Search in sources :

Example 16 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testEciesBasic.

/**
   * Check that key agreement using ECIES works. This example does not specify an IESParametersSpec.
   * BouncyCastle v.1.52 uses the following algorithms: KDF2 with SHA1 for the key derivation
   * AES-CBC with PKCS #5 padding. HMAC-SHA1 with a 20 byte digest. The AES and the HMAC key are
   * both 128 bits.
   */
@SuppressWarnings("InsecureCryptoUsage")
public void testEciesBasic() throws Exception {
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    PrivateKey priv = keyPair.getPrivate();
    PublicKey pub = keyPair.getPublic();
    byte[] message = "Hello".getBytes("UTF-8");
    Cipher ecies = Cipher.getInstance("ECIESwithAES-CBC");
    ecies.init(Cipher.ENCRYPT_MODE, pub);
    byte[] ciphertext = ecies.doFinal(message);
    System.out.println("testEciesBasic:" + TestUtil.bytesToHex(ciphertext));
    ecies.init(Cipher.DECRYPT_MODE, priv, ecies.getParameters());
    byte[] decrypted = ecies.doFinal(ciphertext);
    assertEquals(TestUtil.bytesToHex(message), TestUtil.bytesToHex(decrypted));
}
Also used : KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) ECPrivateKey(java.security.interfaces.ECPrivateKey) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator) Cipher(javax.crypto.Cipher)

Example 17 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testModifyPoint.

@SuppressWarnings("InsecureCryptoUsage")
public void testModifyPoint() throws Exception {
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    PrivateKey priv = keyPair.getPrivate();
    PublicKey pub = keyPair.getPublic();
    byte[] message = "This is a long text since we need 32 bytes.".getBytes("UTF-8");
    Cipher ecies = Cipher.getInstance("ECIESwithAES-CBC");
    ecies.init(Cipher.ENCRYPT_MODE, pub);
    byte[] ciphertext = ecies.doFinal(message);
    ciphertext[2] ^= (byte) 1;
    ecies.init(Cipher.DECRYPT_MODE, priv, ecies.getParameters());
    try {
        ecies.doFinal(ciphertext);
        fail("This should not work");
    } catch (GeneralSecurityException ex) {
    // This is as expected
    // Bouncy Castle 1.56 throws this exception
    } catch (Exception ex) {
        fail("Expected subclass of java.security.GeneralSecurityException, but got: " + ex.getClass().getName());
    }
}
Also used : KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) ECPrivateKey(java.security.interfaces.ECPrivateKey) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator) Cipher(javax.crypto.Cipher) GeneralSecurityException(java.security.GeneralSecurityException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Example 18 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testNotEcb.

/**
   * This test tries to detect ECIES implementations using ECB. This is insecure and also violates
   * the claims of ECIES, since ECIES is secure agains adaptive chosen-ciphertext attacks.
   */
@SuppressWarnings("InsecureCryptoUsage")
public void testNotEcb(String algorithm) throws Exception {
    Cipher ecies;
    try {
        ecies = Cipher.getInstance(algorithm);
    } catch (NoSuchAlgorithmException ex) {
        // This test is called with short algorithm names such as just "ECIES".
        // Requiring full names is typically a good practice. Hence it is OK
        // to not assigning default algorithms.
        System.out.println("No implementation for:" + algorithm);
        return;
    }
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    PublicKey pub = keyPair.getPublic();
    byte[] message = new byte[512];
    ecies.init(Cipher.ENCRYPT_MODE, pub);
    byte[] ciphertext = ecies.doFinal(message);
    String block1 = TestUtil.bytesToHex(Arrays.copyOfRange(ciphertext, 241, 257));
    String block2 = TestUtil.bytesToHex(Arrays.copyOfRange(ciphertext, 257, 273));
    assertTrue("Ciphertext repeats:" + TestUtil.bytesToHex(ciphertext), !block1.equals(block2));
}
Also used : KeyPair(java.security.KeyPair) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) Cipher(javax.crypto.Cipher) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyPairGenerator(java.security.KeyPairGenerator)

Example 19 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testIsAlias.

/**
   * Tests whether algorithmA is an alias of algorithmB by encrypting with algorithmA and decrypting
   * with algorithmB.
   */
@SuppressWarnings("InsecureCryptoUsage")
public void testIsAlias(String algorithmA, String algorithmB) throws Exception {
    Cipher eciesA;
    Cipher eciesB;
    // Allowing tests to be skipped, because we don't want to encourage abbreviations.
    try {
        eciesA = Cipher.getInstance(algorithmA);
    } catch (NoSuchAlgorithmException ex) {
        System.out.println("Skipping because of:" + ex.toString());
        return;
    }
    try {
        eciesB = Cipher.getInstance(algorithmB);
    } catch (NoSuchAlgorithmException ex) {
        System.out.println("Skipping because of:" + ex.toString());
        return;
    }
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    byte[] message = "Hello".getBytes("UTF-8");
    eciesA.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
    byte[] ciphertext = eciesA.doFinal(message);
    eciesB.init(Cipher.DECRYPT_MODE, keyPair.getPrivate(), eciesB.getParameters());
    byte[] decrypted = eciesB.doFinal(ciphertext);
    assertEquals(TestUtil.bytesToHex(message), TestUtil.bytesToHex(decrypted));
}
Also used : KeyPair(java.security.KeyPair) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) Cipher(javax.crypto.Cipher) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyPairGenerator(java.security.KeyPairGenerator)

Example 20 with ECGenParameterSpec

use of java.security.spec.ECGenParameterSpec in project wycheproof by google.

the class EciesTest method testKeyGeneration.

/**
   * BouncyCastle has a key generation algorithm "ECIES". This test checks that the result are
   * ECKeys in both cases.
   */
public void testKeyGeneration() throws Exception {
    ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
    KeyPairGenerator kf = KeyPairGenerator.getInstance("ECIES");
    kf.initialize(ecSpec);
    KeyPair keyPair = kf.generateKeyPair();
    ECPrivateKey priv = (ECPrivateKey) keyPair.getPrivate();
    ECPublicKey pub = (ECPublicKey) keyPair.getPublic();
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) ECPublicKey(java.security.interfaces.ECPublicKey) ECGenParameterSpec(java.security.spec.ECGenParameterSpec) KeyPairGenerator(java.security.KeyPairGenerator)

Aggregations

ECGenParameterSpec (java.security.spec.ECGenParameterSpec)26 KeyPairGenerator (java.security.KeyPairGenerator)10 KeyPair (java.security.KeyPair)9 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)8 BigInteger (java.math.BigInteger)7 ECPublicKey (java.security.interfaces.ECPublicKey)7 PublicKey (java.security.PublicKey)6 ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5 DERBitString (com.android.org.bouncycastle.asn1.DERBitString)5 DERInteger (com.android.org.bouncycastle.asn1.DERInteger)5 ProviderException (java.security.ProviderException)5 ECPrivateKey (java.security.interfaces.ECPrivateKey)5 AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)5 RSAKeyGenParameterSpec (java.security.spec.RSAKeyGenParameterSpec)5 Cipher (javax.crypto.Cipher)5 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 PrivateKey (java.security.PrivateKey)4 AlgorithmParameters (java.security.AlgorithmParameters)3 ECParameterSpec (java.security.spec.ECParameterSpec)3 GeneralSecurityException (java.security.GeneralSecurityException)2