|
public GenerateParameters ( ) : |
||
| return | ||
public DsaParameters GenerateParameters()
{
byte[] seed = new byte[20];
byte[] part1 = new byte[20];
byte[] part2 = new byte[20];
byte[] u = new byte[20];
Sha1Digest sha1 = new Sha1Digest();
int n = (size - 1) / 160;
byte[] w = new byte[size / 8];
BigInteger q = null, p = null, g = null;
int counter = 0;
bool primesFound = false;
while (!primesFound)
{
do
{
random.NextBytes(seed);
sha1.BlockUpdate(seed, 0, seed.Length);
sha1.DoFinal(part1, 0);
Array.Copy(seed, 0, part2, 0, seed.Length);
Add(part2, seed, 1);
sha1.BlockUpdate(part2, 0, part2.Length);
sha1.DoFinal(part2, 0);
for (int i = 0; i != u.Length; i++)
{
u[i] = (byte)(part1[i] ^ part2[i]);
}
u[0] |= (byte)0x80;
u[19] |= (byte)0x01;
q = new BigInteger(1, u);
}
while (!q.IsProbablePrime(certainty));
counter = 0;
int offset = 2;
while (counter < 4096)
{
for (int k = 0; k < n; k++)
{
Add(part1, seed, offset + k);
sha1.BlockUpdate(part1, 0, part1.Length);
sha1.DoFinal(part1, 0);
Array.Copy(part1, 0, w, w.Length - (k + 1) * part1.Length, part1.Length);
}
Add(part1, seed, offset + n);
sha1.BlockUpdate(part1, 0, part1.Length);
sha1.DoFinal(part1, 0);
Array.Copy(part1, part1.Length - ((w.Length - (n) * part1.Length)), w, 0, w.Length - n * part1.Length);
w[0] |= (byte)0x80;
BigInteger x = new BigInteger(1, w);
BigInteger c = x.Mod(q.ShiftLeft(1));
p = x.Subtract(c.Subtract(BigInteger.One));
if (p.TestBit(size - 1))
{
if (p.IsProbablePrime(certainty))
{
primesFound = true;
break;
}
}
counter += 1;
offset += n + 1;
}
}
//
// calculate the generator g
//
BigInteger pMinusOneOverQ = p.Subtract(BigInteger.One).Divide(q);
for (;;)
{
BigInteger h = new BigInteger(size, random);
if (h.CompareTo(BigInteger.One) <= 0 || h.CompareTo(p.Subtract(BigInteger.One)) >= 0)
{
continue;
}
g = h.ModPow(pMinusOneOverQ, p);
if (g.CompareTo(BigInteger.One) <= 0)
{
continue;
}
break;
}
return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter));
}
public void TestNONEwithDSA()
{
byte[] dummySha1 = Hex.Decode("01020304050607080910111213141516");
SecureRandom rand = new SecureRandom();
DsaParametersGenerator pGen = new DsaParametersGenerator();
pGen.Init(512, 80, rand);
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters()));
IAsymmetricCipherKeyPair kp = g.GenerateKeyPair();
ISigner sig = SignerUtilities.GetSigner("NONEwithDSA");
sig.Init(true, kp.Private);
sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
byte[] sigBytes = sig.GenerateSignature();
sig.Init(false, kp.Public);
sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
sig.VerifySignature(sigBytes);
// reset test
sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
if (!sig.VerifySignature(sigBytes))
{
Fail("NONEwithDSA failed to reset");
}
// lightweight test
DsaSigner signer = new DsaSigner();
Asn1Sequence derSig = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(sigBytes));
signer.Init(false, kp.Public);
if (!signer.VerifySignature(dummySha1,
DerInteger.GetInstance(derSig[0]).Value, DerInteger.GetInstance(derSig[1]).Value))
{
Fail("NONEwithDSA not really NONE!");
}
}
