public void generateClientKeyExchange(OutputStream output) throws IOException { if (agreementCredentials != null) { return; } AsymmetricCipherKeyPair ecAgreeClientKeyPair = TlsECCUtils.generateECKeyPair(context.getSecureRandom(), ecAgreeServerPublicKey.getParameters()); this.ecAgreeClientPrivateKey = (ECPrivateKeyParameters)ecAgreeClientKeyPair.getPrivate(); byte[] point = TlsECCUtils.serializeECPublicKey(serverECPointFormats, (ECPublicKeyParameters)ecAgreeClientKeyPair.getPublic()); TlsUtils.writeOpaque8(point, output); }
public void init(boolean forSigning, CipherParameters param) { if (forSigning) { if (param instanceof ParametersWithRandom) { ParametersWithRandom rParam = (ParametersWithRandom)param; this.random = rParam.getRandom(); param = rParam.getParameters(); } else { this.random = new SecureRandom(); } this.key = (ECPrivateKeyParameters)param; } else { this.key = (ECPublicKeyParameters)param; } }
public void init( boolean forSigning, CipherParameters param) { if (forSigning) { if (param instanceof ParametersWithRandom) { ParametersWithRandom rParam = (ParametersWithRandom)param; this.random = rParam.getRandom(); this.key = (ECPrivateKeyParameters)rParam.getParameters(); } else { this.random = new SecureRandom(); this.key = (ECPrivateKeyParameters)param; } } else { this.key = (ECPublicKeyParameters)param; } }
public void init( boolean forSigning, CipherParameters param) { this.forSigning = forSigning; if (forSigning) { if (param instanceof ParametersWithRandom) { ParametersWithRandom rParam = (ParametersWithRandom)param; this.random = rParam.getRandom(); this.key = (ECPrivateKeyParameters)rParam.getParameters(); } else { this.random = new SecureRandom(); this.key = (ECPrivateKeyParameters)param; } } else { this.key = (ECPublicKeyParameters)param; } }
JCEECPrivateKey( String algorithm, ECPrivateKeyParameters params, ECParameterSpec spec) { ECDomainParameters dp = params.getParameters(); this.algorithm = algorithm; this.d = params.getD(); if (spec == null) { this.ecSpec = new ECParameterSpec( dp.getCurve(), dp.getG(), dp.getN(), dp.getH(), dp.getSeed()); } else { this.ecSpec = spec; } }
static public AsymmetricKeyParameter generatePrivateKeyParameter( PrivateKey key) throws InvalidKeyException { if (key instanceof ECPrivateKey) { ECPrivateKey k = (ECPrivateKey)key; ECParameterSpec s = k.getParams(); return new ECPrivateKeyParameters( k.getD(), new ECDomainParameters(s.getCurve(), s.getG(), s.getN())); } throw new InvalidKeyException("can't identify EC private key."); }
/** * Given the domain parameters this routine generates an EC key * pair in accordance with X9.62 section 5.2.1 pages 26, 27. */ public AsymmetricCipherKeyPair generateKeyPair() { BigInteger n = params.getN(); int nBitLength = n.bitLength(); BigInteger d; do { d = new BigInteger(nBitLength, random); } while (d.equals(ZERO) || (d.compareTo(n) >= 0)); ECPoint Q = params.getG().multiply(d); return new AsymmetricCipherKeyPair( new ECPublicKeyParameters(Q, params), new ECPrivateKeyParameters(d, params)); }
@Override public void prepareAfterParse() { try { msg.prepareComputations(); List<ECPointFormat> pointFormatList = chooser.getServerSupportedPointFormats(); ECPointFormat[] formatArray = pointFormatList.toArray(new ECPointFormat[pointFormatList.size()]); short[] pointFormats = ECCUtilsBCWrapper.convertPointFormats(formatArray); ECPublicKeyParameters clientPublicKey = TlsECCUtils.deserializeECPublicKey(pointFormats, getDomainParameters(chooser.getEcCurveType(), chooser.getSelectedCurve()), msg.getPublicKey() .getValue()); CustomECPoint customClientKey = new CustomECPoint(clientPublicKey.getQ().getRawXCoord().toBigInteger(), clientPublicKey.getQ().getRawYCoord().toBigInteger()); msg.getComputations().setClientPublicKey(customClientKey); BigInteger privatekey = chooser.getServerEcPrivateKey(); computePremasterSecret(clientPublicKey, new ECPrivateKeyParameters(privatekey, clientPublicKey.getParameters())); preparePremasterSecret(msg); prepareClientRandom(msg); } catch (IOException ex) { throw new PreparationException("Could prepare ECDHClientKeyExchange Message after Parse", ex); } }
public BigInteger calculateAgreement(CipherParameters pubKey) { if (Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv")) { throw new IllegalStateException("ECMQV explicitly disabled"); } MQVPublicParameters pubParams = (MQVPublicParameters)pubKey; ECPrivateKeyParameters staticPrivateKey = privParams.getStaticPrivateKey(); ECPoint agreement = calculateMqvAgreement(staticPrivateKey.getParameters(), staticPrivateKey, privParams.getEphemeralPrivateKey(), privParams.getEphemeralPublicKey(), pubParams.getStaticPublicKey(), pubParams.getEphemeralPublicKey()).normalize(); if (agreement.isInfinity()) { throw new IllegalStateException("Infinity is not a valid agreement value for MQV"); } return agreement.getAffineXCoord().toBigInteger(); }
/************* * This method will create the ECDSA public and private key which is returned in a Byte array of Byte arrays, index 0 is the private key and * index 1 of the array will return the ECDSA public key * * -Wisdom: This guy didn't check whether the returned Private Key would be more than 32. * @return */ private byte[][] ECDSAgeneratePublicAndPrivateKey(){ int length = 0; byte[][] keys; do{ ECKeyPairGenerator gen = new ECKeyPairGenerator(); SecureRandom secureRandom = new SecureRandom(); X9ECParameters secnamecurves = SECNamedCurves.getByName("secp256k1"); ECDomainParameters ecParams = new ECDomainParameters(secnamecurves.getCurve(), secnamecurves.getG(), secnamecurves.getN(), secnamecurves.getH()); ECKeyGenerationParameters keyGenParam = new ECKeyGenerationParameters(ecParams, secureRandom); gen.init(keyGenParam); AsymmetricCipherKeyPair kp = gen.generateKeyPair(); ECPrivateKeyParameters privatekey = (ECPrivateKeyParameters)kp.getPrivate(); ECPoint dd = secnamecurves.getG().multiply(privatekey.getD()); byte[] publickey=new byte[65]; System.arraycopy(dd.getY().toBigInteger().toByteArray(), 0, publickey, 64-dd.getY().toBigInteger().toByteArray().length+1, dd.getY().toBigInteger().toByteArray().length); System.arraycopy(dd.getX().toBigInteger().toByteArray(), 0, publickey, 32-dd.getX().toBigInteger().toByteArray().length+1, dd.getX().toBigInteger().toByteArray().length); publickey[0]=4; length = privatekey.getD().toByteArray().length; keys = new byte[][]{privatekey.getD().toByteArray(),publickey}; }while(length != 32); return keys; }
@Override public byte[] sign(byte[] hash, byte[] privateKey) { ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())); signer.init(true, new ECPrivateKeyParameters(new BigInteger(privateKey), domain)); BigInteger[] signature = signer.generateSignature(hash); ByteArrayOutputStream baos = new ByteArrayOutputStream(); try { DERSequenceGenerator seq = new DERSequenceGenerator(baos); seq.addObject(new ASN1Integer(signature[0])); seq.addObject(new ASN1Integer(toCanonicalS(signature[1]))); seq.close(); return baos.toByteArray(); } catch (IOException e) { return new byte[0]; } }
/** * Generate a shared AES key using ECDH. */ public static byte[] generateSharedSecret(byte[] privateKey, byte[] publicKey) { try { ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(SECP256K1); ECDomainParameters domain = new ECDomainParameters(spec.getCurve(), spec.getG(), spec.getN(), spec.getH()); ECPublicKeyParameters pubKey = new ECPublicKeyParameters(spec.getCurve().decodePoint(publicKey), domain); ECPrivateKeyParameters prvkey = new ECPrivateKeyParameters(new BigInteger(1, privateKey), domain); ECDHBasicAgreement agreement = new ECDHBasicAgreement(); agreement.init(prvkey); byte[] password = agreement.calculateAgreement(pubKey).toByteArray(); return Aes.generateKey(ByteUtilities.toHexString(password), password); } catch (Exception e) { LOGGER.error(null, e); return new byte[0]; } }
public BigInteger calculateAgreement(CipherParameters pubKey) { MQVPublicParameters pubParams = (MQVPublicParameters)pubKey; ECPrivateKeyParameters staticPrivateKey = privParams.getStaticPrivateKey(); ECPoint agreement = calculateMqvAgreement(staticPrivateKey.getParameters(), staticPrivateKey, privParams.getEphemeralPrivateKey(), privParams.getEphemeralPublicKey(), pubParams.getStaticPublicKey(), pubParams.getEphemeralPublicKey()).normalize(); if (agreement.isInfinity()) { throw new IllegalStateException("Infinity is not a valid agreement value for MQV"); } return agreement.getAffineXCoord().toBigInteger(); }
@Override public byte[] sign (byte[] hash) throws ValidationException { if ( priv == null ) { throw new ValidationException ("Need private key to sign"); } ECDSASigner signer = new ECDSASigner (new HMacDSAKCalculator (new SHA256Digest ())); signer.init (true, new ECPrivateKeyParameters (priv, domain)); BigInteger[] signature = signer.generateSignature (hash); ByteArrayOutputStream s = new ByteArrayOutputStream (); try { DERSequenceGenerator seq = new DERSequenceGenerator (s); seq.addObject (new ASN1Integer (signature[0])); seq.addObject (new ASN1Integer (signature[1])); seq.close (); return s.toByteArray (); } catch ( IOException e ) { } return null; }
@Test public void testFailedCommitment() throws Exception { ECKeyManager keyManager = new ECKeyManager(new TestUtils.BasicNodeContext("Test")); X9ECParameters ecParameters = CustomNamedCurves.getByName("secp256r1"); ECDomainParameters domainParameters = new ECDomainParameters(ecParameters.getCurve(), ecParameters.getG(), ecParameters.getN(), ecParameters.getH()); ECPoint h = domainParameters.getG().multiply(BigInteger.valueOf(1000001)); AsymmetricCipherKeyPair kp = keyManager.generateKeyPair("Test1", Algorithm.EC_ELGAMAL, 1, domainParameters, h); ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)kp.getPrivate(); ECPublicKeyParameters pubKey = (ECPublicKeyParameters)kp.getPublic(); ECPoint commitment = pubKey.getParameters().getG().multiply(privKey.getD()).add(h); try { keyManager.buildSharedKey("Test1", new ECCommittedSecretShareMessage(0, privKey.getD(), BigInteger.TEN, new ECPoint[]{commitment}, pubKey.getQ(), new ECPoint[]{pubKey.getQ()})); Assert.fail("bad commitment not detected"); } catch (IllegalStateException e) { Assert.assertEquals("Commitment for Test1 failed!", e.getMessage()); } }