Example 1 with CryptoException
use of org.bouncycastle.crypto.CryptoException in project robovm by robovm.
the class RSADigestSigner method generateSignature.
/**
* Generate a signature for the message we've been loaded with using the key
* we were initialised with.
*/
public byte[] generateSignature() throws CryptoException, DataLengthException {
if (!forSigning) {
throw new IllegalStateException("RSADigestSigner not initialised for signature generation.");
}
byte[] hash = new byte[digest.getDigestSize()];
digest.doFinal(hash, 0);
try {
byte[] data = derEncode(hash);
return rsaEngine.processBlock(data, 0, data.length);
} catch (IOException e) {
throw new CryptoException("unable to encode signature: " + e.getMessage(), e);
}
}
Also used :
IOException(java.io.IOException)
CryptoException(org.bouncycastle.crypto.CryptoException)
Example 2 with CryptoException
use of org.bouncycastle.crypto.CryptoException in project cloudbreak by hortonworks.
the class PkiUtil method generateSignature.
public static String generateSignature(String privateKeyPem, byte[] data) {
RSAKeyParameters rsaKeyParameters = CACHE.get(privateKeyPem);
if (rsaKeyParameters == null) {
try (PEMParser pEMParser = new PEMParser(new StringReader(clarifyPemKey(privateKeyPem)))) {
PEMKeyPair pemKeyPair = (PEMKeyPair) pEMParser.readObject();
KeyFactory factory = KeyFactory.getInstance("RSA");
KeySpec publicKeySpec = new X509EncodedKeySpec(pemKeyPair.getPublicKeyInfo().getEncoded());
PublicKey publicKey = factory.generatePublic(publicKeySpec);
KeySpec privateKeySpec = new PKCS8EncodedKeySpec(pemKeyPair.getPrivateKeyInfo().getEncoded());
PrivateKey privateKey = factory.generatePrivate(privateKeySpec);
KeyPair kp = new KeyPair(publicKey, privateKey);
RSAPrivateKeySpec privKeySpec = factory.getKeySpec(kp.getPrivate(), RSAPrivateKeySpec.class);
rsaKeyParameters = new RSAKeyParameters(true, privKeySpec.getModulus(), privKeySpec.getPrivateExponent());
CACHE.put(privateKeyPem, rsaKeyParameters);
} catch (NoSuchAlgorithmException | IOException | InvalidKeySpecException e) {
throw new SecurityException(e);
}
}
Signer signer = new PSSSigner(new RSAEngine(), new SHA256Digest(), SALT_LENGTH);
signer.init(true, rsaKeyParameters);
signer.update(data, 0, data.length);
try {
byte[] signature = signer.generateSignature();
return BaseEncoding.base64().encode(signature);
} catch (CryptoException e) {
throw new SecurityException(e);
}
}
Also used :
KeyPair(java.security.KeyPair)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
PrivateKey(java.security.PrivateKey)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
PublicKey(java.security.PublicKey)
KeySpec(java.security.spec.KeySpec)
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
RSAPrivateKeySpec(java.security.spec.RSAPrivateKeySpec)
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
IOException(java.io.IOException)
RSAKeyParameters(org.bouncycastle.crypto.params.RSAKeyParameters)
Signer(org.bouncycastle.crypto.Signer)
ContentSigner(org.bouncycastle.operator.ContentSigner)
PSSSigner(org.bouncycastle.crypto.signers.PSSSigner)
PEMParser(org.bouncycastle.openssl.PEMParser)
RSAPrivateKeySpec(java.security.spec.RSAPrivateKeySpec)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
StringReader(java.io.StringReader)
PSSSigner(org.bouncycastle.crypto.signers.PSSSigner)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
CryptoException(org.bouncycastle.crypto.CryptoException)
RSAEngine(org.bouncycastle.crypto.engines.RSAEngine)
PrivateKeyFactory(org.bouncycastle.crypto.util.PrivateKeyFactory)
KeyFactory(java.security.KeyFactory)
Example 3 with CryptoException
use of org.bouncycastle.crypto.CryptoException in project web3sdk by FISCO-BCOS.
the class SM2Signer method generateSignature.
@Override
public byte[] generateSignature() throws CryptoException {
byte[] eHash = digestDoFinal();
BigInteger n = ecParams.getN();
BigInteger e = calculateE(eHash);
BigInteger d = ((ECPrivateKeyParameters) ecKey).getD();
BigInteger r, s;
ECMultiplier basePointMultiplier = createBasePointMultiplier();
// 5.2.1 Draft RFC: SM2 Public Key Algorithms
do // generate s
{
BigInteger k;
do // generate r
{
// A3
k = kCalculator.nextK();
// A4
ECPoint p = basePointMultiplier.multiply(ecParams.getG(), k).normalize();
// A5
r = e.add(p.getAffineXCoord().toBigInteger()).mod(n);
} while (r.equals(ZERO) || r.add(k).equals(n));
// A6
BigInteger dPlus1ModN = d.add(ONE).modInverse(n);
s = k.subtract(r.multiply(d)).mod(n);
s = dPlus1ModN.multiply(s).mod(n);
} while (s.equals(ZERO));
// A7
try {
return derEncode(r, s);
} catch (IOException ex) {
throw new CryptoException("unable to encode signature: " + ex.getMessage(), ex);
}
}
Also used :
ECPrivateKeyParameters(org.bouncycastle.crypto.params.ECPrivateKeyParameters)
BigInteger(java.math.BigInteger)
ECMultiplier(org.bouncycastle.math.ec.ECMultiplier)
IOException(java.io.IOException)
ECPoint(org.bouncycastle.math.ec.ECPoint)
CryptoException(org.bouncycastle.crypto.CryptoException)
Example 4 with CryptoException
use of org.bouncycastle.crypto.CryptoException in project xipki by xipki.
the class SM2Signer method generateSignatureForHash.
// CHECKSTYLE:SKIP
public byte[] generateSignatureForHash(byte[] eHash) throws CryptoException {
BigInteger n = ecParams.getN();
BigInteger e = new BigInteger(1, eHash);
BigInteger d = ((ECPrivateKeyParameters) ecKey).getD();
BigInteger r;
BigInteger s;
ECMultiplier basePointMultiplier = new FixedPointCombMultiplier();
// 5.2.1 Draft RFC: SM2 Public Key Algorithms
do {
// generate s
BigInteger k;
do {
// generate r
// A3
k = kCalculator.nextK();
// A4
ECPoint p = basePointMultiplier.multiply(ecParams.getG(), k).normalize();
// A5
r = e.add(p.getAffineXCoord().toBigInteger()).mod(n);
} while (r.equals(ECConstants.ZERO) || r.add(k).equals(n));
// A6
// CHECKSTYLE:SKIP
BigInteger dPlus1ModN = d.add(ECConstants.ONE).modInverse(n);
s = k.subtract(r.multiply(d)).mod(n);
s = dPlus1ModN.multiply(s).mod(n);
} while (s.equals(ECConstants.ZERO));
// A7
try {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new ASN1Integer(r));
v.add(new ASN1Integer(s));
return new DERSequence(v).getEncoded(ASN1Encoding.DER);
} catch (IOException ex) {
throw new CryptoException("unable to encode signature: " + ex.getMessage(), ex);
}
}
Also used :
FixedPointCombMultiplier(org.bouncycastle.math.ec.FixedPointCombMultiplier)
ECPrivateKeyParameters(org.bouncycastle.crypto.params.ECPrivateKeyParameters)
DERSequence(org.bouncycastle.asn1.DERSequence)
BigInteger(java.math.BigInteger)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ECMultiplier(org.bouncycastle.math.ec.ECMultiplier)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
IOException(java.io.IOException)
ECPoint(org.bouncycastle.math.ec.ECPoint)
CryptoException(org.bouncycastle.crypto.CryptoException)
Example 5 with CryptoException
use of org.bouncycastle.crypto.CryptoException in project xipki by xipki.
the class EmulatorP11Identity method sm2SignHash.
private byte[] sm2SignHash(byte[] hash) throws P11TokenException {
ConcurrentBagEntry<SM2Signer> sig0;
try {
sig0 = sm2Signers.borrow(5000, TimeUnit.MILLISECONDS);
} catch (InterruptedException ex) {
throw new P11TokenException("InterruptedException occurs while retrieving idle signature");
}
if (sig0 == null) {
throw new P11TokenException("no idle SM2 Signer available");
}
try {
SM2Signer sig = sig0.value();
byte[] x962Signature = sig.generateSignatureForHash(hash);
return SignerUtil.dsaSigX962ToPlain(x962Signature, getSignatureKeyBitLength());
} catch (CryptoException ex) {
throw new P11TokenException("CryptoException: " + ex.getMessage(), ex);
} catch (XiSecurityException ex) {
throw new P11TokenException("XiSecurityException: " + ex.getMessage(), ex);
} finally {
sm2Signers.requite(sig0);
}
}
Also used :
XiSecurityException(org.xipki.security.exception.XiSecurityException)
P11TokenException(org.xipki.security.exception.P11TokenException)
CryptoException(org.bouncycastle.crypto.CryptoException)
Aggregations
CryptoException (org.bouncycastle.crypto.CryptoException)8
IOException (java.io.IOException)5
BigInteger (java.math.BigInteger)4
ECPrivateKeyParameters (org.bouncycastle.crypto.params.ECPrivateKeyParameters)3
PrivateKey (java.security.PrivateKey)2
ECMultiplier (org.bouncycastle.math.ec.ECMultiplier)2
ECPoint (org.bouncycastle.math.ec.ECPoint)2
P11TokenException (org.xipki.security.exception.P11TokenException)2
XiSecurityException (org.xipki.security.exception.XiSecurityException)2
BufferedOutputStream (java.io.BufferedOutputStream)1
Closeable (java.io.Closeable)1
File (java.io.File)1
FileInputStream (java.io.FileInputStream)1
FileOutputStream (java.io.FileOutputStream)1
FilterOutputStream (java.io.FilterOutputStream)1
InputStream (java.io.InputStream)1
OutputStream (java.io.OutputStream)1
StringReader (java.io.StringReader)1
GeneralSecurityException (java.security.GeneralSecurityException)1
KeyFactory (java.security.KeyFactory)1
