public void Init( ICipherParameters parameters) { AsymmetricKeyParameter kParam; if (parameters is ParametersWithRandom) { ParametersWithRandom rParam = (ParametersWithRandom)parameters; this.random = rParam.Random; kParam = (AsymmetricKeyParameter)rParam.Parameters; } else { this.random = new SecureRandom(); kParam = (AsymmetricKeyParameter)parameters; } if (!(kParam is DHPrivateKeyParameters)) { throw new ArgumentException("DHEngine expects DHPrivateKeyParameters"); } this.key = (DHPrivateKeyParameters)kParam; this.dhParams = key.Parameters; }
public virtual void GenerateClientKeyExchange(Stream output) { if (psk_identity_hint == null || psk_identity_hint.Length == 0) { pskIdentity.SkipIdentityHint(); } else { pskIdentity.NotifyIdentityHint(psk_identity_hint); } byte[] psk_identity = pskIdentity.GetPskIdentity(); TlsUtilities.WriteOpaque16(psk_identity, output); if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK) { this.premasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret( context.SecureRandom, this.rsaServerPublicKey, output); } else if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK) { this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange( context.SecureRandom, this.dhAgreeServerPublicKey.Parameters, output); } }
public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement dhAgree = new DHBasicAgreement(); dhAgree.Init(privateKey); BigInteger agreement = dhAgree.CalculateAgreement(publicKey); return BigIntegers.AsUnsignedByteArray(agreement); }
public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement basicAgreement = new DHBasicAgreement(); basicAgreement.Init(privateKey); BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey); /* * RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is * used as the pre_master_secret. */ return BigIntegers.AsUnsignedByteArray(agreementValue); }
public void Init(ICipherParameters parameters) { if (parameters is ParametersWithRandom) { parameters = ((ParametersWithRandom) parameters).Parameters; } if (!(parameters is DHPrivateKeyParameters)) { throw new ArgumentException("DHEngine expects DHPrivateKeyParameters"); } this._key = (DHPrivateKeyParameters) parameters; this._dhParams = _key.Parameters; }
/// <summary> /// /// </summary> /// <param name="newagrlen">agreement length in bytes. Valid values are 32, 96, 128</param> public ECDHWrapper(int newagrlen) { DHKeyPairGenerator kpGen; this.initPG(newagrlen); kpGen = this.getDHKeyPairGenerator(this.g, this.p); this.agrlen = newagrlen; AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); this.pu1 = (DHPublicKeyParameters)pair.Public; this.pv1 = (DHPrivateKeyParameters)pair.Private; this.e1 = new DHAgreement(); this.e1.Init(new ParametersWithRandom(this.pv1, new SecureRandom())); this.m1 = this.e1.CalculateMessage(); this.pubdata = this.getPubData(); }
public void TestDH() { IBigInteger DHParraP = new BigInteger(Base64.Decode("ALJCm1CUL6mOnyVqWTSV6Z2+DVSGOvgboOhmbyyxCrym59uVnXMmPjIgQTrmniFg7PvdcN7NNFwFmcZleULso1s=")); IBigInteger DHParraQ = new BigInteger(Base64.Decode("WSFNqEoX1MdPkrUsmkr0zt8GqkMdfA3QdDM3lliFXlNz7crOuZMfGRAgnXNPELB2fe64b2aaLgLM4zK8oXZRrQ==")); IBigInteger DHPubY = new BigInteger(Base64.Decode("AIki+8/zggCS2e488AsTNULI4LujdUeQQsZI949Dc9lKXZRmrPIC1h8NRoneHQEhpAe4Rhe0nhUOGZJekT5++SA=")); IBigInteger DHPrivX = new BigInteger(Base64.Decode("Apo67noMRO5eDWo/TtpRiBmKGw7ywh25shIu0Rs03krQmWKRbDPvdygWdJ5IpW6ZbKlCTAMhSxpz03YSeSEDmw==")); DHParameters dhPara = new DHParameters(DHParraP, DHParraQ); DHPublicKeyParameters dhPublic = new DHPublicKeyParameters(DHPubY, dhPara); DHPrivateKeyParameters dhPrivate = new DHPrivateKeyParameters(DHPrivX, dhPara); SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dhPublic); PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dhPrivate); DHPublicKeyParameters testPubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubInfo); DHPrivateKeyParameters testPrivKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privInfo); Assert.IsFalse(!testPrivKey.Equals(dhPrivate), "DH: Private key to info back to key"); Assert.IsFalse(!testPubKey.Equals(dhPublic), "DH: Public key to info back to key"); Assert.IsTrue(true, "Diffe Helman Test worked."); }
protected bool Equals( DHPrivateKeyParameters other) { return x.Equals(other.x) && base.Equals(other); }
public override void GenerateClientKeyExchange(Stream output) { /* * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key * Exchange message will be sent, but will be empty. */ if (mAgreementCredentials == null) { this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mDHParameters, output); } }
private void checkKeySize( int privateValueSize, DHPrivateKeyParameters priv) { if (privateValueSize != 0) { if (priv.X.BitLength != privateValueSize) { Fail("limited key check failed for key size " + privateValueSize); } } }
protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output) { this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange( context.SecureRandom, dhParams, output); }
protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { return TlsDHUtilities.CalculateDHBasicAgreement(publicKey, privateKey); }
public void Init(ICipherParameters parameters) { IAsymmetricKeyParameter kParam; var rParam = parameters as ParametersWithRandom; if (rParam != null) { _random = rParam.Random; kParam = (AsymmetricKeyParameter)rParam.Parameters; } else { _random = new SecureRandom(); kParam = (AsymmetricKeyParameter)parameters; } if (!(kParam is DHPrivateKeyParameters)) { throw new ArgumentException("DHEngine expects DHPrivateKeyParameters"); } _key = (DHPrivateKeyParameters)kParam; _dhParams = _key.Parameters; }
protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output) { AsymmetricCipherKeyPair dhAgreeClientKeyPair = GenerateDHKeyPair(dhParams); this.dhAgreeClientPrivateKey = (DHPrivateKeyParameters)dhAgreeClientKeyPair.Private; BigInteger Yc = ((DHPublicKeyParameters)dhAgreeClientKeyPair.Public).Y; byte[] keData = BigIntegers.AsUnsignedByteArray(Yc); TlsUtilities.WriteUint24(keData.Length + 2, output); TlsUtilities.WriteOpaque16(keData, output); }
protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement dhAgree = new DHBasicAgreement(); dhAgree.Init(dhAgreeClientPrivateKey); BigInteger agreement = dhAgree.CalculateAgreement(dhAgreeServerPublicKey); return BigIntegers.AsUnsignedByteArray(agreement); }
protected bool Equals( DHPrivateKeyParameters other) { return(x.Equals(other.x) && base.Equals(other)); }
public override byte[] GenerateServerKeyExchange() { // TODO[RFC 4279] Need a server-side PSK API to determine hint and resolve identities to keys this.mPskIdentityHint = null; if (this.mPskIdentityHint == null && !RequiresServerKeyExchange) return null; MemoryStream buf = new MemoryStream(); if (this.mPskIdentityHint == null) { TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf); } else { TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf); } if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { if (this.mDHParameters == null) throw new TlsFatalAlert(AlertDescription.internal_error); this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom, this.mDHParameters, buf); } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { // TODO[RFC 5489] } return buf.ToArray(); }
public void TestDH() { BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); DHParameters dhParams = new DHParameters(p512, g512); DHKeyGenerationParameters parameters = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHKeyPairGenerator kpGen = new DHKeyPairGenerator(); kpGen.Init(parameters); AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; DHPublicKeyParameters pu2 = new DHPublicKeyParameters(pu1.Y, pu1.Parameters); DHPrivateKeyParameters pv2 = new DHPrivateKeyParameters(pv1.X, pv1.Parameters); DHPublicKeyParameters pu3 = new DHPublicKeyParameters(pv1.X, pu1.Parameters); DHPrivateKeyParameters pv3 = new DHPrivateKeyParameters(pu1.Y, pu1.Parameters); doTest(pu1, pu2, pu3); doTest(pv1, pv2, pv3); DHParameters pr1 = pu1.Parameters; DHParameters pr2 = new DHParameters( pr1.P, pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); DHParameters pr3 = new DHParameters( pr1.P.Add(BigInteger.Two), pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); doTest(pr1, pr2, pr3); pr3 = new DHParameters( pr1.P, pr1.G.Add(BigInteger.One), pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); doTest(pr1, pr2, pr3); pu2 = new DHPublicKeyParameters(pu1.Y, pr2); pv2 = new DHPrivateKeyParameters(pv1.X, pr2); doTest(pu1, pu2, pu3); doTest(pv1, pv2, pv3); DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024); DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024); DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024); doTest(vp1, vp1, vp3); doTest(vp1, vp2, vp3); byte[] bytes = new byte[20]; bytes[0] = 1; vp3 = new DHValidationParameters(bytes, 1024); doTest(vp1, vp2, vp3); vp3 = new DHValidationParameters(new byte[20], 2048); doTest(vp1, vp2, vp3); DHTestKeyParameters k1 = new DHTestKeyParameters(false, null); DHTestKeyParameters k2 = new DHTestKeyParameters(false, null); DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.Parameters); doTest(k1, k2, k3); }
public override void GenerateClientKeyExchange(Stream output) { if (mPskIdentityHint == null) { mPskIdentity.SkipIdentityHint(); } else { mPskIdentity.NotifyIdentityHint(mPskIdentityHint); } byte[] psk_identity = mPskIdentity.GetPskIdentity(); if (psk_identity == null) throw new TlsFatalAlert(AlertDescription.internal_error); this.mPsk = mPskIdentity.GetPsk(); if (mPsk == null) throw new TlsFatalAlert(AlertDescription.internal_error); TlsUtilities.WriteOpaque16(psk_identity, output); mContext.SecurityParameters.pskIdentity = psk_identity; if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mDHParameters, output); } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mServerECPointFormats, mECAgreePublicKey.Parameters, output); } else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK) { this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext, this.mRsaServerPublicKey, output); } }
public override byte[] GenerateServerKeyExchange() { this.mPskIdentityHint = mPskIdentityManager.GetHint(); if (this.mPskIdentityHint == null && !RequiresServerKeyExchange) return null; MemoryStream buf = new MemoryStream(); if (this.mPskIdentityHint == null) { TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf); } else { TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf); } if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { if (this.mDHParameters == null) throw new TlsFatalAlert(AlertDescription.internal_error); this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, this.mDHParameters, buf); } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, buf); } return buf.ToArray(); }