diff options
Diffstat (limited to 'core/src/main/java/org/spongycastle/crypto/tls/DefaultTlsAgreementCredentials.java')
-rw-r--r-- | core/src/main/java/org/spongycastle/crypto/tls/DefaultTlsAgreementCredentials.java | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/core/src/main/java/org/spongycastle/crypto/tls/DefaultTlsAgreementCredentials.java b/core/src/main/java/org/spongycastle/crypto/tls/DefaultTlsAgreementCredentials.java new file mode 100644 index 00000000..be981d8a --- /dev/null +++ b/core/src/main/java/org/spongycastle/crypto/tls/DefaultTlsAgreementCredentials.java @@ -0,0 +1,78 @@ +package org.spongycastle.crypto.tls; + +import java.math.BigInteger; + +import org.spongycastle.crypto.BasicAgreement; +import org.spongycastle.crypto.agreement.DHBasicAgreement; +import org.spongycastle.crypto.agreement.ECDHBasicAgreement; +import org.spongycastle.crypto.params.AsymmetricKeyParameter; +import org.spongycastle.crypto.params.DHPrivateKeyParameters; +import org.spongycastle.crypto.params.ECPrivateKeyParameters; +import org.spongycastle.util.BigIntegers; + +public class DefaultTlsAgreementCredentials + extends AbstractTlsAgreementCredentials +{ + protected Certificate certificate; + protected AsymmetricKeyParameter privateKey; + + protected BasicAgreement basicAgreement; + protected boolean truncateAgreement; + + public DefaultTlsAgreementCredentials(Certificate certificate, AsymmetricKeyParameter privateKey) + { + if (certificate == null) + { + throw new IllegalArgumentException("'certificate' cannot be null"); + } + if (certificate.isEmpty()) + { + throw new IllegalArgumentException("'certificate' cannot be empty"); + } + if (privateKey == null) + { + throw new IllegalArgumentException("'privateKey' cannot be null"); + } + if (!privateKey.isPrivate()) + { + throw new IllegalArgumentException("'privateKey' must be private"); + } + + if (privateKey instanceof DHPrivateKeyParameters) + { + basicAgreement = new DHBasicAgreement(); + truncateAgreement = true; + } + else if (privateKey instanceof ECPrivateKeyParameters) + { + basicAgreement = new ECDHBasicAgreement(); + truncateAgreement = false; + } + else + { + throw new IllegalArgumentException("'privateKey' type not supported: " + + privateKey.getClass().getName()); + } + + this.certificate = certificate; + this.privateKey = privateKey; + } + + public Certificate getCertificate() + { + return certificate; + } + + public byte[] generateAgreement(AsymmetricKeyParameter peerPublicKey) + { + basicAgreement.init(privateKey); + BigInteger agreementValue = basicAgreement.calculateAgreement(peerPublicKey); + + if (truncateAgreement) + { + return BigIntegers.asUnsignedByteArray(agreementValue); + } + + return BigIntegers.asUnsignedByteArray(basicAgreement.getFieldSize(), agreementValue); + } +} |