Package net.corda.core.crypto

Class CryptoUtilsKt

    • Constructor Detail

    • Method Detail

      • verify

         final static Boolean verify(PublicKey $self, ByteArray signatureData, ByteArray clearData)

        Helper function to verify a signature.

        Parameters:
        signatureData - the signature on a message.
        clearData - the clear data/message that was signed (usually the Merkle root).

      • verify

         final static Boolean verify(KeyPair $self, ByteArray signatureData, ByteArray clearData)

        Helper function for the signers to verify their own signature.

        Parameters:
        signatureData - the signature on a message.
        clearData - the clear data/message that was signed (usually the Merkle root).

      • isValid

         final static Boolean isValid(PublicKey $self, ByteArray content, DigitalSignature signature)

        Utility to simplify the act of verifying a signature. In comparison to verify if the key and signature do not match it returns false rather than throwing an exception. Normally you should use the function which throws, as it avoids the risk of failing to test the result, but this is for uses such as java.security.Signature.verify implementations.

      • toStringShort

         final static String toStringShort(PublicKey $self)

        Render a public key to its hash (in Base58) of its serialised form using the DL prefix.

      • generateKeyPair

         final static KeyPair generateKeyPair()

        A simple wrapper that will make it easier to swap out the signature algorithm we use in future.

      • entropyToKeyPair

         final static KeyPair entropyToKeyPair(BigInteger entropy)

        Returns a key pair derived from the given private key entropy. This is useful for unit tests and other cases where you want hard-coded private keys.

        Parameters:
        entropy - a BigInteger value.

      • secureRandomBytes

         final static ByteArray secureRandomBytes(Integer numOfBytes)

        Generate a securely random ByteArray of requested number of bytes. Usually used for seeds, nonces and keys.

        Parameters:
        numOfBytes - how many random bytes to output.

      • newSecureRandom

         final static SecureRandom newSecureRandom()

        Get an instance of SecureRandom to avoid blocking, due to waiting for additional entropy, when possible. In this version, the NativePRNGNonBlocking is exclusively used on Linux OS to utilize dev/urandom because in high traffic /dev/random may wait for a certain amount of "noise" to be generated on the host machine before returning a result.

        On Solaris, Linux, and OS X, if the entropy gathering device in java.security is set to file:/dev/urandom or file:/dev/random, then NativePRNG is preferred to SHA1PRNG. Otherwise, SHA1PRNG is preferred.

      • random63BitValue

         final static Long random63BitValue()

        Returns a random positive non-zero long generated using a secure RNG. This function sacrifies a bit of entropy in order to avoid potential bugs where the value is used in a context where negative numbers or zero are not expected.

      • componentHash

         final static SecureHash componentHash(OpaqueBytes opaqueBytes, PrivacySalt privacySalt, Integer componentGroupIndex, Integer internalIndex)

        Compute the hash of each serialised component so as to be used as Merkle tree leaf. The resultant output (leaf) is calculated using the SHA256d algorithm, thus SHA256(SHA256(nonce || serializedComponent)), where nonce is computed from computeNonce.

      • serializedHash

         final static <T extends Any> SecureHash serializedHash(T x)

        Serialise the object and return the hash of the serialized bytes. Note that the resulting hash may not be deterministic across platform versions: serialization can produce different values if any of the types being serialized have changed, or if the version of serialization specified by the context changes.

      • computeNonce

         final static SecureHash.SHA256 computeNonce(PrivacySalt privacySalt, Integer groupIndex, Integer internalIndex)

        Method to compute a nonce based on privacySalt, component group index and component internal index. SHA256d (double SHA256) is used to prevent length extension attacks.

        Parameters:
        privacySalt - a PrivacySalt.
        groupIndex - the fixed index (ordinal) of this component group.
        internalIndex - the internal index of this object in its corresponding components list.