Examples with PublicKeySign com.google.crypto.tink.PublicKeySign used on opensource projects

Search in sources :

Example 1 with PublicKeySign

use of com.google.crypto.tink.PublicKeySign in project tink by google.

the class Ed25519PrivateKeyManagerTest method testBasic.

@Test
public void testBasic() throws Exception {
    Ed25519PrivateKeyManager manager = new Ed25519PrivateKeyManager();
    KeyTemplate template = SignatureKeyTemplates.ED25519;
    MessageLite key = manager.newKey(template);
    assertTrue(key instanceof Ed25519PrivateKey);
    Ed25519PrivateKey keyProto = (Ed25519PrivateKey) key;
    assertEquals(32, keyProto.getKeyValue().size());
    PublicKeySign signer = manager.getPrimitive(key);
    assertTrue(signer instanceof Ed25519Sign);
    byte[] message = Random.randBytes(20);
    byte[] signature = signer.sign(message);
    assertEquals(64, signature.length);
    Ed25519PublicKeyManager publicKeyManager = new Ed25519PublicKeyManager();
    PublicKeyVerify verifier = publicKeyManager.getPrimitive(keyProto.getPublicKey());
    assertTrue(verifier instanceof Ed25519Verify);
    try {
        verifier.verify(signature, message);
    } catch (GeneralSecurityException e) {
        fail("Do not expect GeneralSecurityException: " + e);
    }
}
Also used : Ed25519PrivateKey(com.google.crypto.tink.proto.Ed25519PrivateKey) Ed25519Verify(com.google.crypto.tink.subtle.Ed25519Verify) GeneralSecurityException(java.security.GeneralSecurityException) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) Ed25519Sign(com.google.crypto.tink.subtle.Ed25519Sign) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) MessageLite(com.google.protobuf.MessageLite) PublicKeySign(com.google.crypto.tink.PublicKeySign) Test(org.junit.Test)

Example 2 with PublicKeySign

use of com.google.crypto.tink.PublicKeySign in project tink by google.

the class Ed25519PrivateKeyManagerTest method testGetPublicKeyData.

/**
 * Tests that a public key is extracted properly from a private key.
 */
@Test
public void testGetPublicKeyData() throws Exception {
    KeysetHandle privateHandle = KeysetHandle.generateNew(SignatureKeyTemplates.ED25519);
    KeyData privateKeyData = TestUtil.getKeyset(privateHandle).getKey(0).getKeyData();
    Ed25519PrivateKeyManager privateManager = new Ed25519PrivateKeyManager();
    KeyData publicKeyData = privateManager.getPublicKeyData(privateKeyData.getValue());
    assertEquals(Ed25519PublicKeyManager.TYPE_URL, publicKeyData.getTypeUrl());
    assertEquals(KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC, publicKeyData.getKeyMaterialType());
    Ed25519PrivateKey privateKey = Ed25519PrivateKey.parseFrom(privateKeyData.getValue());
    assertArrayEquals(privateKey.getPublicKey().toByteArray(), publicKeyData.getValue().toByteArray());
    Ed25519PublicKeyManager publicManager = new Ed25519PublicKeyManager();
    PublicKeySign signer = privateManager.getPrimitive(privateKeyData.getValue());
    PublicKeyVerify verifier = publicManager.getPrimitive(publicKeyData.getValue());
    byte[] message = Random.randBytes(20);
    try {
        verifier.verify(signer.sign(message), message);
    } catch (GeneralSecurityException e) {
        fail("Should not fail: " + e);
    }
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) Ed25519PrivateKey(com.google.crypto.tink.proto.Ed25519PrivateKey) GeneralSecurityException(java.security.GeneralSecurityException) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) PublicKeySign(com.google.crypto.tink.PublicKeySign) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Example 3 with PublicKeySign

use of com.google.crypto.tink.PublicKeySign in project tink by google.

the class EcdsaSignKeyManagerTest method testGetPublicKeyData.

/**
 * Tests that a public key is extracted properly from a private key.
 */
@Test
public void testGetPublicKeyData() throws Exception {
    KeysetHandle privateHandle = KeysetHandle.generateNew(SignatureKeyTemplates.ECDSA_P256);
    KeyData privateKeyData = TestUtil.getKeyset(privateHandle).getKey(0).getKeyData();
    EcdsaSignKeyManager privateManager = new EcdsaSignKeyManager();
    KeyData publicKeyData = privateManager.getPublicKeyData(privateKeyData.getValue());
    assertEquals(EcdsaVerifyKeyManager.TYPE_URL, publicKeyData.getTypeUrl());
    assertEquals(KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC, publicKeyData.getKeyMaterialType());
    EcdsaPrivateKey privateKey = EcdsaPrivateKey.parseFrom(privateKeyData.getValue());
    assertArrayEquals(privateKey.getPublicKey().toByteArray(), publicKeyData.getValue().toByteArray());
    EcdsaVerifyKeyManager publicManager = new EcdsaVerifyKeyManager();
    PublicKeySign signer = privateManager.getPrimitive(privateKeyData.getValue());
    PublicKeyVerify verifier = publicManager.getPrimitive(publicKeyData.getValue());
    byte[] message = Random.randBytes(20);
    try {
        verifier.verify(signer.sign(message), message);
    } catch (GeneralSecurityException e) {
        fail("Should not fail: " + e);
    }
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) GeneralSecurityException(java.security.GeneralSecurityException) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) EcdsaPrivateKey(com.google.crypto.tink.proto.EcdsaPrivateKey) PublicKeySign(com.google.crypto.tink.PublicKeySign) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Example 4 with PublicKeySign

use of com.google.crypto.tink.PublicKeySign in project tink by google.

the class PublicKeyVerifyFactoryTest method testMultipleKeys.

@Test
public void testMultipleKeys() throws Exception {
    EcdsaPrivateKey tinkPrivateKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P521, HashType.SHA512, EcdsaSignatureEncoding.DER);
    Key tink = TestUtil.createKey(TestUtil.createKeyData(tinkPrivateKey.getPublicKey(), EcdsaVerifyKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 1, KeyStatusType.ENABLED, OutputPrefixType.TINK);
    EcdsaPrivateKey legacyPrivateKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P256, HashType.SHA256, EcdsaSignatureEncoding.DER);
    Key legacy = TestUtil.createKey(TestUtil.createKeyData(legacyPrivateKey.getPublicKey(), EcdsaVerifyKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 2, KeyStatusType.ENABLED, OutputPrefixType.LEGACY);
    EcdsaPrivateKey rawPrivateKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P384, HashType.SHA512, EcdsaSignatureEncoding.DER);
    Key raw = TestUtil.createKey(TestUtil.createKeyData(rawPrivateKey.getPublicKey(), EcdsaVerifyKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 3, KeyStatusType.ENABLED, OutputPrefixType.RAW);
    EcdsaPrivateKey crunchyPrivateKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P384, HashType.SHA512, EcdsaSignatureEncoding.DER);
    Key crunchy = TestUtil.createKey(TestUtil.createKeyData(crunchyPrivateKey.getPublicKey(), EcdsaVerifyKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PUBLIC), 4, KeyStatusType.ENABLED, OutputPrefixType.CRUNCHY);
    Key[] keys = new Key[] { tink, legacy, raw, crunchy };
    EcdsaPrivateKey[] privateKeys = new EcdsaPrivateKey[] { tinkPrivateKey, legacyPrivateKey, rawPrivateKey, crunchyPrivateKey };
    int j = keys.length;
    for (int i = 0; i < j; i++) {
        KeysetHandle keysetHandle = TestUtil.createKeysetHandle(TestUtil.createKeyset(keys[i], keys[(i + 1) % j], keys[(i + 2) % j], keys[(i + 3) % j]));
        PublicKeyVerify verifier = PublicKeyVerifyFactory.getPrimitive(keysetHandle);
        // Signature from any keys in the keyset should be valid.
        for (int k = 0; k < j; k++) {
            PublicKeySign signer = PublicKeySignFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createKeyData(privateKeys[k], EcdsaSignKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PRIVATE), keys[k].getKeyId(), KeyStatusType.ENABLED, keys[k].getOutputPrefixType()))));
            byte[] plaintext = Random.randBytes(1211);
            byte[] sig = signer.sign(plaintext);
            try {
                verifier.verify(sig, plaintext);
            } catch (GeneralSecurityException ex) {
                fail("Valid signature, should not throw exception: " + k);
            }
        }
        // Signature from a random key should be invalid.
        EcdsaPrivateKey randomPrivKey = TestUtil.generateEcdsaPrivKey(EllipticCurveType.NIST_P521, HashType.SHA512, EcdsaSignatureEncoding.DER);
        PublicKeySign signer = PublicKeySignFactory.getPrimitive(TestUtil.createKeysetHandle(TestUtil.createKeyset(TestUtil.createKey(TestUtil.createKeyData(randomPrivKey, EcdsaSignKeyManager.TYPE_URL, KeyData.KeyMaterialType.ASYMMETRIC_PRIVATE), 1, KeyStatusType.ENABLED, keys[0].getOutputPrefixType()))));
        byte[] plaintext = Random.randBytes(1211);
        byte[] sig = signer.sign(plaintext);
        try {
            verifier.verify(sig, plaintext);
            fail("Invalid signature, should have thrown exception");
        } catch (GeneralSecurityException expected) {
        // Expected
        }
    }
}
Also used : KeysetHandle(com.google.crypto.tink.KeysetHandle) GeneralSecurityException(java.security.GeneralSecurityException) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) EcdsaPrivateKey(com.google.crypto.tink.proto.EcdsaPrivateKey) EcdsaPrivateKey(com.google.crypto.tink.proto.EcdsaPrivateKey) Key(com.google.crypto.tink.proto.Keyset.Key) PublicKeySign(com.google.crypto.tink.PublicKeySign) Test(org.junit.Test)

Example 5 with PublicKeySign

use of com.google.crypto.tink.PublicKeySign in project tink by google.

the class EcdsaSignKeyManagerTest method testGetPrimitiveWithUnsupportedKey.

private void testGetPrimitiveWithUnsupportedKey(HashAndCurveType hashAndCurve) throws Exception {
    HashType hashType = hashAndCurve.hashType;
    EllipticCurveType curveType = hashAndCurve.curveType;
    KeyPair keyPair = EllipticCurves.generateKeyPair(SigUtil.toCurveType(curveType));
    ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
    ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
    ECPoint w = pubKey.getW();
    EcdsaPublicKey ecdsaPubKey = TestUtil.createEcdsaPubKey(hashType, curveType, EcdsaSignatureEncoding.DER, w.getAffineX().toByteArray(), w.getAffineY().toByteArray());
    EcdsaPrivateKey ecdsaPrivKey = TestUtil.createEcdsaPrivKey(ecdsaPubKey, privKey.getS().toByteArray());
    EcdsaSignKeyManager signManager = new EcdsaSignKeyManager();
    try {
        PublicKeySign unusedSigner = signManager.getPrimitive(ecdsaPrivKey);
        fail("Unsupported key, should have thrown exception: " + hashType + " " + curveType);
    } catch (GeneralSecurityException expected) {
    // Expected
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) ECPublicKey(java.security.interfaces.ECPublicKey) EcdsaPublicKey(com.google.crypto.tink.proto.EcdsaPublicKey) HashType(com.google.crypto.tink.proto.HashType) GeneralSecurityException(java.security.GeneralSecurityException) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) EcdsaPrivateKey(com.google.crypto.tink.proto.EcdsaPrivateKey) ECPoint(java.security.spec.ECPoint) PublicKeySign(com.google.crypto.tink.PublicKeySign)

Aggregations

PublicKeySign (com.google.crypto.tink.PublicKeySign)12 PublicKeyVerify (com.google.crypto.tink.PublicKeyVerify)8 GeneralSecurityException (java.security.GeneralSecurityException)8 Test (org.junit.Test)7 KeysetHandle (com.google.crypto.tink.KeysetHandle)5 EcdsaPrivateKey (com.google.crypto.tink.proto.EcdsaPrivateKey)5 Ed25519PrivateKey (com.google.crypto.tink.proto.Ed25519PrivateKey)3 KeyData (com.google.crypto.tink.proto.KeyData)2 KeyTemplate (com.google.crypto.tink.proto.KeyTemplate)2 Key (com.google.crypto.tink.proto.Keyset.Key)2 MessageLite (com.google.protobuf.MessageLite)2 ECPoint (java.security.spec.ECPoint)2 KeyManager (com.google.crypto.tink.KeyManager)1 EcdsaKeyFormat (com.google.crypto.tink.proto.EcdsaKeyFormat)1 EcdsaPublicKey (com.google.crypto.tink.proto.EcdsaPublicKey)1 EllipticCurveType (com.google.crypto.tink.proto.EllipticCurveType)1 HashType (com.google.crypto.tink.proto.HashType)1 KeyTypeEntry (com.google.crypto.tink.proto.KeyTypeEntry)1 RegistryConfig (com.google.crypto.tink.proto.RegistryConfig)1 Ed25519Sign (com.google.crypto.tink.subtle.Ed25519Sign)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial