Hi, for any of you who have done some java programming in cryptography I need your help.

I'm trying to right and blinding and unblinding procedure, however at the final stage I should get a true, but I'm getting a false. If you know what's wrong, can you point it out?

Cheers.

/*
* STEP 1: BLINDING MESSAGE
* Alice blinds her message, m, with her key, b.
* blind(m,b)
*/
			
//Print out message in string and Hex
byte[] aliceMessage = "This is the text for blinding".getBytes("UTF-8");
System.out.println("Alice's Message(String): " + new String(aliceMessage));
System.out.println("Alice's Message(Hex): " + HexBin.encode(aliceMessage));
			
//Generate secure random
SecureRandom randomVal = SecureRandom.getInstance("SHA1PRNG");
			
//Use rsa key pair gen
BigInteger bigInteger = new BigInteger("1001",16);
RSAKeyPairGenerator rsaKeyPair = new RSAKeyPairGenerator();
RSAKeyGenerationParameters rsaParams = new RSAKeyGenerationParameters(bigInteger,randomVal,1024,16);
rsaKeyPair.init(rsaParams);
AsymmetricCipherKeyPair rsaKeys = rsaKeyPair.generateKeyPair();
	        
//Blinding factor
RSABlindingFactorGenerator factor = new RSABlindingFactorGenerator();
	        
//ok, got the rsa key parameters
RSAKeyParameters pKey = (RSAKeyParameters) rsaKeys.getPublic();
factor.init(pKey);
BigInteger fac = factor.generateBlindingFactor();
	        
//Now, for blinding parameters
RSABlindingParameters params = new RSABlindingParameters(pKey,fac);
	        
//Now, for blinding engine
RSABlindingEngine eng = new RSABlindingEngine();
eng.init(true, params);
	        
//blind data and store
byte[] blindedData = "Empty".getBytes("UTF-8");
try {
blindedData = eng.processBlock(aliceMessage, 0, aliceMessage.length);
} catch(Exception e){
System.err.println("Blinding failed. Error.");
}
	        
//Print out blinded messasge
System.out.println("\nAlice's Blinded Message: " + HexBin.encode(blindedData));
	        
/*
* STEP 2: Sign blinded message
* Alice has sent her blinded message to Bob so Bob can sign
* Bob generates key pairs (private and public keys) and
* signs Alice's blinded message with his private key, d.
* sign(blind(m,b),d)
*/
	        
//Generate key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(1024);
			
KeyPair keyPair = kpg.genKeyPair();
			
//Get out bob's public and private keys
PublicKey bobPubKey = keyPair.getPublic();
PrivateKey bobPrivKey = keyPair.getPrivate();
	        
//Signature engine
Signature signatureEngine = Signature.getInstance("MD5withRSA");
	        
//Initialise the signature to sign mode, with Bob's private key
signatureEngine.initSign(bobPrivKey);
	        
//Pass in blinded message
signatureEngine.update(blindedData);
	        			
//Obtain Bob's signature
byte[] bobSignature = signatureEngine.sign();
	        
//Print out Bob's signature
System.out.println("\nBob's signature: " + HexBin.encode(bobSignature));
	        			
/*
* Now, Bob sends signed blinded message back to Alice.
* Alice unblinds with the same key she used to blind the message
* unblind(sign(blind(m,b),d),b)
*/
	        
//Unblind
eng.init(false, params);
	        
byte[] unBlindedData = "Nothing here".getBytes("UTF-8");
try {
unBlindedData = eng.processBlock(aliceMessage, 0, aliceMessage.length);
} catch(Exception e){
System.err.println("UnBlinding failed. Error!!! FUCK!");
}
	        
//Print out unblinded data: this should equate to bob's signature on
//alice's message using his private key
System.out.println("\nUnBlinded Message: " + HexBin.encode(unBlindedData));
	        
/*
* After unblinding, the result should be sign(m,d);
* that is, it should be the Bob's signature on alices message, using his
* private key.
* 
* (Remember, normally, it should have been alice sending the message,m, to bob
* and bob signs it: sign(m,d), but the idea is to ensure that bob has no idea
* what the message is).
* 
* Now, Alice must verify that the unblinded data is in fact bob's signature of her
* message. To do this she needs Bob's public key, which he sent along with signture
*/
	        
//we already have a sig engine declared
//Signature signatureEngine = Signature.getInstance("MD5WithRSA");
	        
//Initialise the signature to verify mode
signatureEngine.initVerify(bobPubKey);
			
//To verify, pass in alice's original message
signatureEngine.update(aliceMessage);
			
boolean isVerified = false;
try {
//normally, you would pass in byte[] bobSignature
//but remember, we want to verify the signature on alice's message,
//which is sign(m,d), and this is in fact the unblinded data.
isVerified = signatureEngine.verify(unBlindedData);
} catch(SignatureException se) {
System.out.println("Something went wrong...");
}
System.out.println("\nIs this bob's signature on Alice's message?: " + isVerified);

however at the final stage I should get a true, but I'm getting a false.

Can you explain where this happens and how it is shown?

Add an se.printStackTrace(); to the catch block to show full text of the error message vs hiding it with your println()

No exception gets thrown. It's more like when you try to calculate the something and you get an answer but the answer is wrong.

The code I wrote, when run it, at the end, the system.out.print should say: "Is this bob's signature on Alice's message?: True", thereby verifying that the blinding, signing and unblinding process was accurate. But instead I get a false, which means I'm not doing something right :(

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.