Example 11 with DHParameterSpec
use of javax.crypto.spec.DHParameterSpec in project wycheproof by google.
the class DhTest method openJdk1024.
// The default parameters returned for 1024 bit DH keys from OpenJdk as defined in
// openjdk7/releases/v6/trunk/jdk/src/share/classes/sun/security/provider/ParameterCache.java
// I.e., these are the same parameters as used for DSA.
public DHParameterSpec openJdk1024() {
final BigInteger p = new BigInteger("fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669" + "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7" + "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb" + "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16);
final BigInteger unusedQ = new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16);
final BigInteger g = new BigInteger("f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267" + "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1" + "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b" + "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16);
return new DHParameterSpec(p, g);
}
Also used :
BigInteger(java.math.BigInteger)
DHParameterSpec(javax.crypto.spec.DHParameterSpec)
Example 12 with DHParameterSpec
use of javax.crypto.spec.DHParameterSpec in project XobotOS by xamarin.
the class JCEDHPrivateKey method readObject.
private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException {
x = (BigInteger) in.readObject();
this.dhSpec = new DHParameterSpec((BigInteger) in.readObject(), (BigInteger) in.readObject(), in.readInt());
}
Also used :
BigInteger(java.math.BigInteger)
DHParameterSpec(javax.crypto.spec.DHParameterSpec)
Example 13 with DHParameterSpec
use of javax.crypto.spec.DHParameterSpec in project XobotOS by xamarin.
the class JCEDHPublicKey method readObject.
private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException {
this.y = (BigInteger) in.readObject();
this.dhSpec = new DHParameterSpec((BigInteger) in.readObject(), (BigInteger) in.readObject(), in.readInt());
}
Also used :
BigInteger(java.math.BigInteger)
DHParameterSpec(javax.crypto.spec.DHParameterSpec)
Example 14 with DHParameterSpec
use of javax.crypto.spec.DHParameterSpec in project XobotOS by xamarin.
the class JCEDHKeyAgreement method engineInit.
protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
if (!(key instanceof DHPrivateKey)) {
throw new InvalidKeyException("DHKeyAgreement requires DHPrivateKey for initialisation");
}
DHPrivateKey privKey = (DHPrivateKey) key;
if (params != null) {
if (!(params instanceof DHParameterSpec)) {
throw new InvalidAlgorithmParameterException("DHKeyAgreement only accepts DHParameterSpec");
}
DHParameterSpec p = (DHParameterSpec) params;
this.p = p.getP();
this.g = p.getG();
} else {
this.p = privKey.getParams().getP();
this.g = privKey.getParams().getG();
}
this.x = this.result = privKey.getX();
}
Also used :
DHPrivateKey(javax.crypto.interfaces.DHPrivateKey)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
DHParameterSpec(javax.crypto.spec.DHParameterSpec)
InvalidKeyException(java.security.InvalidKeyException)
Example 15 with DHParameterSpec
use of javax.crypto.spec.DHParameterSpec in project XobotOS by xamarin.
the class ClientHandshakeImpl method processServerHelloDone.
/**
* Processes ServerHelloDone: makes verification of the server messages; sends
* client messages, computers masterSecret, sends ChangeCipherSpec
*/
void processServerHelloDone() {
PrivateKey clientKey = null;
if (serverCert != null) {
if (session.cipherSuite.isAnonymous()) {
unexpectedMessage();
return;
}
verifyServerCert();
} else {
if (!session.cipherSuite.isAnonymous()) {
unexpectedMessage();
return;
}
}
// Client certificate
if (certificateRequest != null) {
X509Certificate[] certs = null;
// obtain certificates from key manager
String alias = null;
String[] certTypes = certificateRequest.getTypesAsString();
X500Principal[] issuers = certificateRequest.certificate_authorities;
X509KeyManager km = parameters.getKeyManager();
if (km instanceof X509ExtendedKeyManager) {
X509ExtendedKeyManager ekm = (X509ExtendedKeyManager) km;
if (this.socketOwner != null) {
alias = ekm.chooseClientAlias(certTypes, issuers, this.socketOwner);
} else {
alias = ekm.chooseEngineClientAlias(certTypes, issuers, this.engineOwner);
}
if (alias != null) {
certs = ekm.getCertificateChain(alias);
}
} else {
alias = km.chooseClientAlias(certTypes, issuers, this.socketOwner);
if (alias != null) {
certs = km.getCertificateChain(alias);
}
}
session.localCertificates = certs;
clientCert = new CertificateMessage(certs);
clientKey = km.getPrivateKey(alias);
send(clientCert);
}
// Client key exchange
if (session.cipherSuite.keyExchange == CipherSuite.KEY_EXCHANGE_RSA || session.cipherSuite.keyExchange == CipherSuite.KEY_EXCHANGE_RSA_EXPORT) {
// RSA encrypted premaster secret message
Cipher c;
try {
c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
if (serverKeyExchange != null) {
c.init(Cipher.ENCRYPT_MODE, serverKeyExchange.getRSAPublicKey());
} else {
c.init(Cipher.ENCRYPT_MODE, serverCert.certs[0]);
}
} catch (Exception e) {
fatalAlert(AlertProtocol.INTERNAL_ERROR, "Unexpected exception", e);
return;
}
preMasterSecret = new byte[48];
parameters.getSecureRandom().nextBytes(preMasterSecret);
System.arraycopy(clientHello.client_version, 0, preMasterSecret, 0, 2);
try {
clientKeyExchange = new ClientKeyExchange(c.doFinal(preMasterSecret), serverHello.server_version[1] == 1);
} catch (Exception e) {
fatalAlert(AlertProtocol.INTERNAL_ERROR, "Unexpected exception", e);
return;
}
} else {
try {
KeyFactory kf = KeyFactory.getInstance("DH");
KeyAgreement agreement = KeyAgreement.getInstance("DH");
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH");
PublicKey serverPublic;
DHParameterSpec spec;
if (serverKeyExchange != null) {
serverPublic = kf.generatePublic(new DHPublicKeySpec(serverKeyExchange.par3, serverKeyExchange.par1, serverKeyExchange.par2));
spec = new DHParameterSpec(serverKeyExchange.par1, serverKeyExchange.par2);
} else {
serverPublic = serverCert.certs[0].getPublicKey();
spec = ((DHPublicKey) serverPublic).getParams();
}
kpg.initialize(spec);
KeyPair kp = kpg.generateKeyPair();
Key key = kp.getPublic();
if (clientCert != null && serverCert != null && (session.cipherSuite.keyExchange == CipherSuite.KEY_EXCHANGE_DHE_RSA || session.cipherSuite.keyExchange == CipherSuite.KEY_EXCHANGE_DHE_DSS)) {
PublicKey client_pk = clientCert.certs[0].getPublicKey();
PublicKey server_pk = serverCert.certs[0].getPublicKey();
if (client_pk instanceof DHKey && server_pk instanceof DHKey) {
if (((DHKey) client_pk).getParams().getG().equals(((DHKey) server_pk).getParams().getG()) && ((DHKey) client_pk).getParams().getP().equals(((DHKey) server_pk).getParams().getG())) {
// client cert message DH public key parameters
// matched those specified by the
// server in its certificate,
// empty
clientKeyExchange = new ClientKeyExchange();
}
}
} else {
clientKeyExchange = new ClientKeyExchange(((DHPublicKey) key).getY());
}
key = kp.getPrivate();
agreement.init(key);
agreement.doPhase(serverPublic, true);
preMasterSecret = agreement.generateSecret();
} catch (Exception e) {
fatalAlert(AlertProtocol.INTERNAL_ERROR, "Unexpected exception", e);
return;
}
}
if (clientKeyExchange != null) {
send(clientKeyExchange);
}
computerMasterSecret();
// fixed DH parameters
if (clientCert != null && !clientKeyExchange.isEmpty()) {
// Certificate verify
String authType = clientKey.getAlgorithm();
DigitalSignature ds = new DigitalSignature(authType);
ds.init(clientKey);
if ("RSA".equals(authType)) {
ds.setMD5(io_stream.getDigestMD5());
ds.setSHA(io_stream.getDigestSHA());
} else if ("DSA".equals(authType)) {
ds.setSHA(io_stream.getDigestSHA());
// The Signature should be empty in case of anonymous signature algorithm:
// } else if ("DH".equals(authType)) {
}
certificateVerify = new CertificateVerify(ds.sign());
send(certificateVerify);
}
sendChangeCipherSpec();
}
Also used :
PrivateKey(java.security.PrivateKey)
DHPublicKey(javax.crypto.interfaces.DHPublicKey)
DHParameterSpec(javax.crypto.spec.DHParameterSpec)
X509ExtendedKeyManager(javax.net.ssl.X509ExtendedKeyManager)
X509KeyManager(javax.net.ssl.X509KeyManager)
DHKey(javax.crypto.interfaces.DHKey)
KeyAgreement(javax.crypto.KeyAgreement)
KeyFactory(java.security.KeyFactory)
KeyPair(java.security.KeyPair)
PublicKey(java.security.PublicKey)
DHPublicKey(javax.crypto.interfaces.DHPublicKey)
KeyPairGenerator(java.security.KeyPairGenerator)
X509Certificate(java.security.cert.X509Certificate)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
X500Principal(javax.security.auth.x500.X500Principal)
Cipher(javax.crypto.Cipher)
DHPublicKeySpec(javax.crypto.spec.DHPublicKeySpec)
PublicKey(java.security.PublicKey)
Key(java.security.Key)
DHKey(javax.crypto.interfaces.DHKey)
PrivateKey(java.security.PrivateKey)
DHPublicKey(javax.crypto.interfaces.DHPublicKey)
Aggregations
DHParameterSpec (javax.crypto.spec.DHParameterSpec)44
BigInteger (java.math.BigInteger)18
KeyPair (java.security.KeyPair)13
KeyPairGenerator (java.security.KeyPairGenerator)13
KeyAgreement (javax.crypto.KeyAgreement)10
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7
SecureRandom (java.security.SecureRandom)7
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)6
InvalidKeyException (java.security.InvalidKeyException)6
KeyFactory (java.security.KeyFactory)6
PublicKey (java.security.PublicKey)6
DHPrivateKey (javax.crypto.interfaces.DHPrivateKey)6
DHPublicKeySpec (javax.crypto.spec.DHPublicKeySpec)6
DHPublicKey (javax.crypto.interfaces.DHPublicKey)5
IOException (java.io.IOException)4
PrivateKey (java.security.PrivateKey)4
CertificateException (java.security.cert.CertificateException)4
X509Certificate (java.security.cert.X509Certificate)4
X509ExtendedKeyManager (javax.net.ssl.X509ExtendedKeyManager)4
X509KeyManager (javax.net.ssl.X509KeyManager)4
