blob: 021a71535b6de650a2421ecc41f4de1b4458a9a2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
package org.bouncycastle.crypto.agreement;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.generators.DHKeyPairGenerator;
import org.bouncycastle.crypto.params.DHKeyGenerationParameters;
import org.bouncycastle.crypto.params.DHParameters;
import org.bouncycastle.crypto.params.DHPublicKeyParameters;
import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.params.ParametersWithRandom;
/**
* a Diffie-Hellman key exchange engine.
* <p>
* note: This uses MTI/A0 key agreement in order to make the key agreement
* secure against passive attacks. If you're doing Diffie-Hellman and both
* parties have long term public keys you should look at using this. For
* further information have a look at RFC 2631.
* <p>
* It's possible to extend this to more than two parties as well, for the moment
* that is left as an exercise for the reader.
*/
public class DHAgreement
{
private DHPrivateKeyParameters key;
private DHParameters dhParams;
private BigInteger privateValue;
private SecureRandom random;
public void init(
CipherParameters param)
{
AsymmetricKeyParameter kParam;
if (param instanceof ParametersWithRandom)
{
ParametersWithRandom rParam = (ParametersWithRandom)param;
this.random = rParam.getRandom();
kParam = (AsymmetricKeyParameter)rParam.getParameters();
}
else
{
this.random = new SecureRandom();
kParam = (AsymmetricKeyParameter)param;
}
if (!(kParam instanceof DHPrivateKeyParameters))
{
throw new IllegalArgumentException("DHEngine expects DHPrivateKeyParameters");
}
this.key = (DHPrivateKeyParameters)kParam;
this.dhParams = key.getParameters();
}
/**
* calculate our initial message.
*/
public BigInteger calculateMessage()
{
DHKeyPairGenerator dhGen = new DHKeyPairGenerator();
dhGen.init(new DHKeyGenerationParameters(random, dhParams));
AsymmetricCipherKeyPair dhPair = dhGen.generateKeyPair();
this.privateValue = ((DHPrivateKeyParameters)dhPair.getPrivate()).getX();
return ((DHPublicKeyParameters)dhPair.getPublic()).getY();
}
/**
* given a message from a given party and the corresponding public key,
* calculate the next message in the agreement sequence. In this case
* this will represent the shared secret.
*/
public BigInteger calculateAgreement(
DHPublicKeyParameters pub,
BigInteger message)
{
if (!pub.getParameters().equals(dhParams))
{
throw new IllegalArgumentException("Diffie-Hellman public key has wrong parameters.");
}
BigInteger p = dhParams.getP();
return message.modPow(key.getX(), p).multiply(pub.getY().modPow(privateValue, p)).mod(p);
}
}
|