use of java.security.spec.ECGenParameterSpec in project wycheproof by google.
the class EciesTest method testKeyGeneration.
/**
* BouncyCastle has a key generation algorithm "ECIES". This test checks that the result are
* ECKeys in both cases.
*/
@Test
public void testKeyGeneration() throws Exception {
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator kf = KeyPairGenerator.getInstance("ECIES");
kf.initialize(ecSpec);
KeyPair keyPair = kf.generateKeyPair();
ECPrivateKey unusedPriv = (ECPrivateKey) keyPair.getPrivate();
ECPublicKey unusedPub = (ECPublicKey) keyPair.getPublic();
}
use of java.security.spec.ECGenParameterSpec in project wycheproof by google.
the class EciesTest method testAlgorithmParameters.
/**
* This test tries to detect ECIES whether AlgorithmParameters are deterministic.
*/
@SuppressWarnings("InsecureCryptoUsage")
public void testAlgorithmParameters(String algorithm) throws Exception {
Cipher eciesA;
Cipher eciesB;
try {
eciesA = Cipher.getInstance(algorithm);
eciesB = Cipher.getInstance(algorithm);
} catch (NoSuchAlgorithmException ex) {
// This test is called with short algorithm names such as just "ECIES".
// Requiring full names is typically a good practice. Hence it is OK
// to not assigning default algorithms.
System.out.println("No implementation for:" + algorithm);
return;
}
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
kf.initialize(ecSpec);
KeyPair keyPair = kf.generateKeyPair();
PublicKey pub = keyPair.getPublic();
byte[] message = new byte[512];
eciesA.init(Cipher.ENCRYPT_MODE, pub);
eciesB.init(Cipher.ENCRYPT_MODE, pub);
AlgorithmParameters paramsA = eciesA.getParameters();
AlgorithmParameters paramsB = eciesB.getParameters();
// byte[] ciphertextA = eciesA.doFinal(message);
byte[] ciphertextB = eciesB.doFinal(message);
PrivateKey priv = keyPair.getPrivate();
eciesB.init(Cipher.DECRYPT_MODE, priv, paramsA);
try {
byte[] decrypted = eciesB.doFinal(ciphertextB);
String messageHex = TestUtil.bytesToHex(message);
String decryptedHex = TestUtil.bytesToHex(decrypted);
if (messageHex.equals(decryptedHex)) {
System.out.println(algorithm + " does (probably) not randomize AlgorithmParameters");
} else {
// This is the most interesting case.
// The algorithm parameters are randomized but are not authenticated.
// This is for example the case for the IV in ECIESWithAES-CBC in BouncyCastle.
// If the caller attaches the randomized parameters to the ciphertext then
// this would result in malleable encryption.
System.out.println(algorithm + " uses randomized (unauthenticated) AlgorithmParameters." + " message:" + messageHex + " decrypted:" + decryptedHex + "\nparamsA:" + paramsA.toString() + " " + TestUtil.bytesToHex(paramsA.getEncoded()) + "\nparamsB:" + paramsB.toString() + " " + TestUtil.bytesToHex(paramsB.getEncoded()));
}
} catch (GeneralSecurityException ex) {
System.out.println(algorithm + " uses randomized AlgorithmParameters");
}
}
use of java.security.spec.ECGenParameterSpec in project jjwt by jwtk.
the class EllipticCurveProvider method generateKeyPair.
/**
* Generates a new secure-random key pair of sufficient strength for the specified Elliptic Curve {@link
* SignatureAlgorithm} (must be one of {@code ES256}, {@code ES384} or {@code ES512}) using the specified {@link
* SecureRandom} random number generator via the specified JCA provider and algorithm name.
*
* @param jcaAlgorithmName the JCA name of the algorithm to use for key pair generation, for example, {@code
* ECDSA}.
* @param jcaProviderName the JCA provider name of the algorithm implementation (for example {@code "BC"} for
* BouncyCastle) or {@code null} if the default provider should be used.
* @param alg alg the algorithm indicating strength, must be one of {@code ES256}, {@code ES384} or
* {@code ES512}
* @param random the SecureRandom generator to use during key generation.
* @return a new secure-randomly generated key pair of sufficient strength for the specified Elliptic Curve {@link
* SignatureAlgorithm} (must be one of {@code ES256}, {@code ES384} or {@code ES512}) using the specified {@link
* SecureRandom} random number generator via the specified JCA provider and algorithm name.
* @see #generateKeyPair()
* @see #generateKeyPair(SignatureAlgorithm)
* @see #generateKeyPair(SignatureAlgorithm, SecureRandom)
*/
public static KeyPair generateKeyPair(String jcaAlgorithmName, String jcaProviderName, SignatureAlgorithm alg, SecureRandom random) {
Assert.notNull(alg, "SignatureAlgorithm argument cannot be null.");
Assert.isTrue(alg.isEllipticCurve(), "SignatureAlgorithm argument must represent an Elliptic Curve algorithm.");
try {
KeyPairGenerator g;
if (Strings.hasText(jcaProviderName)) {
g = KeyPairGenerator.getInstance(jcaAlgorithmName, jcaProviderName);
} else {
g = KeyPairGenerator.getInstance(jcaAlgorithmName);
}
String paramSpecCurveName = EC_CURVE_NAMES.get(alg);
ECGenParameterSpec spec = new ECGenParameterSpec(paramSpecCurveName);
g.initialize(spec, random);
return g.generateKeyPair();
} catch (Exception e) {
throw new IllegalStateException("Unable to generate Elliptic Curve KeyPair: " + e.getMessage(), e);
}
}
use of java.security.spec.ECGenParameterSpec in project j2objc by google.
the class ECGenParameterSpecTest method testGetName.
/**
* Test for <code>getName()</code> method<br>
*
* Assertion: returns the <code>name</code>
*/
public final void testGetName() {
String name = "someName";
ECGenParameterSpec ps = new ECGenParameterSpec(name);
assertEquals(name, ps.getName());
}
use of java.security.spec.ECGenParameterSpec in project zookeeper by apache.
the class X509TestHelpers method generateECKeyPair.
/**
* Generates an elliptic curve key pair using the "secp256r1" aka "prime256v1" aka "NIST P-256" curve.
* @return the key pair.
*/
public static KeyPair generateECKeyPair() throws GeneralSecurityException {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
keyGen.initialize(new ECGenParameterSpec(DEFAULT_ELLIPTIC_CURVE_NAME), PRNG);
return keyGen.generateKeyPair();
}
Aggregations