Java Code Examples for org.bouncycastle.crypto.signers.RSADigestSigner

The following are top voted examples for showing how to use org.bouncycastle.crypto.signers.RSADigestSigner. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to product more good examples.

Example 1
Project: cryptacular   File: KeyPairUtil.java View source code 7 votes vote down vote up
/**
 * Determines whether the given RSA public and private keys form a proper key pair by computing and verifying a
 * digital signature with the keys.
 *
 * @param  pubKey  RSA public key.
 * @param  privKey  RSA private key.
 *
 * @return  True if the keys form a functioning keypair, false otherwise. Errors during signature verification are
 *          treated as false.
 *
 * @throws  org.cryptacular.CryptoException  on key validation errors.
 */
public static boolean isKeyPair(final RSAPublicKey pubKey, final RSAPrivateKey privKey)
    throws org.cryptacular.CryptoException
{
  final RSADigestSigner signer = new RSADigestSigner(new SHA256Digest());
  try {
    signer.init(true, new RSAKeyParameters(true, privKey.getModulus(), privKey.getPrivateExponent()));
    signer.update(SIGN_BYTES, 0, SIGN_BYTES.length);
    final byte[] sig = signer.generateSignature();
    signer.init(false, new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent()));
    signer.update(SIGN_BYTES, 0, SIGN_BYTES.length);
    return signer.verifySignature(sig);
  } catch (Exception e) {
    throw new org.cryptacular.CryptoException("Signature computation error", e);
  }
}
 
Example 2
Project: irma_future_id   File: BcRSAContentSignerBuilder.java View source code 6 votes vote down vote up
protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
    throws OperatorCreationException
{
    Digest dig = digestProvider.get(digAlgId);

    return new RSADigestSigner(dig);
}
 
Example 3
Project: irma_future_id   File: BcRSAContentVerifierProviderBuilder.java View source code 6 votes vote down vote up
protected Signer createSigner(AlgorithmIdentifier sigAlgId)
    throws OperatorCreationException
{
    AlgorithmIdentifier digAlg = digestAlgorithmFinder.find(sigAlgId);
    Digest dig = digestProvider.get(digAlg);

    return new RSADigestSigner(dig);
}
 
Example 4
Project: irma_future_id   File: BcImplProvider.java View source code 6 votes vote down vote up
static Signer createSigner(int keyAlgorithm, int hashAlgorithm)
    throws PGPException
{
    switch(keyAlgorithm)
    {
    case PublicKeyAlgorithmTags.RSA_GENERAL:
    case PublicKeyAlgorithmTags.RSA_SIGN:
        return new RSADigestSigner(createDigest(hashAlgorithm));
    case PublicKeyAlgorithmTags.DSA:
        return new DSADigestSigner(new DSASigner(), createDigest(hashAlgorithm));
    default:
        throw new PGPException("cannot recognise keyAlgorithm");
    }
}
 
Example 5
Project: irma_future_id   File: RSADigestSignerTest.java View source code 6 votes vote down vote up
public void performTest() throws Exception
{
    BigInteger rsaPubMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
    BigInteger rsaPubExp = new BigInteger(Base64.decode("EQ=="));
    BigInteger rsaPrivMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
    BigInteger rsaPrivDP = new BigInteger(Base64.decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ=="));
    BigInteger rsaPrivDQ = new BigInteger(Base64.decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ=="));
    BigInteger rsaPrivExp = new BigInteger(Base64.decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E="));
    BigInteger rsaPrivP = new BigInteger(Base64.decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE="));
    BigInteger rsaPrivQ = new BigInteger(Base64.decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0="));
    BigInteger rsaPrivQinv = new BigInteger(Base64.decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg=="));
    RSAKeyParameters rsaPublic = new RSAKeyParameters(false, rsaPubMod, rsaPubExp);
    RSAPrivateCrtKeyParameters rsaPrivate = new RSAPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);

    byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 };

    RSADigestSigner signer = new RSADigestSigner(new SHA1Digest());
    signer.init(true, rsaPrivate);
    signer.update(msg, 0, msg.length);
    byte[] sig = signer.generateSignature();

    signer = new RSADigestSigner(new SHA1Digest(), X509ObjectIdentifiers.id_SHA1);
    signer.init(false, rsaPublic);
    signer.update(msg, 0, msg.length);
    if (!signer.verifySignature(sig))
    {
        fail("RSA Digest Signer failed.");
    }
}
 
Example 6
Project: irma_future_id   File: TlsRSASigner.java View source code 6 votes vote down vote up
protected Signer makeSigner(SignatureAndHashAlgorithm algorithm, boolean raw, boolean forSigning,
    CipherParameters cp)
{
    if ((algorithm != null) != TlsUtils.isTLSv12(context))
    {
        throw new IllegalStateException();
    }

    if (algorithm != null && algorithm.getSignature() != SignatureAlgorithm.rsa)
    {
        throw new IllegalStateException();
    }

    Digest d;
    if (raw)
    {
        d = new NullDigest();
    }
    else if (algorithm == null)
    {
        d = new CombinedHash();
    }
    else
    {
        d = TlsUtils.createHash(algorithm.getHash());
    }

    Signer s;
    if (algorithm != null)
    {
        /*
         * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated
         * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1].
         */
        s = new RSADigestSigner(d, TlsUtils.getOIDForHashAlgorithm(algorithm.getHash()));
    }
    else
    {
        /*
         * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme
         * that did not include a DigestInfo encoding.
         */
        s = new GenericSigner(createRSAImpl(), d);
    }
    s.init(forSigning, cp);
    return s;
}
 
Example 7
Project: xipki   File: BcRSAContentVerifierProviderBuilder.java View source code 6 votes vote down vote up
protected Signer createSigner(
        final AlgorithmIdentifier sigAlgId)
throws OperatorCreationException {
    AlgorithmIdentifier digAlgId = digestAlgorithmFinder.find(sigAlgId);
    Digest dig = digestProvider.get(digAlgId);

    if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
        return SignerUtil.createPSSRSASigner(sigAlgId);
    } else {
        return new RSADigestSigner(dig);
    }
}
 
Example 8
Project: xipki   File: SoftTokenContentSignerBuilder.java View source code 6 votes vote down vote up
protected Signer createSigner(
        final AlgorithmIdentifier sigAlgId,
        final AlgorithmIdentifier digAlgId)
throws OperatorCreationException {
    if (!AlgorithmUtil.isRSASignatureAlgoId(sigAlgId)) {
        throw new OperatorCreationException(
                "the given algorithm is not a valid RSA signature algirthm '"
                + sigAlgId.getAlgorithm().getId() + "'");
    }

    if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
        if (Security.getProvider(PROVIDER_XIPKI_NSS_CIPHER) != null) {
            NssPlainRSASigner plainRSASigner;
            try {
                plainRSASigner = new NssPlainRSASigner();
            } catch (NoSuchAlgorithmException e) {
                throw new OperatorCreationException(e.getMessage(), e);
            } catch (NoSuchProviderException e) {
                throw new OperatorCreationException(e.getMessage(), e);
            } catch (NoSuchPaddingException e) {
                throw new OperatorCreationException(e.getMessage(), e);
            }
            return SignerUtil.createPSSRSASigner(sigAlgId, plainRSASigner);
        } else {
            return SignerUtil.createPSSRSASigner(sigAlgId);
        }
    } else {
        Digest dig = digestProvider.get(digAlgId);
        return new RSADigestSigner(dig);
    }
}
 
Example 9
Project: jcardsim   File: AsymmetricSignatureImpl.java View source code 6 votes vote down vote up
public AsymmetricSignatureImpl(byte algorithm) {
    this.algorithm = algorithm;
    isRecovery = false;
    switch (algorithm) {
        case ALG_RSA_SHA_ISO9796:
            engine = new ISO9796d2Signer(new RSAEngine(), new SHA1Digest());
            break;
        case ALG_RSA_SHA_ISO9796_MR:    
            engine = new ISO9796d2Signer(new RSAEngine(), new SHA1Digest());
            isRecovery = true;
            break;
        case ALG_RSA_SHA_PKCS1:
            engine = new RSADigestSigner(new SHA1Digest());
            break;
        case ALG_RSA_MD5_PKCS1:
            engine = new RSADigestSigner(new MD5Digest());
            break;
        case ALG_RSA_RIPEMD160_ISO9796:
            engine = new ISO9796d2Signer(new RSAEngine(), new RIPEMD160Digest());
            break;
        case ALG_RSA_RIPEMD160_PKCS1:
            engine = new RSADigestSigner(new RIPEMD160Digest());
            break;
        case ALG_ECDSA_SHA:
            engine = new DSADigestSigner(new ECDSASigner(), new SHA1Digest());
            break;
    }
}
 
Example 10
Project: dc--   File: RSADigestSignerTest.java View source code 6 votes vote down vote up
public void performTest() throws Exception
{
    BigInteger rsaPubMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
    BigInteger rsaPubExp = new BigInteger(Base64.decode("EQ=="));
    BigInteger rsaPrivMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
    BigInteger rsaPrivDP = new BigInteger(Base64.decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ=="));
    BigInteger rsaPrivDQ = new BigInteger(Base64.decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ=="));
    BigInteger rsaPrivExp = new BigInteger(Base64.decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E="));
    BigInteger rsaPrivP = new BigInteger(Base64.decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE="));
    BigInteger rsaPrivQ = new BigInteger(Base64.decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0="));
    BigInteger rsaPrivQinv = new BigInteger(Base64.decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg=="));
    RSAKeyParameters rsaPublic = new RSAKeyParameters(false, rsaPubMod, rsaPubExp);
    RSAPrivateCrtKeyParameters rsaPrivate = new RSAPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);

    byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 };

    RSADigestSigner signer = new RSADigestSigner(new SHA1Digest());
    signer.init(true, rsaPrivate);
    signer.update(msg, 0, msg.length);
    byte[] sig = signer.generateSignature();

    signer.init(false,rsaPublic);
    signer.update(msg, 0, msg.length);
    if (!signer.verifySignature(sig))
    {
        fail("RSA IDigest Signer failed.");
    }
}
 
Example 11
Project: atlas-lb   File: BcRSAContentSignerBuilder.java View source code 6 votes vote down vote up
protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
    throws OperatorCreationException
{
    Digest dig = BcUtil.createDigest(digAlgId);

    return new RSADigestSigner(dig);
}
 
Example 12
Project: atlas-lb   File: BcRSAContentVerifierProviderBuilder.java View source code 6 votes vote down vote up
protected Signer createSigner(AlgorithmIdentifier sigAlgId)
    throws OperatorCreationException
{
    AlgorithmIdentifier digAlg = digestAlgorithmFinder.find(sigAlgId);
    Digest dig = BcUtil.createDigest(digAlg);

    return new RSADigestSigner(dig);
}
 
Example 13
Project: nfc-eclipse-plugin   File: SignatureVerifier.java View source code 6 votes vote down vote up
public boolean verifyRSASSA_PKCS1_v1_5_WITH_SHA_1(X509Certificate certificate, byte[] signature, byte[] covered) {
       BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey();

       RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent());

       SHA1Digest digest = new SHA1Digest();
       
	RSADigestSigner rsaDigestSigner = new RSADigestSigner(digest);
       rsaDigestSigner.init(false, pubParameters);
       rsaDigestSigner.update(covered, 0, covered.length);

       return rsaDigestSigner.verifySignature(signature);
}
 
Example 14
Project: TinyTravelTracker   File: TlsRSASigner.java View source code 6 votes vote down vote up
protected Signer makeSigner(SignatureAndHashAlgorithm algorithm, boolean raw, boolean forSigning,
    CipherParameters cp)
{
    if ((algorithm != null) != TlsUtils.isTLSv12(context))
    {
        throw new IllegalStateException();
    }

    if (algorithm != null && algorithm.getSignature() != SignatureAlgorithm.rsa)
    {
        throw new IllegalStateException();
    }

    Digest d;
    if (raw)
    {
        d = new NullDigest();
    }
    else if (algorithm == null)
    {
        d = new CombinedHash();
    }
    else
    {
        d = TlsUtils.createHash(algorithm.getHash());
    }

    Signer s;
    if (algorithm != null)
    {
        /*
         * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated
         * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1].
         */
        s = new RSADigestSigner(d, TlsUtils.getOIDForHashAlgorithm(algorithm.getHash()));
    }
    else
    {
        /*
         * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme
         * that did not include a DigestInfo encoding.
         */
        s = new GenericSigner(createRSAImpl(), d);
    }
    s.init(forSigning, cp);
    return s;
}
 
Example 15
Project: nfc-eclipse-plugin   File: SignatureVerifier.java View source code 5 votes vote down vote up
public Boolean verify(CertificateFormat certificateFormat, byte[] certificateBytes, SignatureType signatureType, byte[] signatureBytes, byte[] coveredBytes) throws CertificateException, NoSuchProviderException {

		if (Security.getProvider("BC") == null) {
            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        }

		Certificate certificate = null;
		if(certificateFormat == CertificateFormat.X_509) {
			java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509", "BC");

			certificate = cf.generateCertificate(new ByteArrayInputStream(certificateBytes));
		}

		if(signatureType == SignatureType.RSASSA_PKCS1_v1_5_WITH_SHA_1) {

			BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey();

	        RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent());

	        SHA1Digest digest = new SHA1Digest();
	        
			RSADigestSigner rsaDigestSigner = new RSADigestSigner(digest);
	        rsaDigestSigner.init(false, pubParameters);
	        rsaDigestSigner.update(coveredBytes, 0, coveredBytes.length);

	        return rsaDigestSigner.verifySignature(signatureBytes);
		} else if(signatureType == SignatureType.RSASSA_PSS_SHA_1) {
			BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey();

	        RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent());

            AsymmetricBlockCipher rsaEngine = new RSABlindedEngine();
            rsaEngine.init(false, pubParameters);

            SHA1Digest digest = new SHA1Digest();

            PSSSigner signer = new PSSSigner(rsaEngine, digest, digest.getDigestSize());
            signer.init(true, pubParameters);
            signer.update(coveredBytes, 0, coveredBytes.length);

            return signer.verifySignature(signatureBytes);
		} else if(signatureType == SignatureType.ECDSA) {
			
			// http://en.wikipedia.org/wiki/Elliptic_Curve_DSA
			// http://stackoverflow.com/questions/11339788/tutorial-of-ecdsa-algorithm-to-sign-a-string
			// http://www.bouncycastle.org/wiki/display/JA1/Elliptic+Curve+Key+Pair+Generation+and+Key+Factories
			// http://java2s.com/Open-Source/Java/Security/Bouncy-Castle/org/bouncycastle/crypto/test/ECTest.java.htm
			
			/*
			BCRSAPublicKey key = (BCRSAPublicKey) certificate.getPublicKey();

	        RSAKeyParameters pubParameters = new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent());

            org.bouncycastle.crypto.signers.ECDSASigner signer = new org.bouncycastle.crypto.signers.ECDSASigner();
            signer.init(false, pubParameters);

	        SHA1Digest digest = new SHA1Digest();
            digest.update(coveredBytes, 0, coveredBytes.length);

            return signer.verifySignature(signatureBytes);
            */
		} else if(signatureType == SignatureType.DSA) {
			
			ASN1InputStream aIn = new ASN1InputStream(signatureBytes);
			ASN1Primitive o;
			try {
				o = aIn.readObject();

				ASN1Sequence asn1Sequence = (ASN1Sequence) o;
	
				BigInteger r = DERInteger.getInstance(asn1Sequence.getObjectAt(0)).getValue();
				BigInteger s = DERInteger.getInstance(asn1Sequence.getObjectAt(1)).getValue();
			 
				BCDSAPublicKey key = (BCDSAPublicKey) certificate.getPublicKey();
				
	            // DSA Domain parameters
	            DSAParams params = key.getParams();
	            if(params == null) {
	                return Boolean.FALSE;
	            }
	            
	            DSAParameters parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
	            
	            DSASigner signer = new DSASigner();
	            signer.init(false, new DSAPublicKeyParameters(key.getY(), parameters));
	
	            SHA1Digest digest = new SHA1Digest();
	            digest.update(coveredBytes, 0, coveredBytes.length);
	            byte[] message = new byte[digest.getDigestSize()];
	            digest.doFinal(message, 0);
	            
	            return signer.verifySignature(message, r, s);
			} catch (IOException e) {
				return Boolean.FALSE;
			}
		}

		
		return null;

	}