protected Key engineTranslateKey( Key key) throws InvalidKeyException { if (key instanceof DHPublicKey) { return new BCElGamalPublicKey((DHPublicKey)key); } else if (key instanceof DHPrivateKey) { return new BCElGamalPrivateKey((DHPrivateKey)key); } else if (key instanceof ElGamalPublicKey) { return new BCElGamalPublicKey((ElGamalPublicKey)key); } else if (key instanceof ElGamalPrivateKey) { return new BCElGamalPrivateKey((ElGamalPrivateKey)key); } throw new InvalidKeyException("key type unknown"); }
/** * 甲方初始化并返回密钥对 */ public static Map<String, Object> initKey() throws Exception{ //实例化密钥对生成器 KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH"); //初始化密钥对生成器 默认是1024 512-1024 & 64的倍数 keyPairGenerator.initialize(1024); //生成密钥对 KeyPair keyPair = keyPairGenerator.generateKeyPair(); //得到甲方公钥 DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic(); //得到甲方私钥 DHPrivateKey peivateKey = (DHPrivateKey) keyPair.getPrivate(); //将公钥和私钥封装到Map中,方便之后使用 Map<String, Object> keyMap = new HashMap<String, Object>(); keyMap.put(PUBLIC_KEY, publicKey); keyMap.put(PRIVATE_KEY, peivateKey); return keyMap; }
void checkConstraints(AlgorithmConstraints constraints, BigInteger peerPublicValue) throws SSLHandshakeException { try { KeyFactory kf = JsseJce.getKeyFactory("DiffieHellman"); DHPublicKeySpec spec = new DHPublicKeySpec(peerPublicValue, modulus, base); DHPublicKey publicKey = (DHPublicKey)kf.generatePublic(spec); // check constraints of DHPublicKey if (!constraints.permits( EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), publicKey)) { throw new SSLHandshakeException( "DHPublicKey does not comply to algorithm constraints"); } } catch (GeneralSecurityException gse) { throw (SSLHandshakeException) new SSLHandshakeException( "Could not generate DHPublicKey").initCause(gse); } }
@Override public void main(Provider provider) throws Exception { if (provider.getService("KeyPairGenerator", "DiffieHellman") == null) { System.out.println("No support of DH KeyPairGenerator, skipping"); return; } for (SupportedKeySize keySize : SupportedKeySize.values()) { System.out.println("Checking " + keySize.primeSize + " ..."); KeyPairGenerator kpg = KeyPairGenerator.getInstance("DiffieHellman", provider); kpg.initialize(keySize.primeSize); KeyPair kp = kpg.generateKeyPair(); checkKeyPair(kp, keySize.primeSize, provider); DHPublicKey publicKey = (DHPublicKey)kp.getPublic(); BigInteger p = publicKey.getParams().getP(); BigInteger g = publicKey.getParams().getG(); kpg.initialize(new DHParameterSpec(p, g)); kp = kpg.generateKeyPair(); checkKeyPair(kp, keySize.primeSize, provider); } }
public void loadServerKey() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, NoSuchProviderException, InvalidAlgorithmParameterException, InvalidKeySpecException { char[] password = KEYSTORE_PASSWORD.toCharArray(); FileInputStream fIn = new FileInputStream(KEYSTORE_FILENAME); KeyStore keystore = KeyStore.getInstance("JKS"); keystore.load(fIn, password); serverCertificate = (X509Certificate) keystore.getCertificate("server"); serverPrivateKey = (PrivateKey) keystore.getKey("server", password); // Generate DH keys for this session // Use hardcoded DH parameters DHParameterSpec dhParams = new DHParameterSpec(new BigInteger(new byte[] {(byte)0x00, (byte)0xad, (byte)0x77, (byte)0xcd, (byte)0xb7, (byte)0x14, (byte)0x6f, (byte)0xfe, (byte)0x08, (byte)0x1a, (byte)0xee, (byte)0xd2, (byte)0x2c, (byte)0x18, (byte)0x29, (byte)0x62, (byte)0x5a, (byte)0xff, (byte)0x03, (byte)0x5d, (byte)0xde, (byte)0xba, (byte)0x0d, (byte)0xd4, (byte)0x36, (byte)0x15, (byte)0x03, (byte)0x11, (byte)0x21, (byte)0x48, (byte)0xd9, (byte)0x77, (byte)0xfb, (byte)0x67, (byte)0xb0, (byte)0x74, (byte)0x2e, (byte)0x68, (byte)0xed, (byte)0x5a, (byte)0x3f, (byte)0x8a, (byte)0x3e, (byte)0xdb, (byte)0x81, (byte)0xa3, (byte)0x3b, (byte)0xaf, (byte)0x26, (byte)0xe4, (byte)0x54, (byte)0x00, (byte)0x85, (byte)0x0d, (byte)0xfd, (byte)0x23, (byte)0x21, (byte)0xc1, (byte)0xfe, (byte)0x69, (byte)0xe4, (byte)0xf3, (byte)0x57, (byte)0xe6, (byte)0x0a, (byte)0x7c, (byte)0x62, (byte)0xc0, (byte)0xd6, (byte)0x40, (byte)0x3e, (byte)0x94, (byte)0x9e, (byte)0x49, (byte)0x72, (byte)0x5a, (byte)0x21, (byte)0x53, (byte)0xb0, (byte)0x83, (byte)0x05, (byte)0x81, (byte)0x5a, (byte)0xde, (byte)0x17, (byte)0x31, (byte)0xbf, (byte)0xa8, (byte)0xa9, (byte)0xe5, (byte)0x28, (byte)0x1a, (byte)0xfc, (byte)0x06, (byte)0x1e, (byte)0x49, (byte)0xfe, (byte)0xdc, (byte)0x08, (byte)0xe3, (byte)0x29, (byte)0xfe, (byte)0x5b, (byte)0x88, (byte)0x66, (byte)0x39, (byte)0xa8, (byte)0x69, (byte)0x62, (byte)0x88, (byte)0x47, (byte)0x36, (byte)0xf5, (byte)0xdd, (byte)0x92, (byte)0x8f, (byte)0xca, (byte)0x32, (byte)0x4b, (byte)0x87, (byte)0xad, (byte)0xbf, (byte)0xab, (byte)0x4a, (byte)0x9d, (byte)0xd5, (byte)0xb8, (byte)0x2c, (byte)0xc4, (byte)0x43, (byte)0xb2, (byte)0x21, (byte)0xb4, (byte)0x2a, (byte)0x9b, (byte)0x42, (byte)0x17, (byte)0x6d, (byte)0xb6, (byte)0x86, (byte)0x42, (byte)0x41, (byte)0xb1, (byte)0xc7, (byte)0x37, (byte)0x37, (byte)0x95, (byte)0x6d, (byte)0x62, (byte)0xca, (byte)0xa6, (byte)0x57, (byte)0x33, (byte)0x88, (byte)0xe2, (byte)0x31, (byte)0xfe, (byte)0xd1, (byte)0x51, (byte)0xe7, (byte)0x73, (byte)0xae, (byte)0x3c, (byte)0xa7, (byte)0x4b, (byte)0xbc, (byte)0x8a, (byte)0x3d, (byte)0xc5, (byte)0x9a, (byte)0x28, (byte)0x9a, (byte)0xf9, (byte)0x57, (byte)0xb6, (byte)0xec, (byte)0xf6, (byte)0x75, (byte)0xaa, (byte)0x56, (byte)0xc1, (byte)0x42, (byte)0x9f, (byte)0x6a, (byte)0x7c, (byte)0x91, (byte)0x8b, (byte)0x5e, (byte)0xea, (byte)0x54, (byte)0x32, (byte)0x90, (byte)0x8a, (byte)0x9d, (byte)0x76, (byte)0x2a, (byte)0x29, (byte)0x1b, (byte)0x84, (byte)0x35, (byte)0xe6, (byte)0x21, (byte)0x07, (byte)0xb2, (byte)0xcb, (byte)0x5c, (byte)0xf9, (byte)0x5b, (byte)0xe9, (byte)0x5e, (byte)0x1b, (byte)0x80, (byte)0xd5, (byte)0x53, (byte)0xd7, (byte)0xa4, (byte)0x26, (byte)0x58, (byte)0xe4, (byte)0xe9, (byte)0x3f, (byte)0xfd, (byte)0xeb, (byte)0x78, (byte)0xf2, (byte)0x25, (byte)0x02, (byte)0x42, (byte)0xf8, (byte)0x50, (byte)0x13, (byte)0xbb, (byte)0x01, (byte)0x39, (byte)0xf3, (byte)0xcf, (byte)0x5c, (byte)0x51, (byte)0xdf, (byte)0xed, (byte)0xc5, (byte)0xfa, (byte)0xd8, (byte)0x4f, (byte)0xae, (byte)0x76, (byte)0xe8, (byte)0x30, (byte)0xfc, (byte)0x85, (byte)0xaa, (byte)0x8c, (byte)0x91, (byte)0x02, (byte)0x2b, (byte)0x61, (byte)0x87 }), new BigInteger(new byte[] { 0x05 })); KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DiffieHellman"); keyPairGenerator.initialize(dhParams); KeyPair keyPair = keyPairGenerator.generateKeyPair(); dhPubKey = (DHPublicKey)keyPair.getPublic(); dhPrivateKey = (DHPrivateKey)keyPair.getPrivate(); }
public void loadClientKey() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, InvalidAlgorithmParameterException { char[] password = KEYSTORE_PASSWORD.toCharArray(); FileInputStream fIn = new FileInputStream(KEYSTORE_FILENAME); KeyStore keystore = KeyStore.getInstance("JKS"); keystore.load(fIn, password); clientCertificate = (X509Certificate) keystore.getCertificate("client"); clientPrivateKey = (PrivateKey) keystore.getKey("client", password); // Generate DH keys for this session // Use hardcoded DH parameters DHParameterSpec dhParams = new DHParameterSpec(new BigInteger(new byte[] {(byte)0x00, (byte)0xad, (byte)0x77, (byte)0xcd, (byte)0xb7, (byte)0x14, (byte)0x6f, (byte)0xfe, (byte)0x08, (byte)0x1a, (byte)0xee, (byte)0xd2, (byte)0x2c, (byte)0x18, (byte)0x29, (byte)0x62, (byte)0x5a, (byte)0xff, (byte)0x03, (byte)0x5d, (byte)0xde, (byte)0xba, (byte)0x0d, (byte)0xd4, (byte)0x36, (byte)0x15, (byte)0x03, (byte)0x11, (byte)0x21, (byte)0x48, (byte)0xd9, (byte)0x77, (byte)0xfb, (byte)0x67, (byte)0xb0, (byte)0x74, (byte)0x2e, (byte)0x68, (byte)0xed, (byte)0x5a, (byte)0x3f, (byte)0x8a, (byte)0x3e, (byte)0xdb, (byte)0x81, (byte)0xa3, (byte)0x3b, (byte)0xaf, (byte)0x26, (byte)0xe4, (byte)0x54, (byte)0x00, (byte)0x85, (byte)0x0d, (byte)0xfd, (byte)0x23, (byte)0x21, (byte)0xc1, (byte)0xfe, (byte)0x69, (byte)0xe4, (byte)0xf3, (byte)0x57, (byte)0xe6, (byte)0x0a, (byte)0x7c, (byte)0x62, (byte)0xc0, (byte)0xd6, (byte)0x40, (byte)0x3e, (byte)0x94, (byte)0x9e, (byte)0x49, (byte)0x72, (byte)0x5a, (byte)0x21, (byte)0x53, (byte)0xb0, (byte)0x83, (byte)0x05, (byte)0x81, (byte)0x5a, (byte)0xde, (byte)0x17, (byte)0x31, (byte)0xbf, (byte)0xa8, (byte)0xa9, (byte)0xe5, (byte)0x28, (byte)0x1a, (byte)0xfc, (byte)0x06, (byte)0x1e, (byte)0x49, (byte)0xfe, (byte)0xdc, (byte)0x08, (byte)0xe3, (byte)0x29, (byte)0xfe, (byte)0x5b, (byte)0x88, (byte)0x66, (byte)0x39, (byte)0xa8, (byte)0x69, (byte)0x62, (byte)0x88, (byte)0x47, (byte)0x36, (byte)0xf5, (byte)0xdd, (byte)0x92, (byte)0x8f, (byte)0xca, (byte)0x32, (byte)0x4b, (byte)0x87, (byte)0xad, (byte)0xbf, (byte)0xab, (byte)0x4a, (byte)0x9d, (byte)0xd5, (byte)0xb8, (byte)0x2c, (byte)0xc4, (byte)0x43, (byte)0xb2, (byte)0x21, (byte)0xb4, (byte)0x2a, (byte)0x9b, (byte)0x42, (byte)0x17, (byte)0x6d, (byte)0xb6, (byte)0x86, (byte)0x42, (byte)0x41, (byte)0xb1, (byte)0xc7, (byte)0x37, (byte)0x37, (byte)0x95, (byte)0x6d, (byte)0x62, (byte)0xca, (byte)0xa6, (byte)0x57, (byte)0x33, (byte)0x88, (byte)0xe2, (byte)0x31, (byte)0xfe, (byte)0xd1, (byte)0x51, (byte)0xe7, (byte)0x73, (byte)0xae, (byte)0x3c, (byte)0xa7, (byte)0x4b, (byte)0xbc, (byte)0x8a, (byte)0x3d, (byte)0xc5, (byte)0x9a, (byte)0x28, (byte)0x9a, (byte)0xf9, (byte)0x57, (byte)0xb6, (byte)0xec, (byte)0xf6, (byte)0x75, (byte)0xaa, (byte)0x56, (byte)0xc1, (byte)0x42, (byte)0x9f, (byte)0x6a, (byte)0x7c, (byte)0x91, (byte)0x8b, (byte)0x5e, (byte)0xea, (byte)0x54, (byte)0x32, (byte)0x90, (byte)0x8a, (byte)0x9d, (byte)0x76, (byte)0x2a, (byte)0x29, (byte)0x1b, (byte)0x84, (byte)0x35, (byte)0xe6, (byte)0x21, (byte)0x07, (byte)0xb2, (byte)0xcb, (byte)0x5c, (byte)0xf9, (byte)0x5b, (byte)0xe9, (byte)0x5e, (byte)0x1b, (byte)0x80, (byte)0xd5, (byte)0x53, (byte)0xd7, (byte)0xa4, (byte)0x26, (byte)0x58, (byte)0xe4, (byte)0xe9, (byte)0x3f, (byte)0xfd, (byte)0xeb, (byte)0x78, (byte)0xf2, (byte)0x25, (byte)0x02, (byte)0x42, (byte)0xf8, (byte)0x50, (byte)0x13, (byte)0xbb, (byte)0x01, (byte)0x39, (byte)0xf3, (byte)0xcf, (byte)0x5c, (byte)0x51, (byte)0xdf, (byte)0xed, (byte)0xc5, (byte)0xfa, (byte)0xd8, (byte)0x4f, (byte)0xae, (byte)0x76, (byte)0xe8, (byte)0x30, (byte)0xfc, (byte)0x85, (byte)0xaa, (byte)0x8c, (byte)0x91, (byte)0x02, (byte)0x2b, (byte)0x61, (byte)0x87 }), new BigInteger(new byte[] { 0x05 })); KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DiffieHellman"); keyPairGenerator.initialize(dhParams); KeyPair keyPair = keyPairGenerator.generateKeyPair(); dhPubKey = (DHPublicKey)keyPair.getPublic(); dhPrivateKey = (DHPrivateKey)keyPair.getPrivate(); }
/** * 初始化甲方密钥 * @return Map 甲方密钥Map * @throws Exception */ public static Map<String,Object> initKey()throws Exception{ // 实例化密钥对生成器 KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM); keyPairGenerator.initialize(KEY_SIZE); // 生成密钥对 KeyPair keyPair = keyPairGenerator.generateKeyPair(); //甲方公钥 DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic(); //甲方私钥 DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate(); //将密钥对存储在Map中 Map<String,Object> keyMap = new HashMap<String,Object>(); keyMap.put(PUBLIC_KEY, publicKey); keyMap.put(PRIVATE_KEY, privateKey); return keyMap; }
/** * 初始化乙方密钥 * @param key 甲方公钥 * @return Map 乙方密钥Map * @throws Exception */ public static Map<String,Object> initKey(byte[] key)throws Exception{ //解析甲方公钥,转换公钥材料 X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key); //实例化密钥工厂 KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); //产生公钥 PublicKey pubKey = keyFactory.generatePublic(x509KeySpec); //由甲方公钥构建乙方密钥 DHParameterSpec dhParamSpec = ( (DHPublicKey) pubKey).getParams(); //实例化密钥对生成器 KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(keyFactory.getAlgorithm()); //初始化密钥对生成器 keyPairGenerator.initialize(dhParamSpec); //产生密钥对 KeyPair keyPair = keyPairGenerator.generateKeyPair(); //乙方公钥 DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic(); //乙方私钥 DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate(); //将密钥对存储在Map中 Map<String,Object> keyMap = new HashMap<String,Object>(); keyMap.put(PUBLIC_KEY, publicKey); keyMap.put(PRIVATE_KEY, privateKey); return keyMap; }
protected DHPublicKey stringToPublicKey(String publicKeyBase64) { try { byte[] yBinary = Base64.decodeBase64(publicKeyBase64.getBytes()); BigInteger y = new BigInteger(yBinary); DHPublicKeySpec dhPublicKeySpec = new DHPublicKeySpec( y, _dhParameterSpec.getP(), _dhParameterSpec.getG() ); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); return (DHPublicKey) keyFactory.generatePublic(dhPublicKeySpec); } catch (GeneralSecurityException e) { _log.error("Cannot create PublicKey object from: " + publicKeyBase64, e); return null; } }
public void testPublicKey() throws AssociationException { DHParameterSpec dhParameterSpec = DiffieHellmanSession.getDefaultParameter(); DiffieHellmanSession diffieHellmanSession = DiffieHellmanSession.create(AssociationSessionType.DH_SHA1, dhParameterSpec); String dhPublicKeyBase64 = diffieHellmanSession.getPublicKey(); DHPublicKey dhPublicKey = diffieHellmanSession.stringToPublicKey(dhPublicKeyBase64); BigInteger two = new BigInteger("2"); BigInteger y = dhPublicKey.getY(); BigInteger p = dhParameterSpec.getP(); assertTrue(y.compareTo(two) != -1); assertTrue(y.compareTo(p) == -1); }
/** Builds a KEY record from a PublicKey */ public static KEYRecord buildRecord(Name name, int dclass, long ttl, int flags, int proto, PublicKey key) { byte alg; if (key instanceof RSAPublicKey) { alg = DNSSEC.RSAMD5; } else if (key instanceof DHPublicKey) { alg = DNSSEC.DH; } else if (key instanceof DSAPublicKey) { alg = DNSSEC.DSA; } else return null; return (KEYRecord) buildRecord(name, Type.KEY, dclass, ttl, flags, proto, alg, key); }
private void rotateRemoteSessionKeys(DHPublicKey pubKey) throws OtrException { if (DEBUG_ENABLED) Log.d(LOG_TAG,"Rotating remote keys."); SessionKeys sess1 = getSessionKeysByIndex(SessionKeys.Current, SessionKeys.Previous); if (sess1.getIsUsedReceivingMACKey()) { if (DEBUG_ENABLED) Log.d(LOG_TAG,"Detected used Receiving MAC key. Adding to old MAC keys to reveal it."); getOldMacKeys().add(sess1.getReceivingMACKey()); } SessionKeys sess2 = getSessionKeysByIndex(SessionKeys.Previous, SessionKeys.Previous); if (sess2.getIsUsedReceivingMACKey()) { if (DEBUG_ENABLED) Log.d(LOG_TAG,"Detected used Receiving MAC key. Adding to old MAC keys to reveal it."); getOldMacKeys().add(sess2.getReceivingMACKey()); } SessionKeys sess3 = getSessionKeysByIndex(SessionKeys.Current, SessionKeys.Current); sess1.setRemoteDHPublicKey(sess3.getRemoteKey(), sess3.getRemoteKeyID()); SessionKeys sess4 = getSessionKeysByIndex(SessionKeys.Previous, SessionKeys.Current); sess2.setRemoteDHPublicKey(sess4.getRemoteKey(), sess4.getRemoteKeyID()); sess3.setRemoteDHPublicKey(pubKey, sess3.getRemoteKeyID() + 1); sess4.setRemoteDHPublicKey(pubKey, sess4.getRemoteKeyID() + 1); }
private RevealSignatureMessage getRevealSignatureMessage() throws OtrException { try { SignatureM m = new SignatureM((DHPublicKey) getLocalDHKeyPair().getPublic(), getRemoteDHPublicKey(), getLocalLongTermKeyPair().getPublic(), getLocalDHKeyPairID()); OtrCryptoEngine otrCryptoEngine = new OtrCryptoEngineImpl(); byte[] mhash = otrCryptoEngine.sha256Hmac(SerializationUtils.toByteArray(m), getM1()); byte[] signature = otrCryptoEngine.sign(mhash, getLocalLongTermKeyPair() .getPrivate()); SignatureX mysteriousX = new SignatureX(getLocalLongTermKeyPair().getPublic(), getLocalDHKeyPairID(), signature); byte[] xEncrypted = otrCryptoEngine.aesEncrypt(getC(), null, SerializationUtils.toByteArray(mysteriousX)); byte[] tmp = SerializationUtils.writeData(xEncrypted); byte[] xEncryptedHash = otrCryptoEngine.sha256Hmac160(tmp, getM2()); return new RevealSignatureMessage(getProtocolVersion(), xEncrypted, xEncryptedHash, getR()); } catch (IOException e) { throw new OtrException(e); } }
private void reset() { if (DEBUG_ENABLED) Log.d(LOG_TAG,"Resetting " + keyDescription + " session keys."); Arrays.fill(this.sendingCtr, (byte) 0x00); Arrays.fill(this.receivingCtr, (byte) 0x00); this.sendingAESKey = null; this.receivingAESKey = null; this.sendingMACKey = null; this.receivingMACKey = null; this.setIsUsedReceivingMACKey(false); this.s = null; if (getLocalPair() != null && getRemoteKey() != null) { this.isHigh = ((DHPublicKey) getLocalPair().getPublic()).getY().abs() .compareTo(getRemoteKey().getY().abs()) == 1; } }
public void testIOBigInt() throws Exception { KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair(); BigInteger source = ((DHPublicKey) pair.getPublic()).getY(); ByteArrayOutputStream out = new ByteArrayOutputStream(); OtrOutputStream oos = new OtrOutputStream(out); oos.writeBigInt(source); oos.close(); byte[] converted = out.toByteArray(); ByteArrayInputStream bin = new ByteArrayInputStream(converted); OtrInputStream ois = new OtrInputStream(bin); BigInteger result = ois.readBigInt(); ois.close(); assertTrue(source.compareTo(result) == 0); }
public void testIODHPublicKey() throws Exception { KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair(); DHPublicKey source = (DHPublicKey) pair.getPublic(); ByteArrayOutputStream out = new ByteArrayOutputStream(); OtrOutputStream oos = new OtrOutputStream(out); oos.writeDHPublicKey(source); oos.close(); byte[] converted = out.toByteArray(); ByteArrayInputStream bin = new ByteArrayInputStream(converted); OtrInputStream ois = new OtrInputStream(bin); DHPublicKey result = ois.readDHPublicKey(); ois.close(); assertTrue(source.getY().compareTo(result.getY()) == 0); }
/** * 初始化甲方密钥 * * @return * @throws Exception */ public static Map<String, Object> initKey() throws Exception { KeyPairGenerator keyPairGenerator = KeyPairGenerator .getInstance(ALGORITHM); keyPairGenerator.initialize(KEY_SIZE); KeyPair keyPair = keyPairGenerator.generateKeyPair(); // 甲方公钥 DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic(); // 甲方私钥 DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate(); Map<String, Object> keyMap = new HashMap<String, Object>(2); keyMap.put(PUBLIC_KEY, publicKey); keyMap.put(PRIVATE_KEY, privateKey); return keyMap; }
public byte[] generateDHPublicKey() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException { // generate key pair KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH"); DHParameterSpec param = new DHParameterSpec(sP, sG); kpg.initialize(param); KeyPair kp = kpg.generateKeyPair(); DHPrivateKey privateKey = (DHPrivateKey) kp.getPrivate(); DHPublicKey publicKey = (DHPublicKey) kp.getPublic(); // initialize key agreement with our private key mKA = KeyAgreement.getInstance("DH"); mKA.init(privateKey); // return our public 1/2 key to share return getBytes(publicKey.getY()); }
@Test( description = "https://issues.apache.org/jira/browse/SSHD-330; https://bugzilla.wikimedia.org/show_bug.cgi?id=53895#c28", invocationCount = 500, dataProvider = "keyPairGenerator") public void testDH(int a, KeyPairGenerator kpg) throws Exception { KeyPair kp = kpg.generateKeyPair(); BigInteger Y = ((DHPublicKey) kp.getPublic()).getY(); DHParameterSpec params = ((DHPublicKey) kp.getPublic()).getParams(); BigInteger P = params.getP(); BigInteger G = params.getG(); DH dh = new DH(); dh.setF(Y); dh.setP(P); dh.setG(G); dh.getE(); byte[] actual = dh.getK(); if (actual[0] == 0) { Assert.fail("Found leading 0"); } }
/** * Returns the public key for a given key pair. * * @param keyPair * @return public key */ protected static byte[] getPublicKey(KeyPair keyPair) { DHPublicKey incomingPublicKey = (DHPublicKey) keyPair.getPublic(); BigInteger dhY = incomingPublicKey.getY(); log.debug("Public key: {}", dhY); byte[] result = dhY.toByteArray(); log.debug("Public key as bytes - length [{}]: {}", result.length, Hex.encodeHexString(result)); byte[] temp = new byte[KEY_LENGTH]; if (result.length < KEY_LENGTH) { System.arraycopy(result, 0, temp, KEY_LENGTH - result.length, result.length); result = temp; log.debug("Padded public key length to 128"); } else if(result.length > KEY_LENGTH){ System.arraycopy(result, result.length - KEY_LENGTH, temp, 0, KEY_LENGTH); result = temp; log.debug("Truncated public key length to 128"); } return result; }
public final void testDoPhase009() { try { Key key = keyPair.getPublic(); kf = KeyFactory.getInstance("DH"); DHPublicKey publicKey = (DHPublicKey) key; ka.init(keyPair.getPrivate()); lastPhase = true; if (ka.doPhase(publicKey, lastPhase) == null) assertTrue(true); else { assertTrue(false); } } catch (Throwable e) { fail("Failed with:" + e); } }
@Before public void setUp() throws Exception { manager_a = new OtrKeyManagerImpl(new MemoryPropertiesStore()); manager_b = new OtrKeyManagerImpl(new MemoryPropertiesStore()); session_a = createMock(Session.class); session_b = createMock(Session.class); AuthContextImpl ca = new AuthContextImpl(session_a); AuthContextImpl cb = new AuthContextImpl(session_b); ca.setRemoteDHPublicKey((DHPublicKey) cb.getLocalDHKeyPair().getPublic()); cb.setRemoteDHPublicKey((DHPublicKey) ca.getLocalDHKeyPair().getPublic()); EasyMock.expect(session_a.getS()).andStubReturn(ca.getS()); EasyMock.expect(session_b.getS()).andStubReturn(cb.getS()); sessionId_a = new SessionID("a1", "ua", "xmpp"); sessionId_b = new SessionID("a1", "ub", "xmpp"); manager_a.generateLocalKeyPair(sessionId_a); manager_b.generateLocalKeyPair(sessionId_b); manager_a.savePublicKey(sessionId_a, manager_b.loadLocalKeyPair(sessionId_b).getPublic()); manager_b.savePublicKey(sessionId_b, manager_a.loadLocalKeyPair(sessionId_a).getPublic()); host_a = createNiceMock(OtrSmEngineHost.class); host_b = createNiceMock(OtrSmEngineHost.class); sm_a = new OtrSm(session_a, manager_a, sessionId_a, host_a); sm_b = new OtrSm(session_b, manager_b, sessionId_b, host_b); }
private void rotateRemoteSessionKeys(DHPublicKey pubKey) throws OtrException { logger.finest("Rotating remote keys."); SessionKeys sess1 = getSessionKeysByIndex(SessionKeys.Current, SessionKeys.Previous); if (sess1.getIsUsedReceivingMACKey()) { logger.finest("Detected used Receiving MAC key. Adding to old MAC keys to reveal it."); getOldMacKeys().add(sess1.getReceivingMACKey()); } SessionKeys sess2 = getSessionKeysByIndex(SessionKeys.Previous, SessionKeys.Previous); if (sess2.getIsUsedReceivingMACKey()) { logger.finest("Detected used Receiving MAC key. Adding to old MAC keys to reveal it."); getOldMacKeys().add(sess2.getReceivingMACKey()); } SessionKeys sess3 = getSessionKeysByIndex(SessionKeys.Current, SessionKeys.Current); sess1.setRemoteDHPublicKey(sess3.getRemoteKey(), sess3.getRemoteKeyID()); SessionKeys sess4 = getSessionKeysByIndex(SessionKeys.Previous, SessionKeys.Current); sess2.setRemoteDHPublicKey(sess4.getRemoteKey(), sess4.getRemoteKeyID()); sess3.setRemoteDHPublicKey(pubKey, sess3.getRemoteKeyID() + 1); sess4.setRemoteDHPublicKey(pubKey, sess4.getRemoteKeyID() + 1); }
private void reset() { logger.finest("Resetting " + keyDescription + " session keys."); Arrays.fill(this.sendingCtr, (byte) 0x00); Arrays.fill(this.receivingCtr, (byte) 0x00); this.sendingAESKey = null; this.receivingAESKey = null; this.sendingMACKey = null; this.receivingMACKey = null; this.setIsUsedReceivingMACKey(false); this.s = null; if (getLocalPair() != null && getRemoteKey() != null) { this.isHigh = ((DHPublicKey) getLocalPair().getPublic()).getY().abs() .compareTo(getRemoteKey().getY().abs()) == 1; } }
public void testIOBigInt() throws Exception { KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair(); BigInteger source = ((DHPublicKey) pair.getPublic()).getY(); ByteArrayOutputStream out = new ByteArrayOutputStream(); OtrOutputStream oos = new OtrOutputStream(out); oos.writeBigInt(source); byte[] converted = out.toByteArray(); ByteArrayInputStream bin = new ByteArrayInputStream(converted); OtrInputStream ois = new OtrInputStream(bin); BigInteger result = ois.readBigInt(); assertTrue(source.compareTo(result) == 0); }
private void reset() { logger.finest("Resetting " + keyDescription + " session keys."); Arrays.fill(this.sendingCtr, (byte) 0x00); Arrays.fill(this.receivingCtr, (byte) 0x00); this.sendingAESKey = null; this.receivingAESKey = null; this.sendingMACKey = null; this.receivingMACKey = null; this.setIsUsedReceivingMACKey(false); this.s = null; if (getLocalPair() != null && getRemoteKey() != null) { this.isHigh = ((DHPublicKey) getLocalPair().getPublic()).getY() .abs().compareTo(getRemoteKey().getY().abs()) == 1; } }
private DhSession ( final DhAlgorithm algorithm ) { Preconditions.checkNotNull(algorithm, "algorithm required"); try { KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH"); keyGen.initialize(DEFAULT_DH_SPEC); keyPair = keyGen.generateKeyPair(); base64PublicKey = new String( Base64.encode(((DHPublicKey) keyPair.getPublic()).getY().toByteArray())); this.algorithm = algorithm; } catch ( GeneralSecurityException e ) { throw new RuntimeException(e); } }
static public AsymmetricKeyParameter generatePublicKeyParameter( PublicKey key) throws InvalidKeyException { if (key instanceof DHPublicKey) { DHPublicKey k = (DHPublicKey)key; return new DHPublicKeyParameters(k.getY(), new DHParameters(k.getParams().getP(), k.getParams().getG(), null, k.getParams().getL())); } throw new InvalidKeyException("can't identify DH public key."); }
public boolean equals( Object o) { if (!(o instanceof DHPublicKey)) { return false; } DHPublicKey other = (DHPublicKey)o; return this.getY().equals(other.getY()) && this.getParams().getG().equals(other.getParams().getG()) && this.getParams().getP().equals(other.getParams().getP()) && this.getParams().getL() == other.getParams().getL(); }