java.security.spec.PSSParameterSpec Java Examples

The following examples show how to use java.security.spec.PSSParameterSpec. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AlgorithmParametersSpi.java    From ripple-lib-java with ISC License 6 votes vote down vote up
/**
 * Return the PKCS#1 ASN.1 structure RSASSA-PSS-params.
 */
protected byte[] engineGetEncoded() 
    throws IOException
{
    PSSParameterSpec pssSpec = currentSpec;
    AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(
                                        DigestFactory.getOID(pssSpec.getDigestAlgorithm()),
                                        DERNull.INSTANCE);
    MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)pssSpec.getMGFParameters();
    AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier(
                                        PKCSObjectIdentifiers.id_mgf1,
                                        new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE));
    RSASSAPSSparams pssP = new RSASSAPSSparams(hashAlgorithm, maskGenAlgorithm, new ASN1Integer(pssSpec.getSaltLength()), new ASN1Integer(pssSpec.getTrailerField()));
    
    return pssP.getEncoded("DER");
}
 
Example #2
Source File: AlgorithmId.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
public static PSSParameterSpec getDefaultAlgorithmParameterSpec(
        String sigAlg, PrivateKey k) {
    if (sigAlg.equalsIgnoreCase("RSASSA-PSS")) {
        switch (ifcFfcStrength(KeyUtil.getKeySize(k))) {
            case "SHA256":
                return PSSParamsHolder.PSS_256_SPEC;
            case "SHA384":
                return PSSParamsHolder.PSS_384_SPEC;
            case "SHA512":
                return PSSParamsHolder.PSS_512_SPEC;
            default:
                throw new AssertionError("Should not happen");
        }
    } else {
        return null;
    }
}
 
Example #3
Source File: PSSParameters.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
@Override
protected void engineInit(AlgorithmParameterSpec paramSpec)
        throws InvalidParameterSpecException {
    if (!(paramSpec instanceof PSSParameterSpec)) {
        throw new InvalidParameterSpecException
            ("Inappropriate parameter specification");
    }
    PSSParameterSpec spec = (PSSParameterSpec) paramSpec;

    String mgfName = spec.getMGFAlgorithm();
    if (!spec.getMGFAlgorithm().equalsIgnoreCase("MGF1")) {
        throw new InvalidParameterSpecException("Unsupported mgf " +
            mgfName + "; MGF1 only");
    }
    AlgorithmParameterSpec mgfSpec = spec.getMGFParameters();
    if (!(mgfSpec instanceof MGF1ParameterSpec)) {
        throw new InvalidParameterSpecException("Inappropriate mgf " +
            "parameters; non-null MGF1ParameterSpec only");
    }
    this.spec = spec;
}
 
Example #4
Source File: PSSParameters.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
@Override
protected void engineInit(AlgorithmParameterSpec paramSpec)
        throws InvalidParameterSpecException {
    if (!(paramSpec instanceof PSSParameterSpec)) {
        throw new InvalidParameterSpecException
            ("Inappropriate parameter specification");
    }
    PSSParameterSpec spec = (PSSParameterSpec) paramSpec;

    String mgfName = spec.getMGFAlgorithm();
    if (!spec.getMGFAlgorithm().equalsIgnoreCase("MGF1")) {
        throw new InvalidParameterSpecException("Unsupported mgf " +
            mgfName + "; MGF1 only");
    }
    AlgorithmParameterSpec mgfSpec = spec.getMGFParameters();
    if (!(mgfSpec instanceof MGF1ParameterSpec)) {
        throw new InvalidParameterSpecException("Inappropriate mgf " +
            "parameters; non-null MGF1ParameterSpec only");
    }
    this.spec = spec;
}
 
Example #5
Source File: PSSParameters.java    From Bytecoder with Apache License 2.0 6 votes vote down vote up
@Override
protected void engineInit(AlgorithmParameterSpec paramSpec)
        throws InvalidParameterSpecException {
    if (!(paramSpec instanceof PSSParameterSpec)) {
        throw new InvalidParameterSpecException
            ("Inappropriate parameter specification");
    }
    PSSParameterSpec spec = (PSSParameterSpec) paramSpec;

    String mgfName = spec.getMGFAlgorithm();
    if (!spec.getMGFAlgorithm().equalsIgnoreCase("MGF1")) {
        throw new InvalidParameterSpecException("Unsupported mgf " +
            mgfName + "; MGF1 only");
    }
    AlgorithmParameterSpec mgfSpec = spec.getMGFParameters();
    if (!(mgfSpec instanceof MGF1ParameterSpec)) {
        throw new InvalidParameterSpecException("Inappropriate mgf " +
            "parameters; non-null MGF1ParameterSpec only");
    }
    this.spec = spec;
}
 
Example #6
Source File: AlgorithmParametersSpi.java    From RipplePower with Apache License 2.0 6 votes vote down vote up
/**
 * Return the PKCS#1 ASN.1 structure RSASSA-PSS-params.
 */
protected byte[] engineGetEncoded() 
    throws IOException
{
    PSSParameterSpec pssSpec = currentSpec;
    AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(
                                        DigestFactory.getOID(pssSpec.getDigestAlgorithm()),
                                        DERNull.INSTANCE);
    MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)pssSpec.getMGFParameters();
    AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier(
                                        PKCSObjectIdentifiers.id_mgf1,
                                        new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE));
    RSASSAPSSparams pssP = new RSASSAPSSparams(hashAlgorithm, maskGenAlgorithm, new ASN1Integer(pssSpec.getSaltLength()), new ASN1Integer(pssSpec.getTrailerField()));
    
    return pssP.getEncoded("DER");
}
 
Example #7
Source File: RsaPssTest.java    From wycheproof with Apache License 2.0 6 votes vote down vote up
/**
 * Returns an AlgorithmParameterSpec for generating a RSASSA-PSS key,
 * which include the PSSParameters.
 * Requires jdk11.
 * 
 * @param keySizeInBits the size of the modulus in bits.
 * @param sha the name of the hash function for hashing the input (e.g. "SHA-256")
 * @param mgf the name of the mask generating function (typically "MGF1")
 * @param mgfSha the name of the hash function for the mask generating function
 *        (typically the same as sha).
 * @param saltLength the length of the salt in bytes (typically the digest size of sha,
 *        i.e. 32 for "SHA-256")
 * @throws NoSuchMethodException if the AlgorithmParameterSpec is not
 *   supported (i.e. this happens before jdk11).
 */
public RSAKeyGenParameterSpec getPssAlgorithmParameters(
    int keySizeInBits,
    String sha,
    String mgf,
    String mgfSha,
    int saltLength) throws Exception {
  BigInteger publicExponent = new BigInteger("65537");
  PSSParameterSpec params = 
      new PSSParameterSpec(sha, mgf, new MGF1ParameterSpec(mgfSha), saltLength, 1);
  // Uses reflection to call 
  // public RSAKeyGenParameterSpec(int keysize, BigInteger publicExponent,
  //        AlgorithmParameterSpec keyParams)
  // because this method is only supported in jdk11. This throws a NoSuchMethodException
  // for older jdks.
  Constructor<RSAKeyGenParameterSpec> c =
      RSAKeyGenParameterSpec.class.getConstructor(
          int.class, BigInteger.class, AlgorithmParameterSpec.class);
  return c.newInstance(keySizeInBits, publicExponent, params);
}
 
Example #8
Source File: AlgorithmParametersSpi.java    From RipplePower with Apache License 2.0 5 votes vote down vote up
protected void engineInit(
    AlgorithmParameterSpec paramSpec)
    throws InvalidParameterSpecException
{
    if (!(paramSpec instanceof PSSParameterSpec))
    {
        throw new InvalidParameterSpecException("PSSParameterSpec required to initialise an PSS algorithm parameters object");
    }
    
    this.currentSpec = (PSSParameterSpec)paramSpec;
}
 
Example #9
Source File: RsaProvider.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
protected Signature createSignatureInstance() {

        Signature sig = super.createSignatureInstance();

        PSSParameterSpec spec = PSS_PARAMETER_SPECS.get(alg);
        if (spec != null) {
            setParameter(sig, spec);
        }
        return sig;
    }
 
Example #10
Source File: PSSParameters.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
@Override
protected <T extends AlgorithmParameterSpec>
        T engineGetParameterSpec(Class<T> paramSpec)
        throws InvalidParameterSpecException {
    if (PSSParameterSpec.class.isAssignableFrom(paramSpec)) {
        return paramSpec.cast(spec);
    } else {
        throw new InvalidParameterSpecException
            ("Inappropriate parameter specification");
    }
}
 
Example #11
Source File: RsaProvider.java    From jjwt with Apache License 2.0 5 votes vote down vote up
protected void setParameter(Signature sig, PSSParameterSpec spec) {
    try {
        doSetParameter(sig, spec);
    } catch (InvalidAlgorithmParameterException e) {
        String msg = "Unsupported RSASSA-PSS parameter '" + spec + "': " + e.getMessage();
        throw new SignatureException(msg, e);
    }
}
 
Example #12
Source File: RsaProvider.java    From jjwt with Apache License 2.0 5 votes vote down vote up
protected Signature createSignatureInstance() {

        Signature sig = super.createSignatureInstance();

        PSSParameterSpec spec = PSS_PARAMETER_SPECS.get(alg);
        if (spec != null) {
            setParameter(sig, spec);
        }
        return sig;
    }
 
Example #13
Source File: InteropWithSunRsaSign.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
static boolean test(String pg, String ps, String pv, PSSParameterSpec pss)
        throws Exception {

    KeyPairGenerator kpg = pg.length() == 1
            ? KeyPairGenerator.getInstance("RSA")
            :KeyPairGenerator.getInstance("RSA", pg);
    kpg.initialize(
            pss.getDigestAlgorithm().equals("SHA-512") ? 2048: 1024,
            NOT_SECURE_RANDOM);
    KeyPair kp = kpg.generateKeyPair();
    PrivateKey pr = kp.getPrivate();
    PublicKey pu = kp.getPublic();

    Signature s = ps.length() == 1
            ? Signature.getInstance("RSASSA-PSS")
            : Signature.getInstance("RSASSA-PSS", ps);
    s.initSign(pr);
    s.setParameter(pss);
    s.update(msg);
    byte[] sig = s.sign();

    Signature s2 = pv.length() == 1
            ? Signature.getInstance("RSASSA-PSS")
            : Signature.getInstance("RSASSA-PSS", pv);
    s2.initVerify(pu);
    s2.setParameter(pss);
    s2.update(msg);

    return s2.verify(sig);
}
 
Example #14
Source File: AlgorithmParametersSpi.java    From ripple-lib-java with ISC License 5 votes vote down vote up
protected void engineInit(
    AlgorithmParameterSpec paramSpec)
    throws InvalidParameterSpecException
{
    if (!(paramSpec instanceof PSSParameterSpec))
    {
        throw new InvalidParameterSpecException("PSSParameterSpec required to initialise an PSS algorithm parameters object");
    }
    
    this.currentSpec = (PSSParameterSpec)paramSpec;
}
 
Example #15
Source File: PSSParameters.java    From Bytecoder with Apache License 2.0 5 votes vote down vote up
@Override
protected <T extends AlgorithmParameterSpec>
        T engineGetParameterSpec(Class<T> paramSpec)
        throws InvalidParameterSpecException {
    if (PSSParameterSpec.class.isAssignableFrom(paramSpec)) {
        return paramSpec.cast(spec);
    } else {
        throw new InvalidParameterSpecException
            ("Inappropriate parameter specification");
    }
}
 
Example #16
Source File: AlgorithmParametersSpi.java    From RipplePower with Apache License 2.0 5 votes vote down vote up
protected AlgorithmParameterSpec localEngineGetParameterSpec(
    Class paramSpec)
    throws InvalidParameterSpecException
{
    if (paramSpec == PSSParameterSpec.class && currentSpec != null)
    {
        return currentSpec;
    }
    
    throw new InvalidParameterSpecException("unknown parameter spec passed to PSS parameters object.");
}
 
Example #17
Source File: AlgorithmParametersSpi.java    From ripple-lib-java with ISC License 5 votes vote down vote up
protected AlgorithmParameterSpec localEngineGetParameterSpec(
    Class paramSpec)
    throws InvalidParameterSpecException
{
    if (paramSpec == PSSParameterSpec.class && currentSpec != null)
    {
        return currentSpec;
    }
    
    throw new InvalidParameterSpecException("unknown parameter spec passed to PSS parameters object.");
}
 
Example #18
Source File: PSSParameters.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
@Override
protected <T extends AlgorithmParameterSpec>
        T engineGetParameterSpec(Class<T> paramSpec)
        throws InvalidParameterSpecException {
    if (PSSParameterSpec.class.isAssignableFrom(paramSpec)) {
        return paramSpec.cast(spec);
    } else {
        throw new InvalidParameterSpecException
            ("Inappropriate parameter specification");
    }
}
 
Example #19
Source File: InteropWithSunRsaSign.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
static boolean test(String pg, String ps, String pv, PSSParameterSpec pss)
        throws Exception {

    KeyPairGenerator kpg = pg.length() == 1
            ? KeyPairGenerator.getInstance("RSA")
            :KeyPairGenerator.getInstance("RSA", pg);
    kpg.initialize(
            pss.getDigestAlgorithm().equals("SHA-512") ? 2048: 1024,
            NOT_SECURE_RANDOM);
    KeyPair kp = kpg.generateKeyPair();
    PrivateKey pr = kp.getPrivate();
    PublicKey pu = kp.getPublic();

    Signature s = ps.length() == 1
            ? Signature.getInstance("RSASSA-PSS")
            : Signature.getInstance("RSASSA-PSS", ps);
    s.initSign(pr);
    s.setParameter(pss);
    s.update(msg);
    byte[] sig = s.sign();

    Signature s2 = pv.length() == 1
            ? Signature.getInstance("RSASSA-PSS")
            : Signature.getInstance("RSASSA-PSS", pv);
    s2.initVerify(pu);
    s2.setParameter(pss);
    s2.update(msg);

    return s2.verify(sig);
}
 
Example #20
Source File: RsaUsingShaAlgorithm.java    From Jose4j with Apache License 2.0 5 votes vote down vote up
public RsaPssSha256()
{
    super(AlgorithmIdentifiers.RSA_PSS_USING_SHA256, "SHA256withRSAandMGF1");
    MGF1ParameterSpec mgf1pec = MGF1ParameterSpec.SHA256;
    PSSParameterSpec pssSpec = new PSSParameterSpec(mgf1pec.getDigestAlgorithm(), MGF1, mgf1pec, 32, TRAILER);
    setAlgorithmParameterSpec(pssSpec);
}
 
Example #21
Source File: RsaUsingShaAlgorithm.java    From Jose4j with Apache License 2.0 5 votes vote down vote up
public RsaPssSha384()
{
    super(AlgorithmIdentifiers.RSA_PSS_USING_SHA384, "SHA384withRSAandMGF1");
    MGF1ParameterSpec mgf1pec = MGF1ParameterSpec.SHA384;
    PSSParameterSpec pssSpec = new PSSParameterSpec(mgf1pec.getDigestAlgorithm(), MGF1, mgf1pec, 48, TRAILER);
    setAlgorithmParameterSpec(pssSpec);
}
 
Example #22
Source File: P11RSAPSSSignatureSpi.java    From xipki with Apache License 2.0 5 votes vote down vote up
protected P11RSAPSSSignatureSpi(PSSParameterSpec baseParamSpec, boolean isRaw) {
  this.originalSpec = baseParamSpec;
  this.paramSpec = (baseParamSpec == null) ? PSSParameterSpec.DEFAULT : baseParamSpec;
  this.mgfDigest = DigestFactory.getDigest(paramSpec.getDigestAlgorithm());
  this.saltLength = paramSpec.getSaltLength();
  this.trailer = getTrailer(paramSpec.getTrailerField());
  this.isRaw = isRaw;

  setupContentDigest();
}
 
Example #23
Source File: PSSParameterSpecTest.java    From j2objc with Apache License 2.0 5 votes vote down vote up
/**
 * Test #2 for <code>PSSParameterSpec(int)</code> ctor<br>
 * Assertion:
 * throws <code>IllegalArgumentException</code>
 * if <code>saltLen</code> less than 0
 */
public final void testPSSParameterSpec0102() {
    try {
        new PSSParameterSpec(-1);
        fail("Expected IAE not thrown");
    } catch (IllegalArgumentException e) {
    }
}
 
Example #24
Source File: P11RSAPSSSignatureSpi.java    From xipki with Apache License 2.0 4 votes vote down vote up
public SHA224withRSA() {
  super(new PSSParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), 28, 1));
}
 
Example #25
Source File: P11RSAPSSSignatureSpi.java    From xipki with Apache License 2.0 4 votes vote down vote up
public SHA256withRSA() {
  super(new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 32, 1));
}
 
Example #26
Source File: PSSParameterSpecTest.java    From j2objc with Apache License 2.0 4 votes vote down vote up
/**
 * Test for <code>getMGFAlgorithm()</code> method
 * Assertion: returns mask generation function algorithm name
 */
public final void testGetMGFAlgorithm() {
    PSSParameterSpec pssps = new PSSParameterSpec("SHA-1", "MGF1",
            MGF1ParameterSpec.SHA1, 20, 1);
    assertEquals("MGF1", pssps.getMGFAlgorithm());
}
 
Example #27
Source File: PSSParameterSpecTest.java    From j2objc with Apache License 2.0 4 votes vote down vote up
/**
 * Test for <code>getDigestAlgorithm()</code> method
 * Assertion: returns message digest algorithm name
 */
public final void testGetDigestAlgorithm() {
    PSSParameterSpec pssps = new PSSParameterSpec("SHA-1", "MGF1",
            MGF1ParameterSpec.SHA1, 20, 1);
    assertEquals("SHA-1", pssps.getDigestAlgorithm());
}
 
Example #28
Source File: P11RSAPSSSignatureSpi.java    From xipki with Apache License 2.0 4 votes vote down vote up
public SHA3_256withRSA() {
  super(new PSSParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), 32, 1));
}
 
Example #29
Source File: PSSSignatureSpi.java    From ripple-lib-java with ISC License 4 votes vote down vote up
public SHA256withRSA()
{
    super(new RSABlindedEngine(), new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 32, 1));
}
 
Example #30
Source File: P11RSAPSSSignatureSpi.java    From xipki with Apache License 2.0 4 votes vote down vote up
public SHA3_384withRSA() {
  super(new PSSParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), 48, 1));
}