org.bouncycastle.crypto.agreement.ECDHBasicAgreement Java Examples

The following examples show how to use org.bouncycastle.crypto.agreement.ECDHBasicAgreement. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: RLPxConnectionFactory.java    From incubator-tuweni with Apache License 2.0 5 votes vote down vote up 
private static EthereumIESEncryptionEngine forDecryption(
    SecretKey privateKey,
    PublicKey ephemeralPublicKey,
    Bytes iv,
    Bytes commonMac) {
  CipherParameters pubParam = new ECPublicKeyParameters(ephemeralPublicKey.asEcPoint(), CURVE);
  CipherParameters privParam = new ECPrivateKeyParameters(privateKey.bytes().toUnsignedBigInteger(), CURVE);

  BasicAgreement agreement = new ECDHBasicAgreement();
  agreement.init(privParam);
  byte[] agreementValue =
      BigIntegers.asUnsignedByteArray(agreement.getFieldSize(), agreement.calculateAgreement(pubParam));

  IESWithCipherParameters iesWithCipherParameters = new IESWithCipherParameters(new byte[0], new byte[0], 128, 128);

  EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction kdf =
      new EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction(1, new SHA256Digest());
  kdf.init(new KDFParameters(agreementValue, iesWithCipherParameters.getDerivationV()));
  EthereumIESEncryptionEngine engine = new EthereumIESEncryptionEngine(
      agreement,
      kdf,
      new HMac(new SHA256Digest()),
      commonMac.toArrayUnsafe(),
      new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
  ParametersWithIV cipherParameters = new ParametersWithIV(iesWithCipherParameters, iv.toArrayUnsafe());
  engine.init(false, privParam, pubParam, cipherParameters);
  return engine;
}
Example #2
Source File: SECP256K1.java    From incubator-tuweni with Apache License 2.0 5 votes vote down vote up 
/**
 * Calculates an ECDH key agreement between the private and the public key of another party, formatted as a 32 bytes
 * array.
 *
 * @param privKey the private key
 * @param theirPubKey the public key
 * @return shared secret as 32 bytes
 */
public static Bytes32 calculateKeyAgreement(SecretKey privKey, PublicKey theirPubKey) {
  checkArgument(privKey != null, "missing private key");
  checkArgument(theirPubKey != null, "missing remote public key");

  ECPrivateKeyParameters privKeyP =
      new ECPrivateKeyParameters(privKey.bytes().toUnsignedBigInteger(), Parameters.CURVE);
  ECPublicKeyParameters pubKeyP = new ECPublicKeyParameters(theirPubKey.asEcPoint(), Parameters.CURVE);

  ECDHBasicAgreement agreement = new ECDHBasicAgreement();
  agreement.init(privKeyP);
  return UInt256.valueOf(agreement.calculateAgreement(pubKeyP)).toBytes();
}
Example #3
Source File: SECP256K1.java    From besu with Apache License 2.0 5 votes vote down vote up 
/**
 * Calculates an ECDH key agreement between the private and the public key.
 *
 * @param privKey The private key.
 * @param theirPubKey The public key.
 * @return The agreed secret.
 */
public static Bytes32 calculateECDHKeyAgreement(
    final PrivateKey privKey, final PublicKey theirPubKey) {
  checkArgument(privKey != null, "missing private key");
  checkArgument(theirPubKey != null, "missing remote public key");

  final ECPrivateKeyParameters privKeyP = new ECPrivateKeyParameters(privKey.getD(), CURVE);
  final ECPublicKeyParameters pubKeyP = new ECPublicKeyParameters(theirPubKey.asEcPoint(), CURVE);

  final ECDHBasicAgreement agreement = new ECDHBasicAgreement();
  agreement.init(privKeyP);
  final BigInteger agreed = agreement.calculateAgreement(pubKeyP);

  return UInt256.valueOf(agreed).toBytes();
}
Example #4
Source File: RLPxConnectionFactory.java    From cava with Apache License 2.0 5 votes vote down vote up 
private static EthereumIESEncryptionEngine forEncryption(
    PublicKey pubKey,
    Bytes iv,
    Bytes commonMac,
    KeyPair ephemeralKeyPair) {
  CipherParameters pubParam = new ECPublicKeyParameters(pubKey.asEcPoint(), CURVE);
  CipherParameters privParam =
      new ECPrivateKeyParameters(ephemeralKeyPair.secretKey().bytes().toUnsignedBigInteger(), CURVE);

  BasicAgreement agree = new ECDHBasicAgreement();
  agree.init(privParam);
  BigInteger z = agree.calculateAgreement(pubParam);
  byte[] zbytes = BigIntegers.asUnsignedByteArray(agree.getFieldSize(), z);

  IESWithCipherParameters iesWithCipherParameters = new IESWithCipherParameters(new byte[0], new byte[0], 128, 128);

  // Initialise the KDF.
  EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction kdf =
      new EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction(1, new SHA256Digest());
  kdf.init(new KDFParameters(zbytes, iesWithCipherParameters.getDerivationV()));
  EthereumIESEncryptionEngine engine = new EthereumIESEncryptionEngine(
      agree,
      kdf,
      new HMac(new SHA256Digest()),
      commonMac.toArrayUnsafe(),
      new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
  ParametersWithIV cipherParameters = new ParametersWithIV(iesWithCipherParameters, iv.toArrayUnsafe());
  engine.init(true, privParam, pubParam, cipherParameters);

  return engine;
}
Example #5
Source File: RLPxConnectionFactory.java    From cava with Apache License 2.0 5 votes vote down vote up 
private static EthereumIESEncryptionEngine forDecryption(
    SecretKey privateKey,
    PublicKey ephemeralPublicKey,
    Bytes iv,
    Bytes commonMac) {
  CipherParameters pubParam = new ECPublicKeyParameters(ephemeralPublicKey.asEcPoint(), CURVE);
  CipherParameters privParam = new ECPrivateKeyParameters(privateKey.bytes().toUnsignedBigInteger(), CURVE);

  BasicAgreement agreement = new ECDHBasicAgreement();
  agreement.init(privParam);
  byte[] agreementValue =
      BigIntegers.asUnsignedByteArray(agreement.getFieldSize(), agreement.calculateAgreement(pubParam));

  IESWithCipherParameters iesWithCipherParameters = new IESWithCipherParameters(new byte[0], new byte[0], 128, 128);

  EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction kdf =
      new EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction(1, new SHA256Digest());
  kdf.init(new KDFParameters(agreementValue, iesWithCipherParameters.getDerivationV()));
  EthereumIESEncryptionEngine engine = new EthereumIESEncryptionEngine(
      agreement,
      kdf,
      new HMac(new SHA256Digest()),
      commonMac.toArrayUnsafe(),
      new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
  ParametersWithIV cipherParameters = new ParametersWithIV(iesWithCipherParameters, iv.toArrayUnsafe());
  engine.init(false, privParam, pubParam, cipherParameters);
  return engine;
}
Example #6
Source File: SECP256K1.java    From cava with Apache License 2.0 5 votes vote down vote up 
/**
 * Calculates an ECDH key agreement between the private and the public key of another party, formatted as a 32 bytes
 * array.
 *
 * @param privKey the private key
 * @param theirPubKey the public key
 * @return shared secret as 32 bytes
 */
public static Bytes32 calculateKeyAgreement(SecretKey privKey, PublicKey theirPubKey) {
  checkArgument(privKey != null, "missing private key");
  checkArgument(theirPubKey != null, "missing remote public key");

  ECPrivateKeyParameters privKeyP =
      new ECPrivateKeyParameters(privKey.bytes().toUnsignedBigInteger(), Parameters.CURVE);
  ECPublicKeyParameters pubKeyP = new ECPublicKeyParameters(theirPubKey.asEcPoint(), Parameters.CURVE);

  ECDHBasicAgreement agreement = new ECDHBasicAgreement();
  agreement.init(privKeyP);
  return UInt256.valueOf(agreement.calculateAgreement(pubKeyP)).toBytes();
}
Example #7
Source File: ShareSecretTest.java    From nuls-v2 with MIT License 5 votes vote down vote up 
@Test
public void test() {
    ECPrivateKeyParameters privKeyA = new ECPrivateKeyParameters(
            new BigInteger(1, HexUtil.decode("8653b44d4acebec2cd64a015b2e509c70c9049a692e71b08fe7f52cc1fa5595f")), CURVE);
    ECDHBasicAgreement agreement = new ECDHBasicAgreement();
    agreement.init(privKeyA);
    ECPublicKeyParameters pubKeyB = new ECPublicKeyParameters(
            CURVE.getCurve().decodePoint(HexUtil.decode("02fd82681e79fbe293aef1a48c6c9b1252591340bb46de1444ad5de400ff84a433")), CURVE);
    BigInteger result = agreement.calculateAgreement(pubKeyB);
    byte[] sharedSecret = BigIntegers.asUnsignedByteArray(agreement.getFieldSize(), result);
    System.out.println(HexUtil.encode(sharedSecret));
    // sharedSecret hex string: 692c40fdbe605b9966beee978ab290e7a35056dffe9ed092a87e62fce468791d
}
Example #8
Source File: ECIESUtil.java    From nuls-v2 with MIT License 5 votes vote down vote up 
private static byte[] deriveSharedSecret(ECPrivateKeyParameters priKeyParaA, byte[] pubKeyB) {
    ECDHBasicAgreement agreement = new ECDHBasicAgreement();
    agreement.init(priKeyParaA);
    ECPublicKeyParameters pubKeyParaB = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pubKeyB), CURVE);
    BigInteger result = agreement.calculateAgreement(pubKeyParaB);
    byte[] sharedSecret = BigIntegers.asUnsignedByteArray(agreement.getFieldSize(), result);
    return sharedSecret;
}
Example #9
Source File: ECIESUtil.java    From nuls-v2 with MIT License 5 votes vote down vote up 
private static byte[] deriveSharedSecret(byte[] priKeyA, ECPublicKeyParameters pubKeyParaB) {
    ECPrivateKeyParameters priKeyParaA = new ECPrivateKeyParameters(new BigInteger(1, priKeyA), CURVE);
    ECDHBasicAgreement agreement = new ECDHBasicAgreement();
    agreement.init(priKeyParaA);
    BigInteger result = agreement.calculateAgreement(pubKeyParaB);
    byte[] sharedSecret = BigIntegers.asUnsignedByteArray(agreement.getFieldSize(), result);
    return sharedSecret;
}
Example #10
Source File: RLPxConnectionFactory.java    From incubator-tuweni with Apache License 2.0 4 votes vote down vote up 
private static EthereumIESEncryptionEngine forEncryption(
    PublicKey pubKey,
    Bytes iv,
    Bytes commonMac,
    KeyPair ephemeralKeyPair) {
  CipherParameters pubParam = new ECPublicKeyParameters(pubKey.asEcPoint(), CURVE);
  CipherParameters privParam =
      new ECPrivateKeyParameters(ephemeralKeyPair.secretKey().bytes().toUnsignedBigInteger(), CURVE);

  BasicAgreement agree = new ECDHBasicAgreement();
  agree.init(privParam);
  BigInteger z = agree.calculateAgreement(pubParam);
  byte[] zbytes = BigIntegers.asUnsignedByteArray(agree.getFieldSize(), z);

  IESWithCipherParameters iesWithCipherParameters = new IESWithCipherParameters(new byte[0], new byte[0], 128, 128);

  // Initialise the KDF.
  EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction kdf =
      new EthereumIESEncryptionEngine.ECIESHandshakeKDFFunction(1, new SHA256Digest());
  kdf.init(new KDFParameters(zbytes, iesWithCipherParameters.getDerivationV()));
  EthereumIESEncryptionEngine engine = new EthereumIESEncryptionEngine(
      agree,
      kdf,
      new HMac(new SHA256Digest()),
      commonMac.toArrayUnsafe(),
      new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
  ParametersWithIV cipherParameters = new ParametersWithIV(iesWithCipherParameters, iv.toArrayUnsafe());
  engine.init(true, privParam, pubParam, cipherParameters);

  return engine;
}
Example #11
Source File: SecP256K1BlockCipher.java    From nem.core with MIT License 4 votes vote down vote up 
private static IESEngine createIesEngine() {
	return new IESEngine(
			new ECDHBasicAgreement(),
			new KDF2BytesGenerator(new SHA1Digest()),
			new HMac(new SHA1Digest()));
}
Example #12
Source File: CrmfKeyWrapper.java    From xipki with Apache License 2.0 4 votes vote down vote up 
/**
 * Encrypt the key with the following output.
 * <pre>
 * ECIES-Ciphertext-Value ::= SEQUENCE {
 *     ephemeralPublicKey ECPoint,
 *     symmetricCiphertext OCTET STRING,
 *     macTag OCTET STRING
 * }
 *
 * ECPoint ::= OCTET STRING
 * </pre>
 */
@Override
public byte[] generateWrappedKey(byte[] keyToWrap) throws OperatorException {
  try {
    BlockCipher cbcCipher = new CBCBlockCipher(new AESEngine());
    IESCipher cipher = new IESCipher(
        new IESEngine(new ECDHBasicAgreement(),
            new KDF2BytesGenerator(new SHA1Digest()),
            new HMac(new SHA1Digest()),
            new PaddedBufferedBlockCipher(cbcCipher)), 16);

    // According to the ยง3.8 in SEC 1, Version 2.0:
    // "Furthermore here the 16 octet or 128 bit IV for AES in CBC mode should always take
    //  the value 0000000000000000_{16}"
    byte[] iv = new byte[16];
    IESParameterSpec spec = new IESParameterSpec(null, null, aesKeySize, aesKeySize, iv);
    cipher.engineInit(Cipher.ENCRYPT_MODE, publicKey, spec, new SecureRandom());
    byte[] bcResult = cipher.engineDoFinal(keyToWrap, 0, keyToWrap.length);
    // convert the result to ASN.1 format
    ASN1Encodable[] array = new ASN1Encodable[3];
    // ephemeralPublicKey ECPoint
    byte[] ephemeralPublicKey = new byte[ephemeralPublicKeyLen];

    System.arraycopy(bcResult, 0, ephemeralPublicKey, 0, ephemeralPublicKeyLen);
    array[0] = new DEROctetString(ephemeralPublicKey);

    // symmetricCiphertext OCTET STRING
    int symmetricCiphertextLen = bcResult.length - ephemeralPublicKeyLen - macLen;
    byte[] symmetricCiphertext = new byte[symmetricCiphertextLen];
    System.arraycopy(bcResult, ephemeralPublicKeyLen,
        symmetricCiphertext, 0, symmetricCiphertextLen);
    array[1] = new DEROctetString(symmetricCiphertext);

    // macTag OCTET STRING
    byte[] macTag = new byte[macLen];
    System.arraycopy(bcResult, ephemeralPublicKeyLen + symmetricCiphertextLen,
        macTag, 0, macLen);
    array[2] = new DEROctetString(macTag);
    return new DERSequence(array).getEncoded();
  } catch (Exception ex) {
    throw new OperatorException("error while generateWrappedKey", ex);
  }
}