Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/core/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java
diff options
context:
space:
mode:
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java')
-rw-r--r--core/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java214
1 files changed, 0 insertions, 214 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java b/core/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java
deleted file mode 100644
index f0065f4c..00000000
--- a/core/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java
+++ /dev/null
@@ -1,214 +0,0 @@
-package org.bouncycastle.crypto.examples;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroup;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroups;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEParticipant;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound1Payload;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound2Payload;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound3Payload;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-
-/**
- * An example of a J-PAKE exchange.
- * <p>
- *
- * In this example, both Alice and Bob are on the same computer (in the same JVM, in fact).
- * In reality, Alice and Bob would be in different locations,
- * and would be sending their generated payloads to each other.
- */
-public class JPAKEExample
-{
-
- public static void main(String args[]) throws CryptoException
- {
- /*
- * Initialization
- *
- * Pick an appropriate prime order group to use throughout the exchange.
- * Note that both participants must use the same group.
- */
- JPAKEPrimeOrderGroup group = JPAKEPrimeOrderGroups.NIST_3072;
-
- BigInteger p = group.getP();
- BigInteger q = group.getQ();
- BigInteger g = group.getG();
-
- String alicePassword = "password";
- String bobPassword = "password";
-
- System.out.println("********* Initialization **********");
- System.out.println("Public parameters for the cyclic group:");
- System.out.println("p (" + p.bitLength() + " bits): " + p.toString(16));
- System.out.println("q (" + q.bitLength() + " bits): " + q.toString(16));
- System.out.println("g (" + p.bitLength() + " bits): " + g.toString(16));
- System.out.println("p mod q = " + p.mod(q).toString(16));
- System.out.println("g^{q} mod p = " + g.modPow(q, p).toString(16));
- System.out.println("");
-
- System.out.println("(Secret passwords used by Alice and Bob: " +
- "\"" + alicePassword + "\" and \"" + bobPassword + "\")\n");
-
- /*
- * Both participants must use the same hashing algorithm.
- */
- Digest digest = new SHA256Digest();
- SecureRandom random = new SecureRandom();
-
- JPAKEParticipant alice = new JPAKEParticipant("alice", alicePassword.toCharArray(), group, digest, random);
- JPAKEParticipant bob = new JPAKEParticipant("bob", bobPassword.toCharArray(), group, digest, random);
-
- /*
- * Round 1
- *
- * Alice and Bob each generate a round 1 payload, and send it to each other.
- */
-
- JPAKERound1Payload aliceRound1Payload = alice.createRound1PayloadToSend();
- JPAKERound1Payload bobRound1Payload = bob.createRound1PayloadToSend();
-
- System.out.println("************ Round 1 **************");
- System.out.println("Alice sends to Bob: ");
- System.out.println("g^{x1}=" + aliceRound1Payload.getGx1().toString(16));
- System.out.println("g^{x2}=" + aliceRound1Payload.getGx2().toString(16));
- System.out.println("KP{x1}={" + aliceRound1Payload.getKnowledgeProofForX1()[0].toString(16) + "};{" + aliceRound1Payload.getKnowledgeProofForX1()[1].toString(16) + "}");
- System.out.println("KP{x2}={" + aliceRound1Payload.getKnowledgeProofForX2()[0].toString(16) + "};{" + aliceRound1Payload.getKnowledgeProofForX2()[1].toString(16) + "}");
- System.out.println("");
-
- System.out.println("Bob sends to Alice: ");
- System.out.println("g^{x3}=" + bobRound1Payload.getGx1().toString(16));
- System.out.println("g^{x4}=" + bobRound1Payload.getGx2().toString(16));
- System.out.println("KP{x3}={" + bobRound1Payload.getKnowledgeProofForX1()[0].toString(16) + "};{" + bobRound1Payload.getKnowledgeProofForX1()[1].toString(16) + "}");
- System.out.println("KP{x4}={" + bobRound1Payload.getKnowledgeProofForX2()[0].toString(16) + "};{" + bobRound1Payload.getKnowledgeProofForX2()[1].toString(16) + "}");
- System.out.println("");
-
- /*
- * Each participant must then validate the received payload for round 1
- */
-
- alice.validateRound1PayloadReceived(bobRound1Payload);
- System.out.println("Alice checks g^{x4}!=1: OK");
- System.out.println("Alice checks KP{x3}: OK");
- System.out.println("Alice checks KP{x4}: OK");
- System.out.println("");
-
- bob.validateRound1PayloadReceived(aliceRound1Payload);
- System.out.println("Bob checks g^{x2}!=1: OK");
- System.out.println("Bob checks KP{x1},: OK");
- System.out.println("Bob checks KP{x2},: OK");
- System.out.println("");
-
- /*
- * Round 2
- *
- * Alice and Bob each generate a round 2 payload, and send it to each other.
- */
-
- JPAKERound2Payload aliceRound2Payload = alice.createRound2PayloadToSend();
- JPAKERound2Payload bobRound2Payload = bob.createRound2PayloadToSend();
-
- System.out.println("************ Round 2 **************");
- System.out.println("Alice sends to Bob: ");
- System.out.println("A=" + aliceRound2Payload.getA().toString(16));
- System.out.println("KP{x2*s}={" + aliceRound2Payload.getKnowledgeProofForX2s()[0].toString(16) + "},{" + aliceRound2Payload.getKnowledgeProofForX2s()[1].toString(16) + "}");
- System.out.println("");
-
- System.out.println("Bob sends to Alice");
- System.out.println("B=" + bobRound2Payload.getA().toString(16));
- System.out.println("KP{x4*s}={" + bobRound2Payload.getKnowledgeProofForX2s()[0].toString(16) + "},{" + bobRound2Payload.getKnowledgeProofForX2s()[1].toString(16) + "}");
- System.out.println("");
-
- /*
- * Each participant must then validate the received payload for round 2
- */
-
- alice.validateRound2PayloadReceived(bobRound2Payload);
- System.out.println("Alice checks KP{x4*s}: OK\n");
-
- bob.validateRound2PayloadReceived(aliceRound2Payload);
- System.out.println("Bob checks KP{x2*s}: OK\n");
-
- /*
- * After round 2, each participant computes the keying material.
- */
-
- BigInteger aliceKeyingMaterial = alice.calculateKeyingMaterial();
- BigInteger bobKeyingMaterial = bob.calculateKeyingMaterial();
-
- System.out.println("********* After round 2 ***********");
- System.out.println("Alice computes key material \t K=" + aliceKeyingMaterial.toString(16));
- System.out.println("Bob computes key material \t K=" + bobKeyingMaterial.toString(16));
- System.out.println();
-
-
- /*
- * You must derive a session key from the keying material applicable
- * to whatever encryption algorithm you want to use.
- */
-
- BigInteger aliceKey = deriveSessionKey(aliceKeyingMaterial);
- BigInteger bobKey = deriveSessionKey(bobKeyingMaterial);
-
- /*
- * At this point, you can stop and use the session keys if you want.
- * This is implicit key confirmation.
- *
- * If you want to explicitly confirm that the key material matches,
- * you can continue on and perform round 3.
- */
-
- /*
- * Round 3
- *
- * Alice and Bob each generate a round 3 payload, and send it to each other.
- */
-
- JPAKERound3Payload aliceRound3Payload = alice.createRound3PayloadToSend(aliceKeyingMaterial);
- JPAKERound3Payload bobRound3Payload = bob.createRound3PayloadToSend(bobKeyingMaterial);
-
- System.out.println("************ Round 3 **************");
- System.out.println("Alice sends to Bob: ");
- System.out.println("MacTag=" + aliceRound3Payload.getMacTag().toString(16));
- System.out.println("");
- System.out.println("Bob sends to Alice: ");
- System.out.println("MacTag=" + bobRound3Payload.getMacTag().toString(16));
- System.out.println("");
-
- /*
- * Each participant must then validate the received payload for round 3
- */
-
- alice.validateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial);
- System.out.println("Alice checks MacTag: OK\n");
-
- bob.validateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial);
- System.out.println("Bob checks MacTag: OK\n");
-
- System.out.println();
- System.out.println("MacTags validated, therefore the keying material matches.");
- }
-
- private static BigInteger deriveSessionKey(BigInteger keyingMaterial)
- {
- /*
- * You should use a secure key derivation function (KDF) to derive the session key.
- *
- * For the purposes of this example, I'm just going to use a hash of the keying material.
- */
- SHA256Digest digest = new SHA256Digest();
-
- byte[] keyByteArray = keyingMaterial.toByteArray();
-
- byte[] output = new byte[digest.getDigestSize()];
-
- digest.update(keyByteArray, 0, keyByteArray.length);
-
- digest.doFinal(output, 0);
-
- return new BigInteger(output);
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 05:51:44 +0300