protected P11RSADigestSignatureSpi(HashAlgo digestAlg) { this.digestAlgId = digestAlg.getAlgorithmIdentifier(); this.digest = digestAlg.createDigest(); }
protected P11RSADigestSignatureSpi(HashAlgo digestAlg) { this.digestAlgId = digestAlg.getAlgorithmIdentifier(); this.digest = digestAlg.createDigest(); }
private static ConcurrentBag<ConcurrentBagEntry<Digest>> getMessageDigests(HashAlgo hashAlgo) { ConcurrentBag<ConcurrentBagEntry<Digest>> mds = new ConcurrentBag<>(); for (int i = 0; i < PARALLELISM; i++) { mds.add(new ConcurrentBagEntry<Digest>(hashAlgo.createDigest())); } return mds; }
private byte[] hmac(byte[] contentToSign, HashAlgo hashAlgo) { HMac hmac = new HMac(hashAlgo.createDigest()); hmac.init(new KeyParameter(signingKey.getEncoded())); hmac.update(contentToSign, 0, contentToSign.length); byte[] signature = new byte[hmac.getMacSize()]; hmac.doFinal(signature, 0); return signature; }
private static Digest getDigest(AlgorithmIdentifier hashAlgo) throws XiSecurityException { HashAlgo hat = HashAlgo.getInstance(hashAlgo.getAlgorithm()); if (hat != null) { return hat.createDigest(); } else { throw new XiSecurityException("could not get digest for " + hashAlgo.getAlgorithm().getId()); } }
ECDSA(P11CryptService cryptService, P11IdentityId identityId, AlgorithmIdentifier signatureAlgId, boolean plain) throws XiSecurityException, P11TokenException { super(cryptService, identityId, signatureAlgId); this.plain = plain; String algOid = signatureAlgId.getAlgorithm().getId(); HashAlgo hashAlgo = sigAlgHashMap.get(algOid); if (hashAlgo == null) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } P11Slot slot = cryptService.getSlot(identityId.getSlotId()); if (slot.supportsMechanism(PKCS11Constants.CKM_ECDSA)) { this.mechanism = PKCS11Constants.CKM_ECDSA; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else { this.mechanism = hashMechMap.get(hashAlgo).longValue(); if (!slot.supportsMechanism(this.mechanism)) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } this.outputStream = new ByteArrayOutputStream(); } }
DSA(P11CryptService cryptService, P11IdentityId identityId, AlgorithmIdentifier signatureAlgId, boolean plain) throws XiSecurityException, P11TokenException { super(cryptService, identityId, signatureAlgId); this.plain = plain; String algOid = signatureAlgId.getAlgorithm().getId(); HashAlgo hashAlgo = sigAlgHashMap.get(algOid); if (hashAlgo == null) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } P11SlotIdentifier slotId = identityId.getSlotId(); P11Slot slot = cryptService.getSlot(slotId); if (slot.supportsMechanism(PKCS11Constants.CKM_DSA)) { this.mechanism = PKCS11Constants.CKM_DSA; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else { this.mechanism = hashMechMap.get(hashAlgo).longValue(); if (!slot.supportsMechanism(this.mechanism)) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } this.outputStream = new ByteArrayOutputStream(); } }
Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else {
SM2(P11CryptService cryptService, P11IdentityId identityId, AlgorithmIdentifier signatureAlgId, ASN1ObjectIdentifier curveOid, BigInteger pubPointX, BigInteger pubPointY) throws XiSecurityException, P11TokenException { super(cryptService, identityId, signatureAlgId); String algOid = signatureAlgId.getAlgorithm().getId(); HashAlgo hashAlgo = sigAlgHashMap.get(algOid); if (hashAlgo == null) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } P11Slot slot = cryptService.getSlot(identityId.getSlotId()); if (slot.supportsMechanism(PKCS11Constants.CKM_VENDOR_SM2)) { this.z = GMUtil.getSM2Z(curveOid, pubPointX, pubPointY); this.mechanism = PKCS11Constants.CKM_VENDOR_SM2; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else { this.z = null; // not required Long ll = hashMechMap.get(hashAlgo); if (ll == null) { throw new XiSecurityException("hash algorithm " + hashAlgo + " is not suitable for SM2"); } this.mechanism = ll.longValue(); if (!slot.supportsMechanism(this.mechanism)) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } this.outputStream = new ByteArrayOutputStream(); } }
if (slot.supportsMechanism(PKCS11Constants.CKM_DSA)) { this.mechanism = PKCS11Constants.CKM_DSA; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else {
outputStream = new ByteArrayOutputStream(); } else { outputStream = new DigestOutputStream(hashAlgo.createDigest());
P11ECDSAContentSigner(P11CryptService cryptService, P11IdentityId identityId, AlgorithmIdentifier signatureAlgId, boolean plain) throws XiSecurityException, P11TokenException { this.cryptService = ParamUtil.requireNonNull("cryptService", cryptService); this.identityId = ParamUtil.requireNonNull("identityId", identityId); this.algorithmIdentifier = ParamUtil.requireNonNull("signatureAlgId", signatureAlgId); try { this.encodedAlgorithmIdentifier = algorithmIdentifier.getEncoded(); } catch (IOException ex) { throw new XiSecurityException("could not encode AlgorithmIdentifier", ex); } this.plain = plain; String algOid = signatureAlgId.getAlgorithm().getId(); HashAlgo hashAlgo = sigAlgHashMap.get(algOid); if (hashAlgo == null) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } P11Slot slot = cryptService.getSlot(identityId.getSlotId()); if (slot.supportsMechanism(PKCS11Constants.CKM_ECDSA)) { this.mechanism = PKCS11Constants.CKM_ECDSA; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else { this.mechanism = hashMechMap.get(hashAlgo).longValue(); if (!slot.supportsMechanism(this.mechanism)) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } this.outputStream = new ByteArrayOutputStream(); } }
outputStream = new DigestOutputStream(HashAlgo.SM3.createDigest()); p11Params = null;
Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else {
public HmacContentSigner(HashAlgo hashAlgo, AlgorithmIdentifier algorithmIdentifier, SecretKey signingKey) throws XiSecurityException { this.algorithmIdentifier = Args.notNull(algorithmIdentifier, "algorithmIdentifier"); Args.notNull(signingKey, "signingKey"); try { this.encodedAlgorithmIdentifier = algorithmIdentifier.getEncoded(); } catch (IOException ex) { throw new XiSecurityException("could not encode AlgorithmIdentifier", ex); } if (hashAlgo == null) { hashAlgo = AlgorithmUtil.extractHashAlgoFromMacAlg(algorithmIdentifier); } this.hmac = new HMac(hashAlgo.createDigest()); byte[] keyBytes = signingKey.getEncoded(); this.hmac.init(new KeyParameter(keyBytes, 0, keyBytes.length)); this.outLen = hmac.getMacSize(); this.outputStream = new HmacOutputStream(); }
outputStream = new DigestOutputStream(HashAlgo.SM3.createDigest()); p11Params = null;
Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else {
public SM2Signer(CipherParameters param) { if (param instanceof ParametersWithRandom) { ParametersWithRandom rdmParam = (ParametersWithRandom) param; ecKey = (ECKeyParameters)rdmParam.getParameters(); ecParams = ecKey.getParameters(); kCalculator.init(ecParams.getN(), rdmParam.getRandom()); } else { ecKey = (ECKeyParameters) param; ecParams = ecKey.getParameters(); kCalculator.init(ecParams.getN(), new SecureRandom()); } if (!GMUtil.isSm2primev2Curve(ecKey.getParameters().getCurve())) { throw new IllegalArgumentException("Given EC key is not of the curve sm2primev2"); } this.pubPoint = new FixedPointCombMultiplier().multiply(ecParams.getG(), ((ECPrivateKeyParameters)ecKey).getD()).normalize(); this.digest = HashAlgo.SM3.createDigest(); }
this.mechanism = PKCS11Constants.CKM_RSA_PKCS_PSS; this.parameters = new P11Params.P11RSAPkcsPssParams(asn1Params); Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else if (slot.supportsMechanism(PKCS11Constants.CKM_RSA_X_509)) {
this.mechanism = PKCS11Constants.CKM_RSA_PKCS_PSS; this.parameters = new P11RSAPkcsPssParams(asn1Params); Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else if (slot.supportsMechanism(PKCS11Constants.CKM_RSA_X_509)) {