use of com.google.crypto.tink.proto.EcdsaKeyFormat in project tink by google.
the class EcdsaSignKeyManagerTest method testNewKeyUnsupportedEncoding.
@Test
public void testNewKeyUnsupportedEncoding() throws Exception {
EcdsaSignKeyManager signManager = new EcdsaSignKeyManager();
EcdsaParams ecdsaParams = EcdsaParams.newBuilder().setHashType(HashType.SHA256).setCurve(EllipticCurveType.NIST_P256).setEncoding(EcdsaSignatureEncoding.IEEE_P1363).build();
EcdsaKeyFormat ecdsaFormat = EcdsaKeyFormat.newBuilder().setParams(ecdsaParams).build();
try {
signManager.newKey(ecdsaFormat);
fail("Unsupported encoding, should have thrown exception");
} catch (GeneralSecurityException expecpted) {
// Raw encoding is not supported yet.
}
}
use of com.google.crypto.tink.proto.EcdsaKeyFormat in project tink by google.
the class EcdsaSignKeyManagerTest method testNewKeyWithVerifier.
private void testNewKeyWithVerifier(KeyTemplate keyTemplate) throws Exception {
// Call newKey multiple times and make sure that it generates different keys.
int numTests = 9;
EcdsaPrivateKey[] privKeys = new EcdsaPrivateKey[numTests];
EcdsaSignKeyManager signManager = new EcdsaSignKeyManager();
Set<String> keys = new TreeSet<String>();
for (int j = 0; j < numTests / 3; j++) {
privKeys[3 * j] = (EcdsaPrivateKey) signManager.newKey(EcdsaKeyFormat.parseFrom(keyTemplate.getValue()));
keys.add(TestUtil.hexEncode(privKeys[3 * j].toByteArray()));
privKeys[3 * j + 1] = (EcdsaPrivateKey) signManager.newKey(keyTemplate.getValue());
keys.add(TestUtil.hexEncode(privKeys[3 * j + 1].toByteArray()));
privKeys[3 * j + 2] = EcdsaPrivateKey.parseFrom(signManager.newKeyData(keyTemplate.getValue()).getValue());
keys.add(TestUtil.hexEncode(privKeys[3 * j + 2].toByteArray()));
}
assertEquals(numTests, keys.size());
// failure is 2^-64 which happens when a key has 8 leading zeros.
for (int j = 0; j < numTests; j++) {
int keySize = privKeys[j].getKeyValue().toByteArray().length;
EcdsaKeyFormat ecdsaKeyFormat = EcdsaKeyFormat.parseFrom(keyTemplate.getValue());
switch(ecdsaKeyFormat.getParams().getCurve()) {
case NIST_P256:
assertTrue(256 / 8 - 8 <= keySize);
assertTrue(256 / 8 + 1 >= keySize);
break;
case NIST_P384:
assertTrue(384 / 8 - 8 <= keySize);
assertTrue(384 / 8 + 1 >= keySize);
break;
case NIST_P521:
assertTrue(521 / 8 - 8 <= keySize);
assertTrue(521 / 8 + 1 >= keySize);
break;
default:
break;
}
}
// Test whether signer works correctly with the corresponding verifier.
EcdsaVerifyKeyManager verifyManager = new EcdsaVerifyKeyManager();
for (int j = 0; j < numTests; j++) {
PublicKeySign signer = signManager.getPrimitive(privKeys[j]);
byte[] signature = signer.sign(msg);
for (int k = 0; k < numTests; k++) {
PublicKeyVerify verifier = verifyManager.getPrimitive(privKeys[k].getPublicKey());
if (j == k) {
// The same key
try {
verifier.verify(signature, msg);
} catch (GeneralSecurityException ex) {
fail("Valid signature, should not throw exception");
}
} else {
// Different keys
try {
verifier.verify(signature, msg);
fail("Invalid signature, should have thrown exception");
} catch (GeneralSecurityException expected) {
// Expected
}
}
}
}
}
use of com.google.crypto.tink.proto.EcdsaKeyFormat in project tink by google.
the class EcdsaSignKeyManagerTest method testNewKeyUnsupportedKeyFormat.
private void testNewKeyUnsupportedKeyFormat(HashAndCurveType hashAndCurve) throws Exception {
HashType hashType = hashAndCurve.hashType;
EllipticCurveType curveType = hashAndCurve.curveType;
EcdsaSignKeyManager signManager = new EcdsaSignKeyManager();
EcdsaParams ecdsaParams = EcdsaParams.newBuilder().setHashType(hashType).setCurve(curveType).setEncoding(EcdsaSignatureEncoding.DER).build();
EcdsaKeyFormat ecdsaFormat = EcdsaKeyFormat.newBuilder().setParams(ecdsaParams).build();
try {
EcdsaPrivateKey unusedPrivKey = (EcdsaPrivateKey) signManager.newKey(ecdsaFormat);
fail("Unsupported key format, should have thrown exception: " + hashType + " " + curveType);
} catch (GeneralSecurityException expected) {
// Expected
}
}
use of com.google.crypto.tink.proto.EcdsaKeyFormat in project tink by google.
the class SignatureKeyTemplatesTest method testECDSA_P256.
@Test
public void testECDSA_P256() throws Exception {
KeyTemplate template = SignatureKeyTemplates.ECDSA_P256;
assertEquals(EcdsaSignKeyManager.TYPE_URL, template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
EcdsaKeyFormat format = EcdsaKeyFormat.parseFrom(template.getValue());
assertTrue(format.hasParams());
assertEquals(HashType.SHA256, format.getParams().getHashType());
assertEquals(EllipticCurveType.NIST_P256, format.getParams().getCurve());
assertEquals(EcdsaSignatureEncoding.DER, format.getParams().getEncoding());
}
Aggregations