public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement agreement = new DHBasicAgreement(); agreement.Init(privateKey); return(BigIntegers.AsUnsignedByteArray(agreement.CalculateAgreement(publicKey))); }
public override void ProcessClientKeyExchange(Stream input) { byte[] array = TlsUtilities.ReadOpaque16(input); mPsk = mPskIdentityManager.GetPsk(array); if (mPsk == null) { throw new TlsFatalAlert(115); } mContext.SecurityParameters.pskIdentity = array; if (mKeyExchange == 14) { BigInteger y = TlsDHUtilities.ReadDHParameter(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters)); } else if (mKeyExchange == 24) { byte[] encoding = TlsUtilities.ReadOpaque8(input); ECDomainParameters parameters = mECAgreePrivateKey.Parameters; mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mServerECPointFormats, parameters, encoding)); } else if (mKeyExchange == 15) { byte[] encryptedPreMasterSecret = ((!TlsUtilities.IsSsl(mContext)) ? TlsUtilities.ReadOpaque16(input) : Streams.ReadAll(input)); mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret); } }
/** * given a short term public key from a given party calculate the next * message in the agreement sequence. */ public virtual BigInteger CalculateAgreement( ICipherParameters pubKey) { if (this.key == null) { throw new InvalidOperationException("Agreement algorithm not initialised"); } DHPublicKeyParameters pub = (DHPublicKeyParameters)pubKey; if (!pub.Parameters.Equals(dhParams)) { throw new ArgumentException("Diffie-Hellman public key has wrong parameters."); } BigInteger p = dhParams.P; BigInteger peerY = pub.Y; if (peerY == null || peerY.CompareTo(BigInteger.One) <= 0 || peerY.CompareTo(p.Subtract(BigInteger.One)) >= 0) { throw new ArgumentException("Diffie-Hellman public key is weak"); } BigInteger result = peerY.ModPow(key.X, p); if (result.Equals(BigInteger.One)) { throw new InvalidOperationException("Shared key can't be 1"); } return(result); }
protected bool Equals(DHPublicKeyParameters other) { if (y.Equals(other.y)) { return(Equals((DHKeyParameters)other)); } return(false); }
public static DHPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, DHParameters dhParams, Stream output) { AsymmetricCipherKeyPair pair = GenerateDHKeyPair(random, dhParams); DHPublicKeyParameters @public = (DHPublicKeyParameters)pair.Public; new ServerDHParams(@public).Encode(output); return((DHPrivateKeyParameters)pair.Private); }
public static DHPrivateKeyParameters GenerateEphemeralClientKeyExchange(SecureRandom random, DHParameters dhParams, Stream output) { AsymmetricCipherKeyPair pair = GenerateDHKeyPair(random, dhParams); DHPublicKeyParameters @public = (DHPublicKeyParameters)pair.Public; WriteDHParameter(@public.Y, output); return((DHPrivateKeyParameters)pair.Private); }
public override void ProcessClientKeyExchange(Stream input) { if (mDHAgreePublicKey == null) { BigInteger y = TlsDHUtilities.ReadDHParameter(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters)); } }
public ServerDHParams(DHPublicKeyParameters publicKey) { if (publicKey == null) { throw new ArgumentNullException("publicKey"); } this.mPublicKey = publicKey; }
public static DHPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, DHParameters dhParams, Stream output) { AsymmetricCipherKeyPair asymmetricCipherKeyPair = TlsDHUtilities.GenerateDHKeyPair(random, dhParams); DHPublicKeyParameters publicKey = (DHPublicKeyParameters)asymmetricCipherKeyPair.Public; new ServerDHParams(publicKey).Encode(output); return((DHPrivateKeyParameters)asymmetricCipherKeyPair.Private); }
public static DHPrivateKeyParameters GenerateEphemeralClientKeyExchange(SecureRandom random, DHParameters dhParams, Stream output) { AsymmetricCipherKeyPair asymmetricCipherKeyPair = TlsDHUtilities.GenerateDHKeyPair(random, dhParams); DHPublicKeyParameters dHPublicKeyParameters = (DHPublicKeyParameters)asymmetricCipherKeyPair.Public; TlsDHUtilities.WriteDHParameter(dHPublicKeyParameters.Y, output); return((DHPrivateKeyParameters)asymmetricCipherKeyPair.Private); }
public string ComputeSharedSecret(string publicKey) { DHParameters param = Parameters; var importedKey = new DHPublicKeyParameters(new BigInteger(publicKey, 16), param); var internalKeyAgree = AgreementUtilities.GetBasicAgreement("DH"); internalKeyAgree.Init(PrivateKeyParameter); return(internalKeyAgree.CalculateAgreement(importedKey).ToString(16)); }
/** * this test is can take quiet a while */ private void doTestGeneration( int size) { DHParametersGenerator pGen = new DHParametersGenerator(); pGen.Init(size, 10, new SecureRandom()); DHParameters dhParams = pGen.GenerateParameters(); if (dhParams.L != 0) { Fail("DHParametersGenerator failed to set J to 0 in generated DHParameters"); } DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator(); kpGen.Init(dhkgParams); // // generate first pair // AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; // // generate second pair // dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), pu1.Parameters); kpGen.Init(dhkgParams); pair = kpGen.GenerateKeyPair(); DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public; DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private; // // two way // DHBasicAgreement e1 = new DHBasicAgreement(); DHBasicAgreement e2 = new DHBasicAgreement(); e1.Init(new ParametersWithRandom(pv1, new SecureRandom())); e2.Init(new ParametersWithRandom(pv2, new SecureRandom())); BigInteger k1 = e1.CalculateAgreement(pu2); BigInteger k2 = e2.CalculateAgreement(pu1); if (!k1.Equals(k2)) { Fail("basic with " + size + " bit 2-way test failed"); } }
public ServerDHParams(DHPublicKeyParameters publicKey) { //IL_000e: Unknown result type (might be due to invalid IL or missing references) if (publicKey == null) { throw new ArgumentNullException("publicKey"); } mPublicKey = publicKey; }
public override void ProcessClientKeyExchange(Stream input) { if (mDHAgreePublicKey != null) { // For dss_fixed_dh and rsa_fixed_dh, the key arrived in the client certificate return; } this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), mDHParameters); }
protected virtual byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement dhAgree = new DHBasicAgreement(); dhAgree.Init(dhAgreeClientPrivateKey); BigInteger agreement = dhAgree.CalculateAgreement(dhAgreeServerPublicKey); return(BigIntegers.AsUnsignedByteArray(agreement)); }
/** * given a message from a given party and the coresponding public key * calculate the next message in the agreement sequence. In this case * this will represent the shared secret. */ public BigInteger calculateAgreement( DHPublicKeyParameters pub, BigInteger message) { if (!pub.getParameters().Equals(dhParams)) { throw new ArgumentException("Diffie-Hellman public key has wrong parameters."); } return(message.modPow(key.getX(), dhParams.getP()).multiply(pub.getY().modPow(privateValue, dhParams.getP())).mod(dhParams.getP())); }
public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key) { DHParameters parameters = ValidateDHParameters(key.Parameters); BigInteger y = key.Y; if ((y.CompareTo(Two) < 0) || (y.CompareTo(parameters.P.Subtract(Two)) > 0)) { throw new TlsFatalAlert(0x2f); } return(key); }
public override void ProcessServerKeyExchange(Stream input) { if (!RequiresServerKeyExchange) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } // DH_anon is handled here, DHE_* in a subclass this.mDHParameters = TlsDHUtilities.ReceiveDHParameters(mDHVerifier, input); this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), mDHParameters); }
public static DHPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, DHParameters dhParams, Stream output) { AsymmetricCipherKeyPair kp = GenerateDHKeyPair(random, dhParams); DHPublicKeyParameters dhPublic = (DHPublicKeyParameters)kp.Public; WriteDHParameters(dhParams, output); WriteDHParameter(dhPublic.Y, output); return((DHPrivateKeyParameters)kp.Private); }
/** * given a short term public key from a given party calculate the next * message in the agreement sequence. */ public BigInteger calculateAgreement( CipherParameters pubKey) { DHPublicKeyParameters pub = (DHPublicKeyParameters)pubKey; if (!pub.getParameters().Equals(dhParams)) { throw new ArgumentException("Diffie-Hellman public key has wrong parameters."); } return(pub.getY().modPow(key.getX(), dhParams.getP())); }
private string GeneratePassword() { DHPublicKeyParameters publicKey = new DHPublicKeyParameters( ((DHPublicKeyParameters)PublicKeyFactory.CreateKey(encodedPublicKey)).Y, sharedParameters); IBasicAgreement agreement = AgreementUtilities.GetBasicAgreement("DH"); agreement.Init(keyPair.Private); BigInteger agreementValue = agreement.CalculateAgreement(publicKey); return(agreementValue.ToString(16)); }
public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey) { DHBasicAgreement basicAgreement = new DHBasicAgreement(); basicAgreement.Init(privateKey); BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey); /* * RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is * used as the pre_master_secret. */ return(BigIntegers.AsUnsignedByteArray(agreementValue)); }
public override bool Equals(object obj) { if (obj == this) { return(true); } DHPublicKeyParameters dHPublicKeyParameters = obj as DHPublicKeyParameters; if (dHPublicKeyParameters == null) { return(false); } return(Equals(dHPublicKeyParameters)); }
public override void ProcessServerKeyExchange(Stream input) { if (!RequiresServerKeyExchange) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } // DH_anon is handled here, DHE_* in a subclass ServerDHParams dhParams = ServerDHParams.Parse(input); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey); this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); }
public virtual BigInteger CalculateAgreement(ICipherParameters pubKey) { if (this.key == null) { throw new InvalidOperationException("Agreement algorithm not initialised"); } DHPublicKeyParameters dHPublicKeyParameters = (DHPublicKeyParameters)pubKey; if (!dHPublicKeyParameters.Parameters.Equals(this.dhParams)) { throw new ArgumentException("Diffie-Hellman public key has wrong parameters."); } return(dHPublicKeyParameters.Y.ModPow(this.key.X, this.dhParams.P)); }
public override void ProcessServerCertificate(Certificate serverCertificate) { if (mKeyExchange == KeyExchangeAlgorithm.DH_anon) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } if (serverCertificate.IsEmpty) { throw new TlsFatalAlert(AlertDescription.decode_error); } X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; try { this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); } catch (Exception e) { throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); } if (mTlsSigner == null) { try { this.mDHAgreePublicKey = (DHPublicKeyParameters)this.mServerPublicKey; this.mDHParameters = mDHAgreePublicKey.Parameters; } catch (InvalidCastException e) { throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement); } else { if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey)) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); } base.ProcessServerCertificate(serverCertificate); }
public override void ProcessServerKeyExchange(Stream input) { this.mPskIdentityHint = TlsUtilities.ReadOpaque16(input); if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { ServerDHParams serverDHParams = ServerDHParams.Parse(input); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { // TODO[RFC 5489] } }
public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key) { DHParameters parameters = ValidateDHParameters(key.Parameters); BigInteger Y = key.Y; if (Y.CompareTo(Two) < 0 || Y.CompareTo(parameters.P.Subtract(Two)) > 0) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } // TODO See RFC 2631 for more discussion of Diffie-Hellman validation return(key); }
public virtual BigInteger CalculateAgreement(ICipherParameters pubKey) { //IL_000d: Unknown result type (might be due to invalid IL or missing references) //IL_0032: Unknown result type (might be due to invalid IL or missing references) if (key == null) { throw new InvalidOperationException("Agreement algorithm not initialised"); } DHPublicKeyParameters dHPublicKeyParameters = (DHPublicKeyParameters)pubKey; if (!dHPublicKeyParameters.Parameters.Equals(dhParams)) { throw new ArgumentException("Diffie-Hellman public key has wrong parameters."); } return(dHPublicKeyParameters.Y.ModPow(key.X, dhParams.P)); }
public override void ProcessServerKeyExchange(Stream input) { mPskIdentityHint = TlsUtilities.ReadOpaque16(input); if (mKeyExchange == 14) { ServerDHParams serverDHParams = ServerDHParams.Parse(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); mDHParameters = mDHAgreePublicKey.Parameters; } else if (mKeyExchange == 24) { ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input); byte[] encoding = TlsUtilities.ReadOpaque8(input); mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mClientECPointFormats, curve_params, encoding)); } }