List of usage examples for org.bouncycastle.crypto.signers ECDSASigner init
public void init(boolean forSigning, CipherParameters param)
From source file:ACNS.thresholdDSA.Util.java
License:Apache License
public static boolean verifySignature(byte[] message, BigInteger r, BigInteger s, byte[] pub, ECDomainParameters Curve) {//from ww w . j av a 2 s .co m ECDSASigner signer = new ECDSASigner(); ECPublicKeyParameters params = new ECPublicKeyParameters(Curve.getCurve().decodePoint(pub), Curve); signer.init(false, params); try { return signer.verifySignature(message, r, s); } catch (NullPointerException e) { // Bouncy Castle contains a bug that can cause NPEs given specially // crafted signatures. Those signatures // are inherently invalid/attack sigs so we just fail them here // rather than crash the thread. System.out.println("Caught NPE inside bouncy castle"); e.printStackTrace(); return false; } }
From source file:co.rsk.peg.BridgeSupportTest.java
License:Open Source License
/** * Helper method to test addSignature() with a valid federatorPublicKey parameter and both valid/invalid signatures * @param privateKeysToSignWith keys used to sign the tx. Federator key when we want to produce a valid signature, a random key when we want to produce an invalid signature * @param numberOfInputsToSign There is just 1 input. 1 when testing the happy case, other values to test attacks/bugs. * @param signatureCanonical Signature should be canonical. true when testing the happy case, false to test attacks/bugs. * @param signTwice Sign again with the same key * @param expectedResult "InvalidParameters", "PartiallySigned" or "FullySigned" *//* ww w . ja v a2 s . c om*/ private void addSignatureFromValidFederator(List<BtcECKey> privateKeysToSignWith, int numberOfInputsToSign, boolean signatureCanonical, boolean signTwice, String expectedResult) throws Exception { // Federation is the genesis federation ATM Federation federation = bridgeConstants.getGenesisFederation(); Repository repository = createRepositoryImpl(config); final Keccak256 keccak256 = PegTestUtils.createHash3(); Repository track = repository.startTracking(); BridgeStorageProvider provider = new BridgeStorageProvider(track, PrecompiledContracts.BRIDGE_ADDR, config.getBlockchainConfig().getCommonConstants().getBridgeConstants(), bridgeStorageConfigurationAtHeightZero); BtcTransaction prevTx = new BtcTransaction(btcParams); TransactionOutput prevOut = new TransactionOutput(btcParams, prevTx, Coin.FIFTY_COINS, federation.getAddress()); prevTx.addOutput(prevOut); BtcTransaction t = new BtcTransaction(btcParams); TransactionOutput output = new TransactionOutput(btcParams, t, Coin.COIN, new BtcECKey().toAddress(btcParams)); t.addOutput(output); t.addInput(prevOut).setScriptSig(PegTestUtils.createBaseInputScriptThatSpendsFromTheFederation(federation)); provider.getRskTxsWaitingForSignatures().put(keccak256, t); provider.save(); track.commit(); track = repository.startTracking(); List<LogInfo> logs = new ArrayList<>(); BridgeEventLogger eventLogger = new BridgeEventLoggerImpl(bridgeConstants, logs); BridgeSupport bridgeSupport = new BridgeSupport(config, track, eventLogger, contractAddress, mock(Block.class)); Script inputScript = t.getInputs().get(0).getScriptSig(); List<ScriptChunk> chunks = inputScript.getChunks(); byte[] program = chunks.get(chunks.size() - 1).data; Script redeemScript = new Script(program); Sha256Hash sighash = t.hashForSignature(0, redeemScript, BtcTransaction.SigHash.ALL, false); BtcECKey.ECDSASignature sig = privateKeysToSignWith.get(0).sign(sighash); if (!signatureCanonical) { sig = new BtcECKey.ECDSASignature(sig.r, BtcECKey.CURVE.getN().subtract(sig.s)); } byte[] derEncodedSig = sig.encodeToDER(); List derEncodedSigs = new ArrayList(); for (int i = 0; i < numberOfInputsToSign; i++) { derEncodedSigs.add(derEncodedSig); } bridgeSupport.addSignature(findPublicKeySignedBy(federation.getPublicKeys(), privateKeysToSignWith.get(0)), derEncodedSigs, keccak256.getBytes()); if (signTwice) { // Create another valid signature with the same private key ECDSASigner signer = new ECDSASigner(); X9ECParameters CURVE_PARAMS = CustomNamedCurves.getByName("secp256k1"); ECDomainParameters CURVE = new ECDomainParameters(CURVE_PARAMS.getCurve(), CURVE_PARAMS.getG(), CURVE_PARAMS.getN(), CURVE_PARAMS.getH()); ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKeysToSignWith.get(0).getPrivKey(), CURVE); signer.init(true, privKey); BigInteger[] components = signer.generateSignature(sighash.getBytes()); BtcECKey.ECDSASignature sig2 = new BtcECKey.ECDSASignature(components[0], components[1]) .toCanonicalised(); bridgeSupport.addSignature( findPublicKeySignedBy(federation.getPublicKeys(), privateKeysToSignWith.get(0)), Lists.newArrayList(sig2.encodeToDER()), keccak256.getBytes()); } if (privateKeysToSignWith.size() > 1) { BtcECKey.ECDSASignature sig2 = privateKeysToSignWith.get(1).sign(sighash); byte[] derEncodedSig2 = sig2.encodeToDER(); List derEncodedSigs2 = new ArrayList(); for (int i = 0; i < numberOfInputsToSign; i++) { derEncodedSigs2.add(derEncodedSig2); } bridgeSupport.addSignature( findPublicKeySignedBy(federation.getPublicKeys(), privateKeysToSignWith.get(1)), derEncodedSigs2, keccak256.getBytes()); } bridgeSupport.save(); track.commit(); provider = new BridgeStorageProvider(repository, PrecompiledContracts.BRIDGE_ADDR, config.getBlockchainConfig().getCommonConstants().getBridgeConstants(), bridgeStorageConfigurationAtHeightZero); if ("FullySigned".equals(expectedResult)) { Assert.assertTrue(provider.getRskTxsWaitingForSignatures().isEmpty()); Assert.assertThat(logs, is(not(empty()))); Assert.assertThat(logs, hasSize(3)); LogInfo releaseTxEvent = logs.get(2); Assert.assertThat(releaseTxEvent.getTopics(), hasSize(1)); Assert.assertThat(releaseTxEvent.getTopics(), hasItem(Bridge.RELEASE_BTC_TOPIC)); BtcTransaction releaseTx = new BtcTransaction(bridgeConstants.getBtcParams(), ((RLPList) RLP.decode2(releaseTxEvent.getData()).get(0)).get(1).getRLPData()); Script retrievedScriptSig = releaseTx.getInput(0).getScriptSig(); Assert.assertEquals(4, retrievedScriptSig.getChunks().size()); Assert.assertEquals(true, retrievedScriptSig.getChunks().get(1).data.length > 0); Assert.assertEquals(true, retrievedScriptSig.getChunks().get(2).data.length > 0); } else { Script retrievedScriptSig = provider.getRskTxsWaitingForSignatures().get(keccak256).getInput(0) .getScriptSig(); Assert.assertEquals(4, retrievedScriptSig.getChunks().size()); boolean expectSignatureToBePersisted = false; // for "InvalidParameters" if ("PartiallySigned".equals(expectedResult)) { expectSignatureToBePersisted = true; } Assert.assertEquals(expectSignatureToBePersisted, retrievedScriptSig.getChunks().get(1).data.length > 0); Assert.assertEquals(false, retrievedScriptSig.getChunks().get(2).data.length > 0); } }
From source file:com.aaasec.sigserv.cscommon.xmldsig.XMLSign.java
License:EUPL
public static EcdsaSigValue ecdsaSignDigest(byte[] digest, PrivateKey privKey) { try {/*from ww w .j a v a 2 s . co m*/ ECDSASigner ecdsa = new ECDSASigner(); CipherParameters param = ECUtil.generatePrivateKeyParameter(privKey); ecdsa.init(true, param); BigInteger[] signature = ecdsa.generateSignature(digest); EcdsaSigValue sigVal = new EcdsaSigValue(signature[0], signature[1]); return sigVal; } catch (InvalidKeyException ex) { Logger.getLogger(XMLSign.class.getName()).log(Level.SEVERE, null, ex); } return null; }
From source file:com.aaasec.sigserv.cscommon.xmldsig.XMLSign.java
License:EUPL
public static boolean ecdsaVerifyDigest(byte[] digest, EcdsaSigValue signature, PublicKey pubKey) { try {// www. j av a 2 s. c o m ECDSASigner ecdsa = new ECDSASigner(); CipherParameters param = ECUtil.generatePublicKeyParameter(pubKey); ecdsa.init(false, param); EcdsaSigValue sigVal = EcdsaSigValue.getInstance(signature); return ecdsa.verifySignature(digest, sigVal.getR(), sigVal.getS()); } catch (Exception ex) { Logger.getLogger(XMLSign.class.getName()).log(Level.SEVERE, null, ex); } return false; }
From source file:com.bitsofproof.supernode.api.ECKeyPair.java
License:Apache License
@Override public byte[] sign(byte[] hash) throws ValidationException { if (priv == null) { throw new ValidationException("Need private key to sign"); }/* w w w .ja va2 s .co m*/ ECDSASigner signer = new ECDSASigner(); signer.init(true, new ECPrivateKeyParameters(priv, domain)); BigInteger[] signature = signer.generateSignature(hash); ByteArrayOutputStream s = new ByteArrayOutputStream(); try { DERSequenceGenerator seq = new DERSequenceGenerator(s); seq.addObject(new DERInteger(signature[0])); seq.addObject(new DERInteger(signature[1])); seq.close(); return s.toByteArray(); } catch (IOException e) { } return null; }
From source file:com.bitsofproof.supernode.api.ECKeyPair.java
License:Apache License
public static boolean verify(byte[] hash, byte[] signature, byte[] pub) { ASN1InputStream asn1 = new ASN1InputStream(signature); try {/*from w ww . j a va 2 s . c o m*/ ECDSASigner signer = new ECDSASigner(); signer.init(false, new ECPublicKeyParameters(curve.getCurve().decodePoint(pub), domain)); DLSequence seq = (DLSequence) asn1.readObject(); BigInteger r = ((DERInteger) seq.getObjectAt(0)).getPositiveValue(); BigInteger s = ((DERInteger) seq.getObjectAt(1)).getPositiveValue(); return signer.verifySignature(hash, r, s); } catch (Exception e) { // threat format errors as invalid signatures return false; } finally { try { asn1.close(); } catch (IOException e) { } } }
From source file:com.DSC.crypto.ECDSA.java
License:Open Source License
/** * Sign the data, return the signature//from ww w. j a v a2 s . com * @param priKey * @param data * @return */ private static BigInteger[] sign(CipherParameters priKey, byte[] data) { ECDSASigner ecdsa = new ECDSASigner(); ecdsa.init(true, priKey); return ecdsa.generateSignature(data); }
From source file:com.DSC.crypto.ECDSA.java
License:Open Source License
/** * Verify the data, return true if the signature is valid, false otherwise * @param pubKey//from w w w. ja va 2 s.com * @param data * @param signature * @return */ private static boolean verify(CipherParameters pubKey, byte[] data, BigInteger[] signature) { ECDSASigner ecdsa = new ECDSASigner(); ecdsa.init(false, pubKey); return ecdsa.verifySignature(data, signature[0], signature[1]); }
From source file:com.facebook.delegatedrecovery.RecoveryToken.java
License:Open Source License
private byte[] getSignature(final byte[] rawArray, final ECPrivateKey privateKey) throws IOException { if (this.signature != null) { throw new IllegalStateException("This token already has a signature."); }/*ww w. j a v a 2s . c o m*/ final BigInteger privatePoint = privateKey.getS(); final SHA256Digest digest = new SHA256Digest(); final byte[] hash = new byte[digest.getByteLength()]; digest.update(rawArray, 0, rawArray.length); digest.doFinal(hash, 0); final ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())); signer.init(true, new ECPrivateKeyParameters(privatePoint, DelegatedRecoveryUtils.P256_DOMAIN_PARAMS)); final BigInteger[] signature = signer.generateSignature(hash); final ByteArrayOutputStream s = new ByteArrayOutputStream(); final DERSequenceGenerator seq = new DERSequenceGenerator(s); seq.addObject(new ASN1Integer(signature[0])); seq.addObject(new ASN1Integer(signature[1])); seq.close(); return s.toByteArray(); }
From source file:com.github.horrorho.inflatabledonkey.crypto.ec.ECCurvePoint.java
License:Open Source License
public boolean verifySignature(byte[] message, BigInteger r, BigInteger s) { ECDomainParameters ecDomainParameters = ECAssistant.ecDomainParametersFrom(x9ECParameters); ECPublicKeyParameters ecPublicKeyParameters = new ECPublicKeyParameters(Q, ecDomainParameters); ECDSASigner signer = new ECDSASigner(); signer.init(false, ecPublicKeyParameters); return signer.verifySignature(message, r, s); }