aboutsummaryrefslogtreecommitdiff
path: root/standalone/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'standalone/src/main/java')
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/libs/NettleLib.java32
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java126
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java49
3 files changed, 143 insertions, 64 deletions
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/NettleLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/NettleLib.java
index 6b60779..d4df414 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/NettleLib.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/NettleLib.java
@@ -1,6 +1,15 @@
package cz.crcs.ectester.standalone.libs;
+import cz.crcs.ectester.common.ec.EC_Curve;
+import cz.crcs.ectester.common.util.ECUtil;
+import cz.crcs.ectester.data.EC_Store;
+
+import java.security.InvalidAlgorithmParameterException;
import java.security.Provider;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.ECGenParameterSpec;
+import java.security.spec.ECParameterSpec;
+import java.util.Arrays;
import java.util.Set;
/**
@@ -17,4 +26,27 @@ public class NettleLib extends NativeECLibrary {
@Override
public native Set<String> getCurves();
+
+ public static ECGenParameterSpec parametersKnown(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException {
+ if (params instanceof ECGenParameterSpec) {
+ if (Arrays.asList("secp192r1", "secp224r1", "secp256r1", "secp384r1", "secp521r1").contains(((ECGenParameterSpec) params).getName())) {
+ return (ECGenParameterSpec) params;
+ }
+ } else if (params instanceof ECParameterSpec) {
+ ECParameterSpec spec = (ECParameterSpec) params;
+ EC_Store store = EC_Store.getInstance();
+ if (ECUtil.equalECParameterSpec(spec, store.getObject(EC_Curve.class, "secg/secp192r1").toSpec())) {
+ return new ECGenParameterSpec("secp192r1");
+ } else if (ECUtil.equalECParameterSpec(spec, store.getObject(EC_Curve.class, "secg/secp224r1").toSpec())) {
+ return new ECGenParameterSpec("secp224r1");
+ } else if (ECUtil.equalECParameterSpec(spec, store.getObject(EC_Curve.class, "secg/secp256r1").toSpec())) {
+ return new ECGenParameterSpec("secp256r1");
+ } else if (ECUtil.equalECParameterSpec(spec, store.getObject(EC_Curve.class, "secg/secp384r1").toSpec())) {
+ return new ECGenParameterSpec("secp384r1");
+ } else if (ECUtil.equalECParameterSpec(spec, store.getObject(EC_Curve.class, "secg/secp521r1").toSpec())) {
+ return new ECGenParameterSpec("secp521r1");
+ }
+ }
+ throw new InvalidAlgorithmParameterException("Unknown curve.");
+ }
}
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
index afed02b..d9a4d40 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
@@ -1,6 +1,9 @@
package cz.crcs.ectester.standalone.libs.jni;
+import cz.crcs.ectester.common.ec.EC_Curve;
import cz.crcs.ectester.common.util.ECUtil;
+import cz.crcs.ectester.data.EC_Store;
+import cz.crcs.ectester.standalone.libs.NettleLib;
import javax.crypto.KeyAgreementSpi;
import javax.crypto.SecretKey;
@@ -11,7 +14,6 @@ import java.security.interfaces.ECPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
/**
* @author Jan Jancar johny@neuromancer.sk
@@ -61,6 +63,22 @@ public abstract class NativeKeyAgreementSpi extends KeyAgreementSpi {
return secret.length;
}
+ protected byte[] getPubkey() {
+ if (publicKey instanceof NativeECPublicKey) {
+ return ((NativeECPublicKey) publicKey).getData();
+ } else {
+ return ECUtil.pubkeyToBytes(publicKey);
+ }
+ }
+
+ protected byte[] getPrivkey() {
+ if (privateKey instanceof NativeECPrivateKey) {
+ return ((NativeECPrivateKey) privateKey).getData();
+ } else {
+ return ECUtil.privkeyToBytes(privateKey);
+ }
+ }
+
private abstract static class SimpleKeyAgreementSpi extends NativeKeyAgreementSpi {
@Override
@@ -72,51 +90,79 @@ public abstract class NativeKeyAgreementSpi extends KeyAgreementSpi {
this.params = params;
}
- private byte[] getPubkey() {
- if (publicKey instanceof NativeECPublicKey) {
- return ((NativeECPublicKey) publicKey).getData();
- } else {
- return ECUtil.toX962Uncompressed(publicKey.getW(), ((ECParameterSpec) params));
+ @Override
+ protected byte[] engineGenerateSecret() throws IllegalStateException {
+ return generateSecret(getPubkey(), getPrivkey(), (ECParameterSpec) params);
+ }
+
+ abstract byte[] generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params);
+
+ @Override
+ protected SecretKey engineGenerateSecret(String algorithm) throws IllegalStateException, NoSuchAlgorithmException, InvalidKeyException {
+ if (algorithm == null) {
+ throw new NoSuchAlgorithmException("Algorithm must not be null.");
}
+ return generateSecret(getPubkey(), getPrivkey(), (ECParameterSpec) params, algorithm);
}
- private byte[] getPrivkey() {
- if (privateKey instanceof NativeECPrivateKey) {
- return ((NativeECPrivateKey) privateKey).getData();
- } else {
- return ECUtil.toByteArray(privateKey.getS(), ((ECParameterSpec) params).getOrder().bitLength());
+ abstract SecretKey generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params, String algorithm);
+ }
+
+ private abstract static class ExtendedKeyAgreementSpi extends NativeKeyAgreementSpi {
+
+ @Override
+ protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
+ if (!(params instanceof ECParameterSpec || params instanceof ECGenParameterSpec)) {
+ throw new InvalidAlgorithmParameterException("Unknown parameter class.");
}
+ engineInit(key, random);
+ this.params = params;
}
@Override
protected byte[] engineGenerateSecret() throws IllegalStateException {
- return generateSecret(getPubkey(), getPrivkey(), (ECParameterSpec) params);
+ return generateSecret(publicKey, privateKey, params);
}
- abstract byte[] generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params);
+ abstract byte[] generateSecret(ECPublicKey pubkey, ECPrivateKey privkey, AlgorithmParameterSpec params);
@Override
protected SecretKey engineGenerateSecret(String algorithm) throws IllegalStateException, NoSuchAlgorithmException, InvalidKeyException {
if (algorithm == null) {
throw new NoSuchAlgorithmException("Algorithm must not be null");
}
- return generateSecret(getPubkey(), getPrivkey(), (ECParameterSpec) params, algorithm);
+ return generateSecret(publicKey, privateKey, params, algorithm);
}
- abstract SecretKey generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params, String algorithm);
+ abstract SecretKey generateSecret(ECPublicKey pubkey, ECPrivateKey privkey, AlgorithmParameterSpec params, String algorithm);
}
- private abstract static class ExtendedKeyAgreementSpi extends NativeKeyAgreementSpi {
+ private abstract static class NamedKeyAgreementSpi extends NativeKeyAgreementSpi {
+
+ @Override
+ protected void engineInit(Key key, SecureRandom random) throws InvalidKeyException {
+ if (!(key instanceof ECPrivateKey)) {
+ throw new InvalidKeyException("Key must be instance of ECPrivateKey");
+ }
+ privateKey = (ECPrivateKey) key;
+ try {
+ this.params = parametersKnown(privateKey.getParams());
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new InvalidKeyException(e);
+ }
+ }
@Override
protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
if (!(params instanceof ECParameterSpec || params instanceof ECGenParameterSpec)) {
- throw new InvalidAlgorithmParameterException();
+ throw new InvalidAlgorithmParameterException("Unknown parameter class.");
}
engineInit(key, random);
- this.params = params;
+ this.params = parametersKnown(params);
}
+ abstract ECGenParameterSpec parametersKnown(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException;
+
@Override
protected byte[] engineGenerateSecret() throws IllegalStateException {
return generateSecret(publicKey, privateKey, params);
@@ -374,7 +420,7 @@ public abstract class NativeKeyAgreementSpi extends KeyAgreementSpi {
}
}
- public abstract static class Nettle extends SimpleKeyAgreementSpi {
+ public abstract static class Nettle extends NamedKeyAgreementSpi {
private final String type;
public Nettle(String type) {
@@ -382,43 +428,21 @@ public abstract class NativeKeyAgreementSpi extends KeyAgreementSpi {
}
@Override
- byte[] generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params) {
- try {
- // TODO: OMG remove this monstrosity.
- AlgorithmParameters tmp = AlgorithmParameters.getInstance("EC");
- tmp.init(params);
- ECGenParameterSpec spec = tmp.getParameterSpec(ECGenParameterSpec.class);
- switch (spec.getName()) {
- case "1.2.840.10045.3.1.7":
- spec = new ECGenParameterSpec("secp256r1");
- break;
- case "1.2.840.10045.3.1.1":
- spec = new ECGenParameterSpec("secp192r1");
- break;
- case "1.3.132.0.33":
- spec = new ECGenParameterSpec("secp224r1");
- break;
- case "1.3.132.0.34":
- spec = new ECGenParameterSpec("secp384r1");
- break;
- case "1.3.132.0.35":
- spec = new ECGenParameterSpec("secp521r1");
- break;
- default:
- return null;
+ ECGenParameterSpec parametersKnown(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException {
+ return NettleLib.parametersKnown(params);
+ }
- }
- return generateSecret(pubkey, privkey, spec);
+ @Override
+ byte[] generateSecret(ECPublicKey pubkey, ECPrivateKey privkey, AlgorithmParameterSpec params) {
+ return generateSecret(getPubkey(), getPrivkey(), (ECGenParameterSpec) params);
+ }
- } catch (NoSuchAlgorithmException | InvalidParameterSpecException e) {
- return null;
- }
+ @Override
+ SecretKey generateSecret(ECPublicKey pubkey, ECPrivateKey privkey, AlgorithmParameterSpec params, String algorithm) {
+ throw new UnsupportedOperationException("Not supported.");
}
native byte[] generateSecret(byte[] pubkey, byte[] privkey, ECGenParameterSpec params);
-
- @Override
- native SecretKey generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params, String algorithm);
}
public static class NettleECDH extends Nettle {
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java
index 0a9487f..086c2c4 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/jni/NativeKeyPairGeneratorSpi.java
@@ -2,6 +2,7 @@ package cz.crcs.ectester.standalone.libs.jni;
import cz.crcs.ectester.common.ec.EC_Curve;
import cz.crcs.ectester.data.EC_Store;
+import cz.crcs.ectester.standalone.libs.NettleLib;
import java.security.*;
import java.security.spec.AlgorithmParameterSpec;
@@ -293,7 +294,7 @@ public abstract class NativeKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
@Override
native KeyPair generate(AlgorithmParameterSpec params, SecureRandom random);
}
-
+
public static class Libressl extends NativeKeyPairGeneratorSpi {
public Libressl() {
@@ -319,26 +320,48 @@ public abstract class NativeKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
}
@Override
- native boolean keysizeSupported(int keysize);
+ boolean keysizeSupported(int keysize) {
+ switch (keysize) {
+ case 192, 224, 256, 384, 521:
+ return true;
+ default:
+ return false;
+ }
+ }
@Override
- native boolean paramsSupported(AlgorithmParameterSpec params);
+ boolean paramsSupported(AlgorithmParameterSpec params) {
+ try {
+ NettleLib.parametersKnown(params);
+ return true;
+ } catch (InvalidAlgorithmParameterException ignored) {
+ return false;
+ }
+ }
@Override
- native KeyPair generate(int keysize, SecureRandom random);
+ KeyPair generate(int keysize, SecureRandom random) {
+ EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, "secg/secp" + keysize + "r1");
+ return generate(keysize, random, curve.toSpec());
+ }
+
+ native KeyPair generate(int keysize, SecureRandom random, AlgorithmParameterSpec spec);
@Override
KeyPair generate(AlgorithmParameterSpec params, SecureRandom random) {
- if (params instanceof ECGenParameterSpec) {
- String curveName = ((ECGenParameterSpec) params).getName();
- if (curveName.contains("secp")) {
- curveName = "secg/" + curveName;
- }
- EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, curveName);
- ECParameterSpec spec = curve.toSpec();
- return generate(params, random, spec);
+ ECGenParameterSpec named;
+ try {
+ named = NettleLib.parametersKnown(params);
+ } catch (InvalidAlgorithmParameterException ignored) {
+ return null;
+ }
+ String curveName = named.getName();
+ if (curveName.startsWith("secp")) {
+ curveName = "secg/" + curveName;
}
- return null;
+ EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, curveName);
+ ECParameterSpec spec = curve.toSpec();
+ return generate(params, random, spec);
}
native KeyPair generate(AlgorithmParameterSpec params, SecureRandom random, AlgorithmParameterSpec spec);
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-10 01:34:14 +0000