public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
public static ECDSASignature decodeFromDER(byte[] bytes) throws IllegalArgumentException { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); final ASN1Primitive seqObj = decoder.readObject(); if (seqObj == null) throw new IllegalArgumentException("Reached past end of ASN.1 stream."); if (!(seqObj instanceof DLSequence)) throw new IllegalArgumentException("Read unexpected class: " + seqObj.getClass().getName()); final DLSequence seq = (DLSequence) seqObj; ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new IllegalArgumentException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
private static BigInteger extractPrivateKeyFromASN1(byte[] asn1privkey) { // To understand this code, see the definition of the ASN.1 format for EC private keys in the OpenSSL source // code in ec_asn1.c: // // ASN1_SEQUENCE(EC_PRIVATEKEY) = { // ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG), // ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING), // ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0), // ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1) // } ASN1_SEQUENCE_END(EC_PRIVATEKEY) // try { ASN1InputStream decoder = new ASN1InputStream(asn1privkey); DLSequence seq = (DLSequence) decoder.readObject(); checkArgument(seq.size() == 4, "Input does not appear to be an ASN.1 OpenSSL EC private key"); checkArgument(((DERInteger) seq.getObjectAt(0)).getValue().equals(BigInteger.ONE), "Input is of wrong version"); Object obj = seq.getObjectAt(1); byte[] bits = ((ASN1OctetString) obj).getOctets(); decoder.close(); return new BigInteger(1, bits); } catch (IOException e) { throw new RuntimeException(e); // Cannot happen, reading from memory stream. } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { e.printStackTrace(); throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) { } } }
public static ECDSASignature decodeFromDER(byte[] bytes) { try { ASN1InputStream decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); DERInteger r, s; try { r = (DERInteger) seq.getObjectAt(0); s = (DERInteger) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } decoder.close(); // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) {} } }
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) throw new RuntimeException("Reached past end of ASN.1 stream."); ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these // values as unsigned, though they should not be // Thus, we always use the positive versions. See: // http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { throw new RuntimeException(e); } finally { if (decoder != null) try { decoder.close(); } catch (IOException x) { } } }
void fromByteArray(final byte[] encodedData) throws SecureMessagingException { try ( final ASN1InputStream asn1in = new ASN1InputStream(encodedData); ) { this.to = (DERTaggedObject) asn1in.readObject(); asn1in.close(); } catch (final IOException e) { throw new SecureMessagingException(e); } final DEROctetString ocs = (DEROctetString) this.to.getObject(); this.data = ocs.getOctets(); }
is.close(); final Enumeration<?> e = dsq.getObjects();
) { final ASN1Sequence dsq = (ASN1Sequence) is.readObject(); is.close(); final Enumeration<?> e = dsq.getObjects();
public static ECDSASignature decodeFromDER(byte[] bytes) { ASN1InputStream decoder = null; try { decoder = new ASN1InputStream(bytes); DLSequence seq = (DLSequence) decoder.readObject(); if (seq == null) { throw new RuntimeException("Reached past end of ASN.1 stream."); } ASN1Integer r, s; try { r = (ASN1Integer) seq.getObjectAt(0); s = (ASN1Integer) seq.getObjectAt(1); } catch (ClassCastException e) { throw new IllegalArgumentException(e); } // OpenSSL deviates from the DER spec by interpreting these values as unsigned, though they should not be // Thus, we always use the positive versions. See: http://r6.ca/blog/20111119T211504Z.html return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue()); } catch (IOException e) { Log.error(e); throw new RuntimeException(e); } finally { if (decoder != null) { try { decoder.close(); } catch (IOException x) { } } } }
public HashNamePrivateKeyImpl(byte[] derBuffer) throws TelehashException { try { ASN1InputStream asn1InputStream = new ASN1InputStream(new ByteArrayInputStream(derBuffer)); ASN1Primitive toplevelObject = asn1InputStream.readObject(); asn1InputStream.close(); if (! (toplevelObject instanceof ASN1Sequence)) { throw new TelehashException("ASN.1 toplevel object not sequence"); } ASN1Sequence sequence = (ASN1Sequence)toplevelObject; if (getIntegerFromSequence(sequence, 0).compareTo(BigInteger.ZERO) != 0) { throw new TelehashException("only PKCS#1v1.5 (version=0) structures supported."); } mKey = new RSAPrivateCrtKeyParameters( getIntegerFromSequence(sequence, 1), getIntegerFromSequence(sequence, 2), getIntegerFromSequence(sequence, 3), getIntegerFromSequence(sequence, 4), getIntegerFromSequence(sequence, 5), getIntegerFromSequence(sequence, 6), getIntegerFromSequence(sequence, 7), getIntegerFromSequence(sequence, 8) ); } catch (IOException e) { throw new TelehashException(e); } }
public static boolean verify(byte[] hash, byte[] signature, byte[] pub) { ASN1InputStream asn1 = new ASN1InputStream(signature); try { ECDSASigner signer = new ECDSASigner(); signer.init(false, new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub), domain)); DLSequence seq = (DLSequence) asn1.readObject(); BigInteger r = ((DERInteger) seq.getObjectAt(0)).getPositiveValue(); BigInteger s = ((DERInteger) seq.getObjectAt(1)).getPositiveValue(); return signer.verifySignature(hash, r, s); } catch (Exception e) { // threat format errors as invalid signatures return false; } finally { try { asn1.close(); } catch (IOException e) { } } } }
public static boolean verify(byte[] publicKey, byte[] signature, byte[] msg) { X9ECParameters params = SECNamedCurves.getByName("secp256k1"); ECDomainParameters EC_PARAMS = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH()); synchronized (EC_PARAMS) { boolean valid; ECDSASigner signerVer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())); try { ECPublicKeyParameters pubKey = new ECPublicKeyParameters(EC_PARAMS.getCurve().decodePoint(publicKey), EC_PARAMS); signerVer.init(false, pubKey); ASN1InputStream derSigStream = new ASN1InputStream(signature); DLSequence seq = (DLSequence) derSigStream.readObject(); BigInteger r = ((ASN1Integer) seq.getObjectAt(0)).getPositiveValue(); BigInteger s = ((ASN1Integer) seq.getObjectAt(1)).getPositiveValue(); derSigStream.close(); valid = signerVer.verifySignature(msg, r, s); } catch (IOException e) { throw new RuntimeException(); } return valid; } } }