Пример #1
0
		public void Init(
			ICipherParameters parameters)
		{
			AsymmetricKeyParameter kParam;
			if (parameters is ParametersWithRandom)
			{
				ParametersWithRandom rParam = (ParametersWithRandom)parameters;

				this.random = rParam.Random;
				kParam = (AsymmetricKeyParameter)rParam.Parameters;
			}
			else
			{
				this.random = new SecureRandom();
				kParam = (AsymmetricKeyParameter)parameters;
			}

			if (!(kParam is DHPrivateKeyParameters))
			{
				throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
			}

			this.key = (DHPrivateKeyParameters)kParam;
			this.dhParams = key.Parameters;
		}
        public virtual void GenerateClientKeyExchange(Stream output)
        {
            if (psk_identity_hint == null || psk_identity_hint.Length == 0)
            {
                pskIdentity.SkipIdentityHint();
            }
            else
            {
                pskIdentity.NotifyIdentityHint(psk_identity_hint);
            }

            byte[] psk_identity = pskIdentity.GetPskIdentity();

            TlsUtilities.WriteOpaque16(psk_identity, output);

            if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK)
            {
                this.premasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(
                    context.SecureRandom, this.rsaServerPublicKey, output);
            }
            else if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(
                    context.SecureRandom, this.dhAgreeServerPublicKey.Parameters, output);
            }
        }
        public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
			DHPrivateKeyParameters privateKey)
        {
            DHBasicAgreement dhAgree = new DHBasicAgreement();
            dhAgree.Init(privateKey);
            BigInteger agreement = dhAgree.CalculateAgreement(publicKey);
            return BigIntegers.AsUnsignedByteArray(agreement);
        }
Пример #4
0
        public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
            DHPrivateKeyParameters privateKey)
        {
            DHBasicAgreement basicAgreement = new DHBasicAgreement();
            basicAgreement.Init(privateKey);
            BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey);

            /*
             * RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is
             * used as the pre_master_secret.
             */
            return BigIntegers.AsUnsignedByteArray(agreementValue);
        }
        public void Init(ICipherParameters parameters)
        {
            if (parameters is ParametersWithRandom)
            {
                parameters = ((ParametersWithRandom) parameters).Parameters;
            }
            if (!(parameters is DHPrivateKeyParameters))
            {
                throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
            }

            this._key = (DHPrivateKeyParameters) parameters;
            this._dhParams = _key.Parameters;
        }
Пример #6
0
        /// <summary>
        /// 
        /// </summary>
        /// <param name="newagrlen">agreement length in bytes. Valid values are 32, 96, 128</param>
        public ECDHWrapper(int newagrlen)
        {
            DHKeyPairGenerator kpGen;
            this.initPG(newagrlen);
            kpGen = this.getDHKeyPairGenerator(this.g, this.p);
            this.agrlen = newagrlen;

            AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();

            this.pu1 = (DHPublicKeyParameters)pair.Public;
            this.pv1 = (DHPrivateKeyParameters)pair.Private;

            this.e1 = new DHAgreement();
            this.e1.Init(new ParametersWithRandom(this.pv1, new SecureRandom()));
            this.m1 = this.e1.CalculateMessage();

            this.pubdata = this.getPubData();
        }
        public void TestDH()
        {
            IBigInteger DHParraP = new BigInteger(Base64.Decode("ALJCm1CUL6mOnyVqWTSV6Z2+DVSGOvgboOhmbyyxCrym59uVnXMmPjIgQTrmniFg7PvdcN7NNFwFmcZleULso1s="));
            IBigInteger DHParraQ = new BigInteger(Base64.Decode("WSFNqEoX1MdPkrUsmkr0zt8GqkMdfA3QdDM3lliFXlNz7crOuZMfGRAgnXNPELB2fe64b2aaLgLM4zK8oXZRrQ=="));
            IBigInteger DHPubY = new BigInteger(Base64.Decode("AIki+8/zggCS2e488AsTNULI4LujdUeQQsZI949Dc9lKXZRmrPIC1h8NRoneHQEhpAe4Rhe0nhUOGZJekT5++SA="));
            IBigInteger DHPrivX = new BigInteger(Base64.Decode("Apo67noMRO5eDWo/TtpRiBmKGw7ywh25shIu0Rs03krQmWKRbDPvdygWdJ5IpW6ZbKlCTAMhSxpz03YSeSEDmw=="));

            DHParameters dhPara = new DHParameters(DHParraP, DHParraQ);
            DHPublicKeyParameters dhPublic = new DHPublicKeyParameters(DHPubY, dhPara);
            DHPrivateKeyParameters dhPrivate = new DHPrivateKeyParameters(DHPrivX, dhPara);

            SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dhPublic);
            PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dhPrivate);

            DHPublicKeyParameters testPubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubInfo);
            DHPrivateKeyParameters testPrivKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privInfo);

            Assert.IsFalse(!testPrivKey.Equals(dhPrivate), "DH: Private key to info back to key");
            Assert.IsFalse(!testPubKey.Equals(dhPublic), "DH: Public key to info back to key");

            Assert.IsTrue(true, "Diffe Helman Test worked.");
        }
		protected bool Equals(
			DHPrivateKeyParameters other)
		{
			return x.Equals(other.x) && base.Equals(other);
		}
 public override void GenerateClientKeyExchange(Stream output)
 {
     /*
      * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman
      * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key
      * Exchange message will be sent, but will be empty.
      */
     if (mAgreementCredentials == null)
     {
         this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
             mDHParameters, output);
     }
 }
Пример #10
0
		private void checkKeySize(
			int privateValueSize,
			DHPrivateKeyParameters priv)
		{
			if (privateValueSize != 0)
			{
				if (priv.X.BitLength != privateValueSize)
				{
					Fail("limited key check failed for key size " + privateValueSize);
				}
			}
		}
Пример #11
0
		protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output)
		{
			this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(
				context.SecureRandom, dhParams, output);
		}
Пример #12
0
		protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
			DHPrivateKeyParameters privateKey)
		{
			return TlsDHUtilities.CalculateDHBasicAgreement(publicKey, privateKey);
		}
        public void Init(ICipherParameters parameters)
        {
            IAsymmetricKeyParameter kParam;
            var rParam = parameters as ParametersWithRandom;
            if (rParam != null)
            {
                _random = rParam.Random;
                kParam = (AsymmetricKeyParameter)rParam.Parameters;
            }
            else
            {
                _random = new SecureRandom();
                kParam = (AsymmetricKeyParameter)parameters;
            }

            if (!(kParam is DHPrivateKeyParameters))
            {
                throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
            }

            _key = (DHPrivateKeyParameters)kParam;
            _dhParams = _key.Parameters;
        }
		protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output)
		{
			AsymmetricCipherKeyPair dhAgreeClientKeyPair = GenerateDHKeyPair(dhParams);
			this.dhAgreeClientPrivateKey = (DHPrivateKeyParameters)dhAgreeClientKeyPair.Private;

			BigInteger Yc = ((DHPublicKeyParameters)dhAgreeClientKeyPair.Public).Y;
			byte[] keData = BigIntegers.AsUnsignedByteArray(Yc);
			TlsUtilities.WriteUint24(keData.Length + 2, output);
			TlsUtilities.WriteOpaque16(keData, output);
		}
		protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
			DHPrivateKeyParameters privateKey)
		{
			DHBasicAgreement dhAgree = new DHBasicAgreement();
			dhAgree.Init(dhAgreeClientPrivateKey);
			BigInteger agreement = dhAgree.CalculateAgreement(dhAgreeServerPublicKey);
			return BigIntegers.AsUnsignedByteArray(agreement);
		}
 protected bool Equals(
     DHPrivateKeyParameters other)
 {
     return(x.Equals(other.x) && base.Equals(other));
 }
Пример #17
0
        public override byte[] GenerateServerKeyExchange()
        {
            // TODO[RFC 4279] Need a server-side PSK API to determine hint and resolve identities to keys
            this.mPskIdentityHint = null;

            if (this.mPskIdentityHint == null && !RequiresServerKeyExchange)
                return null;

            MemoryStream buf = new MemoryStream();

            if (this.mPskIdentityHint == null)
            {
                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf);
            }
            else
            {
                TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf);
            }

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                if (this.mDHParameters == null)
                    throw new TlsFatalAlert(AlertDescription.internal_error);

                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom,
                    this.mDHParameters, buf);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                // TODO[RFC 5489]
            }

            return buf.ToArray();
        }
Пример #18
0
		public void TestDH()
		{
			BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
			BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);

			DHParameters dhParams = new DHParameters(p512, g512);
			DHKeyGenerationParameters parameters = new DHKeyGenerationParameters(new SecureRandom(), dhParams);         DHKeyPairGenerator          kpGen = new DHKeyPairGenerator();

			kpGen.Init(parameters);

			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;

			DHPublicKeyParameters pu2 = new DHPublicKeyParameters(pu1.Y, pu1.Parameters);
			DHPrivateKeyParameters pv2 = new DHPrivateKeyParameters(pv1.X, pv1.Parameters);
			DHPublicKeyParameters pu3 = new DHPublicKeyParameters(pv1.X, pu1.Parameters);
			DHPrivateKeyParameters pv3 = new DHPrivateKeyParameters(pu1.Y, pu1.Parameters);

			doTest(pu1, pu2, pu3);
			doTest(pv1, pv2, pv3);

			DHParameters pr1 = pu1.Parameters;
			DHParameters pr2 = new DHParameters(
				pr1.P, pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
			DHParameters pr3 = new DHParameters(
				pr1.P.Add(BigInteger.Two), pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);

			doTest(pr1, pr2, pr3);

			pr3 = new DHParameters(
				pr1.P, pr1.G.Add(BigInteger.One), pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);

			doTest(pr1, pr2, pr3);

			pu2 = new DHPublicKeyParameters(pu1.Y, pr2);
			pv2 = new DHPrivateKeyParameters(pv1.X, pr2);

			doTest(pu1, pu2, pu3);
			doTest(pv1, pv2, pv3);

			DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024);
			DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024);
			DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024);

			doTest(vp1, vp1, vp3);
			doTest(vp1, vp2, vp3);

			byte[] bytes = new byte[20];
			bytes[0] = 1;

			vp3 = new DHValidationParameters(bytes, 1024);

			doTest(vp1, vp2, vp3);

			vp3 = new DHValidationParameters(new byte[20], 2048);

			doTest(vp1, vp2, vp3);

			DHTestKeyParameters k1 = new DHTestKeyParameters(false, null);
			DHTestKeyParameters k2 = new DHTestKeyParameters(false, null);
			DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.Parameters);

			doTest(k1, k2, k3);
		}
        public override void GenerateClientKeyExchange(Stream output)
        {
            if (mPskIdentityHint == null)
            {
                mPskIdentity.SkipIdentityHint();
            }
            else
            {
                mPskIdentity.NotifyIdentityHint(mPskIdentityHint);
            }

            byte[] psk_identity = mPskIdentity.GetPskIdentity();
            if (psk_identity == null)
                throw new TlsFatalAlert(AlertDescription.internal_error);

            this.mPsk = mPskIdentity.GetPsk();
            if (mPsk == null)
                throw new TlsFatalAlert(AlertDescription.internal_error);

            TlsUtilities.WriteOpaque16(psk_identity, output);

            mContext.SecurityParameters.pskIdentity = psk_identity;

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
                    mDHParameters, output);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
                    mServerECPointFormats, mECAgreePublicKey.Parameters, output);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
            {
                this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext,
                    this.mRsaServerPublicKey, output);
            }
        }
        public override byte[] GenerateServerKeyExchange()
        {
            this.mPskIdentityHint = mPskIdentityManager.GetHint();

            if (this.mPskIdentityHint == null && !RequiresServerKeyExchange)
                return null;

            MemoryStream buf = new MemoryStream();

            if (this.mPskIdentityHint == null)
            {
                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf);
            }
            else
            {
                TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf);
            }

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                if (this.mDHParameters == null)
                    throw new TlsFatalAlert(AlertDescription.internal_error);

                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
                    this.mDHParameters, buf);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
                    mNamedCurves, mClientECPointFormats, buf);
            }

            return buf.ToArray();
        }