void EDDSATests::testPKCS8() { // Get ed25519 domain parameters ECParameters* p = new ECParameters; p->setEC(ByteString("06032b6570")); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(eddsa->generateKeyPair(&kp, p)); CPPUNIT_ASSERT(kp != NULL); EDPrivateKey* priv = (EDPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv != NULL); // Encode and decode the private key ByteString pkcs8 = priv->PKCS8Encode(); CPPUNIT_ASSERT(pkcs8.size() != 0); EDPrivateKey* dPriv = (EDPrivateKey*) eddsa->newPrivateKey(); CPPUNIT_ASSERT(dPriv != NULL); CPPUNIT_ASSERT(dPriv->PKCS8Decode(pkcs8)); CPPUNIT_ASSERT(priv->getEC() == dPriv->getEC()); CPPUNIT_ASSERT(priv->getK() == dPriv->getK()); eddsa->recycleParameters(p); eddsa->recycleKeyPair(kp); eddsa->recyclePrivateKey(dPriv); }
void ECDSATests::testKeyGeneration() { AsymmetricKeyPair* kp; // Curves to test std::vector<ByteString> curves; // Add X9.62 prime256v1 curves.push_back(ByteString("06082a8648ce3d030107")); // Add secp384r1 curves.push_back(ByteString("06052b81040022")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Set domain parameters ECParameters* p = new ECParameters; p->setEC(*c); // Generate key-pair CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, p)); ECPublicKey* pub = (ECPublicKey*) kp->getPublicKey(); ECPrivateKey* priv = (ECPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getEC() == *c); CPPUNIT_ASSERT(priv->getEC() == *c); ecdsa->recycleParameters(p); ecdsa->recycleKeyPair(kp); } }
void EDDSATests::testKeyGeneration() { AsymmetricKeyPair* kp; // Curves to test std::vector<ByteString> curves; // Add x25519 curves.push_back(ByteString("06032b656e")); // Add ed25519 curves.push_back(ByteString("06032b6570")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Set domain parameters ECParameters* p = new ECParameters; p->setEC(*c); // Generate key-pair CPPUNIT_ASSERT(eddsa->generateKeyPair(&kp, p)); EDPublicKey* pub = (EDPublicKey*) kp->getPublicKey(); EDPrivateKey* priv = (EDPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getEC() == *c); CPPUNIT_ASSERT(priv->getEC() == *c); eddsa->recycleParameters(p); eddsa->recycleKeyPair(kp); } }
void GOSTTests::testKeyGeneration() { AsymmetricKeyPair* kp; CPPUNIT_ASSERT((gost = CryptoFactory::i()->getAsymmetricAlgorithm("gost"))); // Set domain parameters ByteString curve = "06072a850302022301"; ECParameters* p = new ECParameters; p->setEC(curve); // Generate key-pair CPPUNIT_ASSERT(gost->generateKeyPair(&kp, p)); GOSTPublicKey* pub = (GOSTPublicKey*) kp->getPublicKey(); GOSTPrivateKey* priv = (GOSTPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getQ().size() == 64); CPPUNIT_ASSERT(priv->getD().size() == 32); gost->recycleParameters(p); gost->recycleKeyPair(kp); CryptoFactory::i()->recycleAsymmetricAlgorithm(gost); gost = NULL; }
void ECDSATests::testPKCS8() { // Get prime256v1 domain parameters ECParameters* p = new ECParameters; p->setEC(ByteString("06082a8648ce3d030107")); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, p)); CPPUNIT_ASSERT(kp != NULL); ECPrivateKey* priv = (ECPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv != NULL); // Encode and decode the private key ByteString pkcs8 = priv->PKCS8Encode(); CPPUNIT_ASSERT(pkcs8.size() != 0); ECPrivateKey* dPriv = (ECPrivateKey*) ecdsa->newPrivateKey(); CPPUNIT_ASSERT(dPriv != NULL); CPPUNIT_ASSERT(dPriv->PKCS8Decode(pkcs8)); CPPUNIT_ASSERT(priv->getEC() == dPriv->getEC()); CPPUNIT_ASSERT(priv->getD() == dPriv->getD()); ecdsa->recycleParameters(p); ecdsa->recycleKeyPair(kp); ecdsa->recyclePrivateKey(dPriv); }
// Key factory bool OSSLECDSA::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* rng /* = NULL */) { // Check parameters if ((ppKeyPair == NULL) || (parameters == NULL)) { return false; } if (!parameters->areOfType(ECParameters::type)) { ERROR_MSG("Invalid parameters supplied for ECDSA key generation"); return false; } ECParameters* params = (ECParameters*) parameters; // Generate the key-pair EC_KEY* eckey = EC_KEY_new(); if (eckey == NULL) { ERROR_MSG("Failed to instantiate OpenSSL ECDSA object"); return false; } EC_GROUP* grp = OSSL::byteString2grp(params->getEC()); EC_KEY_set_group(eckey, grp); EC_GROUP_free(grp); if (!EC_KEY_generate_key(eckey)) { ERROR_MSG("ECDSA key generation failed (0x%08X)", ERR_get_error()); EC_KEY_free(eckey); return false; } // Create an asymmetric key-pair object to return OSSLECKeyPair* kp = new OSSLECKeyPair(); ((OSSLECPublicKey*) kp->getPublicKey())->setFromOSSL(eckey); ((OSSLECPrivateKey*) kp->getPrivateKey())->setFromOSSL(eckey); *ppKeyPair = kp; // Release the key EC_KEY_free(eckey); return true; }
void ECDSATests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; // Curves/Hashes to test std::vector<std::pair<ByteString, const char*> > totest; // Add X9.62 prime256v1 totest.push_back(std::make_pair(ByteString("06082a8648ce3d030107"), "sha256")); // Add secp384r1 totest.push_back(std::make_pair(ByteString("06052b81040022"), "sha384")); for (std::vector<std::pair<ByteString, const char*> >::iterator k = totest.begin(); k != totest.end(); k++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(k->first); HashAlgorithm *hash; hash = CryptoFactory::i()->getHashAlgorithm(k->second); CPPUNIT_ASSERT(hash != NULL); // Generate key-pair CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data CPPUNIT_ASSERT(hash->hashInit()); CPPUNIT_ASSERT(hash->hashUpdate(dataToSign)); ByteString hResult; CPPUNIT_ASSERT(hash->hashFinal(hResult)); ByteString sig; CPPUNIT_ASSERT(ecdsa->sign(kp->getPrivateKey(), hResult, sig, "ECDSA")); // And verify it CPPUNIT_ASSERT(ecdsa->verify(kp->getPublicKey(), hResult, sig, "ECDSA")); ecdsa->recycleKeyPair(kp); ecdsa->recycleParameters(p); CryptoFactory::i()->recycleHashAlgorithm(hash); } }
// Key factory bool BotanECDH::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* /*rng = NULL */) { // Check parameters if ((ppKeyPair == NULL) || (parameters == NULL)) { return false; } if (!parameters->areOfType(ECParameters::type)) { ERROR_MSG("Invalid parameters supplied for ECDH key generation"); return false; } ECParameters* params = (ECParameters*) parameters; // Generate the key-pair Botan::ECDH_PrivateKey* eckp = NULL; try { BotanRNG* rng = (BotanRNG*)BotanCryptoFactory::i()->getRNG(); eckp = new Botan::ECDH_PrivateKey(*rng->getRNG(), BotanUtil::byteString2ECGroup(params->getEC())); } catch (...) { ERROR_MSG("ECDH key generation failed"); return false; } // Create an asymmetric key-pair object to return BotanECDHKeyPair* kp = new BotanECDHKeyPair(); ((BotanECDHPublicKey*) kp->getPublicKey())->setFromBotan(eckp); ((BotanECDHPrivateKey*) kp->getPrivateKey())->setFromBotan(eckp); *ppKeyPair = kp; // Release the key delete eckp; return true; }
void ECDHTests::testDerivation() { AsymmetricKeyPair* kpa; AsymmetricKeyPair* kpb; ECParameters* p; // Curves to test std::vector<ByteString> curves; // Add X9.62 prime256v1 curves.push_back(ByteString("06082a8648ce3d030107")); // Add secp384r1 curves.push_back(ByteString("06052b81040022")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(*c); // Generate key-pairs CPPUNIT_ASSERT(ecdh->generateKeyPair(&kpa, p)); CPPUNIT_ASSERT(ecdh->generateKeyPair(&kpb, p)); // Derive secrets SymmetricKey* sa; CPPUNIT_ASSERT(ecdh->deriveKey(&sa, kpb->getPublicKey(), kpa->getPrivateKey())); SymmetricKey* sb; CPPUNIT_ASSERT(ecdh->deriveKey(&sb, kpa->getPublicKey(), kpb->getPrivateKey())); // Must be the same CPPUNIT_ASSERT(sa->getKeyBits() == sb->getKeyBits()); // Clean up ecdh->recycleSymmetricKey(sa); ecdh->recycleSymmetricKey(sb); ecdh->recycleKeyPair(kpa); ecdh->recycleKeyPair(kpb); ecdh->recycleParameters(p); } }
bool OSSLECDSA::reconstructParameters(AsymmetricParameters** ppParams, ByteString& serialisedData) { // Check input parameters if ((ppParams == NULL) || (serialisedData.size() == 0)) { return false; } ECParameters* params = new ECParameters(); if (!params->deserialise(serialisedData)) { delete params; return false; } *ppParams = params; return true; }
void EDDSATests::testDerivation() { AsymmetricKeyPair* kpa; AsymmetricKeyPair* kpb; ECParameters* p; // Curves to test std::vector<ByteString> curves; // Add x25519 curves.push_back(ByteString("06032b656e")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(*c); // Generate key-pairs CPPUNIT_ASSERT(eddsa->generateKeyPair(&kpa, p)); CPPUNIT_ASSERT(eddsa->generateKeyPair(&kpb, p)); // Derive secrets SymmetricKey* sa; CPPUNIT_ASSERT(eddsa->deriveKey(&sa, kpb->getPublicKey(), kpa->getPrivateKey())); SymmetricKey* sb; CPPUNIT_ASSERT(eddsa->deriveKey(&sb, kpa->getPublicKey(), kpb->getPrivateKey())); // Must be the same CPPUNIT_ASSERT(sa->getKeyBits() == sb->getKeyBits()); // Clean up eddsa->recycleSymmetricKey(sa); eddsa->recycleSymmetricKey(sb); eddsa->recycleKeyPair(kpa); eddsa->recycleKeyPair(kpb); eddsa->recycleParameters(p); } }
void EDDSATests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; // Curves to test std::vector<ByteString> curves; // Add ed25519 curves.push_back(ByteString("06032b6570")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(*c); // Generate key-pair CPPUNIT_ASSERT(eddsa->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data ByteString sig; CPPUNIT_ASSERT(eddsa->sign(kp->getPrivateKey(), dataToSign, sig, AsymMech::EDDSA)); // And verify it CPPUNIT_ASSERT(eddsa->verify(kp->getPublicKey(), dataToSign, sig, AsymMech::EDDSA)); eddsa->recycleKeyPair(kp); eddsa->recycleParameters(p); } }
void GOSTTests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; ByteString curve = "06072a850302022301"; CPPUNIT_ASSERT((gost = CryptoFactory::i()->getAsymmetricAlgorithm("gost"))); // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(curve); // Generate key-pair CPPUNIT_ASSERT(gost->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data ByteString sig; CPPUNIT_ASSERT(gost->sign(kp->getPrivateKey(), dataToSign, sig, "gost-gost")); // And verify it CPPUNIT_ASSERT(gost->verify(kp->getPublicKey(), dataToSign, sig, "gost-gost")); gost->recycleKeyPair(kp); gost->recycleParameters(p); CryptoFactory::i()->recycleAsymmetricAlgorithm(gost); gost = NULL; }
void GOSTTests::testSerialisation() { CPPUNIT_ASSERT((gost = CryptoFactory::i()->getAsymmetricAlgorithm("gost"))); // Get GOST R 34.10-2001 params-A domain parameters ECParameters* p = new ECParameters; p->setEC(ByteString("06072a850302022301")); // Serialise the parameters ByteString serialisedParams = p->serialise(); // Deserialise the parameters AsymmetricParameters* dEC; CPPUNIT_ASSERT(gost->reconstructParameters(&dEC, serialisedParams)); CPPUNIT_ASSERT(dEC->areOfType(ECParameters::type)); ECParameters* ddEC = (ECParameters*) dEC; CPPUNIT_ASSERT(p->getEC() == ddEC->getEC()); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(gost->generateKeyPair(&kp, dEC)); // Serialise the key-pair ByteString serialisedKP = kp->serialise(); // Deserialise the key-pair AsymmetricKeyPair* dKP; CPPUNIT_ASSERT(gost->reconstructKeyPair(&dKP, serialisedKP)); // Check the deserialised key-pair GOSTPrivateKey* privKey = (GOSTPrivateKey*) kp->getPrivateKey(); GOSTPublicKey* pubKey = (GOSTPublicKey*) kp->getPublicKey(); GOSTPrivateKey* dPrivKey = (GOSTPrivateKey*) dKP->getPrivateKey(); GOSTPublicKey* dPubKey = (GOSTPublicKey*) dKP->getPublicKey(); CPPUNIT_ASSERT(privKey->getD() == dPrivKey->getD()); CPPUNIT_ASSERT(pubKey->getQ() == dPubKey->getQ()); gost->recycleParameters(p); gost->recycleParameters(dEC); gost->recycleKeyPair(kp); gost->recycleKeyPair(dKP); CryptoFactory::i()->recycleAsymmetricAlgorithm(gost); gost = NULL; }
void ECDSATests::testSerialisation() { // Get prime256v1 domain parameters ECParameters* p = new ECParameters; p->setEC(ByteString("06082a8648ce3d030107")); // Serialise the parameters ByteString serialisedParams = p->serialise(); // Deserialise the parameters AsymmetricParameters* dEC; CPPUNIT_ASSERT(ecdsa->reconstructParameters(&dEC, serialisedParams)); CPPUNIT_ASSERT(dEC->areOfType(ECParameters::type)); ECParameters* ddEC = (ECParameters*) dEC; CPPUNIT_ASSERT(p->getEC() == ddEC->getEC()); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, dEC)); // Serialise the key-pair ByteString serialisedKP = kp->serialise(); // Deserialise the key-pair AsymmetricKeyPair* dKP; CPPUNIT_ASSERT(ecdsa->reconstructKeyPair(&dKP, serialisedKP)); // Check the deserialised key-pair ECPrivateKey* privKey = (ECPrivateKey*) kp->getPrivateKey(); ECPublicKey* pubKey = (ECPublicKey*) kp->getPublicKey(); ECPrivateKey* dPrivKey = (ECPrivateKey*) dKP->getPrivateKey(); ECPublicKey* dPubKey = (ECPublicKey*) dKP->getPublicKey(); CPPUNIT_ASSERT(privKey->getEC() == dPrivKey->getEC()); CPPUNIT_ASSERT(privKey->getD() == dPrivKey->getD()); CPPUNIT_ASSERT(pubKey->getEC() == dPubKey->getEC()); CPPUNIT_ASSERT(pubKey->getQ() == dPubKey->getQ()); ecdsa->recycleParameters(p); ecdsa->recycleParameters(dEC); ecdsa->recycleKeyPair(kp); ecdsa->recycleKeyPair(dKP); }
// Key factory bool OSSLGOST::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* /*rng = NULL */) { // Check parameters if ((ppKeyPair == NULL) || (parameters == NULL)) { return false; } if (!parameters->areOfType(ECParameters::type)) { ERROR_MSG("Invalid parameters supplied for GOST key generation"); return false; } ECParameters* params = (ECParameters*) parameters; ByteString paramA = "06072a850302022301"; if (params->getEC() != paramA) { ERROR_MSG("unsupported parameters"); return false; } // Generate the key-pair EVP_PKEY_CTX* ctx = NULL; EVP_PKEY* pkey = NULL; OSSLGOSTKeyPair* kp; ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, NULL); if (ctx == NULL) { ERROR_MSG("EVP_PKEY_CTX_new_id failed"); goto err; } if (EVP_PKEY_keygen_init(ctx) <= 0) { ERROR_MSG("EVP_PKEY_keygen_init failed"); goto err; } if (EVP_PKEY_CTX_ctrl_str(ctx, "paramset", "A") <= 0) { ERROR_MSG("EVP_PKEY_CTX_ctrl_str failed"); goto err; } if (EVP_PKEY_keygen(ctx, &pkey) <= 0) { ERROR_MSG("EVP_PKEY_keygen failed"); goto err; } EVP_PKEY_CTX_free(ctx); ctx = NULL; // Create an asymmetric key-pair object to return kp = new OSSLGOSTKeyPair(); ((OSSLGOSTPublicKey*) kp->getPublicKey())->setFromOSSL(pkey); ((OSSLGOSTPrivateKey*) kp->getPrivateKey())->setFromOSSL(pkey); *ppKeyPair = kp; // Release the key EVP_PKEY_free(pkey); return true; err: if (ctx != NULL) EVP_PKEY_CTX_free(ctx); if (pkey != NULL) EVP_PKEY_free(pkey); return false; }