Inheritance: DHKeyParameters
Example #1
0
 public static BigInteger ComputeSharedSecret(string A, AsymmetricKeyParameter bPrivateKey, DHParameters internalParameters)
 {
     var importedKey = new DHPublicKeyParameters(new BigInteger(A), internalParameters);
     var internalKeyAgree = AgreementUtilities.GetBasicAgreement("DH");
     internalKeyAgree.Init(bPrivateKey);
     return internalKeyAgree.CalculateAgreement(importedKey);
 }
        public ServerDHParams(DHPublicKeyParameters publicKey)
        {
            if (publicKey == null)
                throw new ArgumentNullException("publicKey");

            this.mPublicKey = publicKey;
        }
        public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
			DHPrivateKeyParameters privateKey)
        {
            DHBasicAgreement dhAgree = new DHBasicAgreement();
            dhAgree.Init(privateKey);
            BigInteger agreement = dhAgree.CalculateAgreement(publicKey);
            return BigIntegers.AsUnsignedByteArray(agreement);
        }
 protected bool Equals(DHPublicKeyParameters other)
 {
     if (y.Equals(other.y))
     {
         return(Equals((DHKeyParameters)other));
     }
     return(false);
 }
Example #5
0
        public override bool Equals(object obj)
        {
            if (obj == this)
            {
                return(true);
            }
            DHPublicKeyParameters dHPublicKeyParameters = obj as DHPublicKeyParameters;

            return(dHPublicKeyParameters != null && this.Equals(dHPublicKeyParameters));
        }
Example #6
0
        public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
            DHPrivateKeyParameters privateKey)
        {
            DHBasicAgreement basicAgreement = new DHBasicAgreement();
            basicAgreement.Init(privateKey);
            BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey);

            /*
             * RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is
             * used as the pre_master_secret.
             */
            return BigIntegers.AsUnsignedByteArray(agreementValue);
        }
        public override bool Equals(object obj)
        {
            if (obj == this)
            {
                return(true);
            }
            DHPublicKeyParameters other = obj as DHPublicKeyParameters;

            if (other == null)
            {
                return(false);
            }
            return(this.Equals(other));
        }
        public override bool Equals(object obj)
        {
            if (obj == this)
            {
                return(true);
            }
            DHPublicKeyParameters dHPublicKeyParameters = obj as DHPublicKeyParameters;

            if (dHPublicKeyParameters == null)
            {
                return(false);
            }
            return(Equals(dHPublicKeyParameters));
        }
        /**
         * given a message from a given party and the corresponding public key
         * calculate the next message in the agreement sequence. In this case
         * this will represent the shared secret.
         */
        public IBigInteger CalculateAgreement(DHPublicKeyParameters pub, IBigInteger message)
        {
            if (pub == null)
                throw new ArgumentNullException("pub");
            if (message == null)
                throw new ArgumentNullException("message");

            if (!pub.Parameters.Equals(_dhParams))
            {
                throw new ArgumentException("Diffie-Hellman public key has wrong parameters.");
            }

            var p = _dhParams.P;
            return message.ModPow(_key.X, p).Multiply(pub.Y.ModPow(_privateValue, p)).Mod(p);
        }
Example #10
0
        /// <summary>
        /// 
        /// </summary>
        /// <param name="newagrlen">agreement length in bytes. Valid values are 32, 96, 128</param>
        public ECDHWrapper(int newagrlen)
        {
            DHKeyPairGenerator kpGen;
            this.initPG(newagrlen);
            kpGen = this.getDHKeyPairGenerator(this.g, this.p);
            this.agrlen = newagrlen;

            AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();

            this.pu1 = (DHPublicKeyParameters)pair.Public;
            this.pv1 = (DHPrivateKeyParameters)pair.Private;

            this.e1 = new DHAgreement();
            this.e1.Init(new ParametersWithRandom(this.pv1, new SecureRandom()));
            this.m1 = this.e1.CalculateMessage();

            this.pubdata = this.getPubData();
        }
Example #11
0
        /// <summary>
        /// Processes the request.
        /// </summary>
        /// <param name="header">The header.</param>
        /// <param name="publicKeyEncoded">The public key encoded.</param>
        /// <param name="response">The response.</param>
        /// <returns></returns>
        public static String ProcessRequest(ServerAuthority serverAuthority, byte[] publicKeyEncoded, RequestHeader header, String request)
        {
            if (header.MessageHeader.EncryptionHeader.EncryptionType != EncryptionTypes.None)
            {
                //byte[] publicKeyEncoded = client.RequestHeader.MessageHeader.EncryptionHeader.PublicKey;
                DHPublicKeyParameters publicKey = new DHPublicKeyParameters(
                    ((DHPublicKeyParameters)PublicKeyFactory.CreateKey(publicKeyEncoded)).Y, serverAuthority.Parameters);

                BigInteger agreementValue = serverAuthority.GenerateAgreementValue(publicKey);

                RijndaelCrypto crypto = new RijndaelCrypto();
                return crypto.Encrypt(request, agreementValue.ToString(16));
            }
            else
            {
                return request;
            }
        }
		public virtual void ProcessServerCertificate(Certificate serverCertificate)
		{
			X509CertificateStructure x509Cert = serverCertificate.certs[0];
			SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;

			try
			{
				this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo);
			}
			catch (Exception)
			{
				throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
			}

			if (tlsSigner == null)
			{
				try
				{
					this.dhAgreeServerPublicKey = ValidateDHPublicKey((DHPublicKeyParameters)this.serverPublicKey);
				}
				catch (InvalidCastException)
				{
					throw new TlsFatalAlert(AlertDescription.certificate_unknown);
				}

				TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
			}
			else
			{
				if (!tlsSigner.IsValidPublicKey(this.serverPublicKey))
				{
					throw new TlsFatalAlert(AlertDescription.certificate_unknown);
				}

				TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
			}

			// TODO
			/*
			* Perform various checks per RFC2246 7.4.2: "Unless otherwise specified, the
			* signing algorithm for the certificate must be the same as the algorithm for the
			* certificate key."
			*/
		}
        public override void ProcessServerCertificate(Certificate serverCertificate)
        {
            if (serverCertificate.IsEmpty)
                throw new TlsFatalAlert(AlertDescription.bad_certificate);

            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);

            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
            try
            {
                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
            }
            catch (Exception e)
            {
                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
            }

            if (mTlsSigner == null)
            {
                try
                {
                    this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)this.mServerPublicKey);
                    this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters);
                }
                catch (InvalidCastException e)
                {
                    throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
                }

                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
            }
            else
            {
                if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey))
                {
                    throw new TlsFatalAlert(AlertDescription.certificate_unknown);
                }

                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
            }

            base.ProcessServerCertificate(serverCertificate);
        }
        public void TestDH()
        {
            IBigInteger DHParraP = new BigInteger(Base64.Decode("ALJCm1CUL6mOnyVqWTSV6Z2+DVSGOvgboOhmbyyxCrym59uVnXMmPjIgQTrmniFg7PvdcN7NNFwFmcZleULso1s="));
            IBigInteger DHParraQ = new BigInteger(Base64.Decode("WSFNqEoX1MdPkrUsmkr0zt8GqkMdfA3QdDM3lliFXlNz7crOuZMfGRAgnXNPELB2fe64b2aaLgLM4zK8oXZRrQ=="));
            IBigInteger DHPubY = new BigInteger(Base64.Decode("AIki+8/zggCS2e488AsTNULI4LujdUeQQsZI949Dc9lKXZRmrPIC1h8NRoneHQEhpAe4Rhe0nhUOGZJekT5++SA="));
            IBigInteger DHPrivX = new BigInteger(Base64.Decode("Apo67noMRO5eDWo/TtpRiBmKGw7ywh25shIu0Rs03krQmWKRbDPvdygWdJ5IpW6ZbKlCTAMhSxpz03YSeSEDmw=="));

            DHParameters dhPara = new DHParameters(DHParraP, DHParraQ);
            DHPublicKeyParameters dhPublic = new DHPublicKeyParameters(DHPubY, dhPara);
            DHPrivateKeyParameters dhPrivate = new DHPrivateKeyParameters(DHPrivX, dhPara);

            SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dhPublic);
            PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dhPrivate);

            DHPublicKeyParameters testPubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubInfo);
            DHPrivateKeyParameters testPrivKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privInfo);

            Assert.IsFalse(!testPrivKey.Equals(dhPrivate), "DH: Private key to info back to key");
            Assert.IsFalse(!testPubKey.Equals(dhPublic), "DH: Public key to info back to key");

            Assert.IsTrue(true, "Diffe Helman Test worked.");
        }
        public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key)
        {
            BigInteger Y = key.Y;
            DHParameters parameters = key.Parameters;
            BigInteger p = parameters.P;
            BigInteger g = parameters.G;

            if (!p.IsProbablePrime(2))
            {
                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
            }
            if (g.CompareTo(BigInteger.Two) < 0 || g.CompareTo(p.Subtract(BigInteger.Two)) > 0)
            {
                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
            }
            if (Y.CompareTo(BigInteger.Two) < 0 || Y.CompareTo(p.Subtract(BigInteger.One)) > 0)
            {
                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
            }

            // TODO See RFC 2631 for more discussion of Diffie-Hellman validation

            return key;
        }
Example #16
0
		private DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key)
		{
			BigInteger Y = key.Y;
			DHParameters parameters = key.Parameters;
			BigInteger p = parameters.P;
			BigInteger g = parameters.G;

			if (!p.IsProbablePrime(2))
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_illegal_parameter);
			}
			if (g.CompareTo(BigInteger.Two) < 0 || g.CompareTo(p.Subtract(BigInteger.Two)) > 0)
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_illegal_parameter);
			}
			if (Y.CompareTo(BigInteger.Two) < 0 || Y.CompareTo(p.Subtract(BigInteger.One)) > 0)
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_illegal_parameter);
			}

			// TODO See RFC 2631 for more discussion of Diffie-Hellman validation

			return key;
		}
		protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
			DHPrivateKeyParameters privateKey)
		{
			DHBasicAgreement dhAgree = new DHBasicAgreement();
			dhAgree.Init(dhAgreeClientPrivateKey);
			BigInteger agreement = dhAgree.CalculateAgreement(dhAgreeServerPublicKey);
			return BigIntegers.AsUnsignedByteArray(agreement);
		}
Example #18
0
 public byte[] calcAgreementDef(Byte[] pubdata)
 {
     //int hdrSize =8
     //Reading header
     int bY2Size = BitConverter.ToInt32(pubdata, 0);
     int bm2Size = BitConverter.ToInt32(pubdata, 4);
     //Reading data
     int itr = 8;
     BigInteger Y2 = new BigInteger(pubdata, itr, bY2Size);
     itr += bY2Size;
     BigInteger m2 = new BigInteger(pubdata, itr, bm2Size);
     DHParameters newDHParameters = new DHParameters(this.p, this.g);
     DHPublicKeyParameters pu2 = new DHPublicKeyParameters(Y2, newDHParameters);
     return this.e1.CalculateAgreement(pu2, m2).ToByteArray();//Variable length (not necessary bits / 8)
 }
Example #19
0
		public void ProcessServerCertificate(Certificate serverCertificate)
		{
			X509CertificateStructure x509Cert = serverCertificate.certs[0];
			SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;

			try
			{
				this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo);
			}
//			catch (RuntimeException)
			catch (Exception)
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_unsupported_certificate);
			}

			// Sanity check the PublicKeyFactory
			if (this.serverPublicKey.IsPrivate)
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error);
			}

			// TODO 
			/*
			* Perform various checks per RFC2246 7.4.2: "Unless otherwise specified, the
			* signing algorithm for the certificate must be the same as the algorithm for the
			* certificate key."
			*/

			// TODO Should the 'is' tests be replaced with stricter checks on keyInfo.getAlgorithmId()?

			switch (this.keyExchange)
			{
				case TlsKeyExchangeAlgorithm.KE_DH_DSS:
					if (!(this.serverPublicKey is DHPublicKeyParameters))
					{
						handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_certificate_unknown);
					}
					// TODO The algorithm used to sign the certificate should be DSS.
//					x509Cert.getSignatureAlgorithm();
					this.dhAgreeServerPublicKey = ValidateDHPublicKey((DHPublicKeyParameters)this.serverPublicKey);
					break;
				case TlsKeyExchangeAlgorithm.KE_DH_RSA:
					if (!(this.serverPublicKey is DHPublicKeyParameters))
					{
						handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_certificate_unknown);
					}
					// TODO The algorithm used to sign the certificate should be RSA.
//					x509Cert.getSignatureAlgorithm();
					this.dhAgreeServerPublicKey = ValidateDHPublicKey((DHPublicKeyParameters)this.serverPublicKey);
					break;
				case TlsKeyExchangeAlgorithm.KE_DHE_RSA:
					if (!(this.serverPublicKey is RsaKeyParameters))
					{
						handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_certificate_unknown);
					}
					ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
					break;
				case TlsKeyExchangeAlgorithm.KE_DHE_DSS:
					if (!(this.serverPublicKey is DsaPublicKeyParameters))
					{
						handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_certificate_unknown);
					}
					break;
				default:
					handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_unsupported_certificate);
					break;
			}

			/*
			* Verify them.
			*/
			if (!this.verifyer.IsValid(serverCertificate.GetCerts()))
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_user_canceled);
			}
		}
        public override void ProcessServerKeyExchange(Stream input)
        {
            this.mPskIdentityHint = TlsUtilities.ReadOpaque16(input);

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                ServerDHParams serverDHParams = ServerDHParams.Parse(input);

                this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey);
                this.mDHParameters = mDHAgreePublicKey.Parameters;
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                ECDomainParameters ecParams = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input);

                byte[] point = TlsUtilities.ReadOpaque8(input);

                this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(
                    mClientECPointFormats, ecParams, point));
            }
        }
        public override void ProcessClientKeyExchange(Stream input)
        {
            if (mDHAgreePublicKey != null)
            {
                // For dss_fixed_dh and rsa_fixed_dh, the key arrived in the client certificate
                return;
            }

            BigInteger Yc = TlsDHUtilities.ReadDHParameter(input);

            this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(Yc, mDHParameters));
        }
Example #22
0
		public void ProcessServerKeyExchange(Stream input, SecurityParameters securityParameters)
		{
			if (tlsSigner == null)
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_unexpected_message);
			}

			Stream sigIn = input;
			ISigner signer = null;

			if (tlsSigner != null)
			{
				signer = InitSigner(tlsSigner, securityParameters);
				sigIn = new SignerStream(input, signer, null);
			}

			byte[] pBytes = TlsUtilities.ReadOpaque16(sigIn);
			byte[] gBytes = TlsUtilities.ReadOpaque16(sigIn);
			byte[] YsBytes = TlsUtilities.ReadOpaque16(sigIn);

			if (signer != null)
			{
				byte[] sigByte = TlsUtilities.ReadOpaque16(input);

				if (!signer.VerifySignature(sigByte))
				{
					handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_bad_certificate);
				}
			}

			BigInteger p = new BigInteger(1, pBytes);
			BigInteger g = new BigInteger(1, gBytes);
			BigInteger Ys = new BigInteger(1, YsBytes);

			this.dhAgreeServerPublicKey = ValidateDHPublicKey(
				new DHPublicKeyParameters(Ys, new DHParameters(p, g)));
		}
Example #23
0
        public override void ProcessServerKeyExchange(Stream input)
        {
            this.mPskIdentityHint = TlsUtilities.ReadOpaque16(input);

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                ServerDHParams serverDHParams = ServerDHParams.Parse(input);

                this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                // TODO[RFC 5489]
            }
        }
Example #24
0
		public void TestDH()
		{
			BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
			BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);

			DHParameters dhParams = new DHParameters(p512, g512);
			DHKeyGenerationParameters parameters = new DHKeyGenerationParameters(new SecureRandom(), dhParams);         DHKeyPairGenerator          kpGen = new DHKeyPairGenerator();

			kpGen.Init(parameters);

			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;

			DHPublicKeyParameters pu2 = new DHPublicKeyParameters(pu1.Y, pu1.Parameters);
			DHPrivateKeyParameters pv2 = new DHPrivateKeyParameters(pv1.X, pv1.Parameters);
			DHPublicKeyParameters pu3 = new DHPublicKeyParameters(pv1.X, pu1.Parameters);
			DHPrivateKeyParameters pv3 = new DHPrivateKeyParameters(pu1.Y, pu1.Parameters);

			doTest(pu1, pu2, pu3);
			doTest(pv1, pv2, pv3);

			DHParameters pr1 = pu1.Parameters;
			DHParameters pr2 = new DHParameters(
				pr1.P, pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
			DHParameters pr3 = new DHParameters(
				pr1.P.Add(BigInteger.Two), pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);

			doTest(pr1, pr2, pr3);

			pr3 = new DHParameters(
				pr1.P, pr1.G.Add(BigInteger.One), pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);

			doTest(pr1, pr2, pr3);

			pu2 = new DHPublicKeyParameters(pu1.Y, pr2);
			pv2 = new DHPrivateKeyParameters(pv1.X, pr2);

			doTest(pu1, pu2, pu3);
			doTest(pv1, pv2, pv3);

			DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024);
			DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024);
			DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024);

			doTest(vp1, vp1, vp3);
			doTest(vp1, vp2, vp3);

			byte[] bytes = new byte[20];
			bytes[0] = 1;

			vp3 = new DHValidationParameters(bytes, 1024);

			doTest(vp1, vp2, vp3);

			vp3 = new DHValidationParameters(new byte[20], 2048);

			doTest(vp1, vp2, vp3);

			DHTestKeyParameters k1 = new DHTestKeyParameters(false, null);
			DHTestKeyParameters k2 = new DHTestKeyParameters(false, null);
			DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.Parameters);

			doTest(k1, k2, k3);
		}
 protected bool Equals(DHPublicKeyParameters other) =>
 (this.y.Equals(other.y) && base.Equals((DHKeyParameters)other));
Example #26
0
        public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key)
        {
            DHParameters parameters = ValidateDHParameters(key.Parameters);

            BigInteger Y = key.Y;
            if (Y.CompareTo(Two) < 0 || Y.CompareTo(parameters.P.Subtract(Two)) > 0)
                throw new TlsFatalAlert(AlertDescription.illegal_parameter);

            // TODO See RFC 2631 for more discussion of Diffie-Hellman validation

            return key;
        }
        public override void ProcessClientKeyExchange(Stream input)
        {
            byte[] psk_identity = TlsUtilities.ReadOpaque16(input);

            this.mPsk = mPskIdentityManager.GetPsk(psk_identity);
            if (mPsk == null)
                throw new TlsFatalAlert(AlertDescription.unknown_psk_identity);

            mContext.SecurityParameters.pskIdentity = psk_identity;

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                BigInteger Yc = TlsDHUtilities.ReadDHParameter(input);

                this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(Yc, mDHParameters));
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                byte[] point = TlsUtilities.ReadOpaque8(input);

                ECDomainParameters curve_params = this.mECAgreePrivateKey.Parameters;

                this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(
                    mServerECPointFormats, curve_params, point));
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
            {
                byte[] encryptedPreMasterSecret;
                if (TlsUtilities.IsSsl(mContext))
                {
                    // TODO Do any SSLv3 clients actually include the length?
                    encryptedPreMasterSecret = Streams.ReadAll(input);
                }
                else
                {
                    encryptedPreMasterSecret = TlsUtilities.ReadOpaque16(input);
                }

                this.mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret);
            }
        }
		protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
			DHPrivateKeyParameters privateKey)
		{
			return TlsDHUtilities.CalculateDHBasicAgreement(publicKey, privateKey);
		}
		protected virtual DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key)
		{
			return TlsDHUtilities.ValidateDHPublicKey(key);
		}
Example #30
0
        private string GeneratePassword()
        {
            DHPublicKeyParameters publicKey = new DHPublicKeyParameters(
                ((DHPublicKeyParameters)PublicKeyFactory.CreateKey(encodedPublicKey)).Y, sharedParameters);

            IBasicAgreement agreement = AgreementUtilities.GetBasicAgreement("DH");
            agreement.Init(keyPair.Private);

            BigInteger agreementValue = agreement.CalculateAgreement(publicKey);
            return agreementValue.ToString(16);
        }
Example #31
0
		public virtual void ProcessServerKeyExchange(Stream input)
		{
			this.psk_identity_hint = TlsUtilities.ReadOpaque16(input);

			if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
			{
				byte[] pBytes = TlsUtilities.ReadOpaque16(input);
				byte[] gBytes = TlsUtilities.ReadOpaque16(input);
				byte[] YsBytes = TlsUtilities.ReadOpaque16(input);

				BigInteger p = new BigInteger(1, pBytes);
				BigInteger g = new BigInteger(1, gBytes);
				BigInteger Ys = new BigInteger(1, YsBytes);
				
				this.dhAgreeServerPublicKey = TlsDHUtilities.ValidateDHPublicKey(
					new DHPublicKeyParameters(Ys, new DHParameters(p, g)));
			}
			else if (this.psk_identity_hint.Length == 0)
			{
				// TODO Should we enforce that this message should have been skipped if hint is empty?
				//throw new TlsFatalAlert(AlertDescription.unexpected_message);
			}
		}
		protected bool Equals(
			DHPublicKeyParameters other)
		{
			return y.Equals(other.y) && base.Equals(other);
		}
 protected bool Equals(
     DHPublicKeyParameters other)
 {
     return(y.Equals(other.y) && base.Equals(other));
 }
        private void doTestGP(
			string		algName,
			int         size,
			int         privateValueSize,
			IBigInteger  g,
			IBigInteger  p)
        {
            IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator(algName);

            DHParameters dhParams = new DHParameters(p, g, null, privateValueSize);
            KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), dhParams);

            keyGen.Init(kgp);

            //
            // a side
            //
            IAsymmetricCipherKeyPair aKeyPair = keyGen.GenerateKeyPair();

            IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName);

            checkKeySize(privateValueSize, aKeyPair);

            aKeyAgreeBasic.Init(aKeyPair.Private);

            //
            // b side
            //
            IAsymmetricCipherKeyPair bKeyPair = keyGen.GenerateKeyPair();

            IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName);

            checkKeySize(privateValueSize, bKeyPair);

            bKeyAgreeBasic.Init(bKeyPair.Private);

            //
            // agreement
            //
            //			aKeyAgreeBasic.doPhase(bKeyPair.Public, true);
            //			bKeyAgreeBasic.doPhase(aKeyPair.Public, true);
            //
            //			IBigInteger  k1 = new BigInteger(aKeyAgreeBasic.generateSecret());
            //			IBigInteger  k2 = new BigInteger(bKeyAgreeBasic.generateSecret());
            IBigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public);
            IBigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public);

            if (!k1.Equals(k2))
            {
                Fail(size + " bit 2-way test failed");
            }

            //
            // public key encoding test
            //
            //			byte[]              pubEnc = aKeyPair.Public.GetEncoded();
            byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded();

            //			KeyFactory          keyFac = KeyFactory.getInstance(algName);
            //			X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
            //			DHPublicKey         pubKey = (DHPublicKey)keyFac.generatePublic(pubX509);
            DHPublicKeyParameters pubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc);
            //			DHParameterSpec     spec = pubKey.Parameters;
            DHParameters spec = pubKey.Parameters;

            if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
            {
                Fail(size + " bit public key encoding/decoding test failed on parameters");
            }

            if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y))
            {
                Fail(size + " bit public key encoding/decoding test failed on y value");
            }

            //
            // public key serialisation test
            //
            // TODO Put back in
            //			MemoryStream bOut = new MemoryStream();
            //			ObjectOutputStream oOut = new ObjectOutputStream(bOut);
            //
            //			oOut.WriteObject(aKeyPair.Public);
            //
            //			MemoryStream bIn = new MemoryStream(bOut.ToArray(), false);
            //			ObjectInputStream oIn = new ObjectInputStream(bIn);
            //
            //			pubKey = (DHPublicKeyParameters)oIn.ReadObject();
            spec = pubKey.Parameters;

            if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
            {
                Fail(size + " bit public key serialisation test failed on parameters");
            }

            if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y))
            {
                Fail(size + " bit public key serialisation test failed on y value");
            }

            //
            // private key encoding test
            //
            //			byte[] privEnc = aKeyPair.Private.GetEncoded();
            byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded();
            //			PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
            //			DHPrivateKeyParameters privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8);
            DHPrivateKeyParameters privKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc);

            spec = privKey.Parameters;

            if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
            {
                Fail(size + " bit private key encoding/decoding test failed on parameters");
            }

            if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X))
            {
                Fail(size + " bit private key encoding/decoding test failed on y value");
            }

            //
            // private key serialisation test
            //
            // TODO Put back in
            //			bOut = new MemoryStream();
            //			oOut = new ObjectOutputStream(bOut);
            //
            //			oOut.WriteObject(aKeyPair.Private);
            //
            //			bIn = new MemoryStream(bOut.ToArray(), false);
            //			oIn = new ObjectInputStream(bIn);
            //
            //			privKey = (DHPrivateKeyParameters)oIn.ReadObject();
            spec = privKey.Parameters;

            if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
            {
                Fail(size + " bit private key serialisation test failed on parameters");
            }

            if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X))
            {
                Fail(size + " bit private key serialisation test failed on y value");
            }

            //
            // three party test
            //
            IAsymmetricCipherKeyPairGenerator aPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
            aPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
            IAsymmetricCipherKeyPair aPair = aPairGen.GenerateKeyPair();

            IAsymmetricCipherKeyPairGenerator bPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
            bPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
            IAsymmetricCipherKeyPair bPair = bPairGen.GenerateKeyPair();

            IAsymmetricCipherKeyPairGenerator cPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
            cPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
            IAsymmetricCipherKeyPair cPair = cPairGen.GenerateKeyPair();

            IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
            aKeyAgree.Init(aPair.Private);

            IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
            bKeyAgree.Init(bPair.Private);

            IBasicAgreement cKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
            cKeyAgree.Init(cPair.Private);

            //			Key ac = aKeyAgree.doPhase(cPair.Public, false);
            //			Key ba = bKeyAgree.doPhase(aPair.Public, false);
            //			Key cb = cKeyAgree.doPhase(bPair.Public, false);
            //
            //			aKeyAgree.doPhase(cb, true);
            //			bKeyAgree.doPhase(ac, true);
            //			cKeyAgree.doPhase(ba, true);
            //
            //			IBigInteger aShared = new BigInteger(aKeyAgree.generateSecret());
            //			IBigInteger bShared = new BigInteger(bKeyAgree.generateSecret());
            //			IBigInteger cShared = new BigInteger(cKeyAgree.generateSecret());

            DHPublicKeyParameters ac = new DHPublicKeyParameters(aKeyAgree.CalculateAgreement(cPair.Public), spec);
            DHPublicKeyParameters ba = new DHPublicKeyParameters(bKeyAgree.CalculateAgreement(aPair.Public), spec);
            DHPublicKeyParameters cb = new DHPublicKeyParameters(cKeyAgree.CalculateAgreement(bPair.Public), spec);

            IBigInteger aShared = aKeyAgree.CalculateAgreement(cb);
            IBigInteger bShared = bKeyAgree.CalculateAgreement(ac);
            IBigInteger cShared = cKeyAgree.CalculateAgreement(ba);

            if (!aShared.Equals(bShared))
            {
                Fail(size + " bit 3-way test failed (a and b differ)");
            }

            if (!cShared.Equals(bShared))
            {
                Fail(size + " bit 3-way test failed (c and b differ)");
            }
        }