Java 类org.bouncycastle.crypto.digests.KeccakDigest 实例源码

public void performTest() throws Exception
{
    testDigest(new KeccakDigest(), digests288);
    testDigest(new KeccakDigest(224), digests224);
    testDigest(new KeccakDigest(256), digests256);
    testDigest(new KeccakDigest(384), digests384);
    testDigest(new KeccakDigest(512), digests512);

    testMac(new KeccakDigest(224), macKeys, macData, mac224, trunc224);
    testMac(new KeccakDigest(256), macKeys, macData, mac256, trunc256);
    testMac(new KeccakDigest(384), macKeys, macData, mac384, trunc384);
    testMac(new KeccakDigest(512), macKeys, macData, mac512, trunc512);
}

private static void initDigesters() {
    digesters.put("Blake2b", Blake2bDigest.class);
    digesters.put("GOST3411", GOST3411Digest.class);
    digesters.put("Keccak", KeccakDigest.class);
    digesters.put("MD2", MD2Digest.class);
    digesters.put("MD4", MD4Digest.class);
    digesters.put("MD5", MD5Digest.class);
    digesters.put("RIPEMD128", RIPEMD128Digest.class);
    digesters.put("RIPEMD160", RIPEMD160Digest.class);
    digesters.put("RIPEMD256", RIPEMD256Digest.class);
    digesters.put("RIPEMD320", RIPEMD320Digest.class);
    digesters.put("SHA1", SHA1Digest.class);
    digesters.put("SHA224", SHA224Digest.class);
    digesters.put("SHA256", SHA256Digest.class);
    digesters.put("SHA384", SHA384Digest.class);
    digesters.put("SHA3-512", SHA3Digest.class);
    digesters.put("SHA3-256", SHA3Digest.class);
    digesters.put("SHA3-224", SHA3Digest.class);
    digesters.put("SHA3-384", SHA3Digest.class);
    digesters.put("SHA512", SHA512Digest.class);
    digesters.put("SHAKE-128", SHAKEDigest.class);
    digesters.put("SHAKE-256", SHAKEDigest.class);
    digesters.put("Skein256", SkeinDigest.class);
    digesters.put("Skein512", SkeinDigest.class);
    digesters.put("Skein1024", SkeinDigest.class);
    digesters.put("SM3", SM3Digest.class);
    digesters.put("Tiger", TigerDigest.class);
    digesters.put("Whirlpool", WhirlpoolDigest.class);
}

public Object clone()
    throws CloneNotSupportedException
{
    BCMessageDigest d = (BCMessageDigest)super.clone();
    d.digest = new KeccakDigest((KeccakDigest)digest);

    return d;
}

protected Digest cloneDigest(Digest digest)
{
    return new KeccakDigest((KeccakDigest)digest);
}

/**
 * Create a random wallet (new keys pairs).
 *
 * @param passphrase to encrypt private key with
 * @return storage
 */
public static WalletStoragePojoV3 createWallet(String passphrase) {
    WalletStoragePojoV3 wallet = new WalletStoragePojoV3();
    wallet.version = STORAGE_VERSION;
    wallet.id = UUID.randomUUID().toString();

    ECKey ecdsaPair = new ECKey();

    try {
        wallet.address = CryptoUtil.byteToHex(ecdsaPair.getAddress());

        WalletCryptoPojoV3 crypto = new WalletCryptoPojoV3();
        wallet.crypto = crypto;
        crypto.setCipher(CIPHER);

        // create key to crypt private key with AES
        // key will be a derived hash

        byte[] saltBytes = new byte[32];
        Random saltRandom = new Random();
        saltRandom.nextBytes(saltBytes);
        String salt = CryptoUtil.byteToHex(saltBytes);

        crypto.setKdf(KDF);
        crypto.getKdfparams().setSalt(salt);
        crypto.getKdfparams().setDklen(DKLEN);
        crypto.getKdfparams().setPrf(PRF);
        crypto.getKdfparams().setC(ITERATIONS);

        byte[] key = Pbkdf2.derive(passphrase, saltBytes, crypto.getKdfparams().getC(), crypto.getKdfparams().getDklen());

        // select AES algorithm
        Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");

        // key will only be the first 16 bytes of the hash key
        byte[] trimmedKey = Arrays.copyOfRange(key, 0, 16);

        // macKey that will be used to validate wallet unlocking (as per
        // ethereum standard)
        byte[] macKey = Arrays.copyOfRange(key, 16, 32);

        // crypt using AES and get generated IV
        SecretKeySpec secretKeySpec = new SecretKeySpec(trimmedKey, "AES");
        cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
        byte[] privateKeyBytes = ecdsaPair.getPrivKeyBytes();
        byte[] ciphertext = cipher.doFinal(privateKeyBytes);

        // generate MAC as per ethereum standard
        KeccakDigest md = new KeccakDigest(256);
        byte[] macSource = new byte[macKey.length + ciphertext.length];
        System.arraycopy(macKey, 0, macSource, 0, macKey.length);
        System.arraycopy(ciphertext, 0, macSource, macKey.length, ciphertext.length);

        md.update(macSource, 0, macSource.length);
        byte[] mac = new byte[md.getDigestSize()];
        md.doFinal(mac, 0);

        // set in storage
        crypto.setMac(CryptoUtil.byteToHex(mac));
        byte[] iv = cipher.getIV();
        crypto.getCipherparams().setIv(CryptoUtil.byteToHex(iv));
        crypto.setCiphertext(CryptoUtil.byteToHex(ciphertext));

    } catch (Exception ex) {
        ex.printStackTrace();
    }

    return wallet;
}

/**
 * Decrypt private key.
 *
 * @param passphrase to decrypt
 * @return private key data
 */
public byte[] getPrivateKey(String passphrase) {
    if (crypto.getCipher().equals(CIPHER) && crypto.getKdf().equals(KDF)) {
        byte[] key = Pbkdf2.derive(passphrase, CryptoUtil.hexToBytes(crypto.getKdfparams().getSalt()),
                crypto.getKdfparams().getC(), crypto.getKdfparams().getDklen());
        try {
            // macKey that will be used to validate wallet unlocking (as per
            // ethereum standard)
            byte[] macKey = Arrays.copyOfRange(key, 16, 32);

            byte[] ciphertext = CryptoUtil.hexToBytes(crypto.getCiphertext());
            // generate MAC as per ethereum standard
            KeccakDigest md = new KeccakDigest(256);
            byte[] macSource = new byte[macKey.length + ciphertext.length];
            System.arraycopy(macKey, 0, macSource, 0, macKey.length);
            System.arraycopy(ciphertext, 0, macSource, macKey.length, ciphertext.length);

            md.update(macSource, 0, macSource.length);
            byte[] mac = new byte[md.getDigestSize()];
            md.doFinal(mac, 0);

            if (!CryptoUtil.byteToHex(mac).equals(crypto.getMac())) {
                // MAC MISMATCH
                return null;
            }

            // key will only be the first 16 bytes of the hash key
            byte[] trimmedKey = Arrays.copyOfRange(key, 0, 16);
            SecretKeySpec secretKeySpec = new SecretKeySpec(trimmedKey, "AES");
            byte[] ivAsBytes = CryptoUtil.hexToBytes(crypto.getCipherparams().getIv());
            IvParameterSpec iv = new IvParameterSpec(ivAsBytes);

            Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
            cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, iv);
            byte[] privateKey = cipher.doFinal(CryptoUtil.hexToBytes(crypto.getCiphertext()));

            return privateKey;

        } catch (Exception ex) {
            ex.printStackTrace();
        }
    } else {
        throw new UnsupportedOperationException("Wallet is incompatible or corrupted!");
    }

    return null;
}

public DigestKeccak(int size)
{
    super(new KeccakDigest(size));
}

public HashMac224()
{
    super(new HMac(new KeccakDigest(224)));
}

public HashMac256()
{
    super(new HMac(new KeccakDigest(256)));
}

public HashMac288()
{
    super(new HMac(new KeccakDigest(288)));
}

public HashMac384()
{
    super(new HMac(new KeccakDigest(384)));
}

public HashMac512()
{
    super(new HMac(new KeccakDigest(512)));
}

private ECDSASigner createECDSASigner() {
    return new ECDSASigner(new HMacDSAKCalculator(new KeccakDigest(256)));
}