diff options
Diffstat (limited to 'prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec')
7 files changed, 2705 insertions, 0 deletions
diff --git a/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java new file mode 100644 index 00000000..451b4b68 --- /dev/null +++ b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java @@ -0,0 +1,462 @@ +package org.spongycastle.jcajce.provider.asymmetric.ec; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.security.interfaces.ECPrivateKey; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; +import java.security.spec.ECPrivateKeySpec; +import java.security.spec.EllipticCurve; +import java.util.Enumeration; + +import org.spongycastle.asn1.ASN1Encodable; +import org.spongycastle.asn1.ASN1Encoding; +import org.spongycastle.asn1.ASN1Integer; +import org.spongycastle.asn1.ASN1ObjectIdentifier; +import org.spongycastle.asn1.ASN1Primitive; +import org.spongycastle.asn1.DERBitString; +import org.spongycastle.asn1.DERNull; +import org.spongycastle.asn1.pkcs.PrivateKeyInfo; +import org.spongycastle.asn1.x509.AlgorithmIdentifier; +import org.spongycastle.asn1.x509.SubjectPublicKeyInfo; +import org.spongycastle.asn1.x9.X962Parameters; +import org.spongycastle.asn1.x9.X9ECParameters; +import org.spongycastle.asn1.x9.X9ObjectIdentifiers; +import org.spongycastle.crypto.params.ECDomainParameters; +import org.spongycastle.crypto.params.ECPrivateKeyParameters; +import org.spongycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.spongycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.spongycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; +import org.spongycastle.jcajce.provider.config.ProviderConfiguration; +import org.spongycastle.jce.interfaces.ECPointEncoder; +import org.spongycastle.jce.interfaces.PKCS12BagAttributeCarrier; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.ECNamedCurveSpec; +import org.spongycastle.math.ec.ECCurve; + +public class BCECPrivateKey + implements ECPrivateKey, org.spongycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder +{ + static final long serialVersionUID = 994553197664784084L; + + private String algorithm = "EC"; + private boolean withCompression; + + private transient BigInteger d; + private transient ECParameterSpec ecSpec; + private transient ProviderConfiguration configuration; + private transient DERBitString publicKey; + + private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl(); + + protected BCECPrivateKey() + { + } + + public BCECPrivateKey( + ECPrivateKey key, + ProviderConfiguration configuration) + { + this.d = key.getS(); + this.algorithm = key.getAlgorithm(); + this.ecSpec = key.getParams(); + this.configuration = configuration; + } + + public BCECPrivateKey( + String algorithm, + org.spongycastle.jce.spec.ECPrivateKeySpec spec, + ProviderConfiguration configuration) + { + this.algorithm = algorithm; + this.d = spec.getD(); + + if (spec.getParams() != null) // can be null if implicitlyCA + { + ECCurve curve = spec.getParams().getCurve(); + EllipticCurve ellipticCurve; + + ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams()); + } + else + { + this.ecSpec = null; + } + + this.configuration = configuration; + } + + + public BCECPrivateKey( + String algorithm, + ECPrivateKeySpec spec, + ProviderConfiguration configuration) + { + this.algorithm = algorithm; + this.d = spec.getS(); + this.ecSpec = spec.getParams(); + this.configuration = configuration; + } + + public BCECPrivateKey( + String algorithm, + BCECPrivateKey key) + { + this.algorithm = algorithm; + this.d = key.d; + this.ecSpec = key.ecSpec; + this.withCompression = key.withCompression; + this.attrCarrier = key.attrCarrier; + this.publicKey = key.publicKey; + this.configuration = key.configuration; + } + + public BCECPrivateKey( + String algorithm, + ECPrivateKeyParameters params, + BCECPublicKey pubKey, + ECParameterSpec spec, + ProviderConfiguration configuration) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.d = params.getD(); + this.configuration = configuration; + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + else + { + this.ecSpec = spec; + } + + publicKey = getPublicKeyDetails(pubKey); + } + + public BCECPrivateKey( + String algorithm, + ECPrivateKeyParameters params, + BCECPublicKey pubKey, + org.spongycastle.jce.spec.ECParameterSpec spec, + ProviderConfiguration configuration) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.d = params.getD(); + this.configuration = configuration; + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + else + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec); + } + + publicKey = getPublicKeyDetails(pubKey); + } + + public BCECPrivateKey( + String algorithm, + ECPrivateKeyParameters params, + ProviderConfiguration configuration) + { + this.algorithm = algorithm; + this.d = params.getD(); + this.ecSpec = null; + this.configuration = configuration; + } + + BCECPrivateKey( + String algorithm, + PrivateKeyInfo info, + ProviderConfiguration configuration) + throws IOException + { + this.algorithm = algorithm; + this.configuration = configuration; + populateFromPrivKeyInfo(info); + } + + private void populateFromPrivKeyInfo(PrivateKeyInfo info) + throws IOException + { + X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters()); + + if (params.isNamedCurve()) + { + ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); + X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); + EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); + + ecSpec = new ECNamedCurveSpec( + ECUtil.getCurveName(oid), + ellipticCurve, + new ECPoint( + ecP.getG().getAffineXCoord().toBigInteger(), + ecP.getG().getAffineYCoord().toBigInteger()), + ecP.getN(), + ecP.getH()); + } + else if (params.isImplicitlyCA()) + { + ecSpec = null; + } + else + { + X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters()); + EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + ecP.getG().getAffineXCoord().toBigInteger(), + ecP.getG().getAffineYCoord().toBigInteger()), + ecP.getN(), + ecP.getH().intValue()); + } + + ASN1Encodable privKey = info.parsePrivateKey(); + if (privKey instanceof ASN1Integer) + { + ASN1Integer derD = ASN1Integer.getInstance(privKey); + + this.d = derD.getValue(); + } + else + { + org.spongycastle.asn1.sec.ECPrivateKey ec = org.spongycastle.asn1.sec.ECPrivateKey.getInstance(privKey); + + this.d = ec.getKey(); + this.publicKey = ec.getPublicKey(); + } + } + + public String getAlgorithm() + { + return algorithm; + } + + /** + * return the encoding format we produce in getEncoded(). + * + * @return the string "PKCS#8" + */ + public String getFormat() + { + return "PKCS#8"; + } + + /** + * Return a PKCS8 representation of the key. The sequence returned + * represents a full PrivateKeyInfo object. + * + * @return a PKCS8 representation of the key. + */ + public byte[] getEncoded() + { + X962Parameters params; + + if (ecSpec instanceof ECNamedCurveSpec) + { + ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName()); + if (curveOid == null) // guess it's the OID + { + curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName()); + } + + params = new X962Parameters(curveOid); + } + else if (ecSpec == null) + { + params = new X962Parameters(DERNull.INSTANCE); + } + else + { + ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + + X9ECParameters ecP = new X9ECParameters( + curve, + EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + ecSpec.getOrder(), + BigInteger.valueOf(ecSpec.getCofactor()), + ecSpec.getCurve().getSeed()); + + params = new X962Parameters(ecP); + } + + PrivateKeyInfo info; + org.spongycastle.asn1.sec.ECPrivateKey keyStructure; + + if (publicKey != null) + { + keyStructure = new org.spongycastle.asn1.sec.ECPrivateKey(this.getS(), publicKey, params); + } + else + { + keyStructure = new org.spongycastle.asn1.sec.ECPrivateKey(this.getS(), params); + } + + try + { + info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), keyStructure); + + return info.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + return null; + } + } + + public ECParameterSpec getParams() + { + return ecSpec; + } + + public org.spongycastle.jce.spec.ECParameterSpec getParameters() + { + if (ecSpec == null) + { + return null; + } + + return EC5Util.convertSpec(ecSpec, withCompression); + } + + org.spongycastle.jce.spec.ECParameterSpec engineGetSpec() + { + if (ecSpec != null) + { + return EC5Util.convertSpec(ecSpec, withCompression); + } + + return configuration.getEcImplicitlyCa(); + } + + public BigInteger getS() + { + return d; + } + + public BigInteger getD() + { + return d; + } + + public void setBagAttribute( + ASN1ObjectIdentifier oid, + ASN1Encodable attribute) + { + attrCarrier.setBagAttribute(oid, attribute); + } + + public ASN1Encodable getBagAttribute( + ASN1ObjectIdentifier oid) + { + return attrCarrier.getBagAttribute(oid); + } + + public Enumeration getBagAttributeKeys() + { + return attrCarrier.getBagAttributeKeys(); + } + + public void setPointFormat(String style) + { + withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style)); + } + + public boolean equals(Object o) + { + if (!(o instanceof BCECPrivateKey)) + { + return false; + } + + BCECPrivateKey other = (BCECPrivateKey)o; + + return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec())); + } + + public int hashCode() + { + return getD().hashCode() ^ engineGetSpec().hashCode(); + } + + public String toString() + { + StringBuffer buf = new StringBuffer(); + String nl = System.getProperty("line.separator"); + + buf.append("EC Private Key").append(nl); + buf.append(" S: ").append(this.d.toString(16)).append(nl); + + return buf.toString(); + + } + + private DERBitString getPublicKeyDetails(BCECPublicKey pub) + { + try + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pub.getEncoded())); + + return info.getPublicKeyData(); + } + catch (IOException e) + { // should never happen + return null; + } + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + byte[] enc = (byte[])in.readObject(); + + populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc))); + + this.configuration = BouncyCastleProvider.CONFIGURATION; + this.attrCarrier = new PKCS12BagAttributeCarrierImpl(); + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + out.writeObject(this.getEncoded()); + } +} diff --git a/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java new file mode 100644 index 00000000..482776df --- /dev/null +++ b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java @@ -0,0 +1,454 @@ +package org.spongycastle.jcajce.provider.asymmetric.ec; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.security.interfaces.ECPublicKey; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; +import java.security.spec.ECPublicKeySpec; +import java.security.spec.EllipticCurve; + +import org.spongycastle.asn1.ASN1Encodable; +import org.spongycastle.asn1.ASN1ObjectIdentifier; +import org.spongycastle.asn1.ASN1OctetString; +import org.spongycastle.asn1.ASN1Primitive; +import org.spongycastle.asn1.DERBitString; +import org.spongycastle.asn1.DERNull; +import org.spongycastle.asn1.DEROctetString; +import org.spongycastle.asn1.x509.AlgorithmIdentifier; +import org.spongycastle.asn1.x509.SubjectPublicKeyInfo; +import org.spongycastle.asn1.x9.X962Parameters; +import org.spongycastle.asn1.x9.X9ECParameters; +import org.spongycastle.asn1.x9.X9ECPoint; +import org.spongycastle.asn1.x9.X9IntegerConverter; +import org.spongycastle.asn1.x9.X9ObjectIdentifiers; +import org.spongycastle.crypto.params.ECDomainParameters; +import org.spongycastle.crypto.params.ECPublicKeyParameters; +import org.spongycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.spongycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.spongycastle.jcajce.provider.asymmetric.util.KeyUtil; +import org.spongycastle.jcajce.provider.config.ProviderConfiguration; +import org.spongycastle.jce.interfaces.ECPointEncoder; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.ECNamedCurveSpec; +import org.spongycastle.math.ec.ECCurve; +import org.spongycastle.math.ec.custom.sec.SecP256K1Point; +import org.spongycastle.math.ec.custom.sec.SecP256R1Point; + +public class BCECPublicKey + implements ECPublicKey, org.spongycastle.jce.interfaces.ECPublicKey, ECPointEncoder +{ + static final long serialVersionUID = 2422789860422731812L; + + private String algorithm = "EC"; + private boolean withCompression; + + private transient org.spongycastle.math.ec.ECPoint q; + private transient ECParameterSpec ecSpec; + private transient ProviderConfiguration configuration; + + public BCECPublicKey( + String algorithm, + BCECPublicKey key) + { + this.algorithm = algorithm; + this.q = key.q; + this.ecSpec = key.ecSpec; + this.withCompression = key.withCompression; + this.configuration = key.configuration; + } + + public BCECPublicKey( + String algorithm, + ECPublicKeySpec spec, + ProviderConfiguration configuration) + { + this.algorithm = algorithm; + this.ecSpec = spec.getParams(); + this.q = EC5Util.convertPoint(ecSpec, spec.getW(), false); + this.configuration = configuration; + } + + public BCECPublicKey( + String algorithm, + org.spongycastle.jce.spec.ECPublicKeySpec spec, + ProviderConfiguration configuration) + { + this.algorithm = algorithm; + this.q = spec.getQ(); + + if (spec.getParams() != null) // can be null if implictlyCa + { + ECCurve curve = spec.getParams().getCurve(); + EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed()); + + // this may seem a little long-winded but it's how we pick up the custom curve. + this.q = EC5Util.convertCurve(ellipticCurve).createPoint(spec.getQ().getAffineXCoord().toBigInteger(), spec.getQ().getAffineYCoord().toBigInteger()); + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams()); + } + else + { + if (q.getCurve() == null) + { + org.spongycastle.jce.spec.ECParameterSpec s = configuration.getEcImplicitlyCa(); + + q = s.getCurve().createPoint(q.getXCoord().toBigInteger(), q.getYCoord().toBigInteger(), false); + } + this.ecSpec = null; + } + + this.configuration = configuration; + } + + public BCECPublicKey( + String algorithm, + ECPublicKeyParameters params, + ECParameterSpec spec, + ProviderConfiguration configuration) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.q = params.getQ(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = createSpec(ellipticCurve, dp); + } + else + { + this.ecSpec = spec; + } + + this.configuration = configuration; + } + + public BCECPublicKey( + String algorithm, + ECPublicKeyParameters params, + org.spongycastle.jce.spec.ECParameterSpec spec, + ProviderConfiguration configuration) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = createSpec(ellipticCurve, dp); + } + else + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec); + } + + this.q = EC5Util.convertCurve(ecSpec.getCurve()).createPoint(params.getQ().getAffineXCoord().toBigInteger(), params.getQ().getAffineYCoord().toBigInteger()); + + this.configuration = configuration; + } + + /* + * called for implicitCA + */ + public BCECPublicKey( + String algorithm, + ECPublicKeyParameters params, + ProviderConfiguration configuration) + { + this.algorithm = algorithm; + this.q = params.getQ(); + this.ecSpec = null; + this.configuration = configuration; + } + + public BCECPublicKey( + ECPublicKey key, + ProviderConfiguration configuration) + { + this.algorithm = key.getAlgorithm(); + this.ecSpec = key.getParams(); + this.q = EC5Util.convertPoint(this.ecSpec, key.getW(), false); + } + + BCECPublicKey( + String algorithm, + SubjectPublicKeyInfo info, + ProviderConfiguration configuration) + { + this.algorithm = algorithm; + this.configuration = configuration; + populateFromPubKeyInfo(info); + } + + private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp) + { + return new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + + private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) + { + X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithm().getParameters()); + ECCurve curve; + EllipticCurve ellipticCurve; + + if (params.isNamedCurve()) + { + ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)params.getParameters(); + X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); + + curve = ecP.getCurve(); + ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed()); + + ecSpec = new ECNamedCurveSpec( + ECUtil.getCurveName(oid), + ellipticCurve, + new ECPoint( + ecP.getG().getAffineXCoord().toBigInteger(), + ecP.getG().getAffineYCoord().toBigInteger()), + ecP.getN(), + ecP.getH()); + } + else if (params.isImplicitlyCA()) + { + ecSpec = null; + curve = configuration.getEcImplicitlyCa().getCurve(); + } + else + { + X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters()); + + curve = ecP.getCurve(); + ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + ecP.getG().getAffineXCoord().toBigInteger(), + ecP.getG().getAffineYCoord().toBigInteger()), + ecP.getN(), + ecP.getH().intValue()); + } + + DERBitString bits = info.getPublicKeyData(); + byte[] data = bits.getBytes(); + ASN1OctetString key = new DEROctetString(data); + + // + // extra octet string - one of our old certs... + // + if (data[0] == 0x04 && data[1] == data.length - 2 + && (data[2] == 0x02 || data[2] == 0x03)) + { + int qLength = new X9IntegerConverter().getByteLength(curve); + + if (qLength >= data.length - 3) + { + try + { + key = (ASN1OctetString) ASN1Primitive.fromByteArray(data); + } + catch (IOException ex) + { + throw new IllegalArgumentException("error recovering public key"); + } + } + } + X9ECPoint derQ = new X9ECPoint(curve, key); + + this.q = derQ.getPoint(); + } + + public String getAlgorithm() + { + return algorithm; + } + + public String getFormat() + { + return "X.509"; + } + + public byte[] getEncoded() + { + ASN1Encodable params; + SubjectPublicKeyInfo info; + + if (ecSpec instanceof ECNamedCurveSpec) + { + ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName()); + if (curveOid == null) + { + curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName()); + } + params = new X962Parameters(curveOid); + } + else if (ecSpec == null) + { + params = new X962Parameters(DERNull.INSTANCE); + } + else + { + ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + + X9ECParameters ecP = new X9ECParameters( + curve, + EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + ecSpec.getOrder(), + BigInteger.valueOf(ecSpec.getCofactor()), + ecSpec.getCurve().getSeed()); + + params = new X962Parameters(ecP); + } + + ECCurve curve = this.engineGetQ().getCurve(); + ASN1OctetString p; + + // stored curve is null if ImplicitlyCa + if (ecSpec == null) + { + p = (ASN1OctetString) + new X9ECPoint(curve.createPoint(this.getQ().getXCoord().toBigInteger(), this.getQ().getYCoord().toBigInteger(), withCompression)).toASN1Primitive(); + } + else + { + p = (ASN1OctetString) + new X9ECPoint(curve.createPoint(this.getQ().getAffineXCoord().toBigInteger(), this.getQ().getAffineYCoord().toBigInteger(), withCompression)).toASN1Primitive(); + } + + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets()); + + return KeyUtil.getEncodedSubjectPublicKeyInfo(info); + } + + private void extractBytes(byte[] encKey, int offSet, BigInteger bI) + { + byte[] val = bI.toByteArray(); + if (val.length < 32) + { + byte[] tmp = new byte[32]; + System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length); + val = tmp; + } + + for (int i = 0; i != 32; i++) + { + encKey[offSet + i] = val[val.length - 1 - i]; + } + } + + public ECParameterSpec getParams() + { + return ecSpec; + } + + public org.spongycastle.jce.spec.ECParameterSpec getParameters() + { + if (ecSpec == null) // implictlyCA + { + return null; + } + + return EC5Util.convertSpec(ecSpec, withCompression); + } + + public ECPoint getW() + { + return new ECPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger()); + } + + public org.spongycastle.math.ec.ECPoint getQ() + { + if (ecSpec == null) + { + return q.getDetachedPoint(); + } + + return q; + } + + public org.spongycastle.math.ec.ECPoint engineGetQ() + { + return q; + } + + org.spongycastle.jce.spec.ECParameterSpec engineGetSpec() + { + if (ecSpec != null) + { + return EC5Util.convertSpec(ecSpec, withCompression); + } + + return configuration.getEcImplicitlyCa(); + } + + public String toString() + { + StringBuffer buf = new StringBuffer(); + String nl = System.getProperty("line.separator"); + + buf.append("EC Public Key").append(nl); + buf.append(" X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl); + buf.append(" Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl); + + return buf.toString(); + + } + + public void setPointFormat(String style) + { + withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style)); + } + + public boolean equals(Object o) + { + if (!(o instanceof BCECPublicKey)) + { + return false; + } + + BCECPublicKey other = (BCECPublicKey)o; + + return engineGetQ().equals(other.engineGetQ()) && (engineGetSpec().equals(other.engineGetSpec())); + } + + public int hashCode() + { + return engineGetQ().hashCode() ^ engineGetSpec().hashCode(); + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + byte[] enc = (byte[])in.readObject(); + + populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc))); + + this.configuration = BouncyCastleProvider.CONFIGURATION; + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + out.writeObject(this.getEncoded()); + } +} diff --git a/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/IESCipher.java b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/IESCipher.java new file mode 100644 index 00000000..69b61495 --- /dev/null +++ b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/IESCipher.java @@ -0,0 +1,552 @@ +package org.spongycastle.jcajce.provider.asymmetric.ec; + +import java.io.ByteArrayOutputStream; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.CipherSpi; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.ShortBufferException; + +import org.spongycastle.crypto.CipherParameters; +import org.spongycastle.crypto.InvalidCipherTextException; +import org.spongycastle.crypto.KeyEncoder; +import org.spongycastle.crypto.agreement.ECDHBasicAgreement; +import org.spongycastle.crypto.digests.SHA1Digest; +import org.spongycastle.crypto.engines.AESEngine; +import org.spongycastle.crypto.engines.DESedeEngine; +import org.spongycastle.crypto.engines.IESEngine; +import org.spongycastle.crypto.generators.ECKeyPairGenerator; +import org.spongycastle.crypto.generators.EphemeralKeyPairGenerator; +import org.spongycastle.crypto.generators.KDF2BytesGenerator; +import org.spongycastle.crypto.macs.HMac; +import org.spongycastle.crypto.modes.CBCBlockCipher; +import org.spongycastle.crypto.paddings.PaddedBufferedBlockCipher; +import org.spongycastle.crypto.params.AsymmetricKeyParameter; +import org.spongycastle.crypto.params.ECDomainParameters; +import org.spongycastle.crypto.params.ECKeyGenerationParameters; +import org.spongycastle.crypto.params.ECKeyParameters; +import org.spongycastle.crypto.params.ECPublicKeyParameters; +import org.spongycastle.crypto.params.IESWithCipherParameters; +import org.spongycastle.crypto.params.ParametersWithIV; +import org.spongycastle.crypto.parsers.ECIESPublicKeyParser; +import org.spongycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.spongycastle.jcajce.provider.asymmetric.util.IESUtil; +import org.spongycastle.jce.interfaces.ECKey; +import org.spongycastle.jce.interfaces.ECPrivateKey; +import org.spongycastle.jce.interfaces.ECPublicKey; +import org.spongycastle.jce.interfaces.IESKey; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.IESParameterSpec; +import org.spongycastle.util.Strings; + + +public class IESCipher + extends CipherSpi +{ + private int ivLength; + private IESEngine engine; + private int state = -1; + private ByteArrayOutputStream buffer = new ByteArrayOutputStream(); + private AlgorithmParameters engineParam = null; + private IESParameterSpec engineSpec = null; + private AsymmetricKeyParameter key; + private SecureRandom random; + private boolean dhaesMode = false; + private AsymmetricKeyParameter otherKeyParameter = null; + + public IESCipher(IESEngine engine) + { + this.engine = engine; + this.ivLength = 0; + } + + public IESCipher(IESEngine engine, int ivLength) + { + this.engine = engine; + this.ivLength = ivLength; + } + + public int engineGetBlockSize() + { + if (engine.getCipher() != null) + { + return engine.getCipher().getBlockSize(); + } + else + { + return 0; + } + } + + + public int engineGetKeySize(Key key) + { + if (key instanceof ECKey) + { + return ((ECKey)key).getParameters().getCurve().getFieldSize(); + } + else + { + throw new IllegalArgumentException("not an EC key"); + } + } + + + public byte[] engineGetIV() + { + return null; + } + + public AlgorithmParameters engineGetParameters() + { + if (engineParam == null && engineSpec != null) + { + try + { + engineParam = AlgorithmParameters.getInstance("IES", BouncyCastleProvider.PROVIDER_NAME); + engineParam.init(engineSpec); + } + catch (Exception e) + { + throw new RuntimeException(e.toString()); + } + } + + return engineParam; + } + + + public void engineSetMode(String mode) + throws NoSuchAlgorithmException + { + String modeName = Strings.toUpperCase(mode); + + if (modeName.equals("NONE")) + { + dhaesMode = false; + } + else if (modeName.equals("DHAES")) + { + dhaesMode = true; + } + else + { + throw new IllegalArgumentException("can't support mode " + mode); + } + } + + + public int engineGetOutputSize(int inputLen) + { + int len1, len2, len3; + + len1 = engine.getMac().getMacSize(); + + if (key != null) + { + len2 = 1 + 2 * (((ECKey)key).getParameters().getCurve().getFieldSize() + 7) / 8; + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + if (engine.getCipher() == null) + { + len3 = inputLen; + } + else if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + len3 = engine.getCipher().getOutputSize(inputLen); + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + len3 = engine.getCipher().getOutputSize(inputLen - len1 - len2); + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + return buffer.size() + len1 + len2 + len3; + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + return buffer.size() - len1 - len2 + len3; + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + } + + public void engineSetPadding(String padding) + throws NoSuchPaddingException + { + String paddingName = Strings.toUpperCase(padding); + + // TDOD: make this meaningful... + if (paddingName.equals("NOPADDING")) + { + + } + else if (paddingName.equals("PKCS5PADDING") || paddingName.equals("PKCS7PADDING")) + { + + } + else + { + throw new NoSuchPaddingException("padding not available with IESCipher"); + } + } + + + // Initialisation methods + + public void engineInit( + int opmode, + Key key, + AlgorithmParameters params, + SecureRandom random) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + AlgorithmParameterSpec paramSpec = null; + + if (params != null) + { + try + { + paramSpec = params.getParameterSpec(IESParameterSpec.class); + } + catch (Exception e) + { + throw new InvalidAlgorithmParameterException("cannot recognise parameters: " + e.toString()); + } + } + + engineParam = params; + engineInit(opmode, key, paramSpec, random); + + } + + + public void engineInit( + int opmode, + Key key, + AlgorithmParameterSpec engineSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException, InvalidKeyException + { + otherKeyParameter = null; + + // Use default parameters (including cipher key size) if none are specified + if (engineSpec == null) + { + this.engineSpec = IESUtil.guessParameterSpec(engine); + } + else if (engineSpec instanceof IESParameterSpec) + { + this.engineSpec = (IESParameterSpec)engineSpec; + } + else + { + throw new InvalidAlgorithmParameterException("must be passed IES parameters"); + } + + byte[] nonce = this.engineSpec.getNonce(); + + if (nonce != null) + { + if (ivLength == 0) + { + throw new InvalidAlgorithmParameterException("NONCE present in IES Parameters when none required"); + } + else if (nonce.length != ivLength) + { + throw new InvalidAlgorithmParameterException("NONCE in IES Parameters needs to be " + ivLength + " bytes long"); + } + } + + // Parse the recipient's key + if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE) + { + if (key instanceof ECPublicKey) + { + this.key = ECUtil.generatePublicKeyParameter((PublicKey)key); + } + else if (key instanceof IESKey) + { + IESKey ieKey = (IESKey)key; + + this.key = ECUtil.generatePublicKeyParameter(ieKey.getPublic()); + this.otherKeyParameter = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate()); + } + else + { + throw new InvalidKeyException("must be passed recipient's public EC key for encryption"); + } + } + else if (opmode == Cipher.DECRYPT_MODE || opmode == Cipher.UNWRAP_MODE) + { + if (key instanceof ECPrivateKey) + { + this.key = ECUtil.generatePrivateKeyParameter((PrivateKey)key); + } + else if (key instanceof IESKey) + { + IESKey ieKey = (IESKey)key; + + this.otherKeyParameter = ECUtil.generatePublicKeyParameter(ieKey.getPublic()); + this.key = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate()); + } + else + { + throw new InvalidKeyException("must be passed recipient's private EC key for decryption"); + } + } + else + { + throw new InvalidKeyException("must be passed EC key"); + } + + + this.random = random; + this.state = opmode; + buffer.reset(); + + } + + + public void engineInit( + int opmode, + Key key, + SecureRandom random) + throws InvalidKeyException + { + try + { + engineInit(opmode, key, (AlgorithmParameterSpec)null, random); + } + catch (InvalidAlgorithmParameterException e) + { + throw new IllegalArgumentException("can't handle supplied parameter spec"); + } + + } + + + // Update methods - buffer the input + + public byte[] engineUpdate( + byte[] input, + int inputOffset, + int inputLen) + { + buffer.write(input, inputOffset, inputLen); + return null; + } + + + public int engineUpdate( + byte[] input, + int inputOffset, + int inputLen, + byte[] output, + int outputOffset) + { + buffer.write(input, inputOffset, inputLen); + return 0; + } + + + // Finalisation methods + + public byte[] engineDoFinal( + byte[] input, + int inputOffset, + int inputLen) + throws IllegalBlockSizeException, BadPaddingException + { + if (inputLen != 0) + { + buffer.write(input, inputOffset, inputLen); + } + + final byte[] in = buffer.toByteArray(); + buffer.reset(); + + // Convert parameters for use in IESEngine + CipherParameters params = new IESWithCipherParameters(engineSpec.getDerivationV(), + engineSpec.getEncodingV(), + engineSpec.getMacKeySize(), + engineSpec.getCipherKeySize()); + + if (engineSpec.getNonce() != null) + { + params = new ParametersWithIV(params, engineSpec.getNonce()); + } + + final ECDomainParameters ecParams = ((ECKeyParameters)key).getParameters(); + + final byte[] V; + + if (otherKeyParameter != null) + { + try + { + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + engine.init(true, otherKeyParameter, key, params); + } + else + { + engine.init(false, key, otherKeyParameter, params); + } + return engine.processBlock(in, 0, in.length); + } + catch (Exception e) + { + throw new BadPaddingException(e.getMessage()); + } + } + + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + // Generate the ephemeral key pair + ECKeyPairGenerator gen = new ECKeyPairGenerator(); + gen.init(new ECKeyGenerationParameters(ecParams, random)); + + EphemeralKeyPairGenerator kGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder() + { + public byte[] getEncoded(AsymmetricKeyParameter keyParameter) + { + return ((ECPublicKeyParameters)keyParameter).getQ().getEncoded(); + } + }); + + // Encrypt the buffer + try + { + engine.init(key, params, kGen); + + return engine.processBlock(in, 0, in.length); + } + catch (Exception e) + { + throw new BadPaddingException(e.getMessage()); + } + + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + // Decrypt the buffer + try + { + engine.init(key, params, new ECIESPublicKeyParser(ecParams)); + + return engine.processBlock(in, 0, in.length); + } + catch (InvalidCipherTextException e) + { + throw new BadPaddingException(e.getMessage()); + } + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + } + + public int engineDoFinal( + byte[] input, + int inputOffset, + int inputLength, + byte[] output, + int outputOffset) + throws ShortBufferException, IllegalBlockSizeException, BadPaddingException + { + + byte[] buf = engineDoFinal(input, inputOffset, inputLength); + System.arraycopy(buf, 0, output, outputOffset, buf.length); + return buf.length; + } + + + /** + * Classes that inherit from us + */ + + static public class ECIES + extends IESCipher + { + public ECIES() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()))); + } + } + + static public class ECIESwithDESede + extends IESCipher + { + public ECIESwithDESede() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new DESedeEngine()))); + } + } + + static public class ECIESwithAES + extends IESCipher + { + public ECIESwithAES() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new AESEngine()))); + } + } + + static public class ECIESwithDESedeCBC + extends IESCipher + { + public ECIESwithDESedeCBC() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()))), 8); + } + } + + static public class ECIESwithAESCBC + extends IESCipher + { + public ECIESwithAESCBC() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()))), 16); + } + } +} diff --git a/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java new file mode 100644 index 00000000..590cd155 --- /dev/null +++ b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java @@ -0,0 +1,361 @@ +package org.spongycastle.jcajce.provider.asymmetric.ec; + +import java.math.BigInteger; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.util.Hashtable; + +import javax.crypto.SecretKey; +import javax.crypto.ShortBufferException; +import javax.crypto.spec.SecretKeySpec; + +import org.spongycastle.asn1.ASN1ObjectIdentifier; +import org.spongycastle.asn1.nist.NISTObjectIdentifiers; +import org.spongycastle.asn1.oiw.OIWObjectIdentifiers; +import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.spongycastle.asn1.x9.X9IntegerConverter; +import org.spongycastle.crypto.BasicAgreement; +import org.spongycastle.crypto.CipherParameters; +import org.spongycastle.crypto.DerivationFunction; +import org.spongycastle.crypto.agreement.ECDHBasicAgreement; +import org.spongycastle.crypto.agreement.ECDHCBasicAgreement; +import org.spongycastle.crypto.agreement.ECMQVBasicAgreement; +import org.spongycastle.crypto.agreement.kdf.DHKDFParameters; +import org.spongycastle.crypto.agreement.kdf.ECDHKEKGenerator; +import org.spongycastle.crypto.digests.SHA1Digest; +import org.spongycastle.crypto.params.DESParameters; +import org.spongycastle.crypto.params.ECDomainParameters; +import org.spongycastle.crypto.params.ECPrivateKeyParameters; +import org.spongycastle.crypto.params.ECPublicKeyParameters; +import org.spongycastle.crypto.params.MQVPrivateParameters; +import org.spongycastle.crypto.params.MQVPublicParameters; +import org.spongycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.spongycastle.jce.interfaces.ECPrivateKey; +import org.spongycastle.jce.interfaces.ECPublicKey; +import org.spongycastle.jce.interfaces.MQVPrivateKey; +import org.spongycastle.jce.interfaces.MQVPublicKey; +import org.spongycastle.util.Integers; +import org.spongycastle.util.Strings; + +/** + * Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363 + * both the simple one, and the simple one with cofactors are supported. + * + * Also, MQV key agreement per SEC-1 + */ +public class KeyAgreementSpi + extends javax.crypto.KeyAgreementSpi +{ + private static final X9IntegerConverter converter = new X9IntegerConverter(); + private static final Hashtable algorithms = new Hashtable(); + private static final Hashtable oids = new Hashtable(); + private static final Hashtable des = new Hashtable(); + + static + { + Integer i64 = Integers.valueOf(64); + Integer i128 = Integers.valueOf(128); + Integer i192 = Integers.valueOf(192); + Integer i256 = Integers.valueOf(256); + + algorithms.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), i128); + algorithms.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), i192); + algorithms.put(NISTObjectIdentifiers.id_aes256_CBC.getId(), i256); + algorithms.put(NISTObjectIdentifiers.id_aes128_wrap.getId(), i128); + algorithms.put(NISTObjectIdentifiers.id_aes192_wrap.getId(), i192); + algorithms.put(NISTObjectIdentifiers.id_aes256_wrap.getId(), i256); + algorithms.put(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId(), i192); + algorithms.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), i192); + algorithms.put(OIWObjectIdentifiers.desCBC.getId(), i64); + + oids.put("DESEDE", PKCSObjectIdentifiers.des_EDE3_CBC); + oids.put("AES", NISTObjectIdentifiers.id_aes256_CBC); + oids.put("DES", OIWObjectIdentifiers.desCBC); + + des.put("DES", "DES"); + des.put("DESEDE", "DES"); + des.put(OIWObjectIdentifiers.desCBC.getId(), "DES"); + des.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), "DES"); + des.put(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId(), "DES"); + } + + private String kaAlgorithm; + private BigInteger result; + private ECDomainParameters parameters; + private BasicAgreement agreement; + private DerivationFunction kdf; + + private byte[] bigIntToBytes( + BigInteger r) + { + return converter.integerToBytes(r, converter.getByteLength(parameters.getCurve())); + } + + protected KeyAgreementSpi( + String kaAlgorithm, + BasicAgreement agreement, + DerivationFunction kdf) + { + this.kaAlgorithm = kaAlgorithm; + this.agreement = agreement; + this.kdf = kdf; + } + + protected Key engineDoPhase( + Key key, + boolean lastPhase) + throws InvalidKeyException, IllegalStateException + { + if (parameters == null) + { + throw new IllegalStateException(kaAlgorithm + " not initialised."); + } + + if (!lastPhase) + { + throw new IllegalStateException(kaAlgorithm + " can only be between two parties."); + } + + CipherParameters pubKey; + if (agreement instanceof ECMQVBasicAgreement) + { + if (!(key instanceof MQVPublicKey)) + { + throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + + getSimpleName(MQVPublicKey.class) + " for doPhase"); + } + + MQVPublicKey mqvPubKey = (MQVPublicKey)key; + ECPublicKeyParameters staticKey = (ECPublicKeyParameters) + ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); + ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) + ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); + + pubKey = new MQVPublicParameters(staticKey, ephemKey); + + // TODO Validate that all the keys are using the same parameters? + } + else + { + if (!(key instanceof PublicKey)) + { + throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + + getSimpleName(ECPublicKey.class) + " for doPhase"); + } + + pubKey = ECUtil.generatePublicKeyParameter((PublicKey)key); + + // TODO Validate that all the keys are using the same parameters? + } + + result = agreement.calculateAgreement(pubKey); + + return null; + } + + protected byte[] engineGenerateSecret() + throws IllegalStateException + { + if (kdf != null) + { + throw new UnsupportedOperationException( + "KDF can only be used when algorithm is known"); + } + + return bigIntToBytes(result); + } + + protected int engineGenerateSecret( + byte[] sharedSecret, + int offset) + throws IllegalStateException, ShortBufferException + { + byte[] secret = engineGenerateSecret(); + + if (sharedSecret.length - offset < secret.length) + { + throw new ShortBufferException(kaAlgorithm + " key agreement: need " + secret.length + " bytes"); + } + + System.arraycopy(secret, 0, sharedSecret, offset, secret.length); + + return secret.length; + } + + protected SecretKey engineGenerateSecret( + String algorithm) + throws NoSuchAlgorithmException + { + byte[] secret = bigIntToBytes(result); + String algKey = Strings.toUpperCase(algorithm); + String oidAlgorithm = algorithm; + + if (oids.containsKey(algKey)) + { + oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId(); + } + + if (kdf != null) + { + if (!algorithms.containsKey(oidAlgorithm)) + { + throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); + } + + int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); + + DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); + + byte[] keyBytes = new byte[keySize / 8]; + kdf.init(params); + kdf.generateBytes(keyBytes, 0, keyBytes.length); + secret = keyBytes; + } + else + { + if (algorithms.containsKey(oidAlgorithm)) + { + Integer length = (Integer)algorithms.get(oidAlgorithm); + + byte[] key = new byte[length.intValue() / 8]; + + System.arraycopy(secret, 0, key, 0, key.length); + + secret = key; + } + } + + if (des.containsKey(oidAlgorithm)) + { + DESParameters.setOddParity(secret); + } + + return new SecretKeySpec(secret, algorithm); + } + + protected void engineInit( + Key key, + AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + if (params != null) + { + throw new InvalidAlgorithmParameterException("No algorithm parameters supported"); + } + + initFromKey(key); + } + + protected void engineInit( + Key key, + SecureRandom random) + throws InvalidKeyException + { + initFromKey(key); + } + + private void initFromKey(Key key) + throws InvalidKeyException + { + if (agreement instanceof ECMQVBasicAgreement) + { + if (!(key instanceof MQVPrivateKey)) + { + throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + + getSimpleName(MQVPrivateKey.class) + " for initialisation"); + } + + MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; + ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); + ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); + + ECPublicKeyParameters ephemPubKey = null; + if (mqvPrivKey.getEphemeralPublicKey() != null) + { + ephemPubKey = (ECPublicKeyParameters) + ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); + } + + MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); + this.parameters = staticPrivKey.getParameters(); + + // TODO Validate that all the keys are using the same parameters? + + agreement.init(localParams); + } + else + { + if (!(key instanceof PrivateKey)) + { + throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + + getSimpleName(ECPrivateKey.class) + " for initialisation"); + } + + ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)ECUtil.generatePrivateKeyParameter((PrivateKey)key); + this.parameters = privKey.getParameters(); + + agreement.init(privKey); + } + } + + private static String getSimpleName(Class clazz) + { + String fullName = clazz.getName(); + + return fullName.substring(fullName.lastIndexOf('.') + 1); + } + + public static class DH + extends KeyAgreementSpi + { + public DH() + { + super("ECDH", new ECDHBasicAgreement(), null); + } + } + + public static class DHC + extends KeyAgreementSpi + { + public DHC() + { + super("ECDHC", new ECDHCBasicAgreement(), null); + } + } + + public static class MQV + extends KeyAgreementSpi + { + public MQV() + { + super("ECMQV", new ECMQVBasicAgreement(), null); + } + } + + public static class DHwithSHA1KDF + extends KeyAgreementSpi + { + public DHwithSHA1KDF() + { + super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); + } + } + + public static class MQVwithSHA1KDF + extends KeyAgreementSpi + { + public MQVwithSHA1KDF() + { + super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); + } + } +} diff --git a/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java new file mode 100644 index 00000000..5e77a74c --- /dev/null +++ b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java @@ -0,0 +1,239 @@ +package org.spongycastle.jcajce.provider.asymmetric.ec; + +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.ECPrivateKey; +import java.security.interfaces.ECPublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import org.spongycastle.asn1.ASN1ObjectIdentifier; +import org.spongycastle.asn1.pkcs.PrivateKeyInfo; +import org.spongycastle.asn1.x509.SubjectPublicKeyInfo; +import org.spongycastle.asn1.x9.X9ObjectIdentifiers; +import org.spongycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi; +import org.spongycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.spongycastle.jcajce.provider.config.ProviderConfiguration; +import org.spongycastle.jcajce.provider.util.AsymmetricKeyInfoConverter; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.ECParameterSpec; +import org.spongycastle.jce.spec.ECPrivateKeySpec; +import org.spongycastle.jce.spec.ECPublicKeySpec; + +public class KeyFactorySpi + extends BaseKeyFactorySpi + implements AsymmetricKeyInfoConverter +{ + String algorithm; + ProviderConfiguration configuration; + + KeyFactorySpi( + String algorithm, + ProviderConfiguration configuration) + { + this.algorithm = algorithm; + this.configuration = configuration; + } + + protected Key engineTranslateKey( + Key key) + throws InvalidKeyException + { + if (key instanceof ECPublicKey) + { + return new BCECPublicKey((ECPublicKey)key, configuration); + } + else if (key instanceof ECPrivateKey) + { + return new BCECPrivateKey((ECPrivateKey)key, configuration); + } + + throw new InvalidKeyException("key type unknown"); + } + + protected KeySpec engineGetKeySpec( + Key key, + Class spec) + throws InvalidKeySpecException + { + if (spec.isAssignableFrom(java.security.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey) + { + ECPublicKey k = (ECPublicKey)key; + if (k.getParams() != null) + { + return new java.security.spec.ECPublicKeySpec(k.getW(), k.getParams()); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new java.security.spec.ECPublicKeySpec(k.getW(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec)); + } + } + else if (spec.isAssignableFrom(java.security.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey) + { + ECPrivateKey k = (ECPrivateKey)key; + + if (k.getParams() != null) + { + return new java.security.spec.ECPrivateKeySpec(k.getS(), k.getParams()); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new java.security.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec)); + } + } + else if (spec.isAssignableFrom(org.spongycastle.jce.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey) + { + ECPublicKey k = (ECPublicKey)key; + if (k.getParams() != null) + { + return new org.spongycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), EC5Util.convertSpec(k.getParams(), false)); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new org.spongycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), implicitSpec); + } + } + else if (spec.isAssignableFrom(org.spongycastle.jce.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey) + { + ECPrivateKey k = (ECPrivateKey)key; + + if (k.getParams() != null) + { + return new org.spongycastle.jce.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(k.getParams(), false)); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new org.spongycastle.jce.spec.ECPrivateKeySpec(k.getS(), implicitSpec); + } + } + + return super.engineGetKeySpec(key, spec); + } + + protected PrivateKey engineGeneratePrivate( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof ECPrivateKeySpec) + { + return new BCECPrivateKey(algorithm, (ECPrivateKeySpec)keySpec, configuration); + } + else if (keySpec instanceof java.security.spec.ECPrivateKeySpec) + { + return new BCECPrivateKey(algorithm, (java.security.spec.ECPrivateKeySpec)keySpec, configuration); + } + + return super.engineGeneratePrivate(keySpec); + } + + protected PublicKey engineGeneratePublic( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof ECPublicKeySpec) + { + return new BCECPublicKey(algorithm, (ECPublicKeySpec)keySpec, configuration); + } + else if (keySpec instanceof java.security.spec.ECPublicKeySpec) + { + return new BCECPublicKey(algorithm, (java.security.spec.ECPublicKeySpec)keySpec, configuration); + } + + return super.engineGeneratePublic(keySpec); + } + + public PrivateKey generatePrivate(PrivateKeyInfo keyInfo) + throws IOException + { + ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm(); + + if (algOid.equals(X9ObjectIdentifiers.id_ecPublicKey)) + { + return new BCECPrivateKey(algorithm, keyInfo, configuration); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } + + public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo) + throws IOException + { + ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm(); + + if (algOid.equals(X9ObjectIdentifiers.id_ecPublicKey)) + { + return new BCECPublicKey(algorithm, keyInfo, configuration); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } + + public static class EC + extends KeyFactorySpi + { + public EC() + { + super("EC", BouncyCastleProvider.CONFIGURATION); + } + } + + public static class ECDSA + extends KeyFactorySpi + { + public ECDSA() + { + super("ECDSA", BouncyCastleProvider.CONFIGURATION); + } + } + + public static class ECGOST3410 + extends KeyFactorySpi + { + public ECGOST3410() + { + super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); + } + } + + public static class ECDH + extends KeyFactorySpi + { + public ECDH() + { + super("ECDH", BouncyCastleProvider.CONFIGURATION); + } + } + + public static class ECDHC + extends KeyFactorySpi + { + public ECDHC() + { + super("ECDHC", BouncyCastleProvider.CONFIGURATION); + } + } + + public static class ECMQV + extends KeyFactorySpi + { + public ECMQV() + { + super("ECMQV", BouncyCastleProvider.CONFIGURATION); + } + } +}
\ No newline at end of file diff --git a/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java new file mode 100644 index 00000000..bd24d1aa --- /dev/null +++ b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java @@ -0,0 +1,270 @@ +package org.spongycastle.jcajce.provider.asymmetric.ec; + +import java.math.BigInteger; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.ECGenParameterSpec; +import java.util.Hashtable; + +import org.spongycastle.asn1.ASN1ObjectIdentifier; +import org.spongycastle.asn1.x9.ECNamedCurveTable; +import org.spongycastle.asn1.x9.X9ECParameters; +import org.spongycastle.crypto.AsymmetricCipherKeyPair; +import org.spongycastle.crypto.generators.ECKeyPairGenerator; +import org.spongycastle.crypto.params.ECDomainParameters; +import org.spongycastle.crypto.params.ECKeyGenerationParameters; +import org.spongycastle.crypto.params.ECPrivateKeyParameters; +import org.spongycastle.crypto.params.ECPublicKeyParameters; +import org.spongycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.spongycastle.jcajce.provider.config.ProviderConfiguration; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.ECNamedCurveGenParameterSpec; +import org.spongycastle.jce.spec.ECNamedCurveSpec; +import org.spongycastle.jce.spec.ECParameterSpec; +import org.spongycastle.math.ec.ECCurve; +import org.spongycastle.math.ec.ECPoint; +import org.spongycastle.util.Integers; + +public abstract class KeyPairGeneratorSpi + extends java.security.KeyPairGenerator +{ + public KeyPairGeneratorSpi(String algorithmName) + { + super(algorithmName); + } + + public static class EC + extends KeyPairGeneratorSpi + { + ECKeyGenerationParameters param; + ECKeyPairGenerator engine = new ECKeyPairGenerator(); + Object ecParams = null; + int strength = 239; + int certainty = 50; + SecureRandom random = new SecureRandom(); + boolean initialised = false; + String algorithm; + ProviderConfiguration configuration; + + static private Hashtable ecParameters; + + static { + ecParameters = new Hashtable(); + + ecParameters.put(Integers.valueOf(192), new ECGenParameterSpec("prime192v1")); // a.k.a P-192 + ecParameters.put(Integers.valueOf(239), new ECGenParameterSpec("prime239v1")); + ecParameters.put(Integers.valueOf(256), new ECGenParameterSpec("prime256v1")); // a.k.a P-256 + + ecParameters.put(Integers.valueOf(224), new ECGenParameterSpec("P-224")); + ecParameters.put(Integers.valueOf(384), new ECGenParameterSpec("P-384")); + ecParameters.put(Integers.valueOf(521), new ECGenParameterSpec("P-521")); + } + + public EC() + { + super("EC"); + this.algorithm = "EC"; + this.configuration = BouncyCastleProvider.CONFIGURATION; + } + + public EC( + String algorithm, + ProviderConfiguration configuration) + { + super(algorithm); + this.algorithm = algorithm; + this.configuration = configuration; + } + + public void initialize( + int strength, + SecureRandom random) + { + this.strength = strength; + this.random = random; + + ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); + if (ecParams == null) + { + throw new InvalidParameterException("unknown key size."); + } + + try + { + initialize(ecParams, random); + } + catch (InvalidAlgorithmParameterException e) + { + throw new InvalidParameterException("key size not configurable."); + } + } + + public void initialize( + AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (params == null) + { + ECParameterSpec implicitCA = configuration.getEcImplicitlyCa(); + if (implicitCA == null) + { + throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set"); + } + + this.ecParams = null; + this.param = createKeyGenParamsBC(implicitCA, random); + } + else if (params instanceof ECParameterSpec) + { + this.ecParams = params; + this.param = createKeyGenParamsBC((ECParameterSpec)params, random); + } + else if (params instanceof java.security.spec.ECParameterSpec) + { + this.ecParams = params; + this.param = createKeyGenParamsJCE((java.security.spec.ECParameterSpec)params, random); + } + else if (params instanceof ECGenParameterSpec) + { + initializeNamedCurve(((ECGenParameterSpec)params).getName(), random); + } + else if (params instanceof ECNamedCurveGenParameterSpec) + { + initializeNamedCurve(((ECNamedCurveGenParameterSpec)params).getName(), random); + } + else + { + throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec"); + } + + engine.init(param); + initialised = true; + } + + public KeyPair generateKeyPair() + { + if (!initialised) + { + initialize(strength, new SecureRandom()); + } + + AsymmetricCipherKeyPair pair = engine.generateKeyPair(); + ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic(); + ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate(); + + if (ecParams instanceof ECParameterSpec) + { + ECParameterSpec p = (ECParameterSpec)ecParams; + + BCECPublicKey pubKey = new BCECPublicKey(algorithm, pub, p, configuration); + return new KeyPair(pubKey, + new BCECPrivateKey(algorithm, priv, pubKey, p, configuration)); + } + else if (ecParams == null) + { + return new KeyPair(new BCECPublicKey(algorithm, pub, configuration), + new BCECPrivateKey(algorithm, priv, configuration)); + } + else + { + java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams; + + BCECPublicKey pubKey = new BCECPublicKey(algorithm, pub, p, configuration); + + return new KeyPair(pubKey, new BCECPrivateKey(algorithm, priv, pubKey, p, configuration)); + } + } + + protected ECKeyGenerationParameters createKeyGenParamsBC(ECParameterSpec p, SecureRandom r) + { + return new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), r); + } + + protected ECKeyGenerationParameters createKeyGenParamsJCE(java.security.spec.ECParameterSpec p, SecureRandom r) + { + ECCurve curve = EC5Util.convertCurve(p.getCurve()); + ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false); + BigInteger n = p.getOrder(); + BigInteger h = BigInteger.valueOf(p.getCofactor()); + ECDomainParameters dp = new ECDomainParameters(curve, g, n, h); + return new ECKeyGenerationParameters(dp, r); + } + + protected ECNamedCurveSpec createNamedCurveSpec(String curveName) + throws InvalidAlgorithmParameterException + { + // NOTE: Don't bother with custom curves here as the curve will be converted to JCE type shortly + + X9ECParameters p = ECNamedCurveTable.getByName(curveName); + if (p == null) + { + try + { + // Check whether it's actually an OID string (SunJSSE ServerHandshaker setupEphemeralECDHKeys bug) + p = ECNamedCurveTable.getByOID(new ASN1ObjectIdentifier(curveName)); + if (p == null) + { + throw new InvalidAlgorithmParameterException("unknown curve OID: " + curveName); + } + } + catch (IllegalArgumentException ex) + { + throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName); + } + } + + // Work-around for JDK bug -- it won't look up named curves properly if seed is present + byte[] seed = null; //p.getSeed(); + + return new ECNamedCurveSpec(curveName, p.getCurve(), p.getG(), p.getN(), p.getH(), seed); + } + + protected void initializeNamedCurve(String curveName, SecureRandom random) + throws InvalidAlgorithmParameterException + { + ECNamedCurveSpec namedCurve = createNamedCurveSpec(curveName); + this.ecParams = namedCurve; + this.param = createKeyGenParamsJCE(namedCurve, random); + } + } + + public static class ECDSA + extends EC + { + public ECDSA() + { + super("ECDSA", BouncyCastleProvider.CONFIGURATION); + } + } + + public static class ECDH + extends EC + { + public ECDH() + { + super("ECDH", BouncyCastleProvider.CONFIGURATION); + } + } + + public static class ECDHC + extends EC + { + public ECDHC() + { + super("ECDHC", BouncyCastleProvider.CONFIGURATION); + } + } + + public static class ECMQV + extends EC + { + public ECMQV() + { + super("ECMQV", BouncyCastleProvider.CONFIGURATION); + } + } +}
\ No newline at end of file diff --git a/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java new file mode 100644 index 00000000..5846e393 --- /dev/null +++ b/prov/src/main/java/org/spongycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java @@ -0,0 +1,367 @@ +package org.spongycastle.jcajce.provider.asymmetric.ec; + +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; + +import org.spongycastle.asn1.ASN1EncodableVector; +import org.spongycastle.asn1.ASN1Encoding; +import org.spongycastle.asn1.ASN1Integer; +import org.spongycastle.asn1.ASN1Primitive; +import org.spongycastle.asn1.ASN1Sequence; +import org.spongycastle.asn1.DERSequence; +import org.spongycastle.crypto.CipherParameters; +import org.spongycastle.crypto.DSA; +import org.spongycastle.crypto.Digest; +import org.spongycastle.crypto.digests.NullDigest; +import org.spongycastle.crypto.digests.RIPEMD160Digest; +import org.spongycastle.crypto.digests.SHA1Digest; +import org.spongycastle.crypto.digests.SHA224Digest; +import org.spongycastle.crypto.digests.SHA256Digest; +import org.spongycastle.crypto.digests.SHA384Digest; +import org.spongycastle.crypto.digests.SHA512Digest; +import org.spongycastle.crypto.params.ParametersWithRandom; +import org.spongycastle.crypto.signers.ECDSASigner; +import org.spongycastle.crypto.signers.ECNRSigner; +import org.spongycastle.crypto.signers.HMacDSAKCalculator; +import org.spongycastle.jcajce.provider.asymmetric.util.DSABase; +import org.spongycastle.jcajce.provider.asymmetric.util.DSAEncoder; +import org.spongycastle.jcajce.provider.asymmetric.util.ECUtil; + +public class SignatureSpi + extends DSABase +{ + SignatureSpi(Digest digest, DSA signer, DSAEncoder encoder) + { + super(digest, signer, encoder); + } + + protected void engineInitVerify(PublicKey publicKey) + throws InvalidKeyException + { + CipherParameters param = ECUtil.generatePublicKeyParameter(publicKey); + + digest.reset(); + signer.init(false, param); + } + + protected void engineInitSign( + PrivateKey privateKey) + throws InvalidKeyException + { + CipherParameters param = ECUtil.generatePrivateKeyParameter(privateKey); + + digest.reset(); + + if (appRandom != null) + { + signer.init(true, new ParametersWithRandom(param, appRandom)); + } + else + { + signer.init(true, param); + } + } + + static public class ecDSA + extends SignatureSpi + { + public ecDSA() + { + super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSA + extends SignatureSpi + { + public ecDetDSA() + { + super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); + } + } + + static public class ecDSAnone + extends SignatureSpi + { + public ecDSAnone() + { + super(new NullDigest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDSA224 + extends SignatureSpi + { + public ecDSA224() + { + super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSA224 + extends SignatureSpi + { + public ecDetDSA224() + { + super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); + } + } + + static public class ecDSA256 + extends SignatureSpi + { + public ecDSA256() + { + super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSA256 + extends SignatureSpi + { + public ecDetDSA256() + { + super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); + } + } + + static public class ecDSA384 + extends SignatureSpi + { + public ecDSA384() + { + super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSA384 + extends SignatureSpi + { + public ecDetDSA384() + { + super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); + } + } + + static public class ecDSA512 + extends SignatureSpi + { + public ecDSA512() + { + super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSA512 + extends SignatureSpi + { + public ecDetDSA512() + { + super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); + } + } + + static public class ecDSARipeMD160 + extends SignatureSpi + { + public ecDSARipeMD160() + { + super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecNR + extends SignatureSpi + { + public ecNR() + { + super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR224 + extends SignatureSpi + { + public ecNR224() + { + super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR256 + extends SignatureSpi + { + public ecNR256() + { + super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR384 + extends SignatureSpi + { + public ecNR384() + { + super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR512 + extends SignatureSpi + { + public ecNR512() + { + super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecCVCDSA + extends SignatureSpi + { + public ecCVCDSA() + { + super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA224 + extends SignatureSpi + { + public ecCVCDSA224() + { + super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA256 + extends SignatureSpi + { + public ecCVCDSA256() + { + super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA384 + extends SignatureSpi + { + public ecCVCDSA384() + { + super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA512 + extends SignatureSpi + { + public ecCVCDSA512() + { + super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecPlainDSARP160 + extends SignatureSpi + { + public ecPlainDSARP160() + { + super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + private static class StdDSAEncoder + implements DSAEncoder + { + public byte[] encode( + BigInteger r, + BigInteger s) + throws IOException + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(new ASN1Integer(r)); + v.add(new ASN1Integer(s)); + + return new DERSequence(v).getEncoded(ASN1Encoding.DER); + } + + public BigInteger[] decode( + byte[] encoding) + throws IOException + { + ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(encoding); + BigInteger[] sig = new BigInteger[2]; + + sig[0] = ASN1Integer.getInstance(s.getObjectAt(0)).getValue(); + sig[1] = ASN1Integer.getInstance(s.getObjectAt(1)).getValue(); + + return sig; + } + } + + private static class PlainDSAEncoder + implements DSAEncoder + { + public byte[] encode( + BigInteger r, + BigInteger s) + throws IOException + { + byte[] first = makeUnsigned(r); + byte[] second = makeUnsigned(s); + byte[] res; + + if (first.length > second.length) + { + res = new byte[first.length * 2]; + } + else + { + res = new byte[second.length * 2]; + } + + System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); + System.arraycopy(second, 0, res, res.length - second.length, second.length); + + return res; + } + + + private byte[] makeUnsigned(BigInteger val) + { + byte[] res = val.toByteArray(); + + if (res[0] == 0) + { + byte[] tmp = new byte[res.length - 1]; + + System.arraycopy(res, 1, tmp, 0, tmp.length); + + return tmp; + } + + return res; + } + + public BigInteger[] decode( + byte[] encoding) + throws IOException + { + BigInteger[] sig = new BigInteger[2]; + + byte[] first = new byte[encoding.length / 2]; + byte[] second = new byte[encoding.length / 2]; + + System.arraycopy(encoding, 0, first, 0, first.length); + System.arraycopy(encoding, first.length, second, 0, second.length); + + sig[0] = new BigInteger(1, first); + sig[1] = new BigInteger(1, second); + + return sig; + } + } +}
\ No newline at end of file |