Search in sources :

Example 1 with RsaSsaPssPrivateKey

use of com.google.crypto.tink.proto.RsaSsaPssPrivateKey in project tink by google.

the class RsaSsaPssSignKeyManagerTest method createPrimitive.

@Test
public void createPrimitive() throws Exception {
    if (TestUtil.isTsan()) {
        // factory.createKey is too slow in Tsan.
        return;
    }
    RsaSsaPssKeyFormat format = createKeyFormat(HashType.SHA512, HashType.SHA512, 64, 4096, RSAKeyGenParameterSpec.F4);
    RsaSsaPssPrivateKey key = factory.createKey(format);
    PublicKeySign signer = manager.getPrimitive(key, PublicKeySign.class);
    KeyFactory kf = EngineFactory.KEY_FACTORY.getInstance("RSA");
    BigInteger modulus = new BigInteger(1, key.getPublicKey().getN().toByteArray());
    BigInteger exponent = new BigInteger(1, key.getPublicKey().getE().toByteArray());
    RSAPublicKey publicKey = (RSAPublicKey) kf.generatePublic(new RSAPublicKeySpec(modulus, exponent));
    RsaSsaPssParams params = key.getPublicKey().getParams();
    PublicKeyVerify verifier = new RsaSsaPssVerifyJce(publicKey, SigUtil.toHashType(params.getSigHash()), SigUtil.toHashType(params.getMgf1Hash()), params.getSaltLength());
    byte[] message = Random.randBytes(135);
    verifier.verify(signer.sign(message), message);
}
Also used : RsaSsaPssPrivateKey(com.google.crypto.tink.proto.RsaSsaPssPrivateKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) RsaSsaPssKeyFormat(com.google.crypto.tink.proto.RsaSsaPssKeyFormat) RsaSsaPssVerifyJce(com.google.crypto.tink.subtle.RsaSsaPssVerifyJce) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) BigInteger(java.math.BigInteger) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) RsaSsaPssParams(com.google.crypto.tink.proto.RsaSsaPssParams) PublicKeySign(com.google.crypto.tink.PublicKeySign) KeyFactory(java.security.KeyFactory) Test(org.junit.Test)

Example 2 with RsaSsaPssPrivateKey

use of com.google.crypto.tink.proto.RsaSsaPssPrivateKey in project tink by google.

the class RsaSsaPssVerifyKeyManagerTest method createPrimitive.

@Test
public void createPrimitive() throws Exception {
    if (TestUtil.isTsan()) {
        // factory.createKey is too slow in Tsan.
        return;
    }
    RsaSsaPssKeyFormat keyFormat = RsaSsaPssKeyFormat.newBuilder().setParams(RsaSsaPssParams.newBuilder().setSigHash(HashType.SHA256).setMgf1Hash(HashType.SHA256).setSaltLength(32)).setModulusSizeInBits(3072).setPublicExponent(ByteString.copyFrom(RSAKeyGenParameterSpec.F4.toByteArray())).build();
    RsaSsaPssPrivateKey privateKey = factory.createKey(keyFormat);
    RsaSsaPssPublicKey publicKey = signManager.getPublicKey(privateKey);
    PublicKeySign signer = signManager.getPrimitive(privateKey, PublicKeySign.class);
    PublicKeyVerify verifier = verifyManager.getPrimitive(publicKey, PublicKeyVerify.class);
    byte[] message = Random.randBytes(135);
    verifier.verify(signer.sign(message), message);
}
Also used : RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) RsaSsaPssPrivateKey(com.google.crypto.tink.proto.RsaSsaPssPrivateKey) RsaSsaPssKeyFormat(com.google.crypto.tink.proto.RsaSsaPssKeyFormat) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) PublicKeySign(com.google.crypto.tink.PublicKeySign) Test(org.junit.Test)

Example 3 with RsaSsaPssPrivateKey

use of com.google.crypto.tink.proto.RsaSsaPssPrivateKey in project tink by google.

the class RsaSsaPssSignKeyManagerTest method createCorruptedModulusPrimitive_throws.

@Test
public void createCorruptedModulusPrimitive_throws() throws Exception {
    RsaSsaPssKeyFormat format = createKeyFormat(HashType.SHA512, HashType.SHA512, 64, 4096, RSAKeyGenParameterSpec.F4);
    RsaSsaPssPrivateKey originalKey = factory.createKey(format);
    byte[] originalN = originalKey.getPublicKey().getN().toByteArray();
    originalN[0] = (byte) (originalN[0] ^ 0x01);
    ByteString corruptedN = ByteString.copyFrom(originalN);
    RsaSsaPssPublicKey corruptedPub = RsaSsaPssPublicKey.newBuilder().setVersion(originalKey.getPublicKey().getVersion()).setN(corruptedN).setE(originalKey.getPublicKey().getE()).build();
    RsaSsaPssPrivateKey corruptedKey = RsaSsaPssPrivateKey.newBuilder().setVersion(originalKey.getVersion()).setPublicKey(corruptedPub).setD(originalKey.getD()).setP(originalKey.getP()).setQ(originalKey.getQ()).setDp(originalKey.getDp()).setDq(originalKey.getDq()).setCrt(originalKey.getCrt()).build();
    assertThrows(GeneralSecurityException.class, () -> manager.getPrimitive(corruptedKey, PublicKeySign.class));
}
Also used : RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) RsaSsaPssPrivateKey(com.google.crypto.tink.proto.RsaSsaPssPrivateKey) ByteString(com.google.protobuf.ByteString) RsaSsaPssKeyFormat(com.google.crypto.tink.proto.RsaSsaPssKeyFormat) PublicKeySign(com.google.crypto.tink.PublicKeySign) Test(org.junit.Test)

Example 4 with RsaSsaPssPrivateKey

use of com.google.crypto.tink.proto.RsaSsaPssPrivateKey in project tink by google.

the class RsaSsaPssVerifyKeyManagerTest method validateKey_generated.

@Test
public void validateKey_generated() throws Exception {
    if (TestUtil.isTsan()) {
        // factory.createKey is too slow in Tsan.
        return;
    }
    RsaSsaPssKeyFormat keyFormat = RsaSsaPssKeyFormat.newBuilder().setParams(RsaSsaPssParams.newBuilder().setSigHash(HashType.SHA256).setMgf1Hash(HashType.SHA256).setSaltLength(32)).setModulusSizeInBits(3072).setPublicExponent(ByteString.copyFrom(RSAKeyGenParameterSpec.F4.toByteArray())).build();
    RsaSsaPssPrivateKey privateKey = factory.createKey(keyFormat);
    RsaSsaPssPublicKey publicKey = signManager.getPublicKey(privateKey);
    verifyManager.validateKey(publicKey);
}
Also used : RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) RsaSsaPssPrivateKey(com.google.crypto.tink.proto.RsaSsaPssPrivateKey) RsaSsaPssKeyFormat(com.google.crypto.tink.proto.RsaSsaPssKeyFormat) Test(org.junit.Test)

Example 5 with RsaSsaPssPrivateKey

use of com.google.crypto.tink.proto.RsaSsaPssPrivateKey in project tink by google.

the class RsaSsaPssVerifyKeyManagerTest method createPrimitive_anotherKey_throws.

@Test
public void createPrimitive_anotherKey_throws() throws Exception {
    if (TestUtil.isTsan()) {
        // factory.createKey is too slow in Tsan.
        return;
    }
    RsaSsaPssKeyFormat keyFormat = RsaSsaPssKeyFormat.newBuilder().setParams(RsaSsaPssParams.newBuilder().setSigHash(HashType.SHA256).setMgf1Hash(HashType.SHA256).setSaltLength(32)).setModulusSizeInBits(3072).setPublicExponent(ByteString.copyFrom(RSAKeyGenParameterSpec.F4.toByteArray())).build();
    RsaSsaPssPrivateKey privateKey = factory.createKey(keyFormat);
    // Create a different key.
    RsaSsaPssPublicKey publicKey = signManager.getPublicKey(factory.createKey(keyFormat));
    PublicKeySign signer = signManager.getPrimitive(privateKey, PublicKeySign.class);
    PublicKeyVerify verifier = verifyManager.getPrimitive(publicKey, PublicKeyVerify.class);
    byte[] message = Random.randBytes(135);
    byte[] signature = signer.sign(message);
    assertThrows(GeneralSecurityException.class, () -> verifier.verify(signature, message));
}
Also used : RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) RsaSsaPssPrivateKey(com.google.crypto.tink.proto.RsaSsaPssPrivateKey) RsaSsaPssKeyFormat(com.google.crypto.tink.proto.RsaSsaPssKeyFormat) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) PublicKeySign(com.google.crypto.tink.PublicKeySign) Test(org.junit.Test)

Aggregations

RsaSsaPssKeyFormat (com.google.crypto.tink.proto.RsaSsaPssKeyFormat)9 RsaSsaPssPrivateKey (com.google.crypto.tink.proto.RsaSsaPssPrivateKey)9 Test (org.junit.Test)9 PublicKeySign (com.google.crypto.tink.PublicKeySign)4 RsaSsaPssPublicKey (com.google.crypto.tink.proto.RsaSsaPssPublicKey)4 PublicKeyVerify (com.google.crypto.tink.PublicKeyVerify)3 ByteString (com.google.protobuf.ByteString)2 RsaSsaPssParams (com.google.crypto.tink.proto.RsaSsaPssParams)1 RsaSsaPssVerifyJce (com.google.crypto.tink.subtle.RsaSsaPssVerifyJce)1 BigInteger (java.math.BigInteger)1 KeyFactory (java.security.KeyFactory)1 RSAPublicKey (java.security.interfaces.RSAPublicKey)1 RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)1 TreeSet (java.util.TreeSet)1