Search in sources :

Example 6 with EllipticCurveType

use of com.google.crypto.tink.proto.EllipticCurveType in project tink by google.

the class HybridKeyTemplatesTest method testCreateEciesAeadHkdfKeyTemplate.

@Test
public void testCreateEciesAeadHkdfKeyTemplate() throws Exception {
    // Intentionally using "weird" or invalid values for parameters,
    // to test that the function correctly puts them in the resulting template.
    EllipticCurveType curveType = EllipticCurveType.NIST_P384;
    HashType hashType = HashType.SHA512;
    EcPointFormat ecPointFormat = EcPointFormat.COMPRESSED;
    KeyTemplate demKeyTemplate = AeadKeyTemplates.AES256_EAX;
    String salt = "some salt";
    KeyTemplate template = HybridKeyTemplates.createEciesAeadHkdfKeyTemplate(curveType, hashType, ecPointFormat, demKeyTemplate, salt.getBytes(UTF_8));
    assertEquals(EciesAeadHkdfPrivateKeyManager.TYPE_URL, template.getTypeUrl());
    assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
    EciesAeadHkdfKeyFormat format = EciesAeadHkdfKeyFormat.parseFrom(template.getValue());
    assertTrue(format.hasParams());
    assertTrue(format.getParams().hasKemParams());
    assertTrue(format.getParams().hasDemParams());
    assertTrue(format.getParams().getDemParams().hasAeadDem());
    assertEquals(ecPointFormat, format.getParams().getEcPointFormat());
    EciesHkdfKemParams kemParams = format.getParams().getKemParams();
    assertEquals(curveType, kemParams.getCurveType());
    assertEquals(hashType, kemParams.getHkdfHashType());
    assertEquals(salt, kemParams.getHkdfSalt().toStringUtf8());
    assertEquals(AeadKeyTemplates.AES256_EAX.toString(), format.getParams().getDemParams().getAeadDem().toString());
}
Also used : EciesAeadHkdfKeyFormat(com.google.crypto.tink.proto.EciesAeadHkdfKeyFormat) HashType(com.google.crypto.tink.proto.HashType) EcPointFormat(com.google.crypto.tink.proto.EcPointFormat) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) EciesHkdfKemParams(com.google.crypto.tink.proto.EciesHkdfKemParams) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) Test(org.junit.Test)

Example 7 with EllipticCurveType

use of com.google.crypto.tink.proto.EllipticCurveType in project tink by google.

the class EcdsaSignKeyManagerTest method testNewKeyUnsupportedKeyFormat.

private void testNewKeyUnsupportedKeyFormat(HashAndCurveType hashAndCurve) throws Exception {
    HashType hashType = hashAndCurve.hashType;
    EllipticCurveType curveType = hashAndCurve.curveType;
    EcdsaSignKeyManager signManager = new EcdsaSignKeyManager();
    EcdsaParams ecdsaParams = EcdsaParams.newBuilder().setHashType(hashType).setCurve(curveType).setEncoding(EcdsaSignatureEncoding.DER).build();
    EcdsaKeyFormat ecdsaFormat = EcdsaKeyFormat.newBuilder().setParams(ecdsaParams).build();
    try {
        EcdsaPrivateKey unusedPrivKey = (EcdsaPrivateKey) signManager.newKey(ecdsaFormat);
        fail("Unsupported key format, should have thrown exception: " + hashType + " " + curveType);
    } catch (GeneralSecurityException expected) {
    // Expected
    }
}
Also used : EcdsaParams(com.google.crypto.tink.proto.EcdsaParams) EcdsaKeyFormat(com.google.crypto.tink.proto.EcdsaKeyFormat) HashType(com.google.crypto.tink.proto.HashType) GeneralSecurityException(java.security.GeneralSecurityException) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) EcdsaPrivateKey(com.google.crypto.tink.proto.EcdsaPrivateKey)

Example 8 with EllipticCurveType

use of com.google.crypto.tink.proto.EllipticCurveType in project tink by google.

the class EcdsaVerifyKeyManagerTest method testGetPrimitiveWithUnsupportedKey.

@Test
public void testGetPrimitiveWithUnsupportedKey() throws Exception {
    HashAndCurveType[] hashAndCurves = { new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P256), new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P521), new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P521), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P256) };
    for (int i = 0; i < hashAndCurves.length; i++) {
        HashType hashType = hashAndCurves[i].hashType;
        EllipticCurveType curveType = hashAndCurves[i].curveType;
        ECParameterSpec ecParams = EllipticCurves.getCurveSpec(SigUtil.toCurveType(curveType));
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
        keyGen.initialize(ecParams);
        KeyPair keyPair = keyGen.generateKeyPair();
        ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
        ECPrivateKey unusedPrivKey = (ECPrivateKey) keyPair.getPrivate();
        // Create PublicKeyVerify.
        ECPoint w = pubKey.getW();
        try {
            PublicKeyVerify unusedVerifier = createVerifier(hashType, curveType, EcdsaSignatureEncoding.DER, w.getAffineX().toByteArray(), w.getAffineY().toByteArray());
            fail("Unsupported key, should have thrown exception: " + hashType + " " + curveType);
        } catch (GeneralSecurityException expected) {
        // Expected
        }
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) HashType(com.google.crypto.tink.proto.HashType) GeneralSecurityException(java.security.GeneralSecurityException) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) KeyPairGenerator(java.security.KeyPairGenerator) ECPoint(java.security.spec.ECPoint) ECPoint(java.security.spec.ECPoint) ECPublicKey(java.security.interfaces.ECPublicKey) ECParameterSpec(java.security.spec.ECParameterSpec) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) Test(org.junit.Test)

Example 9 with EllipticCurveType

use of com.google.crypto.tink.proto.EllipticCurveType in project tink by google.

the class EcdsaVerifyKeyManagerTest method testGetPrimitiveWithJCE.

@Test
public void testGetPrimitiveWithJCE() throws Exception {
    HashAndCurveType[] hashAndCurves = { new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P256), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P521) };
    for (int i = 0; i < hashAndCurves.length; i++) {
        HashType hashType = hashAndCurves[i].hashType;
        EllipticCurveType curveType = hashAndCurves[i].curveType;
        ECParameterSpec ecParams = EllipticCurves.getCurveSpec(SigUtil.toCurveType(curveType));
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
        keyGen.initialize(ecParams);
        KeyPair keyPair = keyGen.generateKeyPair();
        ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
        ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
        // Sign with JCE's Signature.
        Signature signer = Signature.getInstance(SigUtil.toEcdsaAlgo(hashType));
        signer.initSign(privKey);
        byte[] msg = Random.randBytes(1231);
        signer.update(msg);
        byte[] signature = signer.sign();
        // Create PublicKeyVerify.
        ECPoint w = pubKey.getW();
        PublicKeyVerify verifier = createVerifier(hashType, curveType, EcdsaSignatureEncoding.DER, w.getAffineX().toByteArray(), w.getAffineY().toByteArray());
        try {
            verifier.verify(signature, msg);
        } catch (GeneralSecurityException e) {
            fail("Valid signature, should not throw exception");
        }
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) HashType(com.google.crypto.tink.proto.HashType) GeneralSecurityException(java.security.GeneralSecurityException) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) KeyPairGenerator(java.security.KeyPairGenerator) ECPoint(java.security.spec.ECPoint) ECPoint(java.security.spec.ECPoint) ECPublicKey(java.security.interfaces.ECPublicKey) ECParameterSpec(java.security.spec.ECParameterSpec) Signature(java.security.Signature) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) Test(org.junit.Test)

Aggregations

EllipticCurveType (com.google.crypto.tink.proto.EllipticCurveType)9 HashType (com.google.crypto.tink.proto.HashType)9 Test (org.junit.Test)6 GeneralSecurityException (java.security.GeneralSecurityException)5 KeyTemplate (com.google.crypto.tink.proto.KeyTemplate)4 EcPointFormat (com.google.crypto.tink.proto.EcPointFormat)3 KeyPair (java.security.KeyPair)3 ECPrivateKey (java.security.interfaces.ECPrivateKey)3 ECPublicKey (java.security.interfaces.ECPublicKey)3 ECPoint (java.security.spec.ECPoint)3 HybridDecrypt (com.google.crypto.tink.HybridDecrypt)2 HybridEncrypt (com.google.crypto.tink.HybridEncrypt)2 KeysetHandle (com.google.crypto.tink.KeysetHandle)2 PublicKeyVerify (com.google.crypto.tink.PublicKeyVerify)2 EcdsaKeyFormat (com.google.crypto.tink.proto.EcdsaKeyFormat)2 EcdsaPrivateKey (com.google.crypto.tink.proto.EcdsaPrivateKey)2 EcdsaSignatureEncoding (com.google.crypto.tink.proto.EcdsaSignatureEncoding)2 EciesAeadHkdfPrivateKey (com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey)2 Key (com.google.crypto.tink.proto.Keyset.Key)2 KeyPairGenerator (java.security.KeyPairGenerator)2