List of usage examples for org.bouncycastle.crypto.signers PSSSigner PSSSigner
public PSSSigner(AsymmetricBlockCipher cipher, Digest digest, byte[] salt)
From source file:dorkbox.util.crypto.CryptoRSA.java
License:Apache License
/** * RSA encrypt using public key A, and sign data with private key B. * <p/>/* w ww. j a v a2 s.c om*/ * byte[0][] = encrypted data byte[1][] = signature * * @param logger * may be null, if no log output is necessary * * @return empty byte[][] if error */ public static byte[][] encryptAndSign(AsymmetricBlockCipher rsaEngine, Digest digest, RSAKeyParameters rsaPublicKeyA, RSAPrivateCrtKeyParameters rsaPrivateKeyB, byte[] bytes, Logger logger) { if (bytes.length == 0) { return new byte[0][0]; } byte[] encryptBytes = encrypt(rsaEngine, rsaPublicKeyA, bytes, logger); if (encryptBytes.length == 0) { return new byte[0][0]; } // now sign it. PSSSigner signer = new PSSSigner(rsaEngine, digest, digest.getDigestSize()); byte[] signatureRSA = CryptoRSA.sign(signer, rsaPrivateKeyB, encryptBytes, logger); if (signatureRSA.length == 0) { return new byte[0][0]; } byte[][] total = new byte[2][]; total[0] = encryptBytes; total[1] = signatureRSA; return total; }
From source file:dorkbox.util.crypto.CryptoRSA.java
License:Apache License
/** * RSA verify data with public key B, and decrypt using private key A. * * @param logger/*from w w w . j a va 2 s . co m*/ * may be null, if no log output is necessary * * @return empty byte[] if error */ public static byte[] decryptAndVerify(AsymmetricBlockCipher rsaEngine, Digest digest, RSAKeyParameters rsaPublicKeyA, RSAPrivateCrtKeyParameters rsaPrivateKeyB, byte[] encryptedData, byte[] signature, Logger logger) { if (encryptedData.length == 0 || signature.length == 0) { return new byte[0]; } // verify encrypted data. PSSSigner signer = new PSSSigner(rsaEngine, digest, digest.getDigestSize()); boolean verify = verify(signer, rsaPublicKeyA, signature, encryptedData); if (!verify) { return new byte[0]; } return decrypt(rsaEngine, rsaPrivateKeyB, encryptedData, logger); }
From source file:dorkbox.util.crypto.RsaTest.java
License:Apache License
@SuppressWarnings("deprecation") @Test/* w w w . jav a 2s . co m*/ public void Rsa() { byte[] bytes = "hello, my name is inigo montoya".getBytes(); AsymmetricCipherKeyPair key = CryptoRSA.generateKeyPair(new SecureRandom(entropySeed.getBytes()), 1024); RSAKeyParameters public1 = (RSAKeyParameters) key.getPublic(); RSAPrivateCrtKeyParameters private1 = (RSAPrivateCrtKeyParameters) key.getPrivate(); RSAEngine engine = new RSAEngine(); SHA1Digest digest = new SHA1Digest(); OAEPEncoding rsaEngine = new OAEPEncoding(engine, digest); // test encrypt/decrypt byte[] encryptRSA = CryptoRSA.encrypt(rsaEngine, public1, bytes, logger); byte[] decryptRSA = CryptoRSA.decrypt(rsaEngine, private1, encryptRSA, logger); if (Arrays.equals(bytes, encryptRSA)) { fail("bytes should not be equal"); } if (!Arrays.equals(bytes, decryptRSA)) { fail("bytes not equal"); } // test signing/verification PSSSigner signer = new PSSSigner(engine, digest, digest.getDigestSize()); byte[] signatureRSA = CryptoRSA.sign(signer, private1, bytes, logger); boolean verify = CryptoRSA.verify(signer, public1, signatureRSA, bytes); if (!verify) { fail("failed signature verification"); } }
From source file:edu.biu.scapi.midLayer.asymmetricCrypto.digitalSignature.BcRSAPss.java
License:Open Source License
private void createBCSigner(String hashName, SecureRandom random) throws FactoriesException { //Creates BC digest with the given name. digest = BCFactory.getInstance().getDigest(hashName); this.random = random; RSABlindedEngine rsa = new RSABlindedEngine(); signer = new PSSSigner(rsa, digest, digest.getDigestSize()); }
From source file:frost.crypt.FrostCrypt.java
License:Open Source License
public FrostCrypt() { Security.addProvider(new BouncyCastleProvider()); signer = new PSSSigner(new RSAEngine(), new SHA1Digest(), 16); try {//ww w . ja v a 2 s . c o m secureRandom = SecureRandom.getInstance("SHA1PRNG"); } catch (NoSuchAlgorithmException e) { secureRandom = new SecureRandom(); } }
From source file:org.nfc.eclipse.ndef.signature.SignatureVerifier.java
License:Open Source License
public Boolean verify(CertificateFormat certificateFormat, byte[] certificateBytes, SignatureType signatureType, byte[] signatureBytes, byte[] coveredBytes) throws CertificateException, NoSuchProviderException { if (Security.getProvider("BC") == null) { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); }/* w w w . ja v a2s . c o m*/ Certificate certificate = null; if (certificateFormat == CertificateFormat.X_509) { java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509", "BC"); certificate = cf.generateCertificate(new ByteArrayInputStream(certificateBytes)); } if (signatureType == SignatureType.RSASSA_PKCS1_v1_5_WITH_SHA_1) { BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey(); RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent()); SHA1Digest digest = new SHA1Digest(); RSADigestSigner rsaDigestSigner = new RSADigestSigner(digest); rsaDigestSigner.init(false, pubParameters); rsaDigestSigner.update(coveredBytes, 0, coveredBytes.length); return rsaDigestSigner.verifySignature(signatureBytes); } else if (signatureType == SignatureType.RSASSA_PSS_SHA_1) { BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey(); RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent()); AsymmetricBlockCipher rsaEngine = new RSABlindedEngine(); rsaEngine.init(false, pubParameters); SHA1Digest digest = new SHA1Digest(); PSSSigner signer = new PSSSigner(rsaEngine, digest, digest.getDigestSize()); signer.init(true, pubParameters); signer.update(coveredBytes, 0, coveredBytes.length); return signer.verifySignature(signatureBytes); } else if (signatureType == SignatureType.ECDSA) { // http://en.wikipedia.org/wiki/Elliptic_Curve_DSA // http://stackoverflow.com/questions/11339788/tutorial-of-ecdsa-algorithm-to-sign-a-string // http://www.bouncycastle.org/wiki/display/JA1/Elliptic+Curve+Key+Pair+Generation+and+Key+Factories // http://java2s.com/Open-Source/Java/Security/Bouncy-Castle/org/bouncycastle/crypto/test/ECTest.java.htm /* BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey(); RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent()); org.bouncycastle.crypto.signers.ECDSASigner signer = new org.bouncycastle.crypto.signers.ECDSASigner(); signer.init(false, pubParameters); SHA1Digest digest = new SHA1Digest(); digest.update(coveredBytes, 0, coveredBytes.length); return signer.verifySignature(signatureBytes); */ } else if (signatureType == SignatureType.DSA) { ASN1InputStream aIn = new ASN1InputStream(signatureBytes); ASN1Primitive o; try { o = aIn.readObject(); ASN1Sequence asn1Sequence = (ASN1Sequence) o; BigInteger r = DERInteger.getInstance(asn1Sequence.getObjectAt(0)).getValue(); BigInteger s = DERInteger.getInstance(asn1Sequence.getObjectAt(1)).getValue(); BCDSAPublicKey key = (BCDSAPublicKey) certificate.getPublicKey(); // DSA Domain parameters DSAParams params = key.getParams(); if (params == null) { return Boolean.FALSE; } DSAParameters parameters = new DSAParameters(params.getP(), params.getQ(), params.getG()); DSASigner signer = new DSASigner(); signer.init(false, new DSAPublicKeyParameters(key.getY(), parameters)); SHA1Digest digest = new SHA1Digest(); digest.update(coveredBytes, 0, coveredBytes.length); byte[] message = new byte[digest.getDigestSize()]; digest.doFinal(message, 0); return signer.verifySignature(message, r, s); } catch (IOException e) { return Boolean.FALSE; } } return null; }
From source file:org.xwiki.crypto.signer.internal.factory.AbstractBcPssSignerFactory.java
License:Open Source License
@Override protected org.bouncycastle.crypto.Signer getSignerInstance(AsymmetricCipherParameters parameters) { if (parameters instanceof AsymmetricKeyParameters) { return new PSSSigner(getCipherEngine(), new SHA1Digest(), 20); } else if (parameters instanceof PssSignerParameters) { PssParameters pssParams = ((PssSignerParameters) parameters).getPssParameters(); Digest digest = getDigestFactory(pssParams.getHashAlgorithm()).getDigestInstance(); return new PSSSigner(getCipherEngine(), digest, getDigestFactory(pssParams.getMaskGenAlgorithm()).getDigestInstance(), pssParams.getSaltLength() >= 0 ? pssParams.getSaltLength() : digest.getDigestSize(), pssParams.getTrailerByte()); }//from ww w. j a va2s . co m throw new UnsupportedOperationException(PSS_PARAMS_ERROR + parameters.getClass().getName()); }