package proj3;

import java.io.File; import java.io.OutputStream; import java.io.FileOutputStream; import java.io.InputStream; import java.io.FileInputStream;

import java.nio.file.Files; import java.nio.file.Paths; import java.nio.file.Path;

import java.security.Key; import java.security.PrivateKey; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.KeyFactory; import java.security.Signature;

import java.security.spec.PKCS8EncodedKeySpec;

import java.util.Base64;

public class BlobSigner { /** * generate a signature file (dstSignatureFile) for fileToSign using * sshPrivateKeyFile. * * * * * * @param fileToSign the file containing the data to be signed. * @param sshPrivateKeyFile the ssh private key file with the signing key * to use. * @param dstSignatureFile the file to write the generated signature to. * the signature will be base64 encoded. */ public static void signFile( File fileToSign, File sshPrivateKeyFile, File dstSignatureFile ) {}

/** * validate the signature file (signatureFile) corresponding to * signedFile using the public key in sshPublicKeyFile. * @param signedFile the file containing the data that was signed. * @param sshPublicKeyFile the file containing the public key corresponds * to the private key that was used to sign * signedFile. * @param signatureFile the base64 encoded signature generated with the * private key that corresponds to sshPublicKeyFile * over the data in the signedFile. * @return true if the signature is valid. */ static private Base64.Encoder encoder = Base64.getEncoder(); static private void writeBinary(OutputStream out,Key key) throws java.io.IOException { out.write(key.getEncoded()); }

static public void main(String[] args) throws Exception { if ( args.length != 4 ) { System.err.println("generate digital signature."); System.err.println("usage: java algo pvtKeyFile dataFile signFile"); System.exit(1); }

int index = 0; String algo = args[index]; index++; String keyFile = args[index]; index++; String dataFile = args[index]; index++; String signFile = args[index]; index++;

} public static boolean validateSignature( File signedFile, File sshPublicKeyFile, File signatureFile ) { return false; } }

JAVA :

for this assignment we will be generating signatures and validating signatures using our ssh keys. we will be using RSA keys to do the signing and validation.

you will want to use test ssh keys for RSA:

 ssh-keygen -t rsa -f rsa_test

be sure to generate keys that aren't password protected!

you need to implement the following class: (please don't change the package name, class name, or method signatures) BlobSigner.java

NOTE: when generating signatures with RSA use "SHA256withRSA" and when generating with DSA use "SHA256withDSA".

upload a zip file with your implementation of BlobSigner.java as well as any supporting source files. make sure you zip from the root of your source tree. you should have at least and entry for "proj3/BlobSigner.java" in your zip file.

the key files have a rather different format that normal.

private key files

the private key files are PEM encoded: they have what is called "ASCII armor" that starts and ends the base64 encoded private key which itself is PKCS1 encoded using the ASN.1 DER encoding. we will talk about PKCS and ASN.1 later. "ASCII armor" is just a fancy way to state that we put the line:

-----BEGIN RSA PRIVATE KEY-----

at the beginning of the file and

-----END RSA PRIVATE KEY-----

at the end. the initial ---- at the start of the line is convenient for parsing. see this stack overflow answer for details on how to parse the private key file and instantiate a key: https://stackoverflow.com/a/30929175 (Links to an external site.)Links to an external site. it's fine to use the code in the answer in your solution, just make sure to put a comment indicating where you got it from.

public key files

the public key files are a bit strange. they have the form:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1PvB+c1w8nIzmDla5EsUJXVuVS7rVFWtz8RMorQujQXPakEoxKgql4gOG0w8kh+zGJmLLmXJgYn8FACfNr3eU2m05UeXzww9Wx8woElMrqSoG0pM1WwNo4p97DeYYHhd+6wv7h7kpiq0CWZvfsKEZ94Pf4gK8xZ91cE91+g0IdDMfyHwhzDP2FkczVPZdPiemEkiG+5vsNMvuY1WHSpuem8X9ZqLpC3JbTUqYJJ1CeAb8bsdA+PM3muRUiC5fbs6IZspBBDaKxO8X4L8aK+vj1pxyNd61XmJ49uNzKZumXKBXgnCdVe2pR0IRf7oMEfxNl9VqGcjy2ZzQkCnZFMu7 bcr33d@bcr33d-hp

the key is encoded as a 4-byte length (big endian) followed by binary data. the first field is the key type, the next is the public exponent, and the last is the modulus. you will want to instantiate an RSAPublicKey to do the verification.