List of usage examples for org.bouncycastle.crypto.digests SHA256Digest reset
public void reset()
From source file:com.github.horrorho.inflatabledonkey.file.KeyBlobCurve25519Unwrap.java
License:Open Source License
public static Optional<byte[]> curve25519Unwrap(byte[] myPublicKey, byte[] myPrivateKey, byte[] otherPublicKey, byte[] wrappedKey) { SHA256Digest sha256 = new SHA256Digest(); byte[] shared = Curve25519.agreement(otherPublicKey, myPrivateKey); logger.debug("-- curve25519Unwrap() - shared agreement: 0x{}", Hex.toHexString(shared)); // Stripped down NIST SP 800-56A KDF. byte[] counter = new byte[] { 0x00, 0x00, 0x00, 0x01 }; byte[] hash = new byte[sha256.getDigestSize()]; sha256.reset(); sha256.update(counter, 0, counter.length); sha256.update(shared, 0, shared.length); sha256.update(otherPublicKey, 0, otherPublicKey.length); sha256.update(myPublicKey, 0, myPublicKey.length); sha256.doFinal(hash, 0);/* w ww . ja v a 2 s . co m*/ logger.debug("-- curve25519Unwrap() - kek: {}", Hex.toHexString(hash)); return RFC3394Wrap.unwrapAES(hash, wrappedKey); }
From source file:com.github.horrorho.inflatabledonkey.pcs.xfile.FileKeyAssistant.java
License:Open Source License
public static Optional<byte[]> curve25519Unwrap(byte[] myPublicKey, byte[] myPrivateKey, byte[] otherPublicKey, byte[] wrappedKey) { SHA256Digest sha256 = new SHA256Digest(); byte[] shared = Curve25519.agreement(otherPublicKey, myPrivateKey); byte[] pad = new byte[] { 0x00, 0x00, 0x00, 0x01 }; byte[] hash = new byte[sha256.getDigestSize()]; sha256.reset(); sha256.update(pad, 0, pad.length);//from ww w.ja v a 2s .c o m sha256.update(shared, 0, shared.length); sha256.update(otherPublicKey, 0, otherPublicKey.length); sha256.update(myPublicKey, 0, myPublicKey.length); sha256.doFinal(hash, 0); return AESWrap.unwrap(hash, wrappedKey); }
From source file:com.github.horrorho.liquiddonkey.cloud.keybag.FileKeyFactory.java
License:Open Source License
ByteString unwrapCurve25519(KeyBag keyBag, int protectionClass, ByteString key, AESWrap aesWrap, SHA256Digest sha256) { if (key.size() != 0x48) { logger.warn("-- unwrapCurve25519() > bad key length: {}", Bytes.hex(key)); return null; }/*from ww w.j a va 2 s.c om*/ byte[] myPrivateKey = keyBag.classKey(protectionClass, "KEY").toByteArray(); if (myPrivateKey == null) { logger.warn("-- unwrapCurve25519() > no KEY key for protection class: {}", protectionClass); return null; } byte[] myPublicKey = keyBag.classKey(protectionClass, "PBKY").toByteArray(); if (myPublicKey == null) { logger.warn("-- unwrapCurve25519() > no PBKY key for protection class: {}", protectionClass); return null; } byte[] otherPublicKey = key.substring(0, 32).toByteArray(); byte[] shared = Curve25519.create().agreement(otherPublicKey, myPrivateKey); byte[] pad = new byte[] { 0x00, 0x00, 0x00, 0x01 }; byte[] hash = new byte[sha256.getDigestSize()]; sha256.reset(); sha256.update(pad, 0, pad.length); sha256.update(shared, 0, shared.length); sha256.update(otherPublicKey, 0, otherPublicKey.length); sha256.update(myPublicKey, 0, myPublicKey.length); sha256.doFinal(hash, 0); try { return ByteString.copyFrom(aesWrap.unwrap(hash, key.substring(0x20, key.size()).toByteArray())); } catch (IllegalStateException | InvalidCipherTextException ex) { logger.warn("-- unwrapCurve25519() > failed to unwrap key: {} protection class: {} exception: {}", Bytes.hex(key), protectionClass, ex); return null; } }
From source file:net.sourceforge.keepassj2me.datasource.HTTPConnectionThread.java
License:Open Source License
/** * Generate key from encryption code by running SHA256 multiple rounds * @param encCode String with code//ww w . j av a2 s . c o m * @return String with encrypted code */ private byte[] passwordKeySHA(String encCode) { byte[] encBytes = encCode.getBytes(); for (int i = 0; i < encBytes.length; i++) encBytes[i] -= '0'; byte[] encKey; SHA256Digest md = new SHA256Digest(); encKey = new byte[md.getDigestSize()]; // #ifdef DEBUG System.out.println("encBytes: " + new String(Hex.encode(encBytes))); // #endif md.update(encBytes, 0, encBytes.length); md.doFinal(encKey, 0); for (int i = 0; i < HTTPConnectionThread.PASSWORD_KEY_SHA_ROUNDS - 1; i++) { md.reset(); md.update(encKey, 0, encKey.length); md.doFinal(encKey, 0); } // #ifdef DEBUG System.out.println("encKey: " + new String(Hex.encode(encKey))); // #endif return encKey; }
From source file:org.pwsafe.lib.crypto.SHA256Pws.java
License:Open Source License
private static byte[] digestNJava(byte[] p, int iter) { SHA256Digest digest = new SHA256Digest(); byte[] output = new byte[digest.getDigestSize()]; byte[] input = new byte[digest.getDigestSize()]; byte[] t;//from www. j a v a 2 s .c o m digest.update(p, 0, p.length); digest.doFinal(output, 0); for (int i = 0; i < iter; ++i) { t = input; input = output; output = t; digest.reset(); digest.update(input, 0, input.length); digest.doFinal(output, 0); } return output; }
From source file:org.satochip.satochipclient.CardConnectorTest.java
License:Apache License
public void testCardParseTransaction(byte keynbr) throws CardConnectorException, ECException { // recover pubkey byte[] pubkey, response; CardDataParser.PubKeyData dataparser = new CardDataParser.PubKeyData(authentikey); if (keynbr == bip32_keynbr) { response = cc.cardBip32GetExtendedKey(default_bip32path); authentikey = dataparser.parseBip32GetExtendedKey(response).authentikey; pubkey = dataparser.pubkey;/*from ww w . j a va 2 s. c om*/ } else { response = cc.cardGetPublicKeyFromPrivate(keynbr); pubkey = dataparser.parseGetPublicKeyFromPrivate(response).pubkey; } // bitcoinj NetworkParameters params; params = RegTestParams.get(); Transaction tx = new Transaction(params); ECKey serverKey = new ECKey(null, pubkey, true); BigInteger nanoCoins = Utils.toNanoCoins(1, 0); TransactionOutput outputToMe = new TransactionOutput(params, tx, nanoCoins, serverKey); // simple tx tx.addOutput(outputToMe); tx.addInput(new TransactionInput(params, tx, outputToMe.getScriptBytes())); int inputIndex = 0; byte[] connectedScript = outputToMe.getScriptBytes(); byte sigHashType = (byte) TransactionSignature.calcSigHashValue(SigHash.ALL, false); byte[] rawtxforhashing = byteArrayForSignature(tx, inputIndex, connectedScript, sigHashType); // unused System.out.println("Raw tx for hashing:" + toHexString(rawtxforhashing)); byte[] rawtxhash = new byte[32]; SHA256Digest sha256 = new SHA256Digest(); sha256.reset(); sha256.update(rawtxforhashing, 0, rawtxforhashing.length); sha256.doFinal(rawtxhash, 0); //System.out.println("Raw tx singlehash:" + toString(rawtxhash)); sha256.reset(); sha256.update(rawtxhash, 0, rawtxhash.length); sha256.doFinal(rawtxhash, 0); //System.out.println("Raw tx doublehash:" + toString(rawtxhash)); Sha256Hash rawtxhash2 = tx.hashForSignature(inputIndex, connectedScript, sigHashType); byte[] txhash_sw = rawtxhash2.getBytes(); System.out.println("Tx hash Bitcoinj: " + toHexString(txhash_sw)); // send to card for parsing //byte[] response= cc.cardParseTransaction(rawtxforhashing); response = cc.cardParseTx(rawtxforhashing); CardDataParser.PubKeyData txparser = new CardDataParser.PubKeyData(authentikey); byte[] txhash_hw = txparser.parseTxHash(response).data; //Arrays.copyOfRange(response, 2, 2+32); System.out.println("Tx hash SatoChip: " + toHexString(txhash_hw)); System.out.println(txparser.toString()); assertArrayEquals(txhash_hw, txhash_sw); // check if 2fa is required boolean need_2fa_chalresp = ((txparser.option_flags & 0x8000) == 0x8000) ? true : false; // if msb is set, a challenge-response 2nd factor authentification is needed byte[] txhmac = null; if (need_2fa_chalresp) { try { System.out.println("Second factor authentication required for challenge response..."); System.out.println("Please insert a configured yubikey!"); MILLISECONDS.sleep(2000); } catch (InterruptedException ex) { } YubikeyConnector yubikey = new YubikeyConnector(false); yubikey.findYubikey(YubikeyConnector.PRODUCT_ID_NEO); yubikey.openYubikey(); yubikey.attachYubikeyInterface(); txhmac = yubikey.challenge_response(txhash_hw, YubikeyConnector.MODE_HMAC, YubikeyConnector.SLOT_2, false, true); yubikey.releaseYubikeyInterface(); yubikey.closeYubikey(); System.out.println("txhmac: " + toHexString(txhmac)); // test with wrong hmac: //txhmac[0]=0; } byte[] txsign = cc.cardSignTransaction(keynbr, txhash_hw, txhmac); System.out.println("txsign: " + toHexString(txsign)); }
From source file:org.toporin.bitcoincore.ECKey.java
License:Apache License
public static byte[] recoverFromSignature(int recID, byte[] msg, byte[] sig, boolean doublehash) throws ECException { //return CardConnector.recoverPublicKeyFromSig(recID, msg, sig, doublehash); byte[] digest = new byte[32]; SHA256Digest sha256 = new SHA256Digest(); sha256.reset(); sha256.update(msg, 0, msg.length);/* w w w . j a v a2 s. c o m*/ sha256.doFinal(digest, 0); if (doublehash) { sha256.reset(); sha256.update(digest, 0, digest.length); sha256.doFinal(digest, 0); } BigInteger bi = new BigInteger(1, digest); ECDSASignature ecdsaSig = new ECDSASignature(sig); ECKey k = ECKey.recoverFromSignature(recID, ecdsaSig, bi, true); if (k != null) return k.getPubKey(); else return null; }