Package com.nimbusds.jose.crypto.impl

Class ECDSA

  • public class ECDSA
extends java.lang.Object
    Elliptic Curve Digital Signature Algorithm (ECDSA) functions and utilities.
    Version:
    2022-04-22
    Author:
    Vladimir Dzhuvinov, Aleksei Doroganov

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void ensureLegalSignature​(byte[] jwsSignature, JWSAlgorithm jwsAlg)
      Ensures the specified ECDSA signature is legal.
      static int getSignatureByteArrayLength​(JWSAlgorithm alg)
      Returns the expected signature byte array length (R + S parts) for the specified ECDSA algorithm.
      static java.security.Signature getSignerAndVerifier​(JWSAlgorithm alg, java.security.Provider jcaProvider)
      Creates a new JCA signer / verifier for ECDSA.
      static JWSAlgorithm resolveAlgorithm​(Curve curve)
      Resolves the matching EC DSA algorithm for the specified elliptic curve.
      static JWSAlgorithm resolveAlgorithm​(java.security.interfaces.ECKey ecKey)
      Resolves the matching EC DSA algorithm for the specified EC key (public or private).
      static byte[] transcodeSignatureToConcat​(byte[] derSignature, int outputLength)
      Transcodes the JCA ASN.1/DER-encoded signature into the concatenated R + S format expected by ECDSA JWS.
      static byte[] transcodeSignatureToDER​(byte[] jwsSignature)
      Transcodes the ECDSA JWS signature into ASN.1/DER format for use by the JCA verifier.
      static byte[] transcodeSignatureToDERBitcoin​(byte[] jwsSignature)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • resolveAlgorithm

        public static JWSAlgorithm resolveAlgorithm​(java.security.interfaces.ECKey ecKey)
                                     throws JOSEException
        Resolves the matching EC DSA algorithm for the specified EC key (public or private).
        Parameters:
        ecKey - The EC key. Must not be null.
        Returns:
        The matching EC DSA algorithm.
        Throws:
        JOSEException - If the elliptic curve of key is not supported.

      • resolveAlgorithm

        public static JWSAlgorithm resolveAlgorithm​(Curve curve)
                                     throws JOSEException
        Resolves the matching EC DSA algorithm for the specified elliptic curve.
        Parameters:
        curve - The elliptic curve. May be null.
        Returns:
        The matching EC DSA algorithm.
        Throws:
        JOSEException - If the elliptic curve of key is not supported.

      • getSignerAndVerifier

        public static java.security.Signature getSignerAndVerifier​(JWSAlgorithm alg,
                                                           java.security.Provider jcaProvider)
                                                    throws JOSEException
        Creates a new JCA signer / verifier for ECDSA.
        Parameters:
        alg - The ECDSA JWS algorithm. Must not be null.
        jcaProvider - The JCA provider, null if not specified.
        Returns:
        The JCA signer / verifier instance.
        Throws:
        JOSEException - If a JCA signer / verifier couldn't be created.

      • getSignatureByteArrayLength

        public static int getSignatureByteArrayLength​(JWSAlgorithm alg)
                                       throws JOSEException
        Returns the expected signature byte array length (R + S parts) for the specified ECDSA algorithm.
        Parameters:
        alg - The ECDSA algorithm. Must be supported and not null.
        Returns:
        The expected byte array length for the signature.
        Throws:
        JOSEException - If the algorithm is not supported.

      • transcodeSignatureToConcat

        public static byte[] transcodeSignatureToConcat​(byte[] derSignature,
                                                int outputLength)
                                         throws JOSEException
        Transcodes the JCA ASN.1/DER-encoded signature into the concatenated R + S format expected by ECDSA JWS.
        Parameters:
        derSignature - The ASN1./DER-encoded. Must not be null.
        outputLength - The expected length of the ECDSA JWS signature.
        Returns:
        The ECDSA JWS encoded signature.
        Throws:
        JOSEException - If the ASN.1/DER signature format is invalid.

      • transcodeSignatureToDER

        public static byte[] transcodeSignatureToDER​(byte[] jwsSignature)
                                      throws JOSEException
        Transcodes the ECDSA JWS signature into ASN.1/DER format for use by the JCA verifier.
        Parameters:
        jwsSignature - The JWS signature, consisting of the concatenated R and S values. Must not be null.
        Returns:
        The ASN.1/DER encoded signature.
        Throws:
        JOSEException - If the ECDSA JWS signature format is invalid or conversion failed unexpectedly.

      • transcodeSignatureToDERBitcoin

        public static byte[] transcodeSignatureToDERBitcoin​(byte[] jwsSignature)
                                             throws JOSEException
        Throws:
        JOSEException

      • ensureLegalSignature

        public static void ensureLegalSignature​(byte[] jwsSignature,
                                        JWSAlgorithm jwsAlg)
                                 throws JOSEException
        Ensures the specified ECDSA signature is legal. Intended to prevent attacks on JCA implementations vulnerable to CVE-2022-21449 and similar bugs.
        Parameters:
        jwsSignature - The JWS signature. Must not be null.
        jwsAlg - The ECDSA JWS algorithm. Must not be null.
        Throws:
        JOSEException - If the signature is found to be illegal, or the JWS algorithm or curve are not supported.