org.bouncycastle.crypto.AsymmetricBlockCipher Java Examples

The following examples show how to use org.bouncycastle.crypto.AsymmetricBlockCipher. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SignerUtil.java    From xipki with Apache License 2.0 5 votes vote down vote up 
public static PSSSigner createPSSRSASigner(AlgorithmIdentifier sigAlgId,
    AsymmetricBlockCipher cipher) throws XiSecurityException {
  Args.notNull(sigAlgId, "sigAlgId");
  if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
    throw new XiSecurityException("signature algorithm " + sigAlgId.getAlgorithm()
      + " is not allowed");
  }

  AlgorithmIdentifier digAlgId;
  try {
    digAlgId = AlgorithmUtil.extractDigesetAlgFromSigAlg(sigAlgId);
  } catch (NoSuchAlgorithmException ex) {
    throw new XiSecurityException(ex.getMessage(), ex);
  }

  RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters());

  AlgorithmIdentifier mfgDigAlgId = AlgorithmIdentifier.getInstance(
      param.getMaskGenAlgorithm().getParameters());

  Digest dig = getDigest(digAlgId);
  Digest mfgDig = getDigest(mfgDigAlgId);

  int saltSize = param.getSaltLength().intValue();
  int trailerField = param.getTrailerField().intValue();
  AsymmetricBlockCipher tmpCipher = (cipher == null) ? new RSABlindedEngine() : cipher;

  return new PSSSigner(tmpCipher, dig, mfgDig, saltSize, getTrailer(trailerField));
}
Example #2
Source File: EncryptionUtilTest.java    From Hive2Hive with MIT License 5 votes vote down vote up 
@Test
@Ignore
public void testPureLightweightBouncyCastle() throws IOException, InvalidKeyException, IllegalBlockSizeException,
		BadPaddingException, DataLengthException, IllegalStateException, InvalidCipherTextException,
		NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidAlgorithmParameterException {

	long startTime = System.currentTimeMillis();

	Security.addProvider(new BouncyCastleProvider());

	// generate RSA keys
	RSAKeyPairGenerator gen = new RSAKeyPairGenerator();
	gen.init(new RSAKeyGenerationParameters(new BigInteger("10001", 16), new SecureRandom(), 2048, 80));
	AsymmetricCipherKeyPair keyPair = gen.generateKeyPair();

	// some data where first entry is 0
	byte[] data = { 10, 122, 12, 127, 35, 58, 87, 56, -6, 73, 10, -13, -78, 4, -122, -61 };

	// encrypt data asymmetrically
	AsymmetricBlockCipher cipher = new RSAEngine();
	cipher = new PKCS1Encoding(cipher);
	cipher.init(true, keyPair.getPublic());
	byte[] rsaEncryptedData = cipher.processBlock(data, 0, data.length);

	Assert.assertFalse(Arrays.equals(data, rsaEncryptedData));

	// decrypt data asymmetrically
	cipher.init(false, keyPair.getPrivate());
	byte[] dataBack = cipher.processBlock(rsaEncryptedData, 0, rsaEncryptedData.length);

	assertTrue(Arrays.equals(data, dataBack));

	long stopTime = System.currentTimeMillis();
	long elapsedTime = stopTime - startTime;
	logger.debug("elapsed time = {}", elapsedTime);
}
Example #3
Source File: P11ContentSigner.java    From xipki with Apache License 2.0 4 votes vote down vote up 
RSAPSS(P11CryptService cryptService, P11IdentityId identityId,
    AlgorithmIdentifier signatureAlgId, SecureRandom random)
    throws XiSecurityException, P11TokenException {
  super(cryptService, identityId, signatureAlgId);
  Args.notNull(random, "random");

  ASN1ObjectIdentifier sigOid = signatureAlgId.getAlgorithm();
  if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigOid)) {
    throw new XiSecurityException("unsupported signature algorithm "
        + signatureAlgId.getAlgorithm());
  }

  RSASSAPSSparams asn1Params = RSASSAPSSparams.getInstance(signatureAlgId.getParameters());
  ASN1ObjectIdentifier digestAlgOid = asn1Params.getHashAlgorithm().getAlgorithm();
  HashAlgo hashAlgo = HashAlgo.getInstance(digestAlgOid);
  if (hashAlgo == null) {
    throw new XiSecurityException("unsupported hash algorithm " + digestAlgOid.getId());
  }

  P11SlotIdentifier slotId = identityId.getSlotId();
  P11Slot slot = cryptService.getSlot(slotId);

  long mech = hashAlgMechMap.get(hashAlgo).longValue();
  if (slot.supportsMechanism(mech)) {
    this.mechanism = mech;
    this.parameters = new P11Params.P11RSAPkcsPssParams(asn1Params);
    this.outputStream = new ByteArrayOutputStream();
  } else if (slot.supportsMechanism(PKCS11Constants.CKM_RSA_PKCS_PSS)) {
    this.mechanism = PKCS11Constants.CKM_RSA_PKCS_PSS;
    this.parameters = new P11Params.P11RSAPkcsPssParams(asn1Params);
    this.outputStream = new DigestOutputStream(hashAlgo.createDigest());
  } else if (slot.supportsMechanism(PKCS11Constants.CKM_RSA_X_509)) {
    this.mechanism = PKCS11Constants.CKM_RSA_X_509;
    this.parameters = null;
    AsymmetricBlockCipher cipher = new P11PlainRSASigner();
    P11RSAKeyParameter keyParam;
    try {
      keyParam = P11RSAKeyParameter.getInstance(cryptService, identityId);
    } catch (InvalidKeyException ex) {
      throw new XiSecurityException(ex.getMessage(), ex);
    }
    PSSSigner pssSigner = SignerUtil.createPSSRSASigner(signatureAlgId, cipher);
    pssSigner.init(true, new ParametersWithRandom(keyParam, random));
    this.outputStream = new PSSSignerOutputStream(pssSigner);
  } else {
    throw new XiSecurityException("unsupported signature algorithm "
        + sigOid.getId() + " with " + hashAlgo);
  }
}