Exemplo n.º 1
0
 public boolean verifyRawSignature(
     SignatureAndHashAlgorithm algorithm,
     byte[] sigBytes,
     AsymmetricKeyParameter publicKey,
     byte[] hash)
     throws CryptoException {
   Signer signer = makeSigner(algorithm, true, false, publicKey);
   signer.update(hash, 0, hash.length);
   return signer.verifySignature(sigBytes);
 }
Exemplo n.º 2
0
 public byte[] generateRawSignature(
     SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey, byte[] hash)
     throws CryptoException {
   Signer signer =
       makeSigner(
           algorithm,
           true,
           true,
           new ParametersWithRandom(privateKey, this.context.getSecureRandom()));
   signer.update(hash, 0, hash.length);
   return signer.generateSignature();
 }
Exemplo n.º 3
0
  protected Signer makeSigner(
      SignatureAndHashAlgorithm algorithm, boolean raw, boolean forSigning, CipherParameters cp) {
    if ((algorithm != null) != TlsUtils.isTLSv12(context)) {
      throw new IllegalStateException();
    }

    if (algorithm != null && algorithm.getSignature() != SignatureAlgorithm.rsa) {
      throw new IllegalStateException();
    }

    Digest d;
    if (raw) {
      d = new NullDigest();
    } else if (algorithm == null) {
      d = new CombinedHash();
    } else {
      d = TlsUtils.createHash(algorithm.getHash());
    }

    Signer s;
    if (algorithm != null) {
      /*
       * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated
       * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1].
       */
      s = new RSADigestSigner(d, TlsUtils.getOIDForHashAlgorithm(algorithm.getHash()));
    } else {
      /*
       * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme
       * that did not include a DigestInfo encoding.
       */
      s = new GenericSigner(createRSAImpl(), d);
    }
    s.init(forSigning, cp);
    return s;
  }