public void Init(
ICipherParameters parameters)
{
AsymmetricKeyParameter kParam;
if (parameters is ParametersWithRandom)
{
ParametersWithRandom rParam = (ParametersWithRandom)parameters;
this.random = rParam.Random;
kParam = (AsymmetricKeyParameter)rParam.Parameters;
}
else
{
this.random = new SecureRandom();
kParam = (AsymmetricKeyParameter)parameters;
}
if (!(kParam is DHPrivateKeyParameters))
{
throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
}
this.key = (DHPrivateKeyParameters)kParam;
this.dhParams = key.Parameters;
}
public virtual void GenerateClientKeyExchange(Stream output)
{
if (psk_identity_hint == null || psk_identity_hint.Length == 0)
{
pskIdentity.SkipIdentityHint();
}
else
{
pskIdentity.NotifyIdentityHint(psk_identity_hint);
}
byte[] psk_identity = pskIdentity.GetPskIdentity();
TlsUtilities.WriteOpaque16(psk_identity, output);
if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK)
{
this.premasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(
context.SecureRandom, this.rsaServerPublicKey, output);
}
else if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
{
this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(
context.SecureRandom, this.dhAgreeServerPublicKey.Parameters, output);
}
}
public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
DHPrivateKeyParameters privateKey)
{
DHBasicAgreement dhAgree = new DHBasicAgreement();
dhAgree.Init(privateKey);
BigInteger agreement = dhAgree.CalculateAgreement(publicKey);
return BigIntegers.AsUnsignedByteArray(agreement);
}
public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
DHPrivateKeyParameters privateKey)
{
DHBasicAgreement basicAgreement = new DHBasicAgreement();
basicAgreement.Init(privateKey);
BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey);
/*
* RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is
* used as the pre_master_secret.
*/
return BigIntegers.AsUnsignedByteArray(agreementValue);
}
public void Init(ICipherParameters parameters)
{
if (parameters is ParametersWithRandom)
{
parameters = ((ParametersWithRandom) parameters).Parameters;
}
if (!(parameters is DHPrivateKeyParameters))
{
throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
}
this._key = (DHPrivateKeyParameters) parameters;
this._dhParams = _key.Parameters;
}
/// <summary>
///
/// </summary>
/// <param name="newagrlen">agreement length in bytes. Valid values are 32, 96, 128</param>
public ECDHWrapper(int newagrlen)
{
DHKeyPairGenerator kpGen;
this.initPG(newagrlen);
kpGen = this.getDHKeyPairGenerator(this.g, this.p);
this.agrlen = newagrlen;
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
this.pu1 = (DHPublicKeyParameters)pair.Public;
this.pv1 = (DHPrivateKeyParameters)pair.Private;
this.e1 = new DHAgreement();
this.e1.Init(new ParametersWithRandom(this.pv1, new SecureRandom()));
this.m1 = this.e1.CalculateMessage();
this.pubdata = this.getPubData();
}
public void TestDH()
{
IBigInteger DHParraP = new BigInteger(Base64.Decode("ALJCm1CUL6mOnyVqWTSV6Z2+DVSGOvgboOhmbyyxCrym59uVnXMmPjIgQTrmniFg7PvdcN7NNFwFmcZleULso1s="));
IBigInteger DHParraQ = new BigInteger(Base64.Decode("WSFNqEoX1MdPkrUsmkr0zt8GqkMdfA3QdDM3lliFXlNz7crOuZMfGRAgnXNPELB2fe64b2aaLgLM4zK8oXZRrQ=="));
IBigInteger DHPubY = new BigInteger(Base64.Decode("AIki+8/zggCS2e488AsTNULI4LujdUeQQsZI949Dc9lKXZRmrPIC1h8NRoneHQEhpAe4Rhe0nhUOGZJekT5++SA="));
IBigInteger DHPrivX = new BigInteger(Base64.Decode("Apo67noMRO5eDWo/TtpRiBmKGw7ywh25shIu0Rs03krQmWKRbDPvdygWdJ5IpW6ZbKlCTAMhSxpz03YSeSEDmw=="));
DHParameters dhPara = new DHParameters(DHParraP, DHParraQ);
DHPublicKeyParameters dhPublic = new DHPublicKeyParameters(DHPubY, dhPara);
DHPrivateKeyParameters dhPrivate = new DHPrivateKeyParameters(DHPrivX, dhPara);
SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dhPublic);
PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dhPrivate);
DHPublicKeyParameters testPubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubInfo);
DHPrivateKeyParameters testPrivKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privInfo);
Assert.IsFalse(!testPrivKey.Equals(dhPrivate), "DH: Private key to info back to key");
Assert.IsFalse(!testPubKey.Equals(dhPublic), "DH: Public key to info back to key");
Assert.IsTrue(true, "Diffe Helman Test worked.");
}
protected bool Equals(
DHPrivateKeyParameters other)
{
return x.Equals(other.x) && base.Equals(other);
}
public override void GenerateClientKeyExchange(Stream output)
{
/*
* RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman
* key, then Yc is implicit and does not need to be sent again. In this case, the Client Key
* Exchange message will be sent, but will be empty.
*/
if (mAgreementCredentials == null)
{
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
mDHParameters, output);
}
}
private void checkKeySize(
int privateValueSize,
DHPrivateKeyParameters priv)
{
if (privateValueSize != 0)
{
if (priv.X.BitLength != privateValueSize)
{
Fail("limited key check failed for key size " + privateValueSize);
}
}
}
protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output)
{
this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(
context.SecureRandom, dhParams, output);
}
protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
DHPrivateKeyParameters privateKey)
{
return TlsDHUtilities.CalculateDHBasicAgreement(publicKey, privateKey);
}
public void Init(ICipherParameters parameters)
{
IAsymmetricKeyParameter kParam;
var rParam = parameters as ParametersWithRandom;
if (rParam != null)
{
_random = rParam.Random;
kParam = (AsymmetricKeyParameter)rParam.Parameters;
}
else
{
_random = new SecureRandom();
kParam = (AsymmetricKeyParameter)parameters;
}
if (!(kParam is DHPrivateKeyParameters))
{
throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
}
_key = (DHPrivateKeyParameters)kParam;
_dhParams = _key.Parameters;
}
protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output)
{
AsymmetricCipherKeyPair dhAgreeClientKeyPair = GenerateDHKeyPair(dhParams);
this.dhAgreeClientPrivateKey = (DHPrivateKeyParameters)dhAgreeClientKeyPair.Private;
BigInteger Yc = ((DHPublicKeyParameters)dhAgreeClientKeyPair.Public).Y;
byte[] keData = BigIntegers.AsUnsignedByteArray(Yc);
TlsUtilities.WriteUint24(keData.Length + 2, output);
TlsUtilities.WriteOpaque16(keData, output);
}
protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
DHPrivateKeyParameters privateKey)
{
DHBasicAgreement dhAgree = new DHBasicAgreement();
dhAgree.Init(dhAgreeClientPrivateKey);
BigInteger agreement = dhAgree.CalculateAgreement(dhAgreeServerPublicKey);
return BigIntegers.AsUnsignedByteArray(agreement);
}
protected bool Equals(
DHPrivateKeyParameters other)
{
return(x.Equals(other.x) && base.Equals(other));
}
public override byte[] GenerateServerKeyExchange()
{
// TODO[RFC 4279] Need a server-side PSK API to determine hint and resolve identities to keys
this.mPskIdentityHint = null;
if (this.mPskIdentityHint == null && !RequiresServerKeyExchange)
return null;
MemoryStream buf = new MemoryStream();
if (this.mPskIdentityHint == null)
{
TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf);
}
else
{
TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf);
}
if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
{
if (this.mDHParameters == null)
throw new TlsFatalAlert(AlertDescription.internal_error);
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom,
this.mDHParameters, buf);
}
else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
{
// TODO[RFC 5489]
}
return buf.ToArray();
}
public void TestDH()
{
BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
DHParameters dhParams = new DHParameters(p512, g512);
DHKeyGenerationParameters parameters = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHKeyPairGenerator kpGen = new DHKeyPairGenerator();
kpGen.Init(parameters);
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
DHPublicKeyParameters pu2 = new DHPublicKeyParameters(pu1.Y, pu1.Parameters);
DHPrivateKeyParameters pv2 = new DHPrivateKeyParameters(pv1.X, pv1.Parameters);
DHPublicKeyParameters pu3 = new DHPublicKeyParameters(pv1.X, pu1.Parameters);
DHPrivateKeyParameters pv3 = new DHPrivateKeyParameters(pu1.Y, pu1.Parameters);
doTest(pu1, pu2, pu3);
doTest(pv1, pv2, pv3);
DHParameters pr1 = pu1.Parameters;
DHParameters pr2 = new DHParameters(
pr1.P, pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
DHParameters pr3 = new DHParameters(
pr1.P.Add(BigInteger.Two), pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
doTest(pr1, pr2, pr3);
pr3 = new DHParameters(
pr1.P, pr1.G.Add(BigInteger.One), pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
doTest(pr1, pr2, pr3);
pu2 = new DHPublicKeyParameters(pu1.Y, pr2);
pv2 = new DHPrivateKeyParameters(pv1.X, pr2);
doTest(pu1, pu2, pu3);
doTest(pv1, pv2, pv3);
DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024);
DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024);
DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024);
doTest(vp1, vp1, vp3);
doTest(vp1, vp2, vp3);
byte[] bytes = new byte[20];
bytes[0] = 1;
vp3 = new DHValidationParameters(bytes, 1024);
doTest(vp1, vp2, vp3);
vp3 = new DHValidationParameters(new byte[20], 2048);
doTest(vp1, vp2, vp3);
DHTestKeyParameters k1 = new DHTestKeyParameters(false, null);
DHTestKeyParameters k2 = new DHTestKeyParameters(false, null);
DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.Parameters);
doTest(k1, k2, k3);
}
public override void GenerateClientKeyExchange(Stream output)
{
if (mPskIdentityHint == null)
{
mPskIdentity.SkipIdentityHint();
}
else
{
mPskIdentity.NotifyIdentityHint(mPskIdentityHint);
}
byte[] psk_identity = mPskIdentity.GetPskIdentity();
if (psk_identity == null)
throw new TlsFatalAlert(AlertDescription.internal_error);
this.mPsk = mPskIdentity.GetPsk();
if (mPsk == null)
throw new TlsFatalAlert(AlertDescription.internal_error);
TlsUtilities.WriteOpaque16(psk_identity, output);
mContext.SecurityParameters.pskIdentity = psk_identity;
if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
{
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
mDHParameters, output);
}
else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
{
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
mServerECPointFormats, mECAgreePublicKey.Parameters, output);
}
else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
{
this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext,
this.mRsaServerPublicKey, output);
}
}
public override byte[] GenerateServerKeyExchange()
{
this.mPskIdentityHint = mPskIdentityManager.GetHint();
if (this.mPskIdentityHint == null && !RequiresServerKeyExchange)
return null;
MemoryStream buf = new MemoryStream();
if (this.mPskIdentityHint == null)
{
TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf);
}
else
{
TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf);
}
if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
{
if (this.mDHParameters == null)
throw new TlsFatalAlert(AlertDescription.internal_error);
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
this.mDHParameters, buf);
}
else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
{
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
mNamedCurves, mClientECPointFormats, buf);
}
return buf.ToArray();
}