zzz/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Generalized to support any EdDSA parameter spec

Browse Source
This commit is contained in:
str4d
2014-04-26 11:59:16 +00:00
parent ce397f5858
commit 02c0ddb3d3
2 changed files with 37 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
core/java/src/net/i2p/crypto/DSAEngine.java
View File

@@ -506,8 +506,8 @@ public class DSAEngine {
return altVerifySigSHA1(signature, data, offset, len, verifyingKey); return altVerifySigSHA1(signature, data, offset, len, verifyingKey);
java.security.Signature jsig; java.security.Signature jsig;
if (type == SigType.EdDSA_SHA512_25519) if (type.getBaseAlgorithm() == SigAlgo.EdDSA)
jsig = new net.i2p.crypto.eddsa.EdDSAEngine(java.security.MessageDigest.getInstance("SHA-512")); jsig = new net.i2p.crypto.eddsa.EdDSAEngine(type.getDigestInstance());
else else
jsig = java.security.Signature.getInstance(type.getAlgorithmName()); jsig = java.security.Signature.getInstance(type.getAlgorithmName());
PublicKey pubKey = SigUtil.toJavaKey(verifyingKey); PublicKey pubKey = SigUtil.toJavaKey(verifyingKey);
@@ -587,8 +587,8 @@ public class DSAEngine {
return altSignSHA1(data, offset, len, privateKey); return altSignSHA1(data, offset, len, privateKey);
java.security.Signature jsig; java.security.Signature jsig;
if (type == SigType.EdDSA_SHA512_25519) if (type.getBaseAlgorithm() == SigAlgo.EdDSA)
jsig = new net.i2p.crypto.eddsa.EdDSAEngine(java.security.MessageDigest.getInstance("SHA-512")); jsig = new net.i2p.crypto.eddsa.EdDSAEngine(type.getDigestInstance());
else else
jsig = java.security.Signature.getInstance(type.getAlgorithmName()); jsig = java.security.Signature.getInstance(type.getAlgorithmName());
PrivateKey privKey = SigUtil.toJavaKey(privateKey); PrivateKey privKey = SigUtil.toJavaKey(privateKey);

64
core/java/src/net/i2p/crypto/KeyGenerator.java
View File

@@ -217,45 +217,47 @@ public class KeyGenerator {
if (type == SigType.DSA_SHA1) if (type == SigType.DSA_SHA1)
return generateSigningKeys(); return generateSigningKeys();
KeyPair kp; KeyPair kp;
if (type == SigType.EdDSA_SHA512_25519) { if (type.getBaseAlgorithm() == SigAlgo.EdDSA) {
kp = new net.i2p.crypto.eddsa.KeyPairGenerator().generateKeyPair(); net.i2p.crypto.eddsa.KeyPairGenerator kpg = new net.i2p.crypto.eddsa.KeyPairGenerator();
} else {
KeyPairGenerator kpg = KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName());
try {
kpg.initialize(type.getParams(), _context.random()); kpg.initialize(type.getParams(), _context.random());
kp = kpg.generateKeyPair(); kp = kpg.generateKeyPair();
} catch (ProviderException pe) { } else {
// java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID KeyPairGenerator kpg = KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName());
// This is a RuntimeException, thx Sun
// Fails for P-192 only, on Ubuntu
Log log = _context.logManager().getLog(KeyGenerator.class);
String pname = kpg.getProvider().getName();
if ("BC".equals(pname)) {
if (log.shouldLog(Log.WARN))
log.warn("BC KPG failed for " + type, pe);
throw new GeneralSecurityException("BC KPG for " + type, pe);
}
if (!ECConstants.isBCAvailable())
throw new GeneralSecurityException(pname + " KPG failed for " + type, pe);
if (log.shouldLog(Log.WARN))
log.warn(pname + " KPG failed for " + type + ", trying BC" /* , pe */ );
try { try {
kpg = KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName(), "BC");
kpg.initialize(type.getParams(), _context.random()); kpg.initialize(type.getParams(), _context.random());
kp = kpg.generateKeyPair(); kp = kpg.generateKeyPair();
} catch (ProviderException pe2) { } catch (ProviderException pe) {
// java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID
// This is a RuntimeException, thx Sun
// Fails for P-192 only, on Ubuntu
Log log = _context.logManager().getLog(KeyGenerator.class);
String pname = kpg.getProvider().getName();
if ("BC".equals(pname)) {
if (log.shouldLog(Log.WARN))
log.warn("BC KPG failed for " + type, pe);
throw new GeneralSecurityException("BC KPG for " + type, pe);
}
if (!ECConstants.isBCAvailable())
throw new GeneralSecurityException(pname + " KPG failed for " + type, pe);
if (log.shouldLog(Log.WARN)) if (log.shouldLog(Log.WARN))
log.warn("BC KPG failed for " + type + " also", pe2); log.warn(pname + " KPG failed for " + type + ", trying BC" /* , pe */ );
// throw original exception try {
throw new GeneralSecurityException(pname + " KPG for " + type, pe); kpg = KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName(), "BC");
} catch (GeneralSecurityException gse) { kpg.initialize(type.getParams(), _context.random());
if (log.shouldLog(Log.WARN)) kp = kpg.generateKeyPair();
log.warn("BC KPG failed for " + type + " also", gse); } catch (ProviderException pe2) {
// throw original exception if (log.shouldLog(Log.WARN))
throw new GeneralSecurityException(pname + " KPG for " + type, pe); log.warn("BC KPG failed for " + type + " also", pe2);
// throw original exception
throw new GeneralSecurityException(pname + " KPG for " + type, pe);
} catch (GeneralSecurityException gse) {
if (log.shouldLog(Log.WARN))
log.warn("BC KPG failed for " + type + " also", gse);
// throw original exception
throw new GeneralSecurityException(pname + " KPG for " + type, pe);
}
} }
} }
}
java.security.PublicKey pubkey = kp.getPublic(); java.security.PublicKey pubkey = kp.getPublic();
java.security.PrivateKey privkey = kp.getPrivate(); java.security.PrivateKey privkey = kp.getPrivate();
SimpleDataStructure[] keys = new SimpleDataStructure[2]; SimpleDataStructure[] keys = new SimpleDataStructure[2];