Example 6 with Digest
use of org.bouncycastle.crypto.Digest in project XobotOS by xamarin.
the class SubjectKeyIdentifier method getDigest.
private static byte[] getDigest(SubjectPublicKeyInfo spki) {
Digest digest = new SHA1Digest();
byte[] resBuf = new byte[digest.getDigestSize()];
byte[] bytes = spki.getPublicKeyData().getBytes();
digest.update(bytes, 0, bytes.length);
digest.doFinal(resBuf, 0);
return resBuf;
}
Also used :
Digest(org.bouncycastle.crypto.Digest)
SHA1Digest(org.bouncycastle.crypto.digests.SHA1Digest)
SHA1Digest(org.bouncycastle.crypto.digests.SHA1Digest)
Example 7 with Digest
use of org.bouncycastle.crypto.Digest in project robovm by robovm.
the class CertBlacklist method isPublicKeyBlackListed.
public boolean isPublicKeyBlackListed(PublicKey publicKey) {
byte[] encoded = publicKey.getEncoded();
Digest digest = AndroidDigestFactory.getSHA1();
digest.update(encoded, 0, encoded.length);
byte[] out = new byte[digest.getDigestSize()];
digest.doFinal(out, 0);
for (byte[] blacklisted : pubkeyBlacklist) {
if (Arrays.equals(blacklisted, Hex.encode(out))) {
return true;
}
}
return false;
}
Also used :
Digest(org.bouncycastle.crypto.Digest)
Example 8 with Digest
use of org.bouncycastle.crypto.Digest in project xipki by xipki.
the class P11RSAPSSSignatureSpi method engineSetParameter.
@Override
protected void engineSetParameter(AlgorithmParameterSpec params) throws InvalidParameterException {
if (params instanceof PSSParameterSpec) {
PSSParameterSpec newParamSpec = (PSSParameterSpec) params;
if (originalSpec != null) {
if (!DigestFactory.isSameDigest(originalSpec.getDigestAlgorithm(), newParamSpec.getDigestAlgorithm())) {
throw new InvalidParameterException("parameter must be using " + originalSpec.getDigestAlgorithm());
}
}
if (!newParamSpec.getMGFAlgorithm().equalsIgnoreCase("MGF1") && !newParamSpec.getMGFAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1.getId())) {
throw new InvalidParameterException("unknown mask generation function specified");
}
if (!(newParamSpec.getMGFParameters() instanceof MGF1ParameterSpec)) {
throw new InvalidParameterException("unkown MGF parameters");
}
MGF1ParameterSpec mgfParams = (MGF1ParameterSpec) newParamSpec.getMGFParameters();
if (!DigestFactory.isSameDigest(mgfParams.getDigestAlgorithm(), newParamSpec.getDigestAlgorithm())) {
throw new InvalidParameterException("digest algorithm for MGF should be the same as for PSS parameters.");
}
Digest newDigest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm());
if (newDigest == null) {
throw new InvalidParameterException("no match on MGF digest algorithm: " + mgfParams.getDigestAlgorithm());
}
this.engineParams = null;
this.paramSpec = newParamSpec;
this.mgfDigest = newDigest;
this.saltLength = paramSpec.getSaltLength();
this.trailer = getTrailer(paramSpec.getTrailerField());
setupContentDigest();
} else {
throw new InvalidParameterException("only PSSParameterSpec supported");
}
}
Also used :
InvalidParameterException(java.security.InvalidParameterException)
Digest(org.bouncycastle.crypto.Digest)
PSSParameterSpec(java.security.spec.PSSParameterSpec)
MGF1ParameterSpec(java.security.spec.MGF1ParameterSpec)
Example 9 with Digest
use of org.bouncycastle.crypto.Digest in project xipki by xipki.
the class SignerUtil method createPSSRSASigner.
// CHECKSTYLE:SKIP
public static PSSSigner createPSSRSASigner(AlgorithmIdentifier sigAlgId, AsymmetricBlockCipher cipher) throws XiSecurityException {
ParamUtil.requireNonNull("sigAlgId", sigAlgId);
if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
throw new XiSecurityException("signature algorithm " + sigAlgId.getAlgorithm() + " is not allowed");
}
AlgorithmIdentifier digAlgId;
try {
digAlgId = AlgorithmUtil.extractDigesetAlgFromSigAlg(sigAlgId);
} catch (NoSuchAlgorithmException ex) {
throw new XiSecurityException(ex.getMessage(), ex);
}
RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters());
AlgorithmIdentifier mfgDigAlgId = AlgorithmIdentifier.getInstance(param.getMaskGenAlgorithm().getParameters());
Digest dig = getDigest(digAlgId);
Digest mfgDig = getDigest(mfgDigAlgId);
int saltSize = param.getSaltLength().intValue();
int trailerField = param.getTrailerField().intValue();
AsymmetricBlockCipher tmpCipher = (cipher == null) ? new RSABlindedEngine() : cipher;
return new PSSSigner(tmpCipher, dig, mfgDig, saltSize, getTrailer(trailerField));
}
Also used :
XiSecurityException(org.xipki.security.exception.XiSecurityException)
Digest(org.bouncycastle.crypto.Digest)
RSABlindedEngine(org.bouncycastle.crypto.engines.RSABlindedEngine)
RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams)
PSSSigner(org.bouncycastle.crypto.signers.PSSSigner)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
AsymmetricBlockCipher(org.bouncycastle.crypto.AsymmetricBlockCipher)
Example 10 with Digest
use of org.bouncycastle.crypto.Digest in project fabric-sdk-java by hyperledger.
the class Endpoint method getClientTLSCertificateDigest.
byte[] getClientTLSCertificateDigest() {
if (tlsClientCertificatePEMBytes != null && clientTLSCertificateDigest == null) {
String pemCert = new String(tlsClientCertificatePEMBytes, UTF_8);
byte[] derBytes = Base64.getDecoder().decode(pemCert.replaceAll("-+[ \t]*(BEGIN|END)[ \t]+CERTIFICATE[ \t]*-+", "").replaceAll("\\s", "").trim());
Digest digest = new SHA256Digest();
clientTLSCertificateDigest = new byte[digest.getDigestSize()];
digest.update(derBytes, 0, derBytes.length);
digest.doFinal(clientTLSCertificateDigest, 0);
}
return clientTLSCertificateDigest;
}
Also used :
Digest(org.bouncycastle.crypto.Digest)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest)
Aggregations
Digest (org.bouncycastle.crypto.Digest)31
SHA256Digest (org.bouncycastle.crypto.digests.SHA256Digest)9
SHA1Digest (org.bouncycastle.crypto.digests.SHA1Digest)8
MGF1ParameterSpec (java.security.spec.MGF1ParameterSpec)5
RSABlindedEngine (org.bouncycastle.crypto.engines.RSABlindedEngine)5
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)4
OAEPEncoding (org.bouncycastle.crypto.encodings.OAEPEncoding)4
InvalidParameterException (java.security.InvalidParameterException)3
BigInteger (java.math.BigInteger)2
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)2
InvalidKeyException (java.security.InvalidKeyException)2
SecureRandom (java.security.SecureRandom)2
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)2
RSAPublicKey (java.security.interfaces.RSAPublicKey)2
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)2
OAEPParameterSpec (javax.crypto.spec.OAEPParameterSpec)2
CipherParameters (org.bouncycastle.crypto.CipherParameters)2
DSAParameters (org.bouncycastle.crypto.params.DSAParameters)2
DSAValidationParameters (org.bouncycastle.crypto.params.DSAValidationParameters)2
ParametersWithRandom (org.bouncycastle.crypto.params.ParametersWithRandom)2
