echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Crypto: Move I2PProvider initialization

Browse Source 
Add ElGamal SigAlgo type
This commit is contained in:
zzz
2016-01-28 14:57:07 +00:00
parent f200d5cb03
commit 3a72b0cc63
4 changed files with 64 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
core/java/src/net/i2p/crypto/KeyGenerator.java
View File

@ -34,6 +34,7 @@ import net.i2p.I2PAppContext;
import net.i2p.crypto.eddsa.EdDSAPrivateKey; import net.i2p.crypto.eddsa.EdDSAPrivateKey;
import net.i2p.crypto.eddsa.EdDSAPublicKey; import net.i2p.crypto.eddsa.EdDSAPublicKey;
import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec; import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec;
import net.i2p.crypto.provider.I2PProvider;
import net.i2p.data.Hash; import net.i2p.data.Hash;
import net.i2p.data.PrivateKey; import net.i2p.data.PrivateKey;
import net.i2p.data.PublicKey; import net.i2p.data.PublicKey;
@ -58,6 +59,10 @@ import net.i2p.util.RandomSource;
public final class KeyGenerator { public final class KeyGenerator {
private final I2PAppContext _context; private final I2PAppContext _context;
static {
I2PProvider.addProvider();
}
public KeyGenerator(I2PAppContext context) { public KeyGenerator(I2PAppContext context) {
_context = context; _context = context;
} }

31
core/java/src/net/i2p/crypto/KeyStoreUtil.java
View File

@ -9,7 +9,6 @@ import java.math.BigInteger;
import java.security.GeneralSecurityException; import java.security.GeneralSecurityException;
import java.security.KeyStore; import java.security.KeyStore;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate; import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException; import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException; import java.security.cert.CertificateNotYetValidException;
@ -43,11 +42,7 @@ public final class KeyStoreUtil {
private static final int DEFAULT_KEY_VALID_DAYS = 3652; // 10 years private static final int DEFAULT_KEY_VALID_DAYS = 3652; // 10 years
static { static {
try { I2PProvider.addProvider();
Security.addProvider(new I2PProvider());
} catch (SecurityException se) {
System.out.println("WARN: Could not install I2P provider: " + se);
}
} }
/** /**
@ -490,7 +485,7 @@ public final class KeyStoreUtil {
a.add("-sigalg"); a.add(getSigAlg(keySize, keyAlg)); a.add("-sigalg"); a.add(getSigAlg(keySize, keyAlg));
a.add("-keysize"); a.add(Integer.toString(keySize)); a.add("-keysize"); a.add(Integer.toString(keySize));
a.add("-keypass"); a.add(keyPW); a.add("-keypass"); a.add(keyPW);
if (keyAlg.equals("Ed") || keyAlg.equals("EdDSA")) { if (keyAlg.equals("Ed") || keyAlg.equals("EdDSA") || keyAlg.equals("ElGamal")) {
File f = I2PAppContext.getGlobalContext().getBaseDir(); File f = I2PAppContext.getGlobalContext().getBaseDir();
f = new File(f, "lib"); f = new File(f, "lib");
f = new File(f, "i2p.jar"); f = new File(f, "i2p.jar");
@ -838,13 +833,15 @@ public final class KeyStoreUtil {
String alias = args[2]; String alias = args[2];
String pw = args[3]; String pw = args[3];
boolean ok = createKeys(ksf, DEFAULT_KEYSTORE_PASSWORD, alias, "test cname", "test ou", boolean ok = createKeys(ksf, DEFAULT_KEYSTORE_PASSWORD, alias, "test cname", "test ou",
DEFAULT_KEY_VALID_DAYS, "EdDSA", 256, pw); //DEFAULT_KEY_VALID_DAYS, "EdDSA", 256, pw);
DEFAULT_KEY_VALID_DAYS, "ElGamal", 2048, pw);
System.out.println("genkey ok? " + ok); System.out.println("genkey ok? " + ok);
} }
private static void testKeygen2(String[] args) throws Exception { private static void testKeygen2(String[] args) throws Exception {
// keygen test using the I2PProvider // keygen test using the I2PProvider
SigType type = SigType.EdDSA_SHA512_Ed25519; //SigType type = SigType.EdDSA_SHA512_Ed25519;
SigType type = SigType.ElGamal_SHA256_MODP2048;
java.security.KeyPairGenerator kpg = java.security.KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName()); java.security.KeyPairGenerator kpg = java.security.KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName());
kpg.initialize(type.getParams()); kpg.initialize(type.getParams());
java.security.KeyPair kp = kpg.generateKeyPair(); java.security.KeyPair kp = kpg.generateKeyPair();
@ -856,10 +853,20 @@ public final class KeyStoreUtil {
System.out.println("Encoded public key:"); System.out.println("Encoded public key:");
System.out.println(net.i2p.util.HexDump.dump(jpub.getEncoded())); System.out.println(net.i2p.util.HexDump.dump(jpub.getEncoded()));
java.security.Signature jsig = java.security.Signature.getInstance("SHA512withEdDSA"); java.security.Signature jsig = java.security.Signature.getInstance(type.getAlgorithmName());
jsig.initSign(jpriv); jsig.initSign(jpriv);
jsig.update(new byte[111]); byte[] data = new byte[111];
net.i2p.data.Signature sig = SigUtil.fromJavaSig(jsig.sign(), type); net.i2p.util.RandomSource.getInstance().nextBytes(data);
jsig.update(data);
byte[] bsig = jsig.sign();
System.out.println("Encoded signature:");
System.out.println(net.i2p.util.HexDump.dump(bsig));
jsig.initVerify(jpub);
jsig.update(data);
boolean ok = jsig.verify(bsig);
System.out.println("verify passed? " + ok);
net.i2p.data.Signature sig = SigUtil.fromJavaSig(bsig, type);
System.out.println("Signature test: " + sig); System.out.println("Signature test: " + sig);
} }
****/ ****/

10
core/java/src/net/i2p/crypto/SigAlgo.java
View File

@ -10,7 +10,15 @@ public enum SigAlgo {
DSA("DSA"), DSA("DSA"),
EC("EC"), EC("EC"),
EdDSA("EdDSA"), EdDSA("EdDSA"),
RSA("RSA") /**
* For local use only, not for use in the network.
*/
RSA("RSA"),
/**
* For local use only, not for use in the network.
* @since 0.9.25
*/
ElGamal("ElGamal")
; ;
private final String name; private final String name;

31
core/java/src/net/i2p/crypto/provider/I2PProvider.java
View File

@ -3,6 +3,7 @@ package net.i2p.crypto.provider;
import java.security.AccessController; import java.security.AccessController;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
import java.security.Provider; import java.security.Provider;
import java.security.Security;
/** /**
* @since 0.9.15 * @since 0.9.15
@ -11,6 +12,7 @@ public final class I2PProvider extends Provider {
public static final String PROVIDER_NAME = "I2P"; public static final String PROVIDER_NAME = "I2P";
private static final String INFO = "I2P Security Provider v0.1, implementing" + private static final String INFO = "I2P Security Provider v0.1, implementing" +
"several algorithms used by I2P."; "several algorithms used by I2P.";
private static boolean _installed;
/** /**
* Construct a new provider. This should only be required when * Construct a new provider. This should only be required when
@ -78,4 +80,33 @@ public final class I2PProvider extends Provider {
put("Alg.Alias.Signature.1.3.14.7.2.1.1", "SHA256withElGamal"); put("Alg.Alias.Signature.1.3.14.7.2.1.1", "SHA256withElGamal");
put("Alg.Alias.Signature.OID.1.3.14.7.2.1.1", "SHA256withElGamal"); put("Alg.Alias.Signature.OID.1.3.14.7.2.1.1", "SHA256withElGamal");
} }
/**
* Install the I2PProvider.
* Harmless to call multiple times.
* @since 0.9.25
*/
public static void addProvider() {
synchronized(I2PProvider.class) {
if (!_installed) {
try {
Provider us = new I2PProvider();
// put ours ahead of BC, if installed, because our ElGamal
// implementation may not be fully compatible with BC
Provider[] provs = Security.getProviders();
for (int i = 0; i < provs.length; i++) {
if (provs[i].getName().equals("BC")) {
Security.insertProviderAt(us, i);
_installed = true;
return;
}
}
Security.addProvider(us);
_installed = true;
} catch (SecurityException se) {
System.out.println("WARN: Could not install I2P provider: " + se);
}
}
}
}
} }