public virtual JPakeRound1Payload CreateRound1PayloadToSend() { if (state >= STATE_ROUND_1_CREATED) { throw new InvalidOperationException("Round 1 payload already created for " + participantId); } x1 = JPakeUtilities.GenerateX1(q, random); x2 = JPakeUtilities.GenerateX2(q, random); gx1 = JPakeUtilities.CalculateGx(p, g, x1); gx2 = JPakeUtilities.CalculateGx(p, g, x2); BigInteger[] knowledgeProofForX = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, g, gx1, x1, participantId, digest, random); BigInteger[] knowledgeProofForX2 = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, g, gx2, x2, participantId, digest, random); state = STATE_ROUND_1_CREATED; return(new JPakeRound1Payload(participantId, gx1, gx2, knowledgeProofForX, knowledgeProofForX2)); }
public virtual JPakeRound2Payload CreateRound2PayloadToSend() { if (state >= STATE_ROUND_2_CREATED) { throw new InvalidOperationException("Round 2 payload already created for " + participantId); } if (state < STATE_ROUND_1_VALIDATED) { throw new InvalidOperationException("Round 1 payload must be validated prior to creating round 2 payload for " + participantId); } BigInteger gA = JPakeUtilities.CalculateGA(p, gx1, gx3, gx4); BigInteger s = JPakeUtilities.CalculateS(password); BigInteger bigInteger = JPakeUtilities.CalculateX2s(q, x2, s); BigInteger bigInteger2 = JPakeUtilities.CalculateA(p, q, gA, bigInteger); BigInteger[] knowledgeProofForX2s = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, gA, bigInteger2, bigInteger, participantId, digest, random); state = STATE_ROUND_2_CREATED; return(new JPakeRound2Payload(participantId, bigInteger2, knowledgeProofForX2s)); }
public void TestValidateZeroKnowledgeProof() { JPakePrimeOrderGroup pg1 = JPakePrimeOrderGroups.SUN_JCE_1024; SecureRandom random = new SecureRandom(); IDigest digest1 = new Sha256Digest(); BigInteger x1 = JPakeUtilities.GenerateX1(pg1.Q, random); BigInteger gx1 = JPakeUtilities.CalculateGx(pg1.P, pg1.G, x1); string participantId1 = "participant1"; BigInteger[] zkp1 = JPakeUtilities.CalculateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, x1, participantId1, digest1, random); // should succeed JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, zkp1, participantId1, digest1); // wrong group JPakePrimeOrderGroup pg2 = JPakePrimeOrderGroups.NIST_3072; try { JPakeUtilities.ValidateZeroKnowledgeProof(pg2.P, pg2.Q, pg2.G, gx1, zkp1, participantId1, digest1); Fail("failed to throw exception on wrong prime order group"); } catch (CryptoException) { // expected } // wrong digest IDigest digest2 = new Sha1Digest(); try { JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, zkp1, participantId1, digest2); Fail("failed to throw exception on wrong digest"); } catch (CryptoException) { // expected } // wrong participant string participantId2 = "participant2"; try { JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, zkp1, participantId2, digest1); Fail("failed to throw exception on wrong participant"); } catch (CryptoException) { // expected } // wrong gx BigInteger x2 = JPakeUtilities.GenerateX2(pg1.Q, random); BigInteger gx2 = JPakeUtilities.CalculateGx(pg1.P, pg1.G, x2); try { JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx2, zkp1, participantId1, digest1); Fail("failed to throw exception on wrong gx"); } catch (CryptoException) { // expected } // wrong zkp BigInteger[] zkp2 = JPakeUtilities.CalculateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx2, x2, participantId1, digest1, random); try { JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, zkp2, participantId1, digest1); Fail("failed to throw exception on wrong zero knowledge proof"); } catch (CryptoException) { // expected } // gx <= 0 try { JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, BigInteger.Zero, zkp1, participantId1, digest1); Fail("failed to throw exception on g^x <= 0"); } catch (CryptoException) { // expected } // gx >= p try { JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, pg1.P, zkp1, participantId1, digest1); Fail("failed to throw exception on g^x >= p"); } catch (CryptoException) { // expected } // gx mod q == 1 try { JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, pg1.Q.Add(BigInteger.One), zkp1, participantId1, digest1); Fail("failed to throw exception on g^x mod q == 1"); } catch (CryptoException) { // expected } }