Search in sources :

Example 6 with DSAParams

use of java.security.interfaces.DSAParams in project robovm by robovm.

the class KeyPairGenerator4Test method test_initializeLjava_security_spec_AlgorithmParameterSpecLjava_security_SecureRandom.

/**
     * java.security.KeyPairGenerator#initialize(java.security.spec.AlgorithmParameterSpec,
     *        java.security.SecureRandom)
     */
public void test_initializeLjava_security_spec_AlgorithmParameterSpecLjava_security_SecureRandom() throws Exception {
    // create DSAParams
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");
    keyPairGenerator.initialize(1024);
    DSAPublicKey key = (DSAPublicKey) keyPairGenerator.genKeyPair().getPublic();
    DSAParams params = key.getParams();
    KeyPairGenerator keyPair = KeyPairGenerator.getInstance("DSA");
    keyPair.initialize(new DSAParameterSpec(params.getP(), params.getQ(), params.getG()), new SecureRandom());
}
Also used : DSAParameterSpec(java.security.spec.DSAParameterSpec) SecureRandom(java.security.SecureRandom) KeyPairGenerator(java.security.KeyPairGenerator) DSAParams(java.security.interfaces.DSAParams) DSAPublicKey(java.security.interfaces.DSAPublicKey)

Example 7 with DSAParams

use of java.security.interfaces.DSAParams in project wycheproof by google.

the class DsaTest method testKeyGeneration.

@SuppressWarnings("InsecureCryptoUsage")
public void testKeyGeneration(int keysize) throws Exception {
    KeyPairGenerator generator = KeyPairGenerator.getInstance("DSA");
    generator.initialize(keysize);
    KeyPair keyPair = generator.generateKeyPair();
    DSAPrivateKey priv = (DSAPrivateKey) keyPair.getPrivate();
    DSAParams params = priv.getParams();
    assertEquals(keysize, params.getP().bitLength());
    // The NIST standard does not fully specify the size of q that
    // must be used for a given key size. Hence there are differences.
    // For example if keysize = 2048, then OpenSSL uses 256 bit q's by default,
    // but the SUN provider uses 224 bits. Both are acceptable sizes.
    // The tests below simply asserts that the size of q does not decrease the
    // overall security of the DSA.
    int qsize = params.getQ().bitLength();
    switch(keysize) {
        case 1024:
            assertTrue("Invalid qsize for 1024 bit key:" + qsize, qsize >= 160);
            break;
        case 2048:
            assertTrue("Invalid qsize for 2048 bit key:" + qsize, qsize >= 224);
            break;
        case 3072:
            assertTrue("Invalid qsize for 3072 bit key:" + qsize, qsize >= 256);
            break;
        default:
            fail("Invalid key size:" + keysize);
    }
    // Check the length of the private key.
    // For example GPG4Browsers or the KJUR library derived from it use
    // q.bitCount() instead of q.bitLength() to determine the size of the private key
    // and hence would generate keys that are much too small.
    assertTrue(priv.getX().bitLength() >= qsize - 32);
}
Also used : KeyPair(java.security.KeyPair) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) KeyPairGenerator(java.security.KeyPairGenerator) DSAParams(java.security.interfaces.DSAParams)

Example 8 with DSAParams

use of java.security.interfaces.DSAParams in project XobotOS by xamarin.

the class SHA1withDSA_SignatureImpl method checkSignature.

private boolean checkSignature(byte[] sigBytes, int offset, int length) throws SignatureException {
    // names of below BigIntegers are the same as they are defined in DSA standard
    BigInteger r, s, w;
    BigInteger u1, u2, v;
    // parameters and public key
    BigInteger p, q, g, y;
    DSAParams params;
    int n1, n2;
    byte[] bytes;
    byte[] digest;
    // checking up on signature's ASN1
    try {
        byte dummy;
        n1 = sigBytes[offset + 3];
        n2 = sigBytes[offset + n1 + 5];
        if (sigBytes[offset + 0] != 0x30 || sigBytes[offset + 2] != 2 || sigBytes[offset + n1 + 4] != 2 || sigBytes[offset + 1] != (n1 + n2 + 4) || n1 > 21 || n2 > 21 || (length != 0 && (sigBytes[offset + 1] + 2) > length)) {
            throw new SignatureException("signature bytes have invalid encoding");
        }
        // to check length of sigBytes
        dummy = sigBytes[5 + n1 + n2];
    } catch (ArrayIndexOutOfBoundsException e) {
        throw new SignatureException("bad argument: byte[] is too small");
    }
    digest = msgDigest.digest();
    bytes = new byte[n1];
    System.arraycopy(sigBytes, offset + 4, bytes, 0, n1);
    r = new BigInteger(bytes);
    bytes = new byte[n2];
    System.arraycopy(sigBytes, offset + 6 + n1, bytes, 0, n2);
    s = new BigInteger(bytes);
    params = dsaKey.getParams();
    p = params.getP();
    q = params.getQ();
    g = params.getG();
    y = ((DSAPublicKey) dsaKey).getY();
    if (r.signum() != 1 || r.compareTo(q) != -1 || s.signum() != 1 || s.compareTo(q) != -1) {
        return false;
    }
    w = s.modInverse(q);
    u1 = (new BigInteger(1, digest)).multiply(w).mod(q);
    u2 = r.multiply(w).mod(q);
    v = g.modPow(u1, p).multiply(y.modPow(u2, p)).mod(p).mod(q);
    if (v.compareTo(r) != 0) {
        return false;
    }
    return true;
}
Also used : BigInteger(java.math.BigInteger) DSAParams(java.security.interfaces.DSAParams) SignatureException(java.security.SignatureException)

Example 9 with DSAParams

use of java.security.interfaces.DSAParams in project XobotOS by xamarin.

the class SHA1withDSA_SignatureImpl method engineSign.

/**
     * Returns signature bytes as byte array containing
     * ASN1 representation for two BigInteger objects
     * which is SEQUENCE of two INTEGERS.
     * Length of sequence varies from less than 46 to 48.
     *
     * Resets object to the state it was in
     * when previous call to either "initSign" method was called.
     *
     * @return
     *    byte array containing signature in ASN1 representation
     * @throws
     *    SignatureException if object's state is not SIGN or
     *                       signature algorithm cannot process data
     */
protected byte[] engineSign() throws SignatureException {
    // names of below BigIntegers are the same as they are defined in DSA standard
    BigInteger r = null;
    BigInteger s = null;
    BigInteger k = null;
    // parameters and private key
    BigInteger p, q, g, x;
    // BigInteger for message digest
    BigInteger digestBI;
    // various byte array being used in computing signature
    byte[] randomBytes;
    byte[] rBytes;
    byte[] sBytes;
    byte[] signature;
    int n, n1, n2;
    DSAParams params;
    if (appRandom == null) {
        appRandom = new SecureRandom();
    }
    params = dsaKey.getParams();
    p = params.getP();
    q = params.getQ();
    g = params.getG();
    x = ((DSAPrivateKey) dsaKey).getX();
    // forming signature according algorithm described in chapter 5 of DSA standard
    digestBI = new BigInteger(1, msgDigest.digest());
    randomBytes = new byte[20];
    for (; ; ) {
        appRandom.nextBytes(randomBytes);
        k = new BigInteger(1, randomBytes);
        if (k.compareTo(q) != -1) {
            continue;
        }
        r = g.modPow(k, p).mod(q);
        if (r.signum() == 0) {
            continue;
        }
        s = k.modInverse(q).multiply(digestBI.add(x.multiply(r)).mod(q)).mod(q);
        if (s.signum() != 0) {
            break;
        }
    }
    // forming signature's ASN1 representation which is SEQUENCE of two INTEGERs
    //
    rBytes = r.toByteArray();
    n1 = rBytes.length;
    if ((rBytes[0] & 0x80) != 0) {
        n1++;
    }
    sBytes = s.toByteArray();
    n2 = sBytes.length;
    if ((sBytes[0] & 0x80) != 0) {
        n2++;
    }
    // 48 is max. possible length of signature
    signature = new byte[6 + n1 + n2];
    // ASN1 SEQUENCE tag
    signature[0] = (byte) 0x30;
    // total length of two INTEGERs
    signature[1] = (byte) (4 + n1 + n2);
    // ASN1 INTEGER tag
    signature[2] = (byte) 0x02;
    // length of r
    signature[3] = (byte) n1;
    // ASN1 INTEGER tag
    signature[4 + n1] = (byte) 0x02;
    // length of s
    signature[5 + n1] = (byte) n2;
    if (n1 == rBytes.length) {
        n = 4;
    } else {
        n = 5;
    }
    System.arraycopy(rBytes, 0, signature, n, rBytes.length);
    if (n2 == sBytes.length) {
        n = 6 + n1;
    } else {
        n = 7 + n1;
    }
    System.arraycopy(sBytes, 0, signature, n, sBytes.length);
    return signature;
}
Also used : BigInteger(java.math.BigInteger) SecureRandom(java.security.SecureRandom) DSAParams(java.security.interfaces.DSAParams)

Example 10 with DSAParams

use of java.security.interfaces.DSAParams in project XobotOS by xamarin.

the class DSAKeyFactoryImpl method engineGetKeySpec.

/**
     * This method returns a specification for the supplied key.
     *
     * The specification will be returned in the form of an object of the type
     * specified by keySpec.
     *
     * @param key -
     *            either DSAPrivateKey or DSAPublicKey
     * @param keySpec -
     *            either DSAPrivateKeySpec.class or DSAPublicKeySpec.class
     *
     * @return either a DSAPrivateKeySpec or a DSAPublicKeySpec
     *
     * @throws InvalidKeySpecException
     *             if "keySpec" is not a specification for DSAPublicKey or
     *             DSAPrivateKey
     */
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
    BigInteger p, q, g, x, y;
    if (key != null) {
        if (keySpec == null) {
            throw new NullPointerException("keySpec == null");
        }
        if (key instanceof DSAPrivateKey) {
            DSAPrivateKey privateKey = (DSAPrivateKey) key;
            if (keySpec.equals(DSAPrivateKeySpec.class)) {
                x = privateKey.getX();
                DSAParams params = privateKey.getParams();
                p = params.getP();
                q = params.getQ();
                g = params.getG();
                return (T) (new DSAPrivateKeySpec(x, p, q, g));
            }
            if (keySpec.equals(PKCS8EncodedKeySpec.class)) {
                return (T) (new PKCS8EncodedKeySpec(key.getEncoded()));
            }
            throw new InvalidKeySpecException("'keySpec' is neither DSAPrivateKeySpec nor PKCS8EncodedKeySpec");
        }
        if (key instanceof DSAPublicKey) {
            DSAPublicKey publicKey = (DSAPublicKey) key;
            if (keySpec.equals(DSAPublicKeySpec.class)) {
                y = publicKey.getY();
                DSAParams params = publicKey.getParams();
                p = params.getP();
                q = params.getQ();
                g = params.getG();
                return (T) (new DSAPublicKeySpec(y, p, q, g));
            }
            if (keySpec.equals(X509EncodedKeySpec.class)) {
                return (T) (new X509EncodedKeySpec(key.getEncoded()));
            }
            throw new InvalidKeySpecException("'keySpec' is neither DSAPublicKeySpec nor X509EncodedKeySpec");
        }
    }
    throw new InvalidKeySpecException("'key' is neither DSAPublicKey nor DSAPrivateKey");
}
Also used : DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) BigInteger(java.math.BigInteger) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) DSAParams(java.security.interfaces.DSAParams) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) DSAPublicKey(java.security.interfaces.DSAPublicKey) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)

Aggregations

DSAParams (java.security.interfaces.DSAParams)40 DSAPublicKey (java.security.interfaces.DSAPublicKey)19 BigInteger (java.math.BigInteger)16 DSAPrivateKey (java.security.interfaces.DSAPrivateKey)13 DSAParameterSpec (java.security.spec.DSAParameterSpec)11 DSAPublicKeySpec (java.security.spec.DSAPublicKeySpec)11 InvalidKeyException (java.security.InvalidKeyException)8 PublicKey (java.security.PublicKey)7 DSAPrivateKeySpec (java.security.spec.DSAPrivateKeySpec)7 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)7 KeyPairGenerator (java.security.KeyPairGenerator)6 SecureRandom (java.security.SecureRandom)5 X509Certificate (java.security.cert.X509Certificate)5 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)5 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)5 GeneralSecurityException (java.security.GeneralSecurityException)4 KeyFactory (java.security.KeyFactory)4 KeyPair (java.security.KeyPair)4 CertPathValidatorException (java.security.cert.CertPathValidatorException)4 IOException (java.io.IOException)3