/*
* Copyright (c) 2020, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import jdk.test.lib.Convert;
import java.security.*;
import java.security.spec.*;
import java.math.*;
import java.util.*;
/*
* @test
* @bug 8172366
* @summary Known Answer Test for ECDSA signature
* @library /test/lib
* @build jdk.test.lib.Convert
* @run main/othervm SignatureKAT
*/
public class SignatureKAT {
private static String checkHex(String hex) {
// if hex length is odd, need to prepend 0
if (hex.length() % 2 != 0) {
hex = "0" + hex;
}
return hex;
}
private static class CurveData {
private String name;
private byte[] msgBytes;
private BigInteger priv;
private BigInteger pubX;
private BigInteger pubY;
private static BigInteger toBigInteger(String hex) {
byte[] bytes = HexFormat.of().parseHex(checkHex(hex));
return new BigInteger(1, bytes);
}
CurveData(String name, String msg, String priv, String pubX,
String pubY) {
this.name = name;
this.msgBytes = msg.getBytes();
this.priv = toBigInteger(priv);
this.pubX = toBigInteger(pubX);
this.pubY = toBigInteger(pubY);
}
}
private static class TestData {
private String sigName;
private CurveData cd;
private byte[] expSig;
TestData(String sigName, CurveData cd, String r, String s) {
this.sigName = sigName;
this.cd = cd;
if (r.length() != s.length() || r != checkHex(r) ||
s != checkHex(s)) {
throw new RuntimeException("Error: invalid r, s");
}
this.expSig = HexFormat.of().parseHex(r + s);
}
}
// These test values are from the examples shown in the page below:
// https://csrc.nist.gov/projects/cryptographic-standards-and-guidelines/example-values
private static final CurveData P_256 = new CurveData(
"secp256r1", "Example of ECDSA with P-256",
"C477F9F65C22CCE20657FAA5B2D1D8122336F851A508A1ED04E479C34985BF96",
"B7E08AFDFE94BAD3F1DC8C734798BA1C62B3A0AD1E9EA2A38201CD0889BC7A19",
"3603F747959DBF7A4BB226E41928729063ADC7AE43529E61B563BBC606CC5E09"
);
private static final CurveData P_384 = new CurveData(
"secp384r1", "Example of ECDSA with P-384",
"F92C02ED629E4B48C0584B1C6CE3A3E3B4FAAE4AFC6ACB0455E73DFC392E6A0AE393A8565E6B9714D1224B57D83F8A08",
"3BF701BC9E9D36B4D5F1455343F09126F2564390F2B487365071243C61E6471FB9D2AB74657B82F9086489D9EF0F5CB5",
"D1A358EAFBF952E68D533855CCBDAA6FF75B137A5101443199325583552A6295FFE5382D00CFCDA30344A9B5B68DB855"
);
private static final CurveData P_521 = new CurveData(
"secp521r1", "Example of ECDSA with P-521",
"100085F47B8E1B8B11B7EB33028C0B2888E304BFC98501955B45BBA1478DC184EEEDF09B86A5F7C21994406072787205E69A63709FE35AA93BA333514B24F961722",
"98E91EEF9A68452822309C52FAB453F5F117C1DA8ED796B255E9AB8F6410CCA16E59DF403A6BDC6CA467A37056B1E54B3005D8AC030DECFEB68DF18B171885D5C4",
"164350C321AECFC1CCA1BA4364C9B15656150B4B78D6A48D7D28E7F31985EF17BE8554376B72900712C4B83AD668327231526E313F5F092999A4632FD50D946BC2E"
);
private static TestData[] TEST_DATUM = {
// secp256r1, secp384r1, and secp521r1 remain enabled
new TestData("SHA256withECDSAinP1363Format", P_256,
"2B42F576D07F4165FF65D1F3B1500F81E44C316F1F0B3EF57325B69ACA46104F",
"DC42C2122D6392CD3E3A993A89502A8198C1886FE69D262C4B329BDB6B63FAF1"),
new TestData("SHA3-256withECDSAinP1363Format", P_256,
"2B42F576D07F4165FF65D1F3B1500F81E44C316F1F0B3EF57325B69ACA46104F",
"0A861C2526900245C73BACB9ADAEC1A5ACB3BA1F7114A3C334FDCD5B7690DADD"),
new TestData("SHA384withECDSAinP1363Format", P_384,
"30EA514FC0D38D8208756F068113C7CADA9F66A3B40EA3B313D040D9B57DD41A332795D02CC7D507FCEF9FAF01A27088",
"CC808E504BE414F46C9027BCBF78ADF067A43922D6FCAA66C4476875FBB7B94EFD1F7D5DBE620BFB821C46D549683AD8"),
new TestData("SHA3-384withECDSAinP1363Format", P_384,
"30EA514FC0D38D8208756F068113C7CADA9F66A3B40EA3B313D040D9B57DD41A332795D02CC7D507FCEF9FAF01A27088",
"691B9D4969451A98036D53AA725458602125DE74881BBC333012CA4FA55BDE39D1BF16A6AAE3FE4992C567C6E7892337"),
new TestData("SHA512withECDSAinP1363Format", P_521,
"0140C8EDCA57108CE3F7E7A240DDD3AD74D81E2DE62451FC1D558FDC79269ADACD1C2526EEEEF32F8C0432A9D56E2B4A8A732891C37C9B96641A9254CCFE5DC3E2BA",
"00D72F15229D0096376DA6651D9985BFD7C07F8D49583B545DB3EAB20E0A2C1E8615BD9E298455BDEB6B61378E77AF1C54EEE2CE37B2C61F5C9A8232951CB988B5B1"),
new TestData("SHA3-512withECDSAinP1363Format", P_521,
"0140C8EDCA57108CE3F7E7A240DDD3AD74D81E2DE62451FC1D558FDC79269ADACD1C2526EEEEF32F8C0432A9D56E2B4A8A732891C37C9B96641A9254CCFE5DC3E2BA",
"00B25188492D58E808EDEBD7BF440ED20DB771CA7C618595D5398E1B1C0098E300D8C803EC69EC5F46C84FC61967A302D366C627FCFA56F87F241EF921B6E627ADBF"),
};
private static void runTest(TestData td) throws Exception {
System.out.println("Testing " + td.sigName + " with " + td.cd.name);
AlgorithmParameters params =
AlgorithmParameters.getInstance("EC", "SunEC");
params.init(new ECGenParameterSpec(td.cd.name));
ECParameterSpec ecParams =
params.getParameterSpec(ECParameterSpec.class);
KeyFactory kf = KeyFactory.getInstance("EC", "SunEC");
PrivateKey privKey = kf.generatePrivate
(new ECPrivateKeySpec(td.cd.priv, ecParams));
Signature sig = Signature.getInstance(td.sigName, "SunEC");
sig.initSign(privKey);
sig.update(td.cd.msgBytes);
// NOTE: there is no way to set the nonce value into current SunEC
// ECDSA signature, thus the output signature bytes likely won't
// match the expected signature bytes
byte[] ov = sig.sign();
ECPublicKeySpec pubKeySpec = new ECPublicKeySpec
(new ECPoint(td.cd.pubX, td.cd.pubY), ecParams);
PublicKey pubKey = kf.generatePublic(pubKeySpec);
sig.initVerify(pubKey);
sig.update(td.cd.msgBytes);
if (!sig.verify(ov)) {
throw new RuntimeException("Error verifying actual sig bytes");
}
sig.update(td.cd.msgBytes);
if (!sig.verify(td.expSig)) {
throw new RuntimeException("Error verifying expected sig bytes");
}
}
public static void main(String[] args) throws Exception {
for (TestData td : TEST_DATUM) {
runTest(td);
}
}
}
¤ Dauer der Verarbeitung: 0.25 Sekunden
(vorverarbeitet)
¤
|
Haftungshinweis
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung ist noch experimentell.
|
