public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey)
{
DHBasicAgreement agreement = new DHBasicAgreement();
agreement.Init(privateKey);
return(BigIntegers.AsUnsignedByteArray(agreement.CalculateAgreement(publicKey)));
}
/**
* this test is can take quiet a while
*/
private void doTestGeneration(
int size)
{
DHParametersGenerator pGen = new DHParametersGenerator();
pGen.Init(size, 10, new SecureRandom());
DHParameters dhParams = pGen.GenerateParameters();
if (dhParams.L != 0)
{
Fail("DHParametersGenerator failed to set J to 0 in generated DHParameters");
}
DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator();
kpGen.Init(dhkgParams);
//
// generate first pair
//
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
//
// generate second pair
//
dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), pu1.Parameters);
kpGen.Init(dhkgParams);
pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
//
// two way
//
DHBasicAgreement e1 = new DHBasicAgreement();
DHBasicAgreement e2 = new DHBasicAgreement();
e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));
BigInteger k1 = e1.CalculateAgreement(pu2);
BigInteger k2 = e2.CalculateAgreement(pu1);
if (!k1.Equals(k2))
{
Fail("basic with " + size + " bit 2-way test failed");
}
}
protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
DHPrivateKeyParameters privateKey)
{
DHBasicAgreement dhAgree = new DHBasicAgreement();
dhAgree.Init(dhAgreeClientPrivateKey);
BigInteger agreement = dhAgree.CalculateAgreement(dhAgreeServerPublicKey);
return(BigIntegers.AsUnsignedByteArray(agreement));
}
public byte[] GeneratePremasterSecret()
{
/*
* Diffie-Hellman basic key agreement
*/
DHBasicAgreement dhAgree = new DHBasicAgreement();
dhAgree.Init(dhAgreeClientKeyPair.Private);
BigInteger agreement = dhAgree.CalculateAgreement(dhAgreeServerPublicKey);
return(BigIntegers.AsUnsignedByteArray(agreement));
}
public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
DHPrivateKeyParameters privateKey)
{
DHBasicAgreement basicAgreement = new DHBasicAgreement();
basicAgreement.Init(privateKey);
BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey);
/*
* RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is
* used as the pre_master_secret.
*/
return(BigIntegers.AsUnsignedByteArray(agreementValue));
}
private void doTestDHBasic(
int size,
int privateValueSize,
BigInteger g,
BigInteger p)
{
DHBasicKeyPairGenerator kpGen = getDHBasicKeyPairGenerator(g, p, privateValueSize);
//
// generate first pair
//
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
checkKeySize(privateValueSize, pv1);
//
// generate second pair
//
pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
checkKeySize(privateValueSize, pv2);
//
// two way
//
DHBasicAgreement e1 = new DHBasicAgreement();
DHBasicAgreement e2 = new DHBasicAgreement();
e1.Init(pv1);
e2.Init(pv2);
BigInteger k1 = e1.CalculateAgreement(pu2);
BigInteger k2 = e2.CalculateAgreement(pu1);
if (!k1.Equals(k2))
{
Fail("basic " + size + " bit 2-way test failed");
}
}
public byte[] CalculateSharedSecret(byte[] remotePublicKey)
{
if (!m_bInited)
{
Init();
}
DHPublicKeyParameters remoteKeyParameters = new DHPublicKeyParameters(new BigInteger(1, remotePublicKey), m_dhParameters);
DHBasicAgreement agreement = new DHBasicAgreement();
agreement.Init(m_keyPair.Private);
byte[] resAgreement = agreement.CalculateAgreement(remoteKeyParameters).ToByteArrayUnsigned();
Sha256Digest digest = new Sha256Digest();
byte[] resHash = new byte[digest.GetDigestSize()];
digest.BlockUpdate(resAgreement, 0, resAgreement.Length);
digest.DoFinal(resHash, 0);
SharedSecret = resHash;
return(resHash);
}
private void doTestSimpleWithRandom(
DHBasicKeyPairGenerator kpGen)
{
//
// generate first pair
//
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
//
// generate second pair
//
pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
//
// two way
//
DHBasicAgreement e1 = new DHBasicAgreement();
DHBasicAgreement e2 = new DHBasicAgreement();
e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));
BigInteger k1 = e1.CalculateAgreement(pu2);
BigInteger k2 = e2.CalculateAgreement(pu1);
if (!k1.Equals(k2))
{
Fail("basic with random 2-way test failed");
}
}
private void processDHEKeyExchange(
MemoryStream inStr,
ISigner signer)
{
Stream sigIn = inStr;
if (signer != null)
{
signer.Init(false, this.serverPublicKey);
signer.BlockUpdate(this.clientRandom, 0, this.clientRandom.Length);
signer.BlockUpdate(this.serverRandom, 0, this.serverRandom.Length);
sigIn = new SignerStream(inStr, signer, null);
}
/*
* Parse the Structure
*/
int pLength = TlsUtilities.ReadUint16(sigIn);
byte[] pByte = new byte[pLength];
TlsUtilities.ReadFully(pByte, sigIn);
int gLength = TlsUtilities.ReadUint16(sigIn);
byte[] gByte = new byte[gLength];
TlsUtilities.ReadFully(gByte, sigIn);
int YsLength = TlsUtilities.ReadUint16(sigIn);
byte[] YsByte = new byte[YsLength];
TlsUtilities.ReadFully(YsByte, sigIn);
if (signer != null)
{
int sigLength = TlsUtilities.ReadUint16(inStr);
byte[] sigByte = new byte[sigLength];
TlsUtilities.ReadFully(sigByte, inStr);
/*
* Verify the Signature.
*/
if (!signer.VerifySignature(sigByte))
{
this.FailWithError(AL_fatal, AP_bad_certificate);
}
}
this.AssertEmpty(inStr);
/*
* Do the DH calculation.
*/
BigInteger p = new BigInteger(1, pByte);
BigInteger g = new BigInteger(1, gByte);
BigInteger Ys = new BigInteger(1, YsByte);
/*
* Check the DH parameter values
*/
if (!p.IsProbablePrime(10))
{
this.FailWithError(AL_fatal, AP_illegal_parameter);
}
if (g.CompareTo(BigInteger.Two) < 0 || g.CompareTo(p.Subtract(BigInteger.Two)) > 0)
{
this.FailWithError(AL_fatal, AP_illegal_parameter);
}
// TODO For static DH public values, see additional checks in RFC 2631 2.1.5
if (Ys.CompareTo(BigInteger.Two) < 0 || Ys.CompareTo(p.Subtract(BigInteger.One)) > 0)
{
this.FailWithError(AL_fatal, AP_illegal_parameter);
}
/*
* Diffie-Hellman basic key agreement
*/
DHParameters dhParams = new DHParameters(p, g);
// Generate a keypair
DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator();
dhGen.Init(new DHKeyGenerationParameters(random, dhParams));
AsymmetricCipherKeyPair dhPair = dhGen.GenerateKeyPair();
// Store the public value to send to server
this.Yc = ((DHPublicKeyParameters)dhPair.Public).Y;
// Calculate the shared secret
DHBasicAgreement dhAgree = new DHBasicAgreement();
dhAgree.Init(dhPair.Private);
BigInteger agreement = dhAgree.CalculateAgreement(new DHPublicKeyParameters(Ys, dhParams));
this.pms = BigIntegers.AsUnsignedByteArray(agreement);
}
public override void PerformTest()
{
doTestDHBasic(512, 0, g512, p512);
doTestDHBasic(768, 0, g768, p768);
doTestDHBasic(1024, 0, g1024, p1024);
doTestDHBasic(512, 64, g512, p512);
doTestDHBasic(768, 128, g768, p768);
doTestDHBasic(1024, 256, g1024, p1024);
doTestDH(512, g512, p512);
doTestDH(768, g768, p768);
doTestDH(1024, g1024, p1024);
//
// generation test.
//
doTestGeneration(256);
//
// with random test
//
DHBasicKeyPairGenerator kpBasicGen = getDHBasicKeyPairGenerator(g512, p512, 0);
doTestSimpleWithRandom(kpBasicGen);
DHKeyPairGenerator kpGen = getDHKeyPairGenerator(g512, p512);
doTestGPWithRandom(kpGen);
//
// parameter tests
//
DHAgreement dh = new DHAgreement();
AsymmetricCipherKeyPair dhPair = kpGen.GenerateKeyPair();
try
{
dh.Init(dhPair.Public);
Fail("DHAgreement key check failed");
}
catch (ArgumentException)
{
// ignore
}
DHKeyPairGenerator kpGen768 = getDHKeyPairGenerator(g768, p768);
try
{
dh.Init(dhPair.Private);
dh.CalculateAgreement((DHPublicKeyParameters)kpGen768.GenerateKeyPair().Public, BigInteger.ValueOf(100));
Fail("DHAgreement agreement check failed");
}
catch (ArgumentException)
{
// ignore
}
DHBasicAgreement dhBasic = new DHBasicAgreement();
AsymmetricCipherKeyPair dhBasicPair = kpBasicGen.GenerateKeyPair();
try
{
dhBasic.Init(dhBasicPair.Public);
Fail("DHBasicAgreement key check failed");
}
catch (ArgumentException)
{
// expected
}
DHBasicKeyPairGenerator kpBasicGen768 = getDHBasicKeyPairGenerator(g768, p768, 0);
try
{
dhBasic.Init(dhPair.Private);
dhBasic.CalculateAgreement((DHPublicKeyParameters)kpBasicGen768.GenerateKeyPair().Public);
Fail("DHBasicAgreement agreement check failed");
}
catch (ArgumentException)
{
// expected
}
}
