public Ed25519PublicKey(EdDSAPublicKeySpec spec) { super(spec); EdDSANamedCurveSpec ed25519 = EdDSANamedCurveTable.getByName("Ed25519"); if (!spec.getParams().getCurve().equals(ed25519.getCurve())) { throw new SSHRuntimeException("Cannot create Ed25519 Public Key from wrong spec"); } }
public static void defineCurve(EdDSANamedCurveSpec curve) { putCurve(curve.getName().toLowerCase(Locale.ENGLISH), curve); }
/** * Test method for precomputation. */ @Test public void testPrecompute() { GroupElement B = ed25519.getB(); assertThat(B.precmp, is(equalTo(PrecomputationTestVectors.testPrecmp))); assertThat(B.dblPrecmp, is(equalTo(PrecomputationTestVectors.testDblPrecmp))); }
@Test public void testb() { int b = curve.getField().getb(); assertThat(b, is(greaterThanOrEqualTo(10))); try { MessageDigest h = MessageDigest.getInstance(ed25519.getHashAlgorithm()); assertThat(8 * h.getDigestLength(), is(equalTo(2 * b))); } catch (NoSuchAlgorithmException e) { fail(e.getMessage()); } }
/** * Sign aribitrary binary input. * * @param input the bytes to sign * @return the signature for the input from the NKey * * @throws GeneralSecurityException if there is an encryption problem * @throws IOException if there is a problem reading the data */ public byte[] sign(byte[] input) throws GeneralSecurityException, IOException { Signature sgr = new EdDSAEngine(MessageDigest.getInstance(NKey.ed25519.getHashAlgorithm())); PrivateKey sKey = getKeyPair().getPrivate(); sgr.initSign(sKey); sgr.update(input); return sgr.sign(); }
public static GroupElement[] getDoublePrecomputation(String fileName) { EdDSANamedCurveSpec ed25519 = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); Curve curve = ed25519.getCurve(); Field field = curve.getField(); GroupElement[] dblPrecmp = new GroupElement[8];
/** * Sign aribitrary binary input. * * @param input the bytes to sign * @return the signature for the input from the NKey * * @throws GeneralSecurityException if there is an encryption problem * @throws IOException if there is a problem reading the data */ public byte[] sign(byte[] input) throws GeneralSecurityException, IOException { Signature sgr = new EdDSAEngine(MessageDigest.getInstance(NKey.ed25519.getHashAlgorithm())); PrivateKey sKey = getKeyPair().getPrivate(); sgr.initSign(sKey); sgr.update(input); return sgr.sign(); }
@Test public void dblPrecomputedTableContainsExpectedGroupElements() { // Arrange: GroupElement g = ed25519.getB(); GroupElement h = MathUtils.addGroupElements(g, g); // Act + Assert: for (int i=0; i<8; i++) { Assert.assertThat(MathUtils.toRepresentation(g, GroupElement.Representation.PRECOMP), IsEqual.equalTo(ed25519.getB().dblPrecmp[i])); g = MathUtils.addGroupElements(g, h); } }
public static void defineCurve(EdDSANamedCurveSpec curve) { putCurve(curve.getName().toLowerCase(Locale.ENGLISH), curve); }
public static GroupElement[][] getPrecomputation(String fileName) { EdDSANamedCurveSpec ed25519 = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.ED_25519); Curve curve = ed25519.getCurve(); Field field = curve.getField(); GroupElement[][] precmp = new GroupElement[32][8];
/** * Verify a signature. * * @param input the bytes that were signed * @param signature the bytes for the signature * @return true if the signature matches this keys signature for the input. * * @throws GeneralSecurityException if there is an encryption problem * @throws IOException if there is a problem reading the data */ public boolean verify(byte[] input, byte[] signature) throws GeneralSecurityException, IOException { Signature sgr = new EdDSAEngine(MessageDigest.getInstance(NKey.ed25519.getHashAlgorithm())); PublicKey sKey = null; if (privateKeyAsSeed != null) { sKey = getKeyPair().getPublic(); } else { char[] encodedPublicKey = getPublicKey(); byte[] decodedPublicKey = decode(this.type, encodedPublicKey, false); EdDSAPublicKeySpec pubKeySpec = new EdDSAPublicKeySpec(decodedPublicKey, NKey.ed25519); sKey = new EdDSAPublicKey(pubKeySpec); } sgr.initVerify(sKey); sgr.update(input); return sgr.verify(signature); }
@Test public void testB() { GroupElement B = ed25519.getB(); assertThat(B.isOnCurve(curve), is(true)); //assertThat(B.scalarMultiply(new BigIntegerLittleEndianEncoding().encode(ed25519.getL(), curve.getField().getb()/8)), is(equalTo(P3_ZERO))); } }
private static NKey createPair(Type type, SecureRandom random) throws IOException, NoSuchProviderException, NoSuchAlgorithmException { if (random == null) { random = SecureRandom.getInstance("SHA1PRNG", "SUN"); } byte[] seed = new byte[NKey.ed25519.getCurve().getField().getb() / 8]; random.nextBytes(seed); return createPair(type, seed); }
/** * Verify a signature. * * @param input the bytes that were signed * @param signature the bytes for the signature * @return true if the signature matches this keys signature for the input. * * @throws GeneralSecurityException if there is an encryption problem * @throws IOException if there is a problem reading the data */ public boolean verify(byte[] input, byte[] signature) throws GeneralSecurityException, IOException { Signature sgr = new EdDSAEngine(MessageDigest.getInstance(NKey.ed25519.getHashAlgorithm())); PublicKey sKey = null; if (privateKeyAsSeed != null) { sKey = getKeyPair().getPublic(); } else { char[] encodedPublicKey = getPublicKey(); byte[] decodedPublicKey = decode(this.type, encodedPublicKey, false); EdDSAPublicKeySpec pubKeySpec = new EdDSAPublicKeySpec(decodedPublicKey, NKey.ed25519); sKey = new EdDSAPublicKey(pubKeySpec); } sgr.initVerify(sKey); sgr.update(input); return sgr.verify(signature); }
@Test public void precomputedTableContainsExpectedGroupElements() { // Arrange: GroupElement g = ed25519.getB(); // Act + Assert: for (int i = 0; i < 32; i++) { GroupElement h = g; for (int j = 0; j < 8; j++) { Assert.assertThat(MathUtils.toRepresentation(h, GroupElement.Representation.PRECOMP), IsEqual.equalTo(ed25519.getB().precmp[i][j])); h = MathUtils.addGroupElements(h, g); } for (int k = 0; k < 8; k++) { g = MathUtils.addGroupElements(g, g); } } }
private static NKey createPair(Type type, SecureRandom random) throws IOException, NoSuchProviderException, NoSuchAlgorithmException { if (random == null) { random = SecureRandom.getInstance("SHA1PRNG", "SUN"); } byte[] seed = new byte[NKey.ed25519.getCurve().getField().getb() / 8]; random.nextBytes(seed); return createPair(type, seed); }
/** * Test method for {@link GroupElement#scalarMultiply(byte[])}. * Test values generated with Python Ed25519 implementation. */ @Test public void testScalarMultiplyByteArray() { // Little-endian byte[] zero = Utils.hexToBytes("0000000000000000000000000000000000000000000000000000000000000000"); byte[] one = Utils.hexToBytes("0100000000000000000000000000000000000000000000000000000000000000"); byte[] two = Utils.hexToBytes("0200000000000000000000000000000000000000000000000000000000000000"); byte[] a = Utils.hexToBytes("d072f8dd9c07fa7bc8d22a4b325d26301ee9202f6db89aa7c3731529e37e437c"); GroupElement A = new GroupElement(curve, Utils.hexToBytes("d4cf8595571830644bd14af416954d09ab7159751ad9e0f7a6cbd92379e71a66")); assertThat("scalarMultiply(0) failed", ed25519.getB().scalarMultiply(zero), is(equalTo(curve.getZero(GroupElement.Representation.P3)))); assertThat("scalarMultiply(1) failed", ed25519.getB().scalarMultiply(one), is(equalTo(ed25519.getB()))); assertThat("scalarMultiply(2) failed", ed25519.getB().scalarMultiply(two), is(equalTo(ed25519.getB().dbl()))); assertThat("scalarMultiply(a) failed", ed25519.getB().scalarMultiply(a), is(equalTo(A))); }
public Ed25519PublicKey(EdDSAPublicKeySpec spec) { super(spec); EdDSANamedCurveSpec ed25519 = EdDSANamedCurveTable.getByName("Ed25519"); if (!spec.getParams().getCurve().equals(ed25519.getCurve())) { throw new SSHRuntimeException("Cannot create Ed25519 Public Key from wrong spec"); } }
/** * Test method for {@link GroupElement#dbl()}. */ @Test public void testDbl() { GroupElement B = ed25519.getB(); // 2 * B = B + B assertThat(B.dbl(), is(equalTo(B.add(B.toCached())))); }
@Test public void scalarMultiplyBasePointWithOneReturnsBasePoint() { // Arrange: final GroupElement basePoint = ed25519.getB(); // Act: final GroupElement g = basePoint.scalarMultiply(curve.getField().ONE.toByteArray()); // Assert: Assert.assertThat(basePoint, IsEqual.equalTo(g)); }