protected void setUp() throws Exception { super.setUp(); curveToTest = Curves.P256; ecdsa = new ECDSA(curveToTest); }
public boolean verify(byte[] signature, byte[]... data) { return verify(curve, getPublicKey(), signature, data); }
/** * Sign data and return a fixed size signature. The data does not need to be hashed, the * signing code will handle that for us, using an algorithm appropriate for the keysize. * @return A zero padded DER signature (maxSigSize). Space Inefficient but constant-size. */ public byte[] signToNetworkFormat(byte[]... data) { byte[] plainsig = sign(data); int targetLength = curve.maxSigSize; if(plainsig.length != targetLength) { byte[] newData = new byte[targetLength]; if(plainsig.length < targetLength) { System.arraycopy(plainsig, 0, newData, 0, plainsig.length); } else { throw new IllegalStateException("Too long!"); } plainsig = newData; } return plainsig; }
ECDSA ecdsa = new ECDSA(curve); String toSign = "test"; byte[] signedBytes = toSign.getBytes("utf-8"); byte[] sig = ecdsa.signToNetworkFormat(signedBytes); System.out.println("Curve in use : " + curve.toString()); System.out.println(ecdsa.getPublicKey().toString()); System.out.println("ToSign : "+toSign + " ("+toHex(signedBytes)+")"); System.out.println("Signature: "+ toHex(sig)); System.out.println("Verify? : "+ecdsa.verify(sig, signedBytes)); SimpleFieldSet sfs = ecdsa.asFieldSet(true); System.out.println("\nSerialized to: "); System.out.println(sfs.toString()); System.out.println("Restored to: "); ECDSA ecdsa2 = new ECDSA(sfs.getSubset(curve.name()), curve); System.out.println(ecdsa2.getPublicKey()); System.out.println("Verify? : "+ecdsa2.verify(sig, signedBytes)); max = Math.max(max, ecdsa.sign(signedBytes).length);
public void testSerializeUnserialize() throws FSParseException { SimpleFieldSet sfs = ecdsa.asFieldSet(true); ECDSA ecdsa2 = new ECDSA(sfs.getSubset(curveToTest.name()), curveToTest); assertEquals(ecdsa.getPublicKey(), ecdsa2.getPublicKey()); }
/** * Create the cryptographic keys etc from scratch */ public void initCrypto() { ecdsaP256 = new ECDSA(ECDSA.Curves.P256); ecdsaPubKeyHash = SHA256.digest(ecdsaP256.getPublicKey().getEncoded()); myARK = InsertableClientSSK.createRandom(random, "ark"); myARKNumber = 0; clientNonce = new byte[32]; node.random.nextBytes(clientNonce); myIdentity = new byte[IDENTITY_LENGTH]; node.random.nextBytes(myIdentity); identityHash = SHA256.digest(myIdentity); identityHashHash = SHA256.digest(identityHash); anonSetupCipher.initialize(identityHash); }
public ECPublicKey getECDSAP256Pubkey() { return ecdsaP256.getPublicKey(); }
public static boolean verify(Curves curve, ECPublicKey key, byte[] signature, byte[]... data) { return verify(curve, key, signature, 0, signature.length, data); }
void addPrivateFields(SimpleFieldSet fs) { // Let's not add it twice fs.removeSubset("ecdsa"); fs.put("ecdsa", ecdsaP256.asFieldSet(true)); fs.putSingle("ark.privURI", myARK.getInsertURI().toString(false, false)); fs.putSingle("clientNonce", Base64.encode(clientNonce)); }
/** Sign data with the node's ECDSA key. The data does not need to be hashed, the signing code * will handle that for us, using an algorithm appropriate for the keysize. */ byte[] ecdsaSign(byte[]... data) { return ecdsaP256.signToNetworkFormat(data); }
public static boolean verify(Curves curve, ECPublicKey key, byte[] signature, int sigoffset, int siglen, byte[]... data) { if(key == null || curve == null || signature == null || data == null) return false; boolean result = false; try { Signature sig = Signature.getInstance(curve.defaultHashAlgorithm, curve.sigProvider); sig.initVerify(key); for(byte[] d: data) sig.update(d); // Strip padding: BC 1.54 cannot deal with it. siglen = actualSignatureLength(signature, sigoffset, siglen); result = sig.verify(signature, sigoffset, siglen); } catch (NoSuchAlgorithmException e) { Logger.error(ECDSA.class, "NoSuchAlgorithmException : "+e.getMessage(),e); e.printStackTrace(); } catch (InvalidKeyException e) { Logger.error(ECDSA.class, "InvalidKeyException : "+e.getMessage(),e); e.printStackTrace(); } catch (SignatureException e) { Logger.error(ECDSA.class, "SignatureException : "+e.getMessage(),e); e.printStackTrace(); } return result; }
private String ecdsaSignRef(String mySignedReference) throws NodeInitException { if(logMINOR) Logger.minor(this, "Signing reference:\n"+mySignedReference); try{ byte[] ref = mySignedReference.getBytes("UTF-8"); // We don't need a padded signature here byte[] sig = ecdsaP256.sign(ref); if(logMINOR && !ECDSA.verify(Curves.P256, getECDSAP256Pubkey(), sig, ref)) throw new NodeInitException(NodeInitException.EXIT_EXCEPTION_TO_DEBUG, mySignedReference); return Base64.encode(sig); } catch(UnsupportedEncodingException e){ //duh ? Logger.error(this, "Error while signing the node identity!" + e, e); System.err.println("Error while signing the node identity!"+e); e.printStackTrace(); throw new NodeInitException(NodeInitException.EXIT_CRAPPY_JVM, "Impossible: JVM doesn't support UTF-8"); } }
SimpleFieldSet ecdsaSFS = fs.subset("ecdsa"); if(ecdsaSFS != null) ecdsaP256 = new ECDSA(ecdsaSFS.subset(ECDSA.Curves.P256.name()), Curves.P256); } catch (FSParseException e) { Logger.error(this, "Caught "+e, e); ecdsaP256 = new ECDSA(Curves.P256); ecdsaPubKeyHash = SHA256.digest(ecdsaP256.getPublicKey().getEncoded());
/** * Initialize the ECDSA object: from an SFS generated by asFieldSet() * @param curve * @throws FSParseException */ public ECDSA(SimpleFieldSet sfs, Curves curve) throws FSParseException { byte[] pub = null; byte[] pri = null; try { pub = Base64.decode(sfs.get("pub")); if (pub.length > curve.modulusSize) throw new InvalidKeyException(); ECPublicKey pubK = getPublicKey(pub, curve); pri = Base64.decode(sfs.get("pri")); PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(pri); KeyFactory kf = KeyFactory.getInstance("EC", curve.kfProvider); ECPrivateKey privK = (ECPrivateKey) kf.generatePrivate(ks); this.key = new KeyPair(pubK, privK); } catch (Exception e) { throw new FSParseException(e); } this.curve = curve; }
verifyECDSA = ECDSA.verify(Curves.P256, peerECDSAPubKey, Base64.decode(signatureP256), toVerifyECDSA);
SimpleFieldSet exportPublicCryptoFieldSet(boolean forSetup, boolean forAnonInitiator) { SimpleFieldSet fs = new SimpleFieldSet(true); int[] negTypes = packetMangler.supportedNegTypes(true); if(!forSetup) { // These are invariant. They cannot change on connection setup. They can safely be excluded. fs.put("ecdsa", ecdsaP256.asFieldSet(false)); fs.putSingle("identity", Base64.encode(myIdentity)); } if(!forAnonInitiator) { // Short-lived connections don't need ARK and don't need negTypes either. fs.put("auth.negTypes", negTypes); if(!forSetup) { fs.put("ark.number", myARKNumber); // Can be changed on setup fs.putSingle("ark.pubURI", myARK.getURI().toString(false, false)); // Can be changed on setup } } return fs; }
public void testSignToNetworkFormat() { byte[] toSign = "test".getBytes(); byte[] sig= ecdsa.signToNetworkFormat(toSign); assertNotNull(sig); assertEquals(sig.length, curveToTest.maxSigSize); }
public boolean verify(byte[] signature, int sigoffset, int siglen, byte[]... data) { return verify(curve, getPublicKey(), signature, sigoffset, siglen, data); }
public void testGetPublicKey() { PublicKey pub = ecdsa.getPublicKey(); assertNotNull(pub); assertTrue(pub.getEncoded().length <= curveToTest.modulusSize); }