Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  package org.bouncycastle.crypto.tls;
  
 
 public class TlsRSASigner
     extends AbstractTlsSigner
 {
     public byte[] generateRawSignature(SignatureAndHashAlgorithm algorithm,
         AsymmetricKeyParameter privateKeybyte[] hash)
         throws CryptoException
     {
         Signer signer = makeSigner(algorithmtruetrue,
             new ParametersWithRandom(privateKeythis..getSecureRandom()));
         signer.update(hash, 0, hash.length);
         return signer.generateSignature();
     }
 
     public boolean verifyRawSignature(SignatureAndHashAlgorithm algorithmbyte[] sigBytes,
         AsymmetricKeyParameter publicKeybyte[] hash)
         throws CryptoException
     {
         Signer signer = makeSigner(algorithmtruefalsepublicKey);
         signer.update(hash, 0, hash.length);
         return signer.verifySignature(sigBytes);
     }
 
     public Signer createSigner(SignatureAndHashAlgorithm algorithmAsymmetricKeyParameter privateKey)
     {
         return makeSigner(algorithmfalsetruenew ParametersWithRandom(privateKeythis..getSecureRandom()));
     }
 
     public Signer createVerifyer(SignatureAndHashAlgorithm algorithmAsymmetricKeyParameter publicKey)
     {
         return makeSigner(algorithmfalsefalsepublicKey);
     }
 
     public boolean isValidPublicKey(AsymmetricKeyParameter publicKey)
     {
         return publicKey instanceof RSAKeyParameters && !publicKey.isPrivate();
     }
 
     protected Signer makeSigner(SignatureAndHashAlgorithm algorithmboolean rawboolean forSigning,
         CipherParameters cp)
     {
         if ((algorithm != null) != TlsUtils.isTLSv12())
         {
             throw new IllegalStateException();
         }
 
         if (algorithm != null && algorithm.getSignature() != .)
         {
             throw new IllegalStateException();
         }
 
         Digest d;
         if (raw)
         {
             d = new NullDigest();
         }
         else if (algorithm == null)
         {
             d = new CombinedHash();
         }
         else
         {
             d = TlsUtils.createHash(algorithm.getHash());
         }
 
         Signer s;
         if (algorithm != null)
         {
             /*
              * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated
              * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1].
              */
             s = new RSADigestSigner(d, TlsUtils.getOIDForHashAlgorithm(algorithm.getHash()));
         }
         else
         {
             /*
              * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme
              * that did not include a DigestInfo encoding.
              */
             s = new GenericSigner(createRSAImpl(), d);
         }
         s.init(forSigningcp);
         return s;
    }
    {
        /*
         * RFC 5264 7.4.7.1. Implementation note: It is now known that remote timing-based attacks
         * on TLS are possible, at least when the client and server are on the same LAN.
         * Accordingly, implementations that use static RSA keys MUST use RSA blinding or some other
         * anti-timing technique, as described in [TIMING].
         */
        return new PKCS1Encoding(new RSABlindedEngine());
    }
New to GrepCode? Check out our FAQ X