use of java.security.spec.EllipticCurve in project robovm by robovm.
the class OpenSSLECGroupContext method getECParameterSpec.
public ECParameterSpec getECParameterSpec() {
final String curveName = NativeCrypto.EC_GROUP_get_curve_name(groupCtx);
final byte[][] curveParams = NativeCrypto.EC_GROUP_get_curve(groupCtx);
final BigInteger p = new BigInteger(curveParams[0]);
final BigInteger a = new BigInteger(curveParams[1]);
final BigInteger b = new BigInteger(curveParams[2]);
final ECField field;
final int type = NativeCrypto.get_EC_GROUP_type(groupCtx);
if (type == NativeCrypto.EC_CURVE_GFP) {
field = new ECFieldFp(p);
} else if (type == NativeCrypto.EC_CURVE_GF2M) {
field = new ECFieldF2m(p.bitLength() - 1, p);
} else {
throw new RuntimeException("unknown curve type " + type);
}
final EllipticCurve curve = new EllipticCurve(field, a, b);
final OpenSSLECPointContext generatorCtx = new OpenSSLECPointContext(this, NativeCrypto.EC_GROUP_get_generator(groupCtx));
final ECPoint generator = generatorCtx.getECPoint();
final BigInteger order = new BigInteger(NativeCrypto.EC_GROUP_get_order(groupCtx));
final BigInteger cofactor = new BigInteger(NativeCrypto.EC_GROUP_get_cofactor(groupCtx));
return new ECParameterSpec(curve, generator, order, cofactor.intValue(), curveName);
}
use of java.security.spec.EllipticCurve in project tink by google.
the class EllipticCurvesTest method testPointDecode.
@Test
public void testPointDecode() throws Exception {
for (TestVector2 test : testVectors2) {
EllipticCurve curve = EllipticCurves.getCurveSpec(test.curve).getCurve();
ECPoint p = EllipticCurves.pointDecode(curve, test.format, test.encoded);
assertEquals(p.getAffineX(), test.x);
assertEquals(p.getAffineY(), test.y);
}
}
use of java.security.spec.EllipticCurve in project tink by google.
the class EllipticCurves method computeSharedSecret.
/* Generates the DH shared secret using {@code myPrivateKey} and {@code publicPoint} */
public static byte[] computeSharedSecret(ECPrivateKey myPrivateKey, ECPoint publicPoint) throws GeneralSecurityException {
checkPointOnCurve(publicPoint, myPrivateKey.getParams().getCurve());
// Explicitly reconstruct the peer public key using private key's spec.
ECParameterSpec privSpec = myPrivateKey.getParams();
EllipticCurve privCurve = privSpec.getCurve();
ECPublicKeySpec publicKeySpec = new ECPublicKeySpec(publicPoint, privSpec);
KeyFactory kf = KeyFactory.getInstance("EC");
PublicKey publicKey = kf.generatePublic(publicKeySpec);
KeyAgreement ka = EngineFactory.KEY_AGREEMENT.getInstance("ECDH");
ka.init(myPrivateKey);
try {
ka.doPhase(publicKey, true);
byte[] secret = ka.generateSecret();
validateSharedSecret(secret, myPrivateKey);
return secret;
} catch (IllegalStateException ex) {
// converting it to a checked one to not crash the JVM. See also b/73760761.
throw new GeneralSecurityException(ex.toString());
}
}
use of java.security.spec.EllipticCurve in project tink by google.
the class EciesAeadHkdfHybridDecrypt method decrypt.
@Override
public byte[] decrypt(final byte[] ciphertext, final byte[] contextInfo) throws GeneralSecurityException {
EllipticCurve curve = recipientPrivateKey.getParams().getCurve();
int headerSize = EllipticCurves.encodingSizeInBytes(curve, ecPointFormat);
if (ciphertext.length < headerSize) {
throw new GeneralSecurityException("ciphertext too short");
}
byte[] kemBytes = Arrays.copyOfRange(ciphertext, 0, headerSize);
byte[] symmetricKey = recipientKem.generateKey(kemBytes, hkdfHmacAlgo, hkdfSalt, contextInfo, demHelper.getSymmetricKeySizeInBytes(), ecPointFormat);
Aead aead = demHelper.getAead(symmetricKey);
return aead.decrypt(Arrays.copyOfRange(ciphertext, headerSize, ciphertext.length), EMPTY_AAD);
}
use of java.security.spec.EllipticCurve in project xipki by xipki.
the class SoftTokenContentSignerBuilder method createSigner.
public ConcurrentContentSigner createSigner(AlgorithmIdentifier signatureAlgId, int parallelism, SecureRandom random) throws XiSecurityException, NoSuchPaddingException {
ParamUtil.requireNonNull("signatureAlgId", signatureAlgId);
ParamUtil.requireMin("parallelism", parallelism, 1);
List<XiContentSigner> signers = new ArrayList<>(parallelism);
final String provName = "SunJCE";
if (Security.getProvider(provName) != null) {
String algoName;
try {
algoName = AlgorithmUtil.getSignatureAlgoName(signatureAlgId);
} catch (NoSuchAlgorithmException ex) {
throw new XiSecurityException(ex.getMessage());
}
try {
for (int i = 0; i < parallelism; i++) {
Signature signature = Signature.getInstance(algoName, provName);
signature.initSign(key);
if (i == 0) {
signature.update(new byte[] { 1, 2, 3, 4 });
signature.sign();
}
XiContentSigner signer = new SignatureSigner(signatureAlgId, signature, key);
signers.add(signer);
}
} catch (Exception ex) {
signers.clear();
}
}
if (CollectionUtil.isEmpty(signers)) {
BcContentSignerBuilder signerBuilder;
AsymmetricKeyParameter keyparam;
try {
if (key instanceof RSAPrivateKey) {
keyparam = SignerUtil.generateRSAPrivateKeyParameter((RSAPrivateKey) key);
signerBuilder = new RSAContentSignerBuilder(signatureAlgId);
} else if (key instanceof DSAPrivateKey) {
keyparam = DSAUtil.generatePrivateKeyParameter(key);
signerBuilder = new DSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId));
} else if (key instanceof ECPrivateKey) {
keyparam = ECUtil.generatePrivateKeyParameter(key);
EllipticCurve curve = ((ECPrivateKey) key).getParams().getCurve();
if (GMUtil.isSm2primev2Curve(curve)) {
signerBuilder = new SM2ContentSignerBuilder();
} else {
signerBuilder = new ECDSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId));
}
} else {
throw new XiSecurityException("unsupported key " + key.getClass().getName());
}
} catch (InvalidKeyException ex) {
throw new XiSecurityException("invalid key", ex);
} catch (NoSuchAlgorithmException ex) {
throw new XiSecurityException("no such algorithm", ex);
}
for (int i = 0; i < parallelism; i++) {
if (random != null) {
signerBuilder.setSecureRandom(random);
}
ContentSigner signer;
try {
signer = signerBuilder.build(keyparam);
} catch (OperatorCreationException ex) {
throw new XiSecurityException("operator creation error", ex);
}
signers.add(new XiWrappedContentSigner(signer, true));
}
}
final boolean mac = false;
ConcurrentContentSigner concurrentSigner;
try {
concurrentSigner = new DfltConcurrentContentSigner(mac, signers, key);
} catch (NoSuchAlgorithmException ex) {
throw new XiSecurityException(ex.getMessage(), ex);
}
if (certificateChain != null) {
concurrentSigner.setCertificateChain(certificateChain);
} else {
concurrentSigner.setPublicKey(publicKey);
}
return concurrentSigner;
}
Aggregations