use of java.security.spec.ECGenParameterSpec in project wycheproof by google.
the class EciesTest method testEciesBasic.
/**
* Check that key agreement using ECIES works. This example does not specify an IESParametersSpec.
* BouncyCastle v.1.52 uses the following algorithms: KDF2 with SHA1 for the key derivation
* AES-CBC with PKCS #5 padding. HMAC-SHA1 with a 20 byte digest. The AES and the HMAC key are
* both 128 bits.
*/
@SuppressWarnings("InsecureCryptoUsage")
public void testEciesBasic() throws Exception {
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
kf.initialize(ecSpec);
KeyPair keyPair = kf.generateKeyPair();
PrivateKey priv = keyPair.getPrivate();
PublicKey pub = keyPair.getPublic();
byte[] message = "Hello".getBytes("UTF-8");
Cipher ecies = Cipher.getInstance("ECIESwithAES-CBC");
ecies.init(Cipher.ENCRYPT_MODE, pub);
byte[] ciphertext = ecies.doFinal(message);
System.out.println("testEciesBasic:" + TestUtil.bytesToHex(ciphertext));
ecies.init(Cipher.DECRYPT_MODE, priv, ecies.getParameters());
byte[] decrypted = ecies.doFinal(ciphertext);
assertEquals(TestUtil.bytesToHex(message), TestUtil.bytesToHex(decrypted));
}
use of java.security.spec.ECGenParameterSpec in project wycheproof by google.
the class EciesTest method testModifyPoint.
@SuppressWarnings("InsecureCryptoUsage")
public void testModifyPoint() throws Exception {
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
kf.initialize(ecSpec);
KeyPair keyPair = kf.generateKeyPair();
PrivateKey priv = keyPair.getPrivate();
PublicKey pub = keyPair.getPublic();
byte[] message = "This is a long text since we need 32 bytes.".getBytes("UTF-8");
Cipher ecies = Cipher.getInstance("ECIESwithAES-CBC");
ecies.init(Cipher.ENCRYPT_MODE, pub);
byte[] ciphertext = ecies.doFinal(message);
ciphertext[2] ^= (byte) 1;
ecies.init(Cipher.DECRYPT_MODE, priv, ecies.getParameters());
try {
ecies.doFinal(ciphertext);
fail("This should not work");
} catch (GeneralSecurityException ex) {
// This is as expected
// Bouncy Castle 1.56 throws this exception
} catch (Exception ex) {
fail("Expected subclass of java.security.GeneralSecurityException, but got: " + ex.getClass().getName());
}
}
use of java.security.spec.ECGenParameterSpec in project wycheproof by google.
the class EciesTest method testNotEcb.
/**
* This test tries to detect ECIES implementations using ECB. This is insecure and also violates
* the claims of ECIES, since ECIES is secure agains adaptive chosen-ciphertext attacks.
*/
@SuppressWarnings("InsecureCryptoUsage")
public void testNotEcb(String algorithm) throws Exception {
Cipher ecies;
try {
ecies = Cipher.getInstance(algorithm);
} catch (NoSuchAlgorithmException ex) {
// This test is called with short algorithm names such as just "ECIES".
// Requiring full names is typically a good practice. Hence it is OK
// to not assigning default algorithms.
System.out.println("No implementation for:" + algorithm);
return;
}
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
kf.initialize(ecSpec);
KeyPair keyPair = kf.generateKeyPair();
PublicKey pub = keyPair.getPublic();
byte[] message = new byte[512];
ecies.init(Cipher.ENCRYPT_MODE, pub);
byte[] ciphertext = ecies.doFinal(message);
String block1 = TestUtil.bytesToHex(Arrays.copyOfRange(ciphertext, 241, 257));
String block2 = TestUtil.bytesToHex(Arrays.copyOfRange(ciphertext, 257, 273));
assertTrue("Ciphertext repeats:" + TestUtil.bytesToHex(ciphertext), !block1.equals(block2));
}
use of java.security.spec.ECGenParameterSpec in project wycheproof by google.
the class EciesTest method testIsAlias.
/**
* Tests whether algorithmA is an alias of algorithmB by encrypting with algorithmA and decrypting
* with algorithmB.
*/
@SuppressWarnings("InsecureCryptoUsage")
public void testIsAlias(String algorithmA, String algorithmB) throws Exception {
Cipher eciesA;
Cipher eciesB;
// Allowing tests to be skipped, because we don't want to encourage abbreviations.
try {
eciesA = Cipher.getInstance(algorithmA);
} catch (NoSuchAlgorithmException ex) {
System.out.println("Skipping because of:" + ex.toString());
return;
}
try {
eciesB = Cipher.getInstance(algorithmB);
} catch (NoSuchAlgorithmException ex) {
System.out.println("Skipping because of:" + ex.toString());
return;
}
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator kf = KeyPairGenerator.getInstance("EC");
kf.initialize(ecSpec);
KeyPair keyPair = kf.generateKeyPair();
byte[] message = "Hello".getBytes("UTF-8");
eciesA.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
byte[] ciphertext = eciesA.doFinal(message);
eciesB.init(Cipher.DECRYPT_MODE, keyPair.getPrivate(), eciesB.getParameters());
byte[] decrypted = eciesB.doFinal(ciphertext);
assertEquals(TestUtil.bytesToHex(message), TestUtil.bytesToHex(decrypted));
}
use of java.security.spec.ECGenParameterSpec in project wycheproof by google.
the class EciesTest method testKeyGeneration.
/**
* BouncyCastle has a key generation algorithm "ECIES". This test checks that the result are
* ECKeys in both cases.
*/
public void testKeyGeneration() throws Exception {
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator kf = KeyPairGenerator.getInstance("ECIES");
kf.initialize(ecSpec);
KeyPair keyPair = kf.generateKeyPair();
ECPrivateKey priv = (ECPrivateKey) keyPair.getPrivate();
ECPublicKey pub = (ECPublicKey) keyPair.getPublic();
}
Aggregations