use of com.google.crypto.tink.PublicKeySign in project tink by google.
the class Ed25519PrivateKeyManagerTest method testBasic.
@Test
public void testBasic() throws Exception {
Ed25519PrivateKeyManager manager = new Ed25519PrivateKeyManager();
KeyTemplate template = SignatureKeyTemplates.ED25519;
MessageLite key = manager.newKey(template);
assertTrue(key instanceof Ed25519PrivateKey);
Ed25519PrivateKey keyProto = (Ed25519PrivateKey) key;
assertEquals(32, keyProto.getKeyValue().size());
PublicKeySign signer = manager.getPrimitive(key);
assertTrue(signer instanceof Ed25519Sign);
byte[] message = Random.randBytes(20);
byte[] signature = signer.sign(message);
assertEquals(64, signature.length);
Ed25519PublicKeyManager publicKeyManager = new Ed25519PublicKeyManager();
PublicKeyVerify verifier = publicKeyManager.getPrimitive(keyProto.getPublicKey());
assertTrue(verifier instanceof Ed25519Verify);
try {
verifier.verify(signature, message);
} catch (GeneralSecurityException e) {
fail("Do not expect GeneralSecurityException: " + e);
}
}
use of com.google.crypto.tink.PublicKeySign in project tink by google.
the class Ed25519PrivateKeyManagerTest method testGetPublicKeyData.
/**
* Tests that a public key is extracted properly from a private key.
*/
@Test
public void testGetPublicKeyData() throws Exception {
KeysetHandle privateHandle = KeysetHandle.generateNew(SignatureKeyTemplates.ED25519);
KeyData privateKeyData = TestUtil.getKeyset(privateHandle).getKey(0).getKeyData();
Ed25519PrivateKeyManager privateManager = new Ed25519PrivateKeyManager();
KeyData publicKeyData = privateManager.getPublicKeyData(privateKeyData.getValue());
assertEquals(Ed25519PublicKeyManager.TYPE_URL, publicKeyData.getTypeUrl());
assertEquals(KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC, publicKeyData.getKeyMaterialType());
Ed25519PrivateKey privateKey = Ed25519PrivateKey.parseFrom(privateKeyData.getValue());
assertArrayEquals(privateKey.getPublicKey().toByteArray(), publicKeyData.getValue().toByteArray());
Ed25519PublicKeyManager publicManager = new Ed25519PublicKeyManager();
PublicKeySign signer = privateManager.getPrimitive(privateKeyData.getValue());
PublicKeyVerify verifier = publicManager.getPrimitive(publicKeyData.getValue());
byte[] message = Random.randBytes(20);
try {
verifier.verify(signer.sign(message), message);
} catch (GeneralSecurityException e) {
fail("Should not fail: " + e);
}
}
use of com.google.crypto.tink.PublicKeySign in project tink by google.
the class EcdsaSignKeyManagerTest method testGetPublicKeyData.
/**
* Tests that a public key is extracted properly from a private key.
*/
@Test
public void testGetPublicKeyData() throws Exception {
KeysetHandle privateHandle = KeysetHandle.generateNew(SignatureKeyTemplates.ECDSA_P256);
KeyData privateKeyData = TestUtil.getKeyset(privateHandle).getKey(0).getKeyData();
EcdsaSignKeyManager privateManager = new EcdsaSignKeyManager();
KeyData publicKeyData = privateManager.getPublicKeyData(privateKeyData.getValue());
assertEquals(EcdsaVerifyKeyManager.TYPE_URL, publicKeyData.getTypeUrl());
assertEquals(KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC, publicKeyData.getKeyMaterialType());
EcdsaPrivateKey privateKey = EcdsaPrivateKey.parseFrom(privateKeyData.getValue());
assertArrayEquals(privateKey.getPublicKey().toByteArray(), publicKeyData.getValue().toByteArray());
EcdsaVerifyKeyManager publicManager = new EcdsaVerifyKeyManager();
PublicKeySign signer = privateManager.getPrimitive(privateKeyData.getValue());
PublicKeyVerify verifier = publicManager.getPrimitive(publicKeyData.getValue());
byte[] message = Random.randBytes(20);
try {
verifier.verify(signer.sign(message), message);
} catch (GeneralSecurityException e) {
fail("Should not fail: " + e);
}
}
use of com.google.crypto.tink.PublicKeySign in project tink by google.
the class PublicKeyVerifyFactoryTest method testMultipleKeys.
@Test
public void testMultipleKeys() throws Exception {
EcdsaPrivateKey tinkPrivateKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P521, HashType.SHA512, EcdsaSignatureEncoding.DER);
Key tink = TestUtil.createKey(TestUtil.createKeyData(tinkPrivateKey.getPublicKey(), EcdsaVerifyKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 1, KeyStatusType.ENABLED, OutputPrefixType.TINK);
EcdsaPrivateKey legacyPrivateKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P256, HashType.SHA256, EcdsaSignatureEncoding.DER);
Key legacy = TestUtil.createKey(TestUtil.createKeyData(legacyPrivateKey.getPublicKey(), EcdsaVerifyKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 2, KeyStatusType.ENABLED, OutputPrefixType.LEGACY);
EcdsaPrivateKey rawPrivateKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P384, HashType.SHA512, EcdsaSignatureEncoding.DER);
Key raw = TestUtil.createKey(TestUtil.createKeyData(rawPrivateKey.getPublicKey(), EcdsaVerifyKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 3, KeyStatusType.ENABLED, OutputPrefixType.RAW);
EcdsaPrivateKey crunchyPrivateKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P384, HashType.SHA512, EcdsaSignatureEncoding.DER);
Key crunchy = TestUtil.createKey(TestUtil.createKeyData(crunchyPrivateKey.getPublicKey(), EcdsaVerifyKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 4, KeyStatusType.ENABLED, OutputPrefixType.CRUNCHY);
Key[] keys = new Key[] { tink, legacy, raw, crunchy };
EcdsaPrivateKey[] privateKeys = new EcdsaPrivateKey[] { tinkPrivateKey, legacyPrivateKey, rawPrivateKey, crunchyPrivateKey };
int j = keys.length;
for (int i = 0; i < j; i++) {
KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(keys[i], keys[(i + 1) % j], keys[(i + 2) % j], keys[(i + 3) % j]));
PublicKeyVerify verifier = PublicKeyVerifyFactory.getPrimitive(keysetHandle);
// Signature from any keys in the keyset should be valid.
for (int k = 0; k < j; k++) {
PublicKeySign signer = PublicKeySignFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createKeyData(privateKeys[k], EcdsaSignKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PRIVATE), keys[k].getKeyId(), KeyStatusType.ENABLED, keys[k].getOutputPrefixType()))));
byte[] plaintext = Random.randBytes(1211);
byte[] sig = signer.sign(plaintext);
try {
verifier.verify(sig, plaintext);
} catch (GeneralSecurityException ex) {
fail("Valid signature, should not throw exception: " + k);
}
}
// Signature from a random key should be invalid.
EcdsaPrivateKey randomPrivKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P521, HashType.SHA512, EcdsaSignatureEncoding.DER);
PublicKeySign signer = PublicKeySignFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createKeyData(randomPrivKey, EcdsaSignKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PRIVATE), 1, KeyStatusType.ENABLED, keys[0].getOutputPrefixType()))));
byte[] plaintext = Random.randBytes(1211);
byte[] sig = signer.sign(plaintext);
try {
verifier.verify(sig, plaintext);
fail("Invalid signature, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
}
}
use of com.google.crypto.tink.PublicKeySign in project tink by google.
the class EcdsaSignKeyManagerTest method testGetPrimitiveWithUnsupportedKey.
private void testGetPrimitiveWithUnsupportedKey(HashAndCurveType hashAndCurve) throws Exception {
HashType hashType = hashAndCurve.hashType;
EllipticCurveType curveType = hashAndCurve.curveType;
KeyPair keyPair = EllipticCurves.generateKeyPair(SigUtil.toCurveType(curveType));
ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
ECPoint w = pubKey.getW();
EcdsaPublicKey ecdsaPubKey = TestUtil.createEcdsaPubKey(hashType, curveType, EcdsaSignatureEncoding.DER, w.getAffineX().toByteArray(), w.getAffineY().toByteArray());
EcdsaPrivateKey ecdsaPrivKey = TestUtil.createEcdsaPrivKey(ecdsaPubKey, privKey.getS().toByteArray());
EcdsaSignKeyManager signManager = new EcdsaSignKeyManager();
try {
PublicKeySign unusedSigner = signManager.getPrimitive(ecdsaPrivKey);
fail("Unsupported key, should have thrown exception: " + hashType + " " + curveType);
} catch (GeneralSecurityException expected) {
// Expected
}
}
Aggregations