public MqvPublicParameters(
			ECPublicKeyParameters	staticPublicKey,
			ECPublicKeyParameters	ephemeralPublicKey)
		{
			this.staticPublicKey = staticPublicKey;
			this.ephemeralPublicKey = ephemeralPublicKey;
		}
        public virtual void ProcessServerCertificate(Certificate serverCertificate)
        {
            X509CertificateStructure x509Cert = serverCertificate.certs[0];
            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;

            try
            {
                this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo);
            }
            catch (Exception)
            {
                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
            }

			if (tlsSigner == null)
			{
				try
				{
					this.ecAgreeServerPublicKey = ValidateECPublicKey((ECPublicKeyParameters)this.serverPublicKey);
				}
				catch (InvalidCastException)
				{
					throw new TlsFatalAlert(AlertDescription.certificate_unknown);
				}

				TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
			}
			else
			{
				if (!tlsSigner.IsValidPublicKey(this.serverPublicKey))
				{
					throw new TlsFatalAlert(AlertDescription.certificate_unknown);
				}

				TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
			}
			
			// TODO
            /*
            * Perform various checks per RFC2246 7.4.2: "Unless otherwise specified, the
            * signing algorithm for the certificate must be the same as the algorithm for the
            * certificate key."
            */
        }
		// The ECMQV Primitive as described in SEC-1, 3.4
		private static ECPoint calculateMqvAgreement(
			ECDomainParameters		parameters,
			ECPrivateKeyParameters	d1U,
			ECPrivateKeyParameters	d2U,
			ECPublicKeyParameters	Q2U,
			ECPublicKeyParameters	Q1V,
			ECPublicKeyParameters	Q2V)
		{
			BigInteger n = parameters.N;
			int e = (n.BitLength + 1) / 2;
			BigInteger powE = BigInteger.One.ShiftLeft(e);

			// The Q2U public key is optional
			ECPoint q;
			if (Q2U == null)
			{
				q = parameters.G.Multiply(d2U.D);
			}
			else
			{
				q = Q2U.Q;
			}

			BigInteger x = q.X.ToBigInteger();
			BigInteger xBar = x.Mod(powE);
			BigInteger Q2UBar = xBar.SetBit(e);
			BigInteger s = d1U.D.Multiply(Q2UBar).Mod(n).Add(d2U.D).Mod(n);

			BigInteger xPrime = Q2V.Q.X.ToBigInteger();
			BigInteger xPrimeBar = xPrime.Mod(powE);
			BigInteger Q2VBar = xPrimeBar.SetBit(e);

			BigInteger hs = parameters.H.Multiply(s).Mod(n);

			//ECPoint p = Q1V.Q.Multiply(Q2VBar).Add(Q2V.Q).Multiply(hs);
			ECPoint p = ECAlgorithms.SumOfTwoMultiplies(
				Q1V.Q, Q2VBar.Multiply(hs).Mod(n), Q2V.Q, hs);

			if (p.IsInfinity)
				throw new InvalidOperationException("Infinity is not a valid agreement value for MQV");

			return p;
		}
		protected bool Equals(
			ECPublicKeyParameters other)
		{
			return q.Equals(other.q) && base.Equals(other);
		}
		protected virtual ECPublicKeyParameters ValidateECPublicKey(ECPublicKeyParameters key)
		{
			// TODO Check RFC 4492 for validation
			return key;
		}
		protected virtual byte[] CalculateECDHBasicAgreement(ECPublicKeyParameters publicKey,
			ECPrivateKeyParameters privateKey)
		{
			ECDHBasicAgreement basicAgreement = new ECDHBasicAgreement();
			basicAgreement.Init(privateKey);
			BigInteger agreement = basicAgreement.CalculateAgreement(publicKey);
			return BigIntegers.AsUnsignedByteArray(agreement);
		}
		protected virtual byte[] ExternalizeKey(ECPublicKeyParameters keyParameters)
		{
			// TODO Add support for compressed encoding and SPF extension

			/*
			 * RFC 4492 5.7. ...an elliptic curve point in uncompressed or compressed format.
			 * Here, the format MUST conform to what the server has requested through a
			 * Supported Point Formats Extension if this extension was used, and MUST be
			 * uncompressed if this extension was not used.
			 */
			return keyParameters.Q.GetEncoded();
		}
예제 #8
0
 protected bool Equals(
     ECPublicKeyParameters other)
 {
     return(q.Equals(other.q) && base.Equals(other));
 }