Example 11 with ECParameterSpec
use of java.security.spec.ECParameterSpec in project wycheproof by google.
the class EcUtil method getWeakPublicKey.
/**
* Returns a weak public key of order 3 such that the public key point is on the curve specified
* in ecParams. This method is used to check ECC implementations for missing step in the
* verification of the public key. E.g. implementations of ECDH must verify that the public key
* contains a point on the curve as well as public and secret key are using the same curve.
*
* @param ecParams the parameters of the key to attack. This must be a curve in Weierstrass form
* over a prime order field.
* @return a weak EC group with a genrator of order 3.
*/
public static ECPublicKeySpec getWeakPublicKey(ECParameterSpec ecParams) throws GeneralSecurityException {
EllipticCurve curve = ecParams.getCurve();
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
keyGen.initialize(ecParams);
BigInteger p = getModulus(curve);
BigInteger three = new BigInteger("3");
while (true) {
// Generate a point on the original curve
KeyPair keyPair = keyGen.generateKeyPair();
ECPublicKey pub = (ECPublicKey) keyPair.getPublic();
ECPoint w = pub.getW();
BigInteger x = w.getAffineX();
BigInteger y = w.getAffineY();
// Find the curve parameters a,b such that 3*w = infinity.
// This is the case if the following equations are satisfied:
// 3x == l^2 (mod p)
// l == (3x^2 + a) / 2*y (mod p)
// y^2 == x^3 + ax + b (mod p)
BigInteger l;
try {
l = modSqrt(x.multiply(three), p);
} catch (GeneralSecurityException ex) {
continue;
}
BigInteger xSqr = x.multiply(x).mod(p);
BigInteger a = l.multiply(y.add(y)).subtract(xSqr.multiply(three)).mod(p);
BigInteger b = y.multiply(y).subtract(x.multiply(xSqr.add(a))).mod(p);
EllipticCurve newCurve = new EllipticCurve(curve.getField(), a, b);
// Just a sanity check.
checkPointOnCurve(w, newCurve);
// Cofactor and order are of course wrong.
ECParameterSpec spec = new ECParameterSpec(newCurve, w, p, 1);
return new ECPublicKeySpec(w, spec);
}
}
Also used :
KeyPair(java.security.KeyPair)
ECPublicKey(java.security.interfaces.ECPublicKey)
EllipticCurve(java.security.spec.EllipticCurve)
ECParameterSpec(java.security.spec.ECParameterSpec)
GeneralSecurityException(java.security.GeneralSecurityException)
BigInteger(java.math.BigInteger)
KeyPairGenerator(java.security.KeyPairGenerator)
ECPoint(java.security.spec.ECPoint)
ECPublicKeySpec(java.security.spec.ECPublicKeySpec)
Example 12 with ECParameterSpec
use of java.security.spec.ECParameterSpec in project XobotOS by xamarin.
the class JCEECPublicKey method populateFromPubKeyInfo.
private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) {
// BEGIN android-removed
// if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001))
// {
// DERBitString bits = info.getPublicKeyData();
// ASN1OctetString key;
// this.algorithm = "ECGOST3410";
//
// try
// {
// key = (ASN1OctetString) ASN1Object.fromByteArray(bits.getBytes());
// }
// catch (IOException ex)
// {
// throw new IllegalArgumentException("error recovering public key");
// }
//
// byte[] keyEnc = key.getOctets();
// byte[] x = new byte[32];
// byte[] y = new byte[32];
//
// for (int i = 0; i != x.length; i++)
// {
// x[i] = keyEnc[32 - 1 - i];
// }
//
// for (int i = 0; i != y.length; i++)
// {
// y[i] = keyEnc[64 - 1 - i];
// }
//
// gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters());
//
// ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
//
// ECCurve curve = spec.getCurve();
// EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
//
// this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
//
// ecSpec = new ECNamedCurveSpec(
// ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
// ellipticCurve,
// new ECPoint(
// spec.getG().getX().toBigInteger(),
// spec.getG().getY().toBigInteger()),
// spec.getN(), spec.getH());
//
// }
// else
// END android-removed
{
X962Parameters params = new X962Parameters((DERObject) info.getAlgorithmId().getParameters());
ECCurve curve;
EllipticCurve ellipticCurve;
if (params.isNamedCurve()) {
DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters();
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
curve = ecP.getCurve();
ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH());
} else if (params.isImplicitlyCA()) {
ecSpec = null;
curve = ProviderUtil.getEcImplicitlyCa().getCurve();
} else {
X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters());
curve = ecP.getCurve();
ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
this.ecSpec = new ECParameterSpec(ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH().intValue());
}
DERBitString bits = info.getPublicKeyData();
byte[] data = bits.getBytes();
ASN1OctetString key = new DEROctetString(data);
//
if (data[0] == 0x04 && data[1] == data.length - 2 && (data[2] == 0x02 || data[2] == 0x03)) {
int qLength = new X9IntegerConverter().getByteLength(curve);
if (qLength >= data.length - 3) {
try {
key = (ASN1OctetString) ASN1Object.fromByteArray(data);
} catch (IOException ex) {
throw new IllegalArgumentException("error recovering public key");
}
}
}
X9ECPoint derQ = new X9ECPoint(curve, key);
this.q = derQ.getPoint();
}
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
X9IntegerConverter(org.bouncycastle.asn1.x9.X9IntegerConverter)
DERBitString(org.bouncycastle.asn1.DERBitString)
IOException(java.io.IOException)
X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint)
ECPoint(java.security.spec.ECPoint)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
DERObject(org.bouncycastle.asn1.DERObject)
EllipticCurve(java.security.spec.EllipticCurve)
ECParameterSpec(java.security.spec.ECParameterSpec)
X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint)
ECCurve(org.bouncycastle.math.ec.ECCurve)
ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)
Example 13 with ECParameterSpec
use of java.security.spec.ECParameterSpec in project jdk8u_jdk by JetBrains.
the class PKCS11Test method getKnownCurves.
// Generate a vector of supported elliptic curves of a given provider
static Vector<ECParameterSpec> getKnownCurves(Provider p) throws Exception {
int index;
int begin;
int end;
String curve;
KeyPair kp = null;
Vector<ECParameterSpec> results = new Vector<ECParameterSpec>();
// Get Curves to test from SunEC.
String kcProp = Security.getProvider("SunEC").getProperty("AlgorithmParameters.EC SupportedCurves");
if (kcProp == null) {
throw new RuntimeException("\"AlgorithmParameters.EC SupportedCurves property\" not found");
}
System.out.println("Finding supported curves using list from SunEC\n");
index = 0;
for (; ; ) {
// Each set of curve names is enclosed with brackets.
begin = kcProp.indexOf('[', index);
end = kcProp.indexOf(']', index);
if (begin == -1 || end == -1) {
break;
}
/*
* Each name is separated by a comma.
* Just get the first name in the set.
*/
index = end + 1;
begin++;
end = kcProp.indexOf(',', begin);
if (end == -1) {
// Only one name in the set.
end = index - 1;
}
curve = kcProp.substring(begin, end);
ECParameterSpec e = getECParameterSpec(p, curve);
System.out.print("\t " + curve + ": ");
try {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", p);
kpg.initialize(e);
kp = kpg.generateKeyPair();
results.add(e);
System.out.println("Supported");
} catch (ProviderException ex) {
System.out.println("Unsupported: PKCS11: " + ex.getCause().getMessage());
} catch (InvalidAlgorithmParameterException ex) {
System.out.println("Unsupported: Key Length: " + ex.getMessage());
}
}
if (results.size() == 0) {
throw new RuntimeException("No supported EC curves found");
}
return results;
}
Also used :
ECParameterSpec(java.security.spec.ECParameterSpec)
Example 14 with ECParameterSpec
use of java.security.spec.ECParameterSpec in project oxAuth by GluuFederation.
the class AbstractCryptoProvider method getPublicKey.
public PublicKey getPublicKey(String alias, JSONObject jwks) throws Exception {
java.security.PublicKey publicKey = null;
JSONArray webKeys = jwks.getJSONArray(JSON_WEB_KEY_SET);
for (int i = 0; i < webKeys.length(); i++) {
JSONObject key = webKeys.getJSONObject(i);
if (alias.equals(key.getString(KEY_ID))) {
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.fromString(key.getString(ALGORITHM));
if (signatureAlgorithm != null) {
if (signatureAlgorithm.getFamily().equals(SignatureAlgorithmFamily.RSA)) {
publicKey = new RSAPublicKeyImpl(new BigInteger(1, Base64Util.base64urldecode(key.getString(MODULUS))), new BigInteger(1, Base64Util.base64urldecode(key.getString(EXPONENT))));
} else if (signatureAlgorithm.getFamily().equals(SignatureAlgorithmFamily.EC)) {
AlgorithmParameters parameters = AlgorithmParameters.getInstance(SignatureAlgorithmFamily.EC);
parameters.init(new ECGenParameterSpec(signatureAlgorithm.getCurve().getAlias()));
ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
publicKey = KeyFactory.getInstance(SignatureAlgorithmFamily.EC).generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(1, Base64Util.base64urldecode(key.getString(X))), new BigInteger(1, Base64Util.base64urldecode(key.getString(Y)))), ecParameters));
}
}
}
}
return publicKey;
}
Also used :
RSAPublicKeyImpl(sun.security.rsa.RSAPublicKeyImpl)
JSONArray(org.codehaus.jettison.json.JSONArray)
ECGenParameterSpec(java.security.spec.ECGenParameterSpec)
PublicKey(java.security.PublicKey)
SignatureAlgorithm(org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm)
ECPoint(java.security.spec.ECPoint)
ECPoint(java.security.spec.ECPoint)
ECPublicKeySpec(java.security.spec.ECPublicKeySpec)
JSONObject(org.codehaus.jettison.json.JSONObject)
ECParameterSpec(java.security.spec.ECParameterSpec)
BigInteger(java.math.BigInteger)
AlgorithmParameters(java.security.AlgorithmParameters)
Example 15 with ECParameterSpec
use of java.security.spec.ECParameterSpec in project j2objc by google.
the class ECPublicKeySpecTest method setUp.
protected void setUp() throws Exception {
super.setUp();
ECPoint ecpoint = new ECPoint(BigInteger.valueOf(1), BigInteger.valueOf(1));
EllipticCurve curve = new EllipticCurve(new ECFieldF2m(2), BigInteger.valueOf(1), BigInteger.valueOf(1));
w = new ECPoint(BigInteger.valueOf(1), BigInteger.valueOf(1));
params = new ECParameterSpec(curve, ecpoint, BigInteger.valueOf(1), 1);
ecpks = new ECPublicKeySpec(w, params);
}
Also used :
EllipticCurve(java.security.spec.EllipticCurve)
ECParameterSpec(java.security.spec.ECParameterSpec)
ECFieldF2m(java.security.spec.ECFieldF2m)
ECPoint(java.security.spec.ECPoint)
ECPublicKeySpec(java.security.spec.ECPublicKeySpec)
Aggregations
ECParameterSpec (java.security.spec.ECParameterSpec)29
ECPoint (java.security.spec.ECPoint)20
EllipticCurve (java.security.spec.EllipticCurve)16
ECPublicKeySpec (java.security.spec.ECPublicKeySpec)8
ECPublicKey (java.security.interfaces.ECPublicKey)7
ECFieldF2m (java.security.spec.ECFieldF2m)7
BigInteger (java.math.BigInteger)6
X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)6
X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)6
ECNamedCurveSpec (org.bouncycastle.jce.spec.ECNamedCurveSpec)6
ECPrivateKey (java.security.interfaces.ECPrivateKey)4
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)4
IOException (java.io.IOException)3
KeyPairGenerator (java.security.KeyPairGenerator)3
ECFieldFp (java.security.spec.ECFieldFp)3
ECGenParameterSpec (java.security.spec.ECGenParameterSpec)3
ECPrivateKeySpec (java.security.spec.ECPrivateKeySpec)3
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)3
DERBitString (org.bouncycastle.asn1.DERBitString)3
DERInteger (org.bouncycastle.asn1.DERInteger)3
