protected AlgorithmParameterSpec generateParameterSpec(ASN1ObjectIdentifier macOID, SecretKey encKey) throws CMSException { try { if (macOID.equals(PKCSObjectIdentifiers.RC2_CBC)) { byte[] iv = new byte[8]; random.nextBytes(iv); return new RC2ParameterSpec(encKey.getEncoded().length * 8, iv); } AlgorithmParameterGenerator pGen = helper.createAlgorithmParameterGenerator(macOID); AlgorithmParameters p = pGen.generateParameters(); return p.getParameterSpec(IvParameterSpec.class); } catch (GeneralSecurityException e) { return null; } }
AlgorithmParameterGenerator createAlgorithmParameterGenerator(ASN1ObjectIdentifier algorithm) throws GeneralSecurityException { String algorithmName = (String)BASE_CIPHER_NAMES.get(algorithm); if (algorithmName != null) { try { // this is reversed as the Sun policy files now allow unlimited strength RSA return helper.createAlgorithmParameterGenerator(algorithmName); } catch (NoSuchAlgorithmException e) { // Ignore } } return helper.createAlgorithmParameterGenerator(algorithm.getId()); }
private static void testDSAGenParameterSpec(DataTuple dataTuple) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidParameterSpecException, InvalidAlgorithmParameterException { System.out.printf("Test case: primePLen=%d, " + "subprimeQLen=%d%n", dataTuple.primePLen, dataTuple.subprimeQLen); AlgorithmParameterGenerator apg = AlgorithmParameterGenerator.getInstance(ALGORITHM_NAME, PROVIDER_NAME); DSAGenParameterSpec genParamSpec = createGenParameterSpec(dataTuple); // genParamSpec will be null if IllegalAE is thrown when expected. if (genParamSpec == null) { return; } try { apg.init(genParamSpec, null); AlgorithmParameters param = apg.generateParameters(); checkParam(param, genParamSpec); System.out.println("Test case passed"); } catch (InvalidParameterException ipe) { throw new RuntimeException("Test case failed.", ipe); } }
/** * The default authentication tag size should be 128-bit by default for the following reasons: * <br> * (1) Security: Ferguson, N., Authentication Weaknesses in GCM, Natl. Inst. Stand. Technol. [Web * page], http://www.csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/ * CWC-GCM/Ferguson2.pdf, May 20, 2005. This paper points out that a n-bit tag has lower strength * than expected. <br> * (2) Compatibility: Assume an implementer tests some code using one provider than switches to * another provider. Such a switch should ideally not lower the security. <br> * BouncyCastle used to have only 12-byte authentication tag (b/26186727). */ @Test public void testDefaultTagSizeAlgorithmParameterGenerator() throws Exception { byte[] input = new byte[10]; byte[] key = new byte[16]; Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); try { AlgorithmParameterGenerator.getInstance("GCM"); } catch (NoSuchAlgorithmException ex) { // Conscrypt does not support AlgorithmParameterGenerator for GCM. System.out.println("testDefaultTagSizeAlgorithmParameterGenerator:" + ex.toString()); return; } AlgorithmParameters param = AlgorithmParameterGenerator.getInstance("GCM").generateParameters(); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"), param); byte[] output = cipher.doFinal(input); assertEquals(input.length + 16, output.length); }
/** * Use 1536 for Fast Prime Generation (less secure) or 2048 for slow prime generation (secure) * @param strength * @throws InvalidKeyException * @throws IllegalStateException * @throws InvalidAlgorithmParameterException * @throws NoSuchAlgorithmException * @throws NoSuchProviderException * @throws InvalidKeySpecException * @throws InvalidParameterSpecException */ public DHExchange(int strength) throws InvalidKeyException, IllegalStateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, InvalidParameterSpecException { Security.addProvider(new org.spongycastle.jce.provider.BouncyCastleProvider()); AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator.getInstance("DH", "SC"); paramGen.init(strength); // number of bits AlgorithmParameters params = paramGen.generateParameters(); DHParameterSpec dhSpec = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class); BigInteger p = dhSpec.getP(); BigInteger g = dhSpec.getG(); DHParameterSpec dhParams = new DHParameterSpec(p, g); KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH", "SC"); keyGen.initialize(dhParams, new SecureRandom()); KeyAgreement aKeyAgree = KeyAgreement.getInstance("DH", "SC"); KeyPair aPair = keyGen.generateKeyPair(); KeyAgreement bKeyAgree = KeyAgreement.getInstance("DH", "SC"); KeyPair bPair = keyGen.generateKeyPair(); aKeyAgree.init(aPair.getPrivate()); bKeyAgree.init(bPair.getPrivate()); aKeyAgree.doPhase(bPair.getPublic(), true); bKeyAgree.doPhase(aPair.getPublic(), true); }
protected AlgorithmParameterGenerator[] createAPGen() { if (!DSASupported) { fail(validAlgName + " algorithm is not supported"); return null; } AlgorithmParameterGenerator[] apg = new AlgorithmParameterGenerator[3]; try { apg[0] = AlgorithmParameterGenerator.getInstance(validAlgName); apg[1] = AlgorithmParameterGenerator.getInstance(validAlgName, validProvider); apg[2] = AlgorithmParameterGenerator.getInstance(validAlgName, validProviderName); return apg; } catch (Exception e) { e.printStackTrace(); return null; } }
/** * Test for <code>getInstance(String algorithm)</code> method * Assertion: returns AlgorithmParameterGenerator instance * when algorithm is DSA */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "", method = "getInstance", args = {java.lang.String.class} ) public void testAlgorithmParameterGenerator02() throws NoSuchAlgorithmException { if (!DSASupported) { fail(validAlgName + " algorithm is not supported"); return; } AlgorithmParameterGenerator apg; for (int i = 0; i < algs.length; i++) { apg = AlgorithmParameterGenerator.getInstance(algs[i]); assertEquals("Incorrect algorithm", apg.getAlgorithm(), algs[i]); } }
/** * Test for <code>getInstance(String algorithm, String provider)</code> * method * Assertion: throws NoSuchProviderException if provider is not * available */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "", method = "getInstance", args = {java.lang.String.class, java.lang.String.class} ) public void testAlgorithmParameterGenerator04() throws NoSuchAlgorithmException { if (!DSASupported) { fail(validAlgName + " algorithm is not supported"); return; } for (int i = 0; i < algs.length; i++) { for (int j = 1; j < invalidValues.length; j++) { try { AlgorithmParameterGenerator.getInstance(algs[i], invalidValues[j]); fail("NoSuchProviderException must be thrown (provider: " .concat(invalidValues[j])); } catch (NoSuchProviderException e) { } } } }
/** * Test for <code>getInstance(String algorithm, String provider)</code> * method * Assertion: return AlgorithmParameterGenerator */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "", method = "getInstance", args = {java.lang.String.class, java.lang.String.class} ) public void testAlgorithmParameterGenerator06() throws NoSuchAlgorithmException, NoSuchProviderException { if (!DSASupported) { fail(validAlgName + " algorithm is not supported"); return; } AlgorithmParameterGenerator apg; for (int i = 0; i < algs.length; i++) { apg = AlgorithmParameterGenerator.getInstance(algs[i], validProviderName); assertEquals("Incorrect algorithm", algs[i], apg.getAlgorithm()); assertEquals("Incorrect provider", apg.getProvider().getName(), validProviderName); } }
/** * Test for <code>getInstance(String algorithm, Provider provider)</code> * method * Assertion: throws IllegalArgumentException when provider is null */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "", method = "getInstance", args = {java.lang.String.class, java.security.Provider.class} ) public void testAlgorithmParameterGenerator07() throws NoSuchAlgorithmException { if (!DSASupported) { fail(validAlgName + " algorithm is not supported"); return; } Provider provider = null; for (int i = 0; i < algs.length; i++) { try { AlgorithmParameterGenerator.getInstance(algs[i], provider); fail("IllegalArgumentException must be thrown when provider is null"); } catch (IllegalArgumentException e) { } } }
/** * Test for <code>getInstance(String algorithm, Provider provider)</code> * method * Assertion: returns AlgorithmParameterGenerator object */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "", method = "getInstance", args = {java.lang.String.class, java.security.Provider.class} ) public void testAlgorithmParameterGenerator09() throws NoSuchAlgorithmException { if (!DSASupported) { fail(validAlgName + " algorithm is not supported"); return; } AlgorithmParameterGenerator apg; for (int i = 0; i < algs.length; i++) { apg = AlgorithmParameterGenerator.getInstance(algs[i], validProvider); assertEquals("Incorrect algorithm", apg.getAlgorithm(), algs[i]); assertEquals("Incorrect provider", apg.getProvider(), validProvider); } }
/** * Test for <code>generateParameters()</code> method * Assertion: returns AlgorithmParameters object */ @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "generateParameters", args = {} ) public void testAlgorithmParameterGenerator10() throws NoSuchAlgorithmException { if (!DSASupported) { fail(validAlgName + " algorithm is not supported"); return; } AlgorithmParameterGenerator apg = AlgorithmParameterGenerator .getInstance(validAlgName); apg.init(512); AlgorithmParameters ap = apg.generateParameters(); assertEquals("Incorrect algorithm", ap.getAlgorithm().toUpperCase(), apg.getAlgorithm().toUpperCase()); }
@Override public void test() throws Exception { AlgorithmParameterGenerator apg = AlgorithmParameterGenerator.getInstance("DH"); apg.init(1024, new SecureRandom()); AlgorithmParameters ap = apg.generateParameters(); DHParameterSpec ps = ap.getParameterSpec(DHParameterSpec.class); KeyAgreementGen kag1 = new KeyAgreementGen(ps); KeyAgreementGen kag2 = new KeyAgreementGen(ps); byte[] bArray1 = kag1.getPublicKeyBytes(); byte[] bArray2 = kag2.getPublicKeyBytes(); byte[] sk1 = kag1.getSecretKey(algName, bArray2); byte[] sk2 = kag2.getSecretKey(algName, bArray1); if (Arrays.areEqual(sk1, sk2) == false) { throw new Exception ("Generated keys are not the same"); } }
@TestTargetNew( level = TestLevel.ADDITIONAL, method = "method", args = {} ) @BrokenTest("Suffers from DH slowness, disabling for now") public void testDHGen() throws Exception { KeyPairGenerator gen = null; try { gen = KeyPairGenerator.getInstance("DH"); } catch (NoSuchAlgorithmException e) { fail(e.getMessage()); } AlgorithmParameterGenerator algorithmparametergenerator = AlgorithmParameterGenerator.getInstance("DH"); algorithmparametergenerator.init(1024, new SecureRandom()); AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters(); DHParameterSpec dhparameterspec = algorithmparameters.getParameterSpec(DHParameterSpec.class); //gen.initialize(1024); gen.initialize(dhparameterspec); KeyPair key = gen.generateKeyPair(); }
public void test_initI() throws Exception { // Test for method void // java.security.AlgorithmParameterGenerator.init(int) // checks that no exception is thrown int[] valid = {512, 576, 640, 960, 1024}; AlgorithmParameterGenerator gen = AlgorithmParameterGenerator .getInstance("DSA"); for (int i = 0; i < valid.length; i++) { try { gen.init(valid[i]); } catch (Exception e) { fail("Exception should not be thrown for valid parameter" + valid[i]); } } }
public void test_initILjava_security_SecureRandom() throws Exception { // Test for method void // java.security.AlgorithmParameterGenerator.init(int, // java.security.SecureRandom) // checks that no exception is thrown int[] valid = {512, 576, 640, 960, 1024}; AlgorithmParameterGenerator gen = AlgorithmParameterGenerator .getInstance("DSA"); for (int i = 0; i < valid.length; i++) { try { gen.init(valid[i], new SecureRandom()); gen.init(valid[i], null); } catch (Exception e) { fail("Exception should not be thrown for valid parameter" + valid[i]); } } }
/** * @tests java.security.AlgorithmParameterGenerator#init(java.security.spec.AlgorithmParameterSpec) */ public void test_initLjava_security_spec_AlgorithmParameterSpec() throws Exception { // Test for method void // java.security.AlgorithmParameterGenerator.init(java.security.spec.AlgorithmParameterSpec) // checks that InvalidAlgorithmParameterException is thrown DSAParameterSpec spec = new DSAParameterSpec(BigInteger.ONE, BigInteger.ONE, BigInteger.ONE); AlgorithmParameterGenerator gen = AlgorithmParameterGenerator .getInstance("DSA"); try { gen.init(spec); fail("No expected InvalidAlgorithmParameterException"); } catch (InvalidAlgorithmParameterException e) { //expected } }
/** * @tests java.security.AlgorithmParameterGenerator#init(java.security.spec.AlgorithmParameterSpec, * java.security.SecureRandom) */ public void test_initLjava_security_spec_AlgorithmParameterSpecLjava_security_SecureRandom() throws Exception { // Test for method void // java.security.AlgorithmParameterGenerator.init(java.security.spec.AlgorithmParameterSpec, // java.security.SecureRandom) // checks that InvalidAlgorithmParameterException is thrown DSAParameterSpec spec = new DSAParameterSpec(BigInteger.ONE, BigInteger.ONE, BigInteger.ONE); AlgorithmParameterGenerator gen = AlgorithmParameterGenerator .getInstance("DSA"); try { gen.init(spec, new SecureRandom()); fail("No expected InvalidAlgorithmParameterException"); } catch (InvalidAlgorithmParameterException e) { //expected } }
private void testRandom( int size) throws Exception { AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DH", "BC"); a.init(size, new SecureRandom()); AlgorithmParameters params = a.generateParameters(); byte[] encodeParams = params.getEncoded(); AlgorithmParameters a2 = AlgorithmParameters.getInstance("DH", "BC"); a2.init(encodeParams); // a and a2 should be equivalent! byte[] encodeParams_2 = a2.getEncoded(); if (!areEqual(encodeParams, encodeParams_2)) { fail("encode/decode parameters failed"); } DHParameterSpec dhP = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class); testGP("DH", size, 0, dhP.getG(), dhP.getP()); }
private void testRandom( int size) throws Exception { AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("ElGamal", "BC"); a.init(size, new SecureRandom()); AlgorithmParameters params = a.generateParameters(); byte[] encodeParams = params.getEncoded(); AlgorithmParameters a2 = AlgorithmParameters.getInstance("ElGamal", "BC"); a2.init(encodeParams); // a and a2 should be equivalent! byte[] encodeParams_2 = a2.getEncoded(); if (!areEqual(encodeParams, encodeParams_2)) { fail(this.getName() + ": encode/decode parameters failed"); } DHParameterSpec elP = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class); testGP(size, 0, elP.getG(), elP.getP()); }
/** * Test for <code>init(int size)</code> and * <code>init(int size, SecureRandom random<code> methods * Assertion: throws InvalidParameterException when size is incorrect */ public void testAlgorithmParameterGenerator11() throws Exception { if (!DSASupported) { fail(validAlgName + " algorithm is not supported"); return; } int [] keys = {-10000, -512, -1, 0, 10000}; SecureRandom random = new SecureRandom(); AlgorithmParameterGenerator[] apgs = createAPGen(); assertNotNull("AlgorithmParameterGenerator objects were not created", apgs); for (int i = 0; i < apgs.length; i++) { for (int j = 0; j < keys.length; j++) { apgs[i].init(keys[j]); apgs[i].init(keys[j], random); apgs[i].init(keys[j], null); } apgs[i].init(1024); apgs[i].init(1024, random); } }