public void Init(
ICipherParameters parameters)
{
AsymmetricKeyParameter kParam;
if (parameters is ParametersWithRandom)
{
ParametersWithRandom rParam = (ParametersWithRandom)parameters;
this.random = rParam.Random;
kParam = (AsymmetricKeyParameter)rParam.Parameters;
}
else
{
this.random = new SecureRandom();
kParam = (AsymmetricKeyParameter)parameters;
}
if (!(kParam is DHPrivateKeyParameters))
{
throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
}
this.key = (DHPrivateKeyParameters)kParam;
this.dhParams = key.Parameters;
}
public DHKeyGenerationParameters(
SecureRandom random,
DHParameters parameters)
: base(random, GetStrength(parameters))
{
this.parameters = parameters;
}
internal BigInteger CalculatePrivate(
DHParameters dhParams,
SecureRandom random)
{
int limit = dhParams.L;
if (limit != 0)
{
return new BigInteger(limit, random).SetBit(limit - 1);
}
BigInteger min = BigInteger.Two;
int m = dhParams.M;
if (m != 0)
{
min = BigInteger.One.ShiftLeft(m - 1);
}
BigInteger max = dhParams.P.Subtract(BigInteger.Two);
BigInteger q = dhParams.Q;
if (q != null)
{
max = q.Subtract(BigInteger.Two);
}
return BigIntegers.CreateRandomInRange(min, max, random);
}
public DHPrivateKeyParameters(
BigInteger x,
DHParameters parameters)
: base(true, parameters)
{
this.x = x;
}
public DHPrivateKeyParameters(
BigInteger x,
DHParameters parameters,
DerObjectIdentifier algorithmOid)
: base(true, parameters, algorithmOid)
{
this.x = x;
}
protected DHKeyParameters(
bool isPrivate,
DHParameters parameters,
DerObjectIdentifier algorithmOid)
: base(isPrivate)
{
// TODO Should we allow parameters to be null?
this.parameters = parameters;
this.algorithmOid = algorithmOid;
}
public DHPublicKeyParameters(
BigInteger y,
DHParameters parameters)
: base(false, parameters)
{
if (y == null)
throw new ArgumentNullException("y");
this.y = y;
}
public DHPublicKeyParameters(
BigInteger y,
DHParameters parameters,
DerObjectIdentifier algorithmOid)
: base(false, parameters, algorithmOid)
{
if (y == null)
throw new ArgumentNullException("y");
this.y = y;
}
public AsymmetricCipherKeyPair GenerateKeyPair()
{
DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.Instance;
ElGamalParameters egp = param.Parameters;
DHParameters dhp = new DHParameters(egp.P, egp.G, null, 0, egp.L);
BigInteger x = helper.CalculatePrivate(dhp, param.Random);
BigInteger y = helper.CalculatePublic(dhp, x);
return new AsymmetricCipherKeyPair(
new ElGamalPublicKeyParameters(y, egp),
new ElGamalPrivateKeyParameters(x, egp));
}
public void Init(
ICipherParameters parameters)
{
if (parameters is ParametersWithRandom)
{
parameters = ((ParametersWithRandom) parameters).Parameters;
}
if (!(parameters is DHPrivateKeyParameters))
{
throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
}
this.key = (DHPrivateKeyParameters) parameters;
this.dhParams = key.Parameters;
}
public static AsymmetricKeyParameter CreateKey(
PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
DerObjectIdentifier algOid = algID.ObjectID;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
|| algOid.Equals(X509ObjectIdentifiers.IdEARsa)
|| algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss)
|| algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPrivateKeyStructure keyStructure = new RsaPrivateKeyStructure(
Asn1Sequence.GetInstance(keyInfo.PrivateKey));
return new RsaPrivateCrtKeyParameters(
keyStructure.Modulus,
keyStructure.PublicExponent,
keyStructure.PrivateExponent,
keyStructure.Prime1,
keyStructure.Prime2,
keyStructure.Exponent1,
keyStructure.Exponent2,
keyStructure.Coefficient);
}
// TODO?
// else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
DHParameter para = new DHParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.PrivateKey;
BigInteger lVal = para.L;
int l = lVal == null ? 0 : lVal.IntValue;
DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
return new DHPrivateKeyParameters(derX.Value, dhParams, algOid);
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.PrivateKey;
return new ElGamalPrivateKeyParameters(
derX.Value,
new ElGamalParameters(para.P, para.G));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa))
{
DerInteger derX = (DerInteger) keyInfo.PrivateKey;
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return new DsaPrivateKeyParameters(derX.Value, parameters);
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object());
X9ECParameters ecP;
if (para.IsNamedCurve)
{
ecP = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier) para.Parameters);
}
else
{
ecP = new X9ECParameters((Asn1Sequence) para.Parameters);
}
ECDomainParameters dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
ECPrivateKeyStructure ec = new ECPrivateKeyStructure(
Asn1Sequence.GetInstance(keyInfo.PrivateKey));
return new ECPrivateKeyParameters(ec.GetKey(), dParams);
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
ECPrivateKeyStructure ec = new ECPrivateKeyStructure(
Asn1Sequence.GetInstance(keyInfo.PrivateKey));
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
return null;
return new ECPrivateKeyParameters("ECGOST3410", ec.GetKey(), gostParams.PublicKeyParamSet);
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerOctetString derX = (DerOctetString) keyInfo.PrivateKey;
byte[] keyEnc = derX.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger x = new BigInteger(1, keyBytes);
return new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet);
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised");
}
}
protected bool Equals(
DHParameters other)
{
return p.Equals(other.p)
&& g.Equals(other.g)
&& Platform.Equals(q, other.q);
}
private static DHPublicKeyParameters ReadPkcsDHParam(DerObjectIdentifier algOid,
BigInteger y, Asn1Sequence seq)
{
DHParameter para = new DHParameter(seq);
BigInteger lVal = para.L;
int l = lVal == null ? 0 : lVal.IntValue;
DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
return new DHPublicKeyParameters(y, dhParams, algOid);
}
protected DHKeyParameters(
bool isPrivate,
DHParameters parameters)
: this(isPrivate, parameters, PkcsObjectIdentifiers.DhKeyAgreement)
{
}
protected virtual bool AreCompatibleParameters(DHParameters a, DHParameters b)
{
return a.P.Equals(b.P) && a.G.Equals(b.G);
}
internal BigInteger CalculatePublic(
DHParameters dhParams,
BigInteger x)
{
return dhParams.G.ModPow(x, dhParams.P);
}
internal static int GetStrength(
DHParameters parameters)
{
return(parameters.L != 0 ? parameters.L : parameters.P.BitLength);
}
protected virtual AsymmetricCipherKeyPair GenerateDHKeyPair(DHParameters dhParams)
{
DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator();
dhGen.Init(new DHKeyGenerationParameters(context.SecureRandom, dhParams));
return dhGen.GenerateKeyPair();
}
protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output)
{
AsymmetricCipherKeyPair dhAgreeClientKeyPair = GenerateDHKeyPair(dhParams);
this.dhAgreeClientPrivateKey = (DHPrivateKeyParameters)dhAgreeClientKeyPair.Private;
BigInteger Yc = ((DHPublicKeyParameters)dhAgreeClientKeyPair.Public).Y;
byte[] keData = BigIntegers.AsUnsignedByteArray(Yc);
TlsUtilities.WriteUint24(keData.Length + 2, output);
TlsUtilities.WriteOpaque16(keData, output);
}
protected DHKeyParameters(
bool isPrivate,
DHParameters parameters)
: this(isPrivate, parameters, PkcsObjectIdentifiers.DhKeyAgreement)
{
}
internal static int GetStrength(
DHParameters parameters)
{
return parameters.L != 0 ? parameters.L : parameters.P.BitLength;
}