Examples with ECParameterSpec java.security.spec.ECParameterSpec used on opensource projects

Example 6 with ECParameterSpec

use of java.security.spec.ECParameterSpec in project j2objc by google.

the class ECPrivateKeySpecTest method setUp.

protected void setUp() throws Exception {
    super.setUp();
    ECPoint ecpoint = new ECPoint(BigInteger.valueOf(1), BigInteger.valueOf(1));
    EllipticCurve curve = new EllipticCurve(new ECFieldF2m(2), BigInteger.valueOf(1), BigInteger.valueOf(1));
    s = BigInteger.valueOf(1);
    ecparams = new ECParameterSpec(curve, ecpoint, BigInteger.valueOf(1), 1);
    ecpks = new ECPrivateKeySpec(s, ecparams);
}

Example 7 with ECParameterSpec

use of java.security.spec.ECParameterSpec in project j2objc by google.

the class ECParameterSpecTest method setUp.

protected void setUp() throws Exception {
    super.setUp();
    curve = new EllipticCurve(new ECFieldF2m(2), BigInteger.valueOf(1), BigInteger.valueOf(1));
    ecpoint = new ECPoint(BigInteger.valueOf(1), BigInteger.valueOf(1));
    ecps = new ECParameterSpec(curve, ecpoint, BigInteger.valueOf(1), 1);
}

Example 8 with ECParameterSpec

use of java.security.spec.ECParameterSpec in project wycheproof by google.

the class EcdhTest method testWrongOrder.

/**
   * This test modifies the order of group in the public key. A severe bug would be an
   * implementation that leaks information whether the private key is larger than the order given in
   * the public key. Also a severe bug would be to reduce the private key modulo the order given in
   * the public key parameters.
   */
// TODO(bleichen): This can be merged with testModifiedPublic once this is fixed.
@SuppressWarnings("InsecureCryptoUsage")
public void testWrongOrder(String algorithm, ECParameterSpec spec) throws Exception {
    KeyAgreement ka;
    try {
        ka = KeyAgreement.getInstance(algorithm);
    } catch (NoSuchAlgorithmException ex) {
        System.out.println("testWrongOrder: " + algorithm + " not supported");
        return;
    }
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
    ECPrivateKey priv;
    ECPublicKey pub;
    try {
        keyGen.initialize(spec);
        priv = (ECPrivateKey) keyGen.generateKeyPair().getPrivate();
        pub = (ECPublicKey) keyGen.generateKeyPair().getPublic();
    } catch (GeneralSecurityException ex) {
        // This is OK, since not all provider support Brainpool curves
        System.out.println("testWrongOrder: could not generate keys for curve");
        return;
    }
    // Get the shared secret for the unmodified keys.
    ka.init(priv);
    ka.doPhase(pub, true);
    byte[] shared = ka.generateSecret();
    // Generate a modified public key.
    ECParameterSpec modifiedParams = new ECParameterSpec(spec.getCurve(), spec.getGenerator(), spec.getOrder().shiftRight(16), 1);
    ECPublicKeySpec modifiedPubSpec = new ECPublicKeySpec(pub.getW(), modifiedParams);
    KeyFactory kf = KeyFactory.getInstance("EC");
    ECPublicKey modifiedPub;
    try {
        modifiedPub = (ECPublicKey) kf.generatePublic(modifiedPubSpec);
    } catch (GeneralSecurityException ex) {
        // The provider does not support non-standard curves or did a validity check.
        // Both would be correct.
        System.out.println("testWrongOrder: can't modify order.");
        return;
    }
    byte[] shared2;
    try {
        ka.init(priv);
        ka.doPhase(modifiedPub, true);
        shared2 = ka.generateSecret();
    } catch (GeneralSecurityException ex) {
        // This is the expected behavior
        System.out.println("testWrongOrder:" + ex.toString());
        return;
    }
    // TODO(bleichen): Getting here is already a bug and we might flag this later.
    // At the moment we are only interested in really bad behavior of a library, that potentially
    // leaks the secret key. This is the case when the shared secrets are different, since this
    // suggests that the implementation reduces the multiplier modulo the given order of the curve
    // or some other behaviour that is dependent on the private key.
    // An attacker who can check whether a DH computation was done correctly or incorrectly because
    // of modular reduction, can determine the private key, either by a binary search or by trying
    // to guess the private key modulo some small "order".
    // BouncyCastle v.1.53 fails this test, and leaks the private key.
    System.out.println("Generated shared secret with a modified order:" + algorithm + "\n" + "expected:" + TestUtil.bytesToHex(shared) + " computed:" + TestUtil.bytesToHex(shared2));
    assertEquals("Algorithm:" + algorithm, TestUtil.bytesToHex(shared), TestUtil.bytesToHex(shared2));
}

Example 9 with ECParameterSpec

use of java.security.spec.ECParameterSpec in project wycheproof by google.

the class EcdhTest method testDecode.

public void testDecode() throws Exception {
    KeyFactory kf = KeyFactory.getInstance("EC");
    ECPublicKey key1 = (ECPublicKey) kf.generatePublic(EC_VALID_PUBLIC_KEY.getSpec());
    ECPublicKey key2 = (ECPublicKey) kf.generatePublic(EC_VALID_PUBLIC_KEY.getX509EncodedKeySpec());
    ECParameterSpec params1 = key1.getParams();
    ECParameterSpec params2 = key2.getParams();
    assertEquals(params1.getCofactor(), params2.getCofactor());
    assertEquals(params1.getCurve(), params2.getCurve());
    assertEquals(params1.getGenerator(), params2.getGenerator());
    assertEquals(params1.getOrder(), params2.getOrder());
    assertEquals(key1.getW(), key2.getW());
}

Example 10 with ECParameterSpec

use of java.security.spec.ECParameterSpec in project wycheproof by google.

the class EcdsaTest method publicKey1.

public ECPublicKeySpec publicKey1() throws Exception {
    ECParameterSpec params = EcUtil.getNistP256Params();
    ECPoint w = new ECPoint(PubX, PubY);
    return new ECPublicKeySpec(w, params);
}