Add some passive support for SHA256 based signatures

This commit is contained in:
Christian Basler 2017-04-02 21:03:04 +02:00
parent 841fb7eccd
commit c4385b2336
3 changed files with 31 additions and 27 deletions

View File

@ -31,10 +31,7 @@ import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec; import javax.crypto.spec.SecretKeySpec;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.GeneralSecurityException; import java.security.*;
import java.security.MessageDigest;
import java.security.Provider;
import java.security.SecureRandom;
import static ch.dissem.bitmessage.InternalContext.NETWORK_EXTRA_BYTES; import static ch.dissem.bitmessage.InternalContext.NETWORK_EXTRA_BYTES;
import static ch.dissem.bitmessage.InternalContext.NETWORK_NONCE_TRIALS_PER_BYTE; import static ch.dissem.bitmessage.InternalContext.NETWORK_NONCE_TRIALS_PER_BYTE;
@ -50,6 +47,10 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
private static final BigInteger TWO_POW_64 = TWO.pow(64); private static final BigInteger TWO_POW_64 = TWO.pow(64);
private static final BigInteger TWO_POW_16 = TWO.pow(16); private static final BigInteger TWO_POW_16 = TWO.pow(16);
protected static final String ALGORITHM_ECDSA = "ECDSA";
protected static final String ALGORITHM_ECDSA_SHA1 = "SHA1withECDSA";
protected static final String ALGORITHM_EVP_SHA256 = "SHA256withECDSA";
protected final Provider provider; protected final Provider provider;
private InternalContext context; private InternalContext context;
@ -127,6 +128,27 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
} }
} }
protected byte[] doSign(byte[] data, java.security.PrivateKey privKey) throws GeneralSecurityException {
// TODO: change this to ALGORITHM_EVP_SHA256 once it's generally used in the network
Signature sig = Signature.getInstance(ALGORITHM_ECDSA_SHA1, provider);
sig.initSign(privKey);
sig.update(data);
return sig.sign();
}
protected boolean doCheckSignature(byte[] data, byte[] signature, PublicKey publicKey) throws GeneralSecurityException {
for (String algorithm : new String[]{ALGORITHM_ECDSA_SHA1, ALGORITHM_EVP_SHA256}) {
Signature sig = Signature.getInstance(algorithm, provider);
sig.initVerify(publicKey);
sig.update(data);
if (sig.verify(signature)) {
return true;
}
}
return false;
}
@Override @Override
public byte[] getInitialHash(ObjectMessage object) { public byte[] getInitialHash(ObjectMessage object) {
return sha512(object.getPayloadBytesWithoutNonce()); return sha512(object.getPayloadBytesWithoutNonce());

View File

@ -38,10 +38,7 @@ import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.math.ec.ECPoint; import org.bouncycastle.math.ec.ECPoint;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.GeneralSecurityException; import java.security.*;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.KeySpec; import java.security.spec.KeySpec;
import java.util.Arrays; import java.util.Arrays;
@ -51,7 +48,6 @@ import java.util.Arrays;
*/ */
public class BouncyCryptography extends AbstractCryptography { public class BouncyCryptography extends AbstractCryptography {
private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1"); private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
private static final String ALGORITHM_ECDSA = "ECDSA";
public BouncyCryptography() { public BouncyCryptography() {
super(new BouncyCastleProvider()); super(new BouncyCastleProvider());
@ -106,10 +102,7 @@ public class BouncyCryptography extends AbstractCryptography {
KeySpec keySpec = new ECPublicKeySpec(Q, spec); KeySpec keySpec = new ECPublicKeySpec(Q, spec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec); PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider); return doCheckSignature(data, signature, publicKey);
sig.initVerify(publicKey);
sig.update(data);
return sig.verify(signature);
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new ApplicationException(e); throw new ApplicationException(e);
} }
@ -131,10 +124,7 @@ public class BouncyCryptography extends AbstractCryptography {
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider) java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
.generatePrivate(keySpec); .generatePrivate(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider); return doSign(data, privKey);
sig.initSign(privKey);
sig.update(data);
return sig.sign();
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new ApplicationException(e); throw new ApplicationException(e);
} }

View File

@ -41,7 +41,6 @@ import java.math.BigInteger;
import java.security.GeneralSecurityException; import java.security.GeneralSecurityException;
import java.security.KeyFactory; import java.security.KeyFactory;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.KeySpec; import java.security.spec.KeySpec;
import java.util.Arrays; import java.util.Arrays;
@ -51,7 +50,6 @@ import java.util.Arrays;
*/ */
public class SpongyCryptography extends AbstractCryptography { public class SpongyCryptography extends AbstractCryptography {
private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1"); private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
private static final String ALGORITHM_ECDSA = "ECDSA";
public SpongyCryptography() { public SpongyCryptography() {
super(new BouncyCastleProvider()); super(new BouncyCastleProvider());
@ -106,10 +104,7 @@ public class SpongyCryptography extends AbstractCryptography {
KeySpec keySpec = new ECPublicKeySpec(Q, spec); KeySpec keySpec = new ECPublicKeySpec(Q, spec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec); PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider); return doCheckSignature(data, signature, publicKey);
sig.initVerify(publicKey);
sig.update(data);
return sig.verify(signature);
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new ApplicationException(e); throw new ApplicationException(e);
} }
@ -131,10 +126,7 @@ public class SpongyCryptography extends AbstractCryptography {
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider) java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
.generatePrivate(keySpec); .generatePrivate(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider); return doSign(data, privKey);
sig.initSign(privKey);
sig.update(data);
return sig.sign();
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new ApplicationException(e); throw new ApplicationException(e);
} }