Example usage for org.bouncycastle.crypto.params DHPublicKeyParameters getParameters

List of usage examples for org.bouncycastle.crypto.params DHPublicKeyParameters getParameters

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.crypto.params.*
  5. DHPublicKeyParameters
  6. getParameters

Introduction

In this page you can find the example usage for org.bouncycastle.crypto.params DHPublicKeyParameters getParameters.

Prototype

public DHParameters getParameters()

Source Link

Usage

From source file:de.rub.nds.tlsattacker.tls.protocol.handshake.DHClientKeyExchangeHandler.java

License:Apache License

@Override
byte[] prepareKeyExchangeMessage() {
    if (tlsContext.getServerDHParameters() == null) {
        // we are probably handling a simple DH ciphersuite, we try to
        // establish server public key parameters from the server
        // certificate message
        Certificate x509Cert = tlsContext.getServerCertificate();

        SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
        DHPublicKeyParameters parameters;
        try {//w ww .  j  a  v  a  2 s  .  c om
            parameters = (DHPublicKeyParameters) PublicKeyFactory.createKey(keyInfo);
            tlsContext.setServerDHParameters(new ServerDHParams(parameters));
        } catch (IOException e) {
            throw new WorkflowExecutionException("Problem in parsing public key parameters from certificate",
                    e);
        }
    }

    // generate client's original dh public and private key, based on the
    // server's public parameters
    AsymmetricCipherKeyPair kp = TlsDHUtils.generateDHKeyPair(new SecureRandom(),
            tlsContext.getServerDHParameters().getPublicKey().getParameters());
    DHPublicKeyParameters dhPublic = (DHPublicKeyParameters) kp.getPublic();
    DHPrivateKeyParameters dhPrivate = (DHPrivateKeyParameters) kp.getPrivate();

    protocolMessage.setG(dhPublic.getParameters().getG());
    protocolMessage.setP(dhPublic.getParameters().getP());
    protocolMessage.setY(dhPublic.getY());
    protocolMessage.setX(dhPrivate.getX());

    // set the modified values of client's private and public parameters
    DHParameters newParams = new DHParameters(protocolMessage.getP().getValue(),
            protocolMessage.getG().getValue());
    // DHPublicKeyParameters newDhPublic = new
    // DHPublicKeyParameters(dhMessage.getY().getValue(), newParams);
    DHPrivateKeyParameters newDhPrivate = new DHPrivateKeyParameters(protocolMessage.getX().getValue(),
            newParams);

    byte[] serializedPublicKey = BigIntegers.asUnsignedByteArray(protocolMessage.getY().getValue());
    protocolMessage.setSerializedPublicKey(serializedPublicKey);
    protocolMessage.setSerializedPublicKeyLength(serializedPublicKey.length);

    byte[] result = ArrayConverter
            .concatenate(
                    ArrayConverter.intToBytes(protocolMessage.getSerializedPublicKeyLength().getValue(),
                            HandshakeByteLength.DH_PARAM_LENGTH),
                    protocolMessage.getSerializedPublicKey().getValue());

    byte[] premasterSecret = TlsDHUtils
            .calculateDHBasicAgreement(tlsContext.getServerDHParameters().getPublicKey(), newDhPrivate);
    protocolMessage.setPremasterSecret(premasterSecret);
    LOGGER.debug("Computed PreMaster Secret: {}",
            ArrayConverter.bytesToHexString(protocolMessage.getPremasterSecret().getValue()));

    byte[] random = tlsContext.getClientServerRandom();

    PRFAlgorithm prfAlgorithm = AlgorithmResolver.getPRFAlgorithm(tlsContext.getProtocolVersion(),
            tlsContext.getSelectedCipherSuite());
    byte[] masterSecret = PseudoRandomFunction.compute(prfAlgorithm,
            protocolMessage.getPremasterSecret().getValue(), PseudoRandomFunction.MASTER_SECRET_LABEL, random,
            HandshakeByteLength.MASTER_SECRET);
    LOGGER.debug("Computed Master Secret: {}", ArrayConverter.bytesToHexString(masterSecret));

    protocolMessage.setMasterSecret(masterSecret);
    tlsContext.setMasterSecret(protocolMessage.getMasterSecret().getValue());

    return result;

}

From source file:de.rub.nds.tlsattacker.tls.protocol.handshake.DHEServerKeyExchangeHandler.java

License:Apache License

 @Override
 public byte[] prepareMessageAction() {
     // To use true DH ephemeral we need to precompute the prime number P(DH modulus)
/**int defaultPrimeProbability = 30;

DHParametersGenerator generator = new DHParametersGenerator();
     //Genration of a higher bit prime number takes too long (512 bits takes 2 seconds)
generator.init(512, defaultPrimeProbability, new SecureRandom());
DHParameters params = generator.generateParameters();*/
        //from   w  ww  . j av  a 2s.  c o m
     //fixed DH modulus P and DH generator G
     byte [] pArray = ArrayConverter
    .hexStringToByteArray("ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc"
                 + "74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d"
                 + "51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24"
                 + "117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83"
                 + "655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca1821"
                 + "7c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf695"
                 + "5817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff");
     byte [] gArray = {0x02}; 
     BigInteger p = new BigInteger(1, pArray);
     BigInteger g = new BigInteger(1, gArray);
     DHParameters params = new DHParameters( p, g );
        
KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), params);
DHKeyPairGenerator keyGen = new DHKeyPairGenerator();
keyGen.init(kgp);
AsymmetricCipherKeyPair serverKeyPair = keyGen.generateKeyPair();
        
DHPublicKeyParameters dhPublic = (DHPublicKeyParameters) serverKeyPair.getPublic();
DHPrivateKeyParameters dhPrivate = (DHPrivateKeyParameters) serverKeyPair.getPrivate();

protocolMessage.setG(dhPublic.getParameters().getG());
protocolMessage.setP(dhPublic.getParameters().getP());
protocolMessage.setPublicKey(dhPublic.getY());
protocolMessage.setPrivateKey(dhPrivate.getX());
tlsContext.setServerDHPrivateKeyParameters(dhPrivate);

byte[] serializedP = BigIntegers.asUnsignedByteArray(protocolMessage.getP().getValue());
protocolMessage.setSerializedP(serializedP);
protocolMessage.setSerializedPLength(serializedP.length);

byte[] serializedG = BigIntegers.asUnsignedByteArray(protocolMessage.getG().getValue());
protocolMessage.setSerializedG(serializedG);
protocolMessage.setSerializedGLength(serializedG.length);

byte[] serializedPublicKey = BigIntegers.asUnsignedByteArray(protocolMessage.getPublicKey().getValue());
protocolMessage.setSerializedPublicKey(serializedPublicKey);
protocolMessage.setSerializedPublicKeyLength(serializedPublicKey.length);

byte[] dhParams = ArrayConverter.concatenate(ArrayConverter.intToBytes(protocolMessage.getSerializedPLength()
   .getValue(), HandshakeByteLength.DH_PARAM_LENGTH), protocolMessage.getSerializedP().getValue(),
   ArrayConverter.intToBytes(protocolMessage.getSerializedGLength().getValue(),
      HandshakeByteLength.DH_PARAM_LENGTH), protocolMessage.getSerializedG().getValue(),
   ArrayConverter.intToBytes(protocolMessage.getSerializedPublicKeyLength().getValue(),
      HandshakeByteLength.DH_PARAM_LENGTH), protocolMessage.getSerializedPublicKey().getValue());
InputStream is = new ByteArrayInputStream(dhParams);

try {
    ServerDHParams publicKeyParameters = ServerDHParams.parse(is);

    tlsContext.setServerDHParameters(publicKeyParameters);

    KeyStore ks = tlsContext.getKeyStore();

    SignatureAndHashAlgorithm selectedSignatureHashAlgo = new SignatureAndHashAlgorithm(SignatureAlgorithm.RSA,
       HashAlgorithm.SHA1);
    protocolMessage.setSignatureAlgorithm(selectedSignatureHashAlgo.getSignatureAlgorithm().getValue());
    protocolMessage.setHashAlgorithm(selectedSignatureHashAlgo.getHashAlgorithm().getValue());

    Key key = ks.getKey(tlsContext.getAlias(), tlsContext.getPassword().toCharArray());

    RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key;

    Signature instance = Signature.getInstance(selectedSignatureHashAlgo.getJavaName());
    instance.initSign(rsaKey);
    LOGGER.debug("SignatureAndHashAlgorithm for ServerKeyExchange message: {}",
       selectedSignatureHashAlgo.getJavaName());

    byte[] toBeSignedBytes = ArrayConverter.concatenate(tlsContext.getClientRandom(), tlsContext
       .getServerRandom(), dhParams);

    instance.update(toBeSignedBytes);
    byte[] signature = instance.sign();
    protocolMessage.setSignature(signature);
    protocolMessage.setSignatureLength(signature.length);

    byte[] result = ArrayConverter.concatenate(dhParams,
       new byte[] { protocolMessage.getHashAlgorithm().getValue(),
          protocolMessage.getSignatureAlgorithm().getValue() }, ArrayConverter.intToBytes(
          protocolMessage.getSignatureLength().getValue(), HandshakeByteLength.SIGNATURE_LENGTH),
       protocolMessage.getSignature().getValue());

    protocolMessage.setLength(result.length);

    long header = (HandshakeMessageType.SERVER_KEY_EXCHANGE.getValue() << 24)
       + protocolMessage.getLength().getValue();

    protocolMessage.setCompleteResultingMessage(ArrayConverter.concatenate(
       ArrayConverter.longToUint32Bytes(header), result));

} catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | InvalidKeyException
   | SignatureException | IOException ex) {
    throw new ConfigurationException(ex.getLocalizedMessage(), ex);
}

return protocolMessage.getCompleteResultingMessage().getValue();
 }