// Key factory bool OSSLDH::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* rng /* = NULL */) { // Check parameters if ((ppKeyPair == NULL) || (parameters == NULL)) { return false; } if (!parameters->areOfType(DHParameters::type)) { ERROR_MSG("Invalid parameters supplied for DH key generation"); return false; } DHParameters* params = (DHParameters*) parameters; // Generate the key-pair DH* dh = DH_new(); if (dh == NULL) { ERROR_MSG("Failed to instantiate OpenSSL DH object"); return false; } if (dh->p != NULL) BN_clear_free(dh->p); dh->p = OSSL::byteString2bn(params->getP()); if (dh->g != NULL) BN_clear_free(dh->g); dh->g = OSSL::byteString2bn(params->getG()); if (DH_generate_key(dh) != 1) { ERROR_MSG("DH key generation failed (0x%08X)", ERR_get_error()); DH_free(dh); return false; } // Create an asymmetric key-pair object to return OSSLDHKeyPair* kp = new OSSLDHKeyPair(); ((OSSLDHPublicKey*) kp->getPublicKey())->setFromOSSL(dh); ((OSSLDHPrivateKey*) kp->getPrivateKey())->setFromOSSL(dh); *ppKeyPair = kp; // Release the key DH_free(dh); return true; }
// Key factory bool BotanDH::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* /*rng = NULL */) { // Check parameters if ((ppKeyPair == NULL) || (parameters == NULL)) { return false; } if (!parameters->areOfType(DHParameters::type)) { ERROR_MSG("Invalid parameters supplied for DH key generation"); return false; } DHParameters* params = (DHParameters*) parameters; // Generate the key-pair BotanDH_PrivateKey* dh = NULL; try { BotanRNG* rng = (BotanRNG*)BotanCryptoFactory::i()->getRNG(); // PKCS#3: 2^(l-1) <= x < 2^l Botan::BigInt x; if (params->getXBitLength() > 0) { x.randomize(*rng->getRNG(), params->getXBitLength()); } dh = new BotanDH_PrivateKey(*rng->getRNG(), Botan::DL_Group(BotanUtil::byteString2bigInt(params->getP()), BotanUtil::byteString2bigInt(params->getG())), x); } catch (std::exception& e) { ERROR_MSG("DH key generation failed with %s", e.what()); return false; } // Create an asymmetric key-pair object to return BotanDHKeyPair* kp = new BotanDHKeyPair(); ((BotanDHPublicKey*) kp->getPublicKey())->setFromBotan(dh); ((BotanDHPrivateKey*) kp->getPrivateKey())->setFromBotan(dh); *ppKeyPair = kp; // Release the key delete dh; return true; }
// Key factory bool BotanDH::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* rng /* = NULL */) { // Check parameters if ((ppKeyPair == NULL) || (parameters == NULL)) { return false; } if (!parameters->areOfType(DHParameters::type)) { ERROR_MSG("Invalid parameters supplied for DH key generation"); return false; } DHParameters* params = (DHParameters*) parameters; // Generate the key-pair Botan::DH_PrivateKey* dh = NULL; try { BotanRNG* rng = (BotanRNG*)BotanCryptoFactory::i()->getRNG(); dh = new Botan::DH_PrivateKey(*rng->getRNG(), Botan::DL_Group(BotanUtil::byteString2bigInt(params->getP()), BotanUtil::byteString2bigInt(params->getG()))); } catch (...) { ERROR_MSG("DH key generation failed"); return false; } // Create an asymmetric key-pair object to return BotanDHKeyPair* kp = new BotanDHKeyPair(); ((BotanDHPublicKey*) kp->getPublicKey())->setFromBotan(dh); ((BotanDHPrivateKey*) kp->getPrivateKey())->setFromBotan(dh); *ppKeyPair = kp; // Release the key delete dh; return true; }
void DHTests::testKeyGeneration() { AsymmetricKeyPair* kp; // Key sizes to test std::vector<size_t> keySizes; #ifdef WITH_FIPS keySizes.push_back(1024); #else keySizes.push_back(512); //keySizes.push_back(768); //keySizes.push_back(1024); #endif for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { // Generate parameters DHParameters* p; AsymmetricParameters** ap = (AsymmetricParameters**) &p; CPPUNIT_ASSERT(dh->generateParameters(ap, (void*) *k)); // Generate key-pair CPPUNIT_ASSERT(dh->generateKeyPair(&kp, p)); DHPublicKey* pub = (DHPublicKey*) kp->getPublicKey(); DHPrivateKey* priv = (DHPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getBitLength() == *k); CPPUNIT_ASSERT(priv->getBitLength() == *k); dh->recycleKeyPair(kp); // Generate key-pair with a fixed private value length p->setXBitLength(128); CPPUNIT_ASSERT(dh->generateKeyPair(&kp, p)); priv = (DHPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv->getX().bits() == 128); dh->recycleParameters(p); dh->recycleKeyPair(kp); } }
bool BotanDH::generateParameters(AsymmetricParameters** ppParams, void* parameters /* = NULL */, RNG* rng /* = NULL*/) { if ((ppParams == NULL) || (parameters == NULL)) { return false; } size_t bitLen = (size_t) parameters; if (bitLen < getMinKeySize() || bitLen > getMaxKeySize()) { ERROR_MSG("This DH key size is not supported"); return false; } Botan::DL_Group* group = NULL; try { BotanRNG* brng = (BotanRNG*)BotanCryptoFactory::i()->getRNG(); group = new Botan::DL_Group(*brng->getRNG(), Botan::DL_Group::Strong, bitLen); } catch (...) { ERROR_MSG("Failed to generate %d bit DH parameters", bitLen); return false; } // Store the DH parameters DHParameters* params = new DHParameters(); ByteString p = BotanUtil::bigInt2ByteString(group->get_p()); params->setP(p); ByteString g = BotanUtil::bigInt2ByteString(group->get_g()); params->setG(g); *ppParams = params; delete group; return true; }
bool BotanDH::reconstructParameters(AsymmetricParameters** ppParams, ByteString& serialisedData) { // Check input parameters if ((ppParams == NULL) || (serialisedData.size() == 0)) { return false; } DHParameters* params = new DHParameters(); if (!params->deserialise(serialisedData)) { delete params; return false; } *ppParams = params; return true; }
bool OSSLDH::generateParameters(AsymmetricParameters** ppParams, void* parameters /* = NULL */, RNG* rng /* = NULL*/) { if ((ppParams == NULL) || (parameters == NULL)) { return false; } size_t bitLen = (size_t) parameters; if (bitLen < getMinKeySize() || bitLen > getMaxKeySize()) { ERROR_MSG("This DH key size is not supported"); return false; } DH* dh = DH_generate_parameters(bitLen, 2, NULL, NULL); if (dh == NULL) { ERROR_MSG("Failed to generate %d bit DH parameters", bitLen); return false; } // Store the DH parameters DHParameters* params = new DHParameters(); ByteString p = OSSL::bn2ByteString(dh->p); params->setP(p); ByteString g = OSSL::bn2ByteString(dh->g); params->setG(g); *ppParams = params; DH_free(dh); return true; }
void DHTests::testSerialisation() { // Generate 1024-bit parameters for testing DHParameters* p; AsymmetricParameters** ap = (AsymmetricParameters**) &p; //CPPUNIT_ASSERT(dh->generateParameters(ap, (void*) 1024)); // changed for 512-bit for speed... #ifndef WITH_BOTAN CPPUNIT_ASSERT(dh->generateParameters(ap, (void*) 1024)); #else CPPUNIT_ASSERT(dh->generateParameters(ap, (void*) 512)); #endif // Set a fixed private value length p->setXBitLength(128); // Serialise the parameters ByteString serialisedParams = p->serialise(); // Deserialise the parameters AsymmetricParameters* dP; CPPUNIT_ASSERT(dh->reconstructParameters(&dP, serialisedParams)); CPPUNIT_ASSERT(dP->areOfType(DHParameters::type)); DHParameters* ddP = (DHParameters*) dP; CPPUNIT_ASSERT(p->getP() == ddP->getP()); CPPUNIT_ASSERT(p->getG() == ddP->getG()); CPPUNIT_ASSERT(p->getXBitLength() == ddP->getXBitLength()); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(dh->generateKeyPair(&kp, dP)); // Serialise the key-pair ByteString serialisedKP = kp->serialise(); // Deserialise the key-pair AsymmetricKeyPair* dKP; CPPUNIT_ASSERT(dh->reconstructKeyPair(&dKP, serialisedKP)); // Check the deserialised key-pair DHPrivateKey* privKey = (DHPrivateKey*) kp->getPrivateKey(); DHPublicKey* pubKey = (DHPublicKey*) kp->getPublicKey(); DHPrivateKey* dPrivKey = (DHPrivateKey*) dKP->getPrivateKey(); DHPublicKey* dPubKey = (DHPublicKey*) dKP->getPublicKey(); CPPUNIT_ASSERT(privKey->getP() == dPrivKey->getP()); CPPUNIT_ASSERT(privKey->getG() == dPrivKey->getG()); CPPUNIT_ASSERT(privKey->getX() == dPrivKey->getX()); CPPUNIT_ASSERT(pubKey->getP() == dPubKey->getP()); CPPUNIT_ASSERT(pubKey->getG() == dPubKey->getG()); CPPUNIT_ASSERT(pubKey->getY() == dPubKey->getY()); dh->recycleParameters(p); dh->recycleParameters(dP); dh->recycleKeyPair(kp); dh->recycleKeyPair(dKP); }