本文整理了Java中org.spongycastle.util.Arrays.constantTimeAreEqual()
方法的一些代码示例,展示了Arrays.constantTimeAreEqual()
的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Arrays.constantTimeAreEqual()
方法的具体详情如下:
包路径:org.spongycastle.util.Arrays
类名称:Arrays
方法名:constantTimeAreEqual
[英]A constant time equals comparison - does not terminate early if test will fail. For best results always pass the expected value as the first parameter.
[中]恒定时间等于比较-如果测试失败,不会提前终止。为了获得最佳结果,始终将预期值作为第一个参数传递。
代码示例来源:origin: ethereum/ethereumj
if (!Arrays.constantTimeAreEqual(T1, T2))
代码示例来源:origin: com.madgag.spongycastle/core
private boolean checkCMSKeyChecksum(
byte[] key,
byte[] checksum)
{
return Arrays.constantTimeAreEqual(calculateCMSKeyChecksum(key), checksum);
}
}
代码示例来源:origin: com.madgag.spongycastle/core
/**
* For details see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
*
* @param key key to be validated.
* @param checksum the checksum.
* @return true if okay, false otherwise.
*/
private boolean checkCMSKeyChecksum(
byte[] key,
byte[] checksum)
{
return Arrays.constantTimeAreEqual(calculateCMSKeyChecksum(key), checksum);
}
代码示例来源:origin: com.madgag/sc-light-jdk15on
/**
* @param key
* @param checksum
* @return true if okay, false otherwise.
* @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
*/
private boolean checkCMSKeyChecksum(
byte[] key,
byte[] checksum)
{
return Arrays.constantTimeAreEqual(calculateCMSKeyChecksum(key), checksum);
}
代码示例来源:origin: com.madgag/sc-light-jdk15on
/**
* @param key
* @param checksum
* @return
* @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
*/
private boolean checkCMSKeyChecksum(
byte[] key,
byte[] checksum)
{
return Arrays.constantTimeAreEqual(calculateCMSKeyChecksum(key), checksum);
}
}
代码示例来源:origin: com.madgag.spongycastle/core
protected void processFinished(byte[] body, byte[] expected_verify_data)
throws IOException
{
ByteArrayInputStream buf = new ByteArrayInputStream(body);
byte[] verify_data = TlsUtils.readFully(expected_verify_data.length, buf);
TlsProtocol.assertEmpty(buf);
if (!Arrays.constantTimeAreEqual(expected_verify_data, verify_data))
{
throw new TlsFatalAlert(AlertDescription.handshake_failure);
}
}
代码示例来源:origin: com.madgag.spongycastle/bctls-jdk15on
protected void processFinished(byte[] body, byte[] expected_verify_data)
throws IOException
{
ByteArrayInputStream buf = new ByteArrayInputStream(body);
byte[] verify_data = TlsUtils.readFully(expected_verify_data.length, buf);
TlsProtocol.assertEmpty(buf);
if (!Arrays.constantTimeAreEqual(expected_verify_data, verify_data))
{
throw new TlsFatalAlert(AlertDescription.handshake_failure);
}
}
代码示例来源:origin: com.madgag.spongycastle/core
protected void checkMAC(long seqNo, short type, byte[] recBuf, int recStart, int recEnd, byte[] calcBuf, int calcOff, int calcLen)
throws IOException
{
byte[] receivedMac = Arrays.copyOfRange(recBuf, recStart, recEnd);
byte[] computedMac = readMac.calculateMac(seqNo, type, calcBuf, calcOff, calcLen);
if (!Arrays.constantTimeAreEqual(receivedMac, computedMac))
{
throw new TlsFatalAlert(AlertDescription.bad_record_mac);
}
}
代码示例来源:origin: com.madgag.spongycastle/prov
private void verifyMac(byte[] content, PbkdMacIntegrityCheck integrityCheck, char[] password)
throws NoSuchAlgorithmException, IOException
{
byte[] check = calculateMac(content, integrityCheck.getMacAlgorithm(), integrityCheck.getPbkdAlgorithm(), password);
if (!Arrays.constantTimeAreEqual(check, integrityCheck.getMac()))
{
throw new IOException("BCFKS KeyStore corrupted: MAC calculation failed.");
}
}
代码示例来源:origin: com.madgag/sc-light-jdk15on
/**
* return true if the internal state represents the signature described in
* the passed in array.
*/
public boolean verifySignature(
byte[] signature)
{
if (forSigning)
{
throw new IllegalStateException("GenericSigner not initialised for verification");
}
byte[] hash = new byte[digest.getDigestSize()];
digest.doFinal(hash, 0);
try
{
byte[] sig = engine.processBlock(signature, 0, signature.length);
return Arrays.constantTimeAreEqual(sig, hash);
}
catch (Exception e)
{
return false;
}
}
代码示例来源:origin: com.madgag.spongycastle/core
protected void processFinishedMessage(ByteArrayInputStream buf)
throws IOException
{
if (expected_verify_data == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
byte[] verify_data = TlsUtils.readFully(expected_verify_data.length, buf);
assertEmpty(buf);
/*
* Compare both checksums.
*/
if (!Arrays.constantTimeAreEqual(expected_verify_data, verify_data))
{
/*
* Wrong checksum in the finished message.
*/
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
}
代码示例来源:origin: com.madgag.spongycastle/core
/**
* Return true if the passed in commitment represents a commitment to the passed in message.
*
* @param commitment a commitment previously generated.
* @param message the message that was expected to have been committed to.
* @return true if commitment matches message, false otherwise.
*/
public boolean isRevealed(Commitment commitment, byte[] message)
{
if (message.length + commitment.getSecret().length != byteLength)
{
throw new DataLengthException("Message and witness secret lengths do not match.");
}
byte[] calcCommitment = calculateCommitment(commitment.getSecret(), message);
return Arrays.constantTimeAreEqual(commitment.getCommitment(), calcCommitment);
}
代码示例来源:origin: com.madgag.spongycastle/core
/**
* Return true if the passed in commitment represents a commitment to the passed in message.
*
* @param commitment a commitment previously generated.
* @param message the message that was expected to have been committed to.
* @return true if commitment matches message, false otherwise.
*/
public boolean isRevealed(Commitment commitment, byte[] message)
{
if (message.length + commitment.getSecret().length != byteLength)
{
throw new DataLengthException("Message and witness secret lengths do not match.");
}
byte[] calcCommitment = calculateCommitment(commitment.getSecret(), message);
return Arrays.constantTimeAreEqual(commitment.getCommitment(), calcCommitment);
}
代码示例来源:origin: com.madgag.spongycastle/core
public byte[] unwrap(byte[] input, int inOff, int inLen)
throws InvalidCipherTextException
{
byte[] decKey = new byte[inLen - mac.getMacSize()];
cipher.processBlock(input, inOff, decKey, 0);
cipher.processBlock(input, inOff + 8, decKey, 8);
cipher.processBlock(input, inOff + 16, decKey, 16);
cipher.processBlock(input, inOff + 24, decKey, 24);
byte[] macResult = new byte[mac.getMacSize()];
mac.update(decKey, 0, decKey.length);
mac.doFinal(macResult, 0);
byte[] macExpected = new byte[mac.getMacSize()];
System.arraycopy(input, inOff + inLen - 4, macExpected, 0, mac.getMacSize());
if (!Arrays.constantTimeAreEqual(macResult, macExpected))
{
throw new IllegalStateException("mac mismatch");
}
return decKey;
}
}
代码示例来源:origin: com.madgag.spongycastle/bctls-jdk15on
public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
throws IOException
{
int macSize = readMac.getSize();
if (len < macSize)
{
throw new TlsFatalAlert(AlertDescription.decode_error);
}
int macInputLen = len - macSize;
byte[] receivedMac = Arrays.copyOfRange(ciphertext, offset + macInputLen, offset + len);
byte[] computedMac = readMac.calculateMac(seqNo, type, ciphertext, offset, macInputLen);
if (!Arrays.constantTimeAreEqual(receivedMac, computedMac))
{
throw new TlsFatalAlert(AlertDescription.bad_record_mac);
}
return Arrays.copyOfRange(ciphertext, offset, offset + macInputLen);
}
}
代码示例来源:origin: com.madgag.spongycastle/bctls-jdk15on
protected void processFinishedMessage(ByteArrayInputStream buf)
throws IOException
{
if (expected_verify_data == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
byte[] verify_data = TlsUtils.readFully(expected_verify_data.length, buf);
assertEmpty(buf);
/*
* Compare both checksums.
*/
if (!Arrays.constantTimeAreEqual(expected_verify_data, verify_data))
{
/*
* Wrong checksum in the finished message.
*/
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
if (null == securityParameters.getTLSUnique())
{
securityParameters.tlsUnique = verify_data;
}
}
代码示例来源:origin: com.madgag.spongycastle/core
public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
throws IOException
{
if (readMac == null)
{
return Arrays.copyOfRange(ciphertext, offset, offset + len);
}
int macSize = readMac.getSize();
if (len < macSize)
{
throw new TlsFatalAlert(AlertDescription.decode_error);
}
int macInputLen = len - macSize;
byte[] receivedMac = Arrays.copyOfRange(ciphertext, offset + macInputLen, offset + len);
byte[] computedMac = readMac.calculateMac(seqNo, type, ciphertext, offset, macInputLen);
if (!Arrays.constantTimeAreEqual(receivedMac, computedMac))
{
throw new TlsFatalAlert(AlertDescription.bad_record_mac);
}
return Arrays.copyOfRange(ciphertext, offset, offset + macInputLen);
}
}
代码示例来源:origin: com.madgag.spongycastle/core
public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len) throws IOException
{
if (getPlaintextLimit(len) < 0)
{
throw new TlsFatalAlert(AlertDescription.decode_error);
}
KeyParameter macKey = initRecord(decryptCipher, false, seqNo, decryptIV);
int plaintextLength = len - 16;
byte[] additionalData = getAdditionalData(seqNo, type, plaintextLength);
byte[] calculatedMAC = calculateRecordMAC(macKey, additionalData, ciphertext, offset, plaintextLength);
byte[] receivedMAC = Arrays.copyOfRange(ciphertext, offset + plaintextLength, offset + len);
if (!Arrays.constantTimeAreEqual(calculatedMAC, receivedMAC))
{
throw new TlsFatalAlert(AlertDescription.bad_record_mac);
}
byte[] output = new byte[plaintextLength];
decryptCipher.processBytes(ciphertext, offset, plaintextLength, output, 0);
return output;
}
代码示例来源:origin: com.madgag.spongycastle/pkix
/**
* Verify the MacData attached to the PFX is consistent with what is expected.
*
* @param macCalcProviderBuilder provider builder for the calculator for the MAC
* @param password password to use
* @return true if mac data is valid, false otherwise.
* @throws PKCSException if there is a problem evaluating the MAC.
* @throws IllegalStateException if no MAC is actually present
*/
public boolean isMacValid(PKCS12MacCalculatorBuilderProvider macCalcProviderBuilder, char[] password)
throws PKCSException
{
if (hasMac())
{
MacData pfxmData = pfx.getMacData();
MacDataGenerator mdGen = new MacDataGenerator(macCalcProviderBuilder.get(new AlgorithmIdentifier(pfxmData.getMac().getAlgorithmId().getAlgorithm(), new PKCS12PBEParams(pfxmData.getSalt(), pfxmData.getIterationCount().intValue()))));
try
{
MacData mData = mdGen.build(
password,
ASN1OctetString.getInstance(pfx.getAuthSafe().getContent()).getOctets());
return Arrays.constantTimeAreEqual(mData.getEncoded(), pfx.getMacData().getEncoded());
}
catch (IOException e)
{
throw new PKCSException("unable to process AuthSafe: " + e.getMessage());
}
}
throw new IllegalStateException("no MAC present on PFX");
}
代码示例来源:origin: com.madgag.spongycastle/core
public boolean verifySignature(byte[] message, byte[] signature)
{
/* parse signature and public key */
XMSSSignature sig = new XMSSSignature.Builder(params).withSignature(signature).build();
/* generate public key */
int index = sig.getIndex();
/* reinitialize WOTS+ object */
params.getWOTSPlus().importKeys(new byte[params.getDigestSize()], publicKey.getPublicSeed());
/* create message digest */
byte[] concatenated = Arrays.concatenate(sig.getRandom(), publicKey.getRoot(),
XMSSUtil.toBytesBigEndian(index, params.getDigestSize()));
byte[] messageDigest = khf.HMsg(concatenated, message);
int xmssHeight = params.getHeight();
int indexLeaf = XMSSUtil.getLeafIndex(index, xmssHeight);
/* get root from signature */
OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withOTSAddress(index).build();
XMSSNode rootNodeFromSignature = XMSSVerifierUtil.getRootNodeFromSignature(params.getWOTSPlus(), xmssHeight, messageDigest, sig, otsHashAddress, indexLeaf);
return Arrays.constantTimeAreEqual(rootNodeFromSignature.getValue(), publicKey.getRoot());
}
内容来源于网络,如有侵权,请联系作者删除!