public static boolean containsECCCipherSuites(int[] cipherSuites) { for (int i = 0; i < cipherSuites.length; ++i) { if (isECCCipherSuite(cipherSuites[i])) { return true; } } return false; }
protected byte[] computePremasterSecret(ECPublicKeyParameters publicKey, ECPrivateKeyParameters privateKey) { return TlsECCUtils.calculateECDHBasicAgreement(publicKey, privateKey); }
public void processServerKeyExchange(InputStream input) throws IOException { if (!requiresServerKeyExchange()) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } // ECDH_anon is handled here, ECDHE_* in a subclass ECDomainParameters curve_params = TlsECCUtils.readECParameters(namedCurves, clientECPointFormats, input); byte[] point = TlsUtils.readOpaque8(input); this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey( clientECPointFormats, curve_params, point)); }
public void processClientKeyExchange(InputStream input) throws IOException { if (ecAgreePublicKey != null) { // For ecdsa_fixed_ecdh and rsa_fixed_ecdh, the key arrived in the client certificate return; } byte[] point = TlsUtils.readOpaque8(input); ECDomainParameters curve_params = this.ecAgreePrivateKey.getParameters(); this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey( serverECPointFormats, curve_params, point)); }
public static ECPrivateKeyParameters generateEphemeralClientKeyExchange(SecureRandom random, short[] ecPointFormats, ECDomainParameters ecParams, OutputStream output) throws IOException { AsymmetricCipherKeyPair kp = generateECKeyPair(random, ecParams); ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters) kp.getPublic(); writeECPoint(ecPointFormats, ecPublicKey.getQ(), output); return (ECPrivateKeyParameters) kp.getPrivate(); }
checkNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_prime_curves); BigInteger prime_p = readECParameter(input); BigInteger a = readECFieldElement(prime_p.bitLength(), input); BigInteger b = readECFieldElement(prime_p.bitLength(), input); byte[] baseEncoding = TlsUtils.readOpaque8(input); BigInteger order = readECParameter(input); BigInteger cofactor = readECParameter(input); ECCurve curve = new ECCurve.Fp(prime_p, a, b, order, cofactor); ECPoint base = deserializeECPoint(ecPointFormats, curve, baseEncoding); return new ECDomainParameters(curve, base, order, cofactor); checkNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_char2_curves); int k1 = readECExponent(m, input), k2 = -1, k3 = -1; if (basis == ECBasisType.ec_basis_pentanomial) k2 = readECExponent(m, input); k3 = readECExponent(m, input); BigInteger a = readECFieldElement(m, input); BigInteger b = readECFieldElement(m, input); byte[] baseEncoding = TlsUtils.readOpaque8(input); BigInteger order = readECParameter(input); BigInteger cofactor = readECParameter(input); ECPoint base = deserializeECPoint(ecPointFormats, curve, baseEncoding); checkNamedCurve(namedCurves, namedCurve);
writeECParameter(curve.getField().getCharacteristic(), output); writeECExponent(exponents[1], output); writeECExponent(exponents[1], output); writeECExponent(exponents[2], output); writeECExponent(exponents[3], output); writeECFieldElement(curve.getA(), output); writeECFieldElement(curve.getB(), output); TlsUtils.writeOpaque8(serializeECPoint(ecPointFormats, ecParameters.getG()), output); writeECParameter(ecParameters.getN(), output); writeECParameter(ecParameters.getH(), output);
if (this.clientECPointFormats != null && TlsECCUtils.isECCCipherSuite(this.selectedCipherSuite)) ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, }; TlsECCUtils.addSupportedPointFormatsExtension(checkServerExtensions(), serverECPointFormats);
if (TlsECCUtils.containsECCCipherSuites(getCipherSuites())) TlsECCUtils.addSupportedEllipticCurvesExtension(clientExtensions, namedCurves); TlsECCUtils.addSupportedPointFormatsExtension(clientExtensions, clientECPointFormats);
public void processServerExtensions(Hashtable serverExtensions) throws IOException { /* * TlsProtocol implementation validates that any server extensions received correspond to * client extensions sent. By default, we don't send any, and this method is not called. */ if (serverExtensions != null) { /* * RFC 5246 7.4.1.4.1. Servers MUST NOT send this extension. */ checkForUnexpectedServerExtension(serverExtensions, TlsUtils.EXT_signature_algorithms); checkForUnexpectedServerExtension(serverExtensions, TlsECCUtils.EXT_elliptic_curves); if (TlsECCUtils.isECCCipherSuite(this.selectedCipherSuite)) { this.serverECPointFormats = TlsECCUtils.getSupportedPointFormatsExtension(serverExtensions); } else { checkForUnexpectedServerExtension(serverExtensions, TlsECCUtils.EXT_ec_point_formats); } } }
public static byte[] serializeECPublicKey(short[] ecPointFormats, ECPublicKeyParameters keyParameters) throws IOException { return serializeECPoint(ecPointFormats, keyParameters.getQ()); }
public static byte[] serializeEcFieldElement(int fieldSize, BigInteger element) throws IOException { return TlsECCUtils.serializeECFieldElement(fieldSize, element); }
/** * Reads ECC domain parameters from an InputStream, all named formats and * point formats are allowed. Then, it also reads the public key provided in * the input stream. * * @param input * The InputStream to read from * @return ECPublicKeyParameters * @throws IOException * If something goes wrong while reading from the Stream */ public static ECPublicKeyParameters readECParametersWithPublicKey(InputStream input) throws IOException { ECDomainParameters domainParameters = readECParameters(input); // read the length byte for the ec point int length = input.read(); byte[] point = new byte[length]; // read the point bytes input.read(point); short[] pointFormats = convertPointFormats(ECPointFormat.values()); return TlsECCUtils.deserializeECPublicKey(pointFormats, domainParameters, point); }
public static ECDomainParameters readECParameters(NamedGroup namedGroup, ECPointFormat pointFormat, InputStream input) throws IOException { int[] nc = convertNamedCurves(new NamedGroup[] { namedGroup }); short[] pf = convertPointFormats(new ECPointFormat[] { pointFormat }); return TlsECCUtils.readECParameters(nc, pf, input); }
protected void setEcDhParams() { msg.prepareComputations(); generateNamedGroupList(msg); generatePointFormatList(msg); prepareCurveType(msg); prepareNamedGroup(msg); ECDomainParameters ecParams = generateEcParameters(msg); AsymmetricCipherKeyPair keyPair = TlsECCUtils.generateECKeyPair(chooser.getContext().getBadSecureRandom(), ecParams); pubEcParams = (ECPublicKeyParameters) keyPair.getPublic(); privEcParams = (ECPrivateKeyParameters) keyPair.getPrivate(); }
checkNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_prime_curves); BigInteger prime_p = readECParameter(input); BigInteger a = readECFieldElement(prime_p.bitLength(), input); BigInteger b = readECFieldElement(prime_p.bitLength(), input); byte[] baseEncoding = TlsUtils.readOpaque8(input); BigInteger order = readECParameter(input); BigInteger cofactor = readECParameter(input); ECCurve curve = new ECCurve.Fp(prime_p, a, b, order, cofactor); ECPoint base = deserializeECPoint(ecPointFormats, curve, baseEncoding); return new ECDomainParameters(curve, base, order, cofactor); checkNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_char2_curves); int k1 = readECExponent(m, input), k2 = -1, k3 = -1; if (basis == ECBasisType.ec_basis_pentanomial) k2 = readECExponent(m, input); k3 = readECExponent(m, input); BigInteger a = readECFieldElement(m, input); BigInteger b = readECFieldElement(m, input); byte[] baseEncoding = TlsUtils.readOpaque8(input); BigInteger order = readECParameter(input); BigInteger cofactor = readECParameter(input); ECPoint base = deserializeECPoint(ecPointFormats, curve, baseEncoding); checkNamedCurve(namedCurves, namedCurve);
writeECParameter(curve.getField().getCharacteristic(), output); writeECExponent(exponents[1], output); writeECExponent(exponents[1], output); writeECExponent(exponents[2], output); writeECExponent(exponents[3], output); writeECFieldElement(curve.getA(), output); writeECFieldElement(curve.getB(), output); TlsUtils.writeOpaque8(serializeECPoint(ecPointFormats, ecParameters.getG()), output); writeECParameter(ecParameters.getN(), output); writeECParameter(ecParameters.getH(), output);
if (this.clientECPointFormats != null && TlsECCUtils.isECCCipherSuite(this.selectedCipherSuite)) ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, }; TlsECCUtils.addSupportedPointFormatsExtension(checkServerExtensions(), serverECPointFormats);
if (TlsECCUtils.containsECCCipherSuites(getCipherSuites())) TlsECCUtils.addSupportedEllipticCurvesExtension(clientExtensions, namedCurves); TlsECCUtils.addSupportedPointFormatsExtension(clientExtensions, clientECPointFormats);
public void processClientKeyExchange(InputStream input) throws IOException { if (ecAgreePublicKey != null) { // For ecdsa_fixed_ecdh and rsa_fixed_ecdh, the key arrived in the client certificate return; } byte[] point = TlsUtils.readOpaque8(input); ECDomainParameters curve_params = this.ecAgreePrivateKey.getParameters(); this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey( serverECPointFormats, curve_params, point)); }