Examples with RsaSsaPkcs1KeyFormat com.google.crypto.tink.proto.RsaSsaPkcs1KeyFormat used on opensource projects

Example 11 with RsaSsaPkcs1KeyFormat

use of com.google.crypto.tink.proto.RsaSsaPkcs1KeyFormat in project tink by google.

the class SignatureKeyTemplatesTest method rsaSsaPkcs1_3072.

@Test
public void rsaSsaPkcs1_3072() throws Exception {
    KeyTemplate template = SignatureKeyTemplates.RSA_SSA_PKCS1_3072_SHA256_F4;
    assertEquals(new RsaSsaPkcs1SignKeyManager().getKeyType(), template.getTypeUrl());
    assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
    RsaSsaPkcs1KeyFormat format = RsaSsaPkcs1KeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    assertTrue(format.hasParams());
    assertEquals(HashType.SHA256, format.getParams().getHashType());
    assertEquals(3072, format.getModulusSizeInBits());
    assertEquals(BigInteger.valueOf(65537), new BigInteger(1, format.getPublicExponent().toByteArray()));
}

Example 12 with RsaSsaPkcs1KeyFormat

use of com.google.crypto.tink.proto.RsaSsaPkcs1KeyFormat in project tink by google.

the class RsaSsaPkcs1SignKeyManager method keyFactory.

@Override
public KeyFactory<RsaSsaPkcs1KeyFormat, RsaSsaPkcs1PrivateKey> keyFactory() {
    return new KeyFactory<RsaSsaPkcs1KeyFormat, RsaSsaPkcs1PrivateKey>(RsaSsaPkcs1KeyFormat.class) {

        @Override
        public void validateKeyFormat(RsaSsaPkcs1KeyFormat keyFormat) throws GeneralSecurityException {
            SigUtil.validateRsaSsaPkcs1Params(keyFormat.getParams());
            Validators.validateRsaModulusSize(keyFormat.getModulusSizeInBits());
            Validators.validateRsaPublicExponent(new BigInteger(1, keyFormat.getPublicExponent().toByteArray()));
        }

        @Override
        public RsaSsaPkcs1KeyFormat parseKeyFormat(ByteString byteString) throws InvalidProtocolBufferException {
            return RsaSsaPkcs1KeyFormat.parseFrom(byteString, ExtensionRegistryLite.getEmptyRegistry());
        }

        @Override
        public RsaSsaPkcs1PrivateKey createKey(RsaSsaPkcs1KeyFormat format) throws GeneralSecurityException {
            RsaSsaPkcs1Params params = format.getParams();
            KeyPairGenerator keyGen = EngineFactory.KEY_PAIR_GENERATOR.getInstance("RSA");
            RSAKeyGenParameterSpec spec = new RSAKeyGenParameterSpec(format.getModulusSizeInBits(), new BigInteger(1, format.getPublicExponent().toByteArray()));
            keyGen.initialize(spec);
            KeyPair keyPair = keyGen.generateKeyPair();
            RSAPublicKey pubKey = (RSAPublicKey) keyPair.getPublic();
            RSAPrivateCrtKey privKey = (RSAPrivateCrtKey) keyPair.getPrivate();
            // Creates RsaSsaPkcs1PublicKey.
            RsaSsaPkcs1PublicKey pkcs1PubKey = RsaSsaPkcs1PublicKey.newBuilder().setVersion(getVersion()).setParams(params).setE(ByteString.copyFrom(pubKey.getPublicExponent().toByteArray())).setN(ByteString.copyFrom(pubKey.getModulus().toByteArray())).build();
            // Creates RsaSsaPkcs1PrivateKey.
            return RsaSsaPkcs1PrivateKey.newBuilder().setVersion(getVersion()).setPublicKey(pkcs1PubKey).setD(ByteString.copyFrom(privKey.getPrivateExponent().toByteArray())).setP(ByteString.copyFrom(privKey.getPrimeP().toByteArray())).setQ(ByteString.copyFrom(privKey.getPrimeQ().toByteArray())).setDp(ByteString.copyFrom(privKey.getPrimeExponentP().toByteArray())).setDq(ByteString.copyFrom(privKey.getPrimeExponentQ().toByteArray())).setCrt(ByteString.copyFrom(privKey.getCrtCoefficient().toByteArray())).build();
        }

        @Override
        public Map<String, KeyFactory.KeyFormat<RsaSsaPkcs1KeyFormat>> keyFormats() throws GeneralSecurityException {
            Map<String, KeyFactory.KeyFormat<RsaSsaPkcs1KeyFormat>> result = new HashMap<>();
            result.put("RSA_SSA_PKCS1_3072_SHA256_F4", new KeyFormat<>(createKeyFormat(HashType.SHA256, 3072, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.TINK));
            result.put("RSA_SSA_PKCS1_3072_SHA256_F4_RAW", new KeyFormat<>(createKeyFormat(HashType.SHA256, 3072, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.RAW));
            // This is identical to RSA_SSA_PKCS1_3072_SHA256_F4_RAW. It is needed to maintain backward
            // compatibility with SignatureKeyTemplates.
            // TODO(b/185475349): remove this in Tink 2.0.0.
            result.put("RSA_SSA_PKCS1_3072_SHA256_F4_WITHOUT_PREFIX", new KeyFormat<>(createKeyFormat(HashType.SHA256, 3072, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.RAW));
            result.put("RSA_SSA_PKCS1_4096_SHA512_F4", new KeyFormat<>(createKeyFormat(HashType.SHA512, 4096, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.TINK));
            result.put("RSA_SSA_PKCS1_4096_SHA512_F4_RAW", new KeyFormat<>(createKeyFormat(HashType.SHA512, 4096, RSAKeyGenParameterSpec.F4), KeyTemplate.OutputPrefixType.RAW));
            return Collections.unmodifiableMap(result);
        }
    };
}

Example 13 with RsaSsaPkcs1KeyFormat

use of com.google.crypto.tink.proto.RsaSsaPkcs1KeyFormat in project tink by google.

the class SignatureKeyTemplatesTest method rsaSsaPkcs1_4096.

@Test
public void rsaSsaPkcs1_4096() throws Exception {
    KeyTemplate template = SignatureKeyTemplates.RSA_SSA_PKCS1_4096_SHA512_F4;
    assertEquals(new RsaSsaPkcs1SignKeyManager().getKeyType(), template.getTypeUrl());
    assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType());
    RsaSsaPkcs1KeyFormat format = RsaSsaPkcs1KeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    assertTrue(format.hasParams());
    assertEquals(HashType.SHA512, format.getParams().getHashType());
    assertEquals(4096, format.getModulusSizeInBits());
    assertEquals(BigInteger.valueOf(65537), new BigInteger(1, format.getPublicExponent().toByteArray()));
}

Example 14 with RsaSsaPkcs1KeyFormat

use of com.google.crypto.tink.proto.RsaSsaPkcs1KeyFormat in project tink by google.

the class RsaSsaPkcs1VerifyKeyManagerTest method createPrimitive.

@Test
public void createPrimitive() throws Exception {
    if (TestUtil.isTsan()) {
        // factory.createKey is too slow in Tsan.
        return;
    }
    RsaSsaPkcs1KeyFormat keyFormat = RsaSsaPkcs1KeyFormat.newBuilder().setParams(RsaSsaPkcs1Params.newBuilder().setHashType(HashType.SHA256)).setModulusSizeInBits(3072).setPublicExponent(ByteString.copyFrom(RSAKeyGenParameterSpec.F4.toByteArray())).build();
    RsaSsaPkcs1PrivateKey privateKey = factory.createKey(keyFormat);
    RsaSsaPkcs1PublicKey publicKey = signManager.getPublicKey(privateKey);
    PublicKeySign signer = signManager.getPrimitive(privateKey, PublicKeySign.class);
    PublicKeyVerify verifier = verifyManager.getPrimitive(publicKey, PublicKeyVerify.class);
    byte[] message = Random.randBytes(135);
    verifier.verify(signer.sign(message), message);
}

Example 15 with RsaSsaPkcs1KeyFormat

use of com.google.crypto.tink.proto.RsaSsaPkcs1KeyFormat in project tink by google.

the class RsaSsaPkcs1SignKeyManagerTest method validateKeyFormat_sha384Allowed.

@Test
public void validateKeyFormat_sha384Allowed() throws Exception {
    // TODO(b/140410067): Check if SHA384 should be allowed.
    RsaSsaPkcs1KeyFormat format = createKeyFormat(HashType.SHA384, 3072, RSAKeyGenParameterSpec.F4);
    factory.validateKeyFormat(format);
}