org.spongycastle.crypto.params.ECPublicKeyParameters Java Examples

public static boolean Verify(byte[] data, byte[] sign, byte[] pub) {
    if (data.length != 32) {
        throw new IllegalArgumentException("Expected 32 byte input to ECDSA verify, not " + data.length);
    }
    if (sign.length != 65) {
        throw new IllegalArgumentException("Expected 65 byte input of signature to ECDSA verify, not " + sign.length);
    }

    ECDSASignature signature = ECDSASignature.fromBytes(sign);

    ECDSASigner signer = new ECDSASigner();
    ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub), CURVE);
    signer.init(false, params);
    try {
        return signer.verifySignature(data, signature.r, signature.s);
    } catch (NullPointerException npe) {
        // Bouncy Castle contains a bug that can cause NPEs given specially crafted signatures.
        // Those signatures are inherently invalid/attack sigs so we just fail them here rather than crash the thread.
        return false;
    }
}
 

/**
 * <p>Verifies the given ECDSA signature against the message bytes using the public key bytes.</p>
 * <p/>
 * <p>When using native ECDSA verification, data must be 32 bytes, and no element may be
 * larger than 520 bytes.</p>
 *
 * @param data      Hash of the data to verify.
 * @param signature ASN.1 encoded signature.
 * @param pub       The public key bytes to use.
 */
public static boolean verify(byte[] data, ECDSASignature signature, byte[] pub) {
    if (FAKE_SIGNATURES)
        return true;

    if (NativeSecp256k1.enabled)
        return NativeSecp256k1.verify(data, signature.encodeToDER(), pub);

    ECDSASigner signer = new ECDSASigner();
    ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub), CURVE);
    signer.init(false, params);
    try {
        return signer.verifySignature(data, signature.r, signature.s);
    } catch (NullPointerException e) {
        // Bouncy Castle contains a bug that can cause NPEs given specially crafted signatures. Those signatures
        // are inherently invalid/attack sigs so we just fail them here rather than crash the thread.
        log.error("Caught NPE inside bouncy castle");
        e.printStackTrace();
        return false;
    }
}
 

/**
 * <p>Verifies the given ECDSA signature against the message bytes using the public key bytes.</p>
 *
 * <p>When using native ECDSA verification, data must be 32 bytes, and no element may be
 * larger than 520 bytes.</p>
 *
 * @param data Hash of the data to verify.
 * @param signature signature.
 * @param pub The public key bytes to use.
 *
 * @return -
 */
public static boolean verify(byte[] data, ECDSASignature signature, byte[] pub) {
  ECDSASigner signer = new ECDSASigner();
  ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve()
      .decodePoint(pub), CURVE);
  signer.init(false, params);
  try {
    return signer.verifySignature(data, signature.r, signature.s);
  } catch (NullPointerException npe) {
    // Bouncy Castle contains a bug that can cause NPEs given specially crafted signatures.
    // Those signatures are inherently invalid/attack sigs so we just fail them here rather
    // than crash the thread.
    //            logger.error("Caught NPE inside bouncy castle", npe);
    return false;
  }
}
 

/**
 * <p>Verifies the given ECDSA signature against the message bytes using the public key bytes.</p>
 * <p> <p>When using native ECDSA verification, data must be 32 bytes, and no element may be
 * larger than 520 bytes.</p>
 *
 * @param data Hash of the data to verify.
 * @param signature signature.
 * @param pub The public key bytes to use.
 * @return -
 */
public static boolean verify(byte[] data, ECDSASignature signature,
    byte[] pub) {
  ECDSASigner signer = new ECDSASigner();
  ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE
      .getCurve().decodePoint(pub), CURVE);
  signer.init(false, params);
  try {
    return signer.verifySignature(data, signature.r, signature.s);
  } catch (NullPointerException npe) {
    // Bouncy Castle contains a bug that can cause NPEs given
    // specially crafted signatures.
    // Those signatures are inherently invalid/attack sigs so we just
    // fail them here rather than crash the thread.
    logger.error("Caught NPE inside bouncy castle", npe);
    return false;
  }
}
 

public static ECKeyPair createNew(boolean compressed) {
    ECKeyPairGenerator generator = new ECKeyPairGenerator();
    ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(domain,
            secureRandom);
    generator.init(keygenParams);
    AsymmetricCipherKeyPair keypair = generator.generateKeyPair();
    ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate();
    ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic();
    ECKeyPair k = new ECKeyPair();
    k.priv = privParams.getD();
    k.compressed = compressed;
    ECPoint multiply = CURVE.getG().multiply(k.priv);
    k.pub = multiply.getEncoded(false);
    k.pubComp = multiply.getEncoded(true);
    return k;
}
 

public static boolean verify(byte[] publicKey, byte[] signature, byte[] msg) {
    X9ECParameters params = SECNamedCurves.getByName("secp256k1");
    ECDomainParameters EC_PARAMS = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH());
    synchronized (EC_PARAMS) {
        boolean valid;
        ECDSASigner signerVer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
        try {
            ECPublicKeyParameters pubKey = new ECPublicKeyParameters(EC_PARAMS.getCurve().decodePoint(publicKey), EC_PARAMS);
            signerVer.init(false, pubKey);
            ASN1InputStream derSigStream = new ASN1InputStream(signature);
            DLSequence seq = (DLSequence) derSigStream.readObject();
            BigInteger r = ((ASN1Integer) seq.getObjectAt(0)).getPositiveValue();
            BigInteger s = ((ASN1Integer) seq.getObjectAt(1)).getPositiveValue();
            derSigStream.close();
            valid = signerVer.verifySignature(msg, r, s);
        } catch (IOException e) {
            throw new RuntimeException();
        }
        return valid;
    }
}
 

/**
 * <p>Verifies the given ECDSA signature against the message bytes using the public key bytes.</p>
 * <p> <p>When using native ECDSA verification, data must be 32 bytes, and no element may be
 * larger than 520 bytes.</p>
 *
 * @param data      Hash of the data to verify.
 * @param signature signature.
 * @param pub       The public key bytes to use.
 * @return -
 */
public static boolean verify(byte[] data, ECDSASignature signature,
                             byte[] pub) {
    ECDSASigner signer = new ECDSASigner();
    ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE
            .getCurve().decodePoint(pub), CURVE);
    signer.init(false, params);
    try {
        return signer.verifySignature(data, signature.r, signature.s);
    } catch (NullPointerException npe) {
        // Bouncy Castle contains a bug that can cause NPEs given
        // specially crafted signatures.
        // Those signatures are inherently invalid/attack sigs so we just
        // fail them here rather than crash the thread.
        logger.error("Caught NPE inside bouncy castle", npe);
        return false;
    }
}
 

public void init(
    boolean forSigning,
    CipherParameters param) {
  SecureRandom providedRandom = null;

  if (forSigning) {
    if (param instanceof ParametersWithRandom) {
      ParametersWithRandom rParam = (ParametersWithRandom) param;

      this.key = (ECPrivateKeyParameters) rParam.getParameters();
      providedRandom = rParam.getRandom();
    } else {
      this.key = (ECPrivateKeyParameters) param;
    }
  } else {
    this.key = (ECPublicKeyParameters) param;
  }

  this.random = initSecureRandom(forSigning && !kCalculator.isDeterministic(), providedRandom);
}
 

/**
 * Verifies the given ECDSA signature against the message bytes using the public key bytes.
 *
 * <p>When using native ECDSA verification, data must be 32 bytes, and no element may be larger
 * than 520 bytes.
 *
 * @param data Hash of the data to verify.
 * @param signature signature.
 * @param pub The public key bytes to use.
 * @return -
 */
public boolean verify(byte[] data, ECDSASignature signature, byte[] pub) {
    ECDSASigner signer = new ECDSASigner();
    ECPublicKeyParameters params =
            new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub), CURVE);
    signer.init(false, params);
    try {
        return signer.verifySignature(data, signature.r, signature.s);
    } catch (NullPointerException npe) {
        // Bouncy Castle contains a bug that can cause NPEs given specially
        // crafted signatures.
        // Those signatures are inherently invalid/attack sigs so we just
        // fail them here rather than crash the thread.
        logger.error("Caught NPE inside bouncy castle", npe);
        return false;
    }
}
 

/**
 * return true if the value r and s represent a DSA signature for
 * the passed in message (for standard DSA the message should be
 * a SHA-1 hash of the real message to be verified).
 */
public boolean verifySignature(
    byte[] message,
    BigInteger r,
    BigInteger s) {
  ECDomainParameters ec = key.getParameters();
  BigInteger n = ec.getN();
  BigInteger e = calculateE(n, message);

  // r in the range [1,n-1]
  if (r.compareTo(ONE) < 0 || r.compareTo(n) >= 0) {
    return false;
  }

  // s in the range [1,n-1]
  if (s.compareTo(ONE) < 0 || s.compareTo(n) >= 0) {
    return false;
  }

  BigInteger c = s.modInverse(n);

  BigInteger u1 = e.multiply(c).mod(n);
  BigInteger u2 = r.multiply(c).mod(n);

  ECPoint G = ec.getG();
  ECPoint Q = ((ECPublicKeyParameters) key).getQ();

  ECPoint point = ECAlgorithms.sumOfTwoMultiplies(G, u1, Q, u2).normalize();

  // components must be bogus.
  if (point.isInfinity()) {
    return false;
  }

  BigInteger v = point.getAffineXCoord().toBigInteger().mod(n);

  return v.equals(r);
}
 

public ECKey(SecureRandom secureRandom) {
    ECKeyPairGenerator generator = new ECKeyPairGenerator();
    ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(CURVE, secureRandom);
    generator.init(keygenParams);
    AsymmetricCipherKeyPair keypair = generator.generateKeyPair();
    ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate();
    ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic();
    priv = privParams.getD();
    pub = pubParams.getQ();
    creationTimeSeconds = System.currentTimeMillis();
}
 

public static boolean verify(byte[] data, ECDSASignature signature, byte[] pub) {
    ECDSASigner signer = new ECDSASigner();
    ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub), CURVE);
    signer.init(false, params);
    try {
        return signer.verifySignature(data, signature.r, signature.s);
    } catch (NullPointerException e) {
        log.error("Caught NPE inside bouncy castle", e);
        return false;
    }
}
 

public static boolean verify(byte[] pub, byte[] dataForSigning,
		BigInteger[] rs) {
	ECDSASigner signer = new ECDSASigner();
	X9ECParameters params = SECNamedCurves.getByName("secp256r1");
	ECDomainParameters ecParams = new ECDomainParameters(params.getCurve(),
			params.getG(), params.getN(), params.getH());
	ECPublicKeyParameters pubKeyParams = new ECPublicKeyParameters(ecParams
			.getCurve().decodePoint(pub), ecParams);
	signer.init(false, pubKeyParams);

	return signer.verifySignature(dataForSigning, rs[0].abs(), rs[1].abs());
}
 

/**
 * Generates an entirely new keypair. Point compression is used so the resulting public key will be 33 bytes
 * (32 for the co-ordinate and 1 byte to represent the y bit).
 */
public static ECKey generateECKey(SecureRandom secureRandom) {

    ECKeyPairGenerator generator = new ECKeyPairGenerator();
    ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(CURVE, secureRandom);
    generator.init(keygenParams);
    AsymmetricCipherKeyPair keypair = generator.generateKeyPair();
    ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate();
    ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic();
    BigInteger priv = privParams.getD();
    boolean compressed = true;
    ECKey ecKey = new ECKey(priv, pubParams.getQ().getEncoded(compressed));
    ecKey.setCreationTimeSeconds(Utils.currentTimeSeconds());
    return ecKey;
}
 

/**
 * Generates an entirely new keypair with the given {@link SecureRandom} object. Point compression is used so the
 * resulting public key will be 33 bytes (32 for the co-ordinate and 1 byte to represent the y bit).
 */
public ECKey(SecureRandom secureRandom) {
    ECKeyPairGenerator generator = new ECKeyPairGenerator();
    ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(CURVE, secureRandom);
    generator.init(keygenParams);
    AsymmetricCipherKeyPair keypair = generator.generateKeyPair();
    ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate();
    ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic();
    priv = privParams.getD();
    pub = CURVE.getCurve().decodePoint(pubParams.getQ().getEncoded(true));
}
 

/**
 * <p>Verifies the given ECDSA signature against the message bytes using the public key bytes.</p>
 * 
 * <p>When using native ECDSA verification, data must be 32 bytes, and no element may be
 * larger than 520 bytes.</p>
 *
 * @param data      Hash of the data to verify.
 * @param signature signature.
 * @param pub       The public key bytes to use.
 */
public static boolean verify(byte[] data, ECDSASignature signature, byte[] pub) {
    ECDSASigner signer = new ECDSASigner();
    ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub), CURVE);
    signer.init(false, params);
    try {
        return signer.verifySignature(data, signature.r, signature.s);
    } catch (NullPointerException npe) {
        // Bouncy Castle contains a bug that can cause NPEs given specially crafted signatures. 
    	// Those signatures are inherently invalid/attack sigs so we just fail them here rather than crash the thread.
        logger.error("Caught NPE inside bouncy castle", npe);
        return false;
    }
}
 

/** 
 * Generates an entirely new keypair. 
 * */
public ECKeyPair() 
{
    ECKeyPairGenerator generator = new ECKeyPairGenerator();
    ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters(ecParams, secureRandom);
    generator.init(keygenParams);
    AsymmetricCipherKeyPair keypair = generator.generateKeyPair();
    ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate();
    ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic();
    priv = privParams.getD();
    pub = pubParams.getQ().getEncoded();// The public key is an encoded point on the elliptic curve. It has no meaning independent of the curve.
}
 

@Override
public byte[] getEncoded(AsymmetricKeyParameter asymmetricKeyParameter) {
    return ((ECPublicKeyParameters) asymmetricKeyParameter).getQ().getEncoded(false);
}
 

@Override public byte[] getEncoded(AsymmetricKeyParameter asymmetricKeyParameter) {
  return ((ECPublicKeyParameters) asymmetricKeyParameter).getQ()
      .getEncoded(false);
}
 

/**
 * 根据公钥验证签名是否合法
 * @param srcStr
 * 明文字符串
 * @param sign
 * 用私钥签过名的sign
 * @param pubKey
 * 公钥
 * @return
 * 是否校验通过
 * @throws Exception
 * Exception
 */
public static boolean verify(String srcStr, String sign, String pubKey) throws Exception {
    byte[] hash256 = BaseAlgorithm.encode("SHA-256", srcStr.getBytes("UTF-8"));
    ECDSASignature eCDSASignature = ECDSASignature.decodeFromDER(Base64.decodeBase64(sign));
    ECDSASigner signer = new ECDSASigner();
    org.spongycastle.math.ec.ECPoint pub = CURVE.getCurve().decodePoint(Base64.decodeBase64(pubKey));
    ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub.getEncoded()), CURVE);
    signer.init(false, params);
    return signer.verifySignature(hash256, eCDSASignature.r, eCDSASignature.s);
}