use of java.security.interfaces.DSAParams in project robovm by robovm.
the class KeyPairGenerator4Test method test_initializeLjava_security_spec_AlgorithmParameterSpecLjava_security_SecureRandom.
/**
* java.security.KeyPairGenerator#initialize(java.security.spec.AlgorithmParameterSpec,
* java.security.SecureRandom)
*/
public void test_initializeLjava_security_spec_AlgorithmParameterSpecLjava_security_SecureRandom() throws Exception {
// create DSAParams
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");
keyPairGenerator.initialize(1024);
DSAPublicKey key = (DSAPublicKey) keyPairGenerator.genKeyPair().getPublic();
DSAParams params = key.getParams();
KeyPairGenerator keyPair = KeyPairGenerator.getInstance("DSA");
keyPair.initialize(new DSAParameterSpec(params.getP(), params.getQ(), params.getG()), new SecureRandom());
}
use of java.security.interfaces.DSAParams in project wycheproof by google.
the class DsaTest method testKeyGeneration.
@SuppressWarnings("InsecureCryptoUsage")
public void testKeyGeneration(int keysize) throws Exception {
KeyPairGenerator generator = KeyPairGenerator.getInstance("DSA");
generator.initialize(keysize);
KeyPair keyPair = generator.generateKeyPair();
DSAPrivateKey priv = (DSAPrivateKey) keyPair.getPrivate();
DSAParams params = priv.getParams();
assertEquals(keysize, params.getP().bitLength());
// The NIST standard does not fully specify the size of q that
// must be used for a given key size. Hence there are differences.
// For example if keysize = 2048, then OpenSSL uses 256 bit q's by default,
// but the SUN provider uses 224 bits. Both are acceptable sizes.
// The tests below simply asserts that the size of q does not decrease the
// overall security of the DSA.
int qsize = params.getQ().bitLength();
switch(keysize) {
case 1024:
assertTrue("Invalid qsize for 1024 bit key:" + qsize, qsize >= 160);
break;
case 2048:
assertTrue("Invalid qsize for 2048 bit key:" + qsize, qsize >= 224);
break;
case 3072:
assertTrue("Invalid qsize for 3072 bit key:" + qsize, qsize >= 256);
break;
default:
fail("Invalid key size:" + keysize);
}
// Check the length of the private key.
// For example GPG4Browsers or the KJUR library derived from it use
// q.bitCount() instead of q.bitLength() to determine the size of the private key
// and hence would generate keys that are much too small.
assertTrue(priv.getX().bitLength() >= qsize - 32);
}
use of java.security.interfaces.DSAParams in project XobotOS by xamarin.
the class SHA1withDSA_SignatureImpl method checkSignature.
private boolean checkSignature(byte[] sigBytes, int offset, int length) throws SignatureException {
// names of below BigIntegers are the same as they are defined in DSA standard
BigInteger r, s, w;
BigInteger u1, u2, v;
// parameters and public key
BigInteger p, q, g, y;
DSAParams params;
int n1, n2;
byte[] bytes;
byte[] digest;
// checking up on signature's ASN1
try {
byte dummy;
n1 = sigBytes[offset + 3];
n2 = sigBytes[offset + n1 + 5];
if (sigBytes[offset + 0] != 0x30 || sigBytes[offset + 2] != 2 || sigBytes[offset + n1 + 4] != 2 || sigBytes[offset + 1] != (n1 + n2 + 4) || n1 > 21 || n2 > 21 || (length != 0 && (sigBytes[offset + 1] + 2) > length)) {
throw new SignatureException("signature bytes have invalid encoding");
}
// to check length of sigBytes
dummy = sigBytes[5 + n1 + n2];
} catch (ArrayIndexOutOfBoundsException e) {
throw new SignatureException("bad argument: byte[] is too small");
}
digest = msgDigest.digest();
bytes = new byte[n1];
System.arraycopy(sigBytes, offset + 4, bytes, 0, n1);
r = new BigInteger(bytes);
bytes = new byte[n2];
System.arraycopy(sigBytes, offset + 6 + n1, bytes, 0, n2);
s = new BigInteger(bytes);
params = dsaKey.getParams();
p = params.getP();
q = params.getQ();
g = params.getG();
y = ((DSAPublicKey) dsaKey).getY();
if (r.signum() != 1 || r.compareTo(q) != -1 || s.signum() != 1 || s.compareTo(q) != -1) {
return false;
}
w = s.modInverse(q);
u1 = (new BigInteger(1, digest)).multiply(w).mod(q);
u2 = r.multiply(w).mod(q);
v = g.modPow(u1, p).multiply(y.modPow(u2, p)).mod(p).mod(q);
if (v.compareTo(r) != 0) {
return false;
}
return true;
}
use of java.security.interfaces.DSAParams in project XobotOS by xamarin.
the class SHA1withDSA_SignatureImpl method engineSign.
/**
* Returns signature bytes as byte array containing
* ASN1 representation for two BigInteger objects
* which is SEQUENCE of two INTEGERS.
* Length of sequence varies from less than 46 to 48.
*
* Resets object to the state it was in
* when previous call to either "initSign" method was called.
*
* @return
* byte array containing signature in ASN1 representation
* @throws
* SignatureException if object's state is not SIGN or
* signature algorithm cannot process data
*/
protected byte[] engineSign() throws SignatureException {
// names of below BigIntegers are the same as they are defined in DSA standard
BigInteger r = null;
BigInteger s = null;
BigInteger k = null;
// parameters and private key
BigInteger p, q, g, x;
// BigInteger for message digest
BigInteger digestBI;
// various byte array being used in computing signature
byte[] randomBytes;
byte[] rBytes;
byte[] sBytes;
byte[] signature;
int n, n1, n2;
DSAParams params;
if (appRandom == null) {
appRandom = new SecureRandom();
}
params = dsaKey.getParams();
p = params.getP();
q = params.getQ();
g = params.getG();
x = ((DSAPrivateKey) dsaKey).getX();
// forming signature according algorithm described in chapter 5 of DSA standard
digestBI = new BigInteger(1, msgDigest.digest());
randomBytes = new byte[20];
for (; ; ) {
appRandom.nextBytes(randomBytes);
k = new BigInteger(1, randomBytes);
if (k.compareTo(q) != -1) {
continue;
}
r = g.modPow(k, p).mod(q);
if (r.signum() == 0) {
continue;
}
s = k.modInverse(q).multiply(digestBI.add(x.multiply(r)).mod(q)).mod(q);
if (s.signum() != 0) {
break;
}
}
// forming signature's ASN1 representation which is SEQUENCE of two INTEGERs
//
rBytes = r.toByteArray();
n1 = rBytes.length;
if ((rBytes[0] & 0x80) != 0) {
n1++;
}
sBytes = s.toByteArray();
n2 = sBytes.length;
if ((sBytes[0] & 0x80) != 0) {
n2++;
}
// 48 is max. possible length of signature
signature = new byte[6 + n1 + n2];
// ASN1 SEQUENCE tag
signature[0] = (byte) 0x30;
// total length of two INTEGERs
signature[1] = (byte) (4 + n1 + n2);
// ASN1 INTEGER tag
signature[2] = (byte) 0x02;
// length of r
signature[3] = (byte) n1;
// ASN1 INTEGER tag
signature[4 + n1] = (byte) 0x02;
// length of s
signature[5 + n1] = (byte) n2;
if (n1 == rBytes.length) {
n = 4;
} else {
n = 5;
}
System.arraycopy(rBytes, 0, signature, n, rBytes.length);
if (n2 == sBytes.length) {
n = 6 + n1;
} else {
n = 7 + n1;
}
System.arraycopy(sBytes, 0, signature, n, sBytes.length);
return signature;
}
use of java.security.interfaces.DSAParams in project XobotOS by xamarin.
the class DSAKeyFactoryImpl method engineGetKeySpec.
/**
* This method returns a specification for the supplied key.
*
* The specification will be returned in the form of an object of the type
* specified by keySpec.
*
* @param key -
* either DSAPrivateKey or DSAPublicKey
* @param keySpec -
* either DSAPrivateKeySpec.class or DSAPublicKeySpec.class
*
* @return either a DSAPrivateKeySpec or a DSAPublicKeySpec
*
* @throws InvalidKeySpecException
* if "keySpec" is not a specification for DSAPublicKey or
* DSAPrivateKey
*/
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
BigInteger p, q, g, x, y;
if (key != null) {
if (keySpec == null) {
throw new NullPointerException("keySpec == null");
}
if (key instanceof DSAPrivateKey) {
DSAPrivateKey privateKey = (DSAPrivateKey) key;
if (keySpec.equals(DSAPrivateKeySpec.class)) {
x = privateKey.getX();
DSAParams params = privateKey.getParams();
p = params.getP();
q = params.getQ();
g = params.getG();
return (T) (new DSAPrivateKeySpec(x, p, q, g));
}
if (keySpec.equals(PKCS8EncodedKeySpec.class)) {
return (T) (new PKCS8EncodedKeySpec(key.getEncoded()));
}
throw new InvalidKeySpecException("'keySpec' is neither DSAPrivateKeySpec nor PKCS8EncodedKeySpec");
}
if (key instanceof DSAPublicKey) {
DSAPublicKey publicKey = (DSAPublicKey) key;
if (keySpec.equals(DSAPublicKeySpec.class)) {
y = publicKey.getY();
DSAParams params = publicKey.getParams();
p = params.getP();
q = params.getQ();
g = params.getG();
return (T) (new DSAPublicKeySpec(y, p, q, g));
}
if (keySpec.equals(X509EncodedKeySpec.class)) {
return (T) (new X509EncodedKeySpec(key.getEncoded()));
}
throw new InvalidKeySpecException("'keySpec' is neither DSAPublicKeySpec nor X509EncodedKeySpec");
}
}
throw new InvalidKeySpecException("'key' is neither DSAPublicKey nor DSAPrivateKey");
}
Aggregations