List of usage examples for javax.crypto.spec DHParameterSpec DHParameterSpec
public DHParameterSpec(BigInteger p, BigInteger g)
p and a base generator g. From source file:com.sshtools.j2ssh.transport.kex.DhGroup1Sha1.java
/** * * * @param clientId// w w w. j a v a 2 s.co m * @param serverId * @param clientKexInit * @param serverKexInit * @param prvKey * * @throws IOException * @throws KeyExchangeException */ public void performServerExchange(String clientId, String serverId, byte[] clientKexInit, byte[] serverKexInit, SshPrivateKey prvKey, boolean firstPacketFollows, boolean useFirstPacket) throws IOException { try { this.clientId = clientId; this.serverId = serverId; this.clientKexInit = clientKexInit; this.serverKexInit = serverKexInit; /*int minBits = g.bitLength(); int maxBits = q.bitLength(); Random rnd = ConfigurationLoader.getRND(); // Generate a random bit count for the random x value int genBits = (int) ( ( (maxBits - minBits + 1) * rnd.nextFloat()) + minBits); y = new BigInteger(genBits, rnd);*/ try { DHParameterSpec dhSkipParamSpec = new DHParameterSpec(p, g); dhKeyPairGen.initialize(dhSkipParamSpec); KeyPair dhKeyPair = dhKeyPairGen.generateKeyPair(); dhKeyAgreement.init(dhKeyPair.getPrivate()); y = ((DHPrivateKey) dhKeyPair.getPrivate()).getX(); f = ((DHPublicKey) dhKeyPair.getPublic()).getY(); } catch (InvalidKeyException ex) { throw new AlgorithmOperationException("Failed to generate DH y value"); } catch (InvalidAlgorithmParameterException ex) { throw new AlgorithmOperationException("Failed to generate DH y value"); } // Calculate f //f = g.modPow(y, p); // Wait for the e value and calculate the other parameters int[] messageId = new int[1]; messageId[0] = SshMsgKexDhInit.SSH_MSG_KEXDH_INIT; SshMsgKexDhInit msg = (SshMsgKexDhInit) transport.readMessage(messageId); if (firstPacketFollows && !useFirstPacket) { // Ignore the first packet since the guess was incorrect msg = (SshMsgKexDhInit) transport.readMessage(messageId); } e = msg.getE(); // Calculate k secret = e.modPow(y, p); hostKey = prvKey.getPublicKey().getEncoded(); calculateExchangeHash(); signature = prvKey.generateSignature(exchangeHash); SshMsgKexDhReply reply = new SshMsgKexDhReply(hostKey, f, signature); transport.sendMessage(reply, this); } catch (SshException e) { throw new KeyExchangeException(e.getMessage()); } }
From source file:edu.internet2.middleware.openid.security.SxipAssociationTest.java
/** * Test MAC key encryptiong using a SHA-1 Association and a custom DH parameter spec. * /*from w w w.j a v a 2 s .c o m*/ * @throws NoSuchAlgorithmException if algorithm does not exist * @throws InvalidKeySpecException if unable to build valid key spec */ public void testSHA1CustomSpecMacKeyEncryption() throws NoSuchAlgorithmException, InvalidKeySpecException { AssociationType associationType = AssociationType.HMAC_SHA1; SessionType sessionType = SessionType.DH_SHA1; String encodedDHModulus = "AOjo5JdvdkfwOLsqcp4UdRq+aZ4wMRs6r+ig4zWfuJ3MIqYNyK7cctR7m545UBYtA8cE+8hqpt+Rb5GvOhdGHiU="; String encodedDHGen = "JdoVY9p9P1bpsXLGkvy3N479+M7DeYsturvJWU1+/4IdvQNGLHKRKmtApR/XJ6WHl5wyb318dnzLDnmjb5V/Pg=="; String encodedConsumerPublic = "ANBvmBkoNwYwfvu1GqwNMIFPxGG1v3wHxvYELWR8EhiqPIeUqwQDSdgbcd9P0OfcyM1qW1KtHfjTlLbv2KwOSoc="; String encodedConsumerPrivate = "AOS6qOQYvh09AS/7QwTCKrwqEDOhW7sSCanrAfVKVZbk"; String encodedServerPublic = "AOiOOAzK1/ID0E1d9JN4vh18zmPxS4xmMqS+BJ3HfGiMpD432TaPr4o+My+6Rm6CMNGQoSC3m6jnoNEXyuYaOik="; String encodedServerPrivate = "HgY/9LoktIzuqb66QX8TwqFvCnsaCOzAW71/mt2LRwDbSUD9iJ+nKaRJJ3eHUP0wCtTeUfk7ZH/gj8w8D6cUaQ=="; String encodedMacKey = "rM2ciPQUzgROMangfhVjjlo4+PE="; String encryptedMacKey = "YvfNMe8ZV+i3oXY64bVIVt87/PY="; BigInteger dhModulus = new BigInteger(Base64.decodeBase64(encodedDHModulus.getBytes())); BigInteger dhGen = new BigInteger(Base64.decodeBase64(encodedDHGen.getBytes())); DHParameterSpec parameterSpec = new DHParameterSpec(dhModulus, dhGen); DHPublicKey consumerPublic = EncodingUtils.decodePublicKey(encodedConsumerPublic, parameterSpec); DHPrivateKey consumerPrivate = EncodingUtils.decodePrivateKey(encodedConsumerPrivate, parameterSpec); DHPublicKey serverPublic = EncodingUtils.decodePublicKey(encodedServerPublic, parameterSpec); DHPrivateKey serverPrivate = EncodingUtils.decodePrivateKey(encodedServerPrivate, parameterSpec); SecretKey consumerSharedSecret = AssociationUtils.generateSharedSecret(consumerPrivate, serverPublic, sessionType.getAlgorithm()); SecretKey serverSharedSecret = AssociationUtils.generateSharedSecret(serverPrivate, consumerPublic, sessionType.getAlgorithm()); SecretKey macKey = EncodingUtils.decodeSecretKey(encodedMacKey, associationType.getAlgorithm()); // This test fails for some reason. But given that all the others pass, I'm going to bet that it's an error in // the test data // assertEquals(consumerSharedSecret, serverSharedSecret); // assertEquals(encryptedMacKey, EncodingUtils.encodeSecretKey(AssociationUtils.encryptMacKey(macKey, // consumerSharedSecret))); }
From source file:edu.internet2.middleware.openid.security.SxipAssociationTest.java
/** * Test MAC key encryptiong using a SHA-256 Association and a custom DH parameter spec. * /* www. j a v a 2s .c o m*/ * @throws NoSuchAlgorithmException if algorithm does not exist * @throws InvalidKeySpecException if unable to build valid key spec */ public void testSHA256CustomSpecMacKeyEncryption() throws NoSuchAlgorithmException, InvalidKeySpecException { AssociationType associationType = AssociationType.HMAC_SHA256; SessionType sessionType = SessionType.DH_SHA256; String encodedDHModulus = "AMEG5/lHfCuTTjP70BMaliMQwecFDv7+z+hzLijQJUKPRMlyq9iA0iFDqPNXDXRPQ+C/+t5wU1yBc6IGnaKloYE="; String encodedDHGen = "AKK+qVZ6ct03bZjn16Dbsc2PvETNoECGoC2bc8FfoJVql/FO2IRI8SijHRpW0Urc6ev2reMM0x0bW9X3XJxpml8="; String encodedConsumerPublic = "Q4wf3c1NoyMpNW4d3x/W3WzaVXPOQ1lBurZsQmGOIsFLs5vgMt7cFy2CPKgZgGEQW6wVx3Jqn5J/dslTuk0lww=="; String encodedConsumerPrivate = "ALKnjiNOy9ITFnC74f+LlvUyeO6SGUQa1b0UMurbqaLk"; String encodedServerPublic = "AJqMcNWzLYBTqyNUKPlX6VqN6z+HEijqJGo/OfPOxckctLBPFAnRYaWmJNtcYp1eWqNh9icPui/2GsPIdVFIAOs="; String encodedServerPrivate = "ToSQUCpi8g8X7Z0dBmKuuG7Sb1LkUQ5tFaGphEjf8aGHpXIWTx+HcZrKBqCCwUjxNqMbN3T0xQ0LlLYZHBTUBg=="; String encodedMacKey = "NPw2rQ1P8uWIXjjgbz+KeekQwA0bQsErZIc64lCEWko="; String encryptedMacKey = "qYB77tgVZgkwWz+ufetws+jKt2nVW2ioqCxoKdr8xUk="; BigInteger dhModulus = new BigInteger(Base64.decodeBase64(encodedDHModulus.getBytes())); BigInteger dhGen = new BigInteger(Base64.decodeBase64(encodedDHGen.getBytes())); DHParameterSpec parameterSpec = new DHParameterSpec(dhModulus, dhGen); DHPublicKey consumerPublic = EncodingUtils.decodePublicKey(encodedConsumerPublic, parameterSpec); DHPrivateKey consumerPrivate = EncodingUtils.decodePrivateKey(encodedConsumerPrivate, parameterSpec); DHPublicKey serverPublic = EncodingUtils.decodePublicKey(encodedServerPublic, parameterSpec); DHPrivateKey serverPrivate = EncodingUtils.decodePrivateKey(encodedServerPrivate, parameterSpec); SecretKey consumerSharedSecret = AssociationUtils.generateSharedSecret(consumerPrivate, serverPublic, sessionType.getAlgorithm()); SecretKey serverSharedSecret = AssociationUtils.generateSharedSecret(serverPrivate, consumerPublic, sessionType.getAlgorithm()); SecretKey macKey = EncodingUtils.decodeSecretKey(encodedMacKey, associationType.getAlgorithm()); assertEquals(consumerSharedSecret, serverSharedSecret); assertEquals(encryptedMacKey, EncodingUtils.encodeSecretKey(AssociationUtils.encryptMacKey(macKey, consumerSharedSecret))); }
From source file:org.red5.server.net.rtmp.RTMPHandshake.java
/** * Creates a Diffie-Hellman key pair./*from w ww . j a va 2 s.c om*/ * * @return dh keypair */ protected KeyPair generateKeyPair() { KeyPair keyPair = null; DHParameterSpec keySpec = new DHParameterSpec(DH_MODULUS, DH_BASE); try { KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH"); keyGen.initialize(keySpec); keyPair = keyGen.generateKeyPair(); keyAgreement = KeyAgreement.getInstance("DH"); keyAgreement.init(keyPair.getPrivate()); } catch (Exception e) { log.error("Error generating keypair", e); } return keyPair; }