java_src/src/main/java/com/google/crypto/tink/subtle/Ed25519Sign.java - third_party/tink - Git at Google

 // Copyright 2017 Google Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ////////////////////////////////////////////////////////////////////////////////

 package com.google.crypto.tink.subtle;

 import com.google.crypto.tink.PublicKeySign;
 import com.google.crypto.tink.config.TinkFips;
 import java.security.GeneralSecurityException;
 import java.util.Arrays;

 /**
  * Ed25519 signing.
  *
  * <h3>Usage</h3>
  *
  * <pre>{@code
  * Ed25519Sign.KeyPair keyPair = Ed25519Sign.KeyPair.newKeyPair();
  * // securely store keyPair and share keyPair.getPublicKey()
  * Ed25519Sign signer = new Ed25519Sign(keyPair.getPrivateKey());
  * byte[] signature = signer.sign(message);
  * }</pre>
  *
  * @since 1.1.0
  */
 public final class Ed25519Sign implements PublicKeySign {
   public static final TinkFips.AlgorithmFipsCompatibility FIPS =
       TinkFips.AlgorithmFipsCompatibility.ALGORITHM_NOT_FIPS;

   public static final int SECRET_KEY_LEN = Field25519.FIELD_LEN;

   private final byte[] hashedPrivateKey;
   private final byte[] publicKey;

   /**
    * Constructs a Ed25519Sign with the {@code privateKey}.
    *
    * @param privateKey 32-byte random sequence.
    * @throws GeneralSecurityException if there is no SHA-512 algorithm defined in {@link
    *     EngineFactory}.MESSAGE_DIGEST.
    */
   public Ed25519Sign(final byte[] privateKey) throws GeneralSecurityException {
     if (!FIPS.isCompatible()) {
       throw new GeneralSecurityException("Can not use Ed25519 in FIPS-mode.");
     }

     if (privateKey.length != SECRET_KEY_LEN) {
       throw new IllegalArgumentException(
           String.format("Given private key's length is not %s", SECRET_KEY_LEN));
     }

     this.hashedPrivateKey = Ed25519.getHashedScalar(privateKey);
     this.publicKey = Ed25519.scalarMultWithBaseToBytes(this.hashedPrivateKey);
   }

   @Override
   public byte[] sign(final byte[] data) throws GeneralSecurityException {
     return Ed25519.sign(data, publicKey, hashedPrivateKey);
   }

   /** Defines the KeyPair consisting of a private key and its corresponding public key. */
   public static final class KeyPair {

     private final byte[] publicKey;
     private final byte[] privateKey;

     private KeyPair(final byte[] publicKey, final byte[] privateKey) {
       this.publicKey = publicKey;
       this.privateKey = privateKey;
     }

     public byte[] getPublicKey() {
       return Arrays.copyOf(publicKey, publicKey.length);
     }

     public byte[] getPrivateKey() {
       return Arrays.copyOf(privateKey, privateKey.length);
     }

     /** Returns a new <publicKey, privateKey> KeyPair. */
     public static KeyPair newKeyPair() throws GeneralSecurityException {
       return newKeyPairFromSeed(Random.randBytes(Field25519.FIELD_LEN));
     }

     /** Returns a new <publicKey, privateKey> KeyPair generated from a seed. */
     public static KeyPair newKeyPairFromSeed(byte[] secretSeed) throws GeneralSecurityException {
       if (secretSeed.length != Field25519.FIELD_LEN) {
         throw new IllegalArgumentException(
             String.format("Given secret seed length is not %s", Field25519.FIELD_LEN));
       }
       byte[] privateKey = secretSeed;
       byte[] publicKey = Ed25519.scalarMultWithBaseToBytes(Ed25519.getHashedScalar(privateKey));
       return new KeyPair(publicKey, privateKey);
     }
   }
 }
	// Copyright 2017 Google Inc.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	////////////////////////////////////////////////////////////////////////////////

	package com.google.crypto.tink.subtle;

	import com.google.crypto.tink.PublicKeySign;
	import com.google.crypto.tink.config.TinkFips;
	import java.security.GeneralSecurityException;
	import java.util.Arrays;

	/**
	* Ed25519 signing.
	*
	* <h3>Usage</h3>
	*
	* <pre>{@code
	* Ed25519Sign.KeyPair keyPair = Ed25519Sign.KeyPair.newKeyPair();
	* // securely store keyPair and share keyPair.getPublicKey()
	* Ed25519Sign signer = new Ed25519Sign(keyPair.getPrivateKey());
	* byte[] signature = signer.sign(message);
	* }</pre>
	*
	* @since 1.1.0
	*/
	public final class Ed25519Sign implements PublicKeySign {
	public static final TinkFips.AlgorithmFipsCompatibility FIPS =
	TinkFips.AlgorithmFipsCompatibility.ALGORITHM_NOT_FIPS;

	public static final int SECRET_KEY_LEN = Field25519.FIELD_LEN;

	private final byte[] hashedPrivateKey;
	private final byte[] publicKey;

	/**
	* Constructs a Ed25519Sign with the {@code privateKey}.
	*
	* @param privateKey 32-byte random sequence.
	* @throws GeneralSecurityException if there is no SHA-512 algorithm defined in {@link
	* EngineFactory}.MESSAGE_DIGEST.
	*/
	public Ed25519Sign(final byte[] privateKey) throws GeneralSecurityException {
	if (!FIPS.isCompatible()) {
	throw new GeneralSecurityException("Can not use Ed25519 in FIPS-mode.");
	}

	if (privateKey.length != SECRET_KEY_LEN) {
	throw new IllegalArgumentException(
	String.format("Given private key's length is not %s", SECRET_KEY_LEN));
	}

	this.hashedPrivateKey = Ed25519.getHashedScalar(privateKey);
	this.publicKey = Ed25519.scalarMultWithBaseToBytes(this.hashedPrivateKey);
	}

	@Override
	public byte[] sign(final byte[] data) throws GeneralSecurityException {
	return Ed25519.sign(data, publicKey, hashedPrivateKey);
	}

	/** Defines the KeyPair consisting of a private key and its corresponding public key. */
	public static final class KeyPair {

	private final byte[] publicKey;
	private final byte[] privateKey;

	private KeyPair(final byte[] publicKey, final byte[] privateKey) {
	this.publicKey = publicKey;
	this.privateKey = privateKey;
	}

	public byte[] getPublicKey() {
	return Arrays.copyOf(publicKey, publicKey.length);
	}

	public byte[] getPrivateKey() {
	return Arrays.copyOf(privateKey, privateKey.length);
	}

	/** Returns a new <publicKey, privateKey> KeyPair. */
	public static KeyPair newKeyPair() throws GeneralSecurityException {
	return newKeyPairFromSeed(Random.randBytes(Field25519.FIELD_LEN));
	}

	/** Returns a new <publicKey, privateKey> KeyPair generated from a seed. */
	public static KeyPair newKeyPairFromSeed(byte[] secretSeed) throws GeneralSecurityException {
	if (secretSeed.length != Field25519.FIELD_LEN) {
	throw new IllegalArgumentException(
	String.format("Given secret seed length is not %s", Field25519.FIELD_LEN));
	}
	byte[] privateKey = secretSeed;
	byte[] publicKey = Ed25519.scalarMultWithBaseToBytes(Ed25519.getHashedScalar(privateKey));
	return new KeyPair(publicKey, privateKey);
	}
	}
	}