Beispiel #1
0
  protected byte[] engineSign() throws SignatureException {
    byte[] hash = new byte[digest.getDigestSize()];

    digest.doFinal(hash, 0);

    try {
      BigInteger[] sig = signer.generateSignature(hash);

      return encoder.encode(sig[0], sig[1]);
    } catch (Exception e) {
      throw new SignatureException(e.toString());
    }
  }
  /**
   * Generate a signature for the message we've been loaded with using the key we were initialised
   * with.
   */
  public byte[] generateSignature() throws CryptoException, DataLengthException {
    if (!forSigning) {
      throw new IllegalStateException("RSADigestSigner not initialised for signature generation.");
    }

    byte[] hash = new byte[digest.getDigestSize()];
    digest.doFinal(hash, 0);

    try {
      byte[] data = derEncode(hash);
      return rsaEngine.processBlock(data, 0, data.length);
    } catch (IOException e) {
      throw new CryptoException("unable to encode signature: " + e.getMessage(), e);
    }
  }
Beispiel #3
0
  protected boolean engineVerify(byte[] sigBytes) throws SignatureException {
    byte[] hash = new byte[digest.getDigestSize()];

    digest.doFinal(hash, 0);

    BigInteger[] sig;

    try {
      sig = encoder.decode(sigBytes);
    } catch (Exception e) {
      throw new SignatureException("error decoding signature bytes.");
    }

    return signer.verifySignature(hash, sig[0], sig[1]);
  }
  /**
   * return true if the internal state represents the signature described in the passed in array.
   */
  public boolean verifySignature(byte[] signature) {
    if (forSigning) {
      throw new IllegalStateException("RSADigestSigner not initialised for verification");
    }

    byte[] hash = new byte[digest.getDigestSize()];

    digest.doFinal(hash, 0);

    byte[] sig;
    byte[] expected;

    try {
      sig = rsaEngine.processBlock(signature, 0, signature.length);
      expected = derEncode(hash);
    } catch (Exception e) {
      return false;
    }

    if (sig.length == expected.length) {
      return Arrays.constantTimeAreEqual(sig, expected);
    } else if (sig.length == expected.length - 2) // NULL left out
    {
      int sigOffset = sig.length - hash.length - 2;
      int expectedOffset = expected.length - hash.length - 2;

      expected[1] -= 2; // adjust lengths
      expected[3] -= 2;

      int nonEqual = 0;

      for (int i = 0; i < hash.length; i++) {
        nonEqual |= (sig[sigOffset + i] ^ expected[expectedOffset + i]);
      }

      for (int i = 0; i < sigOffset; i++) {
        nonEqual |= (sig[i] ^ expected[i]); // check header less NULL
      }

      return nonEqual == 0;
    } else {
      return false;
    }
  }
 /** update the internal digest with the byte b */
 public void update(byte input) {
   digest.update(input);
 }
 /** @deprecated */
 public String getAlgorithmName() {
   return digest.getAlgorithmName() + "withRSA";
 }
 public RSADigestSigner(Digest digest) {
   this(digest, (ASN1ObjectIdentifier) oidMap.get(digest.getAlgorithmName()));
 }
 public void reset() {
   digest.reset();
 }
 /** update the internal digest with the byte array in */
 public void update(byte[] input, int inOff, int length) {
   digest.update(input, inOff, length);
 }
Beispiel #10
0
 protected void engineUpdate(byte[] b, int off, int len) throws SignatureException {
   digest.update(b, off, len);
 }
Beispiel #11
0
 protected void engineUpdate(byte b) throws SignatureException {
   digest.update(b);
 }
Beispiel #12
0
    public void performTest() throws Exception {
      byte[] salt = new byte[digest.getDigestSize()];
      int iCount = 100;

      digest.doFinal(salt, 0);

      PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest);

      pGen.init(PBEParametersGenerator.PKCS12PasswordToBytes(password), salt, iCount);

      ParametersWithIV params = (ParametersWithIV) pGen.generateDerivedParameters(keySize, ivSize);

      SecretKeySpec encKey =
          new SecretKeySpec(((KeyParameter) params.getParameters()).getKey(), baseAlgorithm);

      Cipher c;

      if (baseAlgorithm.equals("RC4")) {
        c = Cipher.getInstance(baseAlgorithm, "SC");

        c.init(Cipher.ENCRYPT_MODE, encKey);
      } else {
        c = Cipher.getInstance(baseAlgorithm + "/CBC/PKCS7Padding", "SC");

        c.init(Cipher.ENCRYPT_MODE, encKey, new IvParameterSpec(params.getIV()));
      }

      byte[] enc = c.doFinal(salt);

      c = Cipher.getInstance(algorithm, "SC");

      PBEKeySpec keySpec = new PBEKeySpec(password, salt, iCount);
      SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm, "SC");

      c.init(Cipher.DECRYPT_MODE, fact.generateSecret(keySpec));

      byte[] dec = c.doFinal(enc);

      if (!Arrays.areEqual(salt, dec)) {
        fail("" + algorithm + "failed encryption/decryption test");
      }

      //
      // get the parameters
      //
      AlgorithmParameters param = checkParameters(c, salt, iCount);

      //
      // try using parameters
      //
      c = Cipher.getInstance(algorithm, "SC");

      keySpec = new PBEKeySpec(password);

      c.init(Cipher.DECRYPT_MODE, fact.generateSecret(keySpec), param);

      checkParameters(c, salt, iCount);

      dec = c.doFinal(enc);

      if (!Arrays.areEqual(salt, dec)) {
        fail("" + algorithm + "failed encryption/decryption test");
      }

      //
      // try using PBESpec
      //
      c = Cipher.getInstance(algorithm, "SC");

      keySpec = new PBEKeySpec(password);

      c.init(
          Cipher.DECRYPT_MODE,
          fact.generateSecret(keySpec),
          param.getParameterSpec(PBEParameterSpec.class));

      checkParameters(c, salt, iCount);

      dec = c.doFinal(enc);

      if (!Arrays.areEqual(salt, dec)) {
        fail("" + algorithm + "failed encryption/decryption test");
      }
    }
 public MGF1BytesGeneratorExt(Digest digest, int counterStart) {
   this.digest = digest;
   this.hLen = digest.getDigestSize();
   this.counterStart = counterStart;
 }