Search in sources :

Example 56 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project perun by CESNET.

the class urn_perun_user_attribute_def_def_sshPublicKey method getECParameterSpec.

/**
 * Gets the curve parameters for the given key type identifier.
 *
 * @param identifier According to RFC 5656:
 *                   "The string [identifier] is the identifier of the elliptic curve domain parameters."
 * @return An ECParameterSpec suitable for creating a JCE ECPublicKeySpec.
 */
private ECParameterSpec getECParameterSpec(String identifier) {
    try {
        // http://www.bouncycastle.org/wiki/pages/viewpage.action?pageId=362269#SupportedCurves(ECDSAandECGOST)-NIST(aliasesforSECcurves)
        String name = identifier.replace("nist", "sec") + "r1";
        AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC");
        parameters.init(new ECGenParameterSpec(name));
        return parameters.getParameterSpec(ECParameterSpec.class);
    } catch (InvalidParameterSpecException | NoSuchAlgorithmException e) {
        throw new IllegalArgumentException("Unable to parse curve parameters: ", e);
    }
}
Also used : ECGenParameterSpec(java.security.spec.ECGenParameterSpec) InvalidParameterSpecException(java.security.spec.InvalidParameterSpecException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) AlgorithmParameters(java.security.AlgorithmParameters)

Example 57 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project gitblit by gitblit.

the class LdapPublicKeyManagerTest method getKeyPair.

private KeyPair getKeyPair(String type, String comment, KeyPairGenerator generator) {
    String kpkey = type + ":" + comment;
    KeyPair kp = keyPairs.get(kpkey);
    if (kp == null) {
        if ("EC".equals(type)) {
            ECGenParameterSpec ecSpec = new ECGenParameterSpec("P-384");
            try {
                ecGenerator.initialize(ecSpec);
            } catch (InvalidAlgorithmParameterException e) {
                kp = generator.generateKeyPair();
                e.printStackTrace();
            }
            kp = ecGenerator.generateKeyPair();
        } else {
            kp = generator.generateKeyPair();
        }
        keyPairs.put(kpkey, kp);
    }
    return kp;
}
Also used : KeyPair(java.security.KeyPair) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) ECGenParameterSpec(java.security.spec.ECGenParameterSpec)

Example 58 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testNotEcb.

/**
 * This test tries to detect ECIES implementations using ECB. This is insecure and also violates
 * the claims of ECIES, since ECIES is secure agains adaptive chosen-ciphertext attacks.
 */
@SuppressWarnings("InsecureCryptoUsage")
public void testNotEcb(String algorithm) throws Exception {
    Cipher ecies;
    try {
        ecies = Cipher.getInstance(algorithm);
    } catch (NoSuchAlgorithmException ex) {
        // This test is called with short algorithm names such as just "ECIES".
        // Requiring full names is typically a good practice. Hence it is OK
        // to not assigning default algorithms.
        System.out.println("No implementation for:" + algorithm);
        return;
    }
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    PublicKey pub = keyPair.getPublic();
    byte[] message = new byte[512];
    ecies.init(Cipher.ENCRYPT_MODE, pub);
    byte[] ciphertext = ecies.doFinal(message);
    String block1 = TestUtil.bytesToHex(Arrays.copyOfRange(ciphertext, 241, 257));
    String block2 = TestUtil.bytesToHex(Arrays.copyOfRange(ciphertext, 257, 273));
    assertTrue("Ciphertext repeats:" + TestUtil.bytesToHex(ciphertext), !block1.equals(block2));
}
Also used : KeyPair(java.security.KeyPair) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) Cipher(javax.crypto.Cipher) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyPairGenerator(java.security.KeyPairGenerator)

Example 59 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testEciesBasic.

/**
 * Check that key agreement using ECIES works. This example does not specify an IESParametersSpec.
 * BouncyCastle v.1.52 uses the following algorithms: KDF2 with SHA1 for the key derivation
 * AES-CBC with PKCS #5 padding. HMAC-SHA1 with a 20 byte digest. The AES and the HMAC key are
 * both 128 bits.
 */
@SuppressWarnings("InsecureCryptoUsage")
@Test
public void testEciesBasic() throws Exception {
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    PrivateKey priv = keyPair.getPrivate();
    PublicKey pub = keyPair.getPublic();
    byte[] message = "Hello".getBytes("UTF-8");
    Cipher ecies = Cipher.getInstance("ECIESwithAES-CBC");
    ecies.init(Cipher.ENCRYPT_MODE, pub);
    // Gets the parameters used.
    // Getting the parameters here and setting them below for the decryption avoids the use of
    // org.bouncycastle.jce.spec.IESParameterSpec and hence making the code provider dependent.
    // The drawback of this approach is that it can only be used in a test environment.
    AlgorithmParameters params = ecies.getParameters();
    byte[] ciphertext = ecies.doFinal(message);
    System.out.println("testEciesBasic:" + TestUtil.bytesToHex(ciphertext));
    ecies.init(Cipher.DECRYPT_MODE, priv, params);
    byte[] decrypted = ecies.doFinal(ciphertext);
    assertEquals(TestUtil.bytesToHex(message), TestUtil.bytesToHex(decrypted));
}
Also used : KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) ECPrivateKey(java.security.interfaces.ECPrivateKey) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator) Cipher(javax.crypto.Cipher) AlgorithmParameters(java.security.AlgorithmParameters) Test(org.junit.Test)

Example 60 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testModifyPoint.

@SuppressWarnings("InsecureCryptoUsage")
@Test
public void testModifyPoint() throws Exception {
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    PrivateKey priv = keyPair.getPrivate();
    PublicKey pub = keyPair.getPublic();
    byte[] message = "This is a long text since we need 32 bytes.".getBytes("UTF-8");
    Cipher ecies = Cipher.getInstance("ECIESwithAES-CBC");
    ecies.init(Cipher.ENCRYPT_MODE, pub);
    byte[] ciphertext = ecies.doFinal(message);
    ciphertext[2] ^= (byte) 1;
    ecies.init(Cipher.DECRYPT_MODE, priv, ecies.getParameters());
    try {
        ecies.doFinal(ciphertext);
        fail("This should not work");
    } catch (GeneralSecurityException ex) {
    // This is as expected
    } catch (Exception ex) {
        fail("Expected subclass of java.security.GeneralSecurityException, but got: " + ex.getClass().getName());
    }
}
Also used : KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) ECPrivateKey(java.security.interfaces.ECPrivateKey) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator) Cipher(javax.crypto.Cipher) GeneralSecurityException(java.security.GeneralSecurityException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Test(org.junit.Test)

Aggregations

ECGenParameterSpec (java.security.spec.ECGenParameterSpec)66 KeyPairGenerator (java.security.KeyPairGenerator)31 KeyPair (java.security.KeyPair)23 AlgorithmParameters (java.security.AlgorithmParameters)22 PublicKey (java.security.PublicKey)19 BigInteger (java.math.BigInteger)18 ECPublicKey (java.security.interfaces.ECPublicKey)17 ECParameterSpec (java.security.spec.ECParameterSpec)14 ECPoint (java.security.spec.ECPoint)14 Test (org.junit.Test)13 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)12 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)12 ECPublicKeySpec (java.security.spec.ECPublicKeySpec)12 KeySpec (java.security.spec.KeySpec)10 ECPrivateKey (java.security.interfaces.ECPrivateKey)9 PrivateKey (java.security.PrivateKey)8 SecureRandom (java.security.SecureRandom)8 Cipher (javax.crypto.Cipher)8 AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)7 RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)7