Example usage for org.bouncycastle.asn1.pkcs RSASSAPSSparams getTrailerField

List of usage examples for org.bouncycastle.asn1.pkcs RSASSAPSSparams getTrailerField

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.pkcs.*
  5. RSASSAPSSparams
  6. getTrailerField

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.pkcs RSASSAPSSparams getTrailerField.

Prototype

public BigInteger getTrailerField()

Source Link

Usage

From source file:org.xipki.commons.security.pkcs11.P11RSAPkcsPssParams.java

License:Open Source License

public P11RSAPkcsPssParams(final RSASSAPSSparams asn1Params) {
    ASN1ObjectIdentifier asn1Oid = asn1Params.getHashAlgorithm().getAlgorithm();
    HashAlgoType contentHashAlgo = HashAlgoType.getHashAlgoType(asn1Oid);
    if (contentHashAlgo == null) {
        throw new IllegalArgumentException("unsupported hash algorithm " + asn1Oid.getId());
    }/*w  w w.j a  v  a 2 s  . c o m*/

    AlgorithmIdentifier mga = asn1Params.getMaskGenAlgorithm();
    asn1Oid = mga.getAlgorithm();
    if (!PKCSObjectIdentifiers.id_mgf1.equals(asn1Oid)) {
        throw new IllegalArgumentException("unsupported MGF algorithm " + asn1Oid.getId());
    }

    asn1Oid = AlgorithmIdentifier.getInstance(mga.getParameters()).getAlgorithm();
    HashAlgoType mgfHashAlgo = HashAlgoType.getHashAlgoType(asn1Oid);
    if (mgfHashAlgo == null) {
        throw new IllegalArgumentException("unsupported MGF hash algorithm " + asn1Oid.getId());
    }
    this.saltLength = asn1Params.getSaltLength().longValue();
    BigInteger trailerField = asn1Params.getTrailerField();
    if (!RSASSAPSSparams.DEFAULT_TRAILER_FIELD.getValue().equals(trailerField)) {
        throw new IllegalArgumentException("unsupported trailerField " + trailerField);
    }

    switch (contentHashAlgo) {
    case SHA1:
        this.hashAlgorithm = P11Constants.CKM_SHA_1;
        break;
    case SHA224:
        this.hashAlgorithm = P11Constants.CKM_SHA224;
        break;
    case SHA256:
        this.hashAlgorithm = P11Constants.CKM_SHA256;
        break;
    case SHA384:
        this.hashAlgorithm = P11Constants.CKM_SHA384;
        break;
    case SHA512:
        this.hashAlgorithm = P11Constants.CKM_SHA512;
        break;
    case SHA3_224:
        this.hashAlgorithm = P11Constants.CKM_SHA3_224;
        break;
    case SHA3_256:
        this.hashAlgorithm = P11Constants.CKM_SHA3_256;
        break;
    case SHA3_384:
        this.hashAlgorithm = P11Constants.CKM_SHA3_384;
        break;
    case SHA3_512:
        this.hashAlgorithm = P11Constants.CKM_SHA3_512;
        break;
    default:
        throw new RuntimeException("should not reach here");
    }

    switch (mgfHashAlgo) {
    case SHA1:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA1;
        break;
    case SHA224:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA224;
        break;
    case SHA256:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA256;
        break;
    case SHA384:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA384;
        break;
    case SHA512:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA512;
        break;
    case SHA3_224:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA3_224;
        break;
    case SHA3_256:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA3_256;
        break;
    case SHA3_384:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA3_384;
        break;
    case SHA3_512:
        this.maskGenerationFunction = P11Constants.CKG_MGF1_SHA3_512;
        break;
    default:
        throw new RuntimeException("should not reach here");
    }
}

From source file:org.xipki.commons.security.util.SignerUtil.java

License:Open Source License

public static PSSSigner createPSSRSASigner(final AlgorithmIdentifier sigAlgId,
        final AsymmetricBlockCipher cipher) throws XiSecurityException {
    ParamUtil.requireNonNull("sigAlgId", sigAlgId);
    if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
        throw new XiSecurityException("signature algorithm " + sigAlgId.getAlgorithm() + " is not allowed");
    }/*from   ww w .  j  a  v a2 s .co  m*/

    AlgorithmIdentifier digAlgId;
    try {
        digAlgId = AlgorithmUtil.extractDigesetAlgId(sigAlgId);
    } catch (NoSuchAlgorithmException ex) {
        throw new XiSecurityException(ex.getMessage(), ex);
    }

    RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters());

    AlgorithmIdentifier mfgDigAlgId = AlgorithmIdentifier
            .getInstance(param.getMaskGenAlgorithm().getParameters());

    Digest dig = getDigest(digAlgId);
    Digest mfgDig = getDigest(mfgDigAlgId);

    int saltSize = param.getSaltLength().intValue();
    int trailerField = param.getTrailerField().intValue();
    AsymmetricBlockCipher tmpCipher = (cipher == null) ? new RSABlindedEngine() : cipher;

    return new PSSSigner(tmpCipher, dig, mfgDig, saltSize, getTrailer(trailerField));
}

From source file:org.xipki.security.SignerUtil.java

License:Open Source License

static public PSSSigner createPSSRSASigner(final AlgorithmIdentifier sigAlgId, AsymmetricBlockCipher cipher)
        throws OperatorCreationException {
    if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm()) == false) {
        throw new OperatorCreationException(
                "signature algorithm " + sigAlgId.getAlgorithm() + " is not allowed");
    }/*from   ww  w  . ja  va 2  s .co m*/

    BcDigestProvider digestProvider = BcDefaultDigestProvider.INSTANCE;
    AlgorithmIdentifier digAlgId;
    try {
        digAlgId = AlgorithmUtil.extractDigesetAlgorithmIdentifier(sigAlgId);
    } catch (NoSuchAlgorithmException e) {
        throw new OperatorCreationException(e.getMessage(), e);
    }
    Digest dig = digestProvider.get(digAlgId);
    if (cipher == null) {
        cipher = new RSABlindedEngine();
    }

    RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters());

    AlgorithmIdentifier mfgDigAlgId = AlgorithmIdentifier
            .getInstance(param.getMaskGenAlgorithm().getParameters());
    Digest mfgDig = digestProvider.get(mfgDigAlgId);

    int saltSize = param.getSaltLength().intValue();
    int trailerField = param.getTrailerField().intValue();

    return new PSSSigner(cipher, dig, mfgDig, saltSize, getTrailer(trailerField));
}

From source file:org.xwiki.crypto.signer.internal.factory.BcRsaSsaPssSignerFactory.java

License:Open Source License

@Override
public Signer getInstance(boolean forSigning, CipherParameters parameters, byte[] encoded) {
    AlgorithmIdentifier algId = AlgorithmIdentifier.getInstance(encoded);
    ASN1Encodable algParams = algId.getParameters();

    if (DERNull.INSTANCE.equals(algParams)) {
        return getInstance(forSigning, parameters);
    } else {//from w  ww  .  j  av a2s . c  o  m
        RSASSAPSSparams pssParams = RSASSAPSSparams.getInstance(algId.getParameters());

        if (parameters instanceof AsymmetricKeyParameters) {
            return getInstance(forSigning,
                    new PssSignerParameters((AsymmetricKeyParameters) parameters,
                            pssParams.getHashAlgorithm().getAlgorithm().getId(),
                            AlgorithmIdentifier.getInstance(pssParams.getMaskGenAlgorithm().getParameters())
                                    .getAlgorithm().getId(),
                            pssParams.getSaltLength().intValue(), pssParams.getTrailerField().intValue()));
        }
    }

    throw new UnsupportedOperationException(PSS_PARAMS_ERROR + parameters.getClass().getName());
}