99 "88acba6b965610b5480109c8b17b80e1b7b750dfc7598d5d5011fd2dcc5600a3" +
100 "2ef5b52a1ecc820e308aa342721aac0943bf6686b64b2579376504ccc493d97e" +
101 "6aed3fb0f9cd71a43dd497f01f17c0e2cb3797aa2a2f256656168e6c496afc5f" +
102 "b93246f6b1116398a346f1a641f3b041e989f7914f90cc2c7fff357876e506b5" +
103 "0d334ba77c225bc307ba537152f3f1610e4eafe595f6d9d90d11faa933a15ef1" +
104 "369546868a7f3a45a96768d40fd9d03412c091c6315cf4fde7cb68606937380d" +
105 "b2eaaa707b4c4185c32eddcdd306705e4dc1ffc872eeee475a64dfac86aba41c" +
106 "0618983f8741c5ef68d3a101e8a3b8cac60c905c15fc910840b94c00a0b9d0",
107 "0aab4c900501b3e24d7cdf4663326a3a87df5e4843b2cbdb67cbf6e460fec350" +
108 "aa5371b1508f9f4528ecea23c436d94b5e8fcd4f681e30a6ac00a9704a188a03");
109
110 runSignTest("Ed25519", null,
111 "833fe62409237b9d62ec77587520911e9a759cec1d19755b7da901b96dca3d42",
112 "ec172b93ad5e563bf4932c70e1245034c35467ef2efd4d64ebf819683467e2bf",
113 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a" +
114 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f",
115 "dc2a4459e7369633a52b1bf277839a00201009a3efbf3ecb69bea2186c26b589" +
116 "09351fc9ac90b3ecfdfbc7c66431e0303dca179c138ac17ad9bef1177331a704");
117
118 // Ed25519ctx
119 byte[] context = Convert.hexStringToByteArray("666f6f");
120 runSignTest("Ed25519", new EdDSAParameterSpec(false, context),
121 "0305334e381af78f141cb666f6199f57bc3495335a256a95bd2a55bf546663f6",
122 "dfc9425e4f968f7f0c29f0259cf5f9aed6851c2bb4ad8bfb860cfee0ab248292",
123 "f726936d19c800494e3fdaff20b276a8",
124 "55a4cc2f70a54e04288c5f4cd1e45a7bb520b36292911876cada7323198dd87a" +
125 "8b36950b95130022907a7fb7c4e9b2d5f6cca685a587b4b21f4b888e4e7edb0d");
126
127 context = Convert.hexStringToByteArray("626172");
128 runSignTest("Ed25519", new EdDSAParameterSpec(false, context),
129 "0305334e381af78f141cb666f6199f57bc3495335a256a95bd2a55bf546663f6",
130 "dfc9425e4f968f7f0c29f0259cf5f9aed6851c2bb4ad8bfb860cfee0ab248292",
131 "f726936d19c800494e3fdaff20b276a8",
132 "fc60d5872fc46b3aa69f8b5b4351d5808f92bcc044606db097abab6dbcb1aee3" +
133 "216c48e8b3b66431b5b186d1d28f8ee15a5ca2df6668346291c2043d4eb3e90d");
134
135 context = Convert.hexStringToByteArray("666f6f");
136 runSignTest("Ed25519", new EdDSAParameterSpec(false, context),
137 "0305334e381af78f141cb666f6199f57bc3495335a256a95bd2a55bf546663f6",
138 "dfc9425e4f968f7f0c29f0259cf5f9aed6851c2bb4ad8bfb860cfee0ab248292",
139 "508e9e6882b979fea900f62adceaca35",
140 "8b70c1cc8310e1de20ac53ce28ae6e7207f33c3295e03bb5c0732a1d20dc6490" +
141 "8922a8b052cf99b7c4fe107a5abb5b2c4085ae75890d02df26269d8945f84b0b");
142
143 context = Convert.hexStringToByteArray("666f6f");
144 runSignTest("Ed25519", new EdDSAParameterSpec(false, context),
145 "ab9c2853ce297ddab85c993b3ae14bcad39b2c682beabc27d6d4eb20711d6560",
146 "0f1d1274943b91415889152e893d80e93275a1fc0b65fd71b4b0dda10ad7d772",
147 "f726936d19c800494e3fdaff20b276a8",
148 "21655b5f1aa965996b3f97b3c849eafba922a0a62992f73b3d1b73106a84ad85" +
149 "e9b86a7b6005ea868337ff2d20a7f5fbd4cd10b0be49a68da2b2e0dc0ad8960f");
150
151 // Ed25519ph
152 runSignTest("Ed25519", new EdDSAParameterSpec(true),
153 "833fe62409237b9d62ec77587520911e9a759cec1d19755b7da901b96dca3d42",
154 "ec172b93ad5e563bf4932c70e1245034c35467ef2efd4d64ebf819683467e2bf",
155 "616263",
156 "98a70222f0b8121aa9d30f813d683f809e462b469c7ff87639499bb94e6dae41" +
157 "31f85042463c2a355a2003d062adf5aaa10b8c61e636062aaad11c2a26083406");
158
159 // Ed448
160 runSignTest("Ed448", null,
161 "6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3" +
162 "528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b",
163 "5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778" +
164 "edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180",
165 "",
166 "533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f" +
167 "2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a" +
168 "9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4db" +
169 "b61149f05a7363268c71d95808ff2e652600");
170
171 runSignTest("Ed448", null,
172 "c4eab05d357007c632f3dbb48489924d552b08fe0c353a0d4a1f00acda2c463a" +
173 "fbea67c5e8d2877c5e3bc397a659949ef8021e954e0a12274e",
174 "43ba28f430cdff456ae531545f7ecd0ac834a55d9358c0372bfa0c6c6798c086" +
175 "6aea01eb00742802b8438ea4cb82169c235160627b4c3a9480",
176 "03",
177 "26b8f91727bd62897af15e41eb43c377efb9c610d48f2335cb0bd0087810f435" +
178 "2541b143c4b981b7e18f62de8ccdf633fc1bf037ab7cd779805e0dbcc0aae1cb" +
179 "cee1afb2e027df36bc04dcecbf154336c19f0af7e0a6472905e799f1953d2a0f" +
180 "f3348ab21aa4adafd1d234441cf807c03a00");
181
182 context = Convert.hexStringToByteArray("666f6f");
183 runSignTest("Ed448", new EdDSAParameterSpec(false, context),
184 "c4eab05d357007c632f3dbb48489924d552b08fe0c353a0d4a1f00acda2c463a" +
185 "fbea67c5e8d2877c5e3bc397a659949ef8021e954e0a12274e",
186 "43ba28f430cdff456ae531545f7ecd0ac834a55d9358c0372bfa0c6c6798c086" +
187 "6aea01eb00742802b8438ea4cb82169c235160627b4c3a9480",
188 "03",
189 "d4f8f6131770dd46f40867d6fd5d5055de43541f8c5e35abbcd001b32a89f7d2" +
190 "151f7647f11d8ca2ae279fb842d607217fce6e042f6815ea000c85741de5" +
191 "c8da1144a6a1aba7f96de42505d7a7298524fda538fccbbb754f578c1cad" +
192 "10d54d0d5428407e85dcbc98a49155c13764e66c3c00");
193
194 runSignTest("Ed448", null,
195 "cd23d24f714274e744343237b93290f511f6425f98e64459ff203e898508" +
196 "3ffdf60500553abc0e05cd02184bdb89c4ccd67e187951267eb328",
197 "dcea9e78f35a1bf3499a831b10b86c90aac01cd84b67a0109b55a36e9328" +
198 "b1e365fce161d71ce7131a543ea4cb5f7e9f1d8b00696447001400",
199 "0c3e544074ec63b0265e0c",
200 "1f0a8888ce25e8d458a21130879b840a9089d999aaba039eaf3e3afa090a09d3" +
201 "89dba82c4ff2ae8ac5cdfb7c55e94d5d961a29fe0109941e00b8dbdeea6d3b05" +
202 "1068df7254c0cdc129cbe62db2dc957dbb47b51fd3f213fb8698f064774250a5" +
308 "ad203df7dc7ce360c3cd3696d9d9fab90f00");
309
310 runSignTest("Ed448", new EdDSAParameterSpec(true, context),
311 "833fe62409237b9d62ec77587520911e9a759cec1d19755b7da901b96dca3d42" +
312 "ef7822e0d5104127dc05d6dbefde69e3ab2cec7c867c6e2c49",
313 "259b71c19f83ef77a7abd26524cbdb3161b590a48f7d17de3ee0ba9c52beb743" +
314 "c09428a131d6b1b57303d90d8132c276d5ed3d5d01c0f53880",
315 "616263",
316 "c32299d46ec8ff02b54540982814dce9a05812f81962b649d528095916a2aa48" +
317 "1065b1580423ef927ecf0af5888f90da0f6a9a85ad5dc3f280d91224ba9911a3" +
318 "653d00e484e2ce232521481c8658df304bb7745a73514cdb9bf3e15784ab7128" +
319 "4f8d0704a608c54a6b62d97beb511d132100");
320
321 System.out.println("All test vectors passed");
322 }
323
324 private static void runSignTest(String algorithm,
325 AlgorithmParameterSpec params, String privateKey, String publicKey,
326 String message, String signature) throws Exception {
327
328 byte[] privKeyBytes = Convert.hexStringToByteArray(privateKey);
329 EdECPoint pubKeyPoint = Convert.hexStringToEdPoint(publicKey);
330 byte[] msgBytes = Convert.hexStringToByteArray(message);
331 byte[] computedSig;
332
333 NamedParameterSpec namedSpec = new NamedParameterSpec(algorithm);
334 EdECPrivateKeySpec privKeySpec =
335 new EdECPrivateKeySpec(namedSpec, privKeyBytes);
336 KeyFactory kf = KeyFactory.getInstance(algorithm);
337 PrivateKey privKey = kf.generatePrivate(privKeySpec);
338 Signature sig = Signature.getInstance(algorithm);
339 if (params != null) {
340 sig.setParameter(params);
341 }
342 sig.initSign(privKey);
343 sig.update(msgBytes);
344 computedSig = sig.sign();
345 if (!Arrays.equals(computedSig,
346 Convert.hexStringToByteArray(signature))) {
347 throw new RuntimeException("Incorrect signature");
348 }
349
350 // test verification
351 sig = Signature.getInstance(algorithm);
352 if (params != null) {
353 sig.setParameter(params);
354 }
355 EdECPublicKeySpec pubKeySpec =
356 new EdECPublicKeySpec(namedSpec, pubKeyPoint);
357 PublicKey pubKey = kf.generatePublic(pubKeySpec);
358 sig.initVerify(pubKey);
359 sig.update(msgBytes);
360 if (!sig.verify(computedSig)) {
361 throw new RuntimeException("Signature did not verify");
362 }
363 }
364
365
366 private static void runBasicTests() throws Exception {
|
99 "88acba6b965610b5480109c8b17b80e1b7b750dfc7598d5d5011fd2dcc5600a3" +
100 "2ef5b52a1ecc820e308aa342721aac0943bf6686b64b2579376504ccc493d97e" +
101 "6aed3fb0f9cd71a43dd497f01f17c0e2cb3797aa2a2f256656168e6c496afc5f" +
102 "b93246f6b1116398a346f1a641f3b041e989f7914f90cc2c7fff357876e506b5" +
103 "0d334ba77c225bc307ba537152f3f1610e4eafe595f6d9d90d11faa933a15ef1" +
104 "369546868a7f3a45a96768d40fd9d03412c091c6315cf4fde7cb68606937380d" +
105 "b2eaaa707b4c4185c32eddcdd306705e4dc1ffc872eeee475a64dfac86aba41c" +
106 "0618983f8741c5ef68d3a101e8a3b8cac60c905c15fc910840b94c00a0b9d0",
107 "0aab4c900501b3e24d7cdf4663326a3a87df5e4843b2cbdb67cbf6e460fec350" +
108 "aa5371b1508f9f4528ecea23c436d94b5e8fcd4f681e30a6ac00a9704a188a03");
109
110 runSignTest("Ed25519", null,
111 "833fe62409237b9d62ec77587520911e9a759cec1d19755b7da901b96dca3d42",
112 "ec172b93ad5e563bf4932c70e1245034c35467ef2efd4d64ebf819683467e2bf",
113 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a" +
114 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f",
115 "dc2a4459e7369633a52b1bf277839a00201009a3efbf3ecb69bea2186c26b589" +
116 "09351fc9ac90b3ecfdfbc7c66431e0303dca179c138ac17ad9bef1177331a704");
117
118 // Ed25519ctx
119 byte[] context = Hex.decoder().decode("666f6f");
120 runSignTest("Ed25519", new EdDSAParameterSpec(false, context),
121 "0305334e381af78f141cb666f6199f57bc3495335a256a95bd2a55bf546663f6",
122 "dfc9425e4f968f7f0c29f0259cf5f9aed6851c2bb4ad8bfb860cfee0ab248292",
123 "f726936d19c800494e3fdaff20b276a8",
124 "55a4cc2f70a54e04288c5f4cd1e45a7bb520b36292911876cada7323198dd87a" +
125 "8b36950b95130022907a7fb7c4e9b2d5f6cca685a587b4b21f4b888e4e7edb0d");
126
127 context = Hex.decoder().decode("626172");
128 runSignTest("Ed25519", new EdDSAParameterSpec(false, context),
129 "0305334e381af78f141cb666f6199f57bc3495335a256a95bd2a55bf546663f6",
130 "dfc9425e4f968f7f0c29f0259cf5f9aed6851c2bb4ad8bfb860cfee0ab248292",
131 "f726936d19c800494e3fdaff20b276a8",
132 "fc60d5872fc46b3aa69f8b5b4351d5808f92bcc044606db097abab6dbcb1aee3" +
133 "216c48e8b3b66431b5b186d1d28f8ee15a5ca2df6668346291c2043d4eb3e90d");
134
135 context = Hex.decoder().decode("666f6f");
136 runSignTest("Ed25519", new EdDSAParameterSpec(false, context),
137 "0305334e381af78f141cb666f6199f57bc3495335a256a95bd2a55bf546663f6",
138 "dfc9425e4f968f7f0c29f0259cf5f9aed6851c2bb4ad8bfb860cfee0ab248292",
139 "508e9e6882b979fea900f62adceaca35",
140 "8b70c1cc8310e1de20ac53ce28ae6e7207f33c3295e03bb5c0732a1d20dc6490" +
141 "8922a8b052cf99b7c4fe107a5abb5b2c4085ae75890d02df26269d8945f84b0b");
142
143 context = Hex.decoder().decode("666f6f");
144 runSignTest("Ed25519", new EdDSAParameterSpec(false, context),
145 "ab9c2853ce297ddab85c993b3ae14bcad39b2c682beabc27d6d4eb20711d6560",
146 "0f1d1274943b91415889152e893d80e93275a1fc0b65fd71b4b0dda10ad7d772",
147 "f726936d19c800494e3fdaff20b276a8",
148 "21655b5f1aa965996b3f97b3c849eafba922a0a62992f73b3d1b73106a84ad85" +
149 "e9b86a7b6005ea868337ff2d20a7f5fbd4cd10b0be49a68da2b2e0dc0ad8960f");
150
151 // Ed25519ph
152 runSignTest("Ed25519", new EdDSAParameterSpec(true),
153 "833fe62409237b9d62ec77587520911e9a759cec1d19755b7da901b96dca3d42",
154 "ec172b93ad5e563bf4932c70e1245034c35467ef2efd4d64ebf819683467e2bf",
155 "616263",
156 "98a70222f0b8121aa9d30f813d683f809e462b469c7ff87639499bb94e6dae41" +
157 "31f85042463c2a355a2003d062adf5aaa10b8c61e636062aaad11c2a26083406");
158
159 // Ed448
160 runSignTest("Ed448", null,
161 "6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3" +
162 "528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b",
163 "5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778" +
164 "edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180",
165 "",
166 "533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f" +
167 "2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a" +
168 "9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4db" +
169 "b61149f05a7363268c71d95808ff2e652600");
170
171 runSignTest("Ed448", null,
172 "c4eab05d357007c632f3dbb48489924d552b08fe0c353a0d4a1f00acda2c463a" +
173 "fbea67c5e8d2877c5e3bc397a659949ef8021e954e0a12274e",
174 "43ba28f430cdff456ae531545f7ecd0ac834a55d9358c0372bfa0c6c6798c086" +
175 "6aea01eb00742802b8438ea4cb82169c235160627b4c3a9480",
176 "03",
177 "26b8f91727bd62897af15e41eb43c377efb9c610d48f2335cb0bd0087810f435" +
178 "2541b143c4b981b7e18f62de8ccdf633fc1bf037ab7cd779805e0dbcc0aae1cb" +
179 "cee1afb2e027df36bc04dcecbf154336c19f0af7e0a6472905e799f1953d2a0f" +
180 "f3348ab21aa4adafd1d234441cf807c03a00");
181
182 context = Hex.decoder().decode("666f6f");
183 runSignTest("Ed448", new EdDSAParameterSpec(false, context),
184 "c4eab05d357007c632f3dbb48489924d552b08fe0c353a0d4a1f00acda2c463a" +
185 "fbea67c5e8d2877c5e3bc397a659949ef8021e954e0a12274e",
186 "43ba28f430cdff456ae531545f7ecd0ac834a55d9358c0372bfa0c6c6798c086" +
187 "6aea01eb00742802b8438ea4cb82169c235160627b4c3a9480",
188 "03",
189 "d4f8f6131770dd46f40867d6fd5d5055de43541f8c5e35abbcd001b32a89f7d2" +
190 "151f7647f11d8ca2ae279fb842d607217fce6e042f6815ea000c85741de5" +
191 "c8da1144a6a1aba7f96de42505d7a7298524fda538fccbbb754f578c1cad" +
192 "10d54d0d5428407e85dcbc98a49155c13764e66c3c00");
193
194 runSignTest("Ed448", null,
195 "cd23d24f714274e744343237b93290f511f6425f98e64459ff203e898508" +
196 "3ffdf60500553abc0e05cd02184bdb89c4ccd67e187951267eb328",
197 "dcea9e78f35a1bf3499a831b10b86c90aac01cd84b67a0109b55a36e9328" +
198 "b1e365fce161d71ce7131a543ea4cb5f7e9f1d8b00696447001400",
199 "0c3e544074ec63b0265e0c",
200 "1f0a8888ce25e8d458a21130879b840a9089d999aaba039eaf3e3afa090a09d3" +
201 "89dba82c4ff2ae8ac5cdfb7c55e94d5d961a29fe0109941e00b8dbdeea6d3b05" +
202 "1068df7254c0cdc129cbe62db2dc957dbb47b51fd3f213fb8698f064774250a5" +
308 "ad203df7dc7ce360c3cd3696d9d9fab90f00");
309
310 runSignTest("Ed448", new EdDSAParameterSpec(true, context),
311 "833fe62409237b9d62ec77587520911e9a759cec1d19755b7da901b96dca3d42" +
312 "ef7822e0d5104127dc05d6dbefde69e3ab2cec7c867c6e2c49",
313 "259b71c19f83ef77a7abd26524cbdb3161b590a48f7d17de3ee0ba9c52beb743" +
314 "c09428a131d6b1b57303d90d8132c276d5ed3d5d01c0f53880",
315 "616263",
316 "c32299d46ec8ff02b54540982814dce9a05812f81962b649d528095916a2aa48" +
317 "1065b1580423ef927ecf0af5888f90da0f6a9a85ad5dc3f280d91224ba9911a3" +
318 "653d00e484e2ce232521481c8658df304bb7745a73514cdb9bf3e15784ab7128" +
319 "4f8d0704a608c54a6b62d97beb511d132100");
320
321 System.out.println("All test vectors passed");
322 }
323
324 private static void runSignTest(String algorithm,
325 AlgorithmParameterSpec params, String privateKey, String publicKey,
326 String message, String signature) throws Exception {
327
328 byte[] privKeyBytes = Hex.decoder().decode(privateKey);
329 EdECPoint pubKeyPoint = Convert.hexStringToEdPoint(publicKey);
330 byte[] msgBytes = Hex.decoder().decode(message);
331 byte[] computedSig;
332
333 NamedParameterSpec namedSpec = new NamedParameterSpec(algorithm);
334 EdECPrivateKeySpec privKeySpec =
335 new EdECPrivateKeySpec(namedSpec, privKeyBytes);
336 KeyFactory kf = KeyFactory.getInstance(algorithm);
337 PrivateKey privKey = kf.generatePrivate(privKeySpec);
338 Signature sig = Signature.getInstance(algorithm);
339 if (params != null) {
340 sig.setParameter(params);
341 }
342 sig.initSign(privKey);
343 sig.update(msgBytes);
344 computedSig = sig.sign();
345 if (!Arrays.equals(computedSig, Hex.decoder().decode(signature))) {
346 throw new RuntimeException("Incorrect signature");
347 }
348
349 // test verification
350 sig = Signature.getInstance(algorithm);
351 if (params != null) {
352 sig.setParameter(params);
353 }
354 EdECPublicKeySpec pubKeySpec =
355 new EdECPublicKeySpec(namedSpec, pubKeyPoint);
356 PublicKey pubKey = kf.generatePublic(pubKeySpec);
357 sig.initVerify(pubKey);
358 sig.update(msgBytes);
359 if (!sig.verify(computedSig)) {
360 throw new RuntimeException("Signature did not verify");
361 }
362 }
363
364
365 private static void runBasicTests() throws Exception {
|