private static EdDSAEngine getEngine() { try { return new EdDSAEngine(MessageDigest.getInstance("SHA-512")); } catch (NoSuchAlgorithmException e) { throw new SSHRuntimeException(e); } }
/** * To efficiently sign all the data in one shot, if it is available, * use this method, which will avoid copying the data. * * Same as: *<pre> * setParameter(ONE_SHOT_MODE) * update(data) * sig = sign() *</pre> * * @param data the message to be signed * @return the signature * @throws SignatureException if update() already called * @see #ONE_SHOT_MODE * @since 0.9.25 */ public byte[] signOneShot(byte[] data) throws SignatureException { return signOneShot(data, 0, data.length); }
/** * To efficiently sign all the data in one shot, if it is available, * use this method, which will avoid copying the data. * * Same as: *<pre> * setParameter(ONE_SHOT_MODE) * update(data, off, len) * sig = sign() *</pre> * * @param data byte array containing the message to be signed * @param off the start of the message inside data * @param len the length of the message * @return the signature * @throws SignatureException if update() already called * @see #ONE_SHOT_MODE * @since 0.9.25 */ public byte[] signOneShot(byte[] data, int off, int len) throws SignatureException { oneShotMode = true; update(data, off, len); return sign(); }
/** * To efficiently verify all the data in one shot, if it is available, * use this method, which will avoid copying the data. * * Same as: *<pre> * setParameter(ONE_SHOT_MODE) * update(data, off, len) * ok = verify(signature, sigoff, siglen) *</pre> * * @param data byte array containing the message that was signed * @param off the start of the message inside data * @param len the length of the message * @param signature byte array containing the signature * @param sigoff the start of the signature * @param siglen the length of the signature * @return true if the signature is valid, false otherwise * @throws SignatureException if update() already called * @see #ONE_SHOT_MODE * @since 0.9.25 */ public boolean verifyOneShot(byte[] data, int off, int len, byte[] signature, int sigoff, int siglen) throws SignatureException { oneShotMode = true; update(data, off, len); return verify(signature, sigoff, siglen); }
/** * Generic raw sign any type. * * Warning, nonstandard for EdDSA, double-hashes, not recommended. * * @param hash SHA1Hash, Hash, Hash384, or Hash512 * @param type returns a Signature of this type * @throws GeneralSecurityException if algorithm unvailable or on other errors * @since 0.9.9 */ private Signature altSignRaw(String algo, SimpleDataStructure hash, PrivateKey privKey, SigType type) throws GeneralSecurityException { int hashlen = hash.length(); if (type.getHashLen() != hashlen) throw new IllegalArgumentException("type mismatch hash=" + hash.getClass() + " key=" + type); byte[] sigbytes; if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { // take advantage of one-shot mode // Ignore algo, EdDSAKey includes a hash specification. EdDSAEngine jsig = new EdDSAEngine(); jsig.initSign(privKey); sigbytes = jsig.signOneShot(hash.getData()); } else { java.security.Signature jsig = java.security.Signature.getInstance(algo); jsig.initSign(privKey, _context.random()); jsig.update(hash.getData()); sigbytes = jsig.sign(); } return SigUtil.fromJavaSig(sigbytes, type); }
EdDSAEngine jsig = new EdDSAEngine(); jsig.initVerify(pubKey); rv = jsig.verifyOneShot(hash.getData(), sigbytes); } else { String algo = getRawAlgo(type);
@Override public byte[] signMessage(byte[] message) { try { EdDSAEngine sgr = new EdDSAEngine(MessageDigest.getInstance("SHA-512")); PrivateKey sKey = new EdDSAPrivateKey(keySpec); sgr.initSign(sKey); sgr.update(message); return sgr.sign(); } catch (Exception e) { throw new RuntimeException(e); } }
@Override public boolean verifySignature(byte[] message, byte[] sigBytes) { try { EdDSAEngine sgr = new EdDSAEngine(MessageDigest.getInstance("SHA-512")); sgr.initVerify(new EdDSAPublicKey(new EdDSAPublicKeySpec(keySpec.getA(), ed25519))); sgr.update(message); return sgr.verify(sigBytes); } catch (Exception e) { throw new RuntimeException(e); } }
protected byte[] signWithoutClamp(byte[] message, byte[] privateKey, byte[] publicKey) { try { EdDSAPrivateKeySpec edDSAPrivateKeySpec = new EdDSAPrivateKeySpec(privateKey, EdDSANamedCurveTable.getByName("ed25519-sha-512")); mEdDSAEngine.initSign(new EdDSAPrivateKey(edDSAPrivateKeySpec)); mEdDSAEngine.update(message); return mEdDSAEngine.sign(); } catch (InvalidKeyException e) { throw new IllegalArgumentException(e); } catch (SignatureException e) { throw new IllegalArgumentException(e); } }
public boolean isValidSignature(byte[] message, byte[] signature, byte[] publicKey) { try { EdDSANamedCurveSpec spec = EdDSANamedCurveTable.getByName("ed25519-sha-512"); EdDSAPublicKeySpec edDSAPublicKeySpec = new EdDSAPublicKeySpec(publicKey, spec); EdDSAPublicKey edDSAPublicKey = new EdDSAPublicKey(edDSAPublicKeySpec); mEdDSAEngine.initVerify(edDSAPublicKey); mEdDSAEngine.update(message); return mEdDSAEngine.verify(signature); } catch (Exception e) { throw new IllegalArgumentException(e); } }
/** * To efficiently verify all the data in one shot, if it is available, * use this method, which will avoid copying the data. * * Same as: *<pre> * setParameter(ONE_SHOT_MODE) * update(data) * ok = verify(signature) *</pre> * * @param data the message that was signed * @param signature of the message * @return true if the signature is valid, false otherwise * @throws SignatureException if update() already called * @see #ONE_SHOT_MODE * @since 0.9.25 */ public boolean verifyOneShot(byte[] data, byte[] signature) throws SignatureException { return verifyOneShot(data, 0, data.length, signature, 0, signature.length); }
/** * Generic sign any type. * * @throws GeneralSecurityException if algorithm unvailable or on other errors * @since 0.9.9 added off/len 0.9.12 */ private Signature altSign(byte[] data, int offset, int len, SigningPrivateKey privateKey) throws GeneralSecurityException { SigType type = privateKey.getType(); if (type == SigType.DSA_SHA1) return altSignSHA1(data, offset, len, privateKey); PrivateKey privKey = SigUtil.toJavaKey(privateKey); byte[] sigbytes; if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { // take advantage of one-shot mode EdDSAEngine jsig = new EdDSAEngine(type.getDigestInstance()); jsig.initSign(privKey); sigbytes = jsig.signOneShot(data, offset, len); } else { java.security.Signature jsig = java.security.Signature.getInstance(type.getAlgorithmName()); jsig.initSign(privKey, _context.random()); jsig.update(data, offset, len); sigbytes = jsig.sign(); } return SigUtil.fromJavaSig(sigbytes, type); }
/** * Generic verify any type. * * @throws GeneralSecurityException if algorithm unvailable or on other errors * @since 0.9.9 added off/len 0.9.12 */ private boolean altVerifySig(Signature signature, byte[] data, int offset, int len, SigningPublicKey verifyingKey) throws GeneralSecurityException { SigType type = signature.getType(); if (type != verifyingKey.getType()) throw new IllegalArgumentException("type mismatch sig=" + type + " key=" + verifyingKey.getType()); if (type == SigType.DSA_SHA1) return altVerifySigSHA1(signature, data, offset, len, verifyingKey); PublicKey pubKey = SigUtil.toJavaKey(verifyingKey); byte[] sigbytes = SigUtil.toJavaSig(signature); boolean rv; if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { // take advantage of one-shot mode EdDSAEngine jsig = new EdDSAEngine(type.getDigestInstance()); jsig.initVerify(pubKey); rv = jsig.verifyOneShot(data, offset, len, sigbytes); } else { java.security.Signature jsig = java.security.Signature.getInstance(type.getAlgorithmName()); jsig.initVerify(pubKey); jsig.update(data, offset, len); rv = jsig.verify(sigbytes); } return rv; }
/** * To efficiently verify all the data in one shot, if it is available, * use this method, which will avoid copying the data. * * Same as: *<pre> * setParameter(ONE_SHOT_MODE) * update(data, off, len) * ok = verify(signature, sigoff, siglen) *</pre> * * @param data byte array containing the message that was signed * @param off the start of the message inside data * @param len the length of the message * @param signature byte array containing the signature * @param sigoff the start of the signature * @param siglen the length of the signature * @return true if the signature is valid, false otherwise * @throws SignatureException if update() already called * @see #ONE_SHOT_MODE */ public boolean verifyOneShot(byte[] data, int off, int len, byte[] signature, int sigoff, int siglen) throws SignatureException { oneShotMode = true; update(data, off, len); return verify(signature, sigoff, siglen); }
/** * To efficiently verify all the data in one shot, if it is available, * use this method, which will avoid copying the data. * * Same as: *<pre> * setParameter(ONE_SHOT_MODE) * update(data, off, len) * ok = verify(signature) *</pre> * * @param data byte array containing the message that was signed * @param off the start of the message inside data * @param len the length of the message * @param signature of the message * @return true if the signature is valid, false otherwise * @throws SignatureException if update() already called * @see #ONE_SHOT_MODE * @since 0.9.25 */ public boolean verifyOneShot(byte[] data, int off, int len, byte[] signature) throws SignatureException { return verifyOneShot(data, off, len, signature, 0, signature.length); }
@Test public void testSignResetsForReuse() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); EdDSAPrivateKeySpec privKey = new EdDSAPrivateKeySpec(TEST_SEED, spec); PrivateKey sKey = new EdDSAPrivateKey(privKey); sgr.initSign(sKey); // First usage sgr.update(new byte[] {0}); sgr.sign(); // Second usage sgr.update(TEST_MSG); assertThat("Second sign failed", sgr.sign(), is(equalTo(TEST_MSG_SIG))); }
@Test public void testSignOneShot() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); EdDSAPrivateKeySpec privKey = new EdDSAPrivateKeySpec(TEST_SEED, spec); EdDSAEngine sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); PrivateKey sKey = new EdDSAPrivateKey(privKey); sgr.initSign(sKey); assertThat("signOneShot() failed", sgr.signOneShot(TEST_MSG), is(equalTo(TEST_MSG_SIG))); }
@Test public void testVerifyOneShot() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); EdDSAPublicKeySpec pubKey = new EdDSAPublicKeySpec(TEST_PK, spec); EdDSAEngine sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); PublicKey vKey = new EdDSAPublicKey(pubKey); sgr.initVerify(vKey); assertThat("verifyOneShot() failed", sgr.verifyOneShot(TEST_MSG, TEST_MSG_SIG), is(true)); } }
/** * To efficiently sign all the data in one shot, if it is available, * use this method, which will avoid copying the data. * * Same as: *<pre> * setParameter(ONE_SHOT_MODE) * update(data, off, len) * sig = sign() *</pre> * * @param data byte array containing the message to be signed * @param off the start of the message inside data * @param len the length of the message * @return the signature * @throws SignatureException if update() already called * @see #ONE_SHOT_MODE */ public byte[] signOneShot(byte[] data, int off, int len) throws SignatureException { oneShotMode = true; update(data, off, len); return sign(); }
/** * To efficiently verify all the data in one shot, if it is available, * use this method, which will avoid copying the data. * * Same as: *<pre> * setParameter(ONE_SHOT_MODE) * update(data) * ok = verify(signature, sigoff, siglen) *</pre> * * @param data the message that was signed * @param signature byte array containing the signature * @param sigoff the start of the signature * @param siglen the length of the signature * @return true if the signature is valid, false otherwise * @throws SignatureException if update() already called * @see #ONE_SHOT_MODE * @since 0.9.25 */ public boolean verifyOneShot(byte[] data, byte[] signature, int sigoff, int siglen) throws SignatureException { return verifyOneShot(data, 0, data.length, signature, sigoff, siglen); }