.security.interfaces.RSAPublicKey, generate a certificate and store
>>> the public key implicit with the certificate? It contains the same
>>> information and you can transform it into each other.
>>>
>>> Regards,
>>> Karsten
>>>
>>>
>>>
>>>> I'm using RSAKeyParameters for my public key, and
>>>> RSAPrivateCrtKeyParameters for my private key.
>>>>
>>>>
>>>>
>>>
>>>
>>
>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic