protected X9ECParameters createParameters() { int m = 571; int k1 = 2; int k2 = 5; int k3 = 10; BigInteger a = BigInteger.valueOf(1); BigInteger b = fromHex( "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A"); byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310"); BigInteger n = fromHex( "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47"); BigInteger h = BigInteger.valueOf(2); ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); // ECPoint G = curve.decodePoint(Hex.decode("03" // + // "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19" + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B")); return new X9ECParameters(curve, G, n, h, S); }
private void testNullCFB() throws InvalidCipherTextException { BufferedBlockCipher b = new BufferedBlockCipher(new CFBBlockCipher(new AESEngine(), 128)); KeyParameter kp = new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")); b.init(true, new ParametersWithIV(kp, new byte[16])); byte[] out = new byte[b.getOutputSize(tData.length)]; int len = b.processBytes(tData, 0, tData.length, out, 0); len += b.doFinal(out, len); if (!areEqual(outCFB1, out)) { fail("no match on first nullCFB check"); } b.init(true, new ParametersWithIV(null, Hex.decode("000102030405060708090a0b0c0d0e0f"))); len = b.processBytes(tData, 0, tData.length, out, 0); len += b.doFinal(out, len); if (!areEqual(outCFB2, out)) { fail("no match on second nullCFB check"); } }
protected X9ECParameters createParameters() { int m = 409; int k = 87; BigInteger a = BigInteger.valueOf(1); BigInteger b = fromHex( "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F"); byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B"); BigInteger n = fromHex( "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173"); BigInteger h = BigInteger.valueOf(2); ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); // ECPoint G = curve.decodePoint(Hex.decode("03" // + // "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7" + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706")); return new X9ECParameters(curve, G, n, h, S); }
protected X9ECParameters createParameters() { int m = 283; int k1 = 5; int k2 = 7; int k3 = 12; BigInteger a = BigInteger.valueOf(1); BigInteger b = fromHex("027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5"); byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE"); BigInteger n = fromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307"); BigInteger h = BigInteger.valueOf(2); ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); // ECPoint G = curve.decodePoint(Hex.decode("03" // + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053" + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4")); return new X9ECParameters(curve, G, n, h, S); }
protected X9ECParameters createParameters() { // p = 2^521 - 1 BigInteger p = fromHex( "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"); BigInteger a = fromHex( "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC"); BigInteger b = fromHex( "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"); byte[] S = Hex.decode("D09E8800291CB85396CC6717393284AAA0DA64BA"); BigInteger n = fromHex( "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"); BigInteger h = BigInteger.valueOf(1); ECCurve curve = new ECCurve.Fp(p, a, b); // ECPoint G = curve.decodePoint(Hex.decode("02" // + // "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66" + "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650")); return new X9ECParameters(curve, G, n, h, S); }
protected X9ECParameters createParameters() { // p = 2^384 - 2^128 - 2^96 + 2^32 - 1 BigInteger p = fromHex( "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"); BigInteger a = fromHex( "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC"); BigInteger b = fromHex( "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"); byte[] S = Hex.decode("A335926AA319A27A1D00896A6773A4827ACDAC73"); BigInteger n = fromHex( "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"); BigInteger h = BigInteger.valueOf(1); ECCurve curve = new ECCurve.Fp(p, a, b); // ECPoint G = curve.decodePoint(Hex.decode("03" // + // "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7" + "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")); return new X9ECParameters(curve, G, n, h, S); }
protected X9ECParameters createParameters() { // p = 2^224 (2^32 - 1) + 2^192 + 2^96 - 1 BigInteger p = fromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"); BigInteger a = fromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"); BigInteger b = fromHex("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"); byte[] S = Hex.decode("C49D360886E704936A6678E1139D26B7819F7E90"); BigInteger n = fromHex("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"); BigInteger h = BigInteger.valueOf(1); ECCurve curve = new ECCurve.Fp(p, a, b); // ECPoint G = curve.decodePoint(Hex.decode("03" // + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296" + "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")); return new X9ECParameters(curve, G, n, h, S); }
private void ctrCounterTest() { CipherParameters params = new ParametersWithIV( new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")), Hex.decode("000000000000000000000000000000")); SICBlockCipher engine = new SICBlockCipher(new AESEngine()); engine.init(true, params); SecureRandom rand = new SecureRandom(); byte[] cipher = new byte[256 * 16]; byte[] plain = new byte[255 * 16]; rand.nextBytes(plain); engine.processBytes(plain, 0, plain.length, cipher, 0); engine.init(true, params); byte[] fragment = new byte[20]; plain = new byte[256 * 16]; engine.init(true, params); try { engine.processBytes(plain, 0, plain.length, cipher, 0); fail("out of range data not caught"); } catch (IllegalStateException e) { if (!"Counter in CTR/SIC mode out of range.".equals(e.getMessage())) { fail("wrong exception"); } } }
/** from: http://www.ietf.org/rfc/rfc3211.txt */ @Test public void pbkdf2ConformanceTest1() throws Exception { byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); byte[] password = PasswordToByteConverter.convert("password", PKCS5); byte[] key = Hex.decode("D1 DA A7 86 15 F2 87 E6"); assertThat( getKDFInstance(new PBKDF2Parameters(8, 5, salt)).derive(password).getKey(), equalTo(key)); }
private void testNONEwithECDSA239bitPrime() throws Exception { ECCurve curve = new ECCurve.Fp( new BigInteger( "883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger( "6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECParameterSpec spec = new ECParameterSpec( curve, curve.decodePoint( Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger( "883423532389192164791648750360308884807550341691627752275345424702807307")); // n ECPrivateKeySpec priKey = new ECPrivateKeySpec( new BigInteger( "876300101507107567501066130761671078357010671067781776716671676178726717"), // d spec); ECPublicKeySpec pubKey = new ECPublicKeySpec( curve.decodePoint( Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q spec); Signature sgr = Signature.getInstance("NONEwithECDSA", "BC"); KeyFactory f = KeyFactory.getInstance("ECDSA", "BC"); PrivateKey sKey = f.generatePrivate(priKey); PublicKey vKey = f.generatePublic(pubKey); SecureRandom k = new SecureRandom(); byte[] message = "abc".getBytes(); byte[] sig = Hex.decode( "3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e64cb19604be06c57e761b3de5518f71de0f6e0cd2df677cec8a6ffcb690d"); checkMessage(sgr, sKey, vKey, message, sig); message = "abcdefghijklmnopqrstuvwxyz".getBytes(); sig = Hex.decode( "3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e43fd65b3363d76aabef8630572257dbb67c82818ad9fad31256539b1b02c"); checkMessage(sgr, sKey, vKey, message, sig); message = "a very very long message gauranteed to cause an overflow".getBytes(); sig = Hex.decode( "3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e7d5be84b22937a1691859a3c6fe45ed30b108574431d01b34025825ec17a"); checkMessage(sgr, sKey, vKey, message, sig); }
/** from: http://pythonhosted.org/passlib/lib/passlib.hash.atlassian_pbkdf2_sha1.html */ @Test public void pbkdf2ConfluenceTest() throws Exception { byte[] salt = Hex.decode("0d0217254d37f2ee0fec576cb854d8ff"); byte[] password = PasswordToByteConverter.convert("password"); byte[] key = Hex.decode("edf96e6e3591f8d96b9ed4addc47a7632edea176bb2fa8a03fa3179b75b5bf09"); assertThat( getKDFInstance(new PBKDF2Parameters(32, 10000, salt)).derive(password).getKey(), equalTo(key)); }
private void runVector(StreamCipher hc, String fileName, PeekableLineReader r, String vectorName) throws IOException { // System.out.println(fileName + " => " + vectorName); String hexKey = readBlock(r); String hexIV = readBlock(r); CipherParameters cp = new KeyParameter(Hex.decode(hexKey)); cp = new ParametersWithIV(cp, Hex.decode(hexIV)); hc.init(true, cp); byte[] input = new byte[64]; byte[] output = new byte[64]; byte[] digest = new byte[64]; int pos = 0; for (; ; ) { String line1 = r.peekLine().trim(); int equalsPos = line1.indexOf('='); String lead = line1.substring(0, equalsPos - 1); String hexData = readBlock(r); byte[] data = Hex.decode(hexData); if (lead.equals("xor-digest")) { if (!Arrays.areEqual(data, digest)) { fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead); // System.out.println(fileName + " => " + vectorName + " failed at " + // lead); return; } break; } int posA = lead.indexOf('['); int posB = lead.indexOf(".."); int posC = lead.indexOf(']'); int start = Integer.parseInt(lead.substring(posA + 1, posB)); int end = Integer.parseInt(lead.substring(posB + 2, posC)); if (start % 64 != 0 || (end - start != 63)) { throw new IllegalStateException(vectorName + ": " + lead + " not on 64 byte boundaries"); } while (pos < end) { hc.processBytes(input, 0, input.length, output, 0); xor(digest, output); pos += 64; } if (!Arrays.areEqual(data, output)) { fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead); // System.out.println(fileName + " => " + vectorName + " failed at " + lead); // return; } } }
public void performTest() throws Exception { for (int i = 0; i != cipherTests.length; i += 8) { testECB( Integer.parseInt(cipherTests[i]), Hex.decode(cipherTests[i + 1]), Hex.decode(cipherTests[i + 2]), Hex.decode(cipherTests[i + 3])); testCFB( Integer.parseInt(cipherTests[i + 4]), Hex.decode(cipherTests[i + 4 + 1]), Hex.decode(cipherTests[i + 4 + 2]), Hex.decode(cipherTests[i + 4 + 3])); oidTest(); } Mac mac = Mac.getInstance("GOST28147MAC", "BC"); mac.init( new SecretKeySpec( Hex.decode("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"), "GOST28147")); if (!Arrays.areEqual( Hex.decode("1b69996e"), mac.doFinal(Hex.decode("4e6f77206973207468652074696d6520666f7220616c6c20")))) { fail("mac test falied."); } }
public static void bcHMacMD5() { HMac hmac = new HMac(new MD5Digest()); hmac.init(new KeyParameter(org.bouncycastle.util.encoders.Hex.decode("aaaaaaaaaa"))); hmac.update(src.getBytes(), 0, src.getBytes().length); byte[] hmacMD5Bytes = new byte[hmac.getMacSize()]; hmac.doFinal(hmacMD5Bytes, 0); System.out.println( "bc hmacMD5:" + org.bouncycastle.util.encoders.Hex.toHexString(hmacMD5Bytes)); }
/** from: http://www.ietf.org/rfc/rfc3211.txt */ @Test public void pbkdf2ConformanceTest2() throws Exception { byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); byte[] password = PasswordToByteConverter.convert( "All n-entities must communicate with other n-entities via n-1 entiteeheehees", PKCS5); byte[] key = Hex.decode("6A 89 70 BF 68 C9 2C AE A8 4A 8D F2 85 10 85 86"); assertThat( getKDFInstance(new PBKDF2Parameters(16, 500, salt)).derive(password).getKey(), equalTo(key)); }
@Test public void pbkdf2WithIVTest() throws Exception { byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); byte[] password = PasswordToByteConverter.convert("password"); byte[] key = Hex.decode("d1daa78615f287e6a1c8b120d7062a493f98d203e6be49a6adf4fa574b6e64ee"); byte[] iv = Hex.decode("df377ef2e8ad463fb711f1b4ff27139a"); KeyWithIVParameters params = getKDFInstance(new PBKDF2Parameters(32, 5, salt)).derive(password, 16); assertThat(params.getKey(), equalTo(key)); assertThat(params.getIV(), equalTo(iv)); }
/** DHKEK Generator tests - from RFC 2631. */ public class DHKEKGeneratorTest extends SimpleTest { private byte[] seed1 = Hex.decode("000102030405060708090a0b0c0d0e0f10111213"); private DERObjectIdentifier alg1 = PKCSObjectIdentifiers.id_alg_CMS3DESwrap; private byte[] result1 = Hex.decode("a09661392376f7044d9052a397883246b67f5f1ef63eb5fb"); private byte[] seed2 = Hex.decode("000102030405060708090a0b0c0d0e0f10111213"); private DERObjectIdentifier alg2 = PKCSObjectIdentifiers.id_alg_CMSRC2wrap; private byte[] partyAInfo = Hex.decode( "0123456789abcdeffedcba9876543201" + "0123456789abcdeffedcba9876543201" + "0123456789abcdeffedcba9876543201" + "0123456789abcdeffedcba9876543201"); private byte[] result2 = Hex.decode("48950c46e0530075403cce72889604e0"); public DHKEKGeneratorTest() {} public void performTest() { checkMask( 1, new DHKEKGenerator(new SHA1Digest()), new DHKDFParameters(alg1, 192, seed1), result1); checkMask( 2, new DHKEKGenerator(new SHA1Digest()), new DHKDFParameters(alg2, 128, seed2, partyAInfo), result2); } private void checkMask( int count, DerivationFunction kdf, DerivationParameters params, byte[] result) { byte[] data = new byte[result.length]; kdf.init(params); kdf.generateBytes(data, 0, data.length); if (!areEqual(result, data)) { fail("DHKEKGenerator failed generator test " + count); } } public String getName() { return "DHKEKGenerator"; } public static void main(String[] args) { runTest(new DHKEKGeneratorTest()); } }
/** * Creates a test signature and verifies it. * * @param privateKey Private key to sign with * @param publicKey Public key to verify with * @param signatureProvider Name of provider to sign with * @throws NoSuchAlgorithmException In case the key or signature algorithm is unknown * @throws NoSuchProviderException In case the supplied provider name is unknown or BC is not * installed * @throws InvalidKeyException If signature verification failed or the key was invalid * @throws SignatureException If the signature could not be made or verified correctly */ public static void testSignAndVerify( PrivateKey privateKey, PublicKey publicKey, String signatureProvider) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException { final byte input[] = "Lillan gick pa vagen ut, motte dar en katt...".getBytes(); final String sigAlg = suggestSigAlg(publicKey); if (sigAlg == null) { throw new NoSuchAlgorithmException("Unknown key algorithm: " + publicKey.getAlgorithm()); } if (LOG.isDebugEnabled()) { LOG.debug("Testing keys with algorithm: " + publicKey.getAlgorithm()); LOG.debug("testSigAlg: " + sigAlg); LOG.debug("provider: " + signatureProvider); LOG.trace("privateKey: " + privateKey); LOG.trace("privateKey class: " + privateKey.getClass().getName()); LOG.trace("publicKey: " + publicKey); LOG.trace("publicKey class: " + publicKey.getClass().getName()); } final Signature signSignature = Signature.getInstance(sigAlg, signatureProvider); signSignature.initSign(privateKey); signSignature.update(input); byte[] signBA = signSignature.sign(); if (LOG.isTraceEnabled()) { LOG.trace("Created signature of size: " + signBA.length); LOG.trace("Created signature: " + new String(Hex.encode(signBA))); } final Signature verifySignature = Signature.getInstance(sigAlg, "BC"); verifySignature.initVerify(publicKey); verifySignature.update(input); if (!verifySignature.verify(signBA)) { throw new InvalidKeyException("Test signature inconsistent"); } }
public static String getPkcs11SignerConfWithoutAlgo( final String pkcs11ModuleName, final P11SlotIdentifier slotId, final P11KeyIdentifier keyId, final int parallelism) { ParamChecker.assertNotNull("keyId", keyId); CmpUtf8Pairs conf = new CmpUtf8Pairs(); conf.putUtf8Pair("parallelism", Integer.toString(parallelism)); if (pkcs11ModuleName != null && pkcs11ModuleName.length() > 0) { conf.putUtf8Pair("module", pkcs11ModuleName); } if (slotId.getSlotId() != null) { conf.putUtf8Pair("slot-id", slotId.getSlotId().toString()); } else { conf.putUtf8Pair("slot", slotId.getSlotIndex().toString()); } if (keyId.getKeyId() != null) { conf.putUtf8Pair("key-id", Hex.toHexString(keyId.getKeyId())); } if (keyId.getKeyLabel() != null) { conf.putUtf8Pair("key-label", keyId.getKeyLabel()); } return conf.getEncoded(); }
@Test public void testImportBadEncodedUserId() throws Exception { UncachedKeyRing key = readRingFromResource("/test-keys/bad_user_id_encoding.asc"); long keyId = key.getMasterKeyId(); SaveKeyringResult result; result = mProviderHelper.savePublicKeyRing(key, new ProgressScaler(), null); Assert.assertTrue("import of keyring should succeed", result.success()); CanonicalizedPublicKeyRing ring = mProviderHelper.getCanonicalizedPublicKeyRing(keyId); boolean found = false; byte[] badUserId = Hex.decode( "436c61757320467261656e6b656c203c436c6175732e4672e46e6b656c4068616c696661782e727774682d61616368656e2e64653e"); for (byte[] rawUserId : new IterableIterator<byte[]>(ring.getUnorderedRawUserIds().iterator())) { if (Arrays.equals(rawUserId, badUserId)) { found = true; } } Assert.assertTrue("import of the badly encoded user id should succeed", found); }
private static byte[] decrypt(byte[] decoded, String dekInfo, char[] passwd) throws IOException, GeneralSecurityException { if (passwd == null) { throw new IOException("Password is null, but a password is required"); } StringTokenizer tknz = new StringTokenizer(dekInfo, ","); String algorithm = tknz.nextToken(); byte[] iv = Hex.decode(tknz.nextToken()); if (!CipherModule.isSupportedCipher(algorithm)) { throw new IOException("Unknown algorithm: " + algorithm); } String[] cipher = org.jruby.ext.openssl.Cipher.Algorithm.osslToJsse(algorithm); String realName = cipher[3]; int[] lengths = org.jruby.ext.openssl.Cipher.Algorithm.osslKeyIvLength(algorithm); int keyLen = lengths[0]; int ivLen = lengths[1]; if (iv.length != ivLen) { throw new IOException("Illegal IV length"); } byte[] salt = new byte[8]; System.arraycopy(iv, 0, salt, 0, 8); OpenSSLPBEParametersGenerator pGen = new OpenSSLPBEParametersGenerator(); pGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(passwd), salt); KeyParameter param = (KeyParameter) pGen.generateDerivedParameters(keyLen * 8); SecretKey secretKey = new javax.crypto.spec.SecretKeySpec(param.getKey(), realName); Cipher c = Cipher.getInstance(realName); c.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv)); return c.doFinal(decoded); }
@Test public void testPromoteDivert() throws Exception { PromoteKeyOperation op = new PromoteKeyOperation( RuntimeEnvironment.application, new ProviderHelper(RuntimeEnvironment.application), null, null); byte[] aid = Hex.decode("D2760001240102000000012345670000"); PromoteKeyResult result = op.execute(new PromoteKeyringParcel(mStaticRing.getMasterKeyId(), aid, null), null); Assert.assertTrue("promotion must succeed", result.success()); { CanonicalizedSecretKeyRing ring = new ProviderHelper(RuntimeEnvironment.application) .getCanonicalizedSecretKeyRing(mStaticRing.getMasterKeyId()); for (CanonicalizedSecretKey key : ring.secretKeyIterator()) { Assert.assertEquals( "all subkeys must be divert-to-card", SecretKeyType.DIVERT_TO_CARD, key.getSecretKeyTypeSuperExpensive()); Assert.assertArrayEquals("all subkeys must have correct iv", aid, key.getIv()); } } }
protected X9ECParameters createParameters() { int m = 283; int k1 = 5; int k2 = 7; int k3 = 12; BigInteger a = ECConstants.ZERO; BigInteger b = BigInteger.valueOf(1); byte[] S = null; BigInteger n = fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61"); BigInteger h = BigInteger.valueOf(4); ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); // ECPoint G = curve.decodePoint(Hex.decode("02" // + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836" + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259")); return new X9ECParameters(curve, G, n, h, S); }
protected X9ECParameters createParameters() { int m = 409; int k = 87; BigInteger a = ECConstants.ZERO; BigInteger b = BigInteger.valueOf(1); byte[] S = null; BigInteger n = fromHex( "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF"); BigInteger h = BigInteger.valueOf(4); ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h); // ECPoint G = curve.decodePoint(Hex.decode("03" // + // "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746" + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B")); return new X9ECParameters(curve, G, n, h, S); }
protected X9ECParameters createParameters() { int m = 571; int k1 = 2; int k2 = 5; int k3 = 10; BigInteger a = ECConstants.ZERO; BigInteger b = BigInteger.valueOf(1); byte[] S = null; BigInteger n = fromHex( "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001"); BigInteger h = BigInteger.valueOf(4); ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h); // ECPoint G = curve.decodePoint(Hex.decode("02" // + // "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972")); ECPoint G = curve.decodePoint( Hex.decode( "04" + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972" + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3")); return new X9ECParameters(curve, G, n, h, S); }
private String generateSubjectKeyIdentifier(Certificate certificate) throws IOException { String subjectKeyIdentifier; ASN1InputStream is; SubjectPublicKeyInfo spki; SubjectKeyIdentifier ski; subjectKeyIdentifier = null; is = null; spki = null; ski = null; try { is = new ASN1InputStream(certificate.getPublicKey().getEncoded()); spki = new SubjectPublicKeyInfo((ASN1Sequence) is.readObject()); ski = new SubjectKeyIdentifier(spki); } finally { if (is != null) { is.close(); } } subjectKeyIdentifier = new String(Hex.encode(ski.getKeyIdentifier())); return subjectKeyIdentifier; }
private static BigInteger calculateGenerator_FIPS186_3_Verifiable( Digest d, BigInteger p, BigInteger q, byte[] seed, int index) { // A.2.3 Verifiable Canonical Generation of the Generator g BigInteger e = p.subtract(ONE).divide(q); byte[] ggen = Hex.decode("6767656E"); // 7. U = domain_parameter_seed || "ggen" || index || count. byte[] U = new byte[seed.length + ggen.length + 1 + 2]; System.arraycopy(seed, 0, U, 0, seed.length); System.arraycopy(ggen, 0, U, seed.length, ggen.length); U[U.length - 3] = (byte) index; byte[] w = new byte[d.getDigestSize()]; for (int count = 1; count < (1 << 16); ++count) { inc(U); hash(d, U, w); BigInteger W = new BigInteger(1, w); BigInteger g = W.modPow(e, p); if (g.compareTo(TWO) >= 0) { return g; } } return null; }
/** signature with a "forged signature" (sig block not at end of plain text) */ private void testBadSig(PrivateKey priv, PublicKey pub) throws Exception { MessageDigest sha1 = MessageDigest.getInstance("SHA1", "BC"); Cipher signer = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC"); signer.init(Cipher.ENCRYPT_MODE, priv); byte[] block = new byte[signer.getBlockSize()]; sha1.update((byte) 0); byte[] sigHeader = Hex.decode("3021300906052b0e03021a05000414"); System.arraycopy(sigHeader, 0, block, 0, sigHeader.length); byte[] dig = sha1.digest(); System.arraycopy(dig, 0, block, sigHeader.length, dig.length); System.arraycopy(sigHeader, 0, block, sigHeader.length + dig.length, sigHeader.length); byte[] sig = signer.doFinal(block); Signature verifier = Signature.getInstance("SHA1WithRSA", "BC"); verifier.initVerify(pub); verifier.update((byte) 0); if (verifier.verify(sig)) { fail("bad signature passed"); } }
/** * Constructor from ASN1Sequence * * <p>the principal will be a list of constructed sets, each containing an (OID, String) pair. */ public X509Name(ASN1Sequence seq) { this.seq = seq; Enumeration e = seq.getObjects(); while (e.hasMoreElements()) { ASN1Set set = ASN1Set.getInstance(e.nextElement()); for (int i = 0; i < set.size(); i++) { ASN1Sequence s = ASN1Sequence.getInstance(set.getObjectAt(i)); if (s.size() != 2) { throw new IllegalArgumentException("badly sized pair"); } ordering.addElement(DERObjectIdentifier.getInstance(s.getObjectAt(0))); DEREncodable value = s.getObjectAt(1); if (value instanceof DERString) { values.addElement(((DERString) value).getString()); } else { values.addElement("#" + bytesToString(Hex.encode(value.getDERObject().getDEREncoded()))); } added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility } } }
public boolean EncryptMsg(String TobeEncrypted, String CertFile) throws Exception { reset(); byte[] plain = TobeEncrypted.getBytes(encoding); byte[] iv = "12345678".getBytes(encoding); RSAKeyParameters rsaParams = null; rsaParams = getRSAKeyParameters(CertFile); BigInteger mod = rsaParams.getModulus(); int keylen = mod.bitLength() / 8; if (plain.length > keylen - 11) { SecureRandom securerandom = new SecureRandom(); DESedeKeyGenerator desedeKeyGenerator = new DESedeKeyGenerator(); desedeKeyGenerator.init(new KeyGenerationParameters(securerandom, 192)); byte[] key = desedeKeyGenerator.generateKey(); if (key.length != 24) { throw new Exception("密钥长度不为24,加密失败"); } byte[] encryptedPlain = new byte[plain.length]; DESedeEngine desede = new DESedeEngine(); BufferedBlockCipher bufferedBlockCipher = new BufferedBlockCipher(new OFBBlockCipher(desede, 8 * desede.getBlockSize())); CipherParameters desedeParams = new ParametersWithIV(new DESedeParameters(key), iv); bufferedBlockCipher.init(true, desedeParams); int outOff = bufferedBlockCipher.processBytes(plain, 0, plain.length, encryptedPlain, 0); bufferedBlockCipher.doFinal(encryptedPlain, outOff); byte[] encryptedKey = (byte[]) null; AsymmetricBlockCipher rsa = new PKCS1Encoding(new RSAEngine()); rsa.init(true, rsaParams); encryptedKey = rsa.processBlock(key, 0, key.length); this.lastResult = new String(Hex.encode(iv)) + new String(Hex.encode(encryptedKey)) + new String(Hex.encode(encryptedPlain)); } else { byte[] encrypted = (byte[]) null; AsymmetricBlockCipher rsa = new PKCS1Encoding(new RSAEngine()); rsa.init(true, rsaParams); encrypted = rsa.processBlock(plain, 0, plain.length); this.lastResult = new String(Hex.encode(encrypted)); } return true; }