public Gost3410KeyGenerationParameters(
SecureRandom random,
DerObjectIdentifier publicKeyParamSet)
: this(random, LookupParameters(publicKeyParamSet))
{
this.publicKeyParamSet = publicKeyParamSet;
}
public DsaKeyGenerationParameters(
SecureRandom random,
DsaParameters parameters)
: base(random, parameters.P.BitLength - 1)
{
this.parameters = parameters;
}
public void Init(
bool forSigning,
ICipherParameters parameters)
{
if (forSigning)
{
if (parameters is ParametersWithRandom)
{
ParametersWithRandom rParam = (ParametersWithRandom)parameters;
this.random = rParam.Random;
parameters = rParam.Parameters;
}
else
{
this.random = new SecureRandom();
}
if (!(parameters is DsaPrivateKeyParameters))
throw new InvalidKeyException("DSA private key required for signing");
this.key = (DsaPrivateKeyParameters) parameters;
}
else
{
if (!(parameters is DsaPublicKeyParameters))
throw new InvalidKeyException("DSA public key required for verification");
this.key = (DsaPublicKeyParameters) parameters;
}
}
public ECKeyGenerationParameters(
ECDomainParameters domainParameters,
SecureRandom random)
: base(random, domainParameters.N.BitLength)
{
this.domainParams = domainParameters;
}
internal BigInteger CalculatePrivate(
DHParameters dhParams,
SecureRandom random)
{
int limit = dhParams.L;
if (limit != 0)
{
return new BigInteger(limit, random).SetBit(limit - 1);
}
BigInteger min = BigInteger.Two;
int m = dhParams.M;
if (m != 0)
{
min = BigInteger.One.ShiftLeft(m - 1);
}
BigInteger max = dhParams.P.Subtract(BigInteger.Two);
BigInteger q = dhParams.Q;
if (q != null)
{
max = q.Subtract(BigInteger.Two);
}
return BigIntegers.CreateRandomInRange(min, max, random);
}
/**
* initialise the ElGamal engine.
*
* @param forEncryption true if we are encrypting, false otherwise.
* @param param the necessary ElGamal key parameters.
*/
public void Init(
bool forEncryption,
ICipherParameters parameters)
{
if (parameters is ParametersWithRandom)
{
ParametersWithRandom p = (ParametersWithRandom) parameters;
this.key = (ElGamalKeyParameters) p.Parameters;
this.random = p.Random;
}
else
{
this.key = (ElGamalKeyParameters) parameters;
this.random = new SecureRandom();
}
this.forEncryption = forEncryption;
this.bitSize = key.Parameters.P.BitLength;
if (forEncryption)
{
if (!(key is ElGamalPublicKeyParameters))
{
throw new ArgumentException("ElGamalPublicKeyParameters are required for encryption.");
}
}
else
{
if (!(key is ElGamalPrivateKeyParameters))
{
throw new ArgumentException("ElGamalPrivateKeyParameters are required for decryption.");
}
}
}
public Gost3410KeyGenerationParameters(
SecureRandom random,
Gost3410Parameters parameters)
: base(random, parameters.P.BitLength - 1)
{
this.parameters = parameters;
}
public void Init(
ICipherParameters parameters)
{
AsymmetricKeyParameter kParam;
if (parameters is ParametersWithRandom)
{
ParametersWithRandom rParam = (ParametersWithRandom)parameters;
this.random = rParam.Random;
kParam = (AsymmetricKeyParameter)rParam.Parameters;
}
else
{
this.random = new SecureRandom();
kParam = (AsymmetricKeyParameter)parameters;
}
if (!(kParam is DHPrivateKeyParameters))
{
throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
}
this.key = (DHPrivateKeyParameters)kParam;
this.dhParams = key.Parameters;
}
/// <summary>Initialise the generator for signing.</summary>
public void InitSign(
int sigType,
PgpPrivateKey key,
SecureRandom random)
{
this.privKey = key;
this.signatureType = sigType;
try
{
ICipherParameters cp = key.Key;
if (random != null)
{
cp = new ParametersWithRandom(key.Key, random);
}
sig.Init(true, cp);
}
catch (InvalidKeyException e)
{
throw new PgpException("invalid key.", e);
}
dig.Reset();
lastb = 0;
}
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
byte[] keyBytes = contentEncryptionKey.GetKey();
string rfc3211WrapperName = Helper.GetRfc3211WrapperName(keyEncryptionKeyOID);
IWrapper keyWrapper = Helper.CreateWrapper(rfc3211WrapperName);
// Note: In Java build, the IV is automatically generated in JCE layer
int ivLength = rfc3211WrapperName.StartsWith("DESEDE") ? 8 : 16;
byte[] iv = new byte[ivLength];
random.NextBytes(iv);
ICipherParameters parameters = new ParametersWithIV(keyEncryptionKey, iv);
keyWrapper.Init(true, new ParametersWithRandom(parameters, random));
Asn1OctetString encryptedKey = new DerOctetString(
keyWrapper.Wrap(keyBytes, 0, keyBytes.Length));
DerSequence seq = new DerSequence(
new DerObjectIdentifier(keyEncryptionKeyOID),
new DerOctetString(iv));
AlgorithmIdentifier keyEncryptionAlgorithm = new AlgorithmIdentifier(
PkcsObjectIdentifiers.IdAlgPwriKek, seq);
return new RecipientInfo(new PasswordRecipientInfo(
keyDerivationAlgorithm, keyEncryptionAlgorithm, encryptedKey));
}
/**
* Initialises the client to begin new authentication attempt
* @param N The safe prime associated with the client's verifier
* @param g The group parameter associated with the client's verifier
* @param digest The digest algorithm associated with the client's verifier
* @param random For key generation
*/
public virtual void Init(BigInteger N, BigInteger g, IDigest digest, SecureRandom random)
{
this.N = N;
this.g = g;
this.digest = digest;
this.random = random;
}
/**
* Return a random BigInteger not less than 'min' and not greater than 'max'
*
* @param min the least value that may be generated
* @param max the greatest value that may be generated
* @param random the source of randomness
* @return a random BigInteger value in the range [min,max]
*/
public static BigInteger CreateRandomInRange(
BigInteger min,
BigInteger max,
// TODO Should have been just Random class
SecureRandom random)
{
int cmp = min.CompareTo(max);
if (cmp >= 0)
{
if (cmp > 0)
throw new ArgumentException("'min' may not be greater than 'max'");
return min;
}
if (min.BitLength > max.BitLength / 2)
{
return CreateRandomInRange(BigInteger.Zero, max.Subtract(min), random).Add(min);
}
for (int i = 0; i < MaxIterations; ++i)
{
BigInteger x = new BigInteger(max.BitLength, random);
if (x.CompareTo(min) >= 0 && x.CompareTo(max) <= 0)
{
return x;
}
}
// fall back to a faster (restricted) method
return new BigInteger(max.Subtract(min).BitLength - 1, random).Add(min);
}
public ElGamalKeyGenerationParameters(
SecureRandom random,
ElGamalParameters parameters)
: base(random, GetStrength(parameters))
{
this.parameters = parameters;
}
public DHKeyGenerationParameters(
SecureRandom random,
DHParameters parameters)
: base(random, GetStrength(parameters))
{
this.parameters = parameters;
}
public ECKeyGenerationParameters(
DerObjectIdentifier publicKeyParamSet,
SecureRandom random)
: this(ECKeyParameters.LookupParameters(publicKeyParamSet), random)
{
this.publicKeyParamSet = publicKeyParamSet;
}
public virtual byte[] CalculateRawSignature(SecureRandom random,
AsymmetricKeyParameter privateKey, byte[] md5andsha1)
{
ISigner s = MakeSigner(new NullDigest(), true, new ParametersWithRandom(privateKey, random));
s.BlockUpdate(md5andsha1, 0, md5andsha1.Length);
return s.GenerateSignature();
}
public static BigInteger GeneratePrivateValue(IDigest digest, BigInteger N, BigInteger g, SecureRandom random)
{
int minBits = System.Math.Min(256, N.BitLength / 2);
BigInteger min = BigInteger.One.ShiftLeft(minBits - 1);
BigInteger max = N.Subtract(BigInteger.One);
return BigIntegers.CreateRandomInRange(min, max, random);
}
public virtual byte[] CalculateRawSignature(SecureRandom random,
AsymmetricKeyParameter privateKey, byte[] md5andsha1)
{
ISigner s = MakeSigner(new NullDigest(), true, new ParametersWithRandom(privateKey, random));
// Note: Only use the SHA1 part of the hash
s.BlockUpdate(md5andsha1, 16, 20);
return s.GenerateSignature();
}
/**
* Parameters for generating a NaccacheStern KeyPair.
*
* @param random
* The source of randomness
* @param strength
* The desired strength of the Key in Bits
* @param certainty
* the probability that the generated primes are not really prime
* as integer: 2^(-certainty) is then the probability
* @param countSmallPrimes
* How many small key factors are desired
*/
public NaccacheSternKeyGenerationParameters(
SecureRandom random,
int strength,
int certainty,
int countSmallPrimes)
: this(random, strength, certainty, countSmallPrimes, false)
{
}
public void Init(
int size,
int certainty,
SecureRandom random)
{
this.size = size;
this.certainty = certainty;
this.random = random;
}
/**
* initialise the key generator.
*
* @param size size of the key
* @param typeProcedure type procedure A,B = 1; A',B' - else
* @param random random byte source.
*/
public void Init(
int size,
int typeProcedure,
SecureRandom random)
{
this.size = size;
this.typeproc = typeProcedure;
this.init_random = random;
}
internal PgpSecretKey(
PgpPrivateKey privKey,
PgpPublicKey pubKey,
SymmetricKeyAlgorithmTag encAlgorithm,
char[] passPhrase,
bool useSha1,
SecureRandom rand)
: this(privKey, pubKey, encAlgorithm, passPhrase, useSha1, rand, false)
{
}
/**
* initialise the key generator.
*
* @param size size of the key (range 2^512 -> 2^1024 - 64 bit increments)
* @param certainty measure of robustness of prime (for FIPS 186-2 compliance this should be at least 80).
* @param random random byte source.
*/
public void Init(
int size,
int certainty,
SecureRandom random)
{
if (!IsValidDsaStrength(size))
throw new ArgumentException("size must be from 512 - 1024 and a multiple of 64", "size");
Init(size, GetDefaultN(size), certainty, random);
}
public RsaKeyGenerationParameters(
BigInteger publicExponent,
SecureRandom random,
int strength,
int certainty)
: base(random, strength)
{
this.publicExponent = publicExponent;
this.certainty = certainty;
}
private static BigInteger GeneratePrivateKey(BigInteger q, SecureRandom random)
{
// TODO Prefer this method? (change test cases that used fixed random)
// B.1.1 Key Pair Generation Using Extra Random Bits
// BigInteger c = new BigInteger(q.BitLength + 64, random);
// return c.Mod(q.Subtract(BigInteger.One)).Add(BigInteger.One);
// B.1.2 Key Pair Generation by Testing Candidates
return BigIntegers.CreateRandomInRange(BigInteger.One, q.Subtract(BigInteger.One), random);
}
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
byte[] keyBytes = contentEncryptionKey.GetKey();
IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.ObjectID.Id);
keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random));
Asn1OctetString encryptedKey = new DerOctetString(
keyWrapper.Wrap(keyBytes, 0, keyBytes.Length));
return new RecipientInfo(new KekRecipientInfo(kekIdentifier, keyEncryptionAlgorithm, encryptedKey));
}
public MiscPemGenerator(
object obj,
string algorithm,
char[] password,
SecureRandom random)
{
this.obj = obj;
this.algorithm = algorithm;
this.password = password;
this.random = random;
}
public ParametersWithRandom(
ICipherParameters parameters,
SecureRandom random)
{
if (parameters == null)
throw new ArgumentNullException("random");
if (random == null)
throw new ArgumentNullException("random");
this.parameters = parameters;
this.random = random;
}
/// <summary>
/// Create a new key ring generator using old style checksumming. It is recommended to use
/// SHA1 checksumming where possible.
/// </summary>
/// <param name="certificationLevel">The certification level for keys on this ring.</param>
/// <param name="masterKey">The master key pair.</param>
/// <param name="id">The id to be associated with the ring.</param>
/// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param>
/// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param>
/// <param name="hashedPackets">Packets to be included in the certification hash.</param>
/// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param>
/// <param name="rand">input secured random.</param>
public PgpKeyRingGenerator(
int certificationLevel,
PgpKeyPair masterKey,
string id,
SymmetricKeyAlgorithmTag encAlgorithm,
char[] passPhrase,
PgpSignatureSubpacketVector hashedPackets,
PgpSignatureSubpacketVector unhashedPackets,
SecureRandom rand)
: this(certificationLevel, masterKey, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand)
{
}
/**
* initialise the generator with a source of randomness
* and a strength (in bits).
*
* @param random the random byte source.
* @param strength the size, in bits, of the keys we want to produce.
*/
public KeyGenerationParameters(
SecureRandom random,
int strength)
{
if (random == null)
throw new ArgumentNullException("random");
if (strength < 1)
throw new ArgumentException("strength must be a positive value", "strength");
this.random = random;
this.strength = strength;
}
