Inheritance: IAsymmetricCipherKeyPairGenerator
Exemplo n.º 1
0
		private DHBasicKeyPairGenerator getDHBasicKeyPairGenerator(
			BigInteger g,
			BigInteger p,
			int        privateValueSize)
		{
			DHParameters dhParams = new DHParameters(p, g, null, privateValueSize);
			DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
			DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator();

			kpGen.Init(dhkgParams);

			return kpGen;
		}
Exemplo n.º 2
0
		/**
		 * this test is can take quiet a while
		 */
		private void doTestGeneration(
			int size)
		{
			DHParametersGenerator pGen = new DHParametersGenerator();

			pGen.Init(size, 10, new SecureRandom());

			DHParameters dhParams = pGen.GenerateParameters();

			if (dhParams.L != 0)
			{
				Fail("DHParametersGenerator failed to set J to 0 in generated DHParameters");
			}

			DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);

			DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator();

			kpGen.Init(dhkgParams);

			//
			// generate first pair
			//
			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();

			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;

			//
			// generate second pair
			//
			dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), pu1.Parameters);

			kpGen.Init(dhkgParams);

			pair = kpGen.GenerateKeyPair();

			DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
			DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;

			//
			// two way
			//
			DHBasicAgreement e1 = new DHBasicAgreement();
			DHBasicAgreement e2 = new DHBasicAgreement();

			e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
			e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));

			BigInteger k1 = e1.CalculateAgreement(pu2);
			BigInteger k2 = e2.CalculateAgreement(pu1);

			if (!k1.Equals(k2))
			{
				Fail("basic with " + size + " bit 2-way test failed");
			}
		}
Exemplo n.º 3
0
		private void doTestSimpleWithRandom(
			DHBasicKeyPairGenerator kpGen)
		{
			//
			// generate first pair
			//
			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();

			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
			//
			// generate second pair
			//
			pair = kpGen.GenerateKeyPair();

			DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
			DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;

			//
			// two way
			//
			DHBasicAgreement e1 = new DHBasicAgreement();
			DHBasicAgreement e2 = new DHBasicAgreement();

			e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
			e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));

			BigInteger   k1 = e1.CalculateAgreement(pu2);
			BigInteger   k2 = e2.CalculateAgreement(pu1);

			if (!k1.Equals(k2))
			{
				Fail("basic with random 2-way test failed");
			}
		}
		protected virtual AsymmetricCipherKeyPair GenerateDHKeyPair(DHParameters dhParams)
		{
			DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator();
			dhGen.Init(new DHKeyGenerationParameters(context.SecureRandom, dhParams));
			return dhGen.GenerateKeyPair();
		}
 public static AsymmetricCipherKeyPair GenerateDHKeyPair(SecureRandom random, DHParameters dhParams)
 {
     DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator();
     dhGen.Init(new DHKeyGenerationParameters(random, dhParams));
     return dhGen.GenerateKeyPair();
 }
Exemplo n.º 6
0
		private void processDHEKeyExchange(
			MemoryStream	inStr,
			ISigner			signer)
		{
			Stream sigIn = inStr;
			if (signer != null)
			{
				signer.Init(false, this.serverPublicKey);
				signer.BlockUpdate(this.clientRandom, 0, this.clientRandom.Length);
				signer.BlockUpdate(this.serverRandom, 0, this.serverRandom.Length);

				sigIn = new SignerStream(inStr, signer, null);
			}

			/*
			* Parse the Structure
			*/
			byte[] pByte = TlsUtilities.ReadOpaque16(sigIn);
			byte[] gByte = TlsUtilities.ReadOpaque16(sigIn);
			byte[] YsByte = TlsUtilities.ReadOpaque16(sigIn);

			if (signer != null)
			{
				byte[] sigByte = TlsUtilities.ReadOpaque16(sigIn);

				/*
				* Verify the Signature.
				*/
				if (!signer.VerifySignature(sigByte))
				{
					this.FailWithError(AL_fatal, AP_bad_certificate);
				}
			}

			this.AssertEmpty(inStr);

			/*
			* Do the DH calculation.
			*/
			BigInteger p = new BigInteger(1, pByte);
			BigInteger g = new BigInteger(1, gByte);
			BigInteger Ys = new BigInteger(1, YsByte);

			/*
			* Check the DH parameter values
			*/
			if (!p.IsProbablePrime(10))
			{
				this.FailWithError(AL_fatal, AP_illegal_parameter);
			}
			if (g.CompareTo(BigInteger.Two) < 0 || g.CompareTo(p.Subtract(BigInteger.Two)) > 0)
			{
				this.FailWithError(AL_fatal, AP_illegal_parameter);
			}
			// TODO For static DH public values, see additional checks in RFC 2631 2.1.5 
			if (Ys.CompareTo(BigInteger.Two) < 0 || Ys.CompareTo(p.Subtract(BigInteger.One)) > 0)
			{
				this.FailWithError(AL_fatal, AP_illegal_parameter);
			}

			/*
			* Diffie-Hellman basic key agreement
			*/
			DHParameters dhParams = new DHParameters(p, g);

			// Generate a keypair
			DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator();
			dhGen.Init(new DHKeyGenerationParameters(random, dhParams));

			AsymmetricCipherKeyPair dhPair = dhGen.GenerateKeyPair();

			// Store the public value to send to server
			this.Yc = ((DHPublicKeyParameters)dhPair.Public).Y;

			// Calculate the shared secret
			DHBasicAgreement dhAgree = new DHBasicAgreement();
			dhAgree.Init(dhPair.Private);

			BigInteger agreement = dhAgree.CalculateAgreement(new DHPublicKeyParameters(Ys, dhParams));

			this.pms = BigIntegers.AsUnsignedByteArray(agreement);
		}
Exemplo n.º 7
0
		public byte[] GenerateClientKeyExchange()
		{
			// TODO RFC 2246 7.4.72
			/*
			* If the client certificate already contains a suitable Diffie-Hellman key, then
			* Yc is implicit and does not need to be sent again. In this case, the Client Key
			* Exchange message will be sent, but will be empty.
			*/
			//return new byte[0];

			/*
			* Generate a keypair (using parameters from server key) and send the public value
			* to the server.
			*/
			DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator();
			dhGen.Init(new DHKeyGenerationParameters(handler.Random, dhAgreeServerPublicKey.Parameters));
			this.dhAgreeClientKeyPair = dhGen.GenerateKeyPair();
			BigInteger Yc = ((DHPublicKeyParameters)dhAgreeClientKeyPair.Public).Y;
			return BigIntegers.AsUnsignedByteArray(Yc);
		}