Search in sources :

Example 11 with DSAPrivateKeySpec

use of java.security.spec.DSAPrivateKeySpec in project wycheproof by google.

the class DsaTest method testDsaBias.

/**
   * Checks whether the one time key k in DSA is biased. For example the SUN provider fell for this
   * test until April 2016.
   */
@SuppressWarnings("InsecureCryptoUsage")
public void testDsaBias() throws Exception {
    // q is close to 2/3 * 2^160.
    BigInteger q = new BigInteger("974317976835659416858874959372334979171063697271");
    BigInteger p = new BigInteger("1106803511314772711673172950296693567629309594518393175860816428" + "6658764043763662129010863568011543182924292444458455864283745070" + "9908516713302345161980412667892373845670780253725557376379049862" + "4062950082444499320797079243439689601679418602390654466821968220" + "32212146727497041502702331623782703855119908989712161");
    BigInteger g = new BigInteger("1057342118316953575810387190942009018497979302261477972033090351" + "7561815639397594841480480197745063606756857212792356354588585967" + "3837265237205154744016475608524531648654928648461175919672511710" + "4878976887505840764543501512668232945506391524642105449699321960" + "32410302985148400531470153936516167243072120845392903");
    BigInteger x = new BigInteger("13706102843888006547723575730792302382646994436");
    KeyFactory kf = KeyFactory.getInstance("DSA");
    DSAPrivateKey priv = (DSAPrivateKey) kf.generatePrivate(new DSAPrivateKeySpec(x, p, q, g));
    // If we make TESTS tests with a fair coin then the probability that
    // either heads or tails appears less than MINCOUNT times is less than
    // 2^{-32}.
    // I.e. 2*sum(binomial(tests,i) for i in range(mincount))*2**32 < 2**tests
    // Therefore the test below is not expected to fail unless the generation
    // of the one time keys is indeed biased.
    final int tests = 1024;
    final int mincount = 410;
    String hashAlgorithm = "SHA";
    String message = "Hello";
    byte[] messageBytes = message.getBytes("UTF-8");
    byte[] digest = MessageDigest.getInstance(hashAlgorithm).digest(messageBytes);
    BigInteger h = new BigInteger(1, digest);
    final BigInteger qHalf = q.shiftRight(1);
    Signature signer = Signature.getInstance("SHA1WithDSA");
    signer.initSign(priv);
    // count the number of k's with msb set
    int countLsb = 0;
    // count the number of k's with lsb set
    int countMsb = 0;
    for (int i = 0; i < tests; i++) {
        signer.update(messageBytes);
        byte[] signature = signer.sign();
        BigInteger k = extractK(signature, h, priv, i < 10);
        if (k.testBit(0)) {
            countLsb++;
        }
        if (k.compareTo(qHalf) == 1) {
            countMsb++;
        }
    }
    if (countLsb < mincount || countLsb > tests - mincount) {
        fail("Bias detected in the least significant bit of k:" + countLsb);
    }
    if (countMsb < mincount || countMsb > tests - mincount) {
        fail("Bias detected in the most significant bit of k:" + countMsb);
    }
}
Also used : DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) Signature(java.security.Signature) BigInteger(java.math.BigInteger) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) KeyFactory(java.security.KeyFactory)

Example 12 with DSAPrivateKeySpec

use of java.security.spec.DSAPrivateKeySpec in project robovm by robovm.

the class OpenSSLDSAKeyFactory method engineGetKeySpec.

@Override
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
    if (key == null) {
        throw new InvalidKeySpecException("key == null");
    }
    if (keySpec == null) {
        throw new InvalidKeySpecException("keySpec == null");
    }
    if (!"DSA".equals(key.getAlgorithm())) {
        throw new InvalidKeySpecException("Key must be a DSA key");
    }
    if (key instanceof DSAPublicKey && DSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
        DSAPublicKey dsaKey = (DSAPublicKey) key;
        DSAParams params = dsaKey.getParams();
        return (T) new DSAPublicKeySpec(dsaKey.getY(), params.getP(), params.getQ(), params.getG());
    } else if (key instanceof PublicKey && DSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
        final byte[] encoded = key.getEncoded();
        if (!"X.509".equals(key.getFormat()) || encoded == null) {
            throw new InvalidKeySpecException("Not a valid X.509 encoding");
        }
        DSAPublicKey dsaKey = (DSAPublicKey) engineGeneratePublic(new X509EncodedKeySpec(encoded));
        DSAParams params = dsaKey.getParams();
        return (T) new DSAPublicKeySpec(dsaKey.getY(), params.getP(), params.getQ(), params.getG());
    } else if (key instanceof DSAPrivateKey && DSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
        DSAPrivateKey dsaKey = (DSAPrivateKey) key;
        DSAParams params = dsaKey.getParams();
        return (T) new DSAPrivateKeySpec(dsaKey.getX(), params.getP(), params.getQ(), params.getG());
    } else if (key instanceof PrivateKey && DSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
        final byte[] encoded = key.getEncoded();
        if (!"PKCS#8".equals(key.getFormat()) || encoded == null) {
            throw new InvalidKeySpecException("Not a valid PKCS#8 encoding");
        }
        DSAPrivateKey dsaKey = (DSAPrivateKey) engineGeneratePrivate(new PKCS8EncodedKeySpec(encoded));
        DSAParams params = dsaKey.getParams();
        return (T) new DSAPrivateKeySpec(dsaKey.getX(), params.getP(), params.getQ(), params.getG());
    } else if (key instanceof PrivateKey && PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) {
        final byte[] encoded = key.getEncoded();
        if (!"PKCS#8".equals(key.getFormat())) {
            throw new InvalidKeySpecException("Encoding type must be PKCS#8; was " + key.getFormat());
        } else if (encoded == null) {
            throw new InvalidKeySpecException("Key is not encodable");
        }
        return (T) new PKCS8EncodedKeySpec(encoded);
    } else if (key instanceof PublicKey && X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
        final byte[] encoded = key.getEncoded();
        if (!"X.509".equals(key.getFormat())) {
            throw new InvalidKeySpecException("Encoding type must be X.509; was " + key.getFormat());
        } else if (encoded == null) {
            throw new InvalidKeySpecException("Key is not encodable");
        }
        return (T) new X509EncodedKeySpec(encoded);
    } else {
        throw new InvalidKeySpecException("Unsupported key type and key spec combination; key=" + key.getClass().getName() + ", keySpec=" + keySpec.getName());
    }
}
Also used : DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) DSAPublicKey(java.security.interfaces.DSAPublicKey) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) DSAParams(java.security.interfaces.DSAParams) DSAPublicKey(java.security.interfaces.DSAPublicKey) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)

Example 13 with DSAPrivateKeySpec

use of java.security.spec.DSAPrivateKeySpec in project robovm by robovm.

the class OpenSSLDSAKeyFactory method engineTranslateKey.

@Override
protected Key engineTranslateKey(Key key) throws InvalidKeyException {
    if (key == null) {
        throw new InvalidKeyException("key == null");
    }
    if ((key instanceof OpenSSLDSAPublicKey) || (key instanceof OpenSSLDSAPrivateKey)) {
        return key;
    } else if (key instanceof DSAPublicKey) {
        DSAPublicKey dsaKey = (DSAPublicKey) key;
        BigInteger y = dsaKey.getY();
        DSAParams params = dsaKey.getParams();
        BigInteger p = params.getP();
        BigInteger q = params.getQ();
        BigInteger g = params.getG();
        try {
            return engineGeneratePublic(new DSAPublicKeySpec(y, p, q, g));
        } catch (InvalidKeySpecException e) {
            throw new InvalidKeyException(e);
        }
    } else if (key instanceof DSAPrivateKey) {
        DSAPrivateKey dsaKey = (DSAPrivateKey) key;
        BigInteger x = dsaKey.getX();
        DSAParams params = dsaKey.getParams();
        BigInteger p = params.getP();
        BigInteger q = params.getQ();
        BigInteger g = params.getG();
        try {
            return engineGeneratePrivate(new DSAPrivateKeySpec(x, p, q, g));
        } catch (InvalidKeySpecException e) {
            throw new InvalidKeyException(e);
        }
    } else if ((key instanceof PrivateKey) && ("PKCS#8".equals(key.getFormat()))) {
        byte[] encoded = key.getEncoded();
        if (encoded == null) {
            throw new InvalidKeyException("Key does not support encoding");
        }
        try {
            return engineGeneratePrivate(new PKCS8EncodedKeySpec(encoded));
        } catch (InvalidKeySpecException e) {
            throw new InvalidKeyException(e);
        }
    } else if ((key instanceof PublicKey) && ("X.509".equals(key.getFormat()))) {
        byte[] encoded = key.getEncoded();
        if (encoded == null) {
            throw new InvalidKeyException("Key does not support encoding");
        }
        try {
            return engineGeneratePublic(new X509EncodedKeySpec(encoded));
        } catch (InvalidKeySpecException e) {
            throw new InvalidKeyException(e);
        }
    } else {
        throw new InvalidKeyException("Key must be DSA public or private key; was " + key.getClass().getName());
    }
}
Also used : DSAPrivateKey(java.security.interfaces.DSAPrivateKey) PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) DSAPublicKey(java.security.interfaces.DSAPublicKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) DSAParams(java.security.interfaces.DSAParams) InvalidKeyException(java.security.InvalidKeyException) DSAPublicKey(java.security.interfaces.DSAPublicKey) DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) BigInteger(java.math.BigInteger) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)

Example 14 with DSAPrivateKeySpec

use of java.security.spec.DSAPrivateKeySpec in project robovm by robovm.

the class DSAKeyFactoryImpl method engineGetKeySpec.

/**
     * This method returns a specification for the supplied key.
     *
     * The specification will be returned in the form of an object of the type
     * specified by keySpec.
     *
     * @param key -
     *            either DSAPrivateKey or DSAPublicKey
     * @param keySpec -
     *            either DSAPrivateKeySpec.class or DSAPublicKeySpec.class
     *
     * @return either a DSAPrivateKeySpec or a DSAPublicKeySpec
     *
     * @throws InvalidKeySpecException
     *             if "keySpec" is not a specification for DSAPublicKey or
     *             DSAPrivateKey
     */
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
    BigInteger p, q, g, x, y;
    if (key != null) {
        if (keySpec == null) {
            throw new NullPointerException("keySpec == null");
        }
        if (key instanceof DSAPrivateKey) {
            DSAPrivateKey privateKey = (DSAPrivateKey) key;
            if (keySpec.equals(DSAPrivateKeySpec.class)) {
                x = privateKey.getX();
                DSAParams params = privateKey.getParams();
                p = params.getP();
                q = params.getQ();
                g = params.getG();
                return (T) (new DSAPrivateKeySpec(x, p, q, g));
            }
            if (keySpec.equals(PKCS8EncodedKeySpec.class)) {
                return (T) (new PKCS8EncodedKeySpec(key.getEncoded()));
            }
            throw new InvalidKeySpecException("'keySpec' is neither DSAPrivateKeySpec nor PKCS8EncodedKeySpec");
        }
        if (key instanceof DSAPublicKey) {
            DSAPublicKey publicKey = (DSAPublicKey) key;
            if (keySpec.equals(DSAPublicKeySpec.class)) {
                y = publicKey.getY();
                DSAParams params = publicKey.getParams();
                p = params.getP();
                q = params.getQ();
                g = params.getG();
                return (T) (new DSAPublicKeySpec(y, p, q, g));
            }
            if (keySpec.equals(X509EncodedKeySpec.class)) {
                return (T) (new X509EncodedKeySpec(key.getEncoded()));
            }
            throw new InvalidKeySpecException("'keySpec' is neither DSAPublicKeySpec nor X509EncodedKeySpec");
        }
    }
    throw new InvalidKeySpecException("'key' is neither DSAPublicKey nor DSAPrivateKey");
}
Also used : DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) BigInteger(java.math.BigInteger) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) DSAParams(java.security.interfaces.DSAParams) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) DSAPublicKey(java.security.interfaces.DSAPublicKey) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)

Example 15 with DSAPrivateKeySpec

use of java.security.spec.DSAPrivateKeySpec in project robovm by robovm.

the class DSAKeyFactoryImpl method engineTranslateKey.

/**
     * The method generates a DSAPublicKey object from the provided key.
     *
     * @param
     *    key - a DSAPublicKey object or DSAPrivateKey object.
     *
     * @return
     *    object of the same type as the "key" argument
     *
     * @throws InvalidKeyException
     *     if "key" is neither DSAPublicKey nor DSAPrivateKey
     */
protected Key engineTranslateKey(Key key) throws InvalidKeyException {
    if (key != null) {
        if (key instanceof DSAPrivateKey) {
            DSAPrivateKey privateKey = (DSAPrivateKey) key;
            DSAParams params = privateKey.getParams();
            try {
                return engineGeneratePrivate(new DSAPrivateKeySpec(privateKey.getX(), params.getP(), params.getQ(), params.getG()));
            } catch (InvalidKeySpecException e) {
                // Actually this exception shouldn't be thrown
                throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
            }
        }
        if (key instanceof DSAPublicKey) {
            DSAPublicKey publicKey = (DSAPublicKey) key;
            DSAParams params = publicKey.getParams();
            try {
                return engineGeneratePublic(new DSAPublicKeySpec(publicKey.getY(), params.getP(), params.getQ(), params.getG()));
            } catch (InvalidKeySpecException e) {
                // Actually this exception shouldn't be thrown
                throw new InvalidKeyException("ATTENTION: InvalidKeySpecException: " + e);
            }
        }
    }
    throw new InvalidKeyException("'key' is neither DSAPublicKey nor DSAPrivateKey");
}
Also used : DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) DSAParams(java.security.interfaces.DSAParams) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidKeyException(java.security.InvalidKeyException) DSAPublicKey(java.security.interfaces.DSAPublicKey) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)

Aggregations

DSAPrivateKeySpec (java.security.spec.DSAPrivateKeySpec)21 BigInteger (java.math.BigInteger)14 DSAPublicKeySpec (java.security.spec.DSAPublicKeySpec)11 DSAPrivateKey (java.security.interfaces.DSAPrivateKey)10 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)9 PrivateKey (java.security.PrivateKey)7 DSAParams (java.security.interfaces.DSAParams)7 KeyFactory (java.security.KeyFactory)6 DSAPublicKey (java.security.interfaces.DSAPublicKey)6 PublicKey (java.security.PublicKey)5 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)5 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)5 InvalidKeyException (java.security.InvalidKeyException)3 KeyStore (java.security.KeyStore)3 KeyStoreException (java.security.KeyStoreException)3 Certificate (java.security.cert.Certificate)3 X509Certificate (java.security.cert.X509Certificate)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 Signature (java.security.Signature)2 KeySpec (java.security.spec.KeySpec)2