Search in sources :

Example 1 with RsaSsaPssPublicKey

use of com.google.crypto.tink.proto.RsaSsaPssPublicKey in project tink by google.

the class RsaSsaPssVerifyKeyManagerTest method createPrimitive.

@Test
public void createPrimitive() throws Exception {
    if (TestUtil.isTsan()) {
        // factory.createKey is too slow in Tsan.
        return;
    }
    RsaSsaPssKeyFormat keyFormat = RsaSsaPssKeyFormat.newBuilder().setParams(RsaSsaPssParams.newBuilder().setSigHash(HashType.SHA256).setMgf1Hash(HashType.SHA256).setSaltLength(32)).setModulusSizeInBits(3072).setPublicExponent(ByteString.copyFrom(RSAKeyGenParameterSpec.F4.toByteArray())).build();
    RsaSsaPssPrivateKey privateKey = factory.createKey(keyFormat);
    RsaSsaPssPublicKey publicKey = signManager.getPublicKey(privateKey);
    PublicKeySign signer = signManager.getPrimitive(privateKey, PublicKeySign.class);
    PublicKeyVerify verifier = verifyManager.getPrimitive(publicKey, PublicKeyVerify.class);
    byte[] message = Random.randBytes(135);
    verifier.verify(signer.sign(message), message);
}
Also used : RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) RsaSsaPssPrivateKey(com.google.crypto.tink.proto.RsaSsaPssPrivateKey) RsaSsaPssKeyFormat(com.google.crypto.tink.proto.RsaSsaPssKeyFormat) PublicKeyVerify(com.google.crypto.tink.PublicKeyVerify) PublicKeySign(com.google.crypto.tink.PublicKeySign) Test(org.junit.Test)

Example 2 with RsaSsaPssPublicKey

use of com.google.crypto.tink.proto.RsaSsaPssPublicKey in project tink by google.

the class RsaSsaPssVerifyKeyManagerTest method validateKey_wrongVersion.

@Test
public void validateKey_wrongVersion() throws Exception {
    RsaSsaPssPublicKey publicKey = nistTestVectors[0].publicKeyProto;
    RsaSsaPssPublicKey invalidKey = RsaSsaPssPublicKey.newBuilder(publicKey).setVersion(1).build();
    assertThrows(GeneralSecurityException.class, () -> verifyManager.validateKey(invalidKey));
}
Also used : RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) Test(org.junit.Test)

Example 3 with RsaSsaPssPublicKey

use of com.google.crypto.tink.proto.RsaSsaPssPublicKey in project tink by google.

the class RsaSsaPssVerifyKeyManagerTest method validateKey_testVector.

@Test
public void validateKey_testVector() throws Exception {
    if (TestUtil.isTsan()) {
        // factory.createKey is too slow in Tsan.
        return;
    }
    RsaSsaPssPublicKey publicKey = nistTestVectors[0].publicKeyProto;
    verifyManager.validateKey(publicKey);
}
Also used : RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) Test(org.junit.Test)

Example 4 with RsaSsaPssPublicKey

use of com.google.crypto.tink.proto.RsaSsaPssPublicKey in project tink by google.

the class SignaturePemKeysetReaderTest method read_oneRSAPublicKey_shouldWork.

@Test
public void read_oneRSAPublicKey_shouldWork() throws Exception {
    String pem = "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv90Xf/NN1lRGBofJQzJf\n" + "lHvo6GAf25GGQGaMmD9T1ZP71CCbJ69lGIS/6akFBg6ECEHGM2EZ4WFLCdr5byUq\n" + "GCf4mY4WuOn+AcwzwAoDz9ASIFcQOoPclO7JYdfo2SOaumumdb5S/7FkKJ70TGYW\n" + "j9aTOYWsCcaojbjGDY/JEXz3BSRIngcgOvXBmV1JokcJ/LsrJD263WE9iUknZDhB\n" + "K7y4ChjHNqL8yJcw/D8xLNiJtIyuxiZ00p/lOVUInr8C/a2C1UGCgEGuXZAEGAdO\n" + "NVez52n5TLvQP3hRd4MTi7YvfhezRcA4aXyIDOv+TYi4p+OVTYQ+FMbkgoWBm5bq\n" + "wQIDAQAB\n" + "-----END PUBLIC KEY-----\n";
    KeysetReader keysetReader = SignaturePemKeysetReader.newBuilder().addPem(pem, PemKeyType.RSA_PSS_2048_SHA256).build();
    Keyset ks = keysetReader.read();
    Keyset.Key key = ks.getKey(0);
    KeyData keyData = key.getKeyData();
    RsaSsaPssPublicKey publicKeyProto = RsaSsaPssPublicKey.parseFrom(keyData.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    RSAPublicKey publicKey = (RSAPublicKey) PemKeyType.RSA_PSS_2048_SHA256.readKey(new BufferedReader(new StringReader(pem)));
    assertThat(ks.getKeyCount()).isEqualTo(1);
    assertThat(ks.getPrimaryKeyId()).isEqualTo(key.getKeyId());
    assertThat(key.getStatus()).isEqualTo(KeyStatusType.ENABLED);
    assertThat(key.getOutputPrefixType()).isEqualTo(OutputPrefixType.RAW);
    assertThat(keyData.getTypeUrl()).isEqualTo(new RsaSsaPssVerifyKeyManager().getKeyType());
    assertThat(keyData.getKeyMaterialType()).isEqualTo(KeyMaterialType.ASYMMETRIC_PUBLIC);
    assertThat(publicKeyProto.getParams().getSigHash()).isEqualTo(HashType.SHA256);
    assertThat(publicKeyProto.getParams().getMgf1Hash()).isEqualTo(HashType.SHA256);
    assertThat(publicKeyProto.getParams().getSaltLength()).isEqualTo(32);
    assertThat(publicKeyProto.getN().toByteArray()).isEqualTo(SigUtil.toUnsignedIntByteString(publicKey.getModulus()).toByteArray());
    assertThat(publicKeyProto.getE().toByteArray()).isEqualTo(SigUtil.toUnsignedIntByteString(publicKey.getPublicExponent()).toByteArray());
}
Also used : Keyset(com.google.crypto.tink.proto.Keyset) RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) KeysetReader(com.google.crypto.tink.KeysetReader) BufferedReader(java.io.BufferedReader) StringReader(java.io.StringReader) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Example 5 with RsaSsaPssPublicKey

use of com.google.crypto.tink.proto.RsaSsaPssPublicKey in project tink by google.

the class SignaturePemKeysetReaderTest method read_onePEM_twoRSAPublicKeys_shouldWork.

@Test
public void read_onePEM_twoRSAPublicKeys_shouldWork() throws Exception {
    String pem = "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv90Xf/NN1lRGBofJQzJf\n" + "lHvo6GAf25GGQGaMmD9T1ZP71CCbJ69lGIS/6akFBg6ECEHGM2EZ4WFLCdr5byUq\n" + "GCf4mY4WuOn+AcwzwAoDz9ASIFcQOoPclO7JYdfo2SOaumumdb5S/7FkKJ70TGYW\n" + "j9aTOYWsCcaojbjGDY/JEXz3BSRIngcgOvXBmV1JokcJ/LsrJD263WE9iUknZDhB\n" + "K7y4ChjHNqL8yJcw/D8xLNiJtIyuxiZ00p/lOVUInr8C/a2C1UGCgEGuXZAEGAdO\n" + "NVez52n5TLvQP3hRd4MTi7YvfhezRcA4aXyIDOv+TYi4p+OVTYQ+FMbkgoWBm5bq\n" + "wQIDAQAB\n" + "-----END PUBLIC KEY-----\n" + "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHT+woDZHckRv316VyUw\n" + "WnQ8lR7C1rOj+KPuBnAPMQTW8htNG0gfjYEb01ZRvZM8ezOunDnpBqvYPeATKTGu\n" + "YD7/Tq1gkcFGf59aG2vgi8I/+0OkYNyWwuYLKm34t50TKMvQwiIBr0IZfaGnzF/5\n" + "43wqtE6rvcZTavlR0q3ftJQ6OEFXnOzShRctQf7nIn2Mi2mks3cLoWpqLJe0rSiM\n" + "TYqas+fiLd5K5p55H2woBpoRPBmNEBMd2r+P0caGNRd3XuO2OwOx/2XezZ0Lj9ms\n" + "u7BDXM/No6dxLmrgwzokuRg0N/mF+PUCnNakbT1nyn/1uMopialAMDhYUEtZdFjw\n" + "gwIDAQAB\n" + "-----END PUBLIC KEY-----\n";
    KeysetReader keysetReader = SignaturePemKeysetReader.newBuilder().addPem(pem, PemKeyType.RSA_PSS_2048_SHA256).build();
    Keyset ks = keysetReader.read();
    Keyset.Key firstKey = ks.getKey(0);
    Keyset.Key secondKey = ks.getKey(1);
    assertThat(ks.getKeyCount()).isEqualTo(2);
    assertThat(ks.getPrimaryKeyId()).isEqualTo(firstKey.getKeyId());
    KeyData keyData = firstKey.getKeyData();
    RsaSsaPssPublicKey publicKeyProto = RsaSsaPssPublicKey.parseFrom(keyData.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    RSAPublicKey publicKey = (RSAPublicKey) PemKeyType.RSA_PSS_2048_SHA256.readKey(new BufferedReader(new StringReader(pem)));
    assertThat(firstKey.getStatus()).isEqualTo(KeyStatusType.ENABLED);
    assertThat(firstKey.getOutputPrefixType()).isEqualTo(OutputPrefixType.RAW);
    assertThat(keyData.getTypeUrl()).isEqualTo(new RsaSsaPssVerifyKeyManager().getKeyType());
    assertThat(keyData.getKeyMaterialType()).isEqualTo(KeyMaterialType.ASYMMETRIC_PUBLIC);
    assertThat(publicKeyProto.getParams().getSigHash()).isEqualTo(HashType.SHA256);
    assertThat(publicKeyProto.getParams().getMgf1Hash()).isEqualTo(HashType.SHA256);
    assertThat(publicKeyProto.getParams().getSaltLength()).isEqualTo(32);
    assertThat(publicKeyProto.getN().toByteArray()).isEqualTo(SigUtil.toUnsignedIntByteString(publicKey.getModulus()).toByteArray());
    assertThat(publicKeyProto.getE().toByteArray()).isEqualTo(SigUtil.toUnsignedIntByteString(publicKey.getPublicExponent()).toByteArray());
    keyData = secondKey.getKeyData();
    publicKeyProto = RsaSsaPssPublicKey.parseFrom(keyData.getValue(), ExtensionRegistryLite.getEmptyRegistry());
    assertThat(secondKey.getStatus()).isEqualTo(KeyStatusType.ENABLED);
    assertThat(secondKey.getOutputPrefixType()).isEqualTo(OutputPrefixType.RAW);
    assertThat(keyData.getTypeUrl()).isEqualTo(new RsaSsaPssVerifyKeyManager().getKeyType());
    assertThat(keyData.getKeyMaterialType()).isEqualTo(KeyMaterialType.ASYMMETRIC_PUBLIC);
    assertThat(publicKeyProto.getParams().getSigHash()).isEqualTo(HashType.SHA256);
    assertThat(publicKeyProto.getParams().getMgf1Hash()).isEqualTo(HashType.SHA256);
    assertThat(publicKeyProto.getParams().getSaltLength()).isEqualTo(32);
}
Also used : Keyset(com.google.crypto.tink.proto.Keyset) RsaSsaPssPublicKey(com.google.crypto.tink.proto.RsaSsaPssPublicKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) KeysetReader(com.google.crypto.tink.KeysetReader) BufferedReader(java.io.BufferedReader) StringReader(java.io.StringReader) KeyData(com.google.crypto.tink.proto.KeyData) Test(org.junit.Test)

Aggregations

RsaSsaPssPublicKey (com.google.crypto.tink.proto.RsaSsaPssPublicKey)14 Test (org.junit.Test)11 RsaSsaPssKeyFormat (com.google.crypto.tink.proto.RsaSsaPssKeyFormat)5 RSAPublicKey (java.security.interfaces.RSAPublicKey)5 KeysetReader (com.google.crypto.tink.KeysetReader)4 KeyData (com.google.crypto.tink.proto.KeyData)4 Keyset (com.google.crypto.tink.proto.Keyset)4 RsaSsaPssPrivateKey (com.google.crypto.tink.proto.RsaSsaPssPrivateKey)4 BufferedReader (java.io.BufferedReader)4 StringReader (java.io.StringReader)4 PublicKeySign (com.google.crypto.tink.PublicKeySign)3 PublicKeyVerify (com.google.crypto.tink.PublicKeyVerify)2 RsaSsaPssParams (com.google.crypto.tink.proto.RsaSsaPssParams)2 ByteString (com.google.protobuf.ByteString)2 BigInteger (java.math.BigInteger)2 EcdsaPublicKey (com.google.crypto.tink.proto.EcdsaPublicKey)1 RsaSsaPkcs1Params (com.google.crypto.tink.proto.RsaSsaPkcs1Params)1 RsaSsaPkcs1PublicKey (com.google.crypto.tink.proto.RsaSsaPkcs1PublicKey)1 IOException (java.io.IOException)1 KeyPair (java.security.KeyPair)1