Search in sources :

Example 51 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testKeyGeneration.

/**
 * BouncyCastle has a key generation algorithm "ECIES". This test checks that the result are
 * ECKeys in both cases.
 */
@Test
public void testKeyGeneration() throws Exception {
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("ECIES");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    ECPrivateKey unusedPriv = (ECPrivateKey) keyPair.getPrivate();
    ECPublicKey unusedPub = (ECPublicKey) keyPair.getPublic();
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) ECPublicKey(java.security.interfaces.ECPublicKey) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator) Test(org.junit.Test)

Example 52 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testAlgorithmParameters.

/**
 * This test tries to detect ECIES whether AlgorithmParameters are deterministic.
 */
@SuppressWarnings("InsecureCryptoUsage")
public void testAlgorithmParameters(String algorithm) throws Exception {
    Cipher eciesA;
    Cipher eciesB;
    try {
        eciesA = Cipher.getInstance(algorithm);
        eciesB = Cipher.getInstance(algorithm);
    } catch (NoSuchAlgorithmException ex) {
        // This test is called with short algorithm names such as just "ECIES".
        // Requiring full names is typically a good practice. Hence it is OK
        // to not assigning default algorithms.
        System.out.println("No implementation for:" + algorithm);
        return;
    }
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    PublicKey pub = keyPair.getPublic();
    byte[] message = new byte[512];
    eciesA.init(Cipher.ENCRYPT_MODE, pub);
    eciesB.init(Cipher.ENCRYPT_MODE, pub);
    AlgorithmParameters paramsA = eciesA.getParameters();
    AlgorithmParameters paramsB = eciesB.getParameters();
    // byte[] ciphertextA = eciesA.doFinal(message);
    byte[] ciphertextB = eciesB.doFinal(message);
    PrivateKey priv = keyPair.getPrivate();
    eciesB.init(Cipher.DECRYPT_MODE, priv, paramsA);
    try {
        byte[] decrypted = eciesB.doFinal(ciphertextB);
        String messageHex = TestUtil.bytesToHex(message);
        String decryptedHex = TestUtil.bytesToHex(decrypted);
        if (messageHex.equals(decryptedHex)) {
            System.out.println(algorithm + " does (probably) not randomize AlgorithmParameters");
        } else {
            // This is the most interesting case.
            // The algorithm parameters are randomized but are not authenticated.
            // This is for example the case for the IV in ECIESWithAES-CBC in BouncyCastle.
            // If the caller attaches the randomized parameters to the ciphertext then
            // this would result in malleable encryption.
            System.out.println(algorithm + " uses randomized (unauthenticated) AlgorithmParameters." + " message:" + messageHex + " decrypted:" + decryptedHex + "\nparamsA:" + paramsA.toString() + " " + TestUtil.bytesToHex(paramsA.getEncoded()) + "\nparamsB:" + paramsB.toString() + " " + TestUtil.bytesToHex(paramsB.getEncoded()));
        }
    } catch (GeneralSecurityException ex) {
        System.out.println(algorithm + " uses randomized AlgorithmParameters");
    }
}
Also used : KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) ECPrivateKey(java.security.interfaces.ECPrivateKey) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) Cipher(javax.crypto.Cipher) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyPairGenerator(java.security.KeyPairGenerator) AlgorithmParameters(java.security.AlgorithmParameters)

Example 53 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project jjwt by jwtk.

the class EllipticCurveProvider method generateKeyPair.

/**
 * Generates a new secure-random key pair of sufficient strength for the specified Elliptic Curve {@link
 * SignatureAlgorithm} (must be one of {@code ES256}, {@code ES384} or {@code ES512}) using the specified {@link
 * SecureRandom} random number generator via the specified JCA provider and algorithm name.
 *
 * @param jcaAlgorithmName the JCA name of the algorithm to use for key pair generation, for example, {@code
 *                         ECDSA}.
 * @param jcaProviderName  the JCA provider name of the algorithm implementation (for example {@code "BC"} for
 *                         BouncyCastle) or {@code null} if the default provider should be used.
 * @param alg              alg the algorithm indicating strength, must be one of {@code ES256}, {@code ES384} or
 *                         {@code ES512}
 * @param random           the SecureRandom generator to use during key generation.
 * @return a new secure-randomly generated key pair of sufficient strength for the specified Elliptic Curve {@link
 * SignatureAlgorithm} (must be one of {@code ES256}, {@code ES384} or {@code ES512}) using the specified {@link
 * SecureRandom} random number generator via the specified JCA provider and algorithm name.
 * @see #generateKeyPair()
 * @see #generateKeyPair(SignatureAlgorithm)
 * @see #generateKeyPair(SignatureAlgorithm, SecureRandom)
 */
public static KeyPair generateKeyPair(String jcaAlgorithmName, String jcaProviderName, SignatureAlgorithm alg, SecureRandom random) {
    Assert.notNull(alg, "SignatureAlgorithm argument cannot be null.");
    Assert.isTrue(alg.isEllipticCurve(), "SignatureAlgorithm argument must represent an Elliptic Curve algorithm.");
    try {
        KeyPairGenerator g;
        if (Strings.hasText(jcaProviderName)) {
            g = KeyPairGenerator.getInstance(jcaAlgorithmName, jcaProviderName);
        } else {
            g = KeyPairGenerator.getInstance(jcaAlgorithmName);
        }
        String paramSpecCurveName = EC_CURVE_NAMES.get(alg);
        ECGenParameterSpec spec = new ECGenParameterSpec(paramSpecCurveName);
        g.initialize(spec, random);
        return g.generateKeyPair();
    } catch (Exception e) {
        throw new IllegalStateException("Unable to generate Elliptic Curve KeyPair: " + e.getMessage(), e);
    }
}
Also used : ECGenParameterSpec(java.security.spec.ECGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator) JwtException(io.jsonwebtoken.JwtException)

Example 54 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project j2objc by google.

the class ECGenParameterSpecTest method testGetName.

/**
 * Test for <code>getName()</code> method<br>
 *
 * Assertion: returns the <code>name</code>
 */
public final void testGetName() {
    String name = "someName";
    ECGenParameterSpec ps = new ECGenParameterSpec(name);
    assertEquals(name, ps.getName());
}
Also used : ECGenParameterSpec(java.security.spec.ECGenParameterSpec)

Example 55 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project zookeeper by apache.

the class X509TestHelpers method generateECKeyPair.

/**
 * Generates an elliptic curve key pair using the "secp256r1" aka "prime256v1" aka "NIST P-256" curve.
 * @return the key pair.
 */
public static KeyPair generateECKeyPair() throws GeneralSecurityException {
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
    keyGen.initialize(new ECGenParameterSpec(DEFAULT_ELLIPTIC_CURVE_NAME), PRNG);
    return keyGen.generateKeyPair();
}
Also used : ECGenParameterSpec(java.security.spec.ECGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator)

Aggregations

ECGenParameterSpec (java.security.spec.ECGenParameterSpec)55 KeyPairGenerator (java.security.KeyPairGenerator)27 KeyPair (java.security.KeyPair)21 AlgorithmParameters (java.security.AlgorithmParameters)15 ECPublicKey (java.security.interfaces.ECPublicKey)15 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)12 PublicKey (java.security.PublicKey)12 BigInteger (java.math.BigInteger)11 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)11 ECPrivateKey (java.security.interfaces.ECPrivateKey)9 PrivateKey (java.security.PrivateKey)8 ECParameterSpec (java.security.spec.ECParameterSpec)8 Cipher (javax.crypto.Cipher)8 AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)7 Test (org.junit.Test)7 GeneralSecurityException (java.security.GeneralSecurityException)6 ECPoint (java.security.spec.ECPoint)6 ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5 DERBitString (com.android.org.bouncycastle.asn1.DERBitString)5 DERInteger (com.android.org.bouncycastle.asn1.DERInteger)5