| Frames | No Frames |
1: /* ElGamalKeyAgreement.java -- 2: Copyright (C) 2003, 2006 Free Software Foundation, Inc. 3: 4: This file is a part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2 of the License, or (at 9: your option) any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; if not, write to the Free Software 18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 19: USA 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package gnu.javax.crypto.key.dh; 40: 41: import gnu.java.security.Registry; 42: import gnu.java.security.util.Util; 43: 44: import gnu.javax.crypto.key.BaseKeyAgreementParty; 45: import gnu.javax.crypto.key.KeyAgreementException; 46: 47: import java.math.BigInteger; 48: 49: /** 50: * The ElGamal key agreement, also known as the half-certified Diffie-Hellman 51: * key agreement, is described in the Handbook of Applied Cryptography [HAC] as 52: * follows: 53: * <ul> 54: * <li>A sends to B a single message allowing one-pass key agreement.</li> 55: * <li>A obtains an authentic copy of B's public key (p, g, yb), where yb = 56: * g**xb.</li> 57: * <li>A chooses a random integer x, 1 <= x <= p-2, and sends B the 58: * message g**x. A computes the shared secret key K as yb**x.</li> 59: * <li>B computes the same key K on receipt of the previous message as 60: * (g**x)**xb.</li> 61: * </ul> 62: * <p> 63: * RFC-2631 describes an <i>Ephemeral-Static Mode</i> of operations with 64: * Diffie-Hellman keypairs as follows: 65: * <pre> 66: * "In Ephemeral-Static mode, the recipient has a static (and certified) 67: * key pair, but the sender generates a new key pair for each message 68: * and sends it using the originatorKey production. If the sender's key 69: * is freshly generated for each message, the shared secret ZZ will be 70: * similarly different for each message and partyAInfo MAY be omitted, 71: * since it serves merely to decouple multiple KEKs generated by the 72: * same set of pairwise keys. If, however, the same ephemeral sender key 73: * is used for multiple messages (e.g. it is cached as a performance 74: * optimization) then a separate partyAInfo MUST be used for each 75: * message. All implementations of this standard MUST implement 76: * Ephemeral-Static mode." 77: * </pre> 78: * <p> 79: * Reference: 80: * <ol> 81: * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key 82: * Agreement Method</a><br> 83: * Eric Rescorla.</li> 84: * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of 85: * Applied Cryptography.<br> 86: * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br> 87: * Menezes, A., van Oorschot, P. and S. Vanstone.</li> 88: * </ol> 89: */ 90: public abstract class ElGamalKeyAgreement 91: extends BaseKeyAgreementParty 92: { 93: public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.elgamal.ka.prng"; 94: public static final String KA_ELGAMAL_RECIPIENT_PRIVATE_KEY = 95: "gnu.crypto.elgamal.ka.recipient.private.key"; 96: public static final String KA_ELGAMAL_RECIPIENT_PUBLIC_KEY = 97: "gnu.crypto.elgamal.ka.recipient.public.key"; 98: /** The shared secret key. */ 99: protected BigInteger ZZ; 100: 101: protected ElGamalKeyAgreement() 102: { 103: super(Registry.ELGAMAL_KA); 104: } 105: 106: protected byte[] engineSharedSecret() throws KeyAgreementException 107: { 108: return Util.trim(ZZ); 109: } 110: 111: protected void engineReset() 112: { 113: ZZ = null; 114: } 115: }