public static AsymmetricCipherKeyPair GenerateKeys(DHParameters parameters)
{
var keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
var kgp = new DHKeyGenerationParameters(new SecureRandom(), parameters);
keyGen.Init(kgp);
return keyGen.GenerateKeyPair();
}
public DHProvider(DHParameters parameters)
{
_parameters = parameters;
IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), _parameters);
keyGen.Init(kgp);
_kp = keyGen.GenerateKeyPair();
}
public ServerAuthority(DHParameters parameters)
{
this.parameters = parameters;
IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), parameters);
keyGen.Init(kgp);
kp = keyGen.GenerateKeyPair();
agreement = AgreementUtilities.GetBasicAgreement("DH");
agreement.Init(kp.Private);
}
/// <summary>
/// Create a Diffie-Hellman key pair mixture.
/// </summary>
/// <returns>KeyPair mixture</returns>
public KeyPair Mix()
{
var cipherKeyPairGenerator = GeneratorUtilities.GetKeyPairGenerator("DiffieHellman");
var diffieHellmanParameters = new DHParameters(_common.P, _common.G, null);
KeyGenerationParameters diffieHellmanKeyGenerationParameters = new DHKeyGenerationParameters(new Org.BouncyCastle.Security.SecureRandom(), diffieHellmanParameters);
cipherKeyPairGenerator.Init(diffieHellmanKeyGenerationParameters);
var asymmetricKeyPair = cipherKeyPairGenerator.GenerateKeyPair();
var agreement = AgreementUtilities.GetBasicAgreement("DiffieHellman");
agreement.Init(asymmetricKeyPair.Private);
return new KeyPair() { Private = ((DHPrivateKeyParameters)asymmetricKeyPair.Private).X.ToString(), Public = ((DHPublicKeyParameters)asymmetricKeyPair.Public).Y.ToString() };
}
public virtual void Init(
KeyGenerationParameters parameters)
{
this.param = (DHKeyGenerationParameters)parameters;
}
/**
* this test is can take quiet a while
*/
private void doTestGeneration(
int size)
{
DHParametersGenerator pGen = new DHParametersGenerator();
pGen.Init(size, 10, new SecureRandom());
DHParameters dhParams = pGen.GenerateParameters();
if (dhParams.L != 0)
{
Fail("DHParametersGenerator failed to set J to 0 in generated DHParameters");
}
DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator();
kpGen.Init(dhkgParams);
//
// generate first pair
//
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
//
// generate second pair
//
dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), pu1.Parameters);
kpGen.Init(dhkgParams);
pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
//
// two way
//
DHBasicAgreement e1 = new DHBasicAgreement();
DHBasicAgreement e2 = new DHBasicAgreement();
e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));
BigInteger k1 = e1.CalculateAgreement(pu2);
BigInteger k2 = e2.CalculateAgreement(pu1);
if (!k1.Equals(k2))
{
Fail("basic with " + size + " bit 2-way test failed");
}
}
private DHKeyPairGenerator getDHKeyPairGenerator(
BigInteger g,
BigInteger p)
{
DHParameters dhParams = new DHParameters(p, g);
DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
DHKeyPairGenerator kpGen = new DHKeyPairGenerator();
kpGen.Init(dhkgParams);
return kpGen;
}
private DHBasicKeyPairGenerator getDHBasicKeyPairGenerator(
BigInteger g,
BigInteger p,
int privateValueSize)
{
DHParameters dhParams = new DHParameters(p, g, null, privateValueSize);
DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator();
kpGen.Init(dhkgParams);
return kpGen;
}
public void TestDH()
{
BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
DHParameters dhParams = new DHParameters(p512, g512);
DHKeyGenerationParameters parameters = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHKeyPairGenerator kpGen = new DHKeyPairGenerator();
kpGen.Init(parameters);
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
DHPublicKeyParameters pu2 = new DHPublicKeyParameters(pu1.Y, pu1.Parameters);
DHPrivateKeyParameters pv2 = new DHPrivateKeyParameters(pv1.X, pv1.Parameters);
DHPublicKeyParameters pu3 = new DHPublicKeyParameters(pv1.X, pu1.Parameters);
DHPrivateKeyParameters pv3 = new DHPrivateKeyParameters(pu1.Y, pu1.Parameters);
doTest(pu1, pu2, pu3);
doTest(pv1, pv2, pv3);
DHParameters pr1 = pu1.Parameters;
DHParameters pr2 = new DHParameters(
pr1.P, pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
DHParameters pr3 = new DHParameters(
pr1.P.Add(BigInteger.Two), pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
doTest(pr1, pr2, pr3);
pr3 = new DHParameters(
pr1.P, pr1.G.Add(BigInteger.One), pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
doTest(pr1, pr2, pr3);
pu2 = new DHPublicKeyParameters(pu1.Y, pr2);
pv2 = new DHPrivateKeyParameters(pv1.X, pr2);
doTest(pu1, pu2, pu3);
doTest(pv1, pv2, pv3);
DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024);
DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024);
DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024);
doTest(vp1, vp1, vp3);
doTest(vp1, vp2, vp3);
byte[] bytes = new byte[20];
bytes[0] = 1;
vp3 = new DHValidationParameters(bytes, 1024);
doTest(vp1, vp2, vp3);
vp3 = new DHValidationParameters(new byte[20], 2048);
doTest(vp1, vp2, vp3);
DHTestKeyParameters k1 = new DHTestKeyParameters(false, null);
DHTestKeyParameters k2 = new DHTestKeyParameters(false, null);
DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.Parameters);
doTest(k1, k2, k3);
}
public DHKeyGenerationParameters(SecureRandom random, DHParameters parameters) : base(random, DHKeyGenerationParameters.GetStrength(parameters))
{
this.parameters = parameters;
}
private void doTestGP(
string algName,
int size,
int privateValueSize,
IBigInteger g,
IBigInteger p)
{
IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator(algName);
DHParameters dhParams = new DHParameters(p, g, null, privateValueSize);
KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
keyGen.Init(kgp);
//
// a side
//
IAsymmetricCipherKeyPair aKeyPair = keyGen.GenerateKeyPair();
IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName);
checkKeySize(privateValueSize, aKeyPair);
aKeyAgreeBasic.Init(aKeyPair.Private);
//
// b side
//
IAsymmetricCipherKeyPair bKeyPair = keyGen.GenerateKeyPair();
IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName);
checkKeySize(privateValueSize, bKeyPair);
bKeyAgreeBasic.Init(bKeyPair.Private);
//
// agreement
//
// aKeyAgreeBasic.doPhase(bKeyPair.Public, true);
// bKeyAgreeBasic.doPhase(aKeyPair.Public, true);
//
// IBigInteger k1 = new BigInteger(aKeyAgreeBasic.generateSecret());
// IBigInteger k2 = new BigInteger(bKeyAgreeBasic.generateSecret());
IBigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public);
IBigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public);
if (!k1.Equals(k2))
{
Fail(size + " bit 2-way test failed");
}
//
// public key encoding test
//
// byte[] pubEnc = aKeyPair.Public.GetEncoded();
byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded();
// KeyFactory keyFac = KeyFactory.getInstance(algName);
// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
// DHPublicKey pubKey = (DHPublicKey)keyFac.generatePublic(pubX509);
DHPublicKeyParameters pubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc);
// DHParameterSpec spec = pubKey.Parameters;
DHParameters spec = pubKey.Parameters;
if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
{
Fail(size + " bit public key encoding/decoding test failed on parameters");
}
if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y))
{
Fail(size + " bit public key encoding/decoding test failed on y value");
}
//
// public key serialisation test
//
// TODO Put back in
// MemoryStream bOut = new MemoryStream();
// ObjectOutputStream oOut = new ObjectOutputStream(bOut);
//
// oOut.WriteObject(aKeyPair.Public);
//
// MemoryStream bIn = new MemoryStream(bOut.ToArray(), false);
// ObjectInputStream oIn = new ObjectInputStream(bIn);
//
// pubKey = (DHPublicKeyParameters)oIn.ReadObject();
spec = pubKey.Parameters;
if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
{
Fail(size + " bit public key serialisation test failed on parameters");
}
if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y))
{
Fail(size + " bit public key serialisation test failed on y value");
}
//
// private key encoding test
//
// byte[] privEnc = aKeyPair.Private.GetEncoded();
byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded();
// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
// DHPrivateKeyParameters privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8);
DHPrivateKeyParameters privKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc);
spec = privKey.Parameters;
if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
{
Fail(size + " bit private key encoding/decoding test failed on parameters");
}
if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X))
{
Fail(size + " bit private key encoding/decoding test failed on y value");
}
//
// private key serialisation test
//
// TODO Put back in
// bOut = new MemoryStream();
// oOut = new ObjectOutputStream(bOut);
//
// oOut.WriteObject(aKeyPair.Private);
//
// bIn = new MemoryStream(bOut.ToArray(), false);
// oIn = new ObjectInputStream(bIn);
//
// privKey = (DHPrivateKeyParameters)oIn.ReadObject();
spec = privKey.Parameters;
if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
{
Fail(size + " bit private key serialisation test failed on parameters");
}
if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X))
{
Fail(size + " bit private key serialisation test failed on y value");
}
//
// three party test
//
IAsymmetricCipherKeyPairGenerator aPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
aPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
IAsymmetricCipherKeyPair aPair = aPairGen.GenerateKeyPair();
IAsymmetricCipherKeyPairGenerator bPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
bPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
IAsymmetricCipherKeyPair bPair = bPairGen.GenerateKeyPair();
IAsymmetricCipherKeyPairGenerator cPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
cPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
IAsymmetricCipherKeyPair cPair = cPairGen.GenerateKeyPair();
IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
aKeyAgree.Init(aPair.Private);
IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
bKeyAgree.Init(bPair.Private);
IBasicAgreement cKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
cKeyAgree.Init(cPair.Private);
// Key ac = aKeyAgree.doPhase(cPair.Public, false);
// Key ba = bKeyAgree.doPhase(aPair.Public, false);
// Key cb = cKeyAgree.doPhase(bPair.Public, false);
//
// aKeyAgree.doPhase(cb, true);
// bKeyAgree.doPhase(ac, true);
// cKeyAgree.doPhase(ba, true);
//
// IBigInteger aShared = new BigInteger(aKeyAgree.generateSecret());
// IBigInteger bShared = new BigInteger(bKeyAgree.generateSecret());
// IBigInteger cShared = new BigInteger(cKeyAgree.generateSecret());
DHPublicKeyParameters ac = new DHPublicKeyParameters(aKeyAgree.CalculateAgreement(cPair.Public), spec);
DHPublicKeyParameters ba = new DHPublicKeyParameters(bKeyAgree.CalculateAgreement(aPair.Public), spec);
DHPublicKeyParameters cb = new DHPublicKeyParameters(cKeyAgree.CalculateAgreement(bPair.Public), spec);
IBigInteger aShared = aKeyAgree.CalculateAgreement(cb);
IBigInteger bShared = bKeyAgree.CalculateAgreement(ac);
IBigInteger cShared = cKeyAgree.CalculateAgreement(ba);
if (!aShared.Equals(bShared))
{
Fail(size + " bit 3-way test failed (a and b differ)");
}
if (!cShared.Equals(bShared))
{
Fail(size + " bit 3-way test failed (c and b differ)");
}
}
