Example 6 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class LMOtsPrivateKey method getSignatureContext.
LMSContext getSignatureContext(LMSigParameters sigParams, byte[][] path) {
byte[] C = new byte[SEED_LEN];
SeedDerive derive = getDerivationFunction();
// This value from reference impl.
derive.setJ(SEED_RANDOMISER_INDEX);
derive.deriveSeed(C, false);
Digest ctx = DigestUtil.getDigest(parameter.getDigestOID());
LmsUtils.byteArray(this.getI(), ctx);
LmsUtils.u32str(this.getQ(), ctx);
LmsUtils.u16str(D_MESG, ctx);
LmsUtils.byteArray(C, ctx);
return new LMSContext(this, sigParams, ctx, C, path);
}
Also used :
Digest(com.github.zhenwei.core.crypto.Digest)
Example 7 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class LMOtsPublicKey method createOtsContext.
LMSContext createOtsContext(LMSSignature signature) {
Digest ctx = DigestUtil.getDigest(parameter.getDigestOID());
LmsUtils.byteArray(I, ctx);
LmsUtils.u32str(q, ctx);
LmsUtils.u16str(D_MESG, ctx);
LmsUtils.byteArray(signature.getOtsSignature().getC(), ctx);
return new LMSContext(this, signature, ctx);
}
Also used :
Digest(com.github.zhenwei.core.crypto.Digest)
Example 8 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class LMS method verifySignature.
public static boolean verifySignature(LMSPublicKeyParameters publicKey, LMSContext context) {
LMSSignature S = (LMSSignature) context.getSignature();
LMSigParameters lmsParameter = S.getParameter();
int h = lmsParameter.getH();
byte[][] path = S.getY();
byte[] Kc = LM_OTS.lm_ots_validate_signature_calculate(context);
// Step 4
// node_num = 2^h + q
int node_num = (1 << h) + S.getQ();
// tmp = H(I || u32str(node_num) || u16str(D_LEAF) || Kc)
byte[] I = publicKey.getI();
Digest H = DigestUtil.getDigest(lmsParameter.getDigestOID());
byte[] tmp = new byte[H.getDigestSize()];
H.update(I, 0, I.length);
LmsUtils.u32str(node_num, H);
LmsUtils.u16str(D_LEAF, H);
H.update(Kc, 0, Kc.length);
H.doFinal(tmp, 0);
int i = 0;
while (node_num > 1) {
if ((node_num & 1) == 1) {
// is odd
H.update(I, 0, I.length);
LmsUtils.u32str(node_num / 2, H);
LmsUtils.u16str(D_INTR, H);
H.update(path[i], 0, path[i].length);
H.update(tmp, 0, tmp.length);
H.doFinal(tmp, 0);
} else {
H.update(I, 0, I.length);
LmsUtils.u32str(node_num / 2, H);
LmsUtils.u16str(D_INTR, H);
H.update(tmp, 0, tmp.length);
H.update(path[i], 0, path[i].length);
H.doFinal(tmp, 0);
}
node_num = node_num / 2;
i++;
}
byte[] Tc = tmp;
return publicKey.matchesT1(Tc);
}
Also used :
Digest(com.github.zhenwei.core.crypto.Digest)
Example 9 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class BcITSContentVerifierProvider method get.
public ContentVerifier get(final int verifierAlgorithmIdentifier) throws OperatorCreationException {
if (sigChoice != verifierAlgorithmIdentifier) {
throw new OperatorCreationException("wrong verifier for algorithm: " + verifierAlgorithmIdentifier);
}
final Digest digest = BcDefaultDigestProvider.INSTANCE.get(digestAlgo);
final byte[] parentDigest = new byte[digest.getDigestSize()];
digest.update(parentData, 0, parentData.length);
digest.doFinal(parentDigest, 0);
final byte[] parentTBSDigest = issuer.getIssuer().isSelf() ? new byte[digest.getDigestSize()] : null;
if (parentTBSDigest != null) {
byte[] enc = OEREncoder.toByteArray(issuer.toASN1Structure().getCertificateBase().getToBeSignedCertificate(), IEEE1609dot2.tbsCertificate);
digest.update(enc, 0, enc.length);
digest.doFinal(parentTBSDigest, 0);
}
final OutputStream os = new OutputStream() {
public void write(int b) throws IOException {
digest.update((byte) b);
}
public void write(byte[] b) throws IOException {
digest.update(b, 0, b.length);
}
public void write(byte[] b, int off, int len) throws IOException {
digest.update(b, off, len);
}
};
return new ContentVerifier() {
final DSADigestSigner signer = new DSADigestSigner(new ECDSASigner(), BcDefaultDigestProvider.INSTANCE.get(digestAlgo));
public AlgorithmIdentifier getAlgorithmIdentifier() {
return null;
}
public OutputStream getOutputStream() {
return os;
}
public boolean verify(byte[] expected) {
byte[] clientCertDigest = new byte[digest.getDigestSize()];
digest.doFinal(clientCertDigest, 0);
// System.out.println("Verify: "+ Hex.toHexString(clientCertDigest));
signer.init(false, pubParams);
signer.update(clientCertDigest, 0, clientCertDigest.length);
//
if (parentTBSDigest != null && Arrays.areEqual(clientCertDigest, parentTBSDigest)) {
byte[] empty = new byte[digest.getDigestSize()];
digest.doFinal(empty, 0);
// System.out.println("Empty: "+Hex.toHexString(empty));
signer.update(empty, 0, empty.length);
} else {
signer.update(parentDigest, 0, parentDigest.length);
}
return signer.verifySignature(expected);
}
};
}
Also used :
DSADigestSigner(com.github.zhenwei.core.crypto.signers.DSADigestSigner)
Digest(com.github.zhenwei.core.crypto.Digest)
ECDSASigner(com.github.zhenwei.core.crypto.signers.ECDSASigner)
OutputStream(java.io.OutputStream)
ContentVerifier(com.github.zhenwei.pkix.operator.ContentVerifier)
OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)
Example 10 with Digest
use of com.github.zhenwei.core.crypto.Digest in project LinLong-Java by zhenwei1108.
the class JPAKEExample method main.
public static void main(String[] args) throws CryptoException {
/*
* Initialization
*
* Pick an appropriate prime order group to use throughout the exchange.
* Note that both participants must use the same group.
*/
JPAKEPrimeOrderGroup group = JPAKEPrimeOrderGroups.NIST_3072;
BigInteger p = group.getP();
BigInteger q = group.getQ();
BigInteger g = group.getG();
String alicePassword = "password";
String bobPassword = "password";
System.out.println("********* Initialization **********");
System.out.println("Public parameters for the cyclic group:");
System.out.println("p (" + p.bitLength() + " bits): " + p.toString(16));
System.out.println("q (" + q.bitLength() + " bits): " + q.toString(16));
System.out.println("g (" + p.bitLength() + " bits): " + g.toString(16));
System.out.println("p mod q = " + p.mod(q).toString(16));
System.out.println("g^{q} mod p = " + g.modPow(q, p).toString(16));
System.out.println("");
System.out.println("(Secret passwords used by Alice and Bob: " + "\"" + alicePassword + "\" and \"" + bobPassword + "\")\n");
/*
* Both participants must use the same hashing algorithm.
*/
Digest digest = new SHA256Digest();
SecureRandom random = new SecureRandom();
JPAKEParticipant alice = new JPAKEParticipant("alice", alicePassword.toCharArray(), group, digest, random);
JPAKEParticipant bob = new JPAKEParticipant("bob", bobPassword.toCharArray(), group, digest, random);
/*
* Round 1
*
* Alice and Bob each generate a round 1 payload, and send it to each other.
*/
JPAKERound1Payload aliceRound1Payload = alice.createRound1PayloadToSend();
JPAKERound1Payload bobRound1Payload = bob.createRound1PayloadToSend();
System.out.println("************ Round 1 **************");
System.out.println("Alice sends to Bob: ");
System.out.println("g^{x1}=" + aliceRound1Payload.getGx1().toString(16));
System.out.println("g^{x2}=" + aliceRound1Payload.getGx2().toString(16));
System.out.println("KP{x1}={" + aliceRound1Payload.getKnowledgeProofForX1()[0].toString(16) + "};{" + aliceRound1Payload.getKnowledgeProofForX1()[1].toString(16) + "}");
System.out.println("KP{x2}={" + aliceRound1Payload.getKnowledgeProofForX2()[0].toString(16) + "};{" + aliceRound1Payload.getKnowledgeProofForX2()[1].toString(16) + "}");
System.out.println("");
System.out.println("Bob sends to Alice: ");
System.out.println("g^{x3}=" + bobRound1Payload.getGx1().toString(16));
System.out.println("g^{x4}=" + bobRound1Payload.getGx2().toString(16));
System.out.println("KP{x3}={" + bobRound1Payload.getKnowledgeProofForX1()[0].toString(16) + "};{" + bobRound1Payload.getKnowledgeProofForX1()[1].toString(16) + "}");
System.out.println("KP{x4}={" + bobRound1Payload.getKnowledgeProofForX2()[0].toString(16) + "};{" + bobRound1Payload.getKnowledgeProofForX2()[1].toString(16) + "}");
System.out.println("");
/*
* Each participant must then validate the received payload for round 1
*/
alice.validateRound1PayloadReceived(bobRound1Payload);
System.out.println("Alice checks g^{x4}!=1: OK");
System.out.println("Alice checks KP{x3}: OK");
System.out.println("Alice checks KP{x4}: OK");
System.out.println("");
bob.validateRound1PayloadReceived(aliceRound1Payload);
System.out.println("Bob checks g^{x2}!=1: OK");
System.out.println("Bob checks KP{x1},: OK");
System.out.println("Bob checks KP{x2},: OK");
System.out.println("");
/*
* Round 2
*
* Alice and Bob each generate a round 2 payload, and send it to each other.
*/
JPAKERound2Payload aliceRound2Payload = alice.createRound2PayloadToSend();
JPAKERound2Payload bobRound2Payload = bob.createRound2PayloadToSend();
System.out.println("************ Round 2 **************");
System.out.println("Alice sends to Bob: ");
System.out.println("A=" + aliceRound2Payload.getA().toString(16));
System.out.println("KP{x2*s}={" + aliceRound2Payload.getKnowledgeProofForX2s()[0].toString(16) + "},{" + aliceRound2Payload.getKnowledgeProofForX2s()[1].toString(16) + "}");
System.out.println("");
System.out.println("Bob sends to Alice");
System.out.println("B=" + bobRound2Payload.getA().toString(16));
System.out.println("KP{x4*s}={" + bobRound2Payload.getKnowledgeProofForX2s()[0].toString(16) + "},{" + bobRound2Payload.getKnowledgeProofForX2s()[1].toString(16) + "}");
System.out.println("");
/*
* Each participant must then validate the received payload for round 2
*/
alice.validateRound2PayloadReceived(bobRound2Payload);
System.out.println("Alice checks KP{x4*s}: OK\n");
bob.validateRound2PayloadReceived(aliceRound2Payload);
System.out.println("Bob checks KP{x2*s}: OK\n");
/*
* After round 2, each participant computes the keying material.
*/
BigInteger aliceKeyingMaterial = alice.calculateKeyingMaterial();
BigInteger bobKeyingMaterial = bob.calculateKeyingMaterial();
System.out.println("********* After round 2 ***********");
System.out.println("Alice computes key material \t K=" + aliceKeyingMaterial.toString(16));
System.out.println("Bob computes key material \t K=" + bobKeyingMaterial.toString(16));
System.out.println();
/*
* You must derive a session key from the keying material applicable
* to whatever encryption algorithm you want to use.
*/
BigInteger aliceKey = deriveSessionKey(aliceKeyingMaterial);
BigInteger bobKey = deriveSessionKey(bobKeyingMaterial);
/*
* At this point, you can stop and use the session keys if you want.
* This is implicit key confirmation.
*
* If you want to explicitly confirm that the key material matches,
* you can continue on and perform round 3.
*/
/*
* Round 3
*
* Alice and Bob each generate a round 3 payload, and send it to each other.
*/
JPAKERound3Payload aliceRound3Payload = alice.createRound3PayloadToSend(aliceKeyingMaterial);
JPAKERound3Payload bobRound3Payload = bob.createRound3PayloadToSend(bobKeyingMaterial);
System.out.println("************ Round 3 **************");
System.out.println("Alice sends to Bob: ");
System.out.println("MacTag=" + aliceRound3Payload.getMacTag().toString(16));
System.out.println("");
System.out.println("Bob sends to Alice: ");
System.out.println("MacTag=" + bobRound3Payload.getMacTag().toString(16));
System.out.println("");
/*
* Each participant must then validate the received payload for round 3
*/
alice.validateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial);
System.out.println("Alice checks MacTag: OK\n");
bob.validateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial);
System.out.println("Bob checks MacTag: OK\n");
System.out.println();
System.out.println("MacTags validated, therefore the keying material matches.");
}
Also used :
JPAKEPrimeOrderGroup(com.github.zhenwei.core.crypto.agreement.jpake.JPAKEPrimeOrderGroup)
JPAKERound1Payload(com.github.zhenwei.core.crypto.agreement.jpake.JPAKERound1Payload)
JPAKERound2Payload(com.github.zhenwei.core.crypto.agreement.jpake.JPAKERound2Payload)
Digest(com.github.zhenwei.core.crypto.Digest)
SHA256Digest(com.github.zhenwei.core.crypto.digests.SHA256Digest)
SHA256Digest(com.github.zhenwei.core.crypto.digests.SHA256Digest)
BigInteger(java.math.BigInteger)
SecureRandom(java.security.SecureRandom)
JPAKEParticipant(com.github.zhenwei.core.crypto.agreement.jpake.JPAKEParticipant)
JPAKERound3Payload(com.github.zhenwei.core.crypto.agreement.jpake.JPAKERound3Payload)
Aggregations
Digest (com.github.zhenwei.core.crypto.Digest)30
MGF1ParameterSpec (java.security.spec.MGF1ParameterSpec)5
OAEPEncoding (com.github.zhenwei.core.crypto.encodings.OAEPEncoding)4
BigInteger (java.math.BigInteger)4
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)3
CipherParameters (com.github.zhenwei.core.crypto.CipherParameters)3
SHA256Digest (com.github.zhenwei.core.crypto.digests.SHA256Digest)3
SHA512Digest (com.github.zhenwei.core.crypto.digests.SHA512Digest)3
KeyParameter (com.github.zhenwei.core.crypto.params.KeyParameter)3
DSADigestSigner (com.github.zhenwei.core.crypto.signers.DSADigestSigner)3
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
ElGamalEngine (com.github.zhenwei.core.crypto.engines.ElGamalEngine)2
RSABlindedEngine (com.github.zhenwei.core.crypto.engines.RSABlindedEngine)2
AsymmetricKeyParameter (com.github.zhenwei.core.crypto.params.AsymmetricKeyParameter)2
IESWithCipherParameters (com.github.zhenwei.core.crypto.params.IESWithCipherParameters)2
ParametersWithIV (com.github.zhenwei.core.crypto.params.ParametersWithIV)2
ParametersWithRandom (com.github.zhenwei.core.crypto.params.ParametersWithRandom)2
ECDSASigner (com.github.zhenwei.core.crypto.signers.ECDSASigner)2
InvalidKeyException (java.security.InvalidKeyException)2
InvalidParameterException (java.security.InvalidParameterException)2
