Search in sources :

Example 11 with HashType

use of com.google.crypto.tink.proto.HashType in project tink by google.

the class EcdsaSignKeyManagerTest method testNewKeyUnsupportedKeyFormat.

private void testNewKeyUnsupportedKeyFormat(HashAndCurveType hashAndCurve) throws Exception {
    HashType hashType = hashAndCurve.hashType;
    EllipticCurveType curveType = hashAndCurve.curveType;
    EcdsaSignKeyManager signManager = new EcdsaSignKeyManager();
    EcdsaParams ecdsaParams = EcdsaParams.newBuilder().setHashType(hashType).setCurve(curveType).setEncoding(EcdsaSignatureEncoding.DER).build();
    EcdsaKeyFormat ecdsaFormat = EcdsaKeyFormat.newBuilder().setParams(ecdsaParams).build();
    try {
        EcdsaPrivateKey unusedPrivKey = (EcdsaPrivateKey) signManager.newKey(ecdsaFormat);
        fail("Unsupported key format, should have thrown exception: " + hashType + " " + curveType);
    } catch (GeneralSecurityException expected) {
    // Expected
    }
}
Also used : EcdsaParams(com.google.crypto.tink.proto.EcdsaParams) EcdsaKeyFormat(com.google.crypto.tink.proto.EcdsaKeyFormat) HashType(com.google.crypto.tink.proto.HashType) GeneralSecurityException(java.security.GeneralSecurityException) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) EcdsaPrivateKey(com.google.crypto.tink.proto.EcdsaPrivateKey)

Example 12 with HashType

use of com.google.crypto.tink.proto.HashType in project tink by google.

the class SignatureKeyTemplatesTest method createEcdsaKeyTemplate.

@Test
public void createEcdsaKeyTemplate() throws Exception {
    // Intentionally using "weird" or invalid values for parameters,
    // to test that the function correctly puts them in the resulting template.
    HashType hashType = HashType.SHA512;
    EllipticCurveType curve = EllipticCurveType.UNKNOWN_CURVE;
    EcdsaSignatureEncoding encoding = EcdsaSignatureEncoding.IEEE_P1363;
    OutputPrefixType prefixType = OutputPrefixType.TINK;
    KeyTemplate template = SignatureKeyTemplates.createEcdsaKeyTemplate(hashType, curve, encoding, prefixType);
    assertEquals(new EcdsaSignKeyManager().getKeyType(), template.getTypeUrl());
    assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
    EcdsaKeyFormat format = EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    assertEquals(hashType, format.getParams().getHashType());
    assertEquals(curve, format.getParams().getCurve());
    assertEquals(encoding, format.getParams().getEncoding());
}
Also used : OutputPrefixType(com.google.crypto.tink.proto.OutputPrefixType) EcdsaKeyFormat(com.google.crypto.tink.proto.EcdsaKeyFormat) HashType(com.google.crypto.tink.proto.HashType) EcdsaSignatureEncoding(com.google.crypto.tink.proto.EcdsaSignatureEncoding) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) Test(org.junit.Test)

Example 13 with HashType

use of com.google.crypto.tink.proto.HashType in project tink by google.

the class EcdsaVerifyKeyManagerTest method testGetPrimitiveWithUnsupportedKey.

@Test
public void testGetPrimitiveWithUnsupportedKey() throws Exception {
    HashAndCurveType[] hashAndCurves = { new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P256), new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P521), new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P521), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P256) };
    for (int i = 0; i < hashAndCurves.length; i++) {
        HashType hashType = hashAndCurves[i].hashType;
        EllipticCurveType curveType = hashAndCurves[i].curveType;
        ECParameterSpec ecParams = EllipticCurves.getCurveSpec(SigUtil.toCurveType(curveType));
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
        keyGen.initialize(ecParams);
        KeyPair keyPair = keyGen.generateKeyPair();
        ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
        ECPrivateKey unusedPrivKey = (ECPrivateKey) keyPair.getPrivate();
        // Create PublicKeyVerify.
        ECPoint w = pubKey.getW();
        assertThrows("Unsupported key, should have thrown exception: " + hashType + " " + curveType, GeneralSecurityException.class, () -> {
            PublicKeyVerify unusedVerifier = createVerifier(hashType, curveType, EcdsaSignatureEncoding.DER, w.getAffineX().toByteArray(), w.getAffineY().toByteArray());
        });
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) ECPublicKey(java.security.interfaces.ECPublicKey) ECParameterSpec(java.security.spec.ECParameterSpec) HashType(com.google.crypto.tink.proto.HashType) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) KeyPairGenerator(java.security.KeyPairGenerator) ECPoint(java.security.spec.ECPoint) ECPoint(java.security.spec.ECPoint) Test(org.junit.Test)

Example 14 with HashType

use of com.google.crypto.tink.proto.HashType in project tink by google.

the class EcdsaVerifyKeyManagerTest method testGetPrimitiveWithJCE.

@Test
public void testGetPrimitiveWithJCE() throws Exception {
    HashAndCurveType[] hashAndCurves = { new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P256), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P521) };
    for (int i = 0; i < hashAndCurves.length; i++) {
        HashType hashType = hashAndCurves[i].hashType;
        EllipticCurveType curveType = hashAndCurves[i].curveType;
        ECParameterSpec ecParams = EllipticCurves.getCurveSpec(SigUtil.toCurveType(curveType));
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
        keyGen.initialize(ecParams);
        KeyPair keyPair = keyGen.generateKeyPair();
        ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
        ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
        // Sign with JCE's Signature.
        Signature signer = Signature.getInstance(SubtleUtil.toEcdsaAlgo(SigUtil.toHashType(hashType)));
        signer.initSign(privKey);
        byte[] msg = Random.randBytes(1231);
        signer.update(msg);
        byte[] signature = signer.sign();
        // Create PublicKeyVerify.
        ECPoint w = pubKey.getW();
        PublicKeyVerify verifier = createVerifier(hashType, curveType, EcdsaSignatureEncoding.DER, w.getAffineX().toByteArray(), w.getAffineY().toByteArray());
        verifier.verify(signature, msg);
    }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) HashType(com.google.crypto.tink.proto.HashType) EllipticCurveType(com.google.crypto.tink.proto.EllipticCurveType) KeyPairGenerator(java.security.KeyPairGenerator) ECPoint(java.security.spec.ECPoint) ECPoint(java.security.spec.ECPoint) ECPublicKey(java.security.interfaces.ECPublicKey) ECParameterSpec(java.security.spec.ECParameterSpec) Signature(java.security.Signature) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) Test(org.junit.Test)

Example 15 with HashType

use of com.google.crypto.tink.proto.HashType in project tink by google.

the class MacKeyTemplatesTest method testCreateHmacKeyTemplate.

@Test
public void testCreateHmacKeyTemplate() throws Exception {
    // Intentionally using "weird" or invalid values for parameters,
    // to test that the function correctly puts them in the resulting template.
    int keySize = 42;
    int tagSize = 24;
    HashType hashType = HashType.SHA512;
    KeyTemplate template = MacKeyTemplates.createHmacKeyTemplate(keySize, tagSize, hashType);
    assertEquals(new HmacKeyManager().getKeyType(), template.getTypeUrl());
    assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
    HmacKeyFormat format = HmacKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    assertEquals(keySize, format.getKeySize());
    assertEquals(tagSize, format.getParams().getTagSize());
    assertEquals(hashType, format.getParams().getHash());
}
Also used : HashType(com.google.crypto.tink.proto.HashType) HmacKeyFormat(com.google.crypto.tink.proto.HmacKeyFormat) KeyTemplate(com.google.crypto.tink.proto.KeyTemplate) Test(org.junit.Test)

Aggregations

HashType (com.google.crypto.tink.proto.HashType)18 EllipticCurveType (com.google.crypto.tink.proto.EllipticCurveType)13 Test (org.junit.Test)13 KeyTemplate (com.google.crypto.tink.proto.KeyTemplate)11 EcPointFormat (com.google.crypto.tink.proto.EcPointFormat)5 GeneralSecurityException (java.security.GeneralSecurityException)5 HybridDecrypt (com.google.crypto.tink.HybridDecrypt)4 HybridEncrypt (com.google.crypto.tink.HybridEncrypt)4 EcdsaSignatureEncoding (com.google.crypto.tink.proto.EcdsaSignatureEncoding)4 EciesAeadHkdfPrivateKey (com.google.crypto.tink.proto.EciesAeadHkdfPrivateKey)4 Key (com.google.crypto.tink.proto.Keyset.Key)4 KeysetHandle (com.google.crypto.tink.KeysetHandle)3 EcdsaKeyFormat (com.google.crypto.tink.proto.EcdsaKeyFormat)3 KeyPair (java.security.KeyPair)3 ECPrivateKey (java.security.interfaces.ECPrivateKey)3 ECPublicKey (java.security.interfaces.ECPublicKey)3 ECPoint (java.security.spec.ECPoint)3 PublicKeyVerify (com.google.crypto.tink.PublicKeyVerify)2 EcdsaPrivateKey (com.google.crypto.tink.proto.EcdsaPrivateKey)2 KeyPairGenerator (java.security.KeyPairGenerator)2