Examples with Digest org.bouncycastle.crypto.Digest used on opensource projects

Example 1 with Digest

use of org.bouncycastle.crypto.Digest in project XobotOS by xamarin.

the class PKIXCertPathValidatorSpi method isPublicKeyBlackListed.

private static boolean isPublicKeyBlackListed(PublicKey publicKey) {
    byte[] encoded = publicKey.getEncoded();
    Digest digest = new OpenSSLDigest.SHA1();
    digest.update(encoded, 0, encoded.length);
    byte[] out = new byte[digest.getDigestSize()];
    digest.doFinal(out, 0);
    for (byte[] sha1 : PUBLIC_KEY_SHA1_BLACKLIST) {
        if (Arrays.equals(out, sha1)) {
            return true;
        }
    }
    return false;
}

Example 2 with Digest

use of org.bouncycastle.crypto.Digest in project XobotOS by xamarin.

the class DSAParametersGenerator method generateParameters_FIPS186_3.

/**
     * generate suitable parameters for DSA, in line with
     * <i>FIPS 186-3 A.1 Generation of the FFC Primes p and q</i>.
     */
private DSAParameters generateParameters_FIPS186_3() {
    // A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function
    // FIXME This should be configurable (digest size in bits must be >= N)
    Digest d = new SHA256Digest();
    int outlen = d.getDigestSize() * 8;
    // 1. Check that the (L, N) pair is in the list of acceptable (L, N pairs) (see Section 4.2). If
    //    the pair is not in the list, then return INVALID.
    // Note: checked at initialisation
    // 2. If (seedlen < N), then return INVALID.
    // FIXME This should be configurable (must be >= N)
    int seedlen = N;
    byte[] seed = new byte[seedlen / 8];
    // 3. n = ceiling(L ⁄ outlen) – 1.
    int n = (L - 1) / outlen;
    // 4. b = L – 1 – (n ∗ outlen).
    int b = (L - 1) % outlen;
    byte[] output = new byte[d.getDigestSize()];
    for (; ; ) {
        // 5. Get an arbitrary sequence of seedlen bits as the domain_parameter_seed.
        random.nextBytes(seed);
        // 6. U = Hash (domain_parameter_seed) mod 2^(N–1).
        hash(d, seed, output);
        BigInteger U = new BigInteger(1, output).mod(ONE.shiftLeft(N - 1));
        // 7. q = 2^(N–1) + U + 1 – ( U mod 2).
        BigInteger q = ONE.shiftLeft(N - 1).add(U).add(ONE).subtract(U.mod(TWO));
        // TODO Review C.3 for primality checking
        if (!q.isProbablePrime(certainty)) {
            // 9. If q is not a prime, then go to step 5.
            continue;
        }
        // 10. offset = 1.
        // Note: 'offset' value managed incrementally
        byte[] offset = Arrays.clone(seed);
        // 11. For counter = 0 to (4L – 1) do
        int counterLimit = 4 * L;
        for (int counter = 0; counter < counterLimit; ++counter) {
            // 11.1 For j = 0 to n do
            //      Vj = Hash ((domain_parameter_seed + offset + j) mod 2^seedlen).
            // 11.2 W = V0 + (V1 ∗ 2^outlen) + ... + (V^(n–1) ∗ 2^((n–1) ∗ outlen)) + ((Vn mod 2^b) ∗ 2^(n ∗ outlen)).
            // TODO Assemble w as a byte array
            BigInteger W = ZERO;
            for (int j = 0, exp = 0; j <= n; ++j, exp += outlen) {
                inc(offset);
                hash(d, offset, output);
                BigInteger Vj = new BigInteger(1, output);
                if (j == n) {
                    Vj = Vj.mod(ONE.shiftLeft(b));
                }
                W = W.add(Vj.shiftLeft(exp));
            }
            // 11.3 X = W + 2^(L–1). Comment: 0 ≤ W < 2L–1; hence, 2L–1 ≤ X < 2L.
            BigInteger X = W.add(ONE.shiftLeft(L - 1));
            // 11.4 c = X mod 2q.
            BigInteger c = X.mod(q.shiftLeft(1));
            // 11.5 p = X - (c - 1). Comment: p ≡ 1 (mod 2q).
            BigInteger p = X.subtract(c.subtract(ONE));
            // 11.6 If (p < 2^(L - 1)), then go to step 11.9
            if (p.bitLength() != L) {
                continue;
            }
            // TODO Review C.3 for primality checking
            if (p.isProbablePrime(certainty)) {
                // 11.8 If p is determined to be prime, then return VALID and the values of p, q and
                //      (optionally) the values of domain_parameter_seed and counter.
                // TODO Make configurable (8-bit unsigned)?
                //                    int index = 1;
                //                    BigInteger g = calculateGenerator_FIPS186_3_Verifiable(d, p, q, seed, index);
                //                    if (g != null)
                //                    {
                //                        // TODO Should 'index' be a part of the validation parameters?
                //                        return new DSAParameters(p, q, g, new DSAValidationParameters(seed, counter));
                //                    }
                BigInteger g = calculateGenerator_FIPS186_3_Unverifiable(p, q, random);
                return new DSAParameters(p, q, g, new DSAValidationParameters(seed, counter));
            }
        // 11.9 offset = offset + n + 1.      Comment: Increment offset; then, as part of
        //                                    the loop in step 11, increment counter; if
        //                                    counter < 4L, repeat steps 11.1 through 11.8.
        // Note: 'offset' value already incremented in inner loop
        }
    // 12. Go to step 5.
    }
}

Example 3 with Digest

use of org.bouncycastle.crypto.Digest in project robovm by robovm.

the class CipherSpi method engineInit.

protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
    CipherParameters param;
    if (params == null || params instanceof OAEPParameterSpec) {
        if (key instanceof RSAPublicKey) {
            if (privateKeyOnly && opmode == Cipher.ENCRYPT_MODE) {
                throw new InvalidKeyException("mode 1 requires RSAPrivateKey");
            }
            param = RSAUtil.generatePublicKeyParameter((RSAPublicKey) key);
        } else if (key instanceof RSAPrivateKey) {
            if (publicKeyOnly && opmode == Cipher.ENCRYPT_MODE) {
                throw new InvalidKeyException("mode 2 requires RSAPublicKey");
            }
            param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey) key);
        } else {
            throw new InvalidKeyException("unknown key type passed to RSA");
        }
        if (params != null) {
            OAEPParameterSpec spec = (OAEPParameterSpec) params;
            paramSpec = params;
            if (!spec.getMGFAlgorithm().equalsIgnoreCase("MGF1") && !spec.getMGFAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1.getId())) {
                throw new InvalidAlgorithmParameterException("unknown mask generation function specified");
            }
            if (!(spec.getMGFParameters() instanceof MGF1ParameterSpec)) {
                throw new InvalidAlgorithmParameterException("unkown MGF parameters");
            }
            Digest digest = DigestFactory.getDigest(spec.getDigestAlgorithm());
            if (digest == null) {
                throw new InvalidAlgorithmParameterException("no match on digest algorithm: " + spec.getDigestAlgorithm());
            }
            MGF1ParameterSpec mgfParams = (MGF1ParameterSpec) spec.getMGFParameters();
            Digest mgfDigest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm());
            if (mgfDigest == null) {
                throw new InvalidAlgorithmParameterException("no match on MGF digest algorithm: " + mgfParams.getDigestAlgorithm());
            }
            cipher = new OAEPEncoding(new RSABlindedEngine(), digest, mgfDigest, ((PSource.PSpecified) spec.getPSource()).getValue());
        }
    } else {
        throw new IllegalArgumentException("unknown parameter type.");
    }
    if (!(cipher instanceof RSABlindedEngine)) {
        if (random != null) {
            param = new ParametersWithRandom(param, random);
        } else {
            param = new ParametersWithRandom(param, new SecureRandom());
        }
    }
    bOut.reset();
    switch(opmode) {
        case Cipher.ENCRYPT_MODE:
        case Cipher.WRAP_MODE:
            cipher.init(true, param);
            break;
        case Cipher.DECRYPT_MODE:
        case Cipher.UNWRAP_MODE:
            cipher.init(false, param);
            break;
        default:
            throw new InvalidParameterException("unknown opmode " + opmode + " passed to RSA");
    }
}

Example 4 with Digest

use of org.bouncycastle.crypto.Digest in project robovm by robovm.

the class BcDigestCalculatorProvider method get.

public DigestCalculator get(final AlgorithmIdentifier algorithm) throws OperatorCreationException {
    Digest dig = digestProvider.get(algorithm);
    final DigestOutputStream stream = new DigestOutputStream(dig);
    return new DigestCalculator() {

        public AlgorithmIdentifier getAlgorithmIdentifier() {
            return algorithm;
        }

        public OutputStream getOutputStream() {
            return stream;
        }

        public byte[] getDigest() {
            return stream.getDigest();
        }
    };
}

Example 5 with Digest

use of org.bouncycastle.crypto.Digest in project robovm by robovm.

the class MSOutlookKeyIdCalculator method calculateKeyId.

static byte[] calculateKeyId(SubjectPublicKeyInfo info) {
    // TODO: include definition of SHA-1 here
    Digest dig = new SHA1Digest();
    byte[] hash = new byte[dig.getDigestSize()];
    byte[] spkiEnc = new byte[0];
    try {
        spkiEnc = info.getEncoded(ASN1Encoding.DER);
    } catch (IOException e) {
        return new byte[0];
    }
    // try the outlook 2010 calculation
    dig.update(spkiEnc, 0, spkiEnc.length);
    dig.doFinal(hash, 0);
    return hash;
}