protected X9ECParameters createParameters() {
int m = 571;
int k1 = 2;
int k2 = 5;
int k3 = 10;
BigInteger a = BigInteger.valueOf(1);
BigInteger b =
fromHex(
"02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A");
byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310");
BigInteger n =
fromHex(
"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47");
BigInteger h = BigInteger.valueOf(2);
ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h);
// ECPoint G = curve.decodePoint(Hex.decode("03"
// +
// "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"
+ "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"));
return new X9ECParameters(curve, G, n, h, S);
}
private void testNullCFB() throws InvalidCipherTextException {
BufferedBlockCipher b = new BufferedBlockCipher(new CFBBlockCipher(new AESEngine(), 128));
KeyParameter kp = new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917"));
b.init(true, new ParametersWithIV(kp, new byte[16]));
byte[] out = new byte[b.getOutputSize(tData.length)];
int len = b.processBytes(tData, 0, tData.length, out, 0);
len += b.doFinal(out, len);
if (!areEqual(outCFB1, out)) {
fail("no match on first nullCFB check");
}
b.init(true, new ParametersWithIV(null, Hex.decode("000102030405060708090a0b0c0d0e0f")));
len = b.processBytes(tData, 0, tData.length, out, 0);
len += b.doFinal(out, len);
if (!areEqual(outCFB2, out)) {
fail("no match on second nullCFB check");
}
}
protected X9ECParameters createParameters() {
int m = 409;
int k = 87;
BigInteger a = BigInteger.valueOf(1);
BigInteger b =
fromHex(
"0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F");
byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B");
BigInteger n =
fromHex(
"010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173");
BigInteger h = BigInteger.valueOf(2);
ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h);
// ECPoint G = curve.decodePoint(Hex.decode("03"
// +
// "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"
+ "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"));
return new X9ECParameters(curve, G, n, h, S);
}
protected X9ECParameters createParameters() {
int m = 283;
int k1 = 5;
int k2 = 7;
int k3 = 12;
BigInteger a = BigInteger.valueOf(1);
BigInteger b =
fromHex("027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5");
byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE");
BigInteger n =
fromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307");
BigInteger h = BigInteger.valueOf(2);
ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h);
// ECPoint G = curve.decodePoint(Hex.decode("03"
// + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"
+ "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"));
return new X9ECParameters(curve, G, n, h, S);
}
protected X9ECParameters createParameters() {
// p = 2^521 - 1
BigInteger p =
fromHex(
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");
BigInteger a =
fromHex(
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC");
BigInteger b =
fromHex(
"0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00");
byte[] S = Hex.decode("D09E8800291CB85396CC6717393284AAA0DA64BA");
BigInteger n =
fromHex(
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409");
BigInteger h = BigInteger.valueOf(1);
ECCurve curve = new ECCurve.Fp(p, a, b);
// ECPoint G = curve.decodePoint(Hex.decode("02"
// +
// "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66"
+ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"));
return new X9ECParameters(curve, G, n, h, S);
}
protected X9ECParameters createParameters() {
// p = 2^384 - 2^128 - 2^96 + 2^32 - 1
BigInteger p =
fromHex(
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF");
BigInteger a =
fromHex(
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC");
BigInteger b =
fromHex(
"B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF");
byte[] S = Hex.decode("A335926AA319A27A1D00896A6773A4827ACDAC73");
BigInteger n =
fromHex(
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973");
BigInteger h = BigInteger.valueOf(1);
ECCurve curve = new ECCurve.Fp(p, a, b);
// ECPoint G = curve.decodePoint(Hex.decode("03"
// +
// "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7"
+ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"));
return new X9ECParameters(curve, G, n, h, S);
}
protected X9ECParameters createParameters() {
// p = 2^224 (2^32 - 1) + 2^192 + 2^96 - 1
BigInteger p =
fromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF");
BigInteger a =
fromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC");
BigInteger b =
fromHex("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B");
byte[] S = Hex.decode("C49D360886E704936A6678E1139D26B7819F7E90");
BigInteger n =
fromHex("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551");
BigInteger h = BigInteger.valueOf(1);
ECCurve curve = new ECCurve.Fp(p, a, b);
// ECPoint G = curve.decodePoint(Hex.decode("03"
// + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"
+ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"));
return new X9ECParameters(curve, G, n, h, S);
}
private void ctrCounterTest() {
CipherParameters params =
new ParametersWithIV(
new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
Hex.decode("000000000000000000000000000000"));
SICBlockCipher engine = new SICBlockCipher(new AESEngine());
engine.init(true, params);
SecureRandom rand = new SecureRandom();
byte[] cipher = new byte[256 * 16];
byte[] plain = new byte[255 * 16];
rand.nextBytes(plain);
engine.processBytes(plain, 0, plain.length, cipher, 0);
engine.init(true, params);
byte[] fragment = new byte[20];
plain = new byte[256 * 16];
engine.init(true, params);
try {
engine.processBytes(plain, 0, plain.length, cipher, 0);
fail("out of range data not caught");
} catch (IllegalStateException e) {
if (!"Counter in CTR/SIC mode out of range.".equals(e.getMessage())) {
fail("wrong exception");
}
}
}
/** from: http://www.ietf.org/rfc/rfc3211.txt */
@Test
public void pbkdf2ConformanceTest1() throws Exception {
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12");
byte[] password = PasswordToByteConverter.convert("password", PKCS5);
byte[] key = Hex.decode("D1 DA A7 86 15 F2 87 E6");
assertThat(
getKDFInstance(new PBKDF2Parameters(8, 5, salt)).derive(password).getKey(), equalTo(key));
}
private void testNONEwithECDSA239bitPrime() throws Exception {
ECCurve curve =
new ECCurve.Fp(
new BigInteger(
"883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger(
"6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECParameterSpec spec =
new ECParameterSpec(
curve,
curve.decodePoint(
Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
new BigInteger(
"883423532389192164791648750360308884807550341691627752275345424702807307")); // n
ECPrivateKeySpec priKey =
new ECPrivateKeySpec(
new BigInteger(
"876300101507107567501066130761671078357010671067781776716671676178726717"), // d
spec);
ECPublicKeySpec pubKey =
new ECPublicKeySpec(
curve.decodePoint(
Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
spec);
Signature sgr = Signature.getInstance("NONEwithECDSA", "BC");
KeyFactory f = KeyFactory.getInstance("ECDSA", "BC");
PrivateKey sKey = f.generatePrivate(priKey);
PublicKey vKey = f.generatePublic(pubKey);
SecureRandom k = new SecureRandom();
byte[] message = "abc".getBytes();
byte[] sig =
Hex.decode(
"3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e64cb19604be06c57e761b3de5518f71de0f6e0cd2df677cec8a6ffcb690d");
checkMessage(sgr, sKey, vKey, message, sig);
message = "abcdefghijklmnopqrstuvwxyz".getBytes();
sig =
Hex.decode(
"3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e43fd65b3363d76aabef8630572257dbb67c82818ad9fad31256539b1b02c");
checkMessage(sgr, sKey, vKey, message, sig);
message = "a very very long message gauranteed to cause an overflow".getBytes();
sig =
Hex.decode(
"3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e7d5be84b22937a1691859a3c6fe45ed30b108574431d01b34025825ec17a");
checkMessage(sgr, sKey, vKey, message, sig);
}
/** from: http://pythonhosted.org/passlib/lib/passlib.hash.atlassian_pbkdf2_sha1.html */
@Test
public void pbkdf2ConfluenceTest() throws Exception {
byte[] salt = Hex.decode("0d0217254d37f2ee0fec576cb854d8ff");
byte[] password = PasswordToByteConverter.convert("password");
byte[] key = Hex.decode("edf96e6e3591f8d96b9ed4addc47a7632edea176bb2fa8a03fa3179b75b5bf09");
assertThat(
getKDFInstance(new PBKDF2Parameters(32, 10000, salt)).derive(password).getKey(),
equalTo(key));
}
private void runVector(StreamCipher hc, String fileName, PeekableLineReader r, String vectorName)
throws IOException {
// System.out.println(fileName + " => " + vectorName);
String hexKey = readBlock(r);
String hexIV = readBlock(r);
CipherParameters cp = new KeyParameter(Hex.decode(hexKey));
cp = new ParametersWithIV(cp, Hex.decode(hexIV));
hc.init(true, cp);
byte[] input = new byte[64];
byte[] output = new byte[64];
byte[] digest = new byte[64];
int pos = 0;
for (; ; ) {
String line1 = r.peekLine().trim();
int equalsPos = line1.indexOf('=');
String lead = line1.substring(0, equalsPos - 1);
String hexData = readBlock(r);
byte[] data = Hex.decode(hexData);
if (lead.equals("xor-digest")) {
if (!Arrays.areEqual(data, digest)) {
fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead);
// System.out.println(fileName + " => " + vectorName + " failed at " +
// lead); return;
}
break;
}
int posA = lead.indexOf('[');
int posB = lead.indexOf("..");
int posC = lead.indexOf(']');
int start = Integer.parseInt(lead.substring(posA + 1, posB));
int end = Integer.parseInt(lead.substring(posB + 2, posC));
if (start % 64 != 0 || (end - start != 63)) {
throw new IllegalStateException(vectorName + ": " + lead + " not on 64 byte boundaries");
}
while (pos < end) {
hc.processBytes(input, 0, input.length, output, 0);
xor(digest, output);
pos += 64;
}
if (!Arrays.areEqual(data, output)) {
fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead);
// System.out.println(fileName + " => " + vectorName + " failed at " + lead);
// return;
}
}
}
public void performTest() throws Exception {
for (int i = 0; i != cipherTests.length; i += 8) {
testECB(
Integer.parseInt(cipherTests[i]),
Hex.decode(cipherTests[i + 1]),
Hex.decode(cipherTests[i + 2]),
Hex.decode(cipherTests[i + 3]));
testCFB(
Integer.parseInt(cipherTests[i + 4]),
Hex.decode(cipherTests[i + 4 + 1]),
Hex.decode(cipherTests[i + 4 + 2]),
Hex.decode(cipherTests[i + 4 + 3]));
oidTest();
}
Mac mac = Mac.getInstance("GOST28147MAC", "BC");
mac.init(
new SecretKeySpec(
Hex.decode("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"),
"GOST28147"));
if (!Arrays.areEqual(
Hex.decode("1b69996e"),
mac.doFinal(Hex.decode("4e6f77206973207468652074696d6520666f7220616c6c20")))) {
fail("mac test falied.");
}
}
public static void bcHMacMD5() {
HMac hmac = new HMac(new MD5Digest());
hmac.init(new KeyParameter(org.bouncycastle.util.encoders.Hex.decode("aaaaaaaaaa")));
hmac.update(src.getBytes(), 0, src.getBytes().length);
byte[] hmacMD5Bytes = new byte[hmac.getMacSize()];
hmac.doFinal(hmacMD5Bytes, 0);
System.out.println(
"bc hmacMD5:" + org.bouncycastle.util.encoders.Hex.toHexString(hmacMD5Bytes));
}
/** from: http://www.ietf.org/rfc/rfc3211.txt */
@Test
public void pbkdf2ConformanceTest2() throws Exception {
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12");
byte[] password =
PasswordToByteConverter.convert(
"All n-entities must communicate with other n-entities via n-1 entiteeheehees", PKCS5);
byte[] key = Hex.decode("6A 89 70 BF 68 C9 2C AE A8 4A 8D F2 85 10 85 86");
assertThat(
getKDFInstance(new PBKDF2Parameters(16, 500, salt)).derive(password).getKey(),
equalTo(key));
}
@Test
public void pbkdf2WithIVTest() throws Exception {
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12");
byte[] password = PasswordToByteConverter.convert("password");
byte[] key = Hex.decode("d1daa78615f287e6a1c8b120d7062a493f98d203e6be49a6adf4fa574b6e64ee");
byte[] iv = Hex.decode("df377ef2e8ad463fb711f1b4ff27139a");
KeyWithIVParameters params =
getKDFInstance(new PBKDF2Parameters(32, 5, salt)).derive(password, 16);
assertThat(params.getKey(), equalTo(key));
assertThat(params.getIV(), equalTo(iv));
}
/** DHKEK Generator tests - from RFC 2631. */
public class DHKEKGeneratorTest extends SimpleTest {
private byte[] seed1 = Hex.decode("000102030405060708090a0b0c0d0e0f10111213");
private DERObjectIdentifier alg1 = PKCSObjectIdentifiers.id_alg_CMS3DESwrap;
private byte[] result1 = Hex.decode("a09661392376f7044d9052a397883246b67f5f1ef63eb5fb");
private byte[] seed2 = Hex.decode("000102030405060708090a0b0c0d0e0f10111213");
private DERObjectIdentifier alg2 = PKCSObjectIdentifiers.id_alg_CMSRC2wrap;
private byte[] partyAInfo =
Hex.decode(
"0123456789abcdeffedcba9876543201"
+ "0123456789abcdeffedcba9876543201"
+ "0123456789abcdeffedcba9876543201"
+ "0123456789abcdeffedcba9876543201");
private byte[] result2 = Hex.decode("48950c46e0530075403cce72889604e0");
public DHKEKGeneratorTest() {}
public void performTest() {
checkMask(
1, new DHKEKGenerator(new SHA1Digest()), new DHKDFParameters(alg1, 192, seed1), result1);
checkMask(
2,
new DHKEKGenerator(new SHA1Digest()),
new DHKDFParameters(alg2, 128, seed2, partyAInfo),
result2);
}
private void checkMask(
int count, DerivationFunction kdf, DerivationParameters params, byte[] result) {
byte[] data = new byte[result.length];
kdf.init(params);
kdf.generateBytes(data, 0, data.length);
if (!areEqual(result, data)) {
fail("DHKEKGenerator failed generator test " + count);
}
}
public String getName() {
return "DHKEKGenerator";
}
public static void main(String[] args) {
runTest(new DHKEKGeneratorTest());
}
}
/**
* Creates a test signature and verifies it.
*
* @param privateKey Private key to sign with
* @param publicKey Public key to verify with
* @param signatureProvider Name of provider to sign with
* @throws NoSuchAlgorithmException In case the key or signature algorithm is unknown
* @throws NoSuchProviderException In case the supplied provider name is unknown or BC is not
* installed
* @throws InvalidKeyException If signature verification failed or the key was invalid
* @throws SignatureException If the signature could not be made or verified correctly
*/
public static void testSignAndVerify(
PrivateKey privateKey, PublicKey publicKey, String signatureProvider)
throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException,
SignatureException {
final byte input[] = "Lillan gick pa vagen ut, motte dar en katt...".getBytes();
final String sigAlg = suggestSigAlg(publicKey);
if (sigAlg == null) {
throw new NoSuchAlgorithmException("Unknown key algorithm: " + publicKey.getAlgorithm());
}
if (LOG.isDebugEnabled()) {
LOG.debug("Testing keys with algorithm: " + publicKey.getAlgorithm());
LOG.debug("testSigAlg: " + sigAlg);
LOG.debug("provider: " + signatureProvider);
LOG.trace("privateKey: " + privateKey);
LOG.trace("privateKey class: " + privateKey.getClass().getName());
LOG.trace("publicKey: " + publicKey);
LOG.trace("publicKey class: " + publicKey.getClass().getName());
}
final Signature signSignature = Signature.getInstance(sigAlg, signatureProvider);
signSignature.initSign(privateKey);
signSignature.update(input);
byte[] signBA = signSignature.sign();
if (LOG.isTraceEnabled()) {
LOG.trace("Created signature of size: " + signBA.length);
LOG.trace("Created signature: " + new String(Hex.encode(signBA)));
}
final Signature verifySignature = Signature.getInstance(sigAlg, "BC");
verifySignature.initVerify(publicKey);
verifySignature.update(input);
if (!verifySignature.verify(signBA)) {
throw new InvalidKeyException("Test signature inconsistent");
}
}
public static String getPkcs11SignerConfWithoutAlgo(
final String pkcs11ModuleName,
final P11SlotIdentifier slotId,
final P11KeyIdentifier keyId,
final int parallelism) {
ParamChecker.assertNotNull("keyId", keyId);
CmpUtf8Pairs conf = new CmpUtf8Pairs();
conf.putUtf8Pair("parallelism", Integer.toString(parallelism));
if (pkcs11ModuleName != null && pkcs11ModuleName.length() > 0) {
conf.putUtf8Pair("module", pkcs11ModuleName);
}
if (slotId.getSlotId() != null) {
conf.putUtf8Pair("slot-id", slotId.getSlotId().toString());
} else {
conf.putUtf8Pair("slot", slotId.getSlotIndex().toString());
}
if (keyId.getKeyId() != null) {
conf.putUtf8Pair("key-id", Hex.toHexString(keyId.getKeyId()));
}
if (keyId.getKeyLabel() != null) {
conf.putUtf8Pair("key-label", keyId.getKeyLabel());
}
return conf.getEncoded();
}
@Test
public void testImportBadEncodedUserId() throws Exception {
UncachedKeyRing key = readRingFromResource("/test-keys/bad_user_id_encoding.asc");
long keyId = key.getMasterKeyId();
SaveKeyringResult result;
result = mProviderHelper.savePublicKeyRing(key, new ProgressScaler(), null);
Assert.assertTrue("import of keyring should succeed", result.success());
CanonicalizedPublicKeyRing ring = mProviderHelper.getCanonicalizedPublicKeyRing(keyId);
boolean found = false;
byte[] badUserId =
Hex.decode(
"436c61757320467261656e6b656c203c436c6175732e4672e46e6b656c4068616c696661782e727774682d61616368656e2e64653e");
for (byte[] rawUserId :
new IterableIterator<byte[]>(ring.getUnorderedRawUserIds().iterator())) {
if (Arrays.equals(rawUserId, badUserId)) {
found = true;
}
}
Assert.assertTrue("import of the badly encoded user id should succeed", found);
}
private static byte[] decrypt(byte[] decoded, String dekInfo, char[] passwd)
throws IOException, GeneralSecurityException {
if (passwd == null) {
throw new IOException("Password is null, but a password is required");
}
StringTokenizer tknz = new StringTokenizer(dekInfo, ",");
String algorithm = tknz.nextToken();
byte[] iv = Hex.decode(tknz.nextToken());
if (!CipherModule.isSupportedCipher(algorithm)) {
throw new IOException("Unknown algorithm: " + algorithm);
}
String[] cipher = org.jruby.ext.openssl.Cipher.Algorithm.osslToJsse(algorithm);
String realName = cipher[3];
int[] lengths = org.jruby.ext.openssl.Cipher.Algorithm.osslKeyIvLength(algorithm);
int keyLen = lengths[0];
int ivLen = lengths[1];
if (iv.length != ivLen) {
throw new IOException("Illegal IV length");
}
byte[] salt = new byte[8];
System.arraycopy(iv, 0, salt, 0, 8);
OpenSSLPBEParametersGenerator pGen = new OpenSSLPBEParametersGenerator();
pGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(passwd), salt);
KeyParameter param = (KeyParameter) pGen.generateDerivedParameters(keyLen * 8);
SecretKey secretKey = new javax.crypto.spec.SecretKeySpec(param.getKey(), realName);
Cipher c = Cipher.getInstance(realName);
c.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
return c.doFinal(decoded);
}
@Test
public void testPromoteDivert() throws Exception {
PromoteKeyOperation op =
new PromoteKeyOperation(
RuntimeEnvironment.application,
new ProviderHelper(RuntimeEnvironment.application),
null,
null);
byte[] aid = Hex.decode("D2760001240102000000012345670000");
PromoteKeyResult result =
op.execute(new PromoteKeyringParcel(mStaticRing.getMasterKeyId(), aid, null), null);
Assert.assertTrue("promotion must succeed", result.success());
{
CanonicalizedSecretKeyRing ring =
new ProviderHelper(RuntimeEnvironment.application)
.getCanonicalizedSecretKeyRing(mStaticRing.getMasterKeyId());
for (CanonicalizedSecretKey key : ring.secretKeyIterator()) {
Assert.assertEquals(
"all subkeys must be divert-to-card",
SecretKeyType.DIVERT_TO_CARD,
key.getSecretKeyTypeSuperExpensive());
Assert.assertArrayEquals("all subkeys must have correct iv", aid, key.getIv());
}
}
}
protected X9ECParameters createParameters() {
int m = 283;
int k1 = 5;
int k2 = 7;
int k3 = 12;
BigInteger a = ECConstants.ZERO;
BigInteger b = BigInteger.valueOf(1);
byte[] S = null;
BigInteger n =
fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61");
BigInteger h = BigInteger.valueOf(4);
ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h);
// ECPoint G = curve.decodePoint(Hex.decode("02"
// + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"
+ "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"));
return new X9ECParameters(curve, G, n, h, S);
}
protected X9ECParameters createParameters() {
int m = 409;
int k = 87;
BigInteger a = ECConstants.ZERO;
BigInteger b = BigInteger.valueOf(1);
byte[] S = null;
BigInteger n =
fromHex(
"7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF");
BigInteger h = BigInteger.valueOf(4);
ECCurve curve = new ECCurve.F2m(m, k, a, b, n, h);
// ECPoint G = curve.decodePoint(Hex.decode("03"
// +
// "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"
+ "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"));
return new X9ECParameters(curve, G, n, h, S);
}
protected X9ECParameters createParameters() {
int m = 571;
int k1 = 2;
int k2 = 5;
int k3 = 10;
BigInteger a = ECConstants.ZERO;
BigInteger b = BigInteger.valueOf(1);
byte[] S = null;
BigInteger n =
fromHex(
"020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001");
BigInteger h = BigInteger.valueOf(4);
ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b, n, h);
// ECPoint G = curve.decodePoint(Hex.decode("02"
// +
// "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"));
ECPoint G =
curve.decodePoint(
Hex.decode(
"04"
+ "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"
+ "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"));
return new X9ECParameters(curve, G, n, h, S);
}
private String generateSubjectKeyIdentifier(Certificate certificate) throws IOException {
String subjectKeyIdentifier;
ASN1InputStream is;
SubjectPublicKeyInfo spki;
SubjectKeyIdentifier ski;
subjectKeyIdentifier = null;
is = null;
spki = null;
ski = null;
try {
is = new ASN1InputStream(certificate.getPublicKey().getEncoded());
spki = new SubjectPublicKeyInfo((ASN1Sequence) is.readObject());
ski = new SubjectKeyIdentifier(spki);
} finally {
if (is != null) {
is.close();
}
}
subjectKeyIdentifier = new String(Hex.encode(ski.getKeyIdentifier()));
return subjectKeyIdentifier;
}
private static BigInteger calculateGenerator_FIPS186_3_Verifiable(
Digest d, BigInteger p, BigInteger q, byte[] seed, int index) {
// A.2.3 Verifiable Canonical Generation of the Generator g
BigInteger e = p.subtract(ONE).divide(q);
byte[] ggen = Hex.decode("6767656E");
// 7. U = domain_parameter_seed || "ggen" || index || count.
byte[] U = new byte[seed.length + ggen.length + 1 + 2];
System.arraycopy(seed, 0, U, 0, seed.length);
System.arraycopy(ggen, 0, U, seed.length, ggen.length);
U[U.length - 3] = (byte) index;
byte[] w = new byte[d.getDigestSize()];
for (int count = 1; count < (1 << 16); ++count) {
inc(U);
hash(d, U, w);
BigInteger W = new BigInteger(1, w);
BigInteger g = W.modPow(e, p);
if (g.compareTo(TWO) >= 0) {
return g;
}
}
return null;
}
/** signature with a "forged signature" (sig block not at end of plain text) */
private void testBadSig(PrivateKey priv, PublicKey pub) throws Exception {
MessageDigest sha1 = MessageDigest.getInstance("SHA1", "BC");
Cipher signer = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
signer.init(Cipher.ENCRYPT_MODE, priv);
byte[] block = new byte[signer.getBlockSize()];
sha1.update((byte) 0);
byte[] sigHeader = Hex.decode("3021300906052b0e03021a05000414");
System.arraycopy(sigHeader, 0, block, 0, sigHeader.length);
byte[] dig = sha1.digest();
System.arraycopy(dig, 0, block, sigHeader.length, dig.length);
System.arraycopy(sigHeader, 0, block, sigHeader.length + dig.length, sigHeader.length);
byte[] sig = signer.doFinal(block);
Signature verifier = Signature.getInstance("SHA1WithRSA", "BC");
verifier.initVerify(pub);
verifier.update((byte) 0);
if (verifier.verify(sig)) {
fail("bad signature passed");
}
}
/**
* Constructor from ASN1Sequence
*
* <p>the principal will be a list of constructed sets, each containing an (OID, String) pair.
*/
public X509Name(ASN1Sequence seq) {
this.seq = seq;
Enumeration e = seq.getObjects();
while (e.hasMoreElements()) {
ASN1Set set = ASN1Set.getInstance(e.nextElement());
for (int i = 0; i < set.size(); i++) {
ASN1Sequence s = ASN1Sequence.getInstance(set.getObjectAt(i));
if (s.size() != 2) {
throw new IllegalArgumentException("badly sized pair");
}
ordering.addElement(DERObjectIdentifier.getInstance(s.getObjectAt(0)));
DEREncodable value = s.getObjectAt(1);
if (value instanceof DERString) {
values.addElement(((DERString) value).getString());
} else {
values.addElement("#" + bytesToString(Hex.encode(value.getDERObject().getDEREncoded())));
}
added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility
}
}
}
public boolean EncryptMsg(String TobeEncrypted, String CertFile) throws Exception {
reset();
byte[] plain = TobeEncrypted.getBytes(encoding);
byte[] iv = "12345678".getBytes(encoding);
RSAKeyParameters rsaParams = null;
rsaParams = getRSAKeyParameters(CertFile);
BigInteger mod = rsaParams.getModulus();
int keylen = mod.bitLength() / 8;
if (plain.length > keylen - 11) {
SecureRandom securerandom = new SecureRandom();
DESedeKeyGenerator desedeKeyGenerator = new DESedeKeyGenerator();
desedeKeyGenerator.init(new KeyGenerationParameters(securerandom, 192));
byte[] key = desedeKeyGenerator.generateKey();
if (key.length != 24) {
throw new Exception("密钥长度不为24,加密失败");
}
byte[] encryptedPlain = new byte[plain.length];
DESedeEngine desede = new DESedeEngine();
BufferedBlockCipher bufferedBlockCipher =
new BufferedBlockCipher(new OFBBlockCipher(desede, 8 * desede.getBlockSize()));
CipherParameters desedeParams = new ParametersWithIV(new DESedeParameters(key), iv);
bufferedBlockCipher.init(true, desedeParams);
int outOff = bufferedBlockCipher.processBytes(plain, 0, plain.length, encryptedPlain, 0);
bufferedBlockCipher.doFinal(encryptedPlain, outOff);
byte[] encryptedKey = (byte[]) null;
AsymmetricBlockCipher rsa = new PKCS1Encoding(new RSAEngine());
rsa.init(true, rsaParams);
encryptedKey = rsa.processBlock(key, 0, key.length);
this.lastResult =
new String(Hex.encode(iv))
+ new String(Hex.encode(encryptedKey))
+ new String(Hex.encode(encryptedPlain));
} else {
byte[] encrypted = (byte[]) null;
AsymmetricBlockCipher rsa = new PKCS1Encoding(new RSAEngine());
rsa.init(true, rsaParams);
encrypted = rsa.processBlock(plain, 0, plain.length);
this.lastResult = new String(Hex.encode(encrypted));
}
return true;
}
