org.bouncycastle.crypto.signers.HMacDSAKCalculator Java Examples

The following examples show how to use org.bouncycastle.crypto.signers.HMacDSAKCalculator. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ECKeyPair.java    From WalletCordova with GNU Lesser General Public License v2.1 6 votes vote down vote up 
@Override
public byte[] sign (byte[] hash) throws ValidationException
{
	if ( priv == null )
	{
		throw new ValidationException ("Need private key to sign");
	}
	ECDSASigner signer = new ECDSASigner (new HMacDSAKCalculator (new SHA256Digest ()));
	signer.init (true, new ECPrivateKeyParameters (priv, domain));
	BigInteger[] signature = signer.generateSignature (hash);
	ByteArrayOutputStream s = new ByteArrayOutputStream ();
	try
	{
		DERSequenceGenerator seq = new DERSequenceGenerator (s);
		seq.addObject (new ASN1Integer (signature[0]));
		seq.addObject (new ASN1Integer (signature[1]));
		seq.close ();
		return s.toByteArray ();
	}
	catch ( IOException e )
	{
	}
	return null;
}
Example #2
Source File: ECKeyPair.java    From bop-bitcoin-client with Apache License 2.0 6 votes vote down vote up 
@Override
public byte[] sign (byte[] hash) throws ValidationException
{
	if ( priv == null )
	{
		throw new ValidationException ("Need private key to sign");
	}
	ECDSASigner signer = new ECDSASigner (new HMacDSAKCalculator (new SHA256Digest ()));
	signer.init (true, new ECPrivateKeyParameters (priv, domain));
	BigInteger[] signature = signer.generateSignature (hash);
	ByteArrayOutputStream s = new ByteArrayOutputStream ();
	try
	{
		DERSequenceGenerator seq = new DERSequenceGenerator (s);
		seq.addObject (new ASN1Integer (signature[0]));
		seq.addObject (new ASN1Integer (signature[1]));
		seq.close ();
		return s.toByteArray ();
	}
	catch ( IOException e )
	{
	}
	return null;
}
Example #3
Source File: BouncyCastleCrypto.java    From fabric-api with Apache License 2.0 6 votes vote down vote up 
@Override
public byte[] sign(byte[] hash, byte[] privateKey) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    signer.init(true, new ECPrivateKeyParameters(new BigInteger(privateKey), domain));
    BigInteger[] signature = signer.generateSignature(hash);
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    try {
        DERSequenceGenerator seq = new DERSequenceGenerator(baos);
        seq.addObject(new ASN1Integer(signature[0]));
        seq.addObject(new ASN1Integer(toCanonicalS(signature[1])));
        seq.close();
        return baos.toByteArray();
    } catch (IOException e) {
        return new byte[0];
    }
}
Example #4
Source File: BouncyCastleCrypto.java    From fabric-api-archive with Apache License 2.0 6 votes vote down vote up 
@Override
public byte[] sign(byte[] hash, byte[] privateKey) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    signer.init(true, new ECPrivateKeyParameters(new BigInteger(privateKey), domain));
    BigInteger[] signature = signer.generateSignature(hash);
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    try {
        DERSequenceGenerator seq = new DERSequenceGenerator(baos);
        seq.addObject(new ASN1Integer(signature[0]));
        seq.addObject(new ASN1Integer(toCanonicalS(signature[1])));
        seq.close();
        return baos.toByteArray();
    } catch (IOException e) {
        return new byte[0];
    }
}
Example #5
Source File: Signature.java    From evt4j with MIT License 6 votes vote down vote up 
public static Signature signHash(byte[] hash, @NotNull PrivateKey key) {
    checkHashLength(hash);

    // init deterministic k calculator
    Signer signer = new Signer(new HMacDSAKCalculator(new SHA256Digest()));
    ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(key.getD(), ECKey.CURVE);

    signer.init(true, privateKeyParameters);
    BigInteger[] components = signer.generateSignature(hash);

    Signature sig = new Signature(components[0], components[1]).toCanonicalised();

    // find the recId and store in signature for public key recover later
    PublicKey publicKey = key.toPublicKey();
    int recId = getRecId(sig, hash, publicKey);

    if (recId == -1) {
        throw new RecoverIDNotFoundException();
    }

    sig.setRecId(recId);

    return sig;
}
Example #6
Source File: K256KeyPair.java    From jingtum-lib-java with MIT License 5 votes vote down vote up 
private static ECDSASignature createECDSASignature(byte[] hash, BigInteger secret) {
	ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
	ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(secret, SECP256K1.params());
	signer.init(true, privKey);
	BigInteger[] sigs = signer.generateSignature(hash);
	BigInteger r = sigs[0], s = sigs[1];
	BigInteger otherS = SECP256K1.order().subtract(s);
	if (s.compareTo(otherS) == 1) {
		s = otherS;
	}
	return new ECDSASignature(r, s);
}
Example #7
Source File: ECKey.java    From bushido-java-core with GNU General Public License v3.0 5 votes vote down vote up 
public byte[] sign(byte[] message) throws Exception
{
    if (priv == null) {
        throw new Exception("Unable to sign");
    }
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    signer.init(true, new ECPrivateKeyParameters(priv, params));
    BigInteger[] signature = signer.generateSignature(message);
    ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
    DERSequenceGenerator seqGen = new DERSequenceGenerator(outputStream);
    seqGen.addObject(new ASN1Integer(signature[0]));
    seqGen.addObject(new ASN1Integer(signature[1]));
    seqGen.close();
    return outputStream.toByteArray();
}
Example #8
Source File: ECKeyPair.java    From web3j with Apache License 2.0 5 votes vote down vote up 
/**
 * Sign a hash with the private key of this key pair.
 *
 * @param transactionHash the hash to sign
 * @return An {@link ECDSASignature} of the hash
 */
public ECDSASignature sign(byte[] transactionHash) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(transactionHash);

    return new ECDSASignature(components[0], components[1]).toCanonicalised();
}
Example #9
Source File: ECKeyPair.java    From web3sdk with Apache License 2.0 5 votes vote down vote up 
/**
 * Sign a hash with the private key of this key pair.
 *
 * @param hash the hash to sign
 * @return An {@link ECDSASignature} of the hash
 */
public ECDSASignature sign(byte[] hash) {

    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(hash);

    return new ECDSASignature(components[0], components[1]).toCanonicalised();
}
Example #10
Source File: ECDSASign.java    From web3sdk with Apache License 2.0 5 votes vote down vote up 
public static ECDSASignature sign(byte[] transactionHash, BigInteger privateKey) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, CURVE);
    signer.init(true, privKey);
    Object[] components = signer.generateSignature2(transactionHash);
    return new ECDSASignature(
            (BigInteger) components[0], (BigInteger) components[1], (ECPoint) components[2]);
}
Example #11
Source File: ECKey.java    From nuls-v2 with MIT License 5 votes vote down vote up 
/**
 * 用私钥对数据进行签名
 *
 * @param input                需签名数据
 * @param privateKeyForSigning 私钥
 * @return byte[] 签名
 */
protected byte[] doSign(byte[] input, BigInteger privateKeyForSigning) {
    HexUtil.checkNotNull(privateKeyForSigning);
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKeyForSigning, CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(input);
    return new ECDSASignature(components[0], components[1]).toCanonicalised().encodeToDER();
}
Example #12
Source File: ECKeyPair.java    From etherscan-explorer with GNU General Public License v3.0 5 votes vote down vote up 
/**
 * Sign a hash with the private key of this key pair.
 * @param transactionHash   the hash to sign
 * @return  An {@link ECDSASignature} of the hash
 */
public ECDSASignature sign(byte[] transactionHash) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(transactionHash);

    return new ECDSASignature(components[0], components[1]).toCanonicalised();
}
Example #13
Source File: ECKeyPair.java    From client-sdk-java with Apache License 2.0 5 votes vote down vote up 
/**
 * Sign a hash with the private key of this key pair.
 * @param transactionHash   the hash to sign
 * @return  An {@link ECDSASignature} of the hash
 */
public ECDSASignature sign(byte[] transactionHash) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(transactionHash);

    return new ECDSASignature(components[0], components[1]).toCanonicalised();
}
Example #14
Source File: SECP256K1.java    From besu with Apache License 2.0 5 votes vote down vote up 
private static Signature signDefault(final Bytes32 dataHash, final KeyPair keyPair) {
  final ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

  final ECPrivateKeyParameters privKey =
      new ECPrivateKeyParameters(
          keyPair.getPrivateKey().getEncodedBytes().toUnsignedBigInteger(), CURVE);
  signer.init(true, privKey);

  final BigInteger[] components = signer.generateSignature(dataHash.toArrayUnsafe());

  return normaliseSignature(components[0], components[1], keyPair.getPublicKey(), dataHash);
}
Example #15
Source File: SECP256K1.java    From incubator-tuweni with Apache License 2.0 4 votes vote down vote up 
/**
 * Generates an ECDSA signature.
 *
 * @param hash The keccak256 hash of the data to sign.
 * @param keyPair The keypair to sign using.
 * @return The signature.
 */
public static Signature signHashed(Bytes32 hash, KeyPair keyPair) {
  ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

  ECPrivateKeyParameters privKey =
      new ECPrivateKeyParameters(keyPair.secretKey().bytes().toUnsignedBigInteger(), Parameters.CURVE);
  signer.init(true, privKey);

  BigInteger[] components = signer.generateSignature(hash.toArrayUnsafe());
  BigInteger r = components[0];
  BigInteger s = components[1];

  // Automatically adjust the S component to be less than or equal to half the curve
  // order, if necessary. This is required because for every signature (r,s) the signature
  // (r, -s (mod N)) is a valid signature of the same message. However, we dislike the
  // ability to modify the bits of a Bitcoin transaction after it's been signed, as that
  // violates various assumed invariants. Thus in future only one of those forms will be
  // considered legal and the other will be banned.
  if (s.compareTo(Parameters.HALF_CURVE_ORDER) > 0) {
    // The order of the curve is the number of valid points that exist on that curve.
    // If S is in the upper half of the number of valid points, then bring it back to
    // the lower half. Otherwise, imagine that:
    //   N = 10
    //   s = 8, so (-8 % 10 == 2) thus both (r, 8) and (r, 2) are valid solutions.
    //   10 - 8 == 2, giving us always the latter solution, which is canonical.
    s = Parameters.CURVE_ORDER.subtract(s);
  }

  // Now we have to work backwards to figure out the recovery id needed to recover the signature.
  // On this curve, there are only two possible values for the recovery id.
  int recId = -1;
  BigInteger publicKeyBI = keyPair.publicKey().bytes().toUnsignedBigInteger();
  for (int i = 0; i < 2; i++) {
    BigInteger k = recoverFromSignature(i, r, s, hash);
    if (k != null && k.equals(publicKeyBI)) {
      recId = i;
      break;
    }
  }
  if (recId == -1) {
    // this should never happen
    throw new RuntimeException("Unexpected error - could not construct a recoverable key.");
  }

  byte v = (byte) recId;
  return new Signature(v, r, s);
}
Example #16
Source File: SECP256K1.java    From cava with Apache License 2.0 4 votes vote down vote up 
/**
 * Generates an ECDSA signature.
 *
 * @param hash The keccak256 hash of the data to sign.
 * @param keyPair The keypair to sign using.
 * @return The signature.
 */
public static Signature signHashed(Bytes32 hash, KeyPair keyPair) {
  ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

  ECPrivateKeyParameters privKey =
      new ECPrivateKeyParameters(keyPair.secretKey().bytes().toUnsignedBigInteger(), Parameters.CURVE);
  signer.init(true, privKey);

  BigInteger[] components = signer.generateSignature(hash.toArrayUnsafe());
  BigInteger r = components[0];
  BigInteger s = components[1];

  // Automatically adjust the S component to be less than or equal to half the curve
  // order, if necessary. This is required because for every signature (r,s) the signature
  // (r, -s (mod N)) is a valid signature of the same message. However, we dislike the
  // ability to modify the bits of a Bitcoin transaction after it's been signed, as that
  // violates various assumed invariants. Thus in future only one of those forms will be
  // considered legal and the other will be banned.
  if (s.compareTo(Parameters.HALF_CURVE_ORDER) > 0) {
    // The order of the curve is the number of valid points that exist on that curve.
    // If S is in the upper half of the number of valid points, then bring it back to
    // the lower half. Otherwise, imagine that:
    //   N = 10
    //   s = 8, so (-8 % 10 == 2) thus both (r, 8) and (r, 2) are valid solutions.
    //   10 - 8 == 2, giving us always the latter solution, which is canonical.
    s = Parameters.CURVE_ORDER.subtract(s);
  }

  // Now we have to work backwards to figure out the recovery id needed to recover the signature.
  // On this curve, there are only two possible values for the recovery id.
  int recId = -1;
  BigInteger publicKeyBI = keyPair.publicKey().bytes().toUnsignedBigInteger();
  for (int i = 0; i < 2; i++) {
    BigInteger k = recoverFromSignature(i, r, s, hash);
    if (k != null && k.equals(publicKeyBI)) {
      recId = i;
      break;
    }
  }
  if (recId == -1) {
    // this should never happen
    throw new RuntimeException("Unexpected error - could not construct a recoverable key.");
  }

  byte v = (byte) recId;
  return new Signature(v, r, s);
}
Example #17
Source File: Signature.java    From evt4j with MIT License 3 votes vote down vote up 
public static boolean verifyHash(byte[] hash, @NotNull Signature signature, @NotNull PublicKey publicKey) {
    checkHashLength(hash);

    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPublicKeyParameters publicKeyParams = new ECPublicKeyParameters(publicKey.getPoint().get(), // ECPoint
            ECKey.CURVE);

    signer.init(false, publicKeyParams);

    return signer.verifySignature(hash, signature.getR(), signature.getS());
}