use of java.security.interfaces.ECPublicKey in project wycheproof by google.
the class EcdhTest method testModifiedPublicSpec.
/**
* This is a similar test as testModifiedPublic. However, this test uses test vectors
* ECPublicKeySpec
*/
@SuppressWarnings("InsecureCryptoUsage")
public void testModifiedPublicSpec(String algorithm) throws Exception {
KeyAgreement ka;
try {
ka = KeyAgreement.getInstance(algorithm);
} catch (NoSuchAlgorithmException ex) {
System.out.println("testWrongOrder: " + algorithm + " not supported");
return;
}
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
keyGen.initialize(EcUtil.getNistP256Params());
ECPrivateKey priv = (ECPrivateKey) keyGen.generateKeyPair().getPrivate();
KeyFactory kf = KeyFactory.getInstance("EC");
ECPublicKey validKey = (ECPublicKey) kf.generatePublic(EC_VALID_PUBLIC_KEY.getSpec());
ka.init(priv);
ka.doPhase(validKey, true);
String expected = TestUtil.bytesToHex(ka.generateSecret());
for (EcPublicKeyTestVector test : EC_MODIFIED_PUBLIC_KEYS) {
ECPublicKeySpec spec = test.getSpec();
if (spec == null) {
// spec == null if one of these validity checks fails. Of course such a failure is OK.
continue;
}
try {
ECPublicKey modifiedKey = (ECPublicKey) kf.generatePublic(spec);
ka.init(priv);
ka.doPhase(modifiedKey, true);
String shared = TestUtil.bytesToHex(ka.generateSecret());
// The implementation did not notice that the public key was modified.
// This is not nice, but at the moment we only fail the test if the
// modification was essential for computing the shared secret.
//
// BouncyCastle v.1.53 fails this test, for ECDHC with modified order.
// This implementation reduces the product s*h modulo the order given
// in the public key. An attacker who can modify the order of the public key
// and who can learn whether such a modification changes the shared secret is
// able to learn the private key with a simple binary search.
assertEquals("algorithm:" + algorithm + " test:" + test.comment, expected, shared);
} catch (GeneralSecurityException ex) {
// OK, since the public keys have been modified.
System.out.println("testModifiedPublic:" + test.comment + " throws " + ex.toString());
}
}
}
use of java.security.interfaces.ECPublicKey in project wycheproof by google.
the class EcdhTest method testModifiedPublic.
/**
* This test modifies the order of group in the public key. A severe bug would be an
* implementation that leaks information whether the private key is larger than the order given in
* the public key. Also a severe bug would be to reduce the private key modulo the order given in
* the public key parameters.
*/
@SuppressWarnings("InsecureCryptoUsage")
public void testModifiedPublic(String algorithm) throws Exception {
KeyAgreement ka;
try {
ka = KeyAgreement.getInstance(algorithm);
} catch (NoSuchAlgorithmException ex) {
System.out.println("testWrongOrder: " + algorithm + " not supported");
return;
}
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
keyGen.initialize(EcUtil.getNistP256Params());
ECPrivateKey priv = (ECPrivateKey) keyGen.generateKeyPair().getPrivate();
KeyFactory kf = KeyFactory.getInstance("EC");
ECPublicKey validKey = (ECPublicKey) kf.generatePublic(EC_VALID_PUBLIC_KEY.getSpec());
ka.init(priv);
ka.doPhase(validKey, true);
String expected = TestUtil.bytesToHex(ka.generateSecret());
for (EcPublicKeyTestVector test : EC_MODIFIED_PUBLIC_KEYS) {
try {
X509EncodedKeySpec spec = test.getX509EncodedKeySpec();
ECPublicKey modifiedKey = (ECPublicKey) kf.generatePublic(spec);
ka.init(priv);
ka.doPhase(modifiedKey, true);
String shared = TestUtil.bytesToHex(ka.generateSecret());
// The implementation did not notice that the public key was modified.
// This is not nice, but at the moment we only fail the test if the
// modification was essential for computing the shared secret.
//
// BouncyCastle v.1.53 fails this test, for ECDHC with modified order.
// This implementation reduces the product s*h modulo the order given
// in the public key. An attacker who can modify the order of the public key
// and who can learn whether such a modification changes the shared secret is
// able to learn the private key with a simple binary search.
assertEquals("algorithm:" + algorithm + " test:" + test.comment, expected, shared);
} catch (GeneralSecurityException ex) {
// OK, since the public keys have been modified.
System.out.println("testModifiedPublic:" + test.comment + " throws " + ex.toString());
}
}
}
use of java.security.interfaces.ECPublicKey in project wycheproof by google.
the class EcdsaTest method testVectors.
public void testVectors(String[] signatures, ECPublicKeySpec pubSpec, String message, String algorithm, String signatureType, boolean isValidDER, boolean isValidBER) throws Exception {
byte[] messageBytes = message.getBytes("UTF-8");
Signature verifier = Signature.getInstance(algorithm);
KeyFactory kf = KeyFactory.getInstance("EC");
ECPublicKey pub = (ECPublicKey) kf.generatePublic(pubSpec);
int errors = 0;
for (String signature : signatures) {
byte[] signatureBytes = TestUtil.hexToBytes(signature);
verifier.initVerify(pub);
verifier.update(messageBytes);
boolean verified = false;
try {
verified = verifier.verify(signatureBytes);
} catch (SignatureException ex) {
// verify can throw SignatureExceptions if the signature is malformed.
// We don't flag these cases and simply consider the signature as invalid.
verified = false;
}
if (!verified && isValidDER) {
System.out.println(signatureType + " was not verified:" + signature);
errors++;
}
if (verified && !isValidBER) {
System.out.println(signatureType + " was verified:" + signature);
errors++;
}
}
assertEquals(0, errors);
}
use of java.security.interfaces.ECPublicKey in project wycheproof by google.
the class EcdsaTest method testBasic.
/**
* This test checks the basic functionality of ECDSA. It can also be used to generate simple test
* vectors.
*/
public void testBasic() throws Exception {
String algorithm = "SHA256WithECDSA";
String hashAlgorithm = "SHA-256";
String message = "Hello";
String curve = "secp256r1";
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
keyGen.initialize(ecSpec);
KeyPair keyPair = keyGen.generateKeyPair();
ECPublicKey pub = (ECPublicKey) keyPair.getPublic();
ECPrivateKey priv = (ECPrivateKey) keyPair.getPrivate();
byte[] messageBytes = message.getBytes("UTF-8");
Signature signer = Signature.getInstance(algorithm);
Signature verifier = Signature.getInstance(algorithm);
signer.initSign(priv);
signer.update(messageBytes);
byte[] signature = signer.sign();
verifier.initVerify(pub);
verifier.update(messageBytes);
assertTrue(verifier.verify(signature));
// Extract some parameters.
byte[] rawHash = MessageDigest.getInstance(hashAlgorithm).digest(messageBytes);
ECParameterSpec params = priv.getParams();
// Print keys and signature, so that it can be used to generate new test vectors.
System.out.println("Message:" + message);
System.out.println("Hash:" + TestUtil.bytesToHex(rawHash));
System.out.println("Curve:" + curve);
System.out.println("Order:" + params.getOrder().toString());
System.out.println("Private key:");
System.out.println("S:" + priv.getS().toString());
System.out.println("encoded:" + TestUtil.bytesToHex(priv.getEncoded()));
System.out.println("Public key:");
ECPoint w = pub.getW();
System.out.println("X:" + w.getAffineX().toString());
System.out.println("Y:" + w.getAffineY().toString());
System.out.println("encoded:" + TestUtil.bytesToHex(pub.getEncoded()));
System.out.println("Signature:" + TestUtil.bytesToHex(signature));
System.out.println("r:" + extractR(signature).toString());
System.out.println("s:" + extractS(signature).toString());
}
use of java.security.interfaces.ECPublicKey in project wycheproof by google.
the class EciesTest method testKeyGeneration.
/**
* BouncyCastle has a key generation algorithm "ECIES". This test checks that the result are
* ECKeys in both cases.
*/
public void testKeyGeneration() throws Exception {
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator kf = KeyPairGenerator.getInstance("ECIES");
kf.initialize(ecSpec);
KeyPair keyPair = kf.generateKeyPair();
ECPrivateKey priv = (ECPrivateKey) keyPair.getPrivate();
ECPublicKey pub = (ECPublicKey) keyPair.getPublic();
}
Aggregations