digest.update(((EdDSAPrivateKey) key).getAbyte()); digest.update(message, offset, length); byte[] h = digest.digest();
@Override public String encodePrivateKey(OutputStream s, EdDSAPrivateKey key) throws IOException { Objects.requireNonNull(key, "No private key provided"); // ed25519 bernstein naming: pk .. public key, sk .. secret key // we are expected to write the following arrays (type:size): // [pk:32], [sk:32,pk:32] byte[] sk = key.getSeed(); byte[] pk = key.getAbyte(); Objects.requireNonNull(sk, "No seed"); byte[] keypair = new byte[KEYPAIR_SIZE]; System.arraycopy(sk, 0, keypair, 0, SK_SIZE); System.arraycopy(pk, 0, keypair, SK_SIZE, PK_SIZE); KeyEntryResolver.writeRLEBytes(s, pk); KeyEntryResolver.writeRLEBytes(s, keypair); return KeyPairProvider.SSH_ED25519; }
@Override public String encodePrivateKey(OutputStream s, EdDSAPrivateKey key) throws IOException { Objects.requireNonNull(key, "No private key provided"); // ed25519 bernstein naming: pk .. public key, sk .. secret key // we are expected to write the following arrays (type:size): // [pk:32], [sk:32,pk:32] byte[] sk = key.getSeed(); byte[] pk = key.getAbyte(); Objects.requireNonNull(sk, "No seed"); byte[] keypair = new byte[KEYPAIR_SIZE]; System.arraycopy(sk, 0, keypair, 0, SK_SIZE); System.arraycopy(pk, 0, keypair, SK_SIZE, PK_SIZE); KeyEntryResolver.writeRLEBytes(s, pk); KeyEntryResolver.writeRLEBytes(s, keypair); return KeyPairProvider.SSH_ED25519; }
private byte[] doPairVerify1(Socket socket, byte[] randomPublicKey) throws Exception { return AuthUtils.postData(socket, "/pair-verify", "application/octet-stream", AuthUtils.concatByteArrays(new byte[]{1, 0, 0, 0}, randomPublicKey, authKey.getAbyte())); }
public static EdDSAPublicKey recoverEDDSAPublicKey(PrivateKey key) throws GeneralSecurityException { ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), SecurityUtils.EDDSA + " not supported"); if (!(key instanceof EdDSAPrivateKey)) { throw new InvalidKeyException("Private key is not " + SecurityUtils.EDDSA); } EdDSAPrivateKey prvKey = (EdDSAPrivateKey) key; EdDSAPublicKeySpec keySpec = new EdDSAPublicKeySpec(prvKey.getAbyte(), prvKey.getParams()); KeyFactory factory = SecurityUtils.getKeyFactory(SecurityUtils.EDDSA); return EdDSAPublicKey.class.cast(factory.generatePublic(keySpec)); }
public static EdDSAPublicKey recoverEDDSAPublicKey(PrivateKey key) throws GeneralSecurityException { ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), SecurityUtils.EDDSA + " not supported"); if (!(key instanceof EdDSAPrivateKey)) { throw new InvalidKeyException("Private key is not " + SecurityUtils.EDDSA); } EdDSAPrivateKey prvKey = (EdDSAPrivateKey) key; EdDSAPublicKeySpec keySpec = new EdDSAPublicKeySpec(prvKey.getAbyte(), prvKey.getParams()); KeyFactory factory = SecurityUtils.getKeyFactory(SecurityUtils.EDDSA); return EdDSAPublicKey.class.cast(factory.generatePublic(keySpec)); }
private PairSetupPin3Response doPairSetupPin3(Socket socket, final byte[] sessionKeyHashK) throws Exception { MessageDigest sha512Digest = MessageDigest.getInstance("SHA-512"); sha512Digest.update("Pair-Setup-AES-Key".getBytes(StandardCharsets.UTF_8)); sha512Digest.update(sessionKeyHashK); byte[] aesKey = Arrays.copyOfRange(sha512Digest.digest(), 0, 16); sha512Digest.update("Pair-Setup-AES-IV".getBytes(StandardCharsets.UTF_8)); sha512Digest.update(sessionKeyHashK); byte[] aesIV = Arrays.copyOfRange(sha512Digest.digest(), 0, 16); int lengthB; int lengthA = lengthB = aesIV.length - 1; for (; lengthB >= 0 && 256 == ++aesIV[lengthA]; lengthA = lengthB += -1) ; Cipher aesGcm128Encrypt = Cipher.getInstance("AES/GCM/NoPadding"); SecretKeySpec secretKey = new SecretKeySpec(aesKey, "AES"); aesGcm128Encrypt.init(Cipher.ENCRYPT_MODE, secretKey, new GCMParameterSpec(128, aesIV)); final byte[] aesGcm128ClientLTPK = aesGcm128Encrypt.doFinal(authKey.getAbyte()); byte[] pairSetupPinRequestData = AuthUtils.createPList(new HashMap<String, byte[]>() {{ put("epk", Arrays.copyOfRange(aesGcm128ClientLTPK, 0, aesGcm128ClientLTPK.length - 16)); put("authTag", Arrays.copyOfRange(aesGcm128ClientLTPK, aesGcm128ClientLTPK.length - 16, aesGcm128ClientLTPK.length)); }}); byte[] pairSetupPin3ResponseBytes = AuthUtils.postData(socket, "/pair-setup-pin", "application/x-apple-binary-plist", pairSetupPinRequestData); NSDictionary pairSetupPin3Response = (NSDictionary) PropertyListParser.parse(pairSetupPin3ResponseBytes); if (pairSetupPin3Response.containsKey("epk") && pairSetupPin3Response.containsKey("authTag")) { byte[] epk = ((NSData) pairSetupPin3Response.get("epk")).bytes(); byte[] authTag = ((NSData) pairSetupPin3Response.get("authTag")).bytes(); return new PairSetupPin3Response(epk, authTag); } throw new Exception(); }
if (!Arrays.equals(privateKey.getAbyte(), pk)) { throw new InvalidKeyException("The provided pk does NOT match the computed pk for the given sk.");
if (!Arrays.equals(privateKey.getAbyte(), pk)) { throw new InvalidKeyException("The provided pk does NOT match the computed pk for the given sk.");
digest.update(((EdDSAPrivateKey) key).getAbyte()); digest.update(message, offset, length); byte[] h = digest.digest();
/** * Signs a message. * * @param message * message * @return */ public Signature sign(byte[] message) { try { byte[] sig; if (Native.isEnabled()) { sig = Native.sign(message, Bytes.merge(sk.getSeed(), sk.getAbyte())); } else { EdDSAEngine engine = new EdDSAEngine(); engine.initSign(sk); sig = engine.signOneShot(message); } return new Signature(sig, pk.getAbyte()); } catch (InvalidKeyException | SignatureException e) { throw new CryptoException(e); } }