Mercurial > 510Connectbot

comparison src/ch/ethz/ssh2/crypto/dh/EcDhExchange.java @ 342:175c7d68f3c4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge ganymed into mainline
author Carl Byington <carl@five-ten-sg.com>
date Thu, 31 Jul 2014 16:33:38 -0700
parents 1d400fd78e4a
children
comparison
equal deleted inserted replaced
272:ce2f4e397703 342:175c7d68f3c4
1 /**
2 *
3 */
4 package ch.ethz.ssh2.crypto.dh;
5
6 import java.io.IOException;
7 import java.math.BigInteger;
8 import java.security.InvalidAlgorithmParameterException;
9 import java.security.InvalidKeyException;
10 import java.security.KeyFactory;
11 import java.security.KeyPair;
12 import java.security.KeyPairGenerator;
13 import java.security.NoSuchAlgorithmException;
14 import java.security.interfaces.ECPrivateKey;
15 import java.security.interfaces.ECPublicKey;
16 import java.security.spec.ECParameterSpec;
17 import java.security.spec.ECPoint;
18 import java.security.spec.ECPublicKeySpec;
19 import java.security.spec.InvalidKeySpecException;
20
21 import javax.crypto.KeyAgreement;
22
23 import ch.ethz.ssh2.signature.ECDSASHA2Verify;
24
25 /**
26 * @author kenny
27 *
28 */
29 public class EcDhExchange extends GenericDhExchange {
30
31 /* Client public and private */
32
33 private ECPrivateKey clientPrivate;
34 private ECPublicKey clientPublic;
35
36 /* Server public */
37
38 private ECPublicKey serverPublic;
39 private byte[] f;
40
41 @Override
42 public void init(String name) throws IOException {
43 final ECParameterSpec spec;
44
45 if ("ecdh-sha2-nistp256".equals(name)) {
46 spec = ECDSASHA2Verify.EllipticCurves.nistp256;
47 }
48 else if ("ecdh-sha2-nistp384".equals(name)) {
49 spec = ECDSASHA2Verify.EllipticCurves.nistp384;
50 }
51 else if ("ecdh-sha2-nistp521".equals(name)) {
52 spec = ECDSASHA2Verify.EllipticCurves.nistp521;
53 }
54 else {
55 throw new IllegalArgumentException("Unknown EC curve " + name);
56 }
57
58 KeyPairGenerator kpg;
59
60 try {
61 kpg = KeyPairGenerator.getInstance("EC");
62 kpg.initialize(spec);
63 KeyPair pair = kpg.generateKeyPair();
64 clientPrivate = (ECPrivateKey) pair.getPrivate();
65 clientPublic = (ECPublicKey) pair.getPublic();
66 }
67 catch (NoSuchAlgorithmException e) {
68 throw(IOException) new IOException("No DH keypair generator").initCause(e);
69 }
70 catch (InvalidAlgorithmParameterException e) {
71 throw(IOException) new IOException("Invalid DH parameters").initCause(e);
72 }
73 }
74
75 @Override
76 public byte[] getE() {
77 return ECDSASHA2Verify.encodeECPoint(clientPublic.getW(), clientPublic.getParams()
78 .getCurve());
79 }
80
81 @Override
82 protected byte[] getServerE() {
83 return ECDSASHA2Verify.encodeECPoint(serverPublic.getW(), serverPublic.getParams()
84 .getCurve());
85 }
86
87 @Override
88 public byte[] getF() {
89 return f;
90 }
91
92 @Override
93 public void setF(byte[] f) throws IOException {
94 if (clientPublic == null)
95 throw new IllegalStateException("DhDsaExchange not initialized!");
96
97 final KeyAgreement ka;
98
99 try {
100 KeyFactory kf = KeyFactory.getInstance("EC");
101 ECParameterSpec params = clientPublic.getParams();
102 ECPoint serverPoint = ECDSASHA2Verify.decodeECPoint(f, params.getCurve());
103 this.f = f;
104 this.serverPublic = (ECPublicKey) kf.generatePublic(new ECPublicKeySpec(serverPoint,
105 params));
106 ka = KeyAgreement.getInstance("ECDH");
107 ka.init(clientPrivate);
108 ka.doPhase(serverPublic, true);
109 }
110 catch (NoSuchAlgorithmException e) {
111 throw(IOException) new IOException("No ECDH key agreement method").initCause(e);
112 }
113 catch (InvalidKeyException e) {
114 throw(IOException) new IOException("Invalid ECDH key").initCause(e);
115 }
116 catch (InvalidKeySpecException e) {
117 throw(IOException) new IOException("Invalid ECDH key").initCause(e);
118 }
119
120 sharedSecret = new BigInteger(ka.generateSecret());
121 }
122
123 @Override
124 public String getHashAlgo() {
125 return ECDSASHA2Verify.getDigestAlgorithmForParams(clientPublic.getParams());
126 }
127 }