Search in sources :

Example 6 with RSASSAPSSparams

use of com.github.zhenwei.core.asn1.pkcs.RSASSAPSSparams in project jmulticard by ctt-gob-es.

the class OperatorHelper method notDefaultPSSParams.

// for our purposes default includes varient digest with salt the same size as digest
private boolean notDefaultPSSParams(ASN1Sequence seq) throws GeneralSecurityException {
    if (seq == null || seq.size() == 0) {
        return false;
    }
    RSASSAPSSparams pssParams = RSASSAPSSparams.getInstance(seq);
    if (!pssParams.getMaskGenAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1)) {
        return true;
    }
    // same digest for sig and MGF1
    if (!pssParams.getHashAlgorithm().equals(AlgorithmIdentifier.getInstance(pssParams.getMaskGenAlgorithm().getParameters()))) {
        return true;
    }
    MessageDigest digest = createDigest(pssParams.getHashAlgorithm());
    return pssParams.getSaltLength().intValue() != digest.getDigestLength();
}
Also used : RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams) MessageDigest(java.security.MessageDigest)

Example 7 with RSASSAPSSparams

use of com.github.zhenwei.core.asn1.pkcs.RSASSAPSSparams in project jmulticard by ctt-gob-es.

the class DefaultSignatureNameFinder method getAlgorithmName.

/**
 * Return the signature name for the passed in algorithm identifier. For signatures
 * that require parameters, like RSASSA-PSS, this is the best one to use.
 *
 * @param algorithmIdentifier the AlgorithmIdentifier of interest.
 * @return a string representation of the name.
 */
public String getAlgorithmName(AlgorithmIdentifier algorithmIdentifier) {
    ASN1Encodable params = algorithmIdentifier.getParameters();
    if (params != null && !DERNull.INSTANCE.equals(params)) {
        if (algorithmIdentifier.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) {
            RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
            AlgorithmIdentifier mgfAlg = rsaParams.getMaskGenAlgorithm();
            if (mgfAlg.getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1)) {
                AlgorithmIdentifier digAlg = rsaParams.getHashAlgorithm();
                ASN1ObjectIdentifier mgfHashOid = AlgorithmIdentifier.getInstance(mgfAlg.getParameters()).getAlgorithm();
                if (mgfHashOid.equals(digAlg.getAlgorithm())) {
                    return getDigestName(digAlg.getAlgorithm()) + "WITHRSAANDMGF1";
                } else {
                    return getDigestName(digAlg.getAlgorithm()) + "WITHRSAANDMGF1USING" + getDigestName(mgfHashOid);
                }
            }
            return getDigestName(rsaParams.getHashAlgorithm().getAlgorithm()) + "WITHRSAAND" + mgfAlg.getAlgorithm().getId();
        }
    }
    if (oids.containsKey(algorithmIdentifier.getAlgorithm())) {
        return (String) oids.get(algorithmIdentifier.getAlgorithm());
    }
    return algorithmIdentifier.getAlgorithm().getId();
}
Also used : RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 8 with RSASSAPSSparams

use of com.github.zhenwei.core.asn1.pkcs.RSASSAPSSparams in project LinLong-Java by zhenwei1108.

the class OperatorHelper method notDefaultPSSParams.

// for our purposes default includes varient digest with salt the same size as digest
private boolean notDefaultPSSParams(ASN1Sequence seq) throws GeneralSecurityException {
    if (seq == null || seq.size() == 0) {
        return false;
    }
    RSASSAPSSparams pssParams = RSASSAPSSparams.getInstance(seq);
    if (!pssParams.getMaskGenAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1)) {
        return true;
    }
    // same digest for sig and MGF1
    if (!pssParams.getHashAlgorithm().equals(AlgorithmIdentifier.getInstance(pssParams.getMaskGenAlgorithm().getParameters()))) {
        return true;
    }
    MessageDigest digest = createDigest(pssParams.getHashAlgorithm());
    return pssParams.getSaltLength().intValue() != digest.getDigestLength();
}
Also used : RSASSAPSSparams(com.github.zhenwei.core.asn1.pkcs.RSASSAPSSparams) MessageDigest(java.security.MessageDigest)

Example 9 with RSASSAPSSparams

use of com.github.zhenwei.core.asn1.pkcs.RSASSAPSSparams in project LinLong-Java by zhenwei1108.

the class JcaContentSignerBuilder method createPSSParams.

private static RSASSAPSSparams createPSSParams(PSSParameterSpec pssSpec) {
    DigestAlgorithmIdentifierFinder digFinder = new DefaultDigestAlgorithmIdentifierFinder();
    AlgorithmIdentifier digId = digFinder.find(pssSpec.getDigestAlgorithm());
    if (digId.getParameters() == null) {
        digId = new AlgorithmIdentifier(digId.getAlgorithm(), DERNull.INSTANCE);
    }
    AlgorithmIdentifier mgfDig = digFinder.find(((MGF1ParameterSpec) pssSpec.getMGFParameters()).getDigestAlgorithm());
    if (mgfDig.getParameters() == null) {
        mgfDig = new AlgorithmIdentifier(mgfDig.getAlgorithm(), DERNull.INSTANCE);
    }
    return new RSASSAPSSparams(digId, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, mgfDig), new ASN1Integer(pssSpec.getSaltLength()), new ASN1Integer(pssSpec.getTrailerField()));
}
Also used : RSASSAPSSparams(com.github.zhenwei.core.asn1.pkcs.RSASSAPSSparams) ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer) DigestAlgorithmIdentifierFinder(com.github.zhenwei.pkix.operator.DigestAlgorithmIdentifierFinder) DefaultDigestAlgorithmIdentifierFinder(com.github.zhenwei.pkix.operator.DefaultDigestAlgorithmIdentifierFinder) DefaultDigestAlgorithmIdentifierFinder(com.github.zhenwei.pkix.operator.DefaultDigestAlgorithmIdentifierFinder) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 10 with RSASSAPSSparams

use of com.github.zhenwei.core.asn1.pkcs.RSASSAPSSparams in project xipki by xipki.

the class ResponderSigner method getSignatureAlgorithmName.

private static String getSignatureAlgorithmName(AlgorithmIdentifier sigAlgId) {
    ASN1ObjectIdentifier algOid = sigAlgId.getAlgorithm();
    if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) {
        return algOid.getId();
    }
    ASN1Encodable asn1Encodable = sigAlgId.getParameters();
    RSASSAPSSparams param = RSASSAPSSparams.getInstance(asn1Encodable);
    ASN1ObjectIdentifier digestAlgOid = param.getHashAlgorithm().getAlgorithm();
    return digestAlgOid.getId() + "WITHRSAANDMGF1";
}
Also used : RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

RSASSAPSSparams (org.bouncycastle.asn1.pkcs.RSASSAPSSparams)10 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)6 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)5 RSASSAPSSparams (com.github.zhenwei.core.asn1.pkcs.RSASSAPSSparams)4 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)3 ASN1Encodable (com.github.zhenwei.core.asn1.ASN1Encodable)2 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)2 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)2 MessageDigest (java.security.MessageDigest)2 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)2 ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)1 ASN1Sequence (com.github.zhenwei.core.asn1.ASN1Sequence)1 DefaultDigestAlgorithmIdentifierFinder (com.github.zhenwei.pkix.operator.DefaultDigestAlgorithmIdentifierFinder)1 DigestAlgorithmIdentifierFinder (com.github.zhenwei.pkix.operator.DigestAlgorithmIdentifierFinder)1 AsymmetricBlockCipher (org.bouncycastle.crypto.AsymmetricBlockCipher)1 Digest (org.bouncycastle.crypto.Digest)1 RSABlindedEngine (org.bouncycastle.crypto.engines.RSABlindedEngine)1 PSSSigner (org.bouncycastle.crypto.signers.PSSSigner)1 AlgorithmCode (org.xipki.security.AlgorithmCode)1