use of com.google.crypto.tink.proto.HashType in project tink by google.
the class EcdsaSignKeyManagerTest method testNewKeyUnsupportedKeyFormat.
private void testNewKeyUnsupportedKeyFormat(HashAndCurveType hashAndCurve) throws Exception {
HashType hashType = hashAndCurve.hashType;
EllipticCurveType curveType = hashAndCurve.curveType;
EcdsaSignKeyManager signManager = new EcdsaSignKeyManager();
EcdsaParams ecdsaParams = EcdsaParams.newBuilder().setHashType(hashType).setCurve(curveType).setEncoding(EcdsaSignatureEncoding.DER).build();
EcdsaKeyFormat ecdsaFormat = EcdsaKeyFormat.newBuilder().setParams(ecdsaParams).build();
try {
EcdsaPrivateKey unusedPrivKey = (EcdsaPrivateKey) signManager.newKey(ecdsaFormat);
fail("Unsupported key format, should have thrown exception: " + hashType + " " + curveType);
} catch (GeneralSecurityException expected) {
// Expected
}
}
use of com.google.crypto.tink.proto.HashType in project tink by google.
the class SignatureKeyTemplatesTest method createEcdsaKeyTemplate.
@Test
public void createEcdsaKeyTemplate() throws Exception {
// Intentionally using "weird" or invalid values for parameters,
// to test that the function correctly puts them in the resulting template.
HashType hashType = HashType.SHA512;
EllipticCurveType curve = EllipticCurveType.UNKNOWN_CURVE;
EcdsaSignatureEncoding encoding = EcdsaSignatureEncoding.IEEE_P1363;
OutputPrefixType prefixType = OutputPrefixType.TINK;
KeyTemplate template = SignatureKeyTemplates.createEcdsaKeyTemplate(hashType, curve, encoding, prefixType);
assertEquals(new EcdsaSignKeyManager().getKeyType(), template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
EcdsaKeyFormat format = EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry());
assertEquals(hashType, format.getParams().getHashType());
assertEquals(curve, format.getParams().getCurve());
assertEquals(encoding, format.getParams().getEncoding());
}
use of com.google.crypto.tink.proto.HashType in project tink by google.
the class EcdsaVerifyKeyManagerTest method testGetPrimitiveWithUnsupportedKey.
@Test
public void testGetPrimitiveWithUnsupportedKey() throws Exception {
HashAndCurveType[] hashAndCurves = { new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P256), new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA1, EllipticCurveType.NIST_P521), new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P521), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P256) };
for (int i = 0; i < hashAndCurves.length; i++) {
HashType hashType = hashAndCurves[i].hashType;
EllipticCurveType curveType = hashAndCurves[i].curveType;
ECParameterSpec ecParams = EllipticCurves.getCurveSpec(SigUtil.toCurveType(curveType));
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
keyGen.initialize(ecParams);
KeyPair keyPair = keyGen.generateKeyPair();
ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
ECPrivateKey unusedPrivKey = (ECPrivateKey) keyPair.getPrivate();
// Create PublicKeyVerify.
ECPoint w = pubKey.getW();
assertThrows("Unsupported key, should have thrown exception: " + hashType + " " + curveType, GeneralSecurityException.class, () -> {
PublicKeyVerify unusedVerifier = createVerifier(hashType, curveType, EcdsaSignatureEncoding.DER, w.getAffineX().toByteArray(), w.getAffineY().toByteArray());
});
}
}
use of com.google.crypto.tink.proto.HashType in project tink by google.
the class EcdsaVerifyKeyManagerTest method testGetPrimitiveWithJCE.
@Test
public void testGetPrimitiveWithJCE() throws Exception {
HashAndCurveType[] hashAndCurves = { new HashAndCurveType(HashType.SHA256, EllipticCurveType.NIST_P256), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P384), new HashAndCurveType(HashType.SHA512, EllipticCurveType.NIST_P521) };
for (int i = 0; i < hashAndCurves.length; i++) {
HashType hashType = hashAndCurves[i].hashType;
EllipticCurveType curveType = hashAndCurves[i].curveType;
ECParameterSpec ecParams = EllipticCurves.getCurveSpec(SigUtil.toCurveType(curveType));
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
keyGen.initialize(ecParams);
KeyPair keyPair = keyGen.generateKeyPair();
ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
ECPrivateKey privKey = (ECPrivateKey) keyPair.getPrivate();
// Sign with JCE's Signature.
Signature signer = Signature.getInstance(SubtleUtil.toEcdsaAlgo(SigUtil.toHashType(hashType)));
signer.initSign(privKey);
byte[] msg = Random.randBytes(1231);
signer.update(msg);
byte[] signature = signer.sign();
// Create PublicKeyVerify.
ECPoint w = pubKey.getW();
PublicKeyVerify verifier = createVerifier(hashType, curveType, EcdsaSignatureEncoding.DER, w.getAffineX().toByteArray(), w.getAffineY().toByteArray());
verifier.verify(signature, msg);
}
}
use of com.google.crypto.tink.proto.HashType in project tink by google.
the class MacKeyTemplatesTest method testCreateHmacKeyTemplate.
@Test
public void testCreateHmacKeyTemplate() throws Exception {
// Intentionally using "weird" or invalid values for parameters,
// to test that the function correctly puts them in the resulting template.
int keySize = 42;
int tagSize = 24;
HashType hashType = HashType.SHA512;
KeyTemplate template = MacKeyTemplates.createHmacKeyTemplate(keySize, tagSize, hashType);
assertEquals(new HmacKeyManager().getKeyType(), template.getTypeUrl());
assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
HmacKeyFormat format = HmacKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry());
assertEquals(keySize, format.getKeySize());
assertEquals(tagSize, format.getParams().getTagSize());
assertEquals(hashType, format.getParams().getHash());
}
Aggregations