Mercurial > 510Connectbot
annotate src/ch/ethz/ssh2/signature/ECDSASHA2Verify.java @ 355:adab27dd4598
remove ssh debug logging
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Fri, 01 Aug 2014 11:54:13 -0700 |
parents | e1c445af8e46 |
children |
rev | line source |
---|---|
274
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1 /** |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
2 * |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
3 */ |
279
e1c445af8e46
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
278
diff
changeset
|
4 package ch.ethz.ssh2.signature; |
274
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
5 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
6 import java.io.ByteArrayOutputStream; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
7 import java.io.IOException; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
8 import java.io.OutputStream; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
9 import java.math.BigInteger; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
10 import java.security.InvalidKeyException; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
11 import java.security.KeyFactory; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
12 import java.security.NoSuchAlgorithmException; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
13 import java.security.Signature; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
14 import java.security.SignatureException; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
15 import java.security.interfaces.ECPrivateKey; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
16 import java.security.interfaces.ECPublicKey; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
17 import java.security.spec.ECFieldFp; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
18 import java.security.spec.ECParameterSpec; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
19 import java.security.spec.ECPoint; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
20 import java.security.spec.ECPublicKeySpec; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
21 import java.security.spec.EllipticCurve; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
22 import java.security.spec.InvalidKeySpecException; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
23 import java.security.spec.KeySpec; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
24 import java.util.Map; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
25 import java.util.TreeMap; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
26 |
279
e1c445af8e46
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
278
diff
changeset
|
27 import ch.ethz.ssh2.log.Logger; |
e1c445af8e46
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
278
diff
changeset
|
28 import ch.ethz.ssh2.packets.TypesReader; |
e1c445af8e46
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
278
diff
changeset
|
29 import ch.ethz.ssh2.packets.TypesWriter; |
274
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
30 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
31 /** |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
32 * @author Kenny Root |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
33 * |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
34 */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
35 public class ECDSASHA2Verify { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
36 private static final Logger log = Logger.getLogger(ECDSASHA2Verify.class); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
37 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
38 public static final String ECDSA_SHA2_PREFIX = "ecdsa-sha2-"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
39 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
40 private static final String NISTP256 = "nistp256"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
41 private static final String NISTP256_OID = "1.2.840.10045.3.1.7"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
42 private static final String NISTP384 = "nistp384"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
43 private static final String NISTP384_OID = "1.3.132.0.34"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
44 private static final String NISTP521 = "nistp521"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
45 private static final String NISTP521_OID = "1.3.132.0.35"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
46 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
47 private static final Map<String, ECParameterSpec> CURVES = new TreeMap<String, ECParameterSpec>(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
48 static { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
49 CURVES.put(NISTP256, EllipticCurves.nistp256); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
50 CURVES.put(NISTP384, EllipticCurves.nistp384); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
51 CURVES.put(NISTP521, EllipticCurves.nistp521); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
52 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
53 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
54 private static final Map<Integer, String> CURVE_SIZES = new TreeMap<Integer, String>(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
55 static { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
56 CURVE_SIZES.put(256, NISTP256); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
57 CURVE_SIZES.put(384, NISTP384); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
58 CURVE_SIZES.put(521, NISTP521); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
59 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
60 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
61 private static final Map<String, String> CURVE_OIDS = new TreeMap<String, String>(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
62 static { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
63 CURVE_OIDS.put(NISTP256_OID, NISTP256); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
64 CURVE_OIDS.put(NISTP384_OID, NISTP256); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
65 CURVE_OIDS.put(NISTP521_OID, NISTP256); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
66 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
67 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
68 public static int[] getCurveSizes() { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
69 int[] keys = new int[CURVE_SIZES.size()]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
70 int i = 0; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
71 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
72 for (Integer n : CURVE_SIZES.keySet().toArray(new Integer[keys.length])) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
73 keys[i++] = n; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
74 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
75 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
76 return keys; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
77 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
78 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
79 public static ECParameterSpec getCurveForSize(int size) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
80 final String name = CURVE_SIZES.get(size); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
81 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
82 if (name == null) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
83 return null; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
84 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
85 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
86 return CURVES.get(name); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
87 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
88 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
89 public static ECPublicKey decodeSSHECDSAPublicKey(byte[] key) throws IOException { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
90 TypesReader tr = new TypesReader(key); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
91 String key_format = tr.readString(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
92 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
93 if (key_format.startsWith(ECDSA_SHA2_PREFIX) == false) |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
94 throw new IllegalArgumentException("This is not an ECDSA public key"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
95 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
96 String curveName = tr.readString(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
97 byte[] groupBytes = tr.readByteString(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
98 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
99 if (tr.remain() != 0) |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
100 throw new IOException("Padding in ECDSA public key!"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
101 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
102 if (key_format.equals(ECDSA_SHA2_PREFIX + curveName) == false) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
103 throw new IOException("Key format is inconsistent with curve name: " + key_format |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
104 + " != " + curveName); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
105 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
106 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
107 ECParameterSpec params = CURVES.get(curveName); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
108 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
109 if (params == null) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
110 throw new IOException("Curve is not supported: " + curveName); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
111 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
112 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
113 ECPoint group = ECDSASHA2Verify.decodeECPoint(groupBytes, params.getCurve()); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
114 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
115 if (group == null) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
116 throw new IOException("Invalid ECDSA group"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
117 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
118 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
119 KeySpec keySpec = new ECPublicKeySpec(group, params); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
120 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
121 try { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
122 KeyFactory kf = KeyFactory.getInstance("EC"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
123 return (ECPublicKey) kf.generatePublic(keySpec); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
124 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
125 catch (NoSuchAlgorithmException nsae) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
126 IOException ioe = new IOException("No EC KeyFactory available"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
127 ioe.initCause(nsae); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
128 throw ioe; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
129 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
130 catch (InvalidKeySpecException ikse) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
131 IOException ioe = new IOException("No EC KeyFactory available"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
132 ioe.initCause(ikse); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
133 throw ioe; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
134 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
135 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
136 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
137 public static byte[] encodeSSHECDSAPublicKey(ECPublicKey key) throws IOException { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
138 TypesWriter tw = new TypesWriter(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
139 String curveName = getCurveName(key.getParams()); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
140 String keyFormat = ECDSA_SHA2_PREFIX + curveName; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
141 tw.writeString(keyFormat); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
142 tw.writeString(curveName); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
143 byte[] encoded = encodeECPoint(key.getW(), key.getParams().getCurve()); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
144 tw.writeString(encoded, 0, encoded.length); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
145 return tw.getBytes(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
146 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
147 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
148 public static String getCurveName(ECParameterSpec params) throws IOException { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
149 int fieldSize = getCurveSize(params); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
150 final String curveName = getCurveName(fieldSize); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
151 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
152 if (curveName == null) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
153 throw new IOException("invalid curve size " + fieldSize); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
154 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
155 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
156 return curveName; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
157 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
158 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
159 public static String getCurveName(int fieldSize) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
160 String curveName = CURVE_SIZES.get(fieldSize); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
161 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
162 if (curveName == null) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
163 return null; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
164 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
165 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
166 return curveName; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
167 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
168 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
169 public static int getCurveSize(ECParameterSpec params) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
170 return params.getCurve().getField().getFieldSize(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
171 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
172 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
173 public static ECParameterSpec getCurveForOID(String oid) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
174 String name = CURVE_OIDS.get(oid); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
175 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
176 if (name == null) |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
177 return null; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
178 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
179 return CURVES.get(name); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
180 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
181 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
182 public static byte[] decodeSSHECDSASignature(byte[] sig) throws IOException { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
183 byte[] rsArray = null; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
184 TypesReader tr = new TypesReader(sig); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
185 String sig_format = tr.readString(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
186 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
187 if (sig_format.startsWith(ECDSA_SHA2_PREFIX) == false) |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
188 throw new IOException("Peer sent wrong signature format"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
189 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
190 String curveName = sig_format.substring(ECDSA_SHA2_PREFIX.length()); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
191 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
192 if (CURVES.containsKey(curveName) == false) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
193 throw new IOException("Unsupported curve: " + curveName); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
194 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
195 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
196 rsArray = tr.readByteString(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
197 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
198 if (tr.remain() != 0) |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
199 throw new IOException("Padding in ECDSA signature!"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
200 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
201 byte[] rArray; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
202 byte[] sArray; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
203 { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
204 TypesReader rsReader = new TypesReader(rsArray); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
205 rArray = rsReader.readMPINT().toByteArray(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
206 sArray = rsReader.readMPINT().toByteArray(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
207 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
208 int first = rArray.length; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
209 int second = sArray.length; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
210 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
211 /* We can't have the high bit set, so add an extra zero at the beginning if so. */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
212 if ((rArray[0] & 0x80) != 0) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
213 first++; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
214 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
215 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
216 if ((sArray[0] & 0x80) != 0) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
217 second++; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
218 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
219 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
220 /* Calculate total output length */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
221 ByteArrayOutputStream os = new ByteArrayOutputStream(6 + first + second); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
222 /* ASN.1 SEQUENCE tag */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
223 os.write(0x30); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
224 /* Size of SEQUENCE */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
225 writeLength(4 + first + second, os); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
226 /* ASN.1 INTEGER tag */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
227 os.write(0x02); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
228 /* "r" INTEGER length */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
229 writeLength(first, os); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
230 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
231 /* Copy in the "r" INTEGER */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
232 if (first != rArray.length) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
233 os.write(0x00); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
234 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
235 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
236 os.write(rArray); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
237 /* ASN.1 INTEGER tag */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
238 os.write(0x02); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
239 /* "s" INTEGER length */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
240 writeLength(second, os); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
241 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
242 /* Copy in the "s" INTEGER */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
243 if (second != sArray.length) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
244 os.write(0x00); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
245 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
246 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
247 os.write(sArray); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
248 return os.toByteArray(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
249 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
250 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
251 private static final void writeLength(int length, OutputStream os) throws IOException { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
252 if (length <= 0x7F) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
253 os.write(length); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
254 return; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
255 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
256 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
257 int numOctets = 0; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
258 int lenCopy = length; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
259 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
260 while (lenCopy != 0) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
261 lenCopy >>>= 8; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
262 numOctets++; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
263 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
264 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
265 os.write(0x80 | numOctets); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
266 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
267 for (int i = (numOctets - 1) * 8; i >= 0; i -= 8) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
268 os.write((byte)(length >> i)); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
269 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
270 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
271 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
272 public static byte[] encodeSSHECDSASignature(byte[] sig, ECParameterSpec params) throws IOException { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
273 TypesWriter tw = new TypesWriter(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
274 String curveName = getCurveName(params); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
275 tw.writeString(ECDSA_SHA2_PREFIX + curveName); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
276 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
277 if ((sig[0] != 0x30) || (sig[1] != sig.length - 2) || (sig[2] != 0x02)) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
278 throw new IOException("Invalid signature format"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
279 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
280 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
281 int rLength = sig[3]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
282 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
283 if ((rLength + 6 > sig.length) || (sig[4 + rLength] != 0x02)) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
284 throw new IOException("Invalid signature format"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
285 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
286 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
287 int sLength = sig[5 + rLength]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
288 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
289 if (6 + rLength + sLength > sig.length) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
290 throw new IOException("Invalid signature format"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
291 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
292 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
293 byte[] rArray = new byte[rLength]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
294 byte[] sArray = new byte[sLength]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
295 System.arraycopy(sig, 4, rArray, 0, rLength); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
296 System.arraycopy(sig, 6 + rLength, sArray, 0, sLength); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
297 BigInteger r = new BigInteger(rArray); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
298 BigInteger s = new BigInteger(sArray); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
299 // Write the <r,s> to its own types writer. |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
300 TypesWriter rsWriter = new TypesWriter(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
301 rsWriter.writeMPInt(r); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
302 rsWriter.writeMPInt(s); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
303 byte[] encoded = rsWriter.getBytes(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
304 tw.writeString(encoded, 0, encoded.length); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
305 return tw.getBytes(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
306 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
307 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
308 public static byte[] generateSignature(byte[] message, ECPrivateKey pk) throws IOException { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
309 final String algo = getSignatureAlgorithmForParams(pk.getParams()); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
310 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
311 try { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
312 Signature s = Signature.getInstance(algo); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
313 s.initSign(pk); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
314 s.update(message); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
315 return s.sign(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
316 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
317 catch (NoSuchAlgorithmException e) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
318 IOException ex = new IOException(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
319 ex.initCause(e); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
320 throw ex; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
321 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
322 catch (InvalidKeyException e) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
323 IOException ex = new IOException(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
324 ex.initCause(e); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
325 throw ex; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
326 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
327 catch (SignatureException e) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
328 IOException ex = new IOException(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
329 ex.initCause(e); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
330 throw ex; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
331 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
332 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
333 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
334 public static boolean verifySignature(byte[] message, byte[] ds, ECPublicKey dpk) throws IOException { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
335 final String algo = getSignatureAlgorithmForParams(dpk.getParams()); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
336 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
337 try { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
338 Signature s = Signature.getInstance(algo); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
339 s.initVerify(dpk); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
340 s.update(message); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
341 return s.verify(ds); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
342 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
343 catch (NoSuchAlgorithmException e) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
344 IOException ex = new IOException("No such algorithm"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
345 ex.initCause(e); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
346 throw ex; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
347 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
348 catch (InvalidKeyException e) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
349 IOException ex = new IOException("No such algorithm"); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
350 ex.initCause(e); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
351 throw ex; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
352 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
353 catch (SignatureException e) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
354 IOException ex = new IOException(); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
355 ex.initCause(e); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
356 throw ex; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
357 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
358 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
359 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
360 private static String getSignatureAlgorithmForParams(ECParameterSpec params) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
361 int size = getCurveSize(params); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
362 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
363 if (size <= 256) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
364 return "SHA256withECDSA"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
365 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
366 else if (size <= 384) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
367 return "SHA384withECDSA"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
368 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
369 else { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
370 return "SHA512withECDSA"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
371 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
372 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
373 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
374 public static String getDigestAlgorithmForParams(ECParameterSpec params) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
375 int size = getCurveSize(params); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
376 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
377 if (size <= 256) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
378 return "SHA256"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
379 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
380 else if (size <= 384) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
381 return "SHA384"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
382 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
383 else { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
384 return "SHA512"; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
385 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
386 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
387 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
388 /** |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
389 * Decode an OctetString to EllipticCurvePoint according to SECG 2.3.4 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
390 */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
391 public static ECPoint decodeECPoint(byte[] M, EllipticCurve curve) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
392 if (M.length == 0) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
393 return null; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
394 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
395 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
396 // M has len 2 ceil(log_2(q)/8) + 1 ? |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
397 int elementSize = (curve.getField().getFieldSize() + 7) / 8; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
398 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
399 if (M.length != 2 * elementSize + 1) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
400 return null; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
401 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
402 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
403 // step 3.2 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
404 if (M[0] != 0x04) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
405 return null; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
406 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
407 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
408 // Step 3.3 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
409 byte[] xp = new byte[elementSize]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
410 System.arraycopy(M, 1, xp, 0, elementSize); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
411 // Step 3.4 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
412 byte[] yp = new byte[elementSize]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
413 System.arraycopy(M, 1 + elementSize, yp, 0, elementSize); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
414 ECPoint P = new ECPoint(new BigInteger(1, xp), new BigInteger(1, yp)); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
415 // TODO check point 3.5 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
416 // Step 3.6 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
417 return P; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
418 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
419 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
420 /** |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
421 * Encode EllipticCurvePoint to an OctetString |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
422 */ |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
423 public static byte[] encodeECPoint(ECPoint group, EllipticCurve curve) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
424 // M has len 2 ceil(log_2(q)/8) + 1 ? |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
425 int elementSize = (curve.getField().getFieldSize() + 7) / 8; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
426 byte[] M = new byte[2 * elementSize + 1]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
427 // Uncompressed format |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
428 M[0] = 0x04; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
429 { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
430 byte[] affineX = removeLeadingZeroes(group.getAffineX().toByteArray()); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
431 System.arraycopy(affineX, 0, M, 1 + elementSize - affineX.length, affineX.length); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
432 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
433 { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
434 byte[] affineY = removeLeadingZeroes(group.getAffineY().toByteArray()); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
435 System.arraycopy(affineY, 0, M, 1 + elementSize + elementSize - affineY.length, |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
436 affineY.length); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
437 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
438 return M; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
439 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
440 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
441 private static byte[] removeLeadingZeroes(byte[] input) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
442 if (input[0] != 0x00) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
443 return input; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
444 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
445 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
446 int pos = 1; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
447 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
448 while (pos < input.length - 1 && input[pos] == 0x00) { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
449 pos++; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
450 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
451 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
452 byte[] output = new byte[input.length - pos]; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
453 System.arraycopy(input, pos, output, 0, output.length); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
454 return output; |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
455 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
456 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
457 public static class EllipticCurves { |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
458 public static ECParameterSpec nistp256 = new ECParameterSpec( |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
459 new EllipticCurve( |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
460 new ECFieldFp(new BigInteger("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
461 new BigInteger("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
462 new BigInteger("5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
463 new ECPoint(new BigInteger("6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
464 new BigInteger("4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
465 new BigInteger("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
466 1); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
467 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
468 public static ECParameterSpec nistp384 = new ECParameterSpec( |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
469 new EllipticCurve( |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
470 new ECFieldFp(new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
471 new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
472 new BigInteger("B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
473 new ECPoint(new BigInteger("AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
474 new BigInteger("3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
475 new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
476 1); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
477 |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
478 public static ECParameterSpec nistp521 = new ECParameterSpec( |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
479 new EllipticCurve( |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
480 new ECFieldFp(new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
481 new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
482 new BigInteger("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
483 new ECPoint(new BigInteger("00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
484 new BigInteger("011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", 16)), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
485 new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 16), |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
486 1); |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
487 } |
82bd20cb0d1d
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
488 } |