Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.sshd.contrib.common.signature;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.interfaces.DSAKey;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.util.Arrays;
import org.apache.sshd.common.Factory;
import org.apache.sshd.common.random.Random;
import org.apache.sshd.common.signature.SignatureDSA;
import org.apache.sshd.common.util.ValidateUtils;
import org.apache.sshd.common.util.io.der.DERParser;
import org.apache.sshd.common.util.io.der.DERWriter;
/**
* A special signer for DSA that uses SHA-1 regardless of the key size
*
* @author Apache MINA SSHD Project
* @see SSHD-945 issue
*/
public class LegacyDSASigner extends java.security.Signature {
public static final String LEGACY_SIGNATURE = "LegacySHA1withDSA";
protected final MessageDigest md;
protected final Factory randomFactory;
protected BigInteger x;
protected BigInteger y;
protected DSAParams params;
public LegacyDSASigner(Factory randomFactory) throws GeneralSecurityException {
super(LEGACY_SIGNATURE);
this.randomFactory = randomFactory;
md = MessageDigest.getInstance("SHA-1");
}
@Override
@Deprecated
protected void engineSetParameter(String key, Object param) {
throw new InvalidParameterException("No parameter accepted");
}
@Override
@Deprecated
protected Object engineGetParameter(String key) {
return null;
}
protected void initDSAParameters(DSAKey key) throws InvalidKeyException {
params = key.getParams();
if (params == null) {
throw new InvalidKeyException("Missing DSA parameters in key");
}
md.reset();
}
@Override
protected void engineInitSign(PrivateKey key) throws InvalidKeyException {
if (!(key instanceof DSAPrivateKey)) {
throw new InvalidKeyException("Not a DSA private key");
}
DSAPrivateKey prvKey = (DSAPrivateKey) key;
initDSAParameters(prvKey);
x = prvKey.getX();
y = null;
}
@Override
protected byte[] engineSign() throws SignatureException {
try {
ValidateUtils.checkState(params != null, "Missing DSA parameters");
BigInteger q = params.getQ();
BigInteger k = generateK(q);
BigInteger r = generateR(params.getP(), q, params.getG(), k);
byte[] rEncoding;
try (DERWriter w = new DERWriter(SignatureDSA.MAX_SIGNATURE_VALUE_LENGTH + 4)) { // in case length > 0x7F
w.writeBigInteger(r);
rEncoding = w.toByteArray();
}
BigInteger s = generateS(x, q, r, k);
byte[] sEncoding;
try (DERWriter w = new DERWriter(SignatureDSA.MAX_SIGNATURE_VALUE_LENGTH + 4)) { // in case length > 0x7F
w.writeBigInteger(s);
sEncoding = w.toByteArray();
}
int length = rEncoding.length + sEncoding.length;
try (DERWriter w = new DERWriter(1 + length + 4)) { // in case length > 0x7F
w.write(0x30); // SEQUENCE
w.writeLength(length);
w.write(rEncoding);
w.write(sEncoding);
return w.toByteArray();
}
} catch (RuntimeException | IOException e) {
throw new SignatureException(e.getMessage(), e);
}
}
protected BigInteger generateK(BigInteger q) {
Random random;
if (appRandom == null) {
ValidateUtils.checkState(randomFactory != null, "No signing random factory provided");
random = randomFactory.create();
} else {
random = null;
}
byte[] kValue = new byte[q.bitLength() / Byte.SIZE];
while (true) {
if (random == null) {
appRandom.nextBytes(kValue);
} else {
random.fill(kValue);
}
BigInteger posK = new BigInteger(1, kValue);
BigInteger k = posK.mod(q);
if ((k.signum() > 0) && (k.compareTo(q) < 0)) {
return k;
}
}
}
protected BigInteger generateR(
BigInteger p, BigInteger q, BigInteger g, BigInteger k) {
BigInteger temp = g.modPow(k, p);
return temp.mod(q);
}
protected BigInteger generateS(
BigInteger x, BigInteger q, BigInteger r, BigInteger k) {
byte[] s2 = md.digest();
int nBytes = q.bitLength() / Byte.SIZE;
if (nBytes < s2.length) {
s2 = Arrays.copyOfRange(s2, 0, nBytes);
}
BigInteger z = new BigInteger(1, s2);
BigInteger k1 = k.modInverse(q);
BigInteger mul1 = x.multiply(r);
BigInteger withZ = mul1.add(z);
BigInteger mul2 = withZ.multiply(k1);
return mul2.mod(q);
}
@Override
protected void engineInitVerify(PublicKey key) throws InvalidKeyException {
if (!(key instanceof DSAPublicKey)) {
throw new InvalidKeyException("Not a DSA public key");
}
DSAPublicKey pubKey = (DSAPublicKey) key;
initDSAParameters(pubKey);
x = null;
y = pubKey.getY();
}
@Override
protected boolean engineVerify(byte[] signature)
throws SignatureException {
return engineVerify(signature, 0, signature.length);
}
@Override
protected boolean engineVerify(byte[] signature, int offset, int length)
throws SignatureException {
ValidateUtils.checkState(params != null, "Missing DSA parameters");
try {
BigInteger r;
BigInteger s;
try (DERParser parser = new DERParser(signature, offset, length)) {
int type = parser.read();
if (type != 0x30) {
throw new SignatureException(
"Invalid signature format - not a DER SEQUENCE: 0x" + Integer.toHexString(type));
}
// length of remaining encoding of the 2 integers
int remainLen = parser.readLength();
/*
* There are supposed to be 2 INTEGERs, each encoded with:
*
* - one byte representing the fact that it is an INTEGER - one byte of the integer encoding length - at
* least one byte of integer data (zero length is not an option)
*/
if (remainLen < (2 * 3)) {
throw new SignatureException("Invalid signature format - not enough encoded data length: " + remainLen);
}
r = parser.readBigInteger();
s = parser.readBigInteger();
} catch (IOException e) {
throw new SignatureException("Failed to parse DSA DER data", e);
}
/*
* Some implementations do not correctly encode values in the ASN.1 2's complement format - we need positive
* values for validation
*/
if (r.signum() < 0) {
r = new BigInteger(1, r.toByteArray());
}
if (s.signum() < 0) {
s = new BigInteger(1, s.toByteArray());
}
BigInteger q = params.getQ();
if ((r.compareTo(q) >= 0) || (s.compareTo(q) >= 0)) {
throw new IndexOutOfBoundsException("Out of range values in signature");
}
BigInteger p = params.getP();
BigInteger g = params.getG();
BigInteger w = generateW(p, q, g, s);
BigInteger v = generateV(y, p, q, g, w, r);
return v.equals(r);
} catch (RuntimeException e) {
throw new SignatureException(e.getMessage(), e);
}
}
protected BigInteger generateW(
BigInteger p, BigInteger q, BigInteger g, BigInteger s) {
return s.modInverse(q);
}
protected BigInteger generateV(
BigInteger y, BigInteger p, BigInteger q, BigInteger g, BigInteger w, BigInteger r) {
byte[] s2 = md.digest();
int nBytes = q.bitLength() / Byte.SIZE;
if (nBytes < s2.length) {
s2 = Arrays.copyOfRange(s2, 0, nBytes);
}
BigInteger z = new BigInteger(1, s2);
BigInteger u1 = z.multiply(w).mod(q);
BigInteger mul = r.multiply(w);
BigInteger u2 = mul.mod(q);
BigInteger t1 = g.modPow(u1, p);
BigInteger t2 = y.modPow(u2, p);
BigInteger t3 = t1.multiply(t2);
BigInteger t5 = t3.mod(p);
return t5.mod(q);
}
@Override
protected void engineUpdate(byte b) {
md.update(b);
}
@Override
protected void engineUpdate(byte[] data, int off, int len) {
md.update(data, off, len);
}
@Override
protected void engineUpdate(ByteBuffer b) {
md.update(b);
}
}
