当前位置: 首页>>代码示例>>Java>>正文


Java Arrays.constantTimeAreEqual方法代码示例

本文整理汇总了Java中org.bouncycastle.util.Arrays.constantTimeAreEqual方法的典型用法代码示例。如果您正苦于以下问题:Java Arrays.constantTimeAreEqual方法的具体用法?Java Arrays.constantTimeAreEqual怎么用?Java Arrays.constantTimeAreEqual使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.bouncycastle.util.Arrays的用法示例。


在下文中一共展示了Arrays.constantTimeAreEqual方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: isMacValid

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
/**
 * Verify the MacData attached to the PFX is consistent with what is expected.
 *
 * @param macCalcProviderBuilder provider builder for the calculator for the MAC
 * @param password password to use
 * @return true if mac data is valid, false otherwise.
 * @throws PKCSException if there is a problem evaluating the MAC.
 * @throws IllegalStateException if no MAC is actually present
 */
public boolean isMacValid(PKCS12MacCalculatorBuilderProvider macCalcProviderBuilder, char[] password)
    throws PKCSException
{
    if (hasMac())
    {
        MacData pfxmData = pfx.getMacData();
        MacDataGenerator mdGen = new MacDataGenerator(macCalcProviderBuilder.get(new AlgorithmIdentifier(pfxmData.getMac().getAlgorithmId().getAlgorithm(), new PKCS12PBEParams(pfxmData.getSalt(), pfxmData.getIterationCount().intValue()))));

        try
        {
            MacData mData = mdGen.build(
                password,
                ASN1OctetString.getInstance(pfx.getAuthSafe().getContent()).getOctets());

            return Arrays.constantTimeAreEqual(mData.getEncoded(), pfx.getMacData().getEncoded());
        }
        catch (IOException e)
        {
            throw new PKCSException("unable to process AuthSafe: " + e.getMessage());
        }
    }

    throw new IllegalStateException("no MAC present on PFX");
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:34,代码来源:PKCS12PfxPdu.java

示例2: processFinishedMessage

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
protected void processFinishedMessage(ByteArrayInputStream buf)
    throws IOException
{

    byte[] verify_data = TlsUtils.readFully(expected_verify_data.length, buf);

    assertEmpty(buf);

    /*
     * Compare both checksums.
     */
    if (!Arrays.constantTimeAreEqual(expected_verify_data, verify_data))
    {
        /*
         * Wrong checksum in the finished message.
         */
        this.failWithError(AlertLevel.fatal, AlertDescription.decrypt_error);
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:20,代码来源:TlsProtocol.java

示例3: decodeCiphertext

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
    throws IOException
{
    int macSize = readMac.getSize();
    if (len < macSize)
    {
        throw new TlsFatalAlert(AlertDescription.decode_error);
    }

    byte[] deciphered = new byte[len];
    decryptCipher.processBytes(ciphertext, offset, len, deciphered, 0);

    int macInputLen = len - macSize;

    byte[] receivedMac = Arrays.copyOfRange(deciphered, macInputLen, len);
    byte[] computedMac = readMac.calculateMac(seqNo, type, deciphered, 0, macInputLen);

    if (!Arrays.constantTimeAreEqual(receivedMac, computedMac))
    {
        throw new TlsFatalAlert(AlertDescription.bad_record_mac);
    }

    return Arrays.copyOfRange(deciphered, 0, macInputLen);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:25,代码来源:TlsStreamCipher.java

示例4: verifySignature

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
/**
 * return true if the internal state represents the signature described in
 * the passed in array.
 */
public boolean verifySignature(
    byte[] signature)
{
    if (forSigning)
    {
        throw new IllegalStateException("GenericSigner not initialised for verification");
    }

    byte[] hash = new byte[digest.getDigestSize()];
    digest.doFinal(hash, 0);

    try
    {
        byte[] sig = engine.processBlock(signature, 0, signature.length);

        return Arrays.constantTimeAreEqual(sig, hash);
    }
    catch (Exception e)
    {
        return false;
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:27,代码来源:GenericSigner.java

示例5: checkCMSKeyChecksum

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
/**
 * @param key
 * @param checksum
 * @return true if okay, false otherwise.
 * @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
 */
private boolean checkCMSKeyChecksum(
    byte[] key,
    byte[] checksum)
{
    return Arrays.constantTimeAreEqual(calculateCMSKeyChecksum(key), checksum);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:13,代码来源:DESedeWrapEngine.java

示例6: checkCMSKeyChecksum

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
/**
 * @param key
 * @param checksum
 * @return
 * @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
 */
private boolean checkCMSKeyChecksum(
    byte[] key,
    byte[] checksum)
{
    return Arrays.constantTimeAreEqual(calculateCMSKeyChecksum(key), checksum);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:13,代码来源:RC2WrapEngine.java

示例7: processFinished

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
protected void processFinished(byte[] body, byte[] expected_verify_data)
    throws IOException
{

    ByteArrayInputStream buf = new ByteArrayInputStream(body);

    byte[] verify_data = TlsUtils.readFully(expected_verify_data.length, buf);

    TlsProtocol.assertEmpty(buf);

    if (!Arrays.constantTimeAreEqual(expected_verify_data, verify_data))
    {
        throw new TlsFatalAlert(AlertDescription.handshake_failure);
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:16,代码来源:DTLSProtocol.java

示例8: decodeCiphertext

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
    throws IOException
{

    if (readMac == null)
    {
        return Arrays.copyOfRange(ciphertext, offset, offset + len);
    }

    int macSize = readMac.getSize();
    if (len < macSize)
    {
        throw new TlsFatalAlert(AlertDescription.decode_error);
    }

    int macInputLen = len - macSize;

    byte[] receivedMac = Arrays.copyOfRange(ciphertext, offset + macInputLen, offset + len);
    byte[] computedMac = readMac.calculateMac(seqNo, type, ciphertext, offset, macInputLen);

    if (!Arrays.constantTimeAreEqual(receivedMac, computedMac))
    {
        throw new TlsFatalAlert(AlertDescription.bad_record_mac);
    }

    return Arrays.copyOfRange(ciphertext, offset, offset + macInputLen);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:28,代码来源:TlsNullCipher.java

示例9: verifyRawSignature

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
public boolean verifyRawSignature(byte[] sigBytes, AsymmetricKeyParameter publicKey, byte[] md5AndSha1)
    throws CryptoException
{

    AsymmetricBlockCipher engine = createRSAImpl();
    engine.init(false, publicKey);
    byte[] signed = engine.processBlock(sigBytes, 0, sigBytes.length);
    return Arrays.constantTimeAreEqual(signed, md5AndSha1);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:10,代码来源:TlsRSASigner.java

示例10: unwrap

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
public byte[] unwrap(
    byte[]  in,
    int     inOff,
    int     inLen)
    throws InvalidCipherTextException
{
    if (forWrapping)
    {
        throw new IllegalStateException("not set for unwrapping");
    }

    int     n = inLen / 8;

    if ((n * 8) != inLen)
    {
        throw new InvalidCipherTextException("unwrap data must be a multiple of 8 bytes");
    }

    byte[]  block = new byte[inLen - iv.length];
    byte[]  a = new byte[iv.length];
    byte[]  buf = new byte[8 + iv.length];

    System.arraycopy(in, 0, a, 0, iv.length);
    System.arraycopy(in, iv.length, block, 0, inLen - iv.length);

    engine.init(false, param);

    n = n - 1;

    for (int j = 5; j >= 0; j--)
    {
        for (int i = n; i >= 1; i--)
        {
            System.arraycopy(a, 0, buf, 0, iv.length);
            System.arraycopy(block, 8 * (i - 1), buf, iv.length, 8);

            int t = n * j + i;
            for (int k = 1; t != 0; k++)
            {
                byte    v = (byte)t;

                buf[iv.length - k] ^= v;

                t >>>= 8;
            }

            engine.processBlock(buf, 0, buf, 0);
            System.arraycopy(buf, 0, a, 0, 8);
            System.arraycopy(buf, 8, block, 8 * (i - 1), 8);
        }
    }

    if (!Arrays.constantTimeAreEqual(a, iv))
    {
        throw new InvalidCipherTextException("checksum failed");
    }

    return block;
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:60,代码来源:RFC3394WrapEngine.java

示例11: decodeCiphertext

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
    throws IOException
{
    int blockSize = decryptCipher.getBlockSize();
    int macSize = readMac.getSize();

    int minLen = Math.max(blockSize, macSize + 1);
    if (useExplicitIV)
    {
        minLen += blockSize;
    }

    if (len < minLen)
    {
        throw new TlsFatalAlert(AlertDescription.decode_error);
    }

    if (len % blockSize != 0)
    {
        throw new TlsFatalAlert(AlertDescription.decryption_failed);
    }

    if (useExplicitIV)
    {
        decryptCipher.init(false, new ParametersWithIV(null, ciphertext, offset, blockSize));

        offset += blockSize;
        len -= blockSize;
    }

    for (int i = 0; i < len; i += blockSize)
    {
        decryptCipher.processBlock(ciphertext, offset + i, ciphertext, offset + i);
    }

    // If there's anything wrong with the padding, this will return zero
    int totalPad = checkPaddingConstantTime(ciphertext, offset, len, blockSize, macSize);

    int macInputLen = len - totalPad - macSize;

    byte[] decryptedMac = Arrays.copyOfRange(ciphertext, offset + macInputLen, offset + macInputLen + macSize);
    byte[] calculatedMac = readMac.calculateMacConstantTime(seqNo, type, ciphertext, offset, macInputLen, len
        - macSize, randomData);

    boolean badMac = !Arrays.constantTimeAreEqual(calculatedMac, decryptedMac);

    if (badMac || totalPad == 0)
    {
        throw new TlsFatalAlert(AlertDescription.bad_record_mac);
    }

    return Arrays.copyOfRange(ciphertext, offset, offset + macInputLen);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:54,代码来源:TlsBlockCipher.java

示例12: verifySignature

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
/**
 * return true if the internal state represents the signature described in
 * the passed in array.
 */
public boolean verifySignature(
    byte[] signature)
{
    if (forSigning)
    {
        throw new IllegalStateException("RSADigestSigner not initialised for verification");
    }

    byte[] hash = new byte[digest.getDigestSize()];

    digest.doFinal(hash, 0);

    byte[] sig;
    byte[] expected;

    try
    {
        sig = rsaEngine.processBlock(signature, 0, signature.length);
        expected = derEncode(hash);
    }
    catch (Exception e)
    {
        return false;
    }

    if (sig.length == expected.length)
    {
        return Arrays.constantTimeAreEqual(sig, expected);
    }
    else if (sig.length == expected.length - 2)  // NULL left out
    {
        int sigOffset = sig.length - hash.length - 2;
        int expectedOffset = expected.length - hash.length - 2;

        expected[1] -= 2;      // adjust lengths
        expected[3] -= 2;

        int nonEqual = 0;

        for (int i = 0; i < hash.length; i++)
        {
            nonEqual |= (sig[sigOffset + i] ^ expected[expectedOffset + i]);
        }

        for (int i = 0; i < sigOffset; i++)
        {
            nonEqual |= (sig[i] ^ expected[i]);  // check header less NULL
        }

        return nonEqual == 0;
    }
    else
    {
        return false;
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:61,代码来源:RSADigestSigner.java

示例13: engineLoad

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
public void engineLoad(
    InputStream stream,
    char[]      password) 
    throws IOException
{
    table.clear();
    
    if (stream == null)     // just initialising
    {
        return;
    }
    
    DataInputStream     dIn = new DataInputStream(stream);
    int                 version = dIn.readInt();
    
    if (version != STORE_VERSION)
    {
        if (version != 0 && version != 1)
        {
            throw new IOException("Wrong version of key store.");
        }
    }
    
    byte[]      salt = new byte[dIn.readInt()];

    if (salt.length != STORE_SALT_SIZE)
    {
        throw new IOException("Key store corrupted.");
    }
    
    dIn.readFully(salt);
    
    int         iterationCount = dIn.readInt();
    
    if ((iterationCount < 0) || (iterationCount > 4 *  MIN_ITERATIONS))
    {
        throw new IOException("Key store corrupted.");
    }
    
    String cipherAlg;
    if (version == 0)
    {
        cipherAlg = "Old" + STORE_CIPHER;
    }
    else
    {
        cipherAlg = STORE_CIPHER;
    }

    Cipher cipher = this.makePBECipher(cipherAlg, Cipher.DECRYPT_MODE, password, salt, iterationCount);
    CipherInputStream cIn = new CipherInputStream(dIn, cipher);

    Digest dig = new SHA1Digest();
    DigestInputStream  dgIn = new DigestInputStream(cIn, dig);
    
    this.loadStore(dgIn);

    // Finalise our digest calculation
    byte[] hash = new byte[dig.getDigestSize()];
    dig.doFinal(hash, 0);

    // TODO Should this actually be reading the remainder of the stream?
    // Read the original digest from the stream
    byte[] oldHash = new byte[dig.getDigestSize()];
    Streams.readFully(cIn, oldHash);

    if (!Arrays.constantTimeAreEqual(hash, oldHash))
    {
        table.clear();
        throw new IOException("KeyStore integrity check failed.");
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:73,代码来源:BcKeyStoreSpi.java

示例14: validate

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
/**
 * Check this response against to see if it a well formed response for 
 * the passed in request. Validation will include checking the time stamp
 * token if the response status is GRANTED or GRANTED_WITH_MODS.
 * 
 * @param request the request to be checked against
 * @throws TSPException if the request can not match this response.
 */
public void validate(
    TimeStampRequest    request)
    throws TSPException
{
    TimeStampToken tok = this.getTimeStampToken();
    
    if (tok != null)
    {
        TimeStampTokenInfo  tstInfo = tok.getTimeStampInfo();
        
        if (request.getNonce() != null && !request.getNonce().equals(tstInfo.getNonce()))
        {
            throw new TSPValidationException("response contains wrong nonce value.");
        }
        
        if (this.getStatus() != PKIStatus.GRANTED && this.getStatus() != PKIStatus.GRANTED_WITH_MODS)
        {
            throw new TSPValidationException("time stamp token found in failed request.");
        }
        
        if (!Arrays.constantTimeAreEqual(request.getMessageImprintDigest(), tstInfo.getMessageImprintDigest()))
        {
            throw new TSPValidationException("response for different message imprint digest.");
        }
        
        if (!tstInfo.getMessageImprintAlgOID().equals(request.getMessageImprintAlgOID()))
        {
            throw new TSPValidationException("response for different message imprint algorithm.");
        }

        Attribute scV1 = tok.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificate);
        Attribute scV2 = tok.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificateV2);

        if (scV1 == null && scV2 == null)
        {
            throw new TSPValidationException("no signing certificate attribute present.");
        }

        if (scV1 != null && scV2 != null)
        {
            /*
             * RFC 5035 5.4. If both attributes exist in a single message,
             * they are independently evaluated. 
             */
        }

        if (request.getReqPolicy() != null && !request.getReqPolicy().equals(tstInfo.getPolicy()))
        {
            throw new TSPValidationException("TSA policy wrong for request.");
        }
    }
    else if (this.getStatus() == PKIStatus.GRANTED || this.getStatus() == PKIStatus.GRANTED_WITH_MODS)
    {
        throw new TSPValidationException("no time stamp token found and one expected.");
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:65,代码来源:TimeStampResponse.java

示例15: isRevealed

import org.bouncycastle.util.Arrays; //导入方法依赖的package包/类
/**
 * Return true if the passed in commitment represents a commitment to the passed in maessage.
 *
 * @param commitment a commitment previously generated.
 * @param message the message that was expected to have been committed to.
 * @return true if commitment matches message, false otherwise.
 */
public boolean isRevealed(Commitment commitment, byte[] message)
{
    byte[] calcCommitment = calculateCommitment(commitment.getSecret(), message);

    return Arrays.constantTimeAreEqual(commitment.getCommitment(), calcCommitment);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:14,代码来源:HashCommitter.java


注:本文中的org.bouncycastle.util.Arrays.constantTimeAreEqual方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。