Search in sources :

Example 1 with CryptoException

use of org.bouncycastle.crypto.CryptoException in project robovm by robovm.

the class RSADigestSigner method generateSignature.

/**
     * Generate a signature for the message we've been loaded with using the key
     * we were initialised with.
     */
public byte[] generateSignature() throws CryptoException, DataLengthException {
    if (!forSigning) {
        throw new IllegalStateException("RSADigestSigner not initialised for signature generation.");
    }
    byte[] hash = new byte[digest.getDigestSize()];
    digest.doFinal(hash, 0);
    try {
        byte[] data = derEncode(hash);
        return rsaEngine.processBlock(data, 0, data.length);
    } catch (IOException e) {
        throw new CryptoException("unable to encode signature: " + e.getMessage(), e);
    }
}
Also used : IOException(java.io.IOException) CryptoException(org.bouncycastle.crypto.CryptoException)

Example 2 with CryptoException

use of org.bouncycastle.crypto.CryptoException in project cloudbreak by hortonworks.

the class PkiUtil method generateSignature.

public static String generateSignature(String privateKeyPem, byte[] data) {
    RSAKeyParameters rsaKeyParameters = CACHE.get(privateKeyPem);
    if (rsaKeyParameters == null) {
        try (PEMParser pEMParser = new PEMParser(new StringReader(clarifyPemKey(privateKeyPem)))) {
            PEMKeyPair pemKeyPair = (PEMKeyPair) pEMParser.readObject();
            KeyFactory factory = KeyFactory.getInstance("RSA");
            KeySpec publicKeySpec = new X509EncodedKeySpec(pemKeyPair.getPublicKeyInfo().getEncoded());
            PublicKey publicKey = factory.generatePublic(publicKeySpec);
            KeySpec privateKeySpec = new PKCS8EncodedKeySpec(pemKeyPair.getPrivateKeyInfo().getEncoded());
            PrivateKey privateKey = factory.generatePrivate(privateKeySpec);
            KeyPair kp = new KeyPair(publicKey, privateKey);
            RSAPrivateKeySpec privKeySpec = factory.getKeySpec(kp.getPrivate(), RSAPrivateKeySpec.class);
            rsaKeyParameters = new RSAKeyParameters(true, privKeySpec.getModulus(), privKeySpec.getPrivateExponent());
            CACHE.put(privateKeyPem, rsaKeyParameters);
        } catch (NoSuchAlgorithmException | IOException | InvalidKeySpecException e) {
            throw new SecurityException(e);
        }
    }
    Signer signer = new PSSSigner(new RSAEngine(), new SHA256Digest(), SALT_LENGTH);
    signer.init(true, rsaKeyParameters);
    signer.update(data, 0, data.length);
    try {
        byte[] signature = signer.generateSignature();
        return BaseEncoding.base64().encode(signature);
    } catch (CryptoException e) {
        throw new SecurityException(e);
    }
}
Also used : KeyPair(java.security.KeyPair) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKey(java.security.PrivateKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) PublicKey(java.security.PublicKey) KeySpec(java.security.spec.KeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) RSAPrivateKeySpec(java.security.spec.RSAPrivateKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) RSAKeyParameters(org.bouncycastle.crypto.params.RSAKeyParameters) Signer(org.bouncycastle.crypto.Signer) ContentSigner(org.bouncycastle.operator.ContentSigner) PSSSigner(org.bouncycastle.crypto.signers.PSSSigner) PEMParser(org.bouncycastle.openssl.PEMParser) RSAPrivateKeySpec(java.security.spec.RSAPrivateKeySpec) SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) StringReader(java.io.StringReader) PSSSigner(org.bouncycastle.crypto.signers.PSSSigner) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) CryptoException(org.bouncycastle.crypto.CryptoException) RSAEngine(org.bouncycastle.crypto.engines.RSAEngine) PrivateKeyFactory(org.bouncycastle.crypto.util.PrivateKeyFactory) KeyFactory(java.security.KeyFactory)

Example 3 with CryptoException

use of org.bouncycastle.crypto.CryptoException in project web3sdk by FISCO-BCOS.

the class SM2Signer method generateSignature.

@Override
public byte[] generateSignature() throws CryptoException {
    byte[] eHash = digestDoFinal();
    BigInteger n = ecParams.getN();
    BigInteger e = calculateE(eHash);
    BigInteger d = ((ECPrivateKeyParameters) ecKey).getD();
    BigInteger r, s;
    ECMultiplier basePointMultiplier = createBasePointMultiplier();
    // 5.2.1 Draft RFC:  SM2 Public Key Algorithms
    do // generate s
    {
        BigInteger k;
        do // generate r
        {
            // A3
            k = kCalculator.nextK();
            // A4
            ECPoint p = basePointMultiplier.multiply(ecParams.getG(), k).normalize();
            // A5
            r = e.add(p.getAffineXCoord().toBigInteger()).mod(n);
        } while (r.equals(ZERO) || r.add(k).equals(n));
        // A6
        BigInteger dPlus1ModN = d.add(ONE).modInverse(n);
        s = k.subtract(r.multiply(d)).mod(n);
        s = dPlus1ModN.multiply(s).mod(n);
    } while (s.equals(ZERO));
    // A7
    try {
        return derEncode(r, s);
    } catch (IOException ex) {
        throw new CryptoException("unable to encode signature: " + ex.getMessage(), ex);
    }
}
Also used : ECPrivateKeyParameters(org.bouncycastle.crypto.params.ECPrivateKeyParameters) BigInteger(java.math.BigInteger) ECMultiplier(org.bouncycastle.math.ec.ECMultiplier) IOException(java.io.IOException) ECPoint(org.bouncycastle.math.ec.ECPoint) CryptoException(org.bouncycastle.crypto.CryptoException)

Example 4 with CryptoException

use of org.bouncycastle.crypto.CryptoException in project xipki by xipki.

the class SM2Signer method generateSignatureForHash.

// CHECKSTYLE:SKIP
public byte[] generateSignatureForHash(byte[] eHash) throws CryptoException {
    BigInteger n = ecParams.getN();
    BigInteger e = new BigInteger(1, eHash);
    BigInteger d = ((ECPrivateKeyParameters) ecKey).getD();
    BigInteger r;
    BigInteger s;
    ECMultiplier basePointMultiplier = new FixedPointCombMultiplier();
    // 5.2.1 Draft RFC:  SM2 Public Key Algorithms
    do {
        // generate s
        BigInteger k;
        do {
            // generate r
            // A3
            k = kCalculator.nextK();
            // A4
            ECPoint p = basePointMultiplier.multiply(ecParams.getG(), k).normalize();
            // A5
            r = e.add(p.getAffineXCoord().toBigInteger()).mod(n);
        } while (r.equals(ECConstants.ZERO) || r.add(k).equals(n));
        // A6
        // CHECKSTYLE:SKIP
        BigInteger dPlus1ModN = d.add(ECConstants.ONE).modInverse(n);
        s = k.subtract(r.multiply(d)).mod(n);
        s = dPlus1ModN.multiply(s).mod(n);
    } while (s.equals(ECConstants.ZERO));
    // A7
    try {
        ASN1EncodableVector v = new ASN1EncodableVector();
        v.add(new ASN1Integer(r));
        v.add(new ASN1Integer(s));
        return new DERSequence(v).getEncoded(ASN1Encoding.DER);
    } catch (IOException ex) {
        throw new CryptoException("unable to encode signature: " + ex.getMessage(), ex);
    }
}
Also used : FixedPointCombMultiplier(org.bouncycastle.math.ec.FixedPointCombMultiplier) ECPrivateKeyParameters(org.bouncycastle.crypto.params.ECPrivateKeyParameters) DERSequence(org.bouncycastle.asn1.DERSequence) BigInteger(java.math.BigInteger) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) ECMultiplier(org.bouncycastle.math.ec.ECMultiplier) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IOException(java.io.IOException) ECPoint(org.bouncycastle.math.ec.ECPoint) CryptoException(org.bouncycastle.crypto.CryptoException)

Example 5 with CryptoException

use of org.bouncycastle.crypto.CryptoException in project xipki by xipki.

the class EmulatorP11Identity method sm2SignHash.

private byte[] sm2SignHash(byte[] hash) throws P11TokenException {
    ConcurrentBagEntry<SM2Signer> sig0;
    try {
        sig0 = sm2Signers.borrow(5000, TimeUnit.MILLISECONDS);
    } catch (InterruptedException ex) {
        throw new P11TokenException("InterruptedException occurs while retrieving idle signature");
    }
    if (sig0 == null) {
        throw new P11TokenException("no idle SM2 Signer available");
    }
    try {
        SM2Signer sig = sig0.value();
        byte[] x962Signature = sig.generateSignatureForHash(hash);
        return SignerUtil.dsaSigX962ToPlain(x962Signature, getSignatureKeyBitLength());
    } catch (CryptoException ex) {
        throw new P11TokenException("CryptoException: " + ex.getMessage(), ex);
    } catch (XiSecurityException ex) {
        throw new P11TokenException("XiSecurityException: " + ex.getMessage(), ex);
    } finally {
        sm2Signers.requite(sig0);
    }
}
Also used : XiSecurityException(org.xipki.security.exception.XiSecurityException) P11TokenException(org.xipki.security.exception.P11TokenException) CryptoException(org.bouncycastle.crypto.CryptoException)

Aggregations

CryptoException (org.bouncycastle.crypto.CryptoException)8 IOException (java.io.IOException)5 BigInteger (java.math.BigInteger)4 ECPrivateKeyParameters (org.bouncycastle.crypto.params.ECPrivateKeyParameters)3 PrivateKey (java.security.PrivateKey)2 ECMultiplier (org.bouncycastle.math.ec.ECMultiplier)2 ECPoint (org.bouncycastle.math.ec.ECPoint)2 P11TokenException (org.xipki.security.exception.P11TokenException)2 XiSecurityException (org.xipki.security.exception.XiSecurityException)2 BufferedOutputStream (java.io.BufferedOutputStream)1 Closeable (java.io.Closeable)1 File (java.io.File)1 FileInputStream (java.io.FileInputStream)1 FileOutputStream (java.io.FileOutputStream)1 FilterOutputStream (java.io.FilterOutputStream)1 InputStream (java.io.InputStream)1 OutputStream (java.io.OutputStream)1 StringReader (java.io.StringReader)1 GeneralSecurityException (java.security.GeneralSecurityException)1 KeyFactory (java.security.KeyFactory)1