use of com.github.zhenwei.core.crypto.params.DSAParameters in project LinLong-Java by zhenwei1108.
the class DSASigner method verifySignature.
/**
* return true if the value r and s represent a DSA signature for the passed in message for
* standard DSA the message should be a SHA-1 hash of the real message to be verified.
*/
public boolean verifySignature(byte[] message, BigInteger r, BigInteger s) {
DSAParameters params = key.getParameters();
BigInteger q = params.getQ();
BigInteger m = calculateE(q, message);
BigInteger zero = BigInteger.valueOf(0);
if (zero.compareTo(r) >= 0 || q.compareTo(r) <= 0) {
return false;
}
if (zero.compareTo(s) >= 0 || q.compareTo(s) <= 0) {
return false;
}
BigInteger w = BigIntegers.modOddInverseVar(q, s);
BigInteger u1 = m.multiply(w).mod(q);
BigInteger u2 = r.multiply(w).mod(q);
BigInteger p = params.getP();
u1 = params.getG().modPow(u1, p);
u2 = ((DSAPublicKeyParameters) key).getY().modPow(u2, p);
BigInteger v = u1.multiply(u2).mod(p).mod(q);
return v.equals(r);
}
use of com.github.zhenwei.core.crypto.params.DSAParameters in project LinLong-Java by zhenwei1108.
the class DSASigner method generateSignature.
/**
* generate a signature for the given message using the key we were initialised with. For
* conventional DSA the message should be a SHA-1 hash of the message of interest.
*
* @param message the message that will be verified later.
*/
public BigInteger[] generateSignature(byte[] message) {
DSAParameters params = key.getParameters();
BigInteger q = params.getQ();
BigInteger m = calculateE(q, message);
BigInteger x = ((DSAPrivateKeyParameters) key).getX();
if (kCalculator.isDeterministic()) {
kCalculator.init(q, x, message);
} else {
kCalculator.init(q, random);
}
BigInteger k = kCalculator.nextK();
// the randomizer is to conceal timing information related to k and x.
BigInteger r = params.getG().modPow(k.add(getRandomizer(q, random)), params.getP()).mod(q);
k = BigIntegers.modOddInverse(q, k).multiply(m.add(x.multiply(r)));
BigInteger s = k.mod(q);
return new BigInteger[] { r, s };
}
use of com.github.zhenwei.core.crypto.params.DSAParameters in project LinLong-Java by zhenwei1108.
the class PrivateKeyInfoFactory method createPrivateKeyInfo.
/**
* Create a PrivateKeyInfo representation of a private key with attributes.
*
* @param privateKey the key to be encoded into the info object.
* @param attributes the set of attributes to be included.
* @return the appropriate PrivateKeyInfo
* @throws IOException on an error encoding the key
*/
public static PrivateKeyInfo createPrivateKeyInfo(AsymmetricKeyParameter privateKey, ASN1Set attributes) throws IOException {
if (privateKey instanceof RSAKeyParameters) {
RSAPrivateCrtKeyParameters priv = (RSAPrivateCrtKeyParameters) privateKey;
return new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPrivateKey(priv.getModulus(), priv.getPublicExponent(), priv.getExponent(), priv.getP(), priv.getQ(), priv.getDP(), priv.getDQ(), priv.getQInv()), attributes);
} else if (privateKey instanceof DSAPrivateKeyParameters) {
DSAPrivateKeyParameters priv = (DSAPrivateKeyParameters) privateKey;
DSAParameters params = priv.getParameters();
return new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(params.getP(), params.getQ(), params.getG())), new ASN1Integer(priv.getX()), attributes);
} else if (privateKey instanceof ECPrivateKeyParameters) {
ECPrivateKeyParameters priv = (ECPrivateKeyParameters) privateKey;
ECDomainParameters domainParams = priv.getParameters();
ASN1Encodable params;
int orderBitLength;
if (domainParams == null) {
// Implicitly CA
params = new X962Parameters(DERNull.INSTANCE);
orderBitLength = priv.getD().bitLength();
} else if (domainParams instanceof ECGOST3410Parameters) {
GOST3410PublicKeyAlgParameters gostParams = new GOST3410PublicKeyAlgParameters(((ECGOST3410Parameters) domainParams).getPublicKeyParamSet(), ((ECGOST3410Parameters) domainParams).getDigestParamSet(), ((ECGOST3410Parameters) domainParams).getEncryptionParamSet());
int size;
ASN1ObjectIdentifier identifier;
if (cryptoProOids.contains(gostParams.getPublicKeyParamSet())) {
size = 32;
identifier = CryptoProObjectIdentifiers.gostR3410_2001;
} else {
boolean is512 = priv.getD().bitLength() > 256;
identifier = (is512) ? RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512 : RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
size = (is512) ? 64 : 32;
}
byte[] encKey = new byte[size];
extractBytes(encKey, size, 0, priv.getD());
return new PrivateKeyInfo(new AlgorithmIdentifier(identifier, gostParams), new DEROctetString(encKey));
} else if (domainParams instanceof ECNamedDomainParameters) {
params = new X962Parameters(((ECNamedDomainParameters) domainParams).getName());
orderBitLength = domainParams.getN().bitLength();
} else {
X9ECParameters ecP = new X9ECParameters(domainParams.getCurve(), new X9ECPoint(domainParams.getG(), false), domainParams.getN(), domainParams.getH(), domainParams.getSeed());
params = new X962Parameters(ecP);
orderBitLength = domainParams.getN().bitLength();
}
ECPoint q = new FixedPointCombMultiplier().multiply(domainParams.getG(), priv.getD());
// TODO Support point compression
DERBitString publicKey = new DERBitString(q.getEncoded(false));
return new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), new ECPrivateKey(orderBitLength, priv.getD(), publicKey, params), attributes);
} else if (privateKey instanceof X448PrivateKeyParameters) {
X448PrivateKeyParameters key = (X448PrivateKeyParameters) privateKey;
return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448), new DEROctetString(key.getEncoded()), attributes, key.generatePublicKey().getEncoded());
} else if (privateKey instanceof X25519PrivateKeyParameters) {
X25519PrivateKeyParameters key = (X25519PrivateKeyParameters) privateKey;
return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), new DEROctetString(key.getEncoded()), attributes, key.generatePublicKey().getEncoded());
} else if (privateKey instanceof Ed448PrivateKeyParameters) {
Ed448PrivateKeyParameters key = (Ed448PrivateKeyParameters) privateKey;
return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448), new DEROctetString(key.getEncoded()), attributes, key.generatePublicKey().getEncoded());
} else if (privateKey instanceof Ed25519PrivateKeyParameters) {
Ed25519PrivateKeyParameters key = (Ed25519PrivateKeyParameters) privateKey;
return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519), new DEROctetString(key.getEncoded()), attributes, key.generatePublicKey().getEncoded());
} else {
throw new IOException("key parameters not recognized");
}
}
use of com.github.zhenwei.core.crypto.params.DSAParameters in project LinLong-Java by zhenwei1108.
the class OpenSSHPublicKeyUtil method parsePublicKey.
/**
* Parse a public key from an SSHBuffer instance.
*
* @param buffer containing the SSH public key.
* @return A CipherParameters instance.
*/
public static AsymmetricKeyParameter parsePublicKey(SSHBuffer buffer) {
AsymmetricKeyParameter result = null;
String magic = buffer.readString();
if (RSA.equals(magic)) {
BigInteger e = buffer.readBigNumPositive();
BigInteger n = buffer.readBigNumPositive();
result = new RSAKeyParameters(false, n, e);
} else if (DSS.equals(magic)) {
BigInteger p = buffer.readBigNumPositive();
BigInteger q = buffer.readBigNumPositive();
BigInteger g = buffer.readBigNumPositive();
BigInteger pubKey = buffer.readBigNumPositive();
result = new DSAPublicKeyParameters(pubKey, new DSAParameters(p, q, g));
} else if (magic.startsWith(ECDSA)) {
String curveName = buffer.readString();
ASN1ObjectIdentifier oid = SSHNamedCurves.getByName(curveName);
X9ECParameters x9ECParameters = SSHNamedCurves.getParameters(oid);
if (x9ECParameters == null) {
throw new IllegalStateException("unable to find curve for " + magic + " using curve name " + curveName);
}
ECCurve curve = x9ECParameters.getCurve();
byte[] pointRaw = buffer.readBlock();
result = new ECPublicKeyParameters(curve.decodePoint(pointRaw), new ECNamedDomainParameters(oid, x9ECParameters));
} else if (ED_25519.equals(magic)) {
byte[] pubKeyBytes = buffer.readBlock();
if (pubKeyBytes.length != Ed25519PublicKeyParameters.KEY_SIZE) {
throw new IllegalStateException("public key value of wrong length");
}
result = new Ed25519PublicKeyParameters(pubKeyBytes, 0);
}
if (result == null) {
throw new IllegalArgumentException("unable to parse key");
}
if (buffer.hasRemaining()) {
throw new IllegalArgumentException("decoded key has trailing data");
}
return result;
}
use of com.github.zhenwei.core.crypto.params.DSAParameters in project LinLong-Java by zhenwei1108.
the class AlgorithmParameterGeneratorSpi method engineGenerateParameters.
protected AlgorithmParameters engineGenerateParameters() {
DSAParametersGenerator pGen;
if (strength <= 1024) {
pGen = new DSAParametersGenerator();
} else {
pGen = new DSAParametersGenerator(new SHA256Digest());
}
if (random == null) {
random = CryptoServicesRegistrar.getSecureRandom();
}
int certainty = PrimeCertaintyCalculator.getDefaultCertainty(strength);
if (strength == 1024) {
params = new DSAParameterGenerationParameters(1024, 160, certainty, random);
pGen.init(params);
} else if (strength > 1024) {
params = new DSAParameterGenerationParameters(strength, 256, certainty, random);
pGen.init(params);
} else {
pGen.init(strength, certainty, random);
}
DSAParameters p = pGen.generateParameters();
AlgorithmParameters params;
try {
params = createParametersInstance("DSA");
params.init(new DSAParameterSpec(p.getP(), p.getQ(), p.getG()));
} catch (Exception e) {
throw new RuntimeException(e.getMessage());
}
return params;
}
Aggregations