/// <summary>
        /// Return an ASN.1 encoded representation of the implementing key in a SubjectPublicKeyInfo structure.
        /// </summary>
        /// <returns>An encoded representation of the key.</returns>
        public override byte[] GetEncoded()
        {
            DHDomainParameters dhParams = this.DomainParameters;

            if (publicKeyInfo != null)
            {
                return(KeyUtils.GetEncodedInfo(publicKeyInfo));
            }

            if (dhParams.Q == null)
            {
                if (Algorithm.Name.StartsWith("ELGAMAL"))
                {
                    return(KeyUtils.GetEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(dhParams.P, dhParams.G)), new DerInteger(mY)));
                }
                return(KeyUtils.GetEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PkcsObjectIdentifiers.DhKeyAgreement, new DHParameter(dhParams.P, dhParams.G, dhParams.L)), new DerInteger(mY)));
            }
            else
            {
                DHValidationParameters validationParameters = dhParams.ValidationParameters;

                if (validationParameters != null)
                {
                    return(KeyUtils.GetEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.DHPublicNumber, new Asn1.X9.DHDomainParameters(dhParams.P, dhParams.G, dhParams.Q, dhParams.J,
                                                                                                                                                              new DHValidationParms(validationParameters.GetSeed(), BigInteger.ValueOf(validationParameters.Counter)))), new DerInteger(mY)));
                }
                else
                {
                    return(KeyUtils.GetEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.DHPublicNumber, new Asn1.X9.DHDomainParameters(dhParams.P, dhParams.G, dhParams.Q, dhParams.J, null)), new DerInteger(mY)));
                }
            }
        }
        public bool Equals(
            object obj)
        {
            if (!(obj is DHDomainParameters))
            {
                return(false);
            }

            DHDomainParameters pm = (DHDomainParameters)obj;

            return(pm.P.Equals(p) && pm.G.Equals(g));
        }
Beispiel #3
0
 internal static BigInteger Validated(DHDomainParameters dhParams, BigInteger y)
 {
     if (dhParams.Q != null)
     {
         //  "SP 800-56A ASSURANCES", "The module is performing SP 800-56A Assurances self-test"
         //  "CONDITIONAL TEST", "SP 800-56A ASSURANCES CHECK", "Invoke SP 800-56A Assurances test"
         if (BigInteger.One.Equals(y.ModPow(dhParams.Q, dhParams.P)))
         {
             //  "SP 800-56A ASSURANCES CHECK", "CONDITIONAL TEST", "SP 800-56A Assurances test successful"
             return(y);
         }
         //  "SP 800-56A ASSURANCES CHECK", "CONDITIONAL TEST", "SP 800-56A Assurances test failed"
         throw new ArgumentException("Y value does not appear to be in correct group");
     }
     else
     {
         return(y);         // we can't validate without Q.
     }
 }
 public AsymmetricDHPublicKey(Algorithm algorithm, DHDomainParameters parameters, BigInteger y)
     : base(algorithm, parameters)
 {
     this.mY = KeyUtils.Validated(parameters, y);
 }
 /// <summary>
 /// Base constructor for a Diffie-Hellman private key.
 /// </summary>
 /// <param name="algorithm">The algorithm marker for this key.</param>
 /// <param name="parameters">The domain parameters for this key.</param>
 /// <param name="x">The private X value for this key.</param>
 public AsymmetricDHPrivateKey(Algorithm algorithm, DHDomainParameters parameters, BigInteger x)
     : base(algorithm, parameters)
 {
     this.x        = x;
     this.hashCode = CalculateHashCode();
 }
Beispiel #6
0
        private void checkKeyPairForConsistency(TPub publicKey, TPriv privateKey)
        {
            if (publicKey is AsymmetricECKey && privateKey is AsymmetricECKey)
            {
                AsymmetricECPrivateKey priv = privateKey as AsymmetricECPrivateKey;
                AsymmetricECPublicKey  pub  = publicKey as AsymmetricECPublicKey;

                if (!priv.DomainParameters.Equals(pub.DomainParameters))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("EC keys do not have the same domain parameters");
                }
                if (!priv.DomainParameters.G.Multiply(priv.S).Normalize().Equals(pub.W))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("EC public key not consistent with EC private key");
                }
            }
            else if (publicKey is AsymmetricDsaKey && privateKey is AsymmetricDsaKey)
            {
                AsymmetricDsaPrivateKey priv = privateKey as AsymmetricDsaPrivateKey;
                AsymmetricDsaPublicKey  pub  = publicKey as AsymmetricDsaPublicKey;

                DsaDomainParameters dsaParameters = priv.DomainParameters;
                if (!dsaParameters.Equals(pub.DomainParameters))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("DSA keys do not have the same domain parameters");
                }
                if (!dsaParameters.G.ModPow(priv.X, dsaParameters.P).Equals(pub.Y))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("DSA public key not consistent with DSA private key");
                }
            }
            else if (publicKey is AsymmetricRsaKey && privateKey is AsymmetricRsaKey)
            {
                AsymmetricRsaPrivateKey priv = privateKey as AsymmetricRsaPrivateKey;
                AsymmetricRsaPublicKey  pub  = publicKey as AsymmetricRsaPublicKey;

                if (!priv.Modulus.Equals(pub.Modulus))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("RSA keys do not have the same modulus");
                }
                BigInteger val = BigInteger.Two;
                if (!val.ModPow(priv.PrivateExponent, priv.Modulus).ModPow(pub.PublicExponent, priv.Modulus).Equals(val))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("RSA public key not consistent with RSA private key");
                }
            }
            else if (publicKey is AsymmetricDHKey && privateKey is AsymmetricDHKey)
            {
                AsymmetricDHPrivateKey priv = privateKey as AsymmetricDHPrivateKey;
                AsymmetricDHPublicKey  pub  = publicKey as  AsymmetricDHPublicKey;

                DHDomainParameters dhParameters = priv.DomainParameters;
                if (!dhParameters.Equals(pub.DomainParameters))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("DH keys do not have the same domain parameters");
                }
                if (!dhParameters.G.ModPow(priv.X, dhParameters.P).Equals(pub.Y))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("DH public key not consistent with DH private key");
                }
            }
            else if (publicKey is AsymmetricSphincsKey && privateKey is AsymmetricSphincsKey)
            {
                AsymmetricSphincsPrivateKey priv = privateKey as AsymmetricSphincsPrivateKey;
                AsymmetricSphincsPublicKey  pub  = publicKey as AsymmetricSphincsPublicKey;

                if (priv.TreeDigestAlgorithm != pub.TreeDigestAlgorithm)
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("Sphincs256 public key not consistent with Sphincs256 private key");
                }
                if (!IsRangeSame(priv.GetKeyData(), SPHINCS256Config.SEED_BYTES, pub.GetKeyData(), 0, Horst.N_MASKS * SPHINCS256Config.HASH_BYTES))
                {
                    // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                    throw new ArgumentException("Sphincs256 public key not consistent with Sphincs256 private key");
                }
            }
            else if (publicKey is AsymmetricNHKey && privateKey is AsymmetricNHKey)
            {
                AsymmetricNHPrivateKey priv = privateKey as AsymmetricNHPrivateKey;
                AsymmetricNHPublicKey  pub  = publicKey as AsymmetricNHPublicKey;
                // currently there doesn't either a good approach or much point to this one as the keys should be ephemeral and always generated locally.
            }
            else
            {
                // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed"
                throw new ArgumentException("Key pair inconsistent");
            }
        }
Beispiel #7
0
 internal AsymmetricDHKey(Algorithm algorithm, AlgorithmIdentifier algorithmIdentifier)
 {
     this.approvedModeOnly = CryptoServicesRegistrar.IsInApprovedOnlyMode();
     this.algorithm        = algorithm;
     this.domainParameters = DecodeDomainParameters(algorithmIdentifier);
 }
Beispiel #8
0
 internal AsymmetricDHKey(Algorithm algorithm, DHDomainParameters domainParameters)
 {
     this.approvedModeOnly = CryptoServicesRegistrar.IsInApprovedOnlyMode();
     this.algorithm        = algorithm;
     this.domainParameters = domainParameters;
 }