|
| 1 | +/* |
| 2 | + * Licensed to the Apache Software Foundation (ASF) under one |
| 3 | + * or more contributor license agreements. See the NOTICE file |
| 4 | + * distributed with this work for additional information |
| 5 | + * regarding copyright ownership. The ASF licenses this file |
| 6 | + * to you under the Apache License, Version 2.0 (the |
| 7 | + * "License"); you may not use this file except in compliance |
| 8 | + * with the License. You may obtain a copy of the License at |
| 9 | + * |
| 10 | + * http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | + * |
| 12 | + * Unless required by applicable law or agreed to in writing, |
| 13 | + * software distributed under the License is distributed on an |
| 14 | + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| 15 | + * KIND, either express or implied. See the License for the |
| 16 | + * specific language governing permissions and limitations |
| 17 | + * under the License. |
| 18 | + */ |
| 19 | +package org.apache.sshd.common.util.security.eddsa.generic; |
| 20 | + |
| 21 | +import java.security.InvalidKeyException; |
| 22 | +import java.security.PublicKey; |
| 23 | +import java.util.Arrays; |
| 24 | + |
| 25 | +/** |
| 26 | + * Utilities to extract the raw key bytes from ed25519 or ed448 public keys, in a manner that is independent of the |
| 27 | + * actual concrete key implementation classes. |
| 28 | + * |
| 29 | + * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a> |
| 30 | + */ |
| 31 | +public final class EdDSAUtils { |
| 32 | + |
| 33 | + private static final int ED25519_LENGTH = 32; // bytes |
| 34 | + |
| 35 | + private static final int ED448_LENGTH = 57; // bytes |
| 36 | + |
| 37 | + // These are the constant prefixes of X.509 encodings of ed25519 and ed448 keys. Appending the actual 32 |
| 38 | + // or 57 key bytes yields valid encodings. |
| 39 | + |
| 40 | + // Sequence, length 42, Sequence, length 5, OID, length 3, O, I, D, Bit String, length 33, zero unused bits |
| 41 | + private static final byte[] ED25519_X509_PREFIX = { |
| 42 | + 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21, 0x00 }; |
| 43 | + // Sequence, length 67, Sequence, length 5, OID, length 3, O, I, D, Bit String, length 58, zero unused bits |
| 44 | + private static final byte[] ED448_X509_PREFIX = { |
| 45 | + 0x30, 0x43, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x71, 0x03, 0x3a, 0x00 }; |
| 46 | + |
| 47 | + private EdDSAUtils() { |
| 48 | + throw new IllegalStateException("No instantiation"); |
| 49 | + } |
| 50 | + |
| 51 | + private static boolean startsWith(byte[] data, byte[] prefix) { |
| 52 | + if (data == null || prefix == null || prefix.length == 0 || data.length < prefix.length) { |
| 53 | + return false; |
| 54 | + } |
| 55 | + int unequal = 0; |
| 56 | + int length = prefix.length; |
| 57 | + for (int i = 0; i < length; i++) { |
| 58 | + unequal |= data[i] ^ prefix[i]; |
| 59 | + } |
| 60 | + return unequal == 0; |
| 61 | + } |
| 62 | + |
| 63 | + /** |
| 64 | + * Retrieves the raw key bytes from an ed25519 or ed448 {@link PublicKey}. |
| 65 | + * |
| 66 | + * @param key {@link PublicKey} to get the bytes of |
| 67 | + * @return the raw key bytes |
| 68 | + * @throws InvalidKeyException if the key is not an ed25519 or ed448 key, or if it doesn't use X.509 encoding |
| 69 | + */ |
| 70 | + public static byte[] getBytes(PublicKey key) throws InvalidKeyException { |
| 71 | + // Extract the public key bytes from the X.509 encoding (last n bytes, depending on the OID). |
| 72 | + if (!"X.509".equalsIgnoreCase(key.getFormat())) { |
| 73 | + throw new InvalidKeyException("Cannot extract public key bytes from a non-X.509 encoding"); |
| 74 | + } |
| 75 | + byte[] encoded = key.getEncoded(); |
| 76 | + if (encoded == null) { |
| 77 | + throw new InvalidKeyException("Public key " + key.getClass().getCanonicalName() + " does not support encoding"); |
| 78 | + } |
| 79 | + int n; |
| 80 | + if (encoded.length == ED25519_LENGTH + ED25519_X509_PREFIX.length && startsWith(encoded, ED25519_X509_PREFIX)) { |
| 81 | + n = ED25519_LENGTH; |
| 82 | + } else if (encoded.length == ED448_LENGTH + ED448_X509_PREFIX.length && startsWith(encoded, ED448_X509_PREFIX)) { |
| 83 | + n = ED448_LENGTH; |
| 84 | + } else { |
| 85 | + throw new InvalidKeyException("Public key is neither ed25519 nor ed448"); |
| 86 | + } |
| 87 | + return Arrays.copyOfRange(encoded, encoded.length - n, encoded.length); |
| 88 | + } |
| 89 | +} |
0 commit comments