fast-rsa-engine 0.1.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +4 -0
- data/.travis.yml +4 -0
- data/Gemfile +4 -0
- data/LICENSE +22 -0
- data/README.md +48 -0
- data/Rakefile +22 -0
- data/benchmark/benchmark-with-builtin-rsa.rb +3 -0
- data/benchmark/benchmark-with-fast-rsa.rb +7 -0
- data/benchmark/benchmark.rb +54 -0
- data/benchmark/foo.pem +51 -0
- data/benchmark/foo_cert.pem +29 -0
- data/fast-rsa-engine.gemspec +31 -0
- data/lib/fast-rsa-engine.rb +13 -0
- data/lib/fast-rsa-engine_jars.rb +6 -0
- data/spec/cipher_spec.rb +42 -0
- data/spec/foo.pem +51 -0
- data/spec/foo_cert.pem +29 -0
- data/spec/security_helper_spec.rb +14 -0
- data/spec/setup.rb +8 -0
- data/spec/signature_spec.rb +35 -0
- data/src/main/java/com/github/lookout/fastrsa/FastCipherSpi.java +195 -0
- data/src/main/java/com/github/lookout/fastrsa/FastDigestSignatureSpi.java +133 -0
- data/src/main/java/com/github/lookout/fastrsa/SecurityHelperMap.java +29 -0
- metadata +127 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 34ef8fe8898dc14764728ee5dd7fa4d53de8ad95
|
4
|
+
data.tar.gz: 6dc8fedd5cbe6811bc3ada4d4e41998d9c2f319b
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 05d9be8088242e5514597463c0626e20ac2d6403f8467ca735b0a1df6115002a82670bfb0fe9ea2d24be97d01cb4716501e8b9f68130bfcea22f4bead783632a
|
7
|
+
data.tar.gz: a9953017c70958609774b7e4c6469f6fedde6a03695dc959ace5bdb6096a56f95cae944486e46dfb464d80627ecb4fa810e0b5fef5cfdf8a13e243cf395958a6
|
data/.gitignore
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/LICENSE
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2015 Lookout Inc.
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
21
|
+
SOFTWARE.
|
22
|
+
|
data/README.md
ADDED
@@ -0,0 +1,48 @@
|
|
1
|
+
# Fast RSA Engine for jruby-openssl gem
|
2
|
+
|
3
|
+
this gem replaces the RSA signature and RSA ciphers from jruby-openssl by the must faster implementation of them. see [corner.squareup.com/2014/02/faster-rsa-jnagmp.html](https://corner.squareup.com/2014/02/faster-rsa-jnagmp.html)
|
4
|
+
|
5
|
+
but this works only for **darwin** and **linux-x84_64** platforms due to the library used from squareup.
|
6
|
+
|
7
|
+
the improvement in performance brings JRuby verify and decrypy using RSA close to MRI.
|
8
|
+
|
9
|
+
## installation
|
10
|
+
|
11
|
+
via rubygems
|
12
|
+
```
|
13
|
+
gem install fast-rsa-engine
|
14
|
+
```
|
15
|
+
or add to your Gemfile
|
16
|
+
```
|
17
|
+
gem 'fast-rsa-engine'
|
18
|
+
```
|
19
|
+
|
20
|
+
installing the gem also takes care of the jar dependencies with jruby-1.7.16+
|
21
|
+
|
22
|
+
## usage
|
23
|
+
|
24
|
+
with bundler its auto-require magic will be sufficient. otherwise just
|
25
|
+
|
26
|
+
require 'fast-rsa-engine'
|
27
|
+
|
28
|
+
## running the benchmark
|
29
|
+
|
30
|
+
ruby benchmark/benchmark-with-fast-rsa.rb
|
31
|
+
|
32
|
+
or
|
33
|
+
ruby benchmark/benchmark-with-builtin-rsa.rb
|
34
|
+
|
35
|
+
## developement
|
36
|
+
|
37
|
+
get all the gems and jars in place
|
38
|
+
|
39
|
+
gem install jar-dependencies --development
|
40
|
+
bundle install
|
41
|
+
|
42
|
+
for running all specs
|
43
|
+
|
44
|
+
rake
|
45
|
+
|
46
|
+
## meta-fu
|
47
|
+
|
48
|
+
enjoy :)
|
data/Rakefile
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
#-*- mode: ruby -*-
|
2
|
+
|
3
|
+
require 'bundler/gem_tasks'
|
4
|
+
require 'ruby-maven'
|
5
|
+
|
6
|
+
desc "Pack fast-rsa-engine.jar with the compiled classes"
|
7
|
+
task :jar do
|
8
|
+
RubyMaven.exec('prepare-package', '-Dmaven.test.skip')
|
9
|
+
end
|
10
|
+
|
11
|
+
require "rspec/core/rake_task"
|
12
|
+
RSpec::Core::RakeTask.new
|
13
|
+
|
14
|
+
task :default => [ :jar, :spec ]
|
15
|
+
|
16
|
+
require 'rubygems/package_task'
|
17
|
+
Gem::PackageTask.new( eval File.read( './fast-rsa-engine.gemspec' ) ) do
|
18
|
+
desc 'Pack leafy-metrics.gem'
|
19
|
+
task :package => [:jar]
|
20
|
+
end
|
21
|
+
|
22
|
+
# vim: syntax=ruby
|
@@ -0,0 +1,54 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
count = (ARGV[0] || 1000).to_i
|
4
|
+
path = File.dirname(__FILE__)
|
5
|
+
|
6
|
+
require 'base64'
|
7
|
+
require 'benchmark'
|
8
|
+
require 'openssl'
|
9
|
+
|
10
|
+
# configure keys
|
11
|
+
public_key_file = "#{path}/foo_cert.pem" # public key in cert file
|
12
|
+
private_key_file = "#{path}/foo.pem" # private key file
|
13
|
+
|
14
|
+
$public_key = OpenSSL::X509::Certificate.new(File.read(public_key_file)).public_key
|
15
|
+
$private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file))
|
16
|
+
|
17
|
+
# example msg
|
18
|
+
msg = "THIS IS A TEST"
|
19
|
+
|
20
|
+
# example key for encrypt operation
|
21
|
+
aes = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
|
22
|
+
aes.encrypt
|
23
|
+
key = aes.random_key
|
24
|
+
|
25
|
+
def sign(msg)
|
26
|
+
$private_key.sign(OpenSSL::Digest.new('sha512'), msg)
|
27
|
+
end
|
28
|
+
|
29
|
+
def verify(msg, signature)
|
30
|
+
$public_key.verify(OpenSSL::Digest.new('sha512'), signature, msg)
|
31
|
+
end
|
32
|
+
|
33
|
+
def encrypt(content)
|
34
|
+
$public_key.public_encrypt(content)
|
35
|
+
end
|
36
|
+
|
37
|
+
def decrypt(encrypted_msg)
|
38
|
+
$private_key.private_decrypt(encrypted_msg)
|
39
|
+
end
|
40
|
+
|
41
|
+
# signature, encrypted key for verify, decrypt tests
|
42
|
+
signature = sign(msg)
|
43
|
+
encrypted_key = encrypt(msg)
|
44
|
+
|
45
|
+
puts "#{RUBY_ENGINE} N = #{count}"
|
46
|
+
Benchmark.bm(17) do |x|
|
47
|
+
x.report('sign') { count.times { sign(msg) } }
|
48
|
+
x.report('verify') { count.times { verify(msg, signature) } }
|
49
|
+
x.report('encrypt') { count.times { encrypt(key) } }
|
50
|
+
x.report('decrypt') { count.times { decrypt(encrypted_key) } }
|
51
|
+
end
|
52
|
+
puts
|
53
|
+
p verify(msg, signature)
|
54
|
+
p decrypt(encrypted_key)
|
data/benchmark/foo.pem
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIJKgIBAAKCAgEAtPhHvStOVd29e7ElR3+uUeFYDdmVJ9OW1XQOs2QPpxSnpWbe
|
3
|
+
++NNoqroCGCliRbXHYoX+WpnbtdMDmLhSq4w4jmvL9CotFhfwhOtNY87GrEtMi2k
|
4
|
+
+//OHz7hBZ5FqxEgNuC/vCZoGFZvnGRLmtU0Q2B/7VV4zG9CiEumBdvZ6K40471X
|
5
|
+
L1c2W/AOyXXcGHVAO8PYF91CHu0gi6qB3tJ+kOrieX2cIs1W8NVc5Cz4SGwzlI8J
|
6
|
+
9td9XE0Yef2aLxT021DxxuRubZI57/zrbR0MUoa0dKG6GTYMGw3g3gzjkcHjFLhn
|
7
|
+
7FJgqxubFz2xEQWO03SIaQj5lxF9tW9u8PKJwhiNrnIMa4JreNELlGCfqTd1eYJg
|
8
|
+
vC2f6pkiNODbAqwhlALCXKOSVBdT5ZzkP99O8vq3+mLfjYH9/0bheXKe/eeXcNoe
|
9
|
+
dH5xtnglQOUqGw5BwkRkcApv/+rcs2GvhlWjCc9SmBQlu2lR7gPkUMvemHlzVtid
|
10
|
+
3VKOt45/pGTkcD8iK/6QYmwlqmiU3Wq0NOcF5UcVqyQRCl9Vyzu280OsA8jpNRbT
|
11
|
+
m/QLIxVKRwNSlSa3Et17omk2Xi7nLQybrpEpIZ6NsTaps23Auxg3cPHNjcPVOWbU
|
12
|
+
piRsQh8JBQMAyJY/7eQ4xtaKOS8VHrwIJVIuJWbLiXW9oBCjk6eA/kHM/FMCAwEA
|
13
|
+
AQKCAgEAkxUrsUsOOumixHJgmzDh7DibSX5rJNhqwge2nwSXWDOIYf0vBEhk4+3F
|
14
|
+
8nEieT4wDhkbjSJ2+HZRoWuqMflLT8KUaOdNBm7BPUqiv2IvJm2UDzFb41iwHWMM
|
15
|
+
nnVZqESeCxw1mWUZu5Yc1l4JuMjJ1m0K7ElIiddvmrjpMd/SxrM311UfFCHs02JT
|
16
|
+
kleRT+uUDj8JVbQFtn8BsaIeNYydQ4k0EowNp5d+rvSqr+UA0lPmxDpRXeccQzWB
|
17
|
+
zDxa4SNGMy4ho4YrXjC3mB7W9XLjfftvlU+Qokb0JdTsy2xsVR3hQwjxpff6C3e/
|
18
|
+
YG9Kh0weHiybZcremHKl2h28bGajoNf36z6MdGG9ins/zPc2DHSUXytDxE2Zri1q
|
19
|
+
Esl41CO1NGQl/FLs6fJes9RvYeDU6C+6iQf+P3iHen8ruHns3OGYKKFwLRWMiQwG
|
20
|
+
cK0Oy2+L8G23GhE2g+hor89MNMMLnsTOHe0OBnBFQfuujn2ZZ1kmUxkKFm43WjUi
|
21
|
+
psqTuYR/Cs14jwUTFpe6/MMaRcYurueJY2PQEo28dFmz+FClUdRR7OZvbXAq0bb5
|
22
|
+
JeeFcU6S5tWtZNcLsK93L+r290Jw7E34/J+zyV9G45kzpUqyIF7Cw6BlRaq2VD+V
|
23
|
+
nxEpbo9h4ZnKcYsjFuFul7NvPUHWicfsN7e1HKGa/bkcZF/+RlECggEBAOFN2MQW
|
24
|
+
y6ND3P18+k6EzAPlsqZAnnhO8Mh6kxoOdTSayD23iUbCFMkohGEOVeyvRLHqX971
|
25
|
+
W0rtqZ4Qrew3U/dWboUWWo7WkIk2Iicfx8DXIReIwzjMnWZAJnylEzAYosiaIJG5
|
26
|
+
ZUPaeCOFdZsMPT8mLKwo8hFM3sWVq9hb52xwBgraqQIsCZM6SoZb+LbbwVdEHR6z
|
27
|
+
6MVUEhqgsI64qF+tlZGThuCCJQzRwz9Uwrr+dKNC1fskhnCYbsHX37K6O5PB5ILW
|
28
|
+
vamGCqCfsP+vzpWZwB9X43muRq0CPNsuoHfwL/uzHTzVRgBhGSNpDkf1ytl4RW7/
|
29
|
+
9ECk68h0e2lxYDsCggEBAM2gJO5KlVI9ES8liccdSH22PKQtYhQzFmCqUookcdap
|
30
|
+
rH1RdGSvT7FnZLLEjDZUQfcHF1fU1xTwuXEXixmlDwFG9AftaQNT2cvaANYGjhSA
|
31
|
+
DP5RSaC+DH9teRatwgihN9oNfTL6Rj8Eg+HDAFT6m7Hjyxiz1/7D2y0Kk4NHbMwZ
|
32
|
+
YhHbblfyWnPx0jtdY02jeenAdamRmmaF68GtqgCsYxaWXzeZt8CVm+qXbu18dw0D
|
33
|
+
y0XT4FlwajDqdMkzdrKtU7biTJdK8Mq2JUyzkfzWM7dO39UQFVGLbmULsgdvRDw9
|
34
|
+
+7AvIrjwYznTwtao3MZFiyx588TG9vGWOJ4rhKLQaskCggEADIN+XqXFebPzOkEO
|
35
|
+
xf2qNy0y1vkP1C7OQNROB0x2Rg2ywXrILR3qeaG+eIWLUDIL5rXVzVRjVa4NlbHn
|
36
|
+
dw87oqkySkILlZNlQ7m1++ZP+e348I2wCh+TPnKhsJqajjlQEUQ+OtnJPhOMSKzI
|
37
|
+
82uimzdLk+RSTZOva9n8SXARUnyGWWP7rxszDPJX4U6Kad2ax3YJCAOGEi+xMblr
|
38
|
+
FQI8l9PUUtmWzDFuTV/5MDNM/YXUhJzZtbE5pldRD4Ml8Y9Wb8Z9Iqc6sYe4X2N/
|
39
|
+
OTRSjQyVFyiSgdekJUfSiXn1f7PfdmNkZFSUJsE93DGhkW2dbqa3dIrSziRa1C9k
|
40
|
+
C184sQKCAQEAmMLQrPdb16zmh1Ar+3EV2c75Xj8ZDkil50qh518L8546Nx+8iNB1
|
41
|
+
NCbL+MNsJzCRkSQDg4zr/PKZ0hrbjEHD0/8SbJFD4uT4eSmMVXSpOTGodYeOW4zV
|
42
|
+
XBXIT8Dm1eJvy98ZlDW62jZQg/iK1pcX9CB3UfLKFMsMmXmx/WWivj5dTUbnww6Z
|
43
|
+
hGmy9cd7bsJ0X+RLhZ5WRrRXYZvTIIzxUGaGdpgMm1aKbs3x6xz8lP6slUPC+K87
|
44
|
+
NPv5p0BEfpmmB8g3fm5+VRrcuw7s9hlsclJ2l6NLMzmS2h7GNB/FYbvqsAlUknCE
|
45
|
+
RwG7Th5FZkdkDbbMEvR9oR0pEtjhwNN1gQKCAQEAvJQkeVWUZQ4aC0xTeLwdWbFE
|
46
|
+
EftxREWpsVbe/j9sO1km5CMJsbWqLEQ9el3iOIAIetht0qKe1wdh7LC2N8uvhim4
|
47
|
+
OnUkoHdWBER6D2xi2T+KzSZo9NJSGefE+IFAYBBg3ncrQzrASFN9Ij7iHC6MRSaB
|
48
|
+
BBYZ3YbsaCm3koQRE0f9R/b8OM0kO8dec1hlGC2/Zi599sttyp8RUcCb/eEz1I/t
|
49
|
+
MhwJC7EE7+QWjfbHQlmRxYRoMtfgpis18cdm8LDGg6eA42MfLwrAPAkPhkt8wATp
|
50
|
+
c/TIDOyx1RSMY1ssLp51tgf9exiElWSO6zxq9CPvlLP3nM3pkEJGnmSmzS9LOQ==
|
51
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,29 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIFAjCCAuoCBFWkCjYwDQYJKoZIhvcNAQELBQAwRTELMAkGA1UEBhMCQVUxEzAR
|
3
|
+
BgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5
|
4
|
+
IEx0ZDAeFw0xNTA3MTMxODU3NThaFw0xNzA3MTIxODU3NThaMEYxCzAJBgNVBAYT
|
5
|
+
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQHDAtTYW5GcmFuY2lzbzEM
|
6
|
+
MAoGA1UEAwwDZm9vMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtPhH
|
7
|
+
vStOVd29e7ElR3+uUeFYDdmVJ9OW1XQOs2QPpxSnpWbe++NNoqroCGCliRbXHYoX
|
8
|
+
+WpnbtdMDmLhSq4w4jmvL9CotFhfwhOtNY87GrEtMi2k+//OHz7hBZ5FqxEgNuC/
|
9
|
+
vCZoGFZvnGRLmtU0Q2B/7VV4zG9CiEumBdvZ6K40471XL1c2W/AOyXXcGHVAO8PY
|
10
|
+
F91CHu0gi6qB3tJ+kOrieX2cIs1W8NVc5Cz4SGwzlI8J9td9XE0Yef2aLxT021Dx
|
11
|
+
xuRubZI57/zrbR0MUoa0dKG6GTYMGw3g3gzjkcHjFLhn7FJgqxubFz2xEQWO03SI
|
12
|
+
aQj5lxF9tW9u8PKJwhiNrnIMa4JreNELlGCfqTd1eYJgvC2f6pkiNODbAqwhlALC
|
13
|
+
XKOSVBdT5ZzkP99O8vq3+mLfjYH9/0bheXKe/eeXcNoedH5xtnglQOUqGw5BwkRk
|
14
|
+
cApv/+rcs2GvhlWjCc9SmBQlu2lR7gPkUMvemHlzVtid3VKOt45/pGTkcD8iK/6Q
|
15
|
+
YmwlqmiU3Wq0NOcF5UcVqyQRCl9Vyzu280OsA8jpNRbTm/QLIxVKRwNSlSa3Et17
|
16
|
+
omk2Xi7nLQybrpEpIZ6NsTaps23Auxg3cPHNjcPVOWbUpiRsQh8JBQMAyJY/7eQ4
|
17
|
+
xtaKOS8VHrwIJVIuJWbLiXW9oBCjk6eA/kHM/FMCAwEAATANBgkqhkiG9w0BAQsF
|
18
|
+
AAOCAgEAdcnH4rVynCQWGYfR/n2XC0j34d058kfTqFuIYuTwEkY0jkIZqRBZuzwm
|
19
|
+
F88BKlRPk4qkkMXjRmvBisdcyFQiyvlf+fJlDuNKk21Dae+4P3HMz6xPK6vathKS
|
20
|
+
pAzQr9KDOp628c/8rGoxCV2hAkSyzHBC5WUwP8yBxWVG6QzqFrnUkTEo6x9S6RkG
|
21
|
+
10g7YWi594L3RoJ/gFWKuqn3sGCetrqhQfrdskS5FaCEGLrs7/h74AJnjs6aVJCZ
|
22
|
+
LklsjPJpadd+WSFIRCGQhTWQUKVc8bil9vDxfIPW5Kj/DJvirbeJinGEIc7gR9WI
|
23
|
+
bYdje5UCphWlJr5ePGreyZvyDUElgTjhiiqWlUAgG5eJYJ2NEvH4g70laIDJZYt2
|
24
|
+
PZA0egp29+EKG3U3CXJkOoW8/z4mFgReYpWh/pqZesLePh4dbBrK/WCdAprKImZc
|
25
|
+
ymOD6K5IY9A0CeN6uW9VBnI0ed8KEGagfKCpCEBgbkhq27y7FVke1/oVXkWrXIFt
|
26
|
+
WfDd1hAJwUbxAeQXEwyAqDoCyKIvDqksGW+NL2o0N9DCP5cTMgho34WeUVdAuezM
|
27
|
+
6wznqkkK9TB8mOtiJhPomlO2YL5/ShVVX0FoyQQ+ox2WMYIurbwguRVUAUNnfIdf
|
28
|
+
EqvJtVogFDekF8bxVA5RoiON8Dr8cDxSMU5eoH0Ixp3id5zsxQI=
|
29
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,31 @@
|
|
1
|
+
#-*- mode: ruby -*-
|
2
|
+
|
3
|
+
Gem::Specification.new do |s|
|
4
|
+
s.name = 'fast-rsa-engine'
|
5
|
+
s.version = '0.1.0'
|
6
|
+
s.author = 'Christian Meieier'
|
7
|
+
s.email = [ 'christian.meier@lookout.com' ]
|
8
|
+
s.platform = 'java'
|
9
|
+
|
10
|
+
s.license = 'MIT'
|
11
|
+
s.summary = %q(replaces the RSA signature and RSA ciphers from jruby-openssl by the must faster implementation of them)
|
12
|
+
s.homepage = 'https://github.com/lookout/fast-rsa-engine'
|
13
|
+
s.description = %q(this gem replaces the RSA signature and RSA ciphers from jruby-openssl by the must faster implementation of them. see https://corner.squareup.com/2014/02/faster-rsa-jnagmp.html)
|
14
|
+
|
15
|
+
s.files = `git ls-files`.split($/)
|
16
|
+
|
17
|
+
BC_VERSION = '1.50'
|
18
|
+
# needed for runtime
|
19
|
+
s.requirements << "jar com.squareup.jnagmp:bouncycastle-rsa, 1.0.0"
|
20
|
+
# needed for compilation
|
21
|
+
s.requirements << "jar org.bouncycastle:bcpkix-jdk15on, #{BC_VERSION}, :scope => :provided"
|
22
|
+
s.requirements << "jar org.bouncycastle:bcprov-jdk15on, #{BC_VERSION}, :scope => :provided"
|
23
|
+
s.requirements << "pom org.jruby:jruby-core, 1.7.21, :scope => :provided"
|
24
|
+
|
25
|
+
s.add_runtime_dependency 'jar-dependencies', '~> 0.1'
|
26
|
+
s.add_development_dependency 'ruby-maven', '~> 3.3'
|
27
|
+
s.add_development_dependency 'rspec', '~> 3.3'
|
28
|
+
s.add_development_dependency 'rake', '~> 10.2'
|
29
|
+
end
|
30
|
+
|
31
|
+
# vim: syntax=ruby
|
@@ -0,0 +1,13 @@
|
|
1
|
+
require 'fast-rsa-engine_jars.rb'
|
2
|
+
require 'fast-rsa-engine.jar'
|
3
|
+
require 'openssl'
|
4
|
+
|
5
|
+
# keep the default name space clean and use tap
|
6
|
+
tap do
|
7
|
+
engines = Java::OrgJrubyExtOpenssl::SecurityHelper.java_class.declared_field 'implEngines'
|
8
|
+
engines.accessible = true
|
9
|
+
com.github.lookout.fastrsa.SecurityHelperMap.setup( engines.value( Java::OrgJrubyExtOpenssl::SecurityHelper ))
|
10
|
+
use_internal = Java::OrgJrubyExtOpenssl::SecurityHelper.java_class.declared_field 'tryCipherInternal'
|
11
|
+
use_internal.accessible = true
|
12
|
+
use_internal.set_value( Java::OrgJrubyExtOpenssl::SecurityHelper, true )
|
13
|
+
end
|
@@ -0,0 +1,6 @@
|
|
1
|
+
# this is a generated file, to avoid over-writing it just delete this comment
|
2
|
+
require 'jar_dependencies'
|
3
|
+
|
4
|
+
require_jar( 'net.java.dev.jna', 'jna', '4.0.0' )
|
5
|
+
require_jar( 'com.squareup.jnagmp', 'bouncycastle-rsa', '1.0.0' )
|
6
|
+
require_jar( 'com.squareup.jnagmp', 'jnagmp', '1.0.0' )
|
data/spec/cipher_spec.rb
ADDED
@@ -0,0 +1,42 @@
|
|
1
|
+
require_relative 'setup'
|
2
|
+
|
3
|
+
describe 'Cipher' do
|
4
|
+
|
5
|
+
let( :this ) { File.expand_path( '..', __FILE__) }
|
6
|
+
|
7
|
+
let( :private_key ) {
|
8
|
+
file = File.read("#{this}/foo.pem")
|
9
|
+
OpenSSL::PKey::RSA.new(file)
|
10
|
+
}
|
11
|
+
|
12
|
+
let( :msg ) {
|
13
|
+
file = File.read("#{this}/foo_cert.pem")
|
14
|
+
public_key = OpenSSL::X509::Certificate.new(file).public_key
|
15
|
+
public_key.public_encrypt("THIS IS A TEST")
|
16
|
+
}
|
17
|
+
|
18
|
+
let( :rounds ) { 10 }
|
19
|
+
|
20
|
+
it 'is faster the regular cipher' do
|
21
|
+
# clear the fast engines
|
22
|
+
engines.clear
|
23
|
+
|
24
|
+
start = Time.new.to_f
|
25
|
+
rounds.times do
|
26
|
+
private_key.private_decrypt(msg)
|
27
|
+
end
|
28
|
+
delta1 = Time.new.to_f - start
|
29
|
+
|
30
|
+
# setup the fast engines
|
31
|
+
load( "${this}/../lib/fast-rsa-engine.rb" )
|
32
|
+
|
33
|
+
start = Time.new.to_f
|
34
|
+
rounds.times do
|
35
|
+
private_key.private_decrypt(msg)
|
36
|
+
end
|
37
|
+
delta2 = Time.new.to_f - start
|
38
|
+
|
39
|
+
expect( delta1 ).to be > 2 * delta2
|
40
|
+
end
|
41
|
+
|
42
|
+
end
|
data/spec/foo.pem
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIJKgIBAAKCAgEAtPhHvStOVd29e7ElR3+uUeFYDdmVJ9OW1XQOs2QPpxSnpWbe
|
3
|
+
++NNoqroCGCliRbXHYoX+WpnbtdMDmLhSq4w4jmvL9CotFhfwhOtNY87GrEtMi2k
|
4
|
+
+//OHz7hBZ5FqxEgNuC/vCZoGFZvnGRLmtU0Q2B/7VV4zG9CiEumBdvZ6K40471X
|
5
|
+
L1c2W/AOyXXcGHVAO8PYF91CHu0gi6qB3tJ+kOrieX2cIs1W8NVc5Cz4SGwzlI8J
|
6
|
+
9td9XE0Yef2aLxT021DxxuRubZI57/zrbR0MUoa0dKG6GTYMGw3g3gzjkcHjFLhn
|
7
|
+
7FJgqxubFz2xEQWO03SIaQj5lxF9tW9u8PKJwhiNrnIMa4JreNELlGCfqTd1eYJg
|
8
|
+
vC2f6pkiNODbAqwhlALCXKOSVBdT5ZzkP99O8vq3+mLfjYH9/0bheXKe/eeXcNoe
|
9
|
+
dH5xtnglQOUqGw5BwkRkcApv/+rcs2GvhlWjCc9SmBQlu2lR7gPkUMvemHlzVtid
|
10
|
+
3VKOt45/pGTkcD8iK/6QYmwlqmiU3Wq0NOcF5UcVqyQRCl9Vyzu280OsA8jpNRbT
|
11
|
+
m/QLIxVKRwNSlSa3Et17omk2Xi7nLQybrpEpIZ6NsTaps23Auxg3cPHNjcPVOWbU
|
12
|
+
piRsQh8JBQMAyJY/7eQ4xtaKOS8VHrwIJVIuJWbLiXW9oBCjk6eA/kHM/FMCAwEA
|
13
|
+
AQKCAgEAkxUrsUsOOumixHJgmzDh7DibSX5rJNhqwge2nwSXWDOIYf0vBEhk4+3F
|
14
|
+
8nEieT4wDhkbjSJ2+HZRoWuqMflLT8KUaOdNBm7BPUqiv2IvJm2UDzFb41iwHWMM
|
15
|
+
nnVZqESeCxw1mWUZu5Yc1l4JuMjJ1m0K7ElIiddvmrjpMd/SxrM311UfFCHs02JT
|
16
|
+
kleRT+uUDj8JVbQFtn8BsaIeNYydQ4k0EowNp5d+rvSqr+UA0lPmxDpRXeccQzWB
|
17
|
+
zDxa4SNGMy4ho4YrXjC3mB7W9XLjfftvlU+Qokb0JdTsy2xsVR3hQwjxpff6C3e/
|
18
|
+
YG9Kh0weHiybZcremHKl2h28bGajoNf36z6MdGG9ins/zPc2DHSUXytDxE2Zri1q
|
19
|
+
Esl41CO1NGQl/FLs6fJes9RvYeDU6C+6iQf+P3iHen8ruHns3OGYKKFwLRWMiQwG
|
20
|
+
cK0Oy2+L8G23GhE2g+hor89MNMMLnsTOHe0OBnBFQfuujn2ZZ1kmUxkKFm43WjUi
|
21
|
+
psqTuYR/Cs14jwUTFpe6/MMaRcYurueJY2PQEo28dFmz+FClUdRR7OZvbXAq0bb5
|
22
|
+
JeeFcU6S5tWtZNcLsK93L+r290Jw7E34/J+zyV9G45kzpUqyIF7Cw6BlRaq2VD+V
|
23
|
+
nxEpbo9h4ZnKcYsjFuFul7NvPUHWicfsN7e1HKGa/bkcZF/+RlECggEBAOFN2MQW
|
24
|
+
y6ND3P18+k6EzAPlsqZAnnhO8Mh6kxoOdTSayD23iUbCFMkohGEOVeyvRLHqX971
|
25
|
+
W0rtqZ4Qrew3U/dWboUWWo7WkIk2Iicfx8DXIReIwzjMnWZAJnylEzAYosiaIJG5
|
26
|
+
ZUPaeCOFdZsMPT8mLKwo8hFM3sWVq9hb52xwBgraqQIsCZM6SoZb+LbbwVdEHR6z
|
27
|
+
6MVUEhqgsI64qF+tlZGThuCCJQzRwz9Uwrr+dKNC1fskhnCYbsHX37K6O5PB5ILW
|
28
|
+
vamGCqCfsP+vzpWZwB9X43muRq0CPNsuoHfwL/uzHTzVRgBhGSNpDkf1ytl4RW7/
|
29
|
+
9ECk68h0e2lxYDsCggEBAM2gJO5KlVI9ES8liccdSH22PKQtYhQzFmCqUookcdap
|
30
|
+
rH1RdGSvT7FnZLLEjDZUQfcHF1fU1xTwuXEXixmlDwFG9AftaQNT2cvaANYGjhSA
|
31
|
+
DP5RSaC+DH9teRatwgihN9oNfTL6Rj8Eg+HDAFT6m7Hjyxiz1/7D2y0Kk4NHbMwZ
|
32
|
+
YhHbblfyWnPx0jtdY02jeenAdamRmmaF68GtqgCsYxaWXzeZt8CVm+qXbu18dw0D
|
33
|
+
y0XT4FlwajDqdMkzdrKtU7biTJdK8Mq2JUyzkfzWM7dO39UQFVGLbmULsgdvRDw9
|
34
|
+
+7AvIrjwYznTwtao3MZFiyx588TG9vGWOJ4rhKLQaskCggEADIN+XqXFebPzOkEO
|
35
|
+
xf2qNy0y1vkP1C7OQNROB0x2Rg2ywXrILR3qeaG+eIWLUDIL5rXVzVRjVa4NlbHn
|
36
|
+
dw87oqkySkILlZNlQ7m1++ZP+e348I2wCh+TPnKhsJqajjlQEUQ+OtnJPhOMSKzI
|
37
|
+
82uimzdLk+RSTZOva9n8SXARUnyGWWP7rxszDPJX4U6Kad2ax3YJCAOGEi+xMblr
|
38
|
+
FQI8l9PUUtmWzDFuTV/5MDNM/YXUhJzZtbE5pldRD4Ml8Y9Wb8Z9Iqc6sYe4X2N/
|
39
|
+
OTRSjQyVFyiSgdekJUfSiXn1f7PfdmNkZFSUJsE93DGhkW2dbqa3dIrSziRa1C9k
|
40
|
+
C184sQKCAQEAmMLQrPdb16zmh1Ar+3EV2c75Xj8ZDkil50qh518L8546Nx+8iNB1
|
41
|
+
NCbL+MNsJzCRkSQDg4zr/PKZ0hrbjEHD0/8SbJFD4uT4eSmMVXSpOTGodYeOW4zV
|
42
|
+
XBXIT8Dm1eJvy98ZlDW62jZQg/iK1pcX9CB3UfLKFMsMmXmx/WWivj5dTUbnww6Z
|
43
|
+
hGmy9cd7bsJ0X+RLhZ5WRrRXYZvTIIzxUGaGdpgMm1aKbs3x6xz8lP6slUPC+K87
|
44
|
+
NPv5p0BEfpmmB8g3fm5+VRrcuw7s9hlsclJ2l6NLMzmS2h7GNB/FYbvqsAlUknCE
|
45
|
+
RwG7Th5FZkdkDbbMEvR9oR0pEtjhwNN1gQKCAQEAvJQkeVWUZQ4aC0xTeLwdWbFE
|
46
|
+
EftxREWpsVbe/j9sO1km5CMJsbWqLEQ9el3iOIAIetht0qKe1wdh7LC2N8uvhim4
|
47
|
+
OnUkoHdWBER6D2xi2T+KzSZo9NJSGefE+IFAYBBg3ncrQzrASFN9Ij7iHC6MRSaB
|
48
|
+
BBYZ3YbsaCm3koQRE0f9R/b8OM0kO8dec1hlGC2/Zi599sttyp8RUcCb/eEz1I/t
|
49
|
+
MhwJC7EE7+QWjfbHQlmRxYRoMtfgpis18cdm8LDGg6eA42MfLwrAPAkPhkt8wATp
|
50
|
+
c/TIDOyx1RSMY1ssLp51tgf9exiElWSO6zxq9CPvlLP3nM3pkEJGnmSmzS9LOQ==
|
51
|
+
-----END RSA PRIVATE KEY-----
|
data/spec/foo_cert.pem
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIFAjCCAuoCBFWkCjYwDQYJKoZIhvcNAQELBQAwRTELMAkGA1UEBhMCQVUxEzAR
|
3
|
+
BgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5
|
4
|
+
IEx0ZDAeFw0xNTA3MTMxODU3NThaFw0xNzA3MTIxODU3NThaMEYxCzAJBgNVBAYT
|
5
|
+
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQHDAtTYW5GcmFuY2lzbzEM
|
6
|
+
MAoGA1UEAwwDZm9vMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtPhH
|
7
|
+
vStOVd29e7ElR3+uUeFYDdmVJ9OW1XQOs2QPpxSnpWbe++NNoqroCGCliRbXHYoX
|
8
|
+
+WpnbtdMDmLhSq4w4jmvL9CotFhfwhOtNY87GrEtMi2k+//OHz7hBZ5FqxEgNuC/
|
9
|
+
vCZoGFZvnGRLmtU0Q2B/7VV4zG9CiEumBdvZ6K40471XL1c2W/AOyXXcGHVAO8PY
|
10
|
+
F91CHu0gi6qB3tJ+kOrieX2cIs1W8NVc5Cz4SGwzlI8J9td9XE0Yef2aLxT021Dx
|
11
|
+
xuRubZI57/zrbR0MUoa0dKG6GTYMGw3g3gzjkcHjFLhn7FJgqxubFz2xEQWO03SI
|
12
|
+
aQj5lxF9tW9u8PKJwhiNrnIMa4JreNELlGCfqTd1eYJgvC2f6pkiNODbAqwhlALC
|
13
|
+
XKOSVBdT5ZzkP99O8vq3+mLfjYH9/0bheXKe/eeXcNoedH5xtnglQOUqGw5BwkRk
|
14
|
+
cApv/+rcs2GvhlWjCc9SmBQlu2lR7gPkUMvemHlzVtid3VKOt45/pGTkcD8iK/6Q
|
15
|
+
YmwlqmiU3Wq0NOcF5UcVqyQRCl9Vyzu280OsA8jpNRbTm/QLIxVKRwNSlSa3Et17
|
16
|
+
omk2Xi7nLQybrpEpIZ6NsTaps23Auxg3cPHNjcPVOWbUpiRsQh8JBQMAyJY/7eQ4
|
17
|
+
xtaKOS8VHrwIJVIuJWbLiXW9oBCjk6eA/kHM/FMCAwEAATANBgkqhkiG9w0BAQsF
|
18
|
+
AAOCAgEAdcnH4rVynCQWGYfR/n2XC0j34d058kfTqFuIYuTwEkY0jkIZqRBZuzwm
|
19
|
+
F88BKlRPk4qkkMXjRmvBisdcyFQiyvlf+fJlDuNKk21Dae+4P3HMz6xPK6vathKS
|
20
|
+
pAzQr9KDOp628c/8rGoxCV2hAkSyzHBC5WUwP8yBxWVG6QzqFrnUkTEo6x9S6RkG
|
21
|
+
10g7YWi594L3RoJ/gFWKuqn3sGCetrqhQfrdskS5FaCEGLrs7/h74AJnjs6aVJCZ
|
22
|
+
LklsjPJpadd+WSFIRCGQhTWQUKVc8bil9vDxfIPW5Kj/DJvirbeJinGEIc7gR9WI
|
23
|
+
bYdje5UCphWlJr5ePGreyZvyDUElgTjhiiqWlUAgG5eJYJ2NEvH4g70laIDJZYt2
|
24
|
+
PZA0egp29+EKG3U3CXJkOoW8/z4mFgReYpWh/pqZesLePh4dbBrK/WCdAprKImZc
|
25
|
+
ymOD6K5IY9A0CeN6uW9VBnI0ed8KEGagfKCpCEBgbkhq27y7FVke1/oVXkWrXIFt
|
26
|
+
WfDd1hAJwUbxAeQXEwyAqDoCyKIvDqksGW+NL2o0N9DCP5cTMgho34WeUVdAuezM
|
27
|
+
6wznqkkK9TB8mOtiJhPomlO2YL5/ShVVX0FoyQQ+ox2WMYIurbwguRVUAUNnfIdf
|
28
|
+
EqvJtVogFDekF8bxVA5RoiON8Dr8cDxSMU5eoH0Ixp3id5zsxQI=
|
29
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,14 @@
|
|
1
|
+
require_relative 'setup'
|
2
|
+
|
3
|
+
describe 'SecurityHelper' do
|
4
|
+
|
5
|
+
it 'registers signatures with SecurityHelper' do
|
6
|
+
# clear the fast engines
|
7
|
+
engines.clear
|
8
|
+
# setup the fast engines
|
9
|
+
load( "${this}/../lib/fast-rsa-engine.rb" )
|
10
|
+
|
11
|
+
expect( engines.size ).to eq( 12 )
|
12
|
+
end
|
13
|
+
|
14
|
+
end
|
data/spec/setup.rb
ADDED
@@ -0,0 +1,8 @@
|
|
1
|
+
$: << File.expand_path( '../../lib', __FILE__ )
|
2
|
+
require 'fast-rsa-engine'
|
3
|
+
|
4
|
+
def engines
|
5
|
+
engines = Java::OrgJrubyExtOpenssl::SecurityHelper.java_class.declared_field 'implEngines'
|
6
|
+
engines.accessible = true
|
7
|
+
engines.value( Java::OrgJrubyExtOpenssl::SecurityHelper )
|
8
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
require_relative 'setup'
|
2
|
+
|
3
|
+
describe 'Signature' do
|
4
|
+
|
5
|
+
let( :this ) { File.expand_path( '..', __FILE__) }
|
6
|
+
|
7
|
+
let( :private_key ) { OpenSSL::PKey::RSA.new(File.read("#{this}/foo.pem")) }
|
8
|
+
|
9
|
+
let( :msg ) { "THIS IS A TEST" }
|
10
|
+
|
11
|
+
let( :rounds ) { 10 }
|
12
|
+
|
13
|
+
it 'is faster the regular signature' do
|
14
|
+
# clear the fast engines
|
15
|
+
engines.clear
|
16
|
+
|
17
|
+
start = Time.new.to_f
|
18
|
+
rounds.times do
|
19
|
+
private_key.sign(OpenSSL::Digest.new('sha512'), msg)
|
20
|
+
end
|
21
|
+
delta1 = Time.new.to_f - start
|
22
|
+
|
23
|
+
# setup the fast engines
|
24
|
+
load( "${this}/../lib/fast-rsa-engine.rb" )
|
25
|
+
|
26
|
+
start = Time.new.to_f
|
27
|
+
rounds.times do
|
28
|
+
private_key.sign(OpenSSL::Digest.new('sha512'), msg)
|
29
|
+
end
|
30
|
+
delta2 = Time.new.to_f - start
|
31
|
+
|
32
|
+
expect( delta1 ).to be > 2 * delta2
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
@@ -0,0 +1,195 @@
|
|
1
|
+
package com.github.lookout.fastrsa;
|
2
|
+
|
3
|
+
import com.squareup.crypto.rsa.NativeRSAEngine;
|
4
|
+
|
5
|
+
import java.lang.reflect.Field;
|
6
|
+
import java.security.spec.MGF1ParameterSpec;
|
7
|
+
|
8
|
+
import javax.crypto.NoSuchPaddingException;
|
9
|
+
import javax.crypto.spec.OAEPParameterSpec;
|
10
|
+
import javax.crypto.spec.PSource;
|
11
|
+
|
12
|
+
import org.bouncycastle.crypto.Digest;
|
13
|
+
import org.bouncycastle.jcajce.provider.util.DigestFactory;
|
14
|
+
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
|
15
|
+
import org.bouncycastle.crypto.AsymmetricBlockCipher;
|
16
|
+
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
|
17
|
+
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
|
18
|
+
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
|
19
|
+
import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
|
20
|
+
import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
|
21
|
+
import org.bouncycastle.crypto.encodings.OAEPEncoding;
|
22
|
+
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
|
23
|
+
import org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi;
|
24
|
+
import org.bouncycastle.util.Strings;
|
25
|
+
|
26
|
+
public class FastCipherSpi extends CipherSpi {
|
27
|
+
|
28
|
+
private FastCipherSpi(AsymmetricBlockCipher cipher) {
|
29
|
+
super( cipher );
|
30
|
+
}
|
31
|
+
|
32
|
+
private void initFromSpec(OAEPParameterSpec pSpec)
|
33
|
+
throws NoSuchPaddingException, NoSuchFieldException, IllegalAccessException
|
34
|
+
{
|
35
|
+
MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)pSpec.getMGFParameters();
|
36
|
+
Digest digest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm());
|
37
|
+
|
38
|
+
if (digest == null)
|
39
|
+
{
|
40
|
+
throw new NoSuchPaddingException("no match on OAEP constructor for digest algorithm: "+ mgfParams.getDigestAlgorithm());
|
41
|
+
}
|
42
|
+
|
43
|
+
cipher(new OAEPEncoding(new NativeRSAEngine(), digest, ((PSource.PSpecified)pSpec.getPSource()).getValue()));
|
44
|
+
set( pSpec, "paramSpec" );
|
45
|
+
}
|
46
|
+
|
47
|
+
private void cipher(AsymmetricBlockCipher cipher)
|
48
|
+
throws NoSuchFieldException, IllegalAccessException
|
49
|
+
{
|
50
|
+
set( cipher, "cipher" );
|
51
|
+
}
|
52
|
+
|
53
|
+
private void set(Object object, String name)
|
54
|
+
throws NoSuchFieldException, IllegalAccessException
|
55
|
+
{
|
56
|
+
Field field = getClass().getSuperclass().getSuperclass().getDeclaredField(name);
|
57
|
+
field.setAccessible(true);
|
58
|
+
field.set(this, object);
|
59
|
+
}
|
60
|
+
|
61
|
+
protected void engineSetPadding(
|
62
|
+
String padding)
|
63
|
+
throws NoSuchPaddingException
|
64
|
+
{
|
65
|
+
try {
|
66
|
+
String pad = Strings.toUpperCase(padding);
|
67
|
+
|
68
|
+
if (pad.equals("NOPADDING"))
|
69
|
+
{
|
70
|
+
cipher(new NativeRSAEngine());
|
71
|
+
}
|
72
|
+
else if (pad.equals("PKCS1PADDING"))
|
73
|
+
{
|
74
|
+
cipher(new PKCS1Encoding(new NativeRSAEngine()));
|
75
|
+
}
|
76
|
+
else if (pad.equals("ISO9796-1PADDING"))
|
77
|
+
{
|
78
|
+
cipher(new ISO9796d1Encoding(new NativeRSAEngine()));
|
79
|
+
}
|
80
|
+
else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING"))
|
81
|
+
{
|
82
|
+
initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT));
|
83
|
+
}
|
84
|
+
else if (pad.equals("OAEPPADDING"))
|
85
|
+
{
|
86
|
+
initFromSpec(OAEPParameterSpec.DEFAULT);
|
87
|
+
}
|
88
|
+
else if (pad.equals("OAEPWITHSHA1ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-1ANDMGF1PADDING"))
|
89
|
+
{
|
90
|
+
initFromSpec(OAEPParameterSpec.DEFAULT);
|
91
|
+
}
|
92
|
+
else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-224ANDMGF1PADDING"))
|
93
|
+
{
|
94
|
+
initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT));
|
95
|
+
}
|
96
|
+
else if (pad.equals("OAEPWITHSHA256ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-256ANDMGF1PADDING"))
|
97
|
+
{
|
98
|
+
initFromSpec(new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT));
|
99
|
+
}
|
100
|
+
else if (pad.equals("OAEPWITHSHA384ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-384ANDMGF1PADDING"))
|
101
|
+
{
|
102
|
+
initFromSpec(new OAEPParameterSpec("SHA-384", "MGF1", MGF1ParameterSpec.SHA384, PSource.PSpecified.DEFAULT));
|
103
|
+
}
|
104
|
+
else if (pad.equals("OAEPWITHSHA512ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-512ANDMGF1PADDING"))
|
105
|
+
{
|
106
|
+
initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT));
|
107
|
+
}
|
108
|
+
else
|
109
|
+
{
|
110
|
+
throw new NoSuchPaddingException(padding + " unavailable with RSA.");
|
111
|
+
}
|
112
|
+
}
|
113
|
+
catch(NoSuchFieldException e){
|
114
|
+
System.err.println("fall back to slow engine: " + e.getMessage());
|
115
|
+
super.engineSetPadding(padding);
|
116
|
+
}
|
117
|
+
catch(IllegalAccessException e){
|
118
|
+
System.err.println("fall back to slow engine: " + e.getMessage());
|
119
|
+
super.engineSetPadding(padding);
|
120
|
+
}
|
121
|
+
}
|
122
|
+
|
123
|
+
static public class NoPadding
|
124
|
+
extends FastCipherSpi
|
125
|
+
{
|
126
|
+
public NoPadding()
|
127
|
+
{
|
128
|
+
super(new NativeRSAEngine());
|
129
|
+
}
|
130
|
+
}
|
131
|
+
|
132
|
+
static public class PKCS1v1_5Padding
|
133
|
+
extends FastCipherSpi
|
134
|
+
{
|
135
|
+
public PKCS1v1_5Padding()
|
136
|
+
{
|
137
|
+
super(new PKCS1Encoding(new NativeRSAEngine()));
|
138
|
+
}
|
139
|
+
}
|
140
|
+
|
141
|
+
static public class PKCS1v1_5Padding_PrivateOnly
|
142
|
+
extends FastCipherSpi
|
143
|
+
{
|
144
|
+
public PKCS1v1_5Padding_PrivateOnly()
|
145
|
+
{
|
146
|
+
super(new PKCS1Encoding(new NativeRSAEngine()));
|
147
|
+
try {
|
148
|
+
engineSetMode("1");// private key only
|
149
|
+
}
|
150
|
+
catch(Exception e) {
|
151
|
+
throw new RuntimeException( "bug", e );
|
152
|
+
}
|
153
|
+
}
|
154
|
+
}
|
155
|
+
|
156
|
+
static public class PKCS1v1_5Padding_PublicOnly
|
157
|
+
extends FastCipherSpi
|
158
|
+
{
|
159
|
+
public PKCS1v1_5Padding_PublicOnly()
|
160
|
+
{
|
161
|
+
super(new PKCS1Encoding(new NativeRSAEngine()));
|
162
|
+
try {
|
163
|
+
engineSetMode("2");// public key only
|
164
|
+
}
|
165
|
+
catch(Exception e) {
|
166
|
+
throw new RuntimeException( "bug", e );
|
167
|
+
}
|
168
|
+
}
|
169
|
+
}
|
170
|
+
|
171
|
+
static public class OAEPPadding
|
172
|
+
extends FastCipherSpi
|
173
|
+
{
|
174
|
+
public OAEPPadding()
|
175
|
+
{
|
176
|
+
super(new NativeRSAEngine());
|
177
|
+
//super(OAEPParameterSpec.DEFAULT);
|
178
|
+
try {
|
179
|
+
engineSetPadding("OAEPPADDING");
|
180
|
+
}
|
181
|
+
catch(Exception e) {
|
182
|
+
throw new RuntimeException( "bug", e );
|
183
|
+
}
|
184
|
+
}
|
185
|
+
}
|
186
|
+
|
187
|
+
static public class ISO9796d1Padding
|
188
|
+
extends FastCipherSpi
|
189
|
+
{
|
190
|
+
public ISO9796d1Padding()
|
191
|
+
{
|
192
|
+
super(new ISO9796d1Encoding(new NativeRSAEngine()));
|
193
|
+
}
|
194
|
+
}
|
195
|
+
}
|
@@ -0,0 +1,133 @@
|
|
1
|
+
package com.github.lookout.fastrsa;
|
2
|
+
|
3
|
+
import com.squareup.crypto.rsa.NativeRSAEngine;
|
4
|
+
|
5
|
+
import java.lang.reflect.Field;
|
6
|
+
|
7
|
+
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
|
8
|
+
import org.bouncycastle.crypto.Digest;
|
9
|
+
import org.bouncycastle.crypto.digests.MD2Digest;
|
10
|
+
import org.bouncycastle.crypto.digests.MD4Digest;
|
11
|
+
import org.bouncycastle.crypto.digests.MD5Digest;
|
12
|
+
import org.bouncycastle.crypto.digests.NullDigest;
|
13
|
+
import org.bouncycastle.crypto.digests.RIPEMD128Digest;
|
14
|
+
import org.bouncycastle.crypto.digests.RIPEMD160Digest;
|
15
|
+
import org.bouncycastle.crypto.digests.RIPEMD256Digest;
|
16
|
+
import org.bouncycastle.crypto.digests.SHA1Digest;
|
17
|
+
import org.bouncycastle.crypto.digests.SHA224Digest;
|
18
|
+
import org.bouncycastle.crypto.digests.SHA256Digest;
|
19
|
+
import org.bouncycastle.crypto.digests.SHA384Digest;
|
20
|
+
import org.bouncycastle.crypto.digests.SHA512Digest;
|
21
|
+
import org.bouncycastle.crypto.AsymmetricBlockCipher;
|
22
|
+
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
|
23
|
+
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
|
24
|
+
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
|
25
|
+
import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
|
26
|
+
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
|
27
|
+
import org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi;
|
28
|
+
|
29
|
+
public class FastDigestSignatureSpi extends DigestSignatureSpi {
|
30
|
+
|
31
|
+
private FastDigestSignatureSpi(ASN1ObjectIdentifier objId, Digest digest, AsymmetricBlockCipher cipher) {
|
32
|
+
super( objId, digest, cipher);
|
33
|
+
}
|
34
|
+
|
35
|
+
static public class SHA1
|
36
|
+
extends DigestSignatureSpi
|
37
|
+
{
|
38
|
+
public SHA1()
|
39
|
+
{
|
40
|
+
super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
41
|
+
}
|
42
|
+
}
|
43
|
+
|
44
|
+
static public class SHA224
|
45
|
+
extends DigestSignatureSpi
|
46
|
+
{
|
47
|
+
public SHA224()
|
48
|
+
{
|
49
|
+
super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
50
|
+
}
|
51
|
+
}
|
52
|
+
|
53
|
+
static public class SHA256
|
54
|
+
extends DigestSignatureSpi
|
55
|
+
{
|
56
|
+
public SHA256()
|
57
|
+
{
|
58
|
+
super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
59
|
+
}
|
60
|
+
}
|
61
|
+
|
62
|
+
static public class SHA384
|
63
|
+
extends DigestSignatureSpi
|
64
|
+
{
|
65
|
+
public SHA384()
|
66
|
+
{
|
67
|
+
super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
68
|
+
}
|
69
|
+
}
|
70
|
+
|
71
|
+
static public class SHA512
|
72
|
+
extends DigestSignatureSpi
|
73
|
+
{
|
74
|
+
public SHA512()
|
75
|
+
{
|
76
|
+
super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
77
|
+
}
|
78
|
+
}
|
79
|
+
|
80
|
+
static public class MD2
|
81
|
+
extends DigestSignatureSpi
|
82
|
+
{
|
83
|
+
public MD2()
|
84
|
+
{
|
85
|
+
super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
86
|
+
}
|
87
|
+
}
|
88
|
+
|
89
|
+
static public class MD4
|
90
|
+
extends DigestSignatureSpi
|
91
|
+
{
|
92
|
+
public MD4()
|
93
|
+
{
|
94
|
+
super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
95
|
+
}
|
96
|
+
}
|
97
|
+
|
98
|
+
static public class MD5
|
99
|
+
extends DigestSignatureSpi
|
100
|
+
{
|
101
|
+
public MD5()
|
102
|
+
{
|
103
|
+
super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
104
|
+
}
|
105
|
+
}
|
106
|
+
|
107
|
+
static public class RIPEMD160
|
108
|
+
extends DigestSignatureSpi
|
109
|
+
{
|
110
|
+
public RIPEMD160()
|
111
|
+
{
|
112
|
+
super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
113
|
+
}
|
114
|
+
}
|
115
|
+
|
116
|
+
static public class RIPEMD128
|
117
|
+
extends DigestSignatureSpi
|
118
|
+
{
|
119
|
+
public RIPEMD128()
|
120
|
+
{
|
121
|
+
super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
122
|
+
}
|
123
|
+
}
|
124
|
+
|
125
|
+
static public class RIPEMD256
|
126
|
+
extends DigestSignatureSpi
|
127
|
+
{
|
128
|
+
public RIPEMD256()
|
129
|
+
{
|
130
|
+
super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new NativeRSAEngine()));
|
131
|
+
}
|
132
|
+
}
|
133
|
+
}
|
@@ -0,0 +1,29 @@
|
|
1
|
+
package com.github.lookout.fastrsa;
|
2
|
+
|
3
|
+
import java.util.Map;
|
4
|
+
|
5
|
+
public class SecurityHelperMap {
|
6
|
+
|
7
|
+
private SecurityHelperMap() {}
|
8
|
+
|
9
|
+
public static void setup( Map<String, Class<?>> engines ) {
|
10
|
+
String[] names = {
|
11
|
+
"MD2", "MD4", "MD5",
|
12
|
+
"RIPEMD128", "RIPEMD160", "RIPEMD256",
|
13
|
+
"SHA1", "SHA224", "SHA256", "SHA384", "SHA512"
|
14
|
+
};
|
15
|
+
|
16
|
+
ClassLoader classLoader = SecurityHelperMap.class.getClassLoader();
|
17
|
+
for (String name : names ) {
|
18
|
+
try {
|
19
|
+
engines.put( "Signature:" + name + "WITHRSA",
|
20
|
+
classLoader.loadClass( FastDigestSignatureSpi.class.getName() + "$" + name ) );
|
21
|
+
}
|
22
|
+
catch( ClassNotFoundException e ) {
|
23
|
+
System.err.println( "signature class not found for: " + name + " ( " + e.getMessage() + " )" );
|
24
|
+
}
|
25
|
+
}
|
26
|
+
|
27
|
+
engines.put( "Cipher:RSA", FastCipherSpi.NoPadding.class );
|
28
|
+
}
|
29
|
+
}
|
metadata
ADDED
@@ -0,0 +1,127 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: fast-rsa-engine
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: java
|
6
|
+
authors:
|
7
|
+
- Christian Meieier
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-07-23 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: jar-dependencies
|
15
|
+
version_requirements: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ~>
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0.1'
|
20
|
+
requirement: !ruby/object:Gem::Requirement
|
21
|
+
requirements:
|
22
|
+
- - ~>
|
23
|
+
- !ruby/object:Gem::Version
|
24
|
+
version: '0.1'
|
25
|
+
prerelease: false
|
26
|
+
type: :runtime
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: ruby-maven
|
29
|
+
version_requirements: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ~>
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '3.3'
|
34
|
+
requirement: !ruby/object:Gem::Requirement
|
35
|
+
requirements:
|
36
|
+
- - ~>
|
37
|
+
- !ruby/object:Gem::Version
|
38
|
+
version: '3.3'
|
39
|
+
prerelease: false
|
40
|
+
type: :development
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
43
|
+
version_requirements: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ~>
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '3.3'
|
48
|
+
requirement: !ruby/object:Gem::Requirement
|
49
|
+
requirements:
|
50
|
+
- - ~>
|
51
|
+
- !ruby/object:Gem::Version
|
52
|
+
version: '3.3'
|
53
|
+
prerelease: false
|
54
|
+
type: :development
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
version_requirements: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ~>
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '10.2'
|
62
|
+
requirement: !ruby/object:Gem::Requirement
|
63
|
+
requirements:
|
64
|
+
- - ~>
|
65
|
+
- !ruby/object:Gem::Version
|
66
|
+
version: '10.2'
|
67
|
+
prerelease: false
|
68
|
+
type: :development
|
69
|
+
description: this gem replaces the RSA signature and RSA ciphers from jruby-openssl by the must faster implementation of them. see https://corner.squareup.com/2014/02/faster-rsa-jnagmp.html
|
70
|
+
email:
|
71
|
+
- christian.meier@lookout.com
|
72
|
+
executables: []
|
73
|
+
extensions: []
|
74
|
+
extra_rdoc_files: []
|
75
|
+
files:
|
76
|
+
- .gitignore
|
77
|
+
- .travis.yml
|
78
|
+
- Gemfile
|
79
|
+
- LICENSE
|
80
|
+
- README.md
|
81
|
+
- Rakefile
|
82
|
+
- benchmark/benchmark-with-builtin-rsa.rb
|
83
|
+
- benchmark/benchmark-with-fast-rsa.rb
|
84
|
+
- benchmark/benchmark.rb
|
85
|
+
- benchmark/foo.pem
|
86
|
+
- benchmark/foo_cert.pem
|
87
|
+
- fast-rsa-engine.gemspec
|
88
|
+
- lib/fast-rsa-engine.rb
|
89
|
+
- lib/fast-rsa-engine_jars.rb
|
90
|
+
- spec/cipher_spec.rb
|
91
|
+
- spec/foo.pem
|
92
|
+
- spec/foo_cert.pem
|
93
|
+
- spec/security_helper_spec.rb
|
94
|
+
- spec/setup.rb
|
95
|
+
- spec/signature_spec.rb
|
96
|
+
- src/main/java/com/github/lookout/fastrsa/FastCipherSpi.java
|
97
|
+
- src/main/java/com/github/lookout/fastrsa/FastDigestSignatureSpi.java
|
98
|
+
- src/main/java/com/github/lookout/fastrsa/SecurityHelperMap.java
|
99
|
+
homepage: https://github.com/lookout/fast-rsa-engine
|
100
|
+
licenses:
|
101
|
+
- MIT
|
102
|
+
metadata: {}
|
103
|
+
post_install_message:
|
104
|
+
rdoc_options: []
|
105
|
+
require_paths:
|
106
|
+
- lib
|
107
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - '>='
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '0'
|
112
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
113
|
+
requirements:
|
114
|
+
- - '>='
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
version: '0'
|
117
|
+
requirements:
|
118
|
+
- jar com.squareup.jnagmp:bouncycastle-rsa, 1.0.0
|
119
|
+
- jar org.bouncycastle:bcpkix-jdk15on, 1.50, :scope => :provided
|
120
|
+
- jar org.bouncycastle:bcprov-jdk15on, 1.50, :scope => :provided
|
121
|
+
- pom org.jruby:jruby-core, 1.7.21, :scope => :provided
|
122
|
+
rubyforge_project:
|
123
|
+
rubygems_version: 2.4.8
|
124
|
+
signing_key:
|
125
|
+
specification_version: 4
|
126
|
+
summary: replaces the RSA signature and RSA ciphers from jruby-openssl by the must faster implementation of them
|
127
|
+
test_files: []
|