List of usage examples for org.bouncycastle.crypto.params DSAPublicKeyParameters DSAPublicKeyParameters
public DSAPublicKeyParameters(BigInteger y, DSAParameters params)
From source file:com.google.nigori.common.DSAVerify.java
License:Apache License
protected DSAVerify(BigInteger publicKey) throws NoSuchAlgorithmException { this.publicKey = publicKey; this.publicParams = new DSAPublicKeyParameters(this.publicKey, NigoriConstants.DSA_PARAMS); this.publicHash = Util.hashKey(getPublicKey()); signer = new DSASigner(); }
From source file:com.licel.jcardsim.crypto.DSAPublicKeyImpl.java
License:Apache License
public CipherParameters getParameters() { if (!isInitialized()) { CryptoException.throwIt(CryptoException.UNINITIALIZED_KEY); }/* w w w. j a v a2s .c o m*/ return new DSAPublicKeyParameters(y.getBigInteger(), ((DSAKeyParameters) super.getParameters()).getParameters()); }
From source file:edu.vt.middleware.crypt.signature.DSASignature.java
License:Open Source License
/** {@inheritDoc} */ public void initVerify() { if (verifyKey == null) { throw new IllegalStateException("Verify key must be set prior to initialization."); }/*from ww w.j av a2s .c o m*/ final DSAPublicKey pubKey = (DSAPublicKey) verifyKey; final DSAParams params = pubKey.getParams(); final DSAPublicKeyParameters bcParams = new DSAPublicKeyParameters(pubKey.getY(), new DSAParameters(params.getP(), params.getQ(), params.getG())); init(false, bcParams); }
From source file:freenet.keys.SSKBlock.java
License:GNU General Public License
/** * Initialize, and verify data, headers against key. Provided * key must have a pubkey, or we throw./*from w w w. j a va2 s.co m*/ */ public SSKBlock(byte[] data, byte[] headers, NodeSSK nodeKey, boolean dontVerify) throws SSKVerifyException { if (headers.length != TOTAL_HEADERS_LENGTH) throw new IllegalArgumentException( "Headers.length=" + headers.length + " should be " + TOTAL_HEADERS_LENGTH); this.data = data; this.headers = headers; this.nodeKey = nodeKey; if (data.length != DATA_LENGTH) throw new SSKVerifyException("Data length wrong: " + data.length + " should be " + DATA_LENGTH); this.pubKey = nodeKey.getPubKey(); if (pubKey == null) throw new SSKVerifyException("PubKey was null from " + nodeKey); // Now verify it hashIdentifier = (short) (((headers[0] & 0xff) << 8) + (headers[1] & 0xff)); if (hashIdentifier != HASH_SHA256) throw new SSKVerifyException("Hash not SHA-256"); int x = 2; symCipherIdentifier = (short) (((headers[x] & 0xff) << 8) + (headers[x + 1] & 0xff)); x += 2; // Then E(H(docname)) byte[] ehDocname = new byte[E_H_DOCNAME_LENGTH]; System.arraycopy(headers, x, ehDocname, 0, ehDocname.length); x += E_H_DOCNAME_LENGTH; headersOffset = x; // is index to start of encrypted headers x += ENCRYPTED_HEADERS_LENGTH; // Extract the signature if (x + SIG_R_LENGTH + SIG_S_LENGTH > headers.length) throw new SSKVerifyException("Headers too short: " + headers.length + " should be at least " + x + SIG_R_LENGTH + SIG_S_LENGTH); // Compute the hash on the data if (!dontVerify || logMINOR) { // force verify on log minor byte[] bufR = new byte[SIG_R_LENGTH]; byte[] bufS = new byte[SIG_S_LENGTH]; System.arraycopy(headers, x, bufR, 0, SIG_R_LENGTH); x += SIG_R_LENGTH; System.arraycopy(headers, x, bufS, 0, SIG_S_LENGTH); x += SIG_S_LENGTH; MessageDigest md = null; byte[] overallHash; try { md = SHA256.getMessageDigest(); md.update(data); byte[] dataHash = md.digest(); // All headers up to and not including the signature md.update(headers, 0, headersOffset + ENCRYPTED_HEADERS_LENGTH); // Then the implicit data hash md.update(dataHash); // Makes the implicit overall hash overallHash = md.digest(); } finally { SHA256.returnMessageDigest(md); } // Now verify it BigInteger r = new BigInteger(1, bufR); BigInteger s = new BigInteger(1, bufS); DSASigner dsa = new DSASigner(); dsa.init(false, new DSAPublicKeyParameters(pubKey.getY(), Global.getDSAgroupBigAParameters())); // We probably don't need to try both here... // but that's what the legacy code was doing... // @see comments in Global before touching it if (!(dsa.verifySignature(Global.truncateHash(overallHash), r, s) || dsa.verifySignature(overallHash, r, s))) { if (dontVerify) Logger.error(this, "DSA verification failed with dontVerify!!!!"); throw new SSKVerifyException("Signature verification failed for node-level SSK"); } } // x isn't verified otherwise so no need to += SIG_R_LENGTH + SIG_S_LENGTH if (!Arrays.equals(ehDocname, nodeKey.encryptedHashedDocname)) throw new SSKVerifyException( "E(H(docname)) wrong - wrong key?? \nfrom headers: " + HexUtil.bytesToHex(ehDocname) + "\nfrom key: " + HexUtil.bytesToHex(nodeKey.encryptedHashedDocname)); hashCode = Fields.hashCode(data) ^ Fields.hashCode(headers) ^ nodeKey.hashCode() ^ pubKey.hashCode() ^ hashIdentifier; }
From source file:net.java.otr4j.crypto.DSAKeyPair.java
License:LGPL
/** * Verify a message using a signature represented as two MPI components: 'r' and 's'. * * @param b the message in bytes// www . j av a 2 s .c om * @param pubKey the DSA public key * @param r the signature component 'r' * @param s the signature component 's' * @throws OtrCryptoException In case of illegal signature. */ public static void verifySignature(final byte[] b, final DSAPublicKey pubKey, final BigInteger r, final BigInteger s) throws OtrCryptoException { requireNonNull(b); assert !allZeroBytes( b) : "Expected non-zero bytes for b. This may indicate that a critical bug is present, or it may be a false warning."; final DSAParams dsaParams = pubKey.getParams(); final BigInteger q = dsaParams.getQ(); final DSAParameters bcDSAParams = new DSAParameters(dsaParams.getP(), q, dsaParams.getG()); final DSAPublicKeyParameters dsaPubParams; try { dsaPubParams = new DSAPublicKeyParameters(pubKey.getY(), bcDSAParams); } catch (final IllegalArgumentException e) { throw new OtrCryptoException("Illegal parameters provided for DSA public key parameters.", e); } // Ian: Note that if you can get the standard DSA implementation you're // using to not hash its input, you should be able to pass it ((256-bit // value) mod q), (rather than truncating the 256-bit value) and all // should be well. // ref: Interop problems with libotr - DSA signature final DSASigner dsaSigner = new DSASigner(); dsaSigner.init(false, dsaPubParams); final BigInteger bmpi = new BigInteger(1, b); if (!dsaSigner.verifySignature(asUnsignedByteArray(bmpi.mod(q)), r, s)) { throw new OtrCryptoException("DSA signature verification failed."); } }
From source file:net.java.otr4j.crypto.OtrCryptoEngineImpl.java
License:Apache License
private Boolean verify(byte[] b, PublicKey pubKey, BigInteger r, BigInteger s) throws OtrCryptoException { if (!(pubKey instanceof DSAPublicKey)) throw new IllegalArgumentException(); DSAParams dsaParams = ((DSAPublicKey) pubKey).getParams(); BigInteger q = dsaParams.getQ(); DSAParameters bcDSAParams = new DSAParameters(dsaParams.getP(), q, dsaParams.getG()); DSAPublicKey dsaPrivateKey = (DSAPublicKey) pubKey; DSAPublicKeyParameters dsaPrivParms = new DSAPublicKeyParameters(dsaPrivateKey.getY(), bcDSAParams); // Ian: Note that if you can get the standard DSA implementation you're // using to not hash its input, you should be able to pass it ((256-bit // value) mod q), (rather than truncating the 256-bit value) and all // should be well. // ref: Interop problems with libotr - DSA signature DSASigner dsaSigner = new DSASigner(); dsaSigner.init(false, dsaPrivParms); BigInteger bmpi = new BigInteger(1, b); Boolean result = dsaSigner.verifySignature(BigIntegers.asUnsignedByteArray(bmpi.mod(q)), r, s); return result; }
From source file:org.cryptacular.util.KeyPairUtil.java
License:Open Source License
/** * Determines whether the given DSA public and private keys form a proper key * pair by computing and verifying a digital signature with the keys. * * @param pubKey DSA public key.// w ww . j a va2 s.co m * @param privKey DSA private key. * * @return True if the keys form a functioning keypair, false otherwise. * Errors during signature verification are treated as false. */ public static boolean isKeyPair(final DSAPublicKey pubKey, final DSAPrivateKey privKey) { final DSASigner signer = new DSASigner(); final DSAParameters params = new DSAParameters(privKey.getParams().getP(), privKey.getParams().getQ(), privKey.getParams().getG()); signer.init(true, new DSAPrivateKeyParameters(privKey.getX(), params)); final BigInteger[] sig = signer.generateSignature(SIGN_BYTES); signer.init(false, new DSAPublicKeyParameters(pubKey.getY(), params)); try { return signer.verifySignature(SIGN_BYTES, sig[0], sig[1]); } catch (Exception e) { return false; } }
From source file:org.jruby.ext.openssl.SecurityHelper.java
License:Open Source License
static boolean verify(final X509CRL crl, final PublicKey publicKey, final boolean silent) throws NoSuchAlgorithmException, CRLException, InvalidKeyException, SignatureException { if (crl instanceof X509CRLObject) { final CertificateList crlList = (CertificateList) getCertificateList(crl); final AlgorithmIdentifier tbsSignatureId = crlList.getTBSCertList().getSignature(); if (!crlList.getSignatureAlgorithm().equals(tbsSignatureId)) { if (silent) return false; throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList."); }/* ww w.j av a 2s . c om*/ final Signature signature = getSignature(crl.getSigAlgName(), securityProvider); signature.initVerify(publicKey); signature.update(crl.getTBSCertList()); if (!signature.verify(crl.getSignature())) { if (silent) return false; throw new SignatureException("CRL does not verify with supplied public key."); } return true; } else { try { final DigestAlgorithmIdentifierFinder digestAlgFinder = new DefaultDigestAlgorithmIdentifierFinder(); final ContentVerifierProvider verifierProvider; if ("DSA".equalsIgnoreCase(publicKey.getAlgorithm())) { BigInteger y = ((DSAPublicKey) publicKey).getY(); DSAParams params = ((DSAPublicKey) publicKey).getParams(); DSAParameters parameters = new DSAParameters(params.getP(), params.getQ(), params.getG()); AsymmetricKeyParameter dsaKey = new DSAPublicKeyParameters(y, parameters); verifierProvider = new BcDSAContentVerifierProviderBuilder(digestAlgFinder).build(dsaKey); } else { BigInteger mod = ((RSAPublicKey) publicKey).getModulus(); BigInteger exp = ((RSAPublicKey) publicKey).getPublicExponent(); AsymmetricKeyParameter rsaKey = new RSAKeyParameters(false, mod, exp); verifierProvider = new BcRSAContentVerifierProviderBuilder(digestAlgFinder).build(rsaKey); } return new X509CRLHolder(crl.getEncoded()).isSignatureValid(verifierProvider); } catch (OperatorException e) { throw new SignatureException(e); } catch (CertException e) { throw new SignatureException(e); } // can happen if the input is DER but does not match expected strucure catch (ClassCastException e) { throw new SignatureException(e); } catch (IOException e) { throw new SignatureException(e); } } }
From source file:org.nfc.eclipse.ndef.signature.SignatureVerifier.java
License:Open Source License
public Boolean verify(CertificateFormat certificateFormat, byte[] certificateBytes, SignatureType signatureType, byte[] signatureBytes, byte[] coveredBytes) throws CertificateException, NoSuchProviderException { if (Security.getProvider("BC") == null) { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); }// w w w .j ava 2 s . c o m Certificate certificate = null; if (certificateFormat == CertificateFormat.X_509) { java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509", "BC"); certificate = cf.generateCertificate(new ByteArrayInputStream(certificateBytes)); } if (signatureType == SignatureType.RSASSA_PKCS1_v1_5_WITH_SHA_1) { BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey(); RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent()); SHA1Digest digest = new SHA1Digest(); RSADigestSigner rsaDigestSigner = new RSADigestSigner(digest); rsaDigestSigner.init(false, pubParameters); rsaDigestSigner.update(coveredBytes, 0, coveredBytes.length); return rsaDigestSigner.verifySignature(signatureBytes); } else if (signatureType == SignatureType.RSASSA_PSS_SHA_1) { BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey(); RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent()); AsymmetricBlockCipher rsaEngine = new RSABlindedEngine(); rsaEngine.init(false, pubParameters); SHA1Digest digest = new SHA1Digest(); PSSSigner signer = new PSSSigner(rsaEngine, digest, digest.getDigestSize()); signer.init(true, pubParameters); signer.update(coveredBytes, 0, coveredBytes.length); return signer.verifySignature(signatureBytes); } else if (signatureType == SignatureType.ECDSA) { // http://en.wikipedia.org/wiki/Elliptic_Curve_DSA // http://stackoverflow.com/questions/11339788/tutorial-of-ecdsa-algorithm-to-sign-a-string // http://www.bouncycastle.org/wiki/display/JA1/Elliptic+Curve+Key+Pair+Generation+and+Key+Factories // http://java2s.com/Open-Source/Java/Security/Bouncy-Castle/org/bouncycastle/crypto/test/ECTest.java.htm /* BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey(); RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent()); org.bouncycastle.crypto.signers.ECDSASigner signer = new org.bouncycastle.crypto.signers.ECDSASigner(); signer.init(false, pubParameters); SHA1Digest digest = new SHA1Digest(); digest.update(coveredBytes, 0, coveredBytes.length); return signer.verifySignature(signatureBytes); */ } else if (signatureType == SignatureType.DSA) { ASN1InputStream aIn = new ASN1InputStream(signatureBytes); ASN1Primitive o; try { o = aIn.readObject(); ASN1Sequence asn1Sequence = (ASN1Sequence) o; BigInteger r = DERInteger.getInstance(asn1Sequence.getObjectAt(0)).getValue(); BigInteger s = DERInteger.getInstance(asn1Sequence.getObjectAt(1)).getValue(); BCDSAPublicKey key = (BCDSAPublicKey) certificate.getPublicKey(); // DSA Domain parameters DSAParams params = key.getParams(); if (params == null) { return Boolean.FALSE; } DSAParameters parameters = new DSAParameters(params.getP(), params.getQ(), params.getG()); DSASigner signer = new DSASigner(); signer.init(false, new DSAPublicKeyParameters(key.getY(), parameters)); SHA1Digest digest = new SHA1Digest(); digest.update(coveredBytes, 0, coveredBytes.length); byte[] message = new byte[digest.getDigestSize()]; digest.doFinal(message, 0); return signer.verifySignature(message, r, s); } catch (IOException e) { return Boolean.FALSE; } } return null; }