kp = new KeyPair(publicKey, new EdDSAPrivateKey(new EdDSAPrivateKeySpec(privKey, EdDSANamedCurveTable.getByName("Ed25519")))); break; case RSA:
@SuppressWarnings("unchecked") protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException { if (keySpec.isAssignableFrom(EdDSAPublicKeySpec.class) && key instanceof EdDSAPublicKey) { EdDSAPublicKey k = (EdDSAPublicKey) key; if (k.getParams() != null) { return (T) new EdDSAPublicKeySpec(k.getA(), k.getParams()); } } else if (keySpec.isAssignableFrom(EdDSAPrivateKeySpec.class) && key instanceof EdDSAPrivateKey) { EdDSAPrivateKey k = (EdDSAPrivateKey) key; if (k.getParams() != null) { return (T) new EdDSAPrivateKeySpec(k.getSeed(), k.getH(), k.geta(), k.getA(), k.getParams()); } } throw new InvalidKeySpecException("not implemented yet " + key + " " + keySpec); }
private byte[] x_engineSign() throws SignatureException { Curve curve = key.getParams().getCurve(); ScalarOps sc = key.getParams().getScalarOps(); byte[] a = ((EdDSAPrivateKey) key).geta(); digest.update(((EdDSAPrivateKey) key).getAbyte()); digest.update(message, offset, length); byte[] h = digest.digest();
/** * Creates an ED25519 key pair with a specified private key * * @param privateKey * the private key in "PKCS#8" format * @throws InvalidKeySpecException */ public Key(byte[] privateKey) throws InvalidKeySpecException { this.sk = new EdDSAPrivateKey(new PKCS8EncodedKeySpec(privateKey)); this.pk = new EdDSAPublicKey(new EdDSAPublicKeySpec(sk.getA(), sk.getParams())); }
private static NKey createPair(Type type, byte[] seed) throws IOException, NoSuchProviderException, NoSuchAlgorithmException { EdDSAPrivateKeySpec privKeySpec = new EdDSAPrivateKeySpec(seed, NKey.ed25519); EdDSAPrivateKey privKey = new EdDSAPrivateKey(privKeySpec); EdDSAPublicKeySpec pubKeySpec = new EdDSAPublicKeySpec(privKey.getA(), NKey.ed25519); EdDSAPublicKey pubKey = new EdDSAPublicKey(pubKeySpec); byte[] pubBytes = pubKey.getAbyte(); byte[] bytes = new byte[pubBytes.length + seed.length]; System.arraycopy(seed, 0, bytes, 0, seed.length); System.arraycopy(pubBytes, 0, bytes, seed.length, pubBytes.length); char[] encoded = encodeSeed(type, bytes); return new NKey(type, null, encoded); }
@Override public String encodePrivateKey(OutputStream s, EdDSAPrivateKey key) throws IOException { Objects.requireNonNull(key, "No private key provided"); // ed25519 bernstein naming: pk .. public key, sk .. secret key // we are expected to write the following arrays (type:size): // [pk:32], [sk:32,pk:32] byte[] sk = key.getSeed(); byte[] pk = key.getAbyte(); Objects.requireNonNull(sk, "No seed"); byte[] keypair = new byte[KEYPAIR_SIZE]; System.arraycopy(sk, 0, keypair, 0, SK_SIZE); System.arraycopy(pk, 0, keypair, SK_SIZE, PK_SIZE); KeyEntryResolver.writeRLEBytes(s, pk); KeyEntryResolver.writeRLEBytes(s, keypair); return KeyPairProvider.SSH_ED25519; }
public static EdDSAPublicKey recoverEDDSAPublicKey(PrivateKey key) throws GeneralSecurityException { ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), SecurityUtils.EDDSA + " not supported"); if (!(key instanceof EdDSAPrivateKey)) { throw new InvalidKeyException("Private key is not " + SecurityUtils.EDDSA); } EdDSAPrivateKey prvKey = (EdDSAPrivateKey) key; EdDSAPublicKeySpec keySpec = new EdDSAPublicKeySpec(prvKey.getAbyte(), prvKey.getParams()); KeyFactory factory = SecurityUtils.getKeyFactory(SecurityUtils.EDDSA); return EdDSAPublicKey.class.cast(factory.generatePublic(keySpec)); }
private byte[] doPairVerify1(Socket socket, byte[] randomPublicKey) throws Exception { return AuthUtils.postData(socket, "/pair-verify", "application/octet-stream", AuthUtils.concatByteArrays(new byte[]{1, 0, 0, 0}, randomPublicKey, authKey.getAbyte())); }
/** * @since 0.9.15 */ public static SigningPrivateKey fromJavaKey(EdDSAPrivateKey pk, SigType type) throws GeneralSecurityException { return new SigningPrivateKey(type, pk.getSeed()); }
public static StorageItem buildMutable(Object data, EdDSAPrivateKey key, byte[] salt, long sequenceNumber) throws InvalidKeyException, SignatureException { ByteBuffer raw = new BEncoder().encode(data, 1000); Signature sig = new EdDSAEngine(); sig.initSign(key); Map<String, Object> p = new TreeMap<>(); if(salt != null) p.put("salt", salt); p.put("seq", sequenceNumber); p.put("v", new BEncoder.RawData(raw)); ByteBuffer buf = new BEncoder().encode(p, 1500); // trim d ... e buf.position(buf.position() + 1); buf.limit(buf.limit() - 1); sig.update(buf.duplicate()); byte[] signature = sig.sign(); byte[] pubkey = new EdDSAPublicKey(new EdDSAPublicKeySpec(key.getA(), StorageItem.spec)).getA().toByteArray(); return new StorageItem(buf2ary(raw), pubkey, signature, salt, sequenceNumber); }
public byte[] getH() { return key.geta(); } }
private static NKey createPair(Type type, byte[] seed) throws IOException, NoSuchProviderException, NoSuchAlgorithmException { EdDSAPrivateKeySpec privKeySpec = new EdDSAPrivateKeySpec(seed, NKey.ed25519); EdDSAPrivateKey privKey = new EdDSAPrivateKey(privKeySpec); EdDSAPublicKeySpec pubKeySpec = new EdDSAPublicKeySpec(privKey.getA(), NKey.ed25519); EdDSAPublicKey pubKey = new EdDSAPublicKey(pubKeySpec); byte[] pubBytes = pubKey.getAbyte(); byte[] bytes = new byte[pubBytes.length + seed.length]; System.arraycopy(seed, 0, bytes, 0, seed.length); System.arraycopy(pubBytes, 0, bytes, seed.length, pubBytes.length); char[] encoded = encodeSeed(type, bytes); return new NKey(type, null, encoded); }
@Override public String encodePrivateKey(OutputStream s, EdDSAPrivateKey key) throws IOException { Objects.requireNonNull(key, "No private key provided"); // ed25519 bernstein naming: pk .. public key, sk .. secret key // we are expected to write the following arrays (type:size): // [pk:32], [sk:32,pk:32] byte[] sk = key.getSeed(); byte[] pk = key.getAbyte(); Objects.requireNonNull(sk, "No seed"); byte[] keypair = new byte[KEYPAIR_SIZE]; System.arraycopy(sk, 0, keypair, 0, SK_SIZE); System.arraycopy(pk, 0, keypair, SK_SIZE, PK_SIZE); KeyEntryResolver.writeRLEBytes(s, pk); KeyEntryResolver.writeRLEBytes(s, keypair); return KeyPairProvider.SSH_ED25519; }
public static EdDSAPublicKey recoverEDDSAPublicKey(PrivateKey key) throws GeneralSecurityException { ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), SecurityUtils.EDDSA + " not supported"); if (!(key instanceof EdDSAPrivateKey)) { throw new InvalidKeyException("Private key is not " + SecurityUtils.EDDSA); } EdDSAPrivateKey prvKey = (EdDSAPrivateKey) key; EdDSAPublicKeySpec keySpec = new EdDSAPublicKeySpec(prvKey.getAbyte(), prvKey.getParams()); KeyFactory factory = SecurityUtils.getKeyFactory(SecurityUtils.EDDSA); return EdDSAPublicKey.class.cast(factory.generatePublic(keySpec)); }
private PairSetupPin3Response doPairSetupPin3(Socket socket, final byte[] sessionKeyHashK) throws Exception { MessageDigest sha512Digest = MessageDigest.getInstance("SHA-512"); sha512Digest.update("Pair-Setup-AES-Key".getBytes(StandardCharsets.UTF_8)); sha512Digest.update(sessionKeyHashK); byte[] aesKey = Arrays.copyOfRange(sha512Digest.digest(), 0, 16); sha512Digest.update("Pair-Setup-AES-IV".getBytes(StandardCharsets.UTF_8)); sha512Digest.update(sessionKeyHashK); byte[] aesIV = Arrays.copyOfRange(sha512Digest.digest(), 0, 16); int lengthB; int lengthA = lengthB = aesIV.length - 1; for (; lengthB >= 0 && 256 == ++aesIV[lengthA]; lengthA = lengthB += -1) ; Cipher aesGcm128Encrypt = Cipher.getInstance("AES/GCM/NoPadding"); SecretKeySpec secretKey = new SecretKeySpec(aesKey, "AES"); aesGcm128Encrypt.init(Cipher.ENCRYPT_MODE, secretKey, new GCMParameterSpec(128, aesIV)); final byte[] aesGcm128ClientLTPK = aesGcm128Encrypt.doFinal(authKey.getAbyte()); byte[] pairSetupPinRequestData = AuthUtils.createPList(new HashMap<String, byte[]>() {{ put("epk", Arrays.copyOfRange(aesGcm128ClientLTPK, 0, aesGcm128ClientLTPK.length - 16)); put("authTag", Arrays.copyOfRange(aesGcm128ClientLTPK, aesGcm128ClientLTPK.length - 16, aesGcm128ClientLTPK.length)); }}); byte[] pairSetupPin3ResponseBytes = AuthUtils.postData(socket, "/pair-setup-pin", "application/x-apple-binary-plist", pairSetupPinRequestData); NSDictionary pairSetupPin3Response = (NSDictionary) PropertyListParser.parse(pairSetupPin3ResponseBytes); if (pairSetupPin3Response.containsKey("epk") && pairSetupPin3Response.containsKey("authTag")) { byte[] epk = ((NSData) pairSetupPin3Response.get("epk")).bytes(); byte[] authTag = ((NSData) pairSetupPin3Response.get("authTag")).bytes(); return new PairSetupPin3Response(epk, authTag); } throw new Exception(); }