public void processServerKeyExchange(InputStream input) throws IOException { SecurityParameters securityParameters = context.getSecurityParameters(); Signer signer = initVerifyer(tlsSigner, securityParameters); InputStream sigIn = new SignerInputStream(input, signer); ECDomainParameters curve_params = TlsECCUtils.readECParameters(namedCurves, clientECPointFormats, sigIn); byte[] point = TlsUtils.readOpaque8(sigIn); byte[] sigByte = TlsUtils.readOpaque16(input); if (!signer.verifySignature(sigByte)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.ecAgreeServerPublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey( clientECPointFormats, curve_params, point)); }
public void processServerKeyExchange(InputStream input) throws IOException { SecurityParameters securityParameters = context.getSecurityParameters(); Signer signer = initVerifyer(tlsSigner, securityParameters); InputStream sigIn = new SignerInputStream(input, signer); BigInteger p = TlsDHUtils.readDHParameter(sigIn); BigInteger g = TlsDHUtils.readDHParameter(sigIn); BigInteger Ys = TlsDHUtils.readDHParameter(sigIn); byte[] sigBytes = TlsUtils.readOpaque16(input); if (!signer.verifySignature(sigBytes)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.dhAgreeServerPublicKey = validateDHPublicKey(new DHPublicKeyParameters(Ys, new DHParameters(p, g))); }
protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId) throws OperatorCreationException { if (!AlgorithmUtil.isRSASigAlgId(sigAlgId)) { throw new OperatorCreationException( "the given algorithm is not a valid RSA signature algirthm '" + sigAlgId.getAlgorithm().getId() + "'"); } if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) { Digest dig = digestProvider.get(digAlgId); return new RSADigestSigner(dig); } try { return SignerUtil.createPSSRSASigner(sigAlgId); } catch (XiSecurityException ex) { throw new OperatorCreationException(ex.getMessage(), ex); } }
static Signer createSigner(int keyAlgorithm, int hashAlgorithm) throws PGPException { switch(keyAlgorithm) { case PublicKeyAlgorithmTags.RSA_GENERAL: case PublicKeyAlgorithmTags.RSA_SIGN: return new RSADigestSigner(createDigest(hashAlgorithm)); case PublicKeyAlgorithmTags.DSA: return new DSADigestSigner(new DSASigner(), createDigest(hashAlgorithm)); case PublicKeyAlgorithmTags.ECDSA: return new DSADigestSigner(new ECDSASigner(), createDigest(hashAlgorithm)); default: throw new PGPException("cannot recognise keyAlgorithm: " + keyAlgorithm); } }
public void processServerKeyExchange(InputStream input) throws IOException { SecurityParameters securityParameters = context.getSecurityParameters(); SignerInputBuffer buf = new SignerInputBuffer(); InputStream teeIn = new TeeInputStream(input, buf); ECDomainParameters curve_params = TlsECCUtils.readECParameters(namedCurves, clientECPointFormats, teeIn); byte[] point = TlsUtils.readOpaque8(teeIn); DigitallySigned signed_params = parseSignature(input); Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters); buf.updateSigner(signer); if (!signer.verifySignature(signed_params.getSignature())) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey( clientECPointFormats, curve_params, point)); }
public void processServerKeyExchange(InputStream input) throws IOException { SecurityParameters securityParameters = context.getSecurityParameters(); SignerInputBuffer buf = new SignerInputBuffer(); InputStream teeIn = new TeeInputStream(input, buf); ServerDHParams dhParams = ServerDHParams.parse(teeIn); DigitallySigned signed_params = parseSignature(input); Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters); buf.updateSigner(signer); if (!signer.verifySignature(signed_params.getSignature())) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.dhAgreePublicKey = TlsDHUtils.validateDHPublicKey(dhParams.getPublicKey()); this.dhParameters = validateDHParameters(dhAgreePublicKey.getParameters()); }
public byte[] generateRawSignature(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey, byte[] hash) throws CryptoException { Signer signer = makeSigner(algorithm, true, true, new ParametersWithRandom(privateKey, this.context.getSecureRandom())); if (algorithm == null) { // Note: Only use the SHA1 part of the (MD5/SHA1) hash signer.update(hash, 16, 20); } else { signer.update(hash, 0, hash.length); } return signer.generateSignature(); }
public boolean verifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes, AsymmetricKeyParameter publicKey, byte[] hash) throws CryptoException { Signer signer = makeSigner(algorithm, true, false, publicKey); if (algorithm == null) { // Note: Only use the SHA1 part of the (MD5/SHA1) hash signer.update(hash, 16, 20); } else { signer.update(hash, 0, hash.length); } return signer.verifySignature(sigBytes); }
protected Signer makeSigner(SignatureAndHashAlgorithm algorithm, boolean raw, boolean forSigning, CipherParameters cp) { if ((algorithm != null) != TlsUtils.isTLSv12(context)) { throw new IllegalStateException(); } if (algorithm != null && algorithm.getSignature() != getSignatureAlgorithm()) { throw new IllegalStateException(); } short hashAlgorithm = algorithm == null ? HashAlgorithm.sha1 : algorithm.getHash(); Digest d = raw ? new NullDigest() : TlsUtils.createHash(hashAlgorithm); Signer s = new DSADigestSigner(createDSAImpl(hashAlgorithm), d); s.init(forSigning, makeInitParameters(forSigning, cp)); return s; }
public void processServerKeyExchange(InputStream input) throws IOException { SecurityParameters securityParameters = context.getSecurityParameters(); SignerInputBuffer buf = new SignerInputBuffer(); InputStream teeIn = new TeeInputStream(input, buf); ECDomainParameters curve_params = TlsECCUtils.readECParameters(namedCurves, clientECPointFormats, teeIn); byte[] point = TlsUtils.readOpaque8(teeIn); DigitallySigned signed_params = DigitallySigned.parse(context, input); Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters); buf.updateSigner(signer); if (!signer.verifySignature(signed_params.getSignature())) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey( clientECPointFormats, curve_params, point)); }
public void processServerKeyExchange(InputStream input) throws IOException { SecurityParameters securityParameters = context.getSecurityParameters(); SignerInputBuffer buf = new SignerInputBuffer(); InputStream teeIn = new TeeInputStream(input, buf); ServerDHParams dhParams = ServerDHParams.parse(teeIn); DigitallySigned signed_params = DigitallySigned.parse(context, input); Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters); buf.updateSigner(signer); if (!signer.verifySignature(signed_params.getSignature())) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.dhAgreePublicKey = TlsDHUtils.validateDHPublicKey(dhParams.getPublicKey()); this.dhParameters = dhAgreePublicKey.getParameters(); }
public void processServerKeyExchange(InputStream input) throws IOException { SecurityParameters securityParameters = context.getSecurityParameters(); SignerInputBuffer buf = new SignerInputBuffer(); InputStream teeIn = new TeeInputStream(input, buf); ServerDHParams params = ServerDHParams.parse(teeIn); DigitallySigned signed_params = DigitallySigned.parse(context, input); Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters); buf.updateSigner(signer); if (!signer.verifySignature(signed_params.getSignature())) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.dhAgreeServerPublicKey = TlsDHUtils.validateDHPublicKey(params.getPublicKey()); }
protected Signer makeSigner(SignatureAndHashAlgorithm algorithm, boolean raw, boolean forSigning, CipherParameters cp) { if ((algorithm != null) != TlsUtils.isTLSv12(context)) { throw new IllegalStateException(); } if (algorithm != null && (algorithm.getHash() != HashAlgorithm.sha1 || algorithm.getSignature() != getSignatureAlgorithm())) { throw new IllegalStateException(); } Digest d = raw ? new NullDigest() : TlsUtils.createHash(HashAlgorithm.sha1); Signer s = new DSADigestSigner(createDSAImpl(), d); s.init(forSigning, cp); return s; }
protected Signer createSigner(AlgorithmIdentifier sigAlgId) throws OperatorCreationException { AlgorithmIdentifier digAlg = digestAlgorithmFinder.find(sigAlgId); Digest dig = digestProvider.get(digAlg); return new DSADigestSigner(new DSASigner(), dig); }
protected Signer createSigner(AlgorithmIdentifier sigAlgId) throws OperatorCreationException { AlgorithmIdentifier digAlg = digestAlgorithmFinder.find(sigAlgId); Digest dig = digestProvider.get(digAlg); return new RSADigestSigner(dig); }
private BcSignerOutputStream createSignatureStream(AlgorithmIdentifier algorithm, AsymmetricKeyParameter publicKey) throws OperatorCreationException { Signer sig = createSigner(algorithm); sig.init(false, publicKey); return new BcSignerOutputStream(sig); }
protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId) throws OperatorCreationException { Digest dig = digestProvider.get(digAlgId); return new DSADigestSigner(new DSASigner(), dig); }
protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId) throws OperatorCreationException { Digest dig = digestProvider.get(digAlgId); return new RSADigestSigner(dig); }
protected Signer initVerifyer(TlsSigner tlsSigner, SecurityParameters securityParameters) { Signer signer = tlsSigner.createVerifyer(this.serverPublicKey); signer.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length); signer.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length); return signer; }
