private static EdDSAEngine getEngine() { try { return new EdDSAEngine(MessageDigest.getInstance("SHA-512")); } catch (NoSuchAlgorithmException e) { throw new SSHRuntimeException(e); } }
/** * Generic raw sign any type. * * Warning, nonstandard for EdDSA, double-hashes, not recommended. * * @param hash SHA1Hash, Hash, Hash384, or Hash512 * @param type returns a Signature of this type * @throws GeneralSecurityException if algorithm unvailable or on other errors * @since 0.9.9 */ private Signature altSignRaw(String algo, SimpleDataStructure hash, PrivateKey privKey, SigType type) throws GeneralSecurityException { int hashlen = hash.length(); if (type.getHashLen() != hashlen) throw new IllegalArgumentException("type mismatch hash=" + hash.getClass() + " key=" + type); byte[] sigbytes; if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { // take advantage of one-shot mode // Ignore algo, EdDSAKey includes a hash specification. EdDSAEngine jsig = new EdDSAEngine(); jsig.initSign(privKey); sigbytes = jsig.signOneShot(hash.getData()); } else { java.security.Signature jsig = java.security.Signature.getInstance(algo); jsig.initSign(privKey, _context.random()); jsig.update(hash.getData()); sigbytes = jsig.sign(); } return SigUtil.fromJavaSig(sigbytes, type); }
EdDSAEngine jsig = new EdDSAEngine(); jsig.initVerify(pubKey); rv = jsig.verifyOneShot(hash.getData(), sigbytes);
@Test public void testSignResetsForReuse() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); EdDSAPrivateKeySpec privKey = new EdDSAPrivateKeySpec(TEST_SEED, spec); PrivateKey sKey = new EdDSAPrivateKey(privKey); sgr.initSign(sKey); // First usage sgr.update(new byte[] {0}); sgr.sign(); // Second usage sgr.update(TEST_MSG); assertThat("Second sign failed", sgr.sign(), is(equalTo(TEST_MSG_SIG))); }
@Test public void testVerifyResetsForReuse() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); EdDSAPublicKeySpec pubKey = new EdDSAPublicKeySpec(TEST_PK, spec); PublicKey vKey = new EdDSAPublicKey(pubKey); sgr.initVerify(vKey); // First usage sgr.update(new byte[] {0}); sgr.verify(TEST_MSG_SIG); // Second usage sgr.update(TEST_MSG); assertThat("Second verify failed", sgr.verify(TEST_MSG_SIG), is(true)); }
/** * Generic sign any type. * * @throws GeneralSecurityException if algorithm unvailable or on other errors * @since 0.9.9 added off/len 0.9.12 */ private Signature altSign(byte[] data, int offset, int len, SigningPrivateKey privateKey) throws GeneralSecurityException { SigType type = privateKey.getType(); if (type == SigType.DSA_SHA1) return altSignSHA1(data, offset, len, privateKey); PrivateKey privKey = SigUtil.toJavaKey(privateKey); byte[] sigbytes; if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { // take advantage of one-shot mode EdDSAEngine jsig = new EdDSAEngine(type.getDigestInstance()); jsig.initSign(privKey); sigbytes = jsig.signOneShot(data, offset, len); } else { java.security.Signature jsig = java.security.Signature.getInstance(type.getAlgorithmName()); jsig.initSign(privKey, _context.random()); jsig.update(data, offset, len); sigbytes = jsig.sign(); } return SigUtil.fromJavaSig(sigbytes, type); }
@Test public void testSign() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); //Signature sgr = Signature.getInstance("EdDSA", "I2P"); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); for (Ed25519TestVectors.TestTuple testCase : Ed25519TestVectors.testCases) { EdDSAPrivateKeySpec privKey = new EdDSAPrivateKeySpec(testCase.seed, spec); PrivateKey sKey = new EdDSAPrivateKey(privKey); sgr.initSign(sKey); sgr.update(testCase.message); assertThat("Test case " + testCase.caseNum + " failed", sgr.sign(), is(equalTo(testCase.sig))); } }
@Test public void testSignOneShotMode() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); EdDSAPrivateKeySpec privKey = new EdDSAPrivateKeySpec(TEST_SEED, spec); PrivateKey sKey = new EdDSAPrivateKey(privKey); sgr.initSign(sKey); sgr.setParameter(EdDSAEngine.ONE_SHOT_MODE); sgr.update(TEST_MSG); assertThat("One-shot mode sign failed", sgr.sign(), is(equalTo(TEST_MSG_SIG))); }
/** * Generic verify any type. * * @throws GeneralSecurityException if algorithm unvailable or on other errors * @since 0.9.9 added off/len 0.9.12 */ private boolean altVerifySig(Signature signature, byte[] data, int offset, int len, SigningPublicKey verifyingKey) throws GeneralSecurityException { SigType type = signature.getType(); if (type != verifyingKey.getType()) throw new IllegalArgumentException("type mismatch sig=" + type + " key=" + verifyingKey.getType()); if (type == SigType.DSA_SHA1) return altVerifySigSHA1(signature, data, offset, len, verifyingKey); PublicKey pubKey = SigUtil.toJavaKey(verifyingKey); byte[] sigbytes = SigUtil.toJavaSig(signature); boolean rv; if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { // take advantage of one-shot mode EdDSAEngine jsig = new EdDSAEngine(type.getDigestInstance()); jsig.initVerify(pubKey); rv = jsig.verifyOneShot(data, offset, len, sigbytes); } else { java.security.Signature jsig = java.security.Signature.getInstance(type.getAlgorithmName()); jsig.initVerify(pubKey); jsig.update(data, offset, len); rv = jsig.verify(sigbytes); } return rv; }
@Test public void testVerify() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); //Signature sgr = Signature.getInstance("EdDSA", "I2P"); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); for (Ed25519TestVectors.TestTuple testCase : Ed25519TestVectors.testCases) { EdDSAPublicKeySpec pubKey = new EdDSAPublicKeySpec(testCase.pk, spec); PublicKey vKey = new EdDSAPublicKey(pubKey); sgr.initVerify(vKey); sgr.update(testCase.message); assertThat("Test case " + testCase.caseNum + " failed", sgr.verify(testCase.sig), is(true)); } }
@Test public void testVerifyOneShotMode() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); EdDSAPublicKeySpec pubKey = new EdDSAPublicKeySpec(TEST_PK, spec); PublicKey vKey = new EdDSAPublicKey(pubKey); sgr.initVerify(vKey); sgr.setParameter(EdDSAEngine.ONE_SHOT_MODE); sgr.update(TEST_MSG); assertThat("One-shot mode verify failed", sgr.verify(TEST_MSG_SIG), is(true)); }
@Test public void testSignOneShotModeMultipleUpdates() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); EdDSAPrivateKeySpec privKey = new EdDSAPrivateKeySpec(TEST_SEED, spec); PrivateKey sKey = new EdDSAPrivateKey(privKey); sgr.initSign(sKey); sgr.setParameter(EdDSAEngine.ONE_SHOT_MODE); sgr.update(TEST_MSG); exception.expect(SignatureException.class); exception.expectMessage("update() already called"); sgr.update(TEST_MSG); }
@Test public void testVerifyOneShotModeMultipleUpdates() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); EdDSAPublicKeySpec pubKey = new EdDSAPublicKeySpec(TEST_PK, spec); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); PublicKey vKey = new EdDSAPublicKey(pubKey); sgr.initVerify(vKey); sgr.setParameter(EdDSAEngine.ONE_SHOT_MODE); sgr.update(TEST_MSG); exception.expect(SignatureException.class); exception.expectMessage("update() already called"); sgr.update(TEST_MSG); }
/** * Checks that a wrong-length signature throws an IAE. */ @Test public void testVerifyWrongSigLength() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); //Signature sgr = Signature.getInstance("EdDSA", "I2P"); Signature sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); EdDSAPublicKeySpec pubKey = new EdDSAPublicKeySpec(TEST_PK, spec); PublicKey vKey = new EdDSAPublicKey(pubKey); sgr.initVerify(vKey); sgr.update(TEST_MSG); exception.expect(SignatureException.class); exception.expectMessage("signature length is wrong"); sgr.verify(new byte[] {0}); }
@Test public void testSignOneShot() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); EdDSAPrivateKeySpec privKey = new EdDSAPrivateKeySpec(TEST_SEED, spec); EdDSAEngine sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); PrivateKey sKey = new EdDSAPrivateKey(privKey); sgr.initSign(sKey); assertThat("signOneShot() failed", sgr.signOneShot(TEST_MSG), is(equalTo(TEST_MSG_SIG))); }
@Test public void testVerifyOneShot() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); EdDSAPublicKeySpec pubKey = new EdDSAPublicKeySpec(TEST_PK, spec); EdDSAEngine sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); PublicKey vKey = new EdDSAPublicKey(pubKey); sgr.initVerify(vKey); assertThat("verifyOneShot() failed", sgr.verifyOneShot(TEST_MSG, TEST_MSG_SIG), is(true)); } }
public boolean verify(byte[] data, byte[] signature) throws Exception { Signature sgr = new EdDSAEngine(MessageDigest.getInstance("SHA-512")); sgr.initVerify(publicKey); sgr.update(data); return sgr.verify(signature); }
public byte[] sign(byte[] material) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException { Signature sgr = new EdDSAEngine(MessageDigest.getInstance("SHA-512")); sgr.initSign(privateKey); sgr.update(material); return sgr.sign(); }
@Override public byte[] sign(byte[] data, String signingAlgorithm) throws IOException { try { Signature sgr = new EdDSAEngine(); sgr.initSign(key); sgr.update(data); return sgr.sign(); } catch (InvalidKeyException | SignatureException e) { throw new IOException(e.getMessage(), e); } }
private static EdDSAEngine getEngine() { try { return new EdDSAEngine(MessageDigest.getInstance("SHA-512")); } catch (NoSuchAlgorithmException e) { throw new SSHRuntimeException(e); } }