Trying to write code for DH Group MODP-1024 and other of group 2.
This means P & G are pre-known and not exchanged. The string for the MODP 1024
"P" is as follows:
//defined in RFC 2409
IKE implementations SHOULD support a MODP group with the following
prime and generator. This group is assigned id 2 (two).
The prime is 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
Its hexadecimal value is
FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED
EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381
FFFFFFFF FFFFFFFF
The generator is 2 (decimal)
I started with a code example found at:
https://codereview.stackexchange.com/questions/110952/bouncycastle-diffie-hellman
I morphed a part of the code into:
const int KeyBitSize = 256;
const int NonceBitSize = 128;
const int MacBitSize = 128;
const int DefaultPrimeProbability = 30;
public static void createDHInfo(BigInteger P, BigInteger G, string
Algorithm)
{
DHParameters computedDHParms = new DHParameters(P, G);
IAsymmetricCipherKeyPairGenerator keyGen =
GeneratorUtilities.GetKeyPairGenerator(Algorithm);
DHParametersGenerator dhGenerator = new DHParametersGenerator();
dhGenerator.Init(KeyBitSize, DefaultPrimeProbability, new
SecureRandom());
KeyGenerationParameters KGP = new DHKeyGenerationParameters(new
SecureRandom(), computedDHParms);
keyGen.Init(KGP);
AsymmetricCipherKeyPair keyPair = keyGen.GenerateKeyPair();
IBasicAgreement keyAgree =
AgreementUtilities.GetBasicAgreement(Algorithm);
keyAgree.Init(keyPair.Private);
}
Unfortunately, in the init function:
public void Init(
KeyGenerationParameters parameters)
{
if (parameters is ECKeyGenerationParameters)
{
ECKeyGenerationParameters ecP = (ECKeyGenerationParameters)
parameters;
this.publicKeyParamSet = ecP.PublicKeyParamSet;
this.parameters = ecP.DomainParameters;
}
else
{
DerObjectIdentifier oid;
switch (parameters.Strength)
{
case 192:
oid = X9ObjectIdentifiers.Prime192v1;
break;
case 224:
oid = SecObjectIdentifiers.SecP224r1;
break;
case 239:
oid = X9ObjectIdentifiers.Prime239v1;
break;
case 256:
oid = X9ObjectIdentifiers.Prime256v1;
break;
case 384:
oid = SecObjectIdentifiers.SecP384r1;
break;
case 521:
oid = SecObjectIdentifiers.SecP521r1;
break;
default:
throw new InvalidParameterException("unknown key
size.");
}
It is complaing about the key size with is 1024, in the parameters.
I can find no mechanism of setting the key size in DHParameters as it is read
-only. Any ideas, has anybody else run into this....
Pointers would be appreciated.
The keys I need to generate are really 3DES and AES 128/256.
Thanks in advance for the help.
