use of java.security.spec.DSAPrivateKeySpec in project wycheproof by google.
the class DsaTest method testDsaBias.
/**
* Checks whether the one time key k in DSA is biased. For example the SUN provider fell for this
* test until April 2016.
*/
@SuppressWarnings("InsecureCryptoUsage")
public void testDsaBias() throws Exception {
// q is close to 2/3 * 2^160.
BigInteger q = new BigInteger("974317976835659416858874959372334979171063697271");
BigInteger p = new BigInteger("1106803511314772711673172950296693567629309594518393175860816428" + "6658764043763662129010863568011543182924292444458455864283745070" + "9908516713302345161980412667892373845670780253725557376379049862" + "4062950082444499320797079243439689601679418602390654466821968220" + "32212146727497041502702331623782703855119908989712161");
BigInteger g = new BigInteger("1057342118316953575810387190942009018497979302261477972033090351" + "7561815639397594841480480197745063606756857212792356354588585967" + "3837265237205154744016475608524531648654928648461175919672511710" + "4878976887505840764543501512668232945506391524642105449699321960" + "32410302985148400531470153936516167243072120845392903");
BigInteger x = new BigInteger("13706102843888006547723575730792302382646994436");
KeyFactory kf = KeyFactory.getInstance("DSA");
DSAPrivateKey priv = (DSAPrivateKey) kf.generatePrivate(new DSAPrivateKeySpec(x, p, q, g));
// If we make TESTS tests with a fair coin then the probability that
// either heads or tails appears less than MINCOUNT times is less than
// 2^{-32}.
// I.e. 2*sum(binomial(tests,i) for i in range(mincount))*2**32 < 2**tests
// Therefore the test below is not expected to fail unless the generation
// of the one time keys is indeed biased.
final int tests = 1024;
final int mincount = 410;
String hashAlgorithm = "SHA";
String message = "Hello";
byte[] messageBytes = message.getBytes("UTF-8");
byte[] digest = MessageDigest.getInstance(hashAlgorithm).digest(messageBytes);
BigInteger h = new BigInteger(1, digest);
final BigInteger qHalf = q.shiftRight(1);
Signature signer = Signature.getInstance("SHA1WithDSA");
signer.initSign(priv);
// count the number of k's with msb set
int countLsb = 0;
// count the number of k's with lsb set
int countMsb = 0;
for (int i = 0; i < tests; i++) {
signer.update(messageBytes);
byte[] signature = signer.sign();
BigInteger k = extractK(signature, h, priv, i < 10);
if (k.testBit(0)) {
countLsb++;
}
if (k.compareTo(qHalf) == 1) {
countMsb++;
}
}
if (countLsb < mincount || countLsb > tests - mincount) {
fail("Bias detected in the least significant bit of k:" + countLsb);
}
if (countMsb < mincount || countMsb > tests - mincount) {
fail("Bias detected in the most significant bit of k:" + countMsb);
}
}
use of java.security.spec.DSAPrivateKeySpec in project robovm by robovm.
the class OpenSSLDSAKeyFactory method engineGetKeySpec.
@Override
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
if (key == null) {
throw new InvalidKeySpecException("key == null");
}
if (keySpec == null) {
throw new InvalidKeySpecException("keySpec == null");
}
if (!"DSA".equals(key.getAlgorithm())) {
throw new InvalidKeySpecException("Key must be a DSA key");
}
if (key instanceof DSAPublicKey && DSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
DSAPublicKey dsaKey = (DSAPublicKey) key;
DSAParams params = dsaKey.getParams();
return (T) new DSAPublicKeySpec(dsaKey.getY(), params.getP(), params.getQ(), params.getG());
} else if (key instanceof PublicKey && DSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"X.509".equals(key.getFormat()) || encoded == null) {
throw new InvalidKeySpecException("Not a valid X.509 encoding");
}
DSAPublicKey dsaKey = (DSAPublicKey) engineGeneratePublic(new X509EncodedKeySpec(encoded));
DSAParams params = dsaKey.getParams();
return (T) new DSAPublicKeySpec(dsaKey.getY(), params.getP(), params.getQ(), params.getG());
} else if (key instanceof DSAPrivateKey && DSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
DSAPrivateKey dsaKey = (DSAPrivateKey) key;
DSAParams params = dsaKey.getParams();
return (T) new DSAPrivateKeySpec(dsaKey.getX(), params.getP(), params.getQ(), params.getG());
} else if (key instanceof PrivateKey && DSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"PKCS#8".equals(key.getFormat()) || encoded == null) {
throw new InvalidKeySpecException("Not a valid PKCS#8 encoding");
}
DSAPrivateKey dsaKey = (DSAPrivateKey) engineGeneratePrivate(new PKCS8EncodedKeySpec(encoded));
DSAParams params = dsaKey.getParams();
return (T) new DSAPrivateKeySpec(dsaKey.getX(), params.getP(), params.getQ(), params.getG());
} else if (key instanceof PrivateKey && PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"PKCS#8".equals(key.getFormat())) {
throw new InvalidKeySpecException("Encoding type must be PKCS#8; was " + key.getFormat());
} else if (encoded == null) {
throw new InvalidKeySpecException("Key is not encodable");
}
return (T) new PKCS8EncodedKeySpec(encoded);
} else if (key instanceof PublicKey && X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
final byte[] encoded = key.getEncoded();
if (!"X.509".equals(key.getFormat())) {
throw new InvalidKeySpecException("Encoding type must be X.509; was " + key.getFormat());
} else if (encoded == null) {
throw new InvalidKeySpecException("Key is not encodable");
}
return (T) new X509EncodedKeySpec(encoded);
} else {
throw new InvalidKeySpecException("Unsupported key type and key spec combination; key=" + key.getClass().getName() + ", keySpec=" + keySpec.getName());
}
}
use of java.security.spec.DSAPrivateKeySpec in project robovm by robovm.
the class OpenSSLDSAKeyFactory method engineTranslateKey.
@Override
protected Key engineTranslateKey(Key key) throws InvalidKeyException {
if (key == null) {
throw new InvalidKeyException("key == null");
}
if ((key instanceof OpenSSLDSAPublicKey) || (key instanceof OpenSSLDSAPrivateKey)) {
return key;
} else if (key instanceof DSAPublicKey) {
DSAPublicKey dsaKey = (DSAPublicKey) key;
BigInteger y = dsaKey.getY();
DSAParams params = dsaKey.getParams();
BigInteger p = params.getP();
BigInteger q = params.getQ();
BigInteger g = params.getG();
try {
return engineGeneratePublic(new DSAPublicKeySpec(y, p, q, g));
} catch (InvalidKeySpecException e) {
throw new InvalidKeyException(e);
}
} else if (key instanceof DSAPrivateKey) {
DSAPrivateKey dsaKey = (DSAPrivateKey) key;
BigInteger x = dsaKey.getX();
DSAParams params = dsaKey.getParams();
BigInteger p = params.getP();
BigInteger q = params.getQ();
BigInteger g = params.getG();
try {
return engineGeneratePrivate(new DSAPrivateKeySpec(x, p, q, g));
} catch (InvalidKeySpecException e) {
throw new InvalidKeyException(e);
}
} else if ((key instanceof PrivateKey) && ("PKCS#8".equals(key.getFormat()))) {
byte[] encoded = key.getEncoded();
if (encoded == null) {
throw new InvalidKeyException("Key does not support encoding");
}
try {
return engineGeneratePrivate(new PKCS8EncodedKeySpec(encoded));
} catch (InvalidKeySpecException e) {
throw new InvalidKeyException(e);
}
} else if ((key instanceof PublicKey) && ("X.509".equals(key.getFormat()))) {
byte[] encoded = key.getEncoded();
if (encoded == null) {
throw new InvalidKeyException("Key does not support encoding");
}
try {
return engineGeneratePublic(new X509EncodedKeySpec(encoded));
} catch (InvalidKeySpecException e) {
throw new InvalidKeyException(e);
}
} else {
throw new InvalidKeyException("Key must be DSA public or private key; was " + key.getClass().getName());
}
}
use of java.security.spec.DSAPrivateKeySpec in project robovm by robovm.
the class DSAKeyFactoryImpl method engineGetKeySpec.
/**
* This method returns a specification for the supplied key.
*
* The specification will be returned in the form of an object of the type
* specified by keySpec.
*
* @param key -
* either DSAPrivateKey or DSAPublicKey
* @param keySpec -
* either DSAPrivateKeySpec.class or DSAPublicKeySpec.class
*
* @return either a DSAPrivateKeySpec or a DSAPublicKeySpec
*
* @throws InvalidKeySpecException
* if "keySpec" is not a specification for DSAPublicKey or
* DSAPrivateKey
*/
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
BigInteger p, q, g, x, y;
if (key != null) {
if (keySpec == null) {
throw new NullPointerException("keySpec == null");
}
if (key instanceof DSAPrivateKey) {
DSAPrivateKey privateKey = (DSAPrivateKey) key;
if (keySpec.equals(DSAPrivateKeySpec.class)) {
x = privateKey.getX();
DSAParams params = privateKey.getParams();
p = params.getP();
q = params.getQ();
g = params.getG();
return (T) (new DSAPrivateKeySpec(x, p, q, g));
}
if (keySpec.equals(PKCS8EncodedKeySpec.class)) {
return (T) (new PKCS8EncodedKeySpec(key.getEncoded()));
}
throw new InvalidKeySpecException("'keySpec' is neither DSAPrivateKeySpec nor PKCS8EncodedKeySpec");
}
if (key instanceof DSAPublicKey) {
DSAPublicKey publicKey = (DSAPublicKey) key;
if (keySpec.equals(DSAPublicKeySpec.class)) {
y = publicKey.getY();
DSAParams params = publicKey.getParams();
p = params.getP();
q = params.getQ();
g = params.getG();
return (T) (new DSAPublicKeySpec(y, p, q, g));
}
if (keySpec.equals(X509EncodedKeySpec.class)) {
return (T) (new X509EncodedKeySpec(key.getEncoded()));
}
throw new InvalidKeySpecException("'keySpec' is neither DSAPublicKeySpec nor X509EncodedKeySpec");
}
}
throw new InvalidKeySpecException("'key' is neither DSAPublicKey nor DSAPrivateKey");
}
use of java.security.spec.DSAPrivateKeySpec in project robovm by robovm.
the class DSAKeyFactoryImpl method engineTranslateKey.
/**
* The method generates a DSAPublicKey object from the provided key.
*
* @param
* key - a DSAPublicKey object or DSAPrivateKey object.
*
* @return
* object of the same type as the "key" argument
*
* @throws InvalidKeyException
* if "key" is neither DSAPublicKey nor DSAPrivateKey
*/
protected Key engineTranslateKey(Key key) throws InvalidKeyException {
if (key != null) {
if (key instanceof DSAPrivateKey) {
DSAPrivateKey privateKey = (DSAPrivateKey) key;
DSAParams params = privateKey.getParams();
try {
return engineGeneratePrivate(new DSAPrivateKeySpec(privateKey.getX(), params.getP(), params.getQ(), params.getG()));
} catch (InvalidKeySpecException e) {
// Actually this exception shouldn't be thrown
throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
}
}
if (key instanceof DSAPublicKey) {
DSAPublicKey publicKey = (DSAPublicKey) key;
DSAParams params = publicKey.getParams();
try {
return engineGeneratePublic(new DSAPublicKeySpec(publicKey.getY(), params.getP(), params.getQ(), params.getG()));
} catch (InvalidKeySpecException e) {
// Actually this exception shouldn't be thrown
throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
}
}
}
throw new InvalidKeyException("'key' is neither DSAPublicKey nor DSAPrivateKey");
}
Aggregations