public static BigInteger ComputeSharedSecret(string A, AsymmetricKeyParameter bPrivateKey, DHParameters internalParameters) { var importedKey = new DHPublicKeyParameters(new BigInteger(A), internalParameters); var internalKeyAgree = AgreementUtilities.GetBasicAgreement("DH"); internalKeyAgree.Init(bPrivateKey); return internalKeyAgree.CalculateAgreement(importedKey); }
public ServerDHParams(DHPublicKeyParameters publicKey) { if (publicKey == null) throw new ArgumentNullException("publicKey"); this.mPublicKey = publicKey; }
public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement dhAgree = new DHBasicAgreement(); dhAgree.Init(privateKey); BigInteger agreement = dhAgree.CalculateAgreement(publicKey); return BigIntegers.AsUnsignedByteArray(agreement); }
protected bool Equals(DHPublicKeyParameters other) { if (y.Equals(other.y)) { return(Equals((DHKeyParameters)other)); } return(false); }
public override bool Equals(object obj) { if (obj == this) { return(true); } DHPublicKeyParameters dHPublicKeyParameters = obj as DHPublicKeyParameters; return(dHPublicKeyParameters != null && this.Equals(dHPublicKeyParameters)); }
public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement basicAgreement = new DHBasicAgreement(); basicAgreement.Init(privateKey); BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey); /* * RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is * used as the pre_master_secret. */ return BigIntegers.AsUnsignedByteArray(agreementValue); }
public override bool Equals(object obj) { if (obj == this) { return(true); } DHPublicKeyParameters other = obj as DHPublicKeyParameters; if (other == null) { return(false); } return(this.Equals(other)); }
public override bool Equals(object obj) { if (obj == this) { return(true); } DHPublicKeyParameters dHPublicKeyParameters = obj as DHPublicKeyParameters; if (dHPublicKeyParameters == null) { return(false); } return(Equals(dHPublicKeyParameters)); }
/** * given a message from a given party and the corresponding public key * calculate the next message in the agreement sequence. In this case * this will represent the shared secret. */ public IBigInteger CalculateAgreement(DHPublicKeyParameters pub, IBigInteger message) { if (pub == null) throw new ArgumentNullException("pub"); if (message == null) throw new ArgumentNullException("message"); if (!pub.Parameters.Equals(_dhParams)) { throw new ArgumentException("Diffie-Hellman public key has wrong parameters."); } var p = _dhParams.P; return message.ModPow(_key.X, p).Multiply(pub.Y.ModPow(_privateValue, p)).Mod(p); }
/// <summary> /// /// </summary> /// <param name="newagrlen">agreement length in bytes. Valid values are 32, 96, 128</param> public ECDHWrapper(int newagrlen) { DHKeyPairGenerator kpGen; this.initPG(newagrlen); kpGen = this.getDHKeyPairGenerator(this.g, this.p); this.agrlen = newagrlen; AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); this.pu1 = (DHPublicKeyParameters)pair.Public; this.pv1 = (DHPrivateKeyParameters)pair.Private; this.e1 = new DHAgreement(); this.e1.Init(new ParametersWithRandom(this.pv1, new SecureRandom())); this.m1 = this.e1.CalculateMessage(); this.pubdata = this.getPubData(); }
/// <summary> /// Processes the request. /// </summary> /// <param name="header">The header.</param> /// <param name="publicKeyEncoded">The public key encoded.</param> /// <param name="response">The response.</param> /// <returns></returns> public static String ProcessRequest(ServerAuthority serverAuthority, byte[] publicKeyEncoded, RequestHeader header, String request) { if (header.MessageHeader.EncryptionHeader.EncryptionType != EncryptionTypes.None) { //byte[] publicKeyEncoded = client.RequestHeader.MessageHeader.EncryptionHeader.PublicKey; DHPublicKeyParameters publicKey = new DHPublicKeyParameters( ((DHPublicKeyParameters)PublicKeyFactory.CreateKey(publicKeyEncoded)).Y, serverAuthority.Parameters); BigInteger agreementValue = serverAuthority.GenerateAgreementValue(publicKey); RijndaelCrypto crypto = new RijndaelCrypto(); return crypto.Encrypt(request, agreementValue.ToString(16)); } else { return request; } }
public virtual void ProcessServerCertificate(Certificate serverCertificate) { X509CertificateStructure x509Cert = serverCertificate.certs[0]; SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; try { this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo); } catch (Exception) { throw new TlsFatalAlert(AlertDescription.unsupported_certificate); } if (tlsSigner == null) { try { this.dhAgreeServerPublicKey = ValidateDHPublicKey((DHPublicKeyParameters)this.serverPublicKey); } catch (InvalidCastException) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement); } else { if (!tlsSigner.IsValidPublicKey(this.serverPublicKey)) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); } // TODO /* * Perform various checks per RFC2246 7.4.2: "Unless otherwise specified, the * signing algorithm for the certificate must be the same as the algorithm for the * certificate key." */ }
public override void ProcessServerCertificate(Certificate serverCertificate) { if (serverCertificate.IsEmpty) throw new TlsFatalAlert(AlertDescription.bad_certificate); X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; try { this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); } catch (Exception e) { throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); } if (mTlsSigner == null) { try { this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)this.mServerPublicKey); this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); } catch (InvalidCastException e) { throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement); } else { if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey)) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); } base.ProcessServerCertificate(serverCertificate); }
public void TestDH() { IBigInteger DHParraP = new BigInteger(Base64.Decode("ALJCm1CUL6mOnyVqWTSV6Z2+DVSGOvgboOhmbyyxCrym59uVnXMmPjIgQTrmniFg7PvdcN7NNFwFmcZleULso1s=")); IBigInteger DHParraQ = new BigInteger(Base64.Decode("WSFNqEoX1MdPkrUsmkr0zt8GqkMdfA3QdDM3lliFXlNz7crOuZMfGRAgnXNPELB2fe64b2aaLgLM4zK8oXZRrQ==")); IBigInteger DHPubY = new BigInteger(Base64.Decode("AIki+8/zggCS2e488AsTNULI4LujdUeQQsZI949Dc9lKXZRmrPIC1h8NRoneHQEhpAe4Rhe0nhUOGZJekT5++SA=")); IBigInteger DHPrivX = new BigInteger(Base64.Decode("Apo67noMRO5eDWo/TtpRiBmKGw7ywh25shIu0Rs03krQmWKRbDPvdygWdJ5IpW6ZbKlCTAMhSxpz03YSeSEDmw==")); DHParameters dhPara = new DHParameters(DHParraP, DHParraQ); DHPublicKeyParameters dhPublic = new DHPublicKeyParameters(DHPubY, dhPara); DHPrivateKeyParameters dhPrivate = new DHPrivateKeyParameters(DHPrivX, dhPara); SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dhPublic); PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dhPrivate); DHPublicKeyParameters testPubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubInfo); DHPrivateKeyParameters testPrivKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privInfo); Assert.IsFalse(!testPrivKey.Equals(dhPrivate), "DH: Private key to info back to key"); Assert.IsFalse(!testPubKey.Equals(dhPublic), "DH: Public key to info back to key"); Assert.IsTrue(true, "Diffe Helman Test worked."); }
public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key) { BigInteger Y = key.Y; DHParameters parameters = key.Parameters; BigInteger p = parameters.P; BigInteger g = parameters.G; if (!p.IsProbablePrime(2)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } if (g.CompareTo(BigInteger.Two) < 0 || g.CompareTo(p.Subtract(BigInteger.Two)) > 0) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } if (Y.CompareTo(BigInteger.Two) < 0 || Y.CompareTo(p.Subtract(BigInteger.One)) > 0) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } // TODO See RFC 2631 for more discussion of Diffie-Hellman validation return key; }
private DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key) { BigInteger Y = key.Y; DHParameters parameters = key.Parameters; BigInteger p = parameters.P; BigInteger g = parameters.G; if (!p.IsProbablePrime(2)) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_illegal_parameter); } if (g.CompareTo(BigInteger.Two) < 0 || g.CompareTo(p.Subtract(BigInteger.Two)) > 0) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_illegal_parameter); } if (Y.CompareTo(BigInteger.Two) < 0 || Y.CompareTo(p.Subtract(BigInteger.One)) > 0) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_illegal_parameter); } // TODO See RFC 2631 for more discussion of Diffie-Hellman validation return key; }
protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement dhAgree = new DHBasicAgreement(); dhAgree.Init(dhAgreeClientPrivateKey); BigInteger agreement = dhAgree.CalculateAgreement(dhAgreeServerPublicKey); return BigIntegers.AsUnsignedByteArray(agreement); }
public byte[] calcAgreementDef(Byte[] pubdata) { //int hdrSize =8 //Reading header int bY2Size = BitConverter.ToInt32(pubdata, 0); int bm2Size = BitConverter.ToInt32(pubdata, 4); //Reading data int itr = 8; BigInteger Y2 = new BigInteger(pubdata, itr, bY2Size); itr += bY2Size; BigInteger m2 = new BigInteger(pubdata, itr, bm2Size); DHParameters newDHParameters = new DHParameters(this.p, this.g); DHPublicKeyParameters pu2 = new DHPublicKeyParameters(Y2, newDHParameters); return this.e1.CalculateAgreement(pu2, m2).ToByteArray();//Variable length (not necessary bits / 8) }
public void ProcessServerCertificate(Certificate serverCertificate) { X509CertificateStructure x509Cert = serverCertificate.certs[0]; SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; try { this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo); } // catch (RuntimeException) catch (Exception) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_unsupported_certificate); } // Sanity check the PublicKeyFactory if (this.serverPublicKey.IsPrivate) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error); } // TODO /* * Perform various checks per RFC2246 7.4.2: "Unless otherwise specified, the * signing algorithm for the certificate must be the same as the algorithm for the * certificate key." */ // TODO Should the 'is' tests be replaced with stricter checks on keyInfo.getAlgorithmId()? switch (this.keyExchange) { case TlsKeyExchangeAlgorithm.KE_DH_DSS: if (!(this.serverPublicKey is DHPublicKeyParameters)) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_certificate_unknown); } // TODO The algorithm used to sign the certificate should be DSS. // x509Cert.getSignatureAlgorithm(); this.dhAgreeServerPublicKey = ValidateDHPublicKey((DHPublicKeyParameters)this.serverPublicKey); break; case TlsKeyExchangeAlgorithm.KE_DH_RSA: if (!(this.serverPublicKey is DHPublicKeyParameters)) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_certificate_unknown); } // TODO The algorithm used to sign the certificate should be RSA. // x509Cert.getSignatureAlgorithm(); this.dhAgreeServerPublicKey = ValidateDHPublicKey((DHPublicKeyParameters)this.serverPublicKey); break; case TlsKeyExchangeAlgorithm.KE_DHE_RSA: if (!(this.serverPublicKey is RsaKeyParameters)) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_certificate_unknown); } ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); break; case TlsKeyExchangeAlgorithm.KE_DHE_DSS: if (!(this.serverPublicKey is DsaPublicKeyParameters)) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_certificate_unknown); } break; default: handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_unsupported_certificate); break; } /* * Verify them. */ if (!this.verifyer.IsValid(serverCertificate.GetCerts())) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_user_canceled); } }
public override void ProcessServerKeyExchange(Stream input) { this.mPskIdentityHint = TlsUtilities.ReadOpaque16(input); if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { ServerDHParams serverDHParams = ServerDHParams.Parse(input); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); this.mDHParameters = mDHAgreePublicKey.Parameters; } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { ECDomainParameters ecParams = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input); byte[] point = TlsUtilities.ReadOpaque8(input); this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( mClientECPointFormats, ecParams, point)); } }
public override void ProcessClientKeyExchange(Stream input) { if (mDHAgreePublicKey != null) { // For dss_fixed_dh and rsa_fixed_dh, the key arrived in the client certificate return; } BigInteger Yc = TlsDHUtilities.ReadDHParameter(input); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(Yc, mDHParameters)); }
public void ProcessServerKeyExchange(Stream input, SecurityParameters securityParameters) { if (tlsSigner == null) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_unexpected_message); } Stream sigIn = input; ISigner signer = null; if (tlsSigner != null) { signer = InitSigner(tlsSigner, securityParameters); sigIn = new SignerStream(input, signer, null); } byte[] pBytes = TlsUtilities.ReadOpaque16(sigIn); byte[] gBytes = TlsUtilities.ReadOpaque16(sigIn); byte[] YsBytes = TlsUtilities.ReadOpaque16(sigIn); if (signer != null) { byte[] sigByte = TlsUtilities.ReadOpaque16(input); if (!signer.VerifySignature(sigByte)) { handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_bad_certificate); } } BigInteger p = new BigInteger(1, pBytes); BigInteger g = new BigInteger(1, gBytes); BigInteger Ys = new BigInteger(1, YsBytes); this.dhAgreeServerPublicKey = ValidateDHPublicKey( new DHPublicKeyParameters(Ys, new DHParameters(p, g))); }
public override void ProcessServerKeyExchange(Stream input) { this.mPskIdentityHint = TlsUtilities.ReadOpaque16(input); if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { ServerDHParams serverDHParams = ServerDHParams.Parse(input); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { // TODO[RFC 5489] } }
public void TestDH() { BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); DHParameters dhParams = new DHParameters(p512, g512); DHKeyGenerationParameters parameters = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHKeyPairGenerator kpGen = new DHKeyPairGenerator(); kpGen.Init(parameters); AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; DHPublicKeyParameters pu2 = new DHPublicKeyParameters(pu1.Y, pu1.Parameters); DHPrivateKeyParameters pv2 = new DHPrivateKeyParameters(pv1.X, pv1.Parameters); DHPublicKeyParameters pu3 = new DHPublicKeyParameters(pv1.X, pu1.Parameters); DHPrivateKeyParameters pv3 = new DHPrivateKeyParameters(pu1.Y, pu1.Parameters); doTest(pu1, pu2, pu3); doTest(pv1, pv2, pv3); DHParameters pr1 = pu1.Parameters; DHParameters pr2 = new DHParameters( pr1.P, pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); DHParameters pr3 = new DHParameters( pr1.P.Add(BigInteger.Two), pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); doTest(pr1, pr2, pr3); pr3 = new DHParameters( pr1.P, pr1.G.Add(BigInteger.One), pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); doTest(pr1, pr2, pr3); pu2 = new DHPublicKeyParameters(pu1.Y, pr2); pv2 = new DHPrivateKeyParameters(pv1.X, pr2); doTest(pu1, pu2, pu3); doTest(pv1, pv2, pv3); DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024); DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024); DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024); doTest(vp1, vp1, vp3); doTest(vp1, vp2, vp3); byte[] bytes = new byte[20]; bytes[0] = 1; vp3 = new DHValidationParameters(bytes, 1024); doTest(vp1, vp2, vp3); vp3 = new DHValidationParameters(new byte[20], 2048); doTest(vp1, vp2, vp3); DHTestKeyParameters k1 = new DHTestKeyParameters(false, null); DHTestKeyParameters k2 = new DHTestKeyParameters(false, null); DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.Parameters); doTest(k1, k2, k3); }
protected bool Equals(DHPublicKeyParameters other) => (this.y.Equals(other.y) && base.Equals((DHKeyParameters)other));
public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key) { DHParameters parameters = ValidateDHParameters(key.Parameters); BigInteger Y = key.Y; if (Y.CompareTo(Two) < 0 || Y.CompareTo(parameters.P.Subtract(Two)) > 0) throw new TlsFatalAlert(AlertDescription.illegal_parameter); // TODO See RFC 2631 for more discussion of Diffie-Hellman validation return key; }
public override void ProcessClientKeyExchange(Stream input) { byte[] psk_identity = TlsUtilities.ReadOpaque16(input); this.mPsk = mPskIdentityManager.GetPsk(psk_identity); if (mPsk == null) throw new TlsFatalAlert(AlertDescription.unknown_psk_identity); mContext.SecurityParameters.pskIdentity = psk_identity; if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { BigInteger Yc = TlsDHUtilities.ReadDHParameter(input); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(Yc, mDHParameters)); } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { byte[] point = TlsUtilities.ReadOpaque8(input); ECDomainParameters curve_params = this.mECAgreePrivateKey.Parameters; this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( mServerECPointFormats, curve_params, point)); } else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK) { byte[] encryptedPreMasterSecret; if (TlsUtilities.IsSsl(mContext)) { // TODO Do any SSLv3 clients actually include the length? encryptedPreMasterSecret = Streams.ReadAll(input); } else { encryptedPreMasterSecret = TlsUtilities.ReadOpaque16(input); } this.mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret); } }
protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { return TlsDHUtilities.CalculateDHBasicAgreement(publicKey, privateKey); }
protected virtual DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key) { return TlsDHUtilities.ValidateDHPublicKey(key); }
private string GeneratePassword() { DHPublicKeyParameters publicKey = new DHPublicKeyParameters( ((DHPublicKeyParameters)PublicKeyFactory.CreateKey(encodedPublicKey)).Y, sharedParameters); IBasicAgreement agreement = AgreementUtilities.GetBasicAgreement("DH"); agreement.Init(keyPair.Private); BigInteger agreementValue = agreement.CalculateAgreement(publicKey); return agreementValue.ToString(16); }
public virtual void ProcessServerKeyExchange(Stream input) { this.psk_identity_hint = TlsUtilities.ReadOpaque16(input); if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK) { byte[] pBytes = TlsUtilities.ReadOpaque16(input); byte[] gBytes = TlsUtilities.ReadOpaque16(input); byte[] YsBytes = TlsUtilities.ReadOpaque16(input); BigInteger p = new BigInteger(1, pBytes); BigInteger g = new BigInteger(1, gBytes); BigInteger Ys = new BigInteger(1, YsBytes); this.dhAgreeServerPublicKey = TlsDHUtilities.ValidateDHPublicKey( new DHPublicKeyParameters(Ys, new DHParameters(p, g))); } else if (this.psk_identity_hint.Length == 0) { // TODO Should we enforce that this message should have been skipped if hint is empty? //throw new TlsFatalAlert(AlertDescription.unexpected_message); } }
protected bool Equals( DHPublicKeyParameters other) { return y.Equals(other.y) && base.Equals(other); }
protected bool Equals( DHPublicKeyParameters other) { return(y.Equals(other.y) && base.Equals(other)); }
private void doTestGP( string algName, int size, int privateValueSize, IBigInteger g, IBigInteger p) { IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator(algName); DHParameters dhParams = new DHParameters(p, g, null, privateValueSize); KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), dhParams); keyGen.Init(kgp); // // a side // IAsymmetricCipherKeyPair aKeyPair = keyGen.GenerateKeyPair(); IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName); checkKeySize(privateValueSize, aKeyPair); aKeyAgreeBasic.Init(aKeyPair.Private); // // b side // IAsymmetricCipherKeyPair bKeyPair = keyGen.GenerateKeyPair(); IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName); checkKeySize(privateValueSize, bKeyPair); bKeyAgreeBasic.Init(bKeyPair.Private); // // agreement // // aKeyAgreeBasic.doPhase(bKeyPair.Public, true); // bKeyAgreeBasic.doPhase(aKeyPair.Public, true); // // IBigInteger k1 = new BigInteger(aKeyAgreeBasic.generateSecret()); // IBigInteger k2 = new BigInteger(bKeyAgreeBasic.generateSecret()); IBigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public); IBigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public); if (!k1.Equals(k2)) { Fail(size + " bit 2-way test failed"); } // // public key encoding test // // byte[] pubEnc = aKeyPair.Public.GetEncoded(); byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded(); // KeyFactory keyFac = KeyFactory.getInstance(algName); // X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); // DHPublicKey pubKey = (DHPublicKey)keyFac.generatePublic(pubX509); DHPublicKeyParameters pubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); // DHParameterSpec spec = pubKey.Parameters; DHParameters spec = pubKey.Parameters; if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P)) { Fail(size + " bit public key encoding/decoding test failed on parameters"); } if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y)) { Fail(size + " bit public key encoding/decoding test failed on y value"); } // // public key serialisation test // // TODO Put back in // MemoryStream bOut = new MemoryStream(); // ObjectOutputStream oOut = new ObjectOutputStream(bOut); // // oOut.WriteObject(aKeyPair.Public); // // MemoryStream bIn = new MemoryStream(bOut.ToArray(), false); // ObjectInputStream oIn = new ObjectInputStream(bIn); // // pubKey = (DHPublicKeyParameters)oIn.ReadObject(); spec = pubKey.Parameters; if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P)) { Fail(size + " bit public key serialisation test failed on parameters"); } if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y)) { Fail(size + " bit public key serialisation test failed on y value"); } // // private key encoding test // // byte[] privEnc = aKeyPair.Private.GetEncoded(); byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded(); // PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); // DHPrivateKeyParameters privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8); DHPrivateKeyParameters privKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); spec = privKey.Parameters; if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P)) { Fail(size + " bit private key encoding/decoding test failed on parameters"); } if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X)) { Fail(size + " bit private key encoding/decoding test failed on y value"); } // // private key serialisation test // // TODO Put back in // bOut = new MemoryStream(); // oOut = new ObjectOutputStream(bOut); // // oOut.WriteObject(aKeyPair.Private); // // bIn = new MemoryStream(bOut.ToArray(), false); // oIn = new ObjectInputStream(bIn); // // privKey = (DHPrivateKeyParameters)oIn.ReadObject(); spec = privKey.Parameters; if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P)) { Fail(size + " bit private key serialisation test failed on parameters"); } if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X)) { Fail(size + " bit private key serialisation test failed on y value"); } // // three party test // IAsymmetricCipherKeyPairGenerator aPairGen = GeneratorUtilities.GetKeyPairGenerator(algName); aPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec)); IAsymmetricCipherKeyPair aPair = aPairGen.GenerateKeyPair(); IAsymmetricCipherKeyPairGenerator bPairGen = GeneratorUtilities.GetKeyPairGenerator(algName); bPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec)); IAsymmetricCipherKeyPair bPair = bPairGen.GenerateKeyPair(); IAsymmetricCipherKeyPairGenerator cPairGen = GeneratorUtilities.GetKeyPairGenerator(algName); cPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec)); IAsymmetricCipherKeyPair cPair = cPairGen.GenerateKeyPair(); IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement(algName); aKeyAgree.Init(aPair.Private); IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement(algName); bKeyAgree.Init(bPair.Private); IBasicAgreement cKeyAgree = AgreementUtilities.GetBasicAgreement(algName); cKeyAgree.Init(cPair.Private); // Key ac = aKeyAgree.doPhase(cPair.Public, false); // Key ba = bKeyAgree.doPhase(aPair.Public, false); // Key cb = cKeyAgree.doPhase(bPair.Public, false); // // aKeyAgree.doPhase(cb, true); // bKeyAgree.doPhase(ac, true); // cKeyAgree.doPhase(ba, true); // // IBigInteger aShared = new BigInteger(aKeyAgree.generateSecret()); // IBigInteger bShared = new BigInteger(bKeyAgree.generateSecret()); // IBigInteger cShared = new BigInteger(cKeyAgree.generateSecret()); DHPublicKeyParameters ac = new DHPublicKeyParameters(aKeyAgree.CalculateAgreement(cPair.Public), spec); DHPublicKeyParameters ba = new DHPublicKeyParameters(bKeyAgree.CalculateAgreement(aPair.Public), spec); DHPublicKeyParameters cb = new DHPublicKeyParameters(cKeyAgree.CalculateAgreement(bPair.Public), spec); IBigInteger aShared = aKeyAgree.CalculateAgreement(cb); IBigInteger bShared = bKeyAgree.CalculateAgreement(ac); IBigInteger cShared = cKeyAgree.CalculateAgreement(ba); if (!aShared.Equals(bShared)) { Fail(size + " bit 3-way test failed (a and b differ)"); } if (!cShared.Equals(bShared)) { Fail(size + " bit 3-way test failed (c and b differ)"); } }