@Override public AsymmetricCipherKeyPairGenerator createAsymmetricCipherKeyPairGenerator(final boolean initWithDefaults) { final ElGamalKeyPairGenerator generator = new ElGamalKeyPairGenerator(); if (initWithDefaults) { /* * How certain do we want to be that the chosen primes are really primes. * <p> * The higher this number, the more tests are done to make sure they are primes (and not composites). * <p> * See: <a href="http://crypto.stackexchange.com/questions/3114/what-is-the-correct-value-for-certainty-in-rsa-key-pair-generation">What is the correct value for “certainty” in RSA key pair generation?</a> * and * <a href="http://crypto.stackexchange.com/questions/3126/does-a-high-exponent-compensate-for-a-low-degree-of-certainty?lq=1">Does a high exponent compensate for a low degree of certainty?</a> */ final int certainty = 12; final SecureRandom random = new SecureRandom(); ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); pGen.init(4096, certainty, random); ElGamalParameters elGamalParameters = pGen.generateParameters(); generator.init(new ElGamalKeyGenerationParameters(random, elGamalParameters)); } return generator; }
private ElGamalKeyGenerationParameters createElGamalKeyGenerationParameters(final CreatePgpKeyParam createPgpKeyParam) { /* * How certain do we want to be that the chosen primes are really primes. * <p> * The higher this number, the more tests are done to make sure they are primes (and not composites). * <p> * See: <a href="http://crypto.stackexchange.com/questions/3114/what-is-the-correct-value-for-certainty-in-rsa-key-pair-generation">What is the correct value for “certainty” in RSA key pair generation?</a> * and * <a href="http://crypto.stackexchange.com/questions/3126/does-a-high-exponent-compensate-for-a-low-degree-of-certainty?lq=1">Does a high exponent compensate for a low degree of certainty?</a> */ final int certainty = 8; // 12 takes ages - and DSA+El-Gamal is anyway a bad idea and discouraged. Reducing this to make it bearable. final SecureRandom random = getSecureRandom(); ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); pGen.init(createPgpKeyParam.getStrength(), certainty, random); ElGamalParameters elGamalParameters = pGen.generateParameters(); // Maybe we should generate our "DH safe primes" only once and store them somewhere? Or maybe we should provide a long list // of them in the resources? DHParametersHelper.generateSafePrimes(size, certainty, random); takes really really very long. // BUT BEWARE: Attacks on El Gamal can re-use expensively calculated stuff, if p (one of the "safe primes) is the same. // However, it is still not *so* easy. Hmmm... don't know. Security is really important here. return new ElGamalKeyGenerationParameters(random, elGamalParameters); }
/** * This method is used to generate Public Key and Private Key * @param params */ private void GenerateKeys(ElGamalParameters params, String password){ ElGamalKeyGenerationParameters elGP = new ElGamalKeyGenerationParameters(random,params); ElGamalKeyPairGenerator KeyPair = new ElGamalKeyPairGenerator(); KeyPair.init(elGP); AsymmetricCipherKeyPair cipher1 = KeyPair.generateKeyPair(); publicKey = ((ElGamalPublicKeyParameters) cipher1.getPublic()).getY(); privateKey = ((ElGamalPrivateKeyParameters)cipher1.getPrivate()).getX(); wellGenerated = true; encryptPrivateKey(password); }
public void init( KeyGenerationParameters param) { this.param = (ElGamalKeyGenerationParameters)param; }
public void generateTest() throws Exception { char[] passPhrase = "hello".toCharArray(); DSAParametersGenerator dsaPGen = new DSAParametersGenerator(); dsaPGen.init(512, 10, new SecureRandom()); DSAKeyPairGenerator dsaKpg = new DSAKeyPairGenerator(); dsaKpg.init(new DSAKeyGenerationParameters(new SecureRandom(), dsaPGen.generateParameters())); // // this takes a while as the key generator has to generate some DSA params // before it generates the key. // AsymmetricCipherKeyPair dsaKp = dsaKpg.generateKeyPair(); ElGamalKeyPairGenerator elgKpg = new ElGamalKeyPairGenerator(); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameters elParams = new ElGamalParameters(p, g); elgKpg.init(new ElGamalKeyGenerationParameters(new SecureRandom(), elParams)); // // this is quicker because we are using pregenerated parameters. // AsymmetricCipherKeyPair elgKp = elgKpg.generateKeyPair(); PGPKeyPair dsaKeyPair = new BcPGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date()); PGPKeyPair elgKeyPair = new BcPGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date()); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair, "test", null, null, null, new BcPGPContentSignerBuilder(PGPPublicKey.DSA, HashAlgorithmTags.SHA1), new BcPBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256).build(passPhrase)); keyRingGen.addSubKey(elgKeyPair); PGPSecretKeyRing keyRing = keyRingGen.generateSecretKeyRing(); keyRing.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passPhrase)); PGPPublicKeyRing pubRing = keyRingGen.generatePublicKeyRing(); PGPPublicKey vKey = null; PGPPublicKey sKey = null; Iterator it = pubRing.getPublicKeys(); while (it.hasNext()) { PGPPublicKey pk = (PGPPublicKey)it.next(); if (pk.isMasterKey()) { vKey = pk; } else { sKey = pk; } } Iterator sIt = sKey.getSignatures(); while (sIt.hasNext()) { PGPSignature sig = (PGPSignature)sIt.next(); if (sig.getKeyID() == vKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { sig.init(new BcPGPContentVerifierBuilderProvider(), vKey); if (!sig.verifyCertification(vKey, sKey)) { fail("failed to verify sub-key signature."); } } } }
public void generateSha1Test() throws Exception { char[] passPhrase = "hello".toCharArray(); DSAParametersGenerator dsaPGen = new DSAParametersGenerator(); dsaPGen.init(512, 10, new SecureRandom()); DSAKeyPairGenerator dsaKpg = new DSAKeyPairGenerator(); dsaKpg.init(new DSAKeyGenerationParameters(new SecureRandom(), dsaPGen.generateParameters())); // // this takes a while as the key generator has to generate some DSA params // before it generates the key. // AsymmetricCipherKeyPair dsaKp = dsaKpg.generateKeyPair(); ElGamalKeyPairGenerator elgKpg = new ElGamalKeyPairGenerator(); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameters elParams = new ElGamalParameters(p, g); elgKpg.init(new ElGamalKeyGenerationParameters(new SecureRandom(), elParams)); // // this is quicker because we are using pregenerated parameters. // AsymmetricCipherKeyPair elgKp = elgKpg.generateKeyPair(); PGPKeyPair dsaKeyPair = new BcPGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date()); PGPKeyPair elgKeyPair = new BcPGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date()); PGPDigestCalculator chkSumCalc = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA1); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair, "test", chkSumCalc, null, null, new BcPGPContentSignerBuilder(PGPPublicKey.DSA, HashAlgorithmTags.SHA1), new BcPBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256).build(passPhrase)); keyRingGen.addSubKey(elgKeyPair); PGPSecretKeyRing keyRing = keyRingGen.generateSecretKeyRing(); keyRing.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passPhrase)); PGPPublicKeyRing pubRing = keyRingGen.generatePublicKeyRing(); PGPPublicKey vKey = null; PGPPublicKey sKey = null; Iterator it = pubRing.getPublicKeys(); while (it.hasNext()) { PGPPublicKey pk = (PGPPublicKey)it.next(); if (pk.isMasterKey()) { vKey = pk; } else { sKey = pk; } } Iterator sIt = sKey.getSignatures(); while (sIt.hasNext()) { PGPSignature sig = (PGPSignature)sIt.next(); if (sig.getKeyID() == vKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { sig.init(new BcPGPContentVerifierBuilderProvider(), vKey); if (!sig.verifyCertification(vKey, sKey)) { fail("failed to verify sub-key signature."); } } } }
/** * this test is can take quiet a while * * @param size size of key in bits. */ private void testGeneration( int size) { ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); pGen.init(size, 10, new SecureRandom()); ElGamalParameters elParams = pGen.generateParameters(); if (elParams.getL() != 0) { fail("ElGamalParametersGenerator failed to set L to 0 in generated ElGamalParameters"); } ElGamalKeyGenerationParameters params = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams); ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator(); kpGen.init(params); // // generate first pair // AsymmetricCipherKeyPair pair = kpGen.generateKeyPair(); ElGamalPublicKeyParameters pu = (ElGamalPublicKeyParameters)pair.getPublic(); ElGamalPrivateKeyParameters pv = (ElGamalPrivateKeyParameters)pair.getPrivate(); ElGamalEngine e = new ElGamalEngine(); e.init(true, new ParametersWithRandom(pu, new SecureRandom())); byte[] message = Hex.decode("5468697320697320612074657374"); byte[] pText = message; byte[] cText = e.processBlock(pText, 0, pText.length); e.init(false, pv); pText = e.processBlock(cText, 0, cText.length); if (!Arrays.areEqual(message, pText)) { fail("generation test failed"); } }
@Override public AsymmetricCipherKeyPair generate(SecureRandom random) { final ElGamalKeyPairGenerator generator = new ElGamalKeyPairGenerator(); generator.init(new ElGamalKeyGenerationParameters(random, parameters)); return generator.generateKeyPair(); }
