public static BigInteger ComputeSharedSecret(string A, AsymmetricKeyParameter bPrivateKey, DHParameters internalParameters) { var importedKey = new DHPublicKeyParameters(new BigInteger(A), internalParameters); var internalKeyAgree = AgreementUtilities.GetBasicAgreement("DH"); internalKeyAgree.Init(bPrivateKey); return internalKeyAgree.CalculateAgreement(importedKey); }
public static AsymmetricCipherKeyPair GenerateKeys(DHParameters parameters) { var keyGen = GeneratorUtilities.GetKeyPairGenerator("DH"); var kgp = new DHKeyGenerationParameters(new SecureRandom(), parameters); keyGen.Init(kgp); return keyGen.GenerateKeyPair(); }
public DHKeyGenerationParameters( SecureRandom random, DHParameters parameters) : base(random, GetStrength(parameters)) { this.parameters = parameters; }
public DHKeyGenerationParameters( SecureRandom random, DHParameters parameters) : base(random, parameters.P.BitLength) { this.parameters = parameters; }
public DHPrivateKeyParameters( BigInteger x, DHParameters parameters) : base(true, parameters) { this.x = x; }
public void Init( ICipherParameters parameters) { AsymmetricKeyParameter kParam; if (parameters is ParametersWithRandom) { ParametersWithRandom rParam = (ParametersWithRandom)parameters; this.random = rParam.Random; kParam = (AsymmetricKeyParameter)rParam.Parameters; } else { this.random = new SecureRandom(); kParam = (AsymmetricKeyParameter)parameters; } if (!(kParam is DHPrivateKeyParameters)) { throw new ArgumentException("DHEngine expects DHPrivateKeyParameters"); } this.key = (DHPrivateKeyParameters)kParam; this.dhParams = key.Parameters; }
internal IBigInteger CalculatePrivate( DHParameters dhParams, ISecureRandom random) { int limit = dhParams.L; if (limit != 0) { return new BigInteger(limit, random).SetBit(limit - 1); } IBigInteger min = BigInteger.Two; int m = dhParams.M; if (m != 0) { min = BigInteger.One.ShiftLeft(m - 1); } IBigInteger max = dhParams.P.Subtract(BigInteger.Two); IBigInteger q = dhParams.Q; if (q != null) { max = q.Subtract(BigInteger.Two); } return BigIntegers.CreateRandomInRange(min, max, random); }
protected DHKeyParameters( bool isPrivate, DHParameters parameters) : base(isPrivate) { // TODO Should we allow parameters to be null? this.parameters = parameters; }
public DHPrivateKeyParameters( BigInteger x, DHParameters parameters, DerObjectIdentifier algorithmOid) : base(true, parameters, algorithmOid) { this.x = x; }
public DHPublicKeyParameters( BigInteger y, DHParameters parameters) : base(false, parameters) { if (y == null) throw new ArgumentNullException("y"); this.y = y; }
protected DHKeyParameters( bool isPrivate, DHParameters parameters, DerObjectIdentifier algorithmOid) : base(isPrivate) { // TODO Should we allow parameters to be null? this.parameters = parameters; this.algorithmOid = algorithmOid; }
public DHProvider(DHParameters parameters) { _parameters = parameters; IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH"); KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), _parameters); keyGen.Init(kgp); _kp = keyGen.GenerateKeyPair(); }
public DHPublicKeyParameters( BigInteger y, DHParameters parameters, DerObjectIdentifier algorithmOid) : base(false, parameters, algorithmOid) { if (y == null) throw new ArgumentNullException("y"); this.y = y; }
public ServerAuthority(DHParameters parameters) { this.parameters = parameters; IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH"); KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), parameters); keyGen.Init(kgp); kp = keyGen.GenerateKeyPair(); agreement = AgreementUtilities.GetBasicAgreement("DH"); agreement.Init(kp.Private); }
public AsymmetricCipherKeyPair GenerateKeyPair() { DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.Instance; ElGamalParameters egp = param.Parameters; DHParameters dhp = new DHParameters(egp.P, egp.G, null, 0, egp.L); BigInteger x = helper.CalculatePrivate(dhp, param.Random); BigInteger y = helper.CalculatePublic(dhp, x); return new AsymmetricCipherKeyPair( new ElGamalPublicKeyParameters(y, egp), new ElGamalPrivateKeyParameters(x, egp)); }
public static DHPrivateKeyParameters GenerateEphemeralClientKeyExchange(SecureRandom random, DHParameters dhParams, Stream output) { AsymmetricCipherKeyPair dhAgreeClientKeyPair = GenerateDHKeyPair(random, dhParams); DHPrivateKeyParameters dhAgreeClientPrivateKey = (DHPrivateKeyParameters)dhAgreeClientKeyPair.Private; BigInteger Yc = ((DHPublicKeyParameters)dhAgreeClientKeyPair.Public).Y; byte[] keData = BigIntegers.AsUnsignedByteArray(Yc); TlsUtilities.WriteOpaque16(keData, output); return dhAgreeClientPrivateKey; }
public void Init(ICipherParameters parameters) { if (parameters is ParametersWithRandom) { parameters = ((ParametersWithRandom) parameters).Parameters; } if (!(parameters is DHPrivateKeyParameters)) { throw new ArgumentException("DHEngine expects DHPrivateKeyParameters"); } this._key = (DHPrivateKeyParameters) parameters; this._dhParams = _key.Parameters; }
/// <summary> /// Create a Diffie-Hellman key pair mixture. /// </summary> /// <returns>KeyPair mixture</returns> public KeyPair Mix() { var cipherKeyPairGenerator = GeneratorUtilities.GetKeyPairGenerator("DiffieHellman"); var diffieHellmanParameters = new DHParameters(_common.P, _common.G, null); KeyGenerationParameters diffieHellmanKeyGenerationParameters = new DHKeyGenerationParameters(new Org.BouncyCastle.Security.SecureRandom(), diffieHellmanParameters); cipherKeyPairGenerator.Init(diffieHellmanKeyGenerationParameters); var asymmetricKeyPair = cipherKeyPairGenerator.GenerateKeyPair(); var agreement = AgreementUtilities.GetBasicAgreement("DiffieHellman"); agreement.Init(asymmetricKeyPair.Private); return new KeyPair() { Private = ((DHPrivateKeyParameters)asymmetricKeyPair.Private).X.ToString(), Public = ((DHPublicKeyParameters)asymmetricKeyPair.Public).Y.ToString() }; }
public override bool Equals( object obj) { if (obj == this) { return(true); } DHParameters other = obj as DHParameters; if (other == null) { return(false); } return(Equals(other)); }
internal BigInteger CalculatePrivate( DHParameters dhParams, SecureRandom random) { int limit = dhParams.L; if (limit != 0) { int minWeight = limit >> 2; for (;;) { BigInteger x = new BigInteger(limit, random).SetBit(limit - 1); if (WNafUtilities.GetNafWeight(x) >= minWeight) { return x; } } } BigInteger min = BigInteger.Two; int m = dhParams.M; if (m != 0) { min = BigInteger.One.ShiftLeft(m - 1); } BigInteger q = dhParams.Q; if (q == null) { q = dhParams.P; } BigInteger max = q.Subtract(BigInteger.Two); { int minWeight = max.BitLength >> 2; for (;;) { BigInteger x = BigIntegers.CreateRandomInRange(min, max, random); if (WNafUtilities.GetNafWeight(x) >= minWeight) { return x; } } } }
public override void ProcessServerCertificate(Certificate serverCertificate) { if (serverCertificate.IsEmpty) throw new TlsFatalAlert(AlertDescription.bad_certificate); X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; try { this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); } catch (Exception e) { throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); } if (mTlsSigner == null) { try { this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)this.mServerPublicKey); this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); } catch (InvalidCastException e) { throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement); } else { if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey)) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); } base.ProcessServerCertificate(serverCertificate); }
private static BigInteger Validate(BigInteger y, DHParameters dhParams) { if (y == null) { throw new ArgumentNullException("y"); } BigInteger p = dhParams.P; // TLS check if (y.CompareTo(BigInteger.Two) < 0 || y.CompareTo(p.Subtract(BigInteger.Two)) > 0) { throw new ArgumentException("invalid DH public key", "y"); } BigInteger q = dhParams.Q; // We can't validate without Q. if (q == null) { return(y); } if (p.TestBit(0) && p.BitLength - 1 == q.BitLength && p.ShiftRight(1).Equals(q)) { // Safe prime case if (1 == Legendre(y, p)) { return(y); } } else { if (BigInteger.One.Equals(y.ModPow(q, p))) { return(y); } } throw new ArgumentException("value does not appear to be in correct group", "y"); }
public TlsDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters) : base(keyExchange, supportedSignatureAlgorithms) { switch (keyExchange) { case KeyExchangeAlgorithm.DH_RSA: case KeyExchangeAlgorithm.DH_DSS: this.mTlsSigner = null; break; case KeyExchangeAlgorithm.DHE_RSA: this.mTlsSigner = new TlsRsaSigner(); break; case KeyExchangeAlgorithm.DHE_DSS: this.mTlsSigner = new TlsDssSigner(); break; default: throw new InvalidOperationException("unsupported key exchange algorithm"); } this.mDHParameters = dhParameters; }
public TlsPskKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsPskIdentity pskIdentity, DHParameters dhParameters, int[] namedCurves, byte[] clientECPointFormats, byte[] serverECPointFormats) : base(keyExchange, supportedSignatureAlgorithms) { switch (keyExchange) { case KeyExchangeAlgorithm.DHE_PSK: case KeyExchangeAlgorithm.ECDHE_PSK: case KeyExchangeAlgorithm.PSK: case KeyExchangeAlgorithm.RSA_PSK: break; default: throw new InvalidOperationException("unsupported key exchange algorithm"); } this.mPskIdentity = pskIdentity; this.mDHParameters = dhParameters; this.mNamedCurves = namedCurves; this.mClientECPointFormats = clientECPointFormats; this.mServerECPointFormats = serverECPointFormats; }
private static BigInteger Validate(BigInteger y, DHParameters dhParams) { if (y == null) { throw new ArgumentNullException("y"); } // TLS check if (y.CompareTo(BigInteger.Two) < 0 || y.CompareTo(dhParams.P.Subtract(BigInteger.Two)) > 0) { throw new ArgumentException("invalid DH public key", "y"); } // we can't validate without Q. if (dhParams.Q != null && !y.ModPow(dhParams.Q, dhParams.P).Equals(BigInteger.One)) { throw new ArgumentException("y value does not appear to be in correct group", "y"); } return(y); }
public void TestDH() { IBigInteger DHParraP = new BigInteger(Base64.Decode("ALJCm1CUL6mOnyVqWTSV6Z2+DVSGOvgboOhmbyyxCrym59uVnXMmPjIgQTrmniFg7PvdcN7NNFwFmcZleULso1s=")); IBigInteger DHParraQ = new BigInteger(Base64.Decode("WSFNqEoX1MdPkrUsmkr0zt8GqkMdfA3QdDM3lliFXlNz7crOuZMfGRAgnXNPELB2fe64b2aaLgLM4zK8oXZRrQ==")); IBigInteger DHPubY = new BigInteger(Base64.Decode("AIki+8/zggCS2e488AsTNULI4LujdUeQQsZI949Dc9lKXZRmrPIC1h8NRoneHQEhpAe4Rhe0nhUOGZJekT5++SA=")); IBigInteger DHPrivX = new BigInteger(Base64.Decode("Apo67noMRO5eDWo/TtpRiBmKGw7ywh25shIu0Rs03krQmWKRbDPvdygWdJ5IpW6ZbKlCTAMhSxpz03YSeSEDmw==")); DHParameters dhPara = new DHParameters(DHParraP, DHParraQ); DHPublicKeyParameters dhPublic = new DHPublicKeyParameters(DHPubY, dhPara); DHPrivateKeyParameters dhPrivate = new DHPrivateKeyParameters(DHPrivX, dhPara); SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dhPublic); PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dhPrivate); DHPublicKeyParameters testPubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubInfo); DHPrivateKeyParameters testPrivKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privInfo); Assert.IsFalse(!testPrivKey.Equals(dhPrivate), "DH: Private key to info back to key"); Assert.IsFalse(!testPubKey.Equals(dhPublic), "DH: Public key to info back to key"); Assert.IsTrue(true, "Diffe Helman Test worked."); }
public DHKeyGenerationParameters(SecureRandom random, DHParameters parameters) : base(random, GetStrength(parameters)) { this.parameters = parameters; }
protected DHKeyParameters(bool isPrivate, DHParameters parameters, DerObjectIdentifier algorithmOid) : base(isPrivate) { this.parameters = parameters; this.algorithmOid = algorithmOid; }
public DHParameters(BigInteger p, BigInteger g, BigInteger q, int l) : this(p, g, q, DHParameters.GetDefaultMParam(l), l, null, null) { }
public DHPrivateKeyParameters(BigInteger x, DHParameters parameters, DerObjectIdentifier algorithmOid) : base(true, parameters, algorithmOid) { this.x = x; }
protected virtual bool Equals(DHParameters other) => ((this.p.Equals(other.p) && this.g.Equals(other.g)) && object.Equals(this.q, other.q));
protected virtual bool AreCompatibleParameters(DHParameters a, DHParameters b) { return a.P.Equals(b.P) && a.G.Equals(b.G); }
public DHPrivateKeyParameters(BigInteger x, DHParameters parameters) : base(true, parameters) { this.x = x; }
protected bool Equals(DHParameters other) { return(p.Equals(other.p) && g.Equals(other.g) && object.Equals(q, other.q)); }
protected DHKeyParameters( bool isPrivate, DHParameters parameters) : this(isPrivate, parameters, PkcsObjectIdentifiers.DhKeyAgreement) { }
private DHKeyPairGenerator getDHKeyPairGenerator( BigInteger g, BigInteger p) { DHParameters dhParams = new DHParameters(p, g); DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHKeyPairGenerator kpGen = new DHKeyPairGenerator(); kpGen.Init(dhkgParams); return kpGen; }
public static AsymmetricKeyParameter CreateKey( PrivateKeyInfo keyInfo) { AlgorithmIdentifier algID = keyInfo.AlgorithmID; DerObjectIdentifier algOid = algID.ObjectID; // TODO See RSAUtil.isRsaOid in Java build if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) || algOid.Equals(X509ObjectIdentifiers.IdEARsa) || algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) || algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep)) { RsaPrivateKeyStructure keyStructure = new RsaPrivateKeyStructure( Asn1Sequence.GetInstance(keyInfo.PrivateKey)); return new RsaPrivateCrtKeyParameters( keyStructure.Modulus, keyStructure.PublicExponent, keyStructure.PrivateExponent, keyStructure.Prime1, keyStructure.Prime2, keyStructure.Exponent1, keyStructure.Exponent2, keyStructure.Coefficient); } else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement)) { DHParameter para = new DHParameter( Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); DerInteger derX = (DerInteger)keyInfo.PrivateKey; BigInteger lVal = para.L; int l = lVal == null ? 0 : lVal.IntValue; DHParameters dhParams = new DHParameters(para.P, para.G, null, l); return new DHPrivateKeyParameters(derX.Value, dhParams); } else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm)) { ElGamalParameter para = new ElGamalParameter( Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); DerInteger derX = (DerInteger)keyInfo.PrivateKey; return new ElGamalPrivateKeyParameters( derX.Value, new ElGamalParameters(para.P, para.G)); } else if (algOid.Equals(X9ObjectIdentifiers.IdDsa)) { DerInteger derX = (DerInteger) keyInfo.PrivateKey; Asn1Encodable ae = algID.Parameters; DsaParameters parameters = null; if (ae != null) { DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object()); parameters = new DsaParameters(para.P, para.Q, para.G); } return new DsaPrivateKeyParameters(derX.Value, parameters); } else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey)) { X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object()); X9ECParameters ecP; if (para.IsNamedCurve) { // TODO ECGost3410NamedCurves support (returns ECDomainParameters though) DerObjectIdentifier oid = (DerObjectIdentifier) para.Parameters; ecP = X962NamedCurves.GetByOid(oid); if (ecP == null) { ecP = SecNamedCurves.GetByOid(oid); if (ecP == null) { ecP = NistNamedCurves.GetByOid(oid); if (ecP == null) { ecP = TeleTrusTNamedCurves.GetByOid(oid); } } } } else { ecP = new X9ECParameters((Asn1Sequence) para.Parameters); } ECDomainParameters dParams = new ECDomainParameters( ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()); ECPrivateKeyStructure ec = new ECPrivateKeyStructure( Asn1Sequence.GetInstance(keyInfo.PrivateKey)); return new ECPrivateKeyParameters(ec.GetKey(), dParams); } else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001)) { Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); ECPrivateKeyStructure ec = new ECPrivateKeyStructure( Asn1Sequence.GetInstance(keyInfo.PrivateKey)); ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet); if (ecP == null) return null; return new ECPrivateKeyParameters(ec.GetKey(), gostParams.PublicKeyParamSet); } else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94)) { Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); DerOctetString derX = (DerOctetString) keyInfo.PrivateKey; byte[] keyEnc = derX.GetOctets(); byte[] keyBytes = new byte[keyEnc.Length]; for (int i = 0; i != keyEnc.Length; i++) { keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian } BigInteger x = new BigInteger(1, keyBytes); return new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet); } else { throw new SecurityUtilityException("algorithm identifier in key not recognised"); } }
private DHBasicKeyPairGenerator getDHBasicKeyPairGenerator( BigInteger g, BigInteger p, int privateValueSize) { DHParameters dhParams = new DHParameters(p, g, null, privateValueSize); DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator(); kpGen.Init(dhkgParams); return kpGen; }
protected bool Equals(DHParameters other) { return(this.p.Equals(other.p) && this.g.Equals(other.g) && object.Equals(this.q, other.q)); }
protected virtual AsymmetricCipherKeyPair GenerateDHKeyPair(DHParameters dhParams) { return TlsDHUtilities.GenerateDHKeyPair(context.SecureRandom, dhParams); }
internal static int GetStrength(DHParameters parameters) => ((parameters.L == 0) ? parameters.P.BitLength : parameters.L);
protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output) { this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange( context.SecureRandom, dhParams, output); }
internal static int GetStrength( DHParameters parameters) { return(parameters.L != 0 ? parameters.L : parameters.P.BitLength); }