/** * Generic raw sign any type. * * Warning, nonstandard for EdDSA, double-hashes, not recommended. * * @param hash SHA1Hash, Hash, Hash384, or Hash512 * @param type returns a Signature of this type * @throws GeneralSecurityException if algorithm unvailable or on other errors * @since 0.9.9 */ private Signature altSignRaw(String algo, SimpleDataStructure hash, PrivateKey privKey, SigType type) throws GeneralSecurityException { int hashlen = hash.length(); if (type.getHashLen() != hashlen) throw new IllegalArgumentException("type mismatch hash=" + hash.getClass() + " key=" + type); byte[] sigbytes; if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { // take advantage of one-shot mode // Ignore algo, EdDSAKey includes a hash specification. EdDSAEngine jsig = new EdDSAEngine(); jsig.initSign(privKey); sigbytes = jsig.signOneShot(hash.getData()); } else { java.security.Signature jsig = java.security.Signature.getInstance(algo); jsig.initSign(privKey, _context.random()); jsig.update(hash.getData()); sigbytes = jsig.sign(); } return SigUtil.fromJavaSig(sigbytes, type); }
/** * Generic sign any type. * * @throws GeneralSecurityException if algorithm unvailable or on other errors * @since 0.9.9 added off/len 0.9.12 */ private Signature altSign(byte[] data, int offset, int len, SigningPrivateKey privateKey) throws GeneralSecurityException { SigType type = privateKey.getType(); if (type == SigType.DSA_SHA1) return altSignSHA1(data, offset, len, privateKey); PrivateKey privKey = SigUtil.toJavaKey(privateKey); byte[] sigbytes; if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { // take advantage of one-shot mode EdDSAEngine jsig = new EdDSAEngine(type.getDigestInstance()); jsig.initSign(privKey); sigbytes = jsig.signOneShot(data, offset, len); } else { java.security.Signature jsig = java.security.Signature.getInstance(type.getAlgorithmName()); jsig.initSign(privKey, _context.random()); jsig.update(data, offset, len); sigbytes = jsig.sign(); } return SigUtil.fromJavaSig(sigbytes, type); }
@Test public void testSignOneShot() throws Exception { EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); EdDSAPrivateKeySpec privKey = new EdDSAPrivateKeySpec(TEST_SEED, spec); EdDSAEngine sgr = new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm())); PrivateKey sKey = new EdDSAPrivateKey(privKey); sgr.initSign(sKey); assertThat("signOneShot() failed", sgr.signOneShot(TEST_MSG), is(equalTo(TEST_MSG_SIG))); }
private void doPairVerify2(Socket socket, byte[] pairVerify1Response, byte[] randomPrivateKey, byte[] randomPublicKey) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException, InvalidAlgorithmParameterException, SignatureException { byte[] atvPublicKey = Arrays.copyOfRange(pairVerify1Response, 0, 32); byte[] sharedSecret = new byte[32]; Curve25519.curve(sharedSecret, randomPrivateKey, atvPublicKey); MessageDigest sha512Digest = MessageDigest.getInstance("SHA-512"); sha512Digest.update("Pair-Verify-AES-Key".getBytes(StandardCharsets.UTF_8)); sha512Digest.update(sharedSecret); byte[] sharedSecretSha512AesKey = Arrays.copyOfRange(sha512Digest.digest(), 0, 16); sha512Digest.update("Pair-Verify-AES-IV".getBytes(StandardCharsets.UTF_8)); sha512Digest.update(sharedSecret); byte[] sharedSecretSha512AesIV = Arrays.copyOfRange(sha512Digest.digest(), 0, 16); Cipher aesCtr128Encrypt = Cipher.getInstance("AES/CTR/NoPadding"); aesCtr128Encrypt.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(sharedSecretSha512AesKey, "AES"), new IvParameterSpec(sharedSecretSha512AesIV)); aesCtr128Encrypt.update(Arrays.copyOfRange(pairVerify1Response, 32, pairVerify1Response.length)); EdDSAEngine edDSAEngine = new EdDSAEngine(); edDSAEngine.initSign(authKey); byte[] signature = aesCtr128Encrypt.update(edDSAEngine.signOneShot(AuthUtils.concatByteArrays(randomPublicKey, atvPublicKey))); AuthUtils.postData(socket, "/pair-verify", "application/octet-stream", AuthUtils.concatByteArrays(new byte[]{0, 0, 0, 0}, signature)); } }
@Override public byte[] signMessage(byte[] message) { try { EdDSAEngine sgr = new EdDSAEngine(MessageDigest.getInstance("SHA-512")); PrivateKey sKey = new EdDSAPrivateKey(keySpec); sgr.initSign(sKey); sgr.update(message); return sgr.sign(); } catch (Exception e) { throw new RuntimeException(e); } }
protected byte[] signWithoutClamp(byte[] message, byte[] privateKey, byte[] publicKey) { try { EdDSAPrivateKeySpec edDSAPrivateKeySpec = new EdDSAPrivateKeySpec(privateKey, EdDSANamedCurveTable.getByName("ed25519-sha-512")); mEdDSAEngine.initSign(new EdDSAPrivateKey(edDSAPrivateKeySpec)); mEdDSAEngine.update(message); return mEdDSAEngine.sign(); } catch (InvalidKeyException e) { throw new IllegalArgumentException(e); } catch (SignatureException e) { throw new IllegalArgumentException(e); } }
/** * Signs a message. * * @param message * message * @return */ public Signature sign(byte[] message) { try { byte[] sig; if (Native.isEnabled()) { sig = Native.sign(message, Bytes.merge(sk.getSeed(), sk.getAbyte())); } else { EdDSAEngine engine = new EdDSAEngine(); engine.initSign(sk); sig = engine.signOneShot(message); } return new Signature(sig, pk.getAbyte()); } catch (InvalidKeyException | SignatureException e) { throw new CryptoException(e); } }