DH_ServerKeyExchange(HandshakeInStream input, ProtocolVersion protocolVersion) throws IOException, GeneralSecurityException { this.protocolVersion = protocolVersion; this.preferableSignatureAlgorithm = null; dh_p = input.getBytes16(); dh_g = input.getBytes16(); dh_Ys = input.getBytes16(); KeyUtil.validate(new DHPublicKeySpec(new BigInteger(1, dh_Ys), new BigInteger(1, dh_p), new BigInteger(1, dh_g))); signature = null; }
/** * Generates a public key object from the provided key specification * (key material). * * @param keySpec the specification (key material) of the public key * * @return the public key * * @exception InvalidKeySpecException if the given key specification * is inappropriate for this key factory to produce a public key. */ protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException { try { if (keySpec instanceof DHPublicKeySpec) { DHPublicKeySpec dhPubKeySpec = (DHPublicKeySpec)keySpec; return new DHPublicKey(dhPubKeySpec.getY(), dhPubKeySpec.getP(), dhPubKeySpec.getG()); } else if (keySpec instanceof X509EncodedKeySpec) { return new DHPublicKey (((X509EncodedKeySpec)keySpec).getEncoded()); } else { throw new InvalidKeySpecException ("Inappropriate key specification"); } } catch (InvalidKeyException e) { throw new InvalidKeySpecException ("Inappropriate key specification", e); } }
/** * Complete the key agreement protocol with the peer public value * <code>otherPublic</code> and return the calculated shared secret. * * @param otherPublic * The peer public value. * @return The shared secret value produced by the protocol. */ public byte[] getSharedSecret(final BigInteger otherPublic) throws TorException { try { KeyFactory factory = KeyFactory.getInstance("DH"); DHPublicKeySpec pub = new DHPublicKeySpec(otherPublic, P1024, G); PublicKey key = factory.generatePublic(pub); dh.doPhase(key, true); return dh.generateSecret(); } catch (GeneralSecurityException e) { throw new TorException(e); } }
/** * Get a public key object for the ValueLink supplied public key * @return PublicKey object of ValueLinks's public key * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public PublicKey getValueLinkPublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException { // read the valuelink public key String publicValue = (String) props.get("payment.valuelink.publicValue"); byte[] publicKeyBytes = StringUtil.fromHexString(publicValue); // initialize the parameter spec DHParameterSpec dhParamSpec = this.getDHParameterSpec(); // load the valuelink public key KeyFactory keyFactory = KeyFactory.getInstance("DH"); BigInteger publicKeyInt = new BigInteger(publicKeyBytes); DHPublicKeySpec dhPublicSpec = new DHPublicKeySpec(publicKeyInt, dhParamSpec.getP(), dhParamSpec.getG()); PublicKey vlPublic = keyFactory.generatePublic(dhPublicSpec); return vlPublic; }
protected DHPublicKey stringToPublicKey(String publicKeyBase64) { try { byte[] yBinary = Base64.decodeBase64(publicKeyBase64.getBytes()); BigInteger y = new BigInteger(yBinary); DHPublicKeySpec dhPublicKeySpec = new DHPublicKeySpec( y, _dhParameterSpec.getP(), _dhParameterSpec.getG() ); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); return (DHPublicKey) keyFactory.generatePublic(dhPublicKeySpec); } catch (GeneralSecurityException e) { _log.error("Cannot create PublicKey object from: " + publicKeyBase64, e); return null; } }
/** * Generates a public key object from the provided key specification * (key material). * * @param keySpec the specification (key material) of the public key * * @return the public key * * @exception InvalidKeySpecException if the given key specification * is inappropriate for this key factory to produce a public key. */ protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException { try { if (keySpec instanceof DHPublicKeySpec) { DHPublicKeySpec dhPubKeySpec = (DHPublicKeySpec)keySpec; return new DHPublicKey(dhPubKeySpec.getY(), dhPubKeySpec.getP(), dhPubKeySpec.getG()); } else if (keySpec instanceof X509EncodedKeySpec) { return new DHPublicKey (((X509EncodedKeySpec)keySpec).getEncoded()); } else { throw new InvalidKeySpecException ("Inappropriate key specification"); } } catch (InvalidKeyException e) { throw new InvalidKeySpecException ("Inappropriate key specification"); } }
/** * DHPublicKeySpec class testing. Tests the equivalence of parameters * specified in the constructor with the values returned by getters. */ public void testDHPrivateKeySpec() { BigInteger[] ys = {new BigInteger("-1000000000000"), BigInteger.ZERO, BigInteger.ONE, new BigInteger("1000000000000")}; BigInteger[] ps = {new BigInteger("-1000000000000"), BigInteger.ZERO, BigInteger.ONE, new BigInteger("1000000000000")}; BigInteger[] gs = {new BigInteger("-1000000000000"), BigInteger.ZERO, BigInteger.ONE, new BigInteger("1000000000000")}; for (int i=0; i<ps.length; i++) { DHPublicKeySpec dhpks = new DHPublicKeySpec(ys[i], ps[i], gs[i]); assertEquals("The value returned by getY() must be " + "equal to the value specified in the constructor", dhpks.getY(), ys[i]); assertEquals("The value returned by getP() must be " + "equal to the value specified in the constructor", dhpks.getP(), ps[i]); assertEquals("The value returned by getG() must be " + "equal to the value specified in the constructor", dhpks.getG(), gs[i]); } }
public byte[] createNodeKey(byte[] pubKeyNode) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, IllegalStateException { // add this public key node to agreement KeyFactory keyFac = KeyFactory.getInstance("DH"); BigInteger y = new BigInteger(1, pubKeyNode); DHPublicKeySpec spec = new DHPublicKeySpec(y, sP, sG); PublicKey nodePubKey = keyFac.generatePublic(spec); mKA.doPhase(nodePubKey, true); // complete this phase of agreement by generating secret BigInteger x = new BigInteger(1, mKA.generateSecret()); BigInteger v = sG.modPow(x, sP); DHPrivateKeySpec specX = new DHPrivateKeySpec(x, sP, sG); PrivateKey nodePrivKey = keyFac.generatePrivate(specX); mKA.doPhase(nodePubKey, true); mKA = KeyAgreement.getInstance("DH"); mKA.init(nodePrivKey); return getBytes(v); }
private byte[] getHashedSharedSecret ( final String base64PublicKey ) throws IOException { Preconditions.checkNotNull(base64PublicKey, "base64PublicKey required"); try { DHPublicKey publicKey = (DHPublicKey) KeyFactory.getInstance("DH").generatePublic( new DHPublicKeySpec(new BigInteger(Base64.decode( base64PublicKey.toCharArray(), false)), DEFAULT_DH_SPEC.getP(), DEFAULT_DH_SPEC.getG())); BigInteger zz = publicKey.getY().modPow(((DHPrivateKey) keyPair.getPrivate()).getX(), DEFAULT_DH_SPEC.getP()); return MessageDigest.getInstance(algorithm.getName()).digest(zz.toByteArray()); } catch ( GeneralSecurityException e ) { throw new RuntimeException(e); } }
protected PublicKey engineGeneratePublic( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof DHPublicKeySpec) { return new BCDHPublicKey((DHPublicKeySpec)keySpec); } return super.engineGeneratePublic(keySpec); }
protected PublicKey engineGeneratePublic( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof ElGamalPublicKeySpec) { return new BCElGamalPublicKey((ElGamalPublicKeySpec)keySpec); } else if (keySpec instanceof DHPublicKeySpec) { return new BCElGamalPublicKey((DHPublicKeySpec)keySpec); } return super.engineGeneratePublic(keySpec); }
/** * Returns whether the key spec is valid or not. * <P> * Note that this method is only apply to DHPublicKeySpec at present. * * @param keySpec * the key spec object, cannot be null * * @throws NullPointerException if {@code keySpec} is null * @throws InvalidKeyException if {@code keySpec} is invalid */ public static final void validate(KeySpec keySpec) throws InvalidKeyException { if (keySpec == null) { throw new NullPointerException( "The key spec to be validated cannot be null"); } if (keySpec instanceof DHPublicKeySpec) { validateDHPublicKey((DHPublicKeySpec)keySpec); } }
/** * Translates a key object, whose provider may be unknown or potentially * untrusted, into a corresponding key object of this key factory. * * @param key the key whose provider is unknown or untrusted * * @return the translated key * * @exception InvalidKeyException if the given key cannot be processed by * this key factory. */ protected Key engineTranslateKey(Key key) throws InvalidKeyException { try { if (key instanceof javax.crypto.interfaces.DHPublicKey) { // Check if key originates from this factory if (key instanceof com.sun.crypto.provider.DHPublicKey) { return key; } // Convert key to spec DHPublicKeySpec dhPubKeySpec = engineGetKeySpec(key, DHPublicKeySpec.class); // Create key from spec, and return it return engineGeneratePublic(dhPubKeySpec); } else if (key instanceof javax.crypto.interfaces.DHPrivateKey) { // Check if key originates from this factory if (key instanceof com.sun.crypto.provider.DHPrivateKey) { return key; } // Convert key to spec DHPrivateKeySpec dhPrivKeySpec = engineGetKeySpec(key, DHPrivateKeySpec.class); // Create key from spec, and return it return engineGeneratePrivate(dhPrivKeySpec); } else { throw new InvalidKeyException("Wrong algorithm type"); } } catch (InvalidKeySpecException e) { throw new InvalidKeyException("Cannot translate key", e); } }