/** * <p>Verifies the given ECDSA signature against the message bytes using the public key bytes.</p> * * <p>When using native ECDSA verification, data must be 32 bytes, and no element may be * larger than 520 bytes.</p> * * @param data Hash of the data to verify. * @param signature signature. * @param pub The public key bytes to use. * * @return - */ public static boolean verify(byte[] data, ECDSASignature signature, byte[] pub) { ECDSASigner signer = new ECDSASigner(); ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub), CURVE); signer.init(false, params); try { return signer.verifySignature(data, signature.r, signature.s); } catch (NullPointerException npe) { // Bouncy Castle contains a bug that can cause NPEs given specially crafted signatures. // Those signatures are inherently invalid/attack sigs so we just fail them here rather than crash the thread. logger.error("Caught NPE inside bouncy castle", npe); return false; } }
@Override public byte[] getEncoded(AsymmetricKeyParameter asymmetricKeyParameter) { return ((ECPublicKeyParameters) asymmetricKeyParameter).getQ().getEncoded(false); } }
public BigInteger calculateAgreement( CipherParameters pubKey) { ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey; ECDomainParameters params = pub.getParameters(); ECPoint P = pub.getQ().multiply(params.getH().multiply(key.getD())); // if (p.isInfinity()) throw new RuntimeException("Invalid public key"); return P.getX().toBigInteger(); } }
public AsymmetricCipherKeyPair generateKeyPair() { AsymmetricCipherKeyPair pair = super.generateKeyPair(); ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic(); ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate(); pub = new ECPublicKeyParameters(pub.getQ().negate(), pub.getParameters()); return new AsymmetricCipherKeyPair(pub, priv); } }
public void generateClientKeyExchange(OutputStream os) throws IOException { if (agreementCredentials == null) { generateEphemeralClientKeyExchange(ecAgreeServerPublicKey.getParameters(), os); } }
public BCECGOST3410PublicKey( String algorithm, ECPublicKeyParameters params, ECParameterSpec spec) { ECDomainParameters dp = params.getParameters(); this.algorithm = algorithm; this.q = params.getQ(); if (spec == null) { EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); this.ecSpec = createSpec(ellipticCurve, dp); } else { this.ecSpec = spec; } }
public MQVPublicParameters( ECPublicKeyParameters staticPublicKey, ECPublicKeyParameters ephemeralPublicKey) { if (staticPublicKey == null) { throw new NullPointerException("staticPublicKey cannot be null"); } if (ephemeralPublicKey == null) { throw new NullPointerException("ephemeralPublicKey cannot be null"); } if (!staticPublicKey.getParameters().equals(ephemeralPublicKey.getParameters())) { throw new IllegalArgumentException("Static and ephemeral public keys have different domain parameters"); } this.staticPublicKey = staticPublicKey; this.ephemeralPublicKey = ephemeralPublicKey; }
public BigInteger keyAgreement(ECPoint otherParty) { if (privKey == null) { throw new MissingPrivateKeyException(); } else if (privKey instanceof BCECPrivateKey) { final ECDHBasicAgreement agreement = new ECDHBasicAgreement(); agreement.init(new ECPrivateKeyParameters(((BCECPrivateKey) privKey).getD(), CURVE)); return agreement.calculateAgreement(new ECPublicKeyParameters(otherParty, CURVE)); } else { try { final KeyAgreement agreement = ECKeyAgreement.getInstance(this.provider); agreement.init(this.privKey); agreement.doPhase( ECKeyFactory.getInstance(this.provider) .generatePublic(new ECPublicKeySpec(otherParty, CURVE_SPEC)), /* lastPhase */ true); return new BigInteger(1, agreement.generateSecret()); } catch (IllegalStateException | InvalidKeyException | InvalidKeySpecException ex) { throw new RuntimeException("ECDH key agreement failure", ex); } } }
public byte[] getEncoded(AsymmetricKeyParameter keyParameter) { return ((ECPublicKeyParameters)keyParameter).getQ().getEncoded(); } });
public JCEECPublicKey( String algorithm, ECPublicKeyParameters params, ECParameterSpec spec) { ECDomainParameters dp = params.getParameters(); this.algorithm = algorithm; this.q = params.getQ(); if (spec == null) { EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); this.ecSpec = createSpec(ellipticCurve, dp); } else { this.ecSpec = spec; } }
public SM2KeyExchangePublicParameters( ECPublicKeyParameters staticPublicKey, ECPublicKeyParameters ephemeralPublicKey) { if (staticPublicKey == null) { throw new NullPointerException("staticPublicKey cannot be null"); } if (ephemeralPublicKey == null) { throw new NullPointerException("ephemeralPublicKey cannot be null"); } if (!staticPublicKey.getParameters().equals(ephemeralPublicKey.getParameters())) { throw new IllegalArgumentException("Static and ephemeral public keys have different domain parameters"); } this.staticPublicKey = staticPublicKey; this.ephemeralPublicKey = ephemeralPublicKey; }
private static EthereumIESEngine makeIESEngine(boolean isEncrypt, ECPoint pub, BigInteger prv, byte[] IV) { AESEngine aesFastEngine = new AESEngine(); EthereumIESEngine iesEngine = new EthereumIESEngine( new ECDHBasicAgreement(), new ConcatKDFBytesGenerator(new SHA256Digest()), new HMac(new SHA256Digest()), new SHA256Digest(), new BufferedBlockCipher(new SICBlockCipher(aesFastEngine))); byte[] d = new byte[] {}; byte[] e = new byte[] {}; IESParameters p = new IESWithCipherParameters(d, e, KEY_SIZE, KEY_SIZE); ParametersWithIV parametersWithIV = new ParametersWithIV(p, IV); iesEngine.init(isEncrypt, new ECPrivateKeyParameters(prv, CURVE), new ECPublicKeyParameters(pub, CURVE), parametersWithIV); return iesEngine; }
public static byte[] encrypt(ECPoint toPub, byte[] plaintext, byte[] macData) { ECKeyPairGenerator eGen = new ECKeyPairGenerator(); SecureRandom random = new SecureRandom(); KeyGenerationParameters gParam = new ECKeyGenerationParameters(CURVE, random); eGen.init(gParam); byte[] IV = new byte[KEY_SIZE/8]; new SecureRandom().nextBytes(IV); AsymmetricCipherKeyPair ephemPair = eGen.generateKeyPair(); BigInteger prv = ((ECPrivateKeyParameters)ephemPair.getPrivate()).getD(); ECPoint pub = ((ECPublicKeyParameters)ephemPair.getPublic()).getQ(); EthereumIESEngine iesEngine = makeIESEngine(true, toPub, prv, IV); ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(CURVE, random); ECKeyPairGenerator generator = new ECKeyPairGenerator(); generator.init(keygenParams); ECKeyPairGenerator gen = new ECKeyPairGenerator(); gen.init(new ECKeyGenerationParameters(ECKey.CURVE, random)); byte[] cipher; try { cipher = iesEngine.processBlock(plaintext, 0, plaintext.length, macData); ByteArrayOutputStream bos = new ByteArrayOutputStream(); bos.write(pub.getEncoded(false)); bos.write(IV); bos.write(cipher); return bos.toByteArray(); } catch (InvalidCipherTextException e) { throw Throwables.propagate(e); } catch (IOException e) { throw Throwables.propagate(e); } }
public JCEECPublicKey( String algorithm, ECPublicKeyParameters params, ECParameterSpec spec) { ECDomainParameters dp = params.getParameters(); this.algorithm = algorithm; this.q = params.getQ(); if (spec == null) { EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); this.ecSpec = createSpec(ellipticCurve, dp); } else { this.ecSpec = spec; } }
public void generateClientKeyExchange(OutputStream output) throws IOException { if (agreementCredentials == null) { this.ecAgreePrivateKey = TlsECCUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(), serverECPointFormats, ecAgreePublicKey.getParameters(), output); } }
new EphemeralKeyPairGenerator(/*testGen*/eGen, new ECIESPublicKeyEncoder()); iesEngine.init(new ECPublicKeyParameters(pub, CURVE), parametersWithIV, ephemeralKeyPairGenerator);
public static byte[] encrypt(ECPoint toPub, byte[] plaintext) throws InvalidCipherTextException, IOException { ECKeyPairGenerator eGen = new ECKeyPairGenerator(); SecureRandom random = new SecureRandom(); KeyGenerationParameters gParam = new ECKeyGenerationParameters(curve, random); eGen.init(gParam); byte[] IV = new byte[KEY_SIZE/8]; new SecureRandom().nextBytes(IV); AsymmetricCipherKeyPair ephemPair = eGen.generateKeyPair(); BigInteger prv = ((ECPrivateKeyParameters)ephemPair.getPrivate()).getD(); ECPoint pub = ((ECPublicKeyParameters)ephemPair.getPublic()).getQ(); EthereumIESEngine iesEngine = makeIESEngine(true, toPub, prv, IV); ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(curve, random); ECKeyPairGenerator generator = new ECKeyPairGenerator(); generator.init(keygenParams); ECKeyPairGenerator gen = new ECKeyPairGenerator(); gen.init(new ECKeyGenerationParameters(ECKey.CURVE, random)); byte[] cipher = iesEngine.processBlock(plaintext, 0, plaintext.length); ByteArrayOutputStream bos = new ByteArrayOutputStream(); bos.write(pub.getEncoded(false)); bos.write(IV); bos.write(cipher); return bos.toByteArray(); }
public BCECPublicKey( String algorithm, ECPublicKeyParameters params, ECParameterSpec spec, ProviderConfiguration configuration) { ECDomainParameters dp = params.getParameters(); this.algorithm = algorithm; this.q = params.getQ(); if (spec == null) { EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); this.ecSpec = createSpec(ellipticCurve, dp); } else { this.ecSpec = spec; } this.configuration = configuration; }
public BCECGOST3410PublicKey( String algorithm, ECPublicKeyParameters params, ECParameterSpec spec) { ECDomainParameters dp = params.getParameters(); this.algorithm = algorithm; this.ecPublicKey = params; if (spec == null) { EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); this.ecSpec = createSpec(ellipticCurve, dp); } else { this.ecSpec = spec; } }
public static byte[] decrypt(ECPoint ephem, BigInteger prv, byte[] IV, byte[] cipher, byte[] macData) throws InvalidCipherTextException { AESEngine aesFastEngine = new AESEngine(); EthereumIESEngine iesEngine = new EthereumIESEngine( new ECDHBasicAgreement(), new ConcatKDFBytesGenerator(new SHA256Digest()), new HMac(new SHA256Digest()), new SHA256Digest(), new BufferedBlockCipher(new SICBlockCipher(aesFastEngine))); byte[] d = new byte[] {}; byte[] e = new byte[] {}; IESParameters p = new IESWithCipherParameters(d, e, KEY_SIZE, KEY_SIZE); ParametersWithIV parametersWithIV = new ParametersWithIV(p, IV); iesEngine.init(false, new ECPrivateKeyParameters(prv, CURVE), new ECPublicKeyParameters(ephem, CURVE), parametersWithIV); return iesEngine.processBlock(cipher, 0, cipher.length, macData); }