Java Code Examples for org.bouncycastle.crypto.signers.ECDSASigner#generateSignature()

The following examples show how to use org.bouncycastle.crypto.signers.ECDSASigner#generateSignature() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: BouncyCastleCrypto.java    From fabric-api-archive with Apache License 2.0 6 votes vote down vote up
@Override
public byte[] sign(byte[] hash, byte[] privateKey) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    signer.init(true, new ECPrivateKeyParameters(new BigInteger(privateKey), domain));
    BigInteger[] signature = signer.generateSignature(hash);
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    try {
        DERSequenceGenerator seq = new DERSequenceGenerator(baos);
        seq.addObject(new ASN1Integer(signature[0]));
        seq.addObject(new ASN1Integer(toCanonicalS(signature[1])));
        seq.close();
        return baos.toByteArray();
    } catch (IOException e) {
        return new byte[0];
    }
}
 
Example 2
Source File: BouncyCastleCrypto.java    From fabric-api with Apache License 2.0 6 votes vote down vote up
@Override
public byte[] sign(byte[] hash, byte[] privateKey) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    signer.init(true, new ECPrivateKeyParameters(new BigInteger(privateKey), domain));
    BigInteger[] signature = signer.generateSignature(hash);
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    try {
        DERSequenceGenerator seq = new DERSequenceGenerator(baos);
        seq.addObject(new ASN1Integer(signature[0]));
        seq.addObject(new ASN1Integer(toCanonicalS(signature[1])));
        seq.close();
        return baos.toByteArray();
    } catch (IOException e) {
        return new byte[0];
    }
}
 
Example 3
Source File: ECKeyPair.java    From bop-bitcoin-client with Apache License 2.0 6 votes vote down vote up
@Override
public byte[] sign (byte[] hash) throws ValidationException
{
	if ( priv == null )
	{
		throw new ValidationException ("Need private key to sign");
	}
	ECDSASigner signer = new ECDSASigner (new HMacDSAKCalculator (new SHA256Digest ()));
	signer.init (true, new ECPrivateKeyParameters (priv, domain));
	BigInteger[] signature = signer.generateSignature (hash);
	ByteArrayOutputStream s = new ByteArrayOutputStream ();
	try
	{
		DERSequenceGenerator seq = new DERSequenceGenerator (s);
		seq.addObject (new ASN1Integer (signature[0]));
		seq.addObject (new ASN1Integer (signature[1]));
		seq.close ();
		return s.toByteArray ();
	}
	catch ( IOException e )
	{
	}
	return null;
}
 
Example 4
Source File: ECKeyPair.java    From WalletCordova with GNU Lesser General Public License v2.1 6 votes vote down vote up
@Override
public byte[] sign (byte[] hash) throws ValidationException
{
	if ( priv == null )
	{
		throw new ValidationException ("Need private key to sign");
	}
	ECDSASigner signer = new ECDSASigner (new HMacDSAKCalculator (new SHA256Digest ()));
	signer.init (true, new ECPrivateKeyParameters (priv, domain));
	BigInteger[] signature = signer.generateSignature (hash);
	ByteArrayOutputStream s = new ByteArrayOutputStream ();
	try
	{
		DERSequenceGenerator seq = new DERSequenceGenerator (s);
		seq.addObject (new ASN1Integer (signature[0]));
		seq.addObject (new ASN1Integer (signature[1]));
		seq.close ();
		return s.toByteArray ();
	}
	catch ( IOException e )
	{
	}
	return null;
}
 
Example 5
Source File: SECP256K1.java    From besu with Apache License 2.0 5 votes vote down vote up
private static Signature signDefault(final Bytes32 dataHash, final KeyPair keyPair) {
  final ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

  final ECPrivateKeyParameters privKey =
      new ECPrivateKeyParameters(
          keyPair.getPrivateKey().getEncodedBytes().toUnsignedBigInteger(), CURVE);
  signer.init(true, privKey);

  final BigInteger[] components = signer.generateSignature(dataHash.toArrayUnsafe());

  return normaliseSignature(components[0], components[1], keyPair.getPublicKey(), dataHash);
}
 
Example 6
Source File: ECKeyPair.java    From client-sdk-java with Apache License 2.0 5 votes vote down vote up
/**
 * Sign a hash with the private key of this key pair.
 * @param transactionHash   the hash to sign
 * @return  An {@link ECDSASignature} of the hash
 */
public ECDSASignature sign(byte[] transactionHash) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(transactionHash);

    return new ECDSASignature(components[0], components[1]).toCanonicalised();
}
 
Example 7
Source File: ECKeyPair.java    From etherscan-explorer with GNU General Public License v3.0 5 votes vote down vote up
/**
 * Sign a hash with the private key of this key pair.
 * @param transactionHash   the hash to sign
 * @return  An {@link ECDSASignature} of the hash
 */
public ECDSASignature sign(byte[] transactionHash) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(transactionHash);

    return new ECDSASignature(components[0], components[1]).toCanonicalised();
}
 
Example 8
Source File: ECKey.java    From nuls-v2 with MIT License 5 votes vote down vote up
/**
 * 用私钥对数据进行签名
 *
 * @param input                需签名数据
 * @param privateKeyForSigning 私钥
 * @return byte[] 签名
 */
protected byte[] doSign(byte[] input, BigInteger privateKeyForSigning) {
    HexUtil.checkNotNull(privateKeyForSigning);
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKeyForSigning, CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(input);
    return new ECDSASignature(components[0], components[1]).toCanonicalised().encodeToDER();
}
 
Example 9
Source File: K256KeyPair.java    From jingtum-lib-java with MIT License 5 votes vote down vote up
private static ECDSASignature createECDSASignature(byte[] hash, BigInteger secret) {
	ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
	ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(secret, SECP256K1.params());
	signer.init(true, privKey);
	BigInteger[] sigs = signer.generateSignature(hash);
	BigInteger r = sigs[0], s = sigs[1];
	BigInteger otherS = SECP256K1.order().subtract(s);
	if (s.compareTo(otherS) == 1) {
		s = otherS;
	}
	return new ECDSASignature(r, s);
}
 
Example 10
Source File: ECKeyPair.java    From web3sdk with Apache License 2.0 5 votes vote down vote up
/**
 * Sign a hash with the private key of this key pair.
 *
 * @param hash the hash to sign
 * @return An {@link ECDSASignature} of the hash
 */
public ECDSASignature sign(byte[] hash) {

    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(hash);

    return new ECDSASignature(components[0], components[1]).toCanonicalised();
}
 
Example 11
Source File: ECKeyPair.java    From web3j with Apache License 2.0 5 votes vote down vote up
/**
 * Sign a hash with the private key of this key pair.
 *
 * @param transactionHash the hash to sign
 * @return An {@link ECDSASignature} of the hash
 */
public ECDSASignature sign(byte[] transactionHash) {
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

    ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(privateKey, Sign.CURVE);
    signer.init(true, privKey);
    BigInteger[] components = signer.generateSignature(transactionHash);

    return new ECDSASignature(components[0], components[1]).toCanonicalised();
}
 
Example 12
Source File: NamedCurve.java    From UAF with Apache License 2.0 5 votes vote down vote up
/**
 * UAF_ALG_SIGN_SECP256R1_ECDSA_SHA256_RAW 0x01 An ECDSA signature on the
 * NIST secp256r1 curve which MUST have raw R and S buffers, encoded in
 * big-endian order. I.e. [R (32 bytes), S (32 bytes)]
 * 
 * @param priv
 *            - Private key
 * @param input
 *            - Data to sign
 * @return BigInteger[] - [R,S]
 */
public static BigInteger[] signAndFromatToRS(PrivateKey priv, byte[] input) {
	X9ECParameters params = SECNamedCurves.getByName("secp256r1");
	ECDomainParameters ecParams = new ECDomainParameters(params.getCurve(),
			params.getG(), params.getN(), params.getH());
	if (priv == null)
		throw new IllegalStateException(
				"This ECKey does not have the private key necessary for signing.");
	ECDSASigner signer = new ECDSASigner();
	ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(
			((ECPrivateKey) priv).getS(), ecParams);
	signer.init(true, privKey);
	BigInteger[] sigs = signer.generateSignature(input);
	return sigs;
}
 
Example 13
Source File: ECKey.java    From bushido-java-core with GNU General Public License v3.0 5 votes vote down vote up
public byte[] sign(byte[] message) throws Exception
{
    if (priv == null) {
        throw new Exception("Unable to sign");
    }
    ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
    signer.init(true, new ECPrivateKeyParameters(priv, params));
    BigInteger[] signature = signer.generateSignature(message);
    ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
    DERSequenceGenerator seqGen = new DERSequenceGenerator(outputStream);
    seqGen.addObject(new ASN1Integer(signature[0]));
    seqGen.addObject(new ASN1Integer(signature[1]));
    seqGen.close();
    return outputStream.toByteArray();
}
 
Example 14
Source File: SECP256K1.java    From incubator-tuweni with Apache License 2.0 4 votes vote down vote up
/**
 * Generates an ECDSA signature.
 *
 * @param hash The keccak256 hash of the data to sign.
 * @param keyPair The keypair to sign using.
 * @return The signature.
 */
public static Signature signHashed(Bytes32 hash, KeyPair keyPair) {
  ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

  ECPrivateKeyParameters privKey =
      new ECPrivateKeyParameters(keyPair.secretKey().bytes().toUnsignedBigInteger(), Parameters.CURVE);
  signer.init(true, privKey);

  BigInteger[] components = signer.generateSignature(hash.toArrayUnsafe());
  BigInteger r = components[0];
  BigInteger s = components[1];

  // Automatically adjust the S component to be less than or equal to half the curve
  // order, if necessary. This is required because for every signature (r,s) the signature
  // (r, -s (mod N)) is a valid signature of the same message. However, we dislike the
  // ability to modify the bits of a Bitcoin transaction after it's been signed, as that
  // violates various assumed invariants. Thus in future only one of those forms will be
  // considered legal and the other will be banned.
  if (s.compareTo(Parameters.HALF_CURVE_ORDER) > 0) {
    // The order of the curve is the number of valid points that exist on that curve.
    // If S is in the upper half of the number of valid points, then bring it back to
    // the lower half. Otherwise, imagine that:
    //   N = 10
    //   s = 8, so (-8 % 10 == 2) thus both (r, 8) and (r, 2) are valid solutions.
    //   10 - 8 == 2, giving us always the latter solution, which is canonical.
    s = Parameters.CURVE_ORDER.subtract(s);
  }

  // Now we have to work backwards to figure out the recovery id needed to recover the signature.
  // On this curve, there are only two possible values for the recovery id.
  int recId = -1;
  BigInteger publicKeyBI = keyPair.publicKey().bytes().toUnsignedBigInteger();
  for (int i = 0; i < 2; i++) {
    BigInteger k = recoverFromSignature(i, r, s, hash);
    if (k != null && k.equals(publicKeyBI)) {
      recId = i;
      break;
    }
  }
  if (recId == -1) {
    // this should never happen
    throw new RuntimeException("Unexpected error - could not construct a recoverable key.");
  }

  byte v = (byte) recId;
  return new Signature(v, r, s);
}
 
Example 15
Source File: SECP256K1.java    From cava with Apache License 2.0 4 votes vote down vote up
/**
 * Generates an ECDSA signature.
 *
 * @param hash The keccak256 hash of the data to sign.
 * @param keyPair The keypair to sign using.
 * @return The signature.
 */
public static Signature signHashed(Bytes32 hash, KeyPair keyPair) {
  ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));

  ECPrivateKeyParameters privKey =
      new ECPrivateKeyParameters(keyPair.secretKey().bytes().toUnsignedBigInteger(), Parameters.CURVE);
  signer.init(true, privKey);

  BigInteger[] components = signer.generateSignature(hash.toArrayUnsafe());
  BigInteger r = components[0];
  BigInteger s = components[1];

  // Automatically adjust the S component to be less than or equal to half the curve
  // order, if necessary. This is required because for every signature (r,s) the signature
  // (r, -s (mod N)) is a valid signature of the same message. However, we dislike the
  // ability to modify the bits of a Bitcoin transaction after it's been signed, as that
  // violates various assumed invariants. Thus in future only one of those forms will be
  // considered legal and the other will be banned.
  if (s.compareTo(Parameters.HALF_CURVE_ORDER) > 0) {
    // The order of the curve is the number of valid points that exist on that curve.
    // If S is in the upper half of the number of valid points, then bring it back to
    // the lower half. Otherwise, imagine that:
    //   N = 10
    //   s = 8, so (-8 % 10 == 2) thus both (r, 8) and (r, 2) are valid solutions.
    //   10 - 8 == 2, giving us always the latter solution, which is canonical.
    s = Parameters.CURVE_ORDER.subtract(s);
  }

  // Now we have to work backwards to figure out the recovery id needed to recover the signature.
  // On this curve, there are only two possible values for the recovery id.
  int recId = -1;
  BigInteger publicKeyBI = keyPair.publicKey().bytes().toUnsignedBigInteger();
  for (int i = 0; i < 2; i++) {
    BigInteger k = recoverFromSignature(i, r, s, hash);
    if (k != null && k.equals(publicKeyBI)) {
      recId = i;
      break;
    }
  }
  if (recId == -1) {
    // this should never happen
    throw new RuntimeException("Unexpected error - could not construct a recoverable key.");
  }

  byte v = (byte) recId;
  return new Signature(v, r, s);
}