private static byte[] sign() throws Exception { RSAEngine rsa = new RSAEngine(); Digest dig = new SHA1Digest(); RSAPrivateKey privateKey = (RSAPrivateKey) getPrivate(privateKeyFilename); BigInteger big = ((RSAKey) privateKey).getModulus(); ISO9796d2Signer eng = new ISO9796d2Signer(rsa, dig, true); RSAKeyParameters rsaPriv = new RSAKeyParameters(true, big, privateKey.getPrivateExponent()); eng.init(true, rsaPriv); eng.update(message[0]); eng.update(message, 1, message.length - 1); byte[] signature = eng.generateSignature(); return signature; }
private void shouldPassSignatureTest1() throws Exception { BigInteger n = new BigInteger("c9be1b28f8caccca65d86cc3c9bbcc13eccc059df3b80bd2292b811eff3aa0dd75e1e85c333b8e3fa9bed53bb20f5359ff4e6900c5e9a388e3a4772a583a79e2299c76582c2b27694b65e9ba22e66bfb817f8b70b22206d7d8ae488c86dbb7137c26d5eff9b33c90e6cee640630313b7a715802e15142fef498c404a8de19674974785f0f852e2d470fe85a2e54ffca9f5851f672b71df691785a5cdabe8f14aa628942147de7593b2cf962414a5b59c632c4e14f1768c0ab2e9250824beea60a3529f11bf5e070ce90a47686eb0be1086fb21f0827f55295b4a48307db0b048c05a4aec3f488c576ca6f1879d354224c7e84cbcd8e76dd217a3de54dba73c35", 16); BigInteger e = new BigInteger("e75b1b", 16); byte[] msg = Hex.decode("5bb0d1c0ef9b5c7af2477fe08d45523d3842a4b2db943f7033126c2a7829bacb3d2cfc6497ec91688189e81b7f8742488224ba320ce983ce9480722f2cc5bc42611f00bb6311884f660ccc244788378673532edb05284fd92e83f6f6dab406209032e6af9a33c998677933e32d6fb95fd27408940d7728f9c9c40267ca1d20ce"); byte[] sig = Hex.decode("0fe8bb8e3109a1eb7489ef35bf4c1a0780071da789c8bd226a4170538eafefdd30b732d628f0e87a0b9450051feae9754d4fb61f57862d10f0bacc4f660d13281d0cd1141c006ade5186ff7d961a4c6cd0a4b352fc1295c5afd088f80ac1f8e192ef116a010a442655fe8ff5eeacea15807906fb0f0dfa86e680d4c005872357f7ece9aa4e20b15d5f709b30f08648ecaa34f2fbf54eb6b414fa2ff6f87561f70163235e69ccb4ac82a2e46d3be214cc2ef5263b569b2d8fd839b21a9e102665105ea762bda25bb446cfd831487a6b846100dee113ae95ae64f4af22c428c87bab809541c962bb3a56d4c86588e0af4ebc7fcc66dadced311051356d3ea745f7"); RSAKeyParameters rsaPublic = new RSAKeyParameters(false, n, e); X931Signer signer = new X931Signer(new RSAEngine(), new SHA1Digest()); signer.init(false, rsaPublic); signer.update(msg, 0, msg.length); if (!signer.verifySignature(sig)) { fail("RSA X931 verify test 1 failed."); } }
private void shouldPassSignatureTest2() throws Exception { BigInteger n = new BigInteger("b746ba6c3c0be64bbe33aa55b2929b0af4e86d773d44bfe5914db9287788c4663984b61a418d2eecca30d752ff6b620a07ec72eeb2b422d2429da352407b99982800b9dd7697be6a7b1baa98ca5f4fc2fe33400f20b9dba337ac25c987804165d4a6e0ee4d18eabd6de5abdfe578cae6713ff91d16c80a5bb20217fe614d9509e75a43e1825327b9da8f0a9f6eeaa1c04b69fb4bacc073569fff4ab491becbe6d0441d437fc3fa823239c4a0f75321666b68dd3f66e2dd394089a15bcc288a68a4eb0a48e17d639743b9dea0a91cc35820544732aff253f8ca9967c609dc01c2f8cd0313a7a91cfa94ff74289a1d2b6f19d1811f4b9a65f4cce9e5759b4cc64f", 16); BigInteger e = new BigInteger("dcbbdb", 16); byte[] msg = Hex.decode("a5d3c8a060f897bbbc20ae0955052f37fbc70986b6e11c65075c9f457142bfa93856897c69020aa81a91b5e4f39e05cdeecc63395ab849c8262ca8bc5c96870aecb8edb0aba0024a9bdb71e06de6100344e5c318bc979ef32b8a49a8278ba99d4861bce42ebbc5c8c666aaa6cac39aff8779f2cae367620f9edd4cb1d80b6c8c"); byte[] sig = Hex.decode("39fbbd1804c689a533b0043f84da0f06081038c0fbf31e443e46a05e58f50de5198bbca40522afefaba3aed7082a6cb93b1da39f1f5a42246bf64930781948d300549bef0f8d554ecfca60a1b1ecba95a7014ee4545ad4f0c4e3a31942c6738b4ccd6244b6a21267dadf0826a5f713f13b1f5a9ab8501d957a26d4948278ac67851071a315674bdab173bfef2c2690c8373da6bf3d69f30c0e5da8883de872f59521b40793854085641adf98d13db991c5d0a8aaa0222934fa33332e90ef0b954e195cb267d6ffb36c96e14d1ec7b915a87598b4461a3146566354dc2ae748c84ee0cd46543b53ebff8cdf47725b280a1f799fb6ebb4a31ad2bdd5178250f83a"); RSAKeyParameters rsaPublic = new RSAKeyParameters(false, n, e); X931Signer signer = new X931Signer(new RSAEngine(), new SHA224Digest()); signer.init(false, rsaPublic); signer.update(msg, 0, msg.length); if (!signer.verifySignature(sig)) { fail("RSA X931 verify test 2 failed."); } }
public static byte[] encryptKeyRSA(AKey encryptionKey, ASecretKey toBeEncrypted) throws Exception { PKCS1Encoding rsa = new PKCS1Encoding(new RSAEngine()); rsa.init(true, getCipherParameters(encryptionKey)); byte[] k = toBeEncrypted.toByteArray(); try { byte[] encrypted = rsa.processBlock(k, 0, k.length); return encrypted; } finally { Crypto.zero(k); } }
private static void testJavaPublic(TestVector v, int bits, int count) { System.out.println("Testing " + count + " " + bits + "-bit public rsa's Java"); RSAEngine engine = new RSAEngine(); engine.init(false, v.getPublicKey()); long start = System.nanoTime(); for (int i = 0; i < count; ++i) { byte[] signed = v.signed.toByteArray(); int index = (signed[0] == 0) ? 1 : 0; byte[] message = engine.processBlock(signed, index, signed.length - index); assertEquals(v.message, new BigInteger(1, message)); } long end = System.nanoTime(); long diff = end - start; long durationMillis = TimeUnit.NANOSECONDS.toMillis(diff); double durationSecs = durationMillis / 1000.0d; System.out.println(count + " " + bits + "-bit public rsa's in " + durationSecs + "s"); String perSecond = String.format("%.2f", count / durationSecs); System.out.println(perSecond + " ops/s"); }
private static void testJava(TestVector v, int bits, int count) { System.out.println("Testing " + count + " " + bits + "-bit private rsa's Java"); RSAEngine engine = new RSAEngine(); engine.init(true, v.getPrivateKey()); long start = System.nanoTime(); for (int i = 0; i < count; ++i) { byte[] message = v.message.toByteArray(); byte[] signed = engine.processBlock(message, 0, message.length); assertEquals(v.signed, new BigInteger(1, signed)); } long end = System.nanoTime(); long diff = end - start; long durationMillis = TimeUnit.NANOSECONDS.toMillis(diff); double durationSecs = durationMillis / 1000.0d; System.out.println(count + " " + bits + "-bit private rsa's in " + durationSecs + "s"); String perSecond = String.format("%.2f", count / durationSecs); System.out.println(perSecond + " ops/s"); }
private static void testNativePublic(TestVector v, int bits, int count) { System.out.println("Testing " + count + " " + bits + "-bit public rsa's NativeInsecure"); RSAEngine engine = new NativeRSAEngine(); engine.init(false, v.getPublicKey()); long start = System.nanoTime(); for (int i = 0; i < count; ++i) { byte[] signed = v.signed.toByteArray(); int index = (signed[0] == 0) ? 1 : 0; byte[] message = engine.processBlock(signed, index, signed.length - index); assertEquals(v.message, new BigInteger(1, message)); } long end = System.nanoTime(); long diff = end - start; long durationMillis = TimeUnit.NANOSECONDS.toMillis(diff); double durationSecs = durationMillis / 1000.0d; System.out.println(count + " " + bits + "-bit public rsa's in " + durationSecs + "s"); String perSecond = String.format("%.2f", count / durationSecs); System.out.println(perSecond + " ops/s"); }
private static void testNative(TestVector v, int bits, int count) { System.out.println("Testing " + count + " " + bits + "-bit private rsa's NativeSecure"); RSAEngine engine = new NativeRSAEngine(); engine.init(true, v.getPrivateKey()); long start = System.nanoTime(); for (int i = 0; i < count; ++i) { byte[] message = v.message.toByteArray(); byte[] signed = engine.processBlock(message, 0, message.length); assertEquals(v.signed, new BigInteger(1, signed)); } long end = System.nanoTime(); long diff = end - start; long durationMillis = TimeUnit.NANOSECONDS.toMillis(diff); double durationSecs = durationMillis / 1000.0d; System.out.println(count + " " + bits + "-bit private rsa's in " + durationSecs + "s"); String perSecond = String.format("%.2f", count / durationSecs); System.out.println(perSecond + " ops/s"); }
private static void generateTestVector(int rsaKeyBits, int suffix) throws Exception { AsymmetricCipherKeyPair pair = generateKeyPair(rsaKeyBits); RSAPrivateCrtKeyParameters priv = (RSAPrivateCrtKeyParameters) pair.getPrivate(); byte[] message = new byte[rsaKeyBits / 8]; SECURE_RANDOM.nextBytes(message); // Clear the top bit to ensure it fits. message[0] &= 0x7F; RSAEngine encoder = new RSAEngine(); encoder.init(true, pair.getPrivate()); byte[] signed = encoder.processBlock(message, 0, message.length); RSAEngine decoder = new RSAEngine(); decoder.init(false, pair.getPublic()); byte[] decoded = decoder.processBlock(signed, 0, message.length); Assert.assertArrayEquals(message, decoded); System.out.println("public static final TestVector VECTOR" + suffix + " = "); new TestVector(new BigInteger(1, message), new BigInteger(1, signed), (RSAPrivateCrtKeyParameters) pair.getPrivate()).printJavaConstructorFor(); System.out.println(); }
private byte[] doOperation(byte[] input, boolean isEncrypt) { AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine(), new SHA256Digest(), new SHA1Digest(), null); RSAKeyParameters key = isEncrypt ? publicKey : privateKey; cipher.init(isEncrypt, key); try { return cipher.processBlock(input, 0, input.length); } catch (InvalidCipherTextException e) { throw new EncryptionException("Encryption fails", e); } }
/** * checks signature of PKCS1-padded SHA1 hash of the input * * Hint: A different implementation of this method can be found in the svn history revision<=229. * * @param signature * signature to check * @param signingKey * public key from signing * @param input * byte array, signature is made over * * @return true, if the signature is correct * */ public static boolean verifySignature(byte[] signature, RSAPublicKeyStructure signingKey, byte[] input) { byte[] hash = getDigest(input); try { RSAKeyParameters myRSAKeyParameters = new RSAKeyParameters(false, signingKey.getModulus(), signingKey.getPublicExponent()); PKCS1Encoding pkcsAlg = new PKCS1Encoding(new RSAEngine()); pkcsAlg.init(false, myRSAKeyParameters); byte[] decryptedSignature = pkcsAlg.processBlock(signature, 0, signature.length); return Encoding.arraysEqual(hash, decryptedSignature); } catch (Exception e) { log.log(Level.WARNING, "unexpected", e); return false; } }
private static String verify() throws Exception { RSAEngine engine = new RSAEngine(); Digest digest = new SHA1Digest(); RSAPublicKey publicKey = (RSAPublicKey) getPublic(publicKeyFilename); BigInteger big = ((RSAKey) publicKey).getModulus(); RSAKeyParameters rsaPublic = new RSAKeyParameters(false, big, publicKey.getPublicExponent()); ISO9796d2Signer verifier = new ISO9796d2Signer(engine, digest, true); verifier.init(false, rsaPublic); // false for verify if (!verifier.verifySignature(signature)) { System.err.println("Signature was modified, could not verify correctness!"); return ""; } String recoveredMessage = ""; try { if (verifier.hasFullMessage()) { verifier.updateWithRecoveredMessage(signature); } byte[] message = verifier.getRecoveredMessage(); recoveredMessage = new String(message, "UTF-8"); } catch (Exception exception) { System.err.println("Recover failed!"); } return recoveredMessage; }
private void testSig( int id, RSAKeyParameters pub, RSAKeyParameters prv, byte[] slt, byte[] msg, byte[] sig) throws Exception { RSABlindingFactorGenerator blindFactorGen = new RSABlindingFactorGenerator(); RSABlindingEngine blindingEngine = new RSABlindingEngine(); PSSSigner blindSigner = new PSSSigner(blindingEngine, new SHA1Digest(), 20); PSSSigner signer = new PSSSigner(new RSAEngine(), new SHA1Digest(), 20); blindFactorGen.init(pub); BigInteger blindFactor = blindFactorGen.generateBlindingFactor(); RSABlindingParameters params = new RSABlindingParameters(pub, blindFactor); // generate a blind signature blindSigner.init(true, new ParametersWithRandom(params, new FixedRandom(slt))); blindSigner.update(msg, 0, msg.length); byte[] blindedData = blindSigner.generateSignature(); RSAEngine signerEngine = new RSAEngine(); signerEngine.init(true, prv); byte[] blindedSig = signerEngine.processBlock(blindedData, 0, blindedData.length); // unblind the signature blindingEngine.init(false, params); byte[] s = blindingEngine.processBlock(blindedSig, 0, blindedSig.length); //signature verification if (!areEqual(s, sig)) { fail("test " + id + " failed generation"); } //verify signature with PSSSigner signer.init(false, pub); signer.update(msg, 0, msg.length); if (!signer.verifySignature(s)) { fail("test " + id + " failed PSSSigner verification"); } }
private void doTest1() throws Exception { RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod1, pub1); RSAKeyParameters privParameters = new RSAKeyParameters(true, mod1, pri1); RSAEngine rsa = new RSAEngine(); byte[] data; // // ISO 9796-1 - public encrypt, private decrypt // ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa); eng.init(true, privParameters); eng.setPadBits(4); data = eng.processBlock(msg1, 0, msg1.length); eng.init(false, pubParameters); if (!areEqual(sig1, data)) { fail("failed ISO9796-1 generation Test 1"); } data = eng.processBlock(data, 0, data.length); if (!areEqual(msg1, data)) { fail("failed ISO9796-1 retrieve Test 1"); } }
private void doTest2() throws Exception { RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod1, pub1); RSAKeyParameters privParameters = new RSAKeyParameters(true, mod1, pri1); RSAEngine rsa = new RSAEngine(); byte[] data; // // ISO 9796-1 - public encrypt, private decrypt // ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa); eng.init(true, privParameters); data = eng.processBlock(msg2, 0, msg2.length); eng.init(false, pubParameters); if (!isSameAs(data, 1, sig2)) { fail("failed ISO9796-1 generation Test 2"); } data = eng.processBlock(data, 0, data.length); if (!areEqual(msg2, data)) { fail("failed ISO9796-1 retrieve Test 2"); } }
public void doTest3() throws Exception { RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod2, pub2); RSAKeyParameters privParameters = new RSAKeyParameters(true, mod2, pri2); RSAEngine rsa = new RSAEngine(); byte[] data; // // ISO 9796-1 - public encrypt, private decrypt // ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa); eng.init(true, privParameters); eng.setPadBits(4); data = eng.processBlock(msg3, 0, msg3.length); eng.init(false, pubParameters); if (!isSameAs(sig3, 1, data)) { fail("failed ISO9796-1 generation Test 3"); } data = eng.processBlock(data, 0, data.length); if (!isSameAs(msg3, 0, data)) { fail("failed ISO9796-1 retrieve Test 3"); } }
public void doTest6() throws Exception { byte[] salt = Hex.decode("61DF870C4890FE85D6E3DD87C3DCE3723F91DB49"); RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod6, pub6); RSAKeyParameters privParameters = new RSAKeyParameters(true, mod6, pri6); ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt); RSAEngine rsa = new RSAEngine(); byte[] data; // // ISO 9796-2 - PSS Signing // ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, new RIPEMD160Digest(), 20, true); eng.init(true, sigParameters); data = eng.generateSignature(); if (eng.getRecoveredMessage().length != 0) { fail("failed zero check"); } eng.init(false, pubParameters); if (!isSameAs(sig6, 1, data)) { fail("failed ISO9796-2 generation Test 6"); } if (!eng.verifySignature(data)) { fail("failed ISO9796-2 verify Test 6"); } }
public void doTest8() throws Exception { byte[] salt = Hex.decode("78E293203CBA1B7F92F05F4D171FF8CA3E738FF8"); RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod6, pub6); RSAKeyParameters privParameters = new RSAKeyParameters(true, mod6, pri6); ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt); RSAEngine rsa = new RSAEngine(); byte[] data; // // ISO 9796-2 - PSS Signing // ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, new RIPEMD160Digest(), 20, false); eng.init(true, sigParameters); eng.update(msg8[0]); eng.update(msg8, 1, msg8.length - 1); data = eng.generateSignature(); eng.init(false, pubParameters); if (!isSameAs(sig8, 0, data)) { fail("failed ISO9796-2 generation Test 8"); } eng.update(msg8[0]); eng.update(msg8, 1, msg8.length - 1); if (!eng.verifySignature(sig8)) { fail("failed ISO9796-2 verify Test 8"); } }
private void doShortPartialTest() throws Exception { byte[] recovered = Hex.decode("5553482b312b534536383031353332393731392b322b312b362b322b312b313a3a393939393939393939393939393a3a392b323a3a373737373737373737373737373a3a392b2b353a32303133303430353a313133"); BigInteger exp = new BigInteger("10001", 16); BigInteger mod = new BigInteger("b9b70b083da9e37e23cde8e654855db31e21d2d3fc11a5f91d2b3c311efa8f5e28c757dd6fc798631cb1b9d051c14119749cb122ad76e8c3fd7bd93abe282c026a14fba9f8023977a7a0d8b49a24d1ad87e4379a931846a1ef9520ea57e28c998cf65722683d0caaa0da8306973e2496a25cbd3cb4adb4b284e25604fabf12f385456c75da7c3c4cde37440cfb7db8c8fe6851e2bc59767b9f7218540238ac8acef3bc7bd3dc6671320c2c1a2ac8a6799ce1eaf62b9683ab1e1341b37b9249dbd6cd987b2f27b5c4619a1eda7f0fb0b59a519afbbc3cee640261cec90a4bb8fefbc844082dca9f549e56943e758579a453a357e6ccb37fc46718a5b8c3227e5d", 16); AsymmetricKeyParameter pubKey = new RSAKeyParameters(false, mod, exp); ISO9796d2PSSSigner pssSign = new ISO9796d2PSSSigner(new RSAEngine(), new SHA1Digest(), 20); pssSign.init(false, pubKey); pssSign.updateWithRecoveredMessage(shortPartialSig); pssSign.update(longMessage, pssSign.getRecoveredMessage().length, longMessage.length - pssSign.getRecoveredMessage().length); if (!pssSign.verifySignature(shortPartialSig)) { fail("short partial PSS sig verification failed."); } byte[] mm = pssSign.getRecoveredMessage(); if (!Arrays.areEqual(recovered, mm)) { fail("short partial PSS recovery failed"); } }
private void doFullMessageTest() throws Exception { BigInteger modulus = new BigInteger(1, Hex.decode("CDCBDABBF93BE8E8294E32B055256BBD0397735189BF75816341BB0D488D05D627991221DF7D59835C76A4BB4808ADEEB779E7794504E956ADC2A661B46904CDC71337DD29DDDD454124EF79CFDD7BC2C21952573CEFBA485CC38C6BD2428809B5A31A898A6B5648CAA4ED678D9743B589134B7187478996300EDBA16271A861")); BigInteger pubExp = new BigInteger(1, Hex.decode("010001")); BigInteger privExp = new BigInteger(1, Hex.decode("4BA6432AD42C74AA5AFCB6DF60FD57846CBC909489994ABD9C59FE439CC6D23D6DE2F3EA65B8335E796FD7904CA37C248367997257AFBD82B26F1A30525C447A236C65E6ADE43ECAAF7283584B2570FA07B340D9C9380D88EAACFFAEEFE7F472DBC9735C3FF3A3211E8A6BBFD94456B6A33C17A2C4EC18CE6335150548ED126D")); RSAKeyParameters pubParams = new RSAKeyParameters(false, modulus, pubExp); RSAKeyParameters privParams = new RSAKeyParameters(true, modulus, privExp); AsymmetricBlockCipher rsaEngine = new RSABlindedEngine(); // set challenge to all zero's for verification byte[] challenge = new byte[8]; ISO9796d2PSSSigner pssSign = new ISO9796d2PSSSigner(new RSAEngine(), new SHA256Digest(), 20, true); pssSign.init(true, privParams); pssSign.update(challenge, 0, challenge.length); byte[] sig = pssSign.generateSignature(); pssSign.init(false, pubParams); pssSign.updateWithRecoveredMessage(sig); if (!pssSign.verifySignature(sig)) { fail("challenge PSS sig verification failed."); } byte[] mm = pssSign.getRecoveredMessage(); if (!Arrays.areEqual(challenge, mm)) { fail("challenge partial PSS recovery failed"); } }
public void performTest() throws Exception { BigInteger rsaPubMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); BigInteger rsaPubExp = new BigInteger(Base64.decode("EQ==")); BigInteger rsaPrivMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); BigInteger rsaPrivDP = new BigInteger(Base64.decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ==")); BigInteger rsaPrivDQ = new BigInteger(Base64.decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ==")); BigInteger rsaPrivExp = new BigInteger(Base64.decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E=")); BigInteger rsaPrivP = new BigInteger(Base64.decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE=")); BigInteger rsaPrivQ = new BigInteger(Base64.decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0=")); BigInteger rsaPrivQinv = new BigInteger(Base64.decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg==")); RSAKeyParameters rsaPublic = new RSAKeyParameters(false, rsaPubMod, rsaPubExp); RSAPrivateCrtKeyParameters rsaPrivate = new RSAPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 }; X931Signer signer = new X931Signer(new RSAEngine(), new SHA1Digest()); signer.init(true, rsaPrivate); signer.update(msg, 0, msg.length); byte[] sig = signer.generateSignature(); signer = new X931Signer(new RSAEngine(), new SHA1Digest()); signer.init(false, rsaPublic); signer.update(msg, 0, msg.length); if (!signer.verifySignature(sig)) { fail("X9.31 Signer failed."); } shouldPassSignatureTest1(); shouldPassSignatureTest2(); shouldPassSignatureTest3(); }
private void shouldPassSignatureTest3() throws Exception { BigInteger n = new BigInteger("dcb5686a3d2063a3f9cf7b9b32d2d3765b4c449b09b4960245a9111cd3b0cbd3260496885b8e1fa5db33b03efcc759d9c1afe29d93c6faebc7e0efada334b5b9a29655e2da2c8f11103d8203be311feab7ae88e9f1b2ec7d8fc655d77202b1681dd9717ec0f525b35584987e19539635a1ed23ca482a00149c609a23dc1645fd", 16); BigInteger e = new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc9f7", 16); BigInteger d = new BigInteger("189d6345099098992e0c9ca5f281e1338092342fa0acc85cc2a111f30f9bd2fb4753cd1a48ef0ddca9bf1af33ec76fb2e23a9fb4896c26f2235b516f7c05ef7ae81e70f4b491a5fedba9b935e9c76d761a813ce7776ff8a1e5efe1166ff2eca26aa900da88c908d51af9de26977fe39719cc781df32216fa41b838f0c63803c3", 16); byte[] msg = Hex.decode("911475c6e210ef4ac65b6fe8d2bfe5e01b959771b137c4ef69b88716e0d2ff9ebc1fad0f358c1dd7d50cc99a7b893ac9a6207076f08d8467d9e48c69c683bfe64a44dabaa3f7c243880f6ab7229bf7bb587822314fc5de5131983bfb2eef8b4bc1eac36f353724b567cd1ae8cddd64ddb7057549d5c81ad5fa3b5e751f00abf5"); byte[] sig = Hex.decode("02c50ec0ac8a7f38ef5630c396964d6a6daaa7e3083ab5b57fa2a2632f3b70e2e85c8456cd774d45d7e44fcb063f0f04fff9f1e3adfda11272535a92cb59320b190b5ee4261f23d6ceaa925df3a7bfa42e26bf61ea9645d9d64b3c90a820802768a6e209c9f83705375a3867afccc037e8242a98fa4c3db6b2d9877754d47289"); RSAKeyParameters rsaPublic = new RSAKeyParameters(false, n, e); X931Signer signer = new X931Signer(new RSAEngine(), new SHA1Digest()); signer.init(true, new RSAKeyParameters(true, n, d)); signer.update(msg, 0, msg.length); byte[] s = signer.generateSignature(); if (!Arrays.areEqual(sig, s)) { fail("RSA X931 sig test 3 failed."); } signer.init(false, rsaPublic); signer.update(msg, 0, msg.length); if (!signer.verifySignature(sig)) { fail("RSA X931 verify test 3 failed."); } }
private void testSig( int id, RSAKeyParameters pub, RSAKeyParameters prv, byte[] slt, byte[] msg, byte[] sig) throws Exception { PSSSigner eng = new PSSSigner(new RSAEngine(), new SHA1Digest(), 20); eng.init(true, new ParametersWithRandom(prv, new FixedRandom(slt))); eng.update(msg, 0, msg.length); byte[] s = eng.generateSignature(); if (!areEqual(s, sig)) { fail("test " + id + " failed generation"); } eng.init(false, pub); eng.update(msg, 0, msg.length); if (!eng.verifySignature(s)) { fail("test " + id + " failed verification"); } }
private void encDec( String label, RSAKeyParameters pubParameters, RSAKeyParameters privParameters, byte[] seed, byte[] input, byte[] output) throws InvalidCipherTextException { AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine()); cipher.init(true, new ParametersWithRandom(pubParameters, new VecRand(seed))); byte[] out; out = cipher.processBlock(input, 0, input.length); for (int i = 0; i != output.length; i++) { if (out[i] != output[i]) { fail(label + " failed encryption"); } } cipher.init(false, privParameters); out = cipher.processBlock(output, 0, output.length); for (int i = 0; i != input.length; i++) { if (out[i] != input[i]) { fail(label + " failed decoding"); } } }
public static ASecretKey decryptKeyRSA(AKey encryptionKey, byte[] b) throws Exception { PKCS1Encoding rsa = new PKCS1Encoding(new RSAEngine()); rsa.init(false, getCipherParameters(encryptionKey)); byte[] decrypted = rsa.processBlock(b, 0, b.length); try { return new ASecretKey(decrypted); } finally { Crypto.zero(decrypted); } }
/** * Verifies that a text matches the given signature * @param key Public key that pairs up with the used private key to generate the given signature * @param msg The message to check upon * @param sig The signature that has to match the given msg text * @return True if the given text is valid upon the given signature, false otherwise */ public static boolean verify(CipherParameters key, byte[] msg, byte[] sig) { /* * Typical methods and arguments */ PSSSigner signer = new PSSSigner(new RSAEngine(), new SHA1Digest(), saltLength); signer.init(false, key); signer.update(msg,0,msg.length); return signer.verifySignature(sig); }
public BcRsaCipher(byte[] publicKey, byte[] privateKey) { super(publicKey); try { PKS8RsaPrivateKey pks8RsaPrivateKey = new PKS8RsaPrivateKey(privateKey); AsymmetricKeyParameter keyParameter = new RSAKeyParameters(true, pks8RsaPrivateKey.getModulus(), pks8RsaPrivateKey.getExponent()); cipher = new OAEPEncoding(new RSAEngine(), new SHA1Digest()); cipher.init(false, new ParametersWithRandom(keyParameter, RuntimeRandomProvider.INSTANCE)); } catch (Exception e) { e.printStackTrace(); } }
public BcRsaEncryptCipher(byte[] publicKey) { try { X509RsaPublicKey key = new X509RsaPublicKey(publicKey); RSAKeyParameters param = new RSAKeyParameters(false, key.getModulus(), key.getExponent()); cipher = new OAEPEncoding(new RSAEngine(), new SHA1Digest()); cipher.init(true, new ParametersWithRandom(param, RuntimeRandomProvider.INSTANCE)); } catch (Exception e) { e.printStackTrace(); } }
private void doTest(RSAEngine engine, TestVector v) { engine.init(true, v.getPrivateKey()); byte[] message = v.message.toByteArray(); byte[] signed = engine.processBlock(message, 0, message.length); assertEquals(v.signed, new BigInteger(1, signed)); engine.init(false, v.getPublicKey()); byte[] decoded = engine.processBlock(signed, 0, message.length); assertEquals(v.message, new BigInteger(1, decoded)); }
public void doTest6() throws Exception { byte[] salt = Hex.decode("61DF870C4890FE85D6E3DD87C3DCE3723F91DB49"); RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod6, pub6); RSAKeyParameters privParameters = new RSAKeyParameters(true, mod6, pri6); ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt); RSAEngine rsa = new RSAEngine(); byte[] data; // // ISO 9796-2 - PSS Signing // ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, new RIPEMD160Digest(), 20, true); eng.init(true, sigParameters); data = eng.generateSignature(); eng.init(false, pubParameters); if (!isSameAs(sig6, 1, data)) { fail("failed ISO9796-2 generation Test 6"); } if (!eng.verifySignature(data)) { fail("failed ISO9796-2 verify Test 6"); } }
public void doTest9() throws Exception { RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod6, pub6); RSAKeyParameters privParameters = new RSAKeyParameters(true, mod6, pri6); RSAEngine rsa = new RSAEngine(); byte[] data; // // ISO 9796-2 - PSS Signing // ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, new RIPEMD160Digest(), 0, true); eng.init(true, privParameters); eng.update(msg9[0]); eng.update(msg9, 1, msg9.length - 1); data = eng.generateSignature(); eng.init(false, pubParameters); if (!isSameAs(sig9, 0, data)) { fail("failed ISO9796-2 generation Test 9"); } eng.update(msg9[0]); eng.update(msg9, 1, msg9.length - 1); if (!eng.verifySignature(sig9)) { fail("failed ISO9796-2 verify Test 9"); } }
