// // Decompiled by Procyon v0.6.0 // package com.google.crypto.tink.signature.internal; import java.security.spec.EllipticCurve; import com.google.crypto.tink.subtle.Bytes; import java.security.PrivateKey; import java.security.Signature; import com.google.crypto.tink.AccessesPartialKey; import java.security.spec.ECParameterSpec; import com.google.crypto.tink.signature.EcdsaParameters; import java.security.spec.KeySpec; import com.google.crypto.tink.subtle.EngineFactory; import java.security.KeyFactory; import java.security.spec.ECPrivateKeySpec; import com.google.crypto.tink.InsecureSecretKeyAccess; import com.google.crypto.tink.signature.EcdsaPrivateKey; import com.google.crypto.tink.internal.ConscryptUtil; import com.google.crypto.tink.subtle.SubtleUtil; import java.security.GeneralSecurityException; import com.google.crypto.tink.subtle.Enums; import javax.annotation.Nullable; import java.security.Provider; import com.google.crypto.tink.subtle.EllipticCurves; import java.security.interfaces.ECPrivateKey; import com.google.crypto.tink.config.internal.TinkFipsUtil; import com.google.errorprone.annotations.Immutable; import com.google.crypto.tink.PublicKeySign; @Immutable public final class EcdsaSignJce implements PublicKeySign { public static final TinkFipsUtil.AlgorithmFipsCompatibility FIPS; private static final byte[] EMPTY; private static final byte[] legacyMessageSuffix; private final ECPrivateKey privateKey; private final String signatureAlgorithm; private final EllipticCurves.EcdsaEncoding encoding; private final byte[] outputPrefix; private final byte[] messageSuffix; @Nullable private final Provider provider; private EcdsaSignJce(final ECPrivateKey privateKey, final Enums.HashType hash, final EllipticCurves.EcdsaEncoding encoding, final byte[] outputPrefix, final byte[] messageSuffix, final Provider provider) throws GeneralSecurityException { if (!EcdsaSignJce.FIPS.isCompatible()) { throw new GeneralSecurityException("Can not use ECDSA in FIPS-mode, as BoringCrypto is not available."); } this.privateKey = privateKey; this.signatureAlgorithm = SubtleUtil.toEcdsaAlgo(hash); this.encoding = encoding; this.outputPrefix = outputPrefix; this.messageSuffix = messageSuffix; this.provider = provider; } public EcdsaSignJce(final ECPrivateKey privateKey, final Enums.HashType hash, final EllipticCurves.EcdsaEncoding encoding) throws GeneralSecurityException { this(privateKey, hash, encoding, EcdsaSignJce.EMPTY, EcdsaSignJce.EMPTY, ConscryptUtil.providerOrNull()); } public static PublicKeySign create(final EcdsaPrivateKey key) throws GeneralSecurityException { final Provider provider = ConscryptUtil.providerOrNull(); return createWithProviderOrNull(key, provider); } public static PublicKeySign createWithProvider(final EcdsaPrivateKey key, final Provider provider) throws GeneralSecurityException { if (provider == null) { throw new NullPointerException("provider must not be null"); } return createWithProviderOrNull(key, provider); } @AccessesPartialKey private static PublicKeySign createWithProviderOrNull(final EcdsaPrivateKey key, @Nullable final Provider provider) throws GeneralSecurityException { final Enums.HashType hashType = EcdsaVerifyJce.HASH_TYPE_CONVERTER.toProtoEnum(key.getParameters().getHashType()); final EllipticCurves.EcdsaEncoding ecdsaEncoding = EcdsaVerifyJce.ENCODING_CONVERTER.toProtoEnum(key.getParameters().getSignatureEncoding()); final EllipticCurves.CurveType curveType = EcdsaVerifyJce.CURVE_TYPE_CONVERTER.toProtoEnum(key.getParameters().getCurveType()); final ECParameterSpec ecParams = EllipticCurves.getCurveSpec(curveType); final ECPrivateKeySpec spec = new ECPrivateKeySpec(key.getPrivateValue().getBigInteger(InsecureSecretKeyAccess.get()), ecParams); KeyFactory keyFactory; if (provider != null) { keyFactory = KeyFactory.getInstance("EC", provider); } else { keyFactory = EngineFactory.KEY_FACTORY.getInstance("EC"); } final ECPrivateKey privateKey = (ECPrivateKey)keyFactory.generatePrivate(spec); return new EcdsaSignJce(privateKey, hashType, ecdsaEncoding, key.getOutputPrefix().toByteArray(), key.getParameters().getVariant().equals(EcdsaParameters.Variant.LEGACY) ? EcdsaSignJce.legacyMessageSuffix : EcdsaSignJce.EMPTY, provider); } private Signature getInstance(final String signatureAlgorithm) throws GeneralSecurityException { if (this.provider != null) { return Signature.getInstance(signatureAlgorithm, this.provider); } return EngineFactory.SIGNATURE.getInstance(signatureAlgorithm); } @Override public byte[] sign(final byte[] data) throws GeneralSecurityException { final Signature signer = this.getInstance(this.signatureAlgorithm); signer.initSign(this.privateKey); signer.update(data); if (this.messageSuffix.length > 0) { signer.update(this.messageSuffix); } byte[] signature = signer.sign(); if (this.encoding == EllipticCurves.EcdsaEncoding.IEEE_P1363) { final EllipticCurve curve = this.privateKey.getParams().getCurve(); signature = EllipticCurves.ecdsaDer2Ieee(signature, 2 * EllipticCurves.fieldSizeInBytes(curve)); } if (this.outputPrefix.length == 0) { return signature; } return Bytes.concat(new byte[][] { this.outputPrefix, signature }); } static { FIPS = TinkFipsUtil.AlgorithmFipsCompatibility.ALGORITHM_REQUIRES_BORINGCRYPTO; EMPTY = new byte[0]; legacyMessageSuffix = new byte[] { 0 }; } }