public void processServerKeyExchange(InputStream input) throws IOException { SecurityParameters securityParameters = context.getSecurityParameters(); Signer signer = initVerifyer(tlsSigner, securityParameters); InputStream sigIn = new SignerInputStream(input, signer); BigInteger p = TlsDHUtils.readDHParameter(sigIn); BigInteger g = TlsDHUtils.readDHParameter(sigIn); BigInteger Ys = TlsDHUtils.readDHParameter(sigIn); byte[] sigBytes = TlsUtils.readOpaque16(input); if (!signer.verifySignature(sigBytes)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.dhAgreeServerPublicKey = validateDHPublicKey(new DHPublicKeyParameters(Ys, new DHParameters(p, g))); }
public TlsDHKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, DHParameters dhParameters) { super(keyExchange, supportedSignatureAlgorithms); switch (keyExchange) { case KeyExchangeAlgorithm.DH_RSA: case KeyExchangeAlgorithm.DH_DSS: this.tlsSigner = null; break; case KeyExchangeAlgorithm.DHE_RSA: this.tlsSigner = new TlsRSASigner(); break; case KeyExchangeAlgorithm.DHE_DSS: this.tlsSigner = new TlsDSSSigner(); break; default: throw new IllegalArgumentException("unsupported key exchange algorithm"); } this.dhParameters = dhParameters; }
public void processServerKeyExchange(InputStream input) throws IOException { this.psk_identity_hint = TlsUtils.readOpaque16(input); if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK) { byte[] pBytes = TlsUtils.readOpaque16(input); byte[] gBytes = TlsUtils.readOpaque16(input); byte[] YsBytes = TlsUtils.readOpaque16(input); BigInteger p = new BigInteger(1, pBytes); BigInteger g = new BigInteger(1, gBytes); BigInteger Ys = new BigInteger(1, YsBytes); this.dhAgreeServerPublicKey = TlsDHUtils.validateDHPublicKey(new DHPublicKeyParameters(Ys, new DHParameters(p, g))); } }
public static DHPublicKeyParameters validateDHPublicKey(DHPublicKeyParameters key) throws IOException { BigInteger Y = key.getY(); DHParameters params = key.getParameters(); BigInteger p = params.getP(); BigInteger g = params.getG(); if (!p.isProbablePrime(2)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } if (g.compareTo(TWO) < 0 || g.compareTo(p.subtract(TWO)) > 0) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } if (Y.compareTo(TWO) < 0 || Y.compareTo(p.subtract(ONE)) > 0) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } // TODO See RFC 2631 for more discussion of Diffie-Hellman validation return key; }
BigInteger calculatePrivate(DHParameters dhParams, SecureRandom random) { BigInteger p = dhParams.getP(); int limit = dhParams.getL(); if (limit != 0) { return new BigInteger(limit, random).setBit(limit - 1); } BigInteger min = TWO; int m = dhParams.getM(); if (m != 0) { min = ONE.shiftLeft(m - 1); } BigInteger max = p.subtract(TWO); BigInteger q = dhParams.getQ(); if (q != null) { max = q.subtract(TWO); } return BigIntegers.createRandomInRange(min, max, random); }
public void initialize( AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException { if (!(params instanceof DHParameterSpec)) { throw new InvalidAlgorithmParameterException("parameter object not a DHParameterSpec"); } DHParameterSpec dhParams = (DHParameterSpec)params; param = new DHKeyGenerationParameters(random, new DHParameters(dhParams.getP(), dhParams.getG(), null, dhParams.getL())); engine.init(param); initialised = true; }
public AsymmetricCipherKeyPair generateKeyPair() { BigInteger p, g, x, y; int qLength = param.getStrength() - 1; DHParameters dhParams = param.getParameters(); p = dhParams.getP(); g = dhParams.getG(); // // calculate the private key // x = new BigInteger(qLength, param.getRandom()); // // calculate the public key. // y = g.modPow(x, p); return new AsymmetricCipherKeyPair( new DHPublicKeyParameters(y, dhParams), new DHPrivateKeyParameters(x, dhParams)); }
public TlsPSKKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, TlsPSKIdentity pskIdentity, TlsPSKIdentityManager pskIdentityManager, DHParameters dhParameters, int[] namedCurves, short[] clientECPointFormats, short[] serverECPointFormats) { super(keyExchange, supportedSignatureAlgorithms); switch (keyExchange) { case KeyExchangeAlgorithm.DHE_PSK: case KeyExchangeAlgorithm.ECDHE_PSK: case KeyExchangeAlgorithm.PSK: case KeyExchangeAlgorithm.RSA_PSK: break; default: throw new IllegalArgumentException("unsupported key exchange algorithm"); } this.pskIdentity = pskIdentity; this.pskIdentityManager = pskIdentityManager; this.dhParameters = dhParameters; this.namedCurves = namedCurves; this.clientECPointFormats = clientECPointFormats; this.serverECPointFormats = serverECPointFormats; }
public static DHParameters getParametersForDHEGroup(short dheGroup) { switch (dheGroup) { case FiniteFieldDHEGroup.ffdhe2432: return draft_ffdhe2432; case FiniteFieldDHEGroup.ffdhe3072: return draft_ffdhe3072; case FiniteFieldDHEGroup.ffdhe4096: return draft_ffdhe4096; case FiniteFieldDHEGroup.ffdhe6144: return draft_ffdhe6144; case FiniteFieldDHEGroup.ffdhe8192: return draft_ffdhe8192; default: return null; } }
public static DHParameters validateDHParameters(DHParameters params) throws IOException { BigInteger p = params.getP(); BigInteger g = params.getG(); if (!p.isProbablePrime(2)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } if (g.compareTo(TWO) < 0 || g.compareTo(p.subtract(TWO)) > 0) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } return params; }
private void testBounds() { BigInteger p1 = new BigInteger("00C8028E9151C6B51BCDB35C1F6B2527986A72D8546AE7A4BF41DC4289FF9837EE01592D36C324A0F066149B8B940C86C87D194206A39038AE3396F8E12435BB74449B70222D117B8A2BB77CB0D67A5D664DDE7B75E0FEC13CE0CAF258DAF3ADA0773F6FF0F2051D1859929AAA53B07809E496B582A89C3D7DA8B6E38305626621", 16); BigInteger g1 = new BigInteger("1F869713181464577FE4026B47102FA0D7675503A4FCDA810881FAEC3524E6DBAEA9B96561EF7F8BEA76466DF11C2F3EB1A90CC5851735BF860606481257EECE6418C0204E61004E85D7131CE54BCBC7AD67E53C79DCB715E7C8D083DCD85D728283EC8F96839B4C9FA7C0727C472BEB94E4613CAFA8D580119C0AF4BF8AF252", 16); int l1 = 1023; BigInteger p2 = new BigInteger("00B333C98720220CC3946F494E25231B3E19F9AD5F6B19F4E7ABF80D8826C491C3224D4F7415A14A7C11D1BE584405FED12C3554F103E56A72D986CA5E325BB9DE07AC37D1EAE5E5AC724D32EF638F0E4462D4C1FC7A45B9FD3A5DF5EC36A1FA4DAA3FBB66AA42B1B71DF416AB547E987513426C7BB8634F5F4D37705514FDC1E1", 16); BigInteger g2 = new BigInteger("2592F5A99FE46313650CCE66C94C15DBED9F4A45BD05C329986CF5D3E12139F0405A47C6385FEA27BFFEDC4CBABC5BB151F3BEE7CC3D51567F1E2B12A975AA9F48A70BDAAE7F5B87E70ADCF902490A3CBEFEDA41EBA8E12E02B56120B5FDEFBED07F5EAD3AE020DF3C8233216F8F0D35E13A7AE4DA5CBCC0D91EADBF20C281C6", 16); int l2 = 1024; DHKeyGenerationParameters params1 = new DHKeyGenerationParameters(new SecureRandom(), new DHParameters(p1, g1, null, l1)); DHKeyGenerationParameters params2 = new DHKeyGenerationParameters(new SecureRandom(), new DHParameters(p2, g2, null, l2)); DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator(); kpGen.init(params1); kpGen.init(params2); }
public static DHParameters modp1024_160() { BigInteger p = new BigInteger( "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" + "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" + "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" + "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" + "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" + "DF1FB2BC2E4A4371", 16); BigInteger g = new BigInteger( "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" + "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" + "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" + "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" + "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" + "855E6EEB22B3B2E5", 16); BigInteger q = new BigInteger( "F518AA8781A8DF278ABA4E7D64B7CB9D49462353", 16); return new DHParameters(p, g, q); }
public static DHPublicKeyParameters validateDHPublicKey(DHPublicKeyParameters key) throws IOException { BigInteger Y = key.getY(); DHParameters params = key.getParameters(); BigInteger p = params.getP(); BigInteger g = params.getG(); if (!p.isProbablePrime(2)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } if (g.compareTo(TWO) < 0 || g.compareTo(p.subtract(TWO)) > 0) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } if (Y.compareTo(TWO) < 0 || Y.compareTo(p.subtract(TWO)) > 0) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } // TODO See RFC 2631 for more discussion of Diffie-Hellman validation return key; }
public TlsPSKKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, TlsPSKIdentity pskIdentity, DHParameters dhParameters, int[] namedCurves, short[] clientECPointFormats, short[] serverECPointFormats) { super(keyExchange, supportedSignatureAlgorithms); switch (keyExchange) { case KeyExchangeAlgorithm.DHE_PSK: case KeyExchangeAlgorithm.ECDHE_PSK: case KeyExchangeAlgorithm.PSK: case KeyExchangeAlgorithm.RSA_PSK: break; default: throw new IllegalArgumentException("unsupported key exchange algorithm"); } this.pskIdentity = pskIdentity; this.dhParameters = dhParameters; this.namedCurves = namedCurves; this.clientECPointFormats = clientECPointFormats; this.serverECPointFormats = serverECPointFormats; }