public byte[] generateServerKeyExchange() throws IOException { if (this.dhParameters == null) { throw new TlsFatalAlert(AlertDescription.internal_error); } ByteArrayOutputStream buf = new ByteArrayOutputStream(); DHKeyPairGenerator kpg = new DHKeyPairGenerator(); kpg.init(new DHKeyGenerationParameters(context.getSecureRandom(), this.dhParameters)); AsymmetricCipherKeyPair kp = kpg.generateKeyPair(); BigInteger Ys = ((DHPublicKeyParameters)kp.getPublic()).getY(); TlsDHUtils.writeDHParameter(dhParameters.getP(), buf); TlsDHUtils.writeDHParameter(dhParameters.getG(), buf); TlsDHUtils.writeDHParameter(Ys, buf); byte[] digestInput = buf.toByteArray(); Digest d = new CombinedHash(); SecurityParameters securityParameters = context.getSecurityParameters(); d.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length); d.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length); d.update(digestInput, 0, digestInput.length); byte[] hash = new byte[d.getDigestSize()]; d.doFinal(hash, 0); byte[] sigBytes = serverCredentials.generateCertificateSignature(hash); /* * TODO RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm prepended from TLS 1.2 */ TlsUtils.writeOpaque16(sigBytes, buf); return buf.toByteArray(); }
/** * calculate our initial message. */ public BigInteger calculateMessage() { DHKeyPairGenerator dhGen = new DHKeyPairGenerator(); dhGen.init(new DHKeyGenerationParameters(random, dhParams)); AsymmetricCipherKeyPair dhPair = dhGen.generateKeyPair(); this.privateValue = ((DHPrivateKeyParameters)dhPair.getPrivate()).getX(); return ((DHPublicKeyParameters)dhPair.getPublic()).getY(); }
private void testGPWithRandom( DHKeyPairGenerator kpGen) { // // generate first pair // AsymmetricCipherKeyPair pair = kpGen.generateKeyPair(); DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.getPublic(); DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.getPrivate(); // // generate second pair // pair = kpGen.generateKeyPair(); DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.getPublic(); DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.getPrivate(); // // two way // DHAgreement e1 = new DHAgreement(); DHAgreement e2 = new DHAgreement(); e1.init(new ParametersWithRandom(pv1, new SecureRandom())); e2.init(new ParametersWithRandom(pv2, new SecureRandom())); BigInteger m1 = e1.calculateMessage(); BigInteger m2 = e2.calculateMessage(); BigInteger k1 = e1.calculateAgreement(pu2, m2); BigInteger k2 = e2.calculateAgreement(pu1, m1); if (!k1.equals(k2)) { fail("basic with random 2-way test failed"); } }
private DHKeyPairGenerator getDHKeyPairGenerator( BigInteger g, BigInteger p) { DHParameters dhParams = new DHParameters(p, g); DHKeyGenerationParameters params = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHKeyPairGenerator kpGen = new DHKeyPairGenerator(); kpGen.init(params); return kpGen; }
private void testDH( int size, BigInteger g, BigInteger p) { DHKeyPairGenerator kpGen = getDHKeyPairGenerator(g, p); // // generate first pair // AsymmetricCipherKeyPair pair = kpGen.generateKeyPair(); DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.getPublic(); DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.getPrivate(); // // generate second pair // pair = kpGen.generateKeyPair(); DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.getPublic(); DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.getPrivate(); // // two way // DHAgreement e1 = new DHAgreement(); DHAgreement e2 = new DHAgreement(); e1.init(pv1); e2.init(pv2); BigInteger m1 = e1.calculateMessage(); BigInteger m2 = e2.calculateMessage(); BigInteger k1 = e1.calculateAgreement(pu2, m2); BigInteger k2 = e2.calculateAgreement(pu1, m1); if (!k1.equals(k2)) { fail(size + " bit 2-way test failed"); } }
