Search in sources :

Example 56 with EllipticCurve

use of java.security.spec.EllipticCurve in project robovm by robovm.

the class OpenSSLECGroupContext method getECParameterSpec.

public ECParameterSpec getECParameterSpec() {
    final String curveName = NativeCrypto.EC_GROUP_get_curve_name(groupCtx);
    final byte[][] curveParams = NativeCrypto.EC_GROUP_get_curve(groupCtx);
    final BigInteger p = new BigInteger(curveParams[0]);
    final BigInteger a = new BigInteger(curveParams[1]);
    final BigInteger b = new BigInteger(curveParams[2]);
    final ECField field;
    final int type = NativeCrypto.get_EC_GROUP_type(groupCtx);
    if (type == NativeCrypto.EC_CURVE_GFP) {
        field = new ECFieldFp(p);
    } else if (type == NativeCrypto.EC_CURVE_GF2M) {
        field = new ECFieldF2m(p.bitLength() - 1, p);
    } else {
        throw new RuntimeException("unknown curve type " + type);
    }
    final EllipticCurve curve = new EllipticCurve(field, a, b);
    final OpenSSLECPointContext generatorCtx = new OpenSSLECPointContext(this, NativeCrypto.EC_GROUP_get_generator(groupCtx));
    final ECPoint generator = generatorCtx.getECPoint();
    final BigInteger order = new BigInteger(NativeCrypto.EC_GROUP_get_order(groupCtx));
    final BigInteger cofactor = new BigInteger(NativeCrypto.EC_GROUP_get_cofactor(groupCtx));
    return new ECParameterSpec(curve, generator, order, cofactor.intValue(), curveName);
}
Also used : ECField(java.security.spec.ECField) ECFieldFp(java.security.spec.ECFieldFp) EllipticCurve(java.security.spec.EllipticCurve) ECParameterSpec(java.security.spec.ECParameterSpec) BigInteger(java.math.BigInteger) ECFieldF2m(java.security.spec.ECFieldF2m) ECPoint(java.security.spec.ECPoint) ECPoint(java.security.spec.ECPoint)

Example 57 with EllipticCurve

use of java.security.spec.EllipticCurve in project tink by google.

the class EllipticCurvesTest method testPointDecode.

@Test
public void testPointDecode() throws Exception {
    for (TestVector2 test : testVectors2) {
        EllipticCurve curve = EllipticCurves.getCurveSpec(test.curve).getCurve();
        ECPoint p = EllipticCurves.pointDecode(curve, test.format, test.encoded);
        assertEquals(p.getAffineX(), test.x);
        assertEquals(p.getAffineY(), test.y);
    }
}
Also used : EllipticCurve(java.security.spec.EllipticCurve) ECPoint(java.security.spec.ECPoint) Test(org.junit.Test)

Example 58 with EllipticCurve

use of java.security.spec.EllipticCurve in project tink by google.

the class EllipticCurves method computeSharedSecret.

/* Generates the DH shared secret using {@code myPrivateKey} and {@code publicPoint} */
public static byte[] computeSharedSecret(ECPrivateKey myPrivateKey, ECPoint publicPoint) throws GeneralSecurityException {
    checkPointOnCurve(publicPoint, myPrivateKey.getParams().getCurve());
    // Explicitly reconstruct the peer public key using private key's spec.
    ECParameterSpec privSpec = myPrivateKey.getParams();
    EllipticCurve privCurve = privSpec.getCurve();
    ECPublicKeySpec publicKeySpec = new ECPublicKeySpec(publicPoint, privSpec);
    KeyFactory kf = KeyFactory.getInstance("EC");
    PublicKey publicKey = kf.generatePublic(publicKeySpec);
    KeyAgreement ka = EngineFactory.KEY_AGREEMENT.getInstance("ECDH");
    ka.init(myPrivateKey);
    try {
        ka.doPhase(publicKey, true);
        byte[] secret = ka.generateSecret();
        validateSharedSecret(secret, myPrivateKey);
        return secret;
    } catch (IllegalStateException ex) {
        // converting it to a checked one to not crash the JVM. See also b/73760761.
        throw new GeneralSecurityException(ex.toString());
    }
}
Also used : ECParameterSpec(java.security.spec.ECParameterSpec) EllipticCurve(java.security.spec.EllipticCurve) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) GeneralSecurityException(java.security.GeneralSecurityException) KeyAgreement(javax.crypto.KeyAgreement) ECPublicKeySpec(java.security.spec.ECPublicKeySpec) KeyFactory(java.security.KeyFactory)

Example 59 with EllipticCurve

use of java.security.spec.EllipticCurve in project tink by google.

the class EciesAeadHkdfHybridDecrypt method decrypt.

@Override
public byte[] decrypt(final byte[] ciphertext, final byte[] contextInfo) throws GeneralSecurityException {
    EllipticCurve curve = recipientPrivateKey.getParams().getCurve();
    int headerSize = EllipticCurves.encodingSizeInBytes(curve, ecPointFormat);
    if (ciphertext.length < headerSize) {
        throw new GeneralSecurityException("ciphertext too short");
    }
    byte[] kemBytes = Arrays.copyOfRange(ciphertext, 0, headerSize);
    byte[] symmetricKey = recipientKem.generateKey(kemBytes, hkdfHmacAlgo, hkdfSalt, contextInfo, demHelper.getSymmetricKeySizeInBytes(), ecPointFormat);
    Aead aead = demHelper.getAead(symmetricKey);
    return aead.decrypt(Arrays.copyOfRange(ciphertext, headerSize, ciphertext.length), EMPTY_AAD);
}
Also used : EllipticCurve(java.security.spec.EllipticCurve) GeneralSecurityException(java.security.GeneralSecurityException) Aead(com.google.crypto.tink.Aead)

Example 60 with EllipticCurve

use of java.security.spec.EllipticCurve in project xipki by xipki.

the class SoftTokenContentSignerBuilder method createSigner.

public ConcurrentContentSigner createSigner(AlgorithmIdentifier signatureAlgId, int parallelism, SecureRandom random) throws XiSecurityException, NoSuchPaddingException {
    ParamUtil.requireNonNull("signatureAlgId", signatureAlgId);
    ParamUtil.requireMin("parallelism", parallelism, 1);
    List<XiContentSigner> signers = new ArrayList<>(parallelism);
    final String provName = "SunJCE";
    if (Security.getProvider(provName) != null) {
        String algoName;
        try {
            algoName = AlgorithmUtil.getSignatureAlgoName(signatureAlgId);
        } catch (NoSuchAlgorithmException ex) {
            throw new XiSecurityException(ex.getMessage());
        }
        try {
            for (int i = 0; i < parallelism; i++) {
                Signature signature = Signature.getInstance(algoName, provName);
                signature.initSign(key);
                if (i == 0) {
                    signature.update(new byte[] { 1, 2, 3, 4 });
                    signature.sign();
                }
                XiContentSigner signer = new SignatureSigner(signatureAlgId, signature, key);
                signers.add(signer);
            }
        } catch (Exception ex) {
            signers.clear();
        }
    }
    if (CollectionUtil.isEmpty(signers)) {
        BcContentSignerBuilder signerBuilder;
        AsymmetricKeyParameter keyparam;
        try {
            if (key instanceof RSAPrivateKey) {
                keyparam = SignerUtil.generateRSAPrivateKeyParameter((RSAPrivateKey) key);
                signerBuilder = new RSAContentSignerBuilder(signatureAlgId);
            } else if (key instanceof DSAPrivateKey) {
                keyparam = DSAUtil.generatePrivateKeyParameter(key);
                signerBuilder = new DSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId));
            } else if (key instanceof ECPrivateKey) {
                keyparam = ECUtil.generatePrivateKeyParameter(key);
                EllipticCurve curve = ((ECPrivateKey) key).getParams().getCurve();
                if (GMUtil.isSm2primev2Curve(curve)) {
                    signerBuilder = new SM2ContentSignerBuilder();
                } else {
                    signerBuilder = new ECDSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId));
                }
            } else {
                throw new XiSecurityException("unsupported key " + key.getClass().getName());
            }
        } catch (InvalidKeyException ex) {
            throw new XiSecurityException("invalid key", ex);
        } catch (NoSuchAlgorithmException ex) {
            throw new XiSecurityException("no such algorithm", ex);
        }
        for (int i = 0; i < parallelism; i++) {
            if (random != null) {
                signerBuilder.setSecureRandom(random);
            }
            ContentSigner signer;
            try {
                signer = signerBuilder.build(keyparam);
            } catch (OperatorCreationException ex) {
                throw new XiSecurityException("operator creation error", ex);
            }
            signers.add(new XiWrappedContentSigner(signer, true));
        }
    }
    final boolean mac = false;
    ConcurrentContentSigner concurrentSigner;
    try {
        concurrentSigner = new DfltConcurrentContentSigner(mac, signers, key);
    } catch (NoSuchAlgorithmException ex) {
        throw new XiSecurityException(ex.getMessage(), ex);
    }
    if (certificateChain != null) {
        concurrentSigner.setCertificateChain(certificateChain);
    } else {
        concurrentSigner.setPublicKey(publicKey);
    }
    return concurrentSigner;
}
Also used : ArrayList(java.util.ArrayList) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) XiSecurityException(org.xipki.security.exception.XiSecurityException) XiWrappedContentSigner(org.xipki.security.XiWrappedContentSigner) DfltConcurrentContentSigner(org.xipki.security.DfltConcurrentContentSigner) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) XiContentSigner(org.xipki.security.XiContentSigner) BcContentSignerBuilder(org.bouncycastle.operator.bc.BcContentSignerBuilder) ECPrivateKey(java.security.interfaces.ECPrivateKey) DfltConcurrentContentSigner(org.xipki.security.DfltConcurrentContentSigner) ContentSigner(org.bouncycastle.operator.ContentSigner) XiContentSigner(org.xipki.security.XiContentSigner) XiWrappedContentSigner(org.xipki.security.XiWrappedContentSigner) ConcurrentContentSigner(org.xipki.security.ConcurrentContentSigner) InvalidKeyException(java.security.InvalidKeyException) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) XiSecurityException(org.xipki.security.exception.XiSecurityException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchProviderException(java.security.NoSuchProviderException) SignatureSigner(org.xipki.security.SignatureSigner) DfltConcurrentContentSigner(org.xipki.security.DfltConcurrentContentSigner) ConcurrentContentSigner(org.xipki.security.ConcurrentContentSigner) AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter) EllipticCurve(java.security.spec.EllipticCurve) Signature(java.security.Signature) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey)

Aggregations

EllipticCurve (java.security.spec.EllipticCurve)78 BigInteger (java.math.BigInteger)48 ECFieldFp (java.security.spec.ECFieldFp)43 ECPoint (java.security.spec.ECPoint)30 ECFieldF2m (java.security.spec.ECFieldF2m)28 ECParameterSpec (java.security.spec.ECParameterSpec)23 GeneralSecurityException (java.security.GeneralSecurityException)7 ECField (java.security.spec.ECField)7 ECCurve (org.bouncycastle.math.ec.ECCurve)7 X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)6 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)6 ECNamedCurveSpec (org.bouncycastle.jce.spec.ECNamedCurveSpec)6 KeyPair (java.security.KeyPair)5 KeyPairGenerator (java.security.KeyPairGenerator)5 ECPublicKeySpec (java.security.spec.ECPublicKeySpec)5 IOException (java.io.IOException)4 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 ECPublicKey (java.security.interfaces.ECPublicKey)4 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)4 ECPrivateKey (java.security.interfaces.ECPrivateKey)3