Java Diffie-Hellman密钥交换

时间:2014-03-18 12:32:33

标签: java bouncycastle diffie-hellman

我正在尝试执行代码来执行Diffie-Hellman密钥交换。我从在线示例中获取代码(忘记现在的位置)。 我不得不导入bouncycastle.jar,我假设它一直在执行。

stacktrace screenshot

我的代码:

package testproject;

import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.KeyAgreement;
import javax.crypto.spec.DHParameterSpec;

public class KeyGen {

  private static BigInteger g512 = new BigInteger("1234567890", 16);
  //generates a random, non-negative integer for Base

  private static BigInteger p512 = new BigInteger("1234567890", 16);
  //generates a random, non-negative integer for Prime

  public static void main(String[] args) throws Exception {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    DHParameterSpec dhParams = new DHParameterSpec(p512, g512);
    //Specify parameters to use for the algorithm
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH", "BC");
    //Define specific algorithm to use "diffie-hellman", with provider "bc"

    keyGen.initialize(dhParams, new SecureRandom());
    //initialize with parameters & secure random seed

    KeyAgreement aKeyAgree = KeyAgreement.getInstance("DH", "BC");
    //define algorithm for A's key agreement
    KeyPair aPair = keyGen.generateKeyPair();
    //generate keyPair for A

    KeyAgreement bKeyAgree = KeyAgreement.getInstance("DH", "BC");
    //define algorithm for B's key agreement
    KeyPair bPair = keyGen.generateKeyPair();
    //generate keyPair for B

    aKeyAgree.init(aPair.getPrivate());
    //initialize A's keyAgreement with A's private key
    bKeyAgree.init(bPair.getPrivate());
    //initialize B's keyAgreement with B's private key

    aKeyAgree.doPhase(bPair.getPublic(), true);
    //do last phase of A's keyAgreement with B's public key
    bKeyAgree.doPhase(aPair.getPublic(), true);
    //do last phase of B's keyAgreement with A's public key

    MessageDigest hash = MessageDigest.getInstance("SHA1", "BC");

    System.out.println(new String(hash.digest(aKeyAgree.generateSecret())));
    //generate secret key for A, hash it.
    System.out.println(new String(hash.digest(bKeyAgree.generateSecret())));
    //generate secret key for B, hash it.
  }
}

这是引起问题的一行:

KeyPair aPair = keyGen.generateKeyPair();

我对错误是什么感到困惑,因为我发现每个方法都会返回“未知来源”。

任何关于此的灯都会非常感激。

续(编辑): Java - Diffie-Hellman Encryption - Wrong Output

3 个答案:

答案 0 :(得分:6)

您已经选择了bouncycastle版本。但是为了学习目的,我实现了一个helloworld版本。对于那些只想在没有依赖关系的纯Java中使用Diffie-Hellman的人来说,这可能会有所帮助:

URL providerUrl = Thread.currentThread().getContextClassLoader()
    .getResource(
    "org/hibernate/cfg/annotations/reflection/JPAMetadataProvider.class");
System.out.println(providerUrl);

https://github.com/firatkucuk/diffie-hellman-helloworld

答案 1 :(得分:4)

这个评论完全错了:

private static BigInteger g512 = new BigInteger("1234567890", 16);
//generates a random, non-negative integer for Base

您所做的只是每次创建号码0x1234567890。它没有任何随意性。

看起来你是从http://www.java2s.com/Tutorial/Java/0490__Security/DiffieHellmanKeyAgreement.htm复制的。当this answer同意时,那里的代码没有意义。

您可以在该网站上试用the actual key exchange example

答案 2 :(得分:0)

而不是代码:

private static BigInteger g512 = new BigInteger("1234567890", 16);
   //generates a random, non-negative integer for Base

   private static BigInteger p512 = new BigInteger("1234567890", 16);
   //generates a random, non-negative integer for Prime

你需要使用:

// The base used with the SKIP 1024 bit modulus
private static final BigInteger g512 = BigInteger.valueOf(2);

// The 1024 bit Diffie-Hellman modulus values used by SKIP
private static final byte skip1024ModulusBytes[] = { (byte) 0xF4,
    (byte) 0x88, (byte) 0xFD, (byte) 0x58, (byte) 0x4E, (byte) 0x49,
    (byte) 0xDB, (byte) 0xCD, (byte) 0x20, (byte) 0xB4, (byte) 0x9D,
    (byte) 0xE4, (byte) 0x91, (byte) 0x07, (byte) 0x36, (byte) 0x6B,
    (byte) 0x33, (byte) 0x6C, (byte) 0x38, (byte) 0x0D, (byte) 0x45,
    (byte) 0x1D, (byte) 0x0F, (byte) 0x7C, (byte) 0x88, (byte) 0xB3,
    (byte) 0x1C, (byte) 0x7C, (byte) 0x5B, (byte) 0x2D, (byte) 0x8E,
    (byte) 0xF6, (byte) 0xF3, (byte) 0xC9, (byte) 0x23, (byte) 0xC0,
    (byte) 0x43, (byte) 0xF0, (byte) 0xA5, (byte) 0x5B, (byte) 0x18,
    (byte) 0x8D, (byte) 0x8E, (byte) 0xBB, (byte) 0x55, (byte) 0x8C,
    (byte) 0xB8, (byte) 0x5D, (byte) 0x38, (byte) 0xD3, (byte) 0x34,
    (byte) 0xFD, (byte) 0x7C, (byte) 0x17, (byte) 0x57, (byte) 0x43,
    (byte) 0xA3, (byte) 0x1D, (byte) 0x18, (byte) 0x6C, (byte) 0xDE,
    (byte) 0x33, (byte) 0x21, (byte) 0x2C, (byte) 0xB5, (byte) 0x2A,
    (byte) 0xFF, (byte) 0x3C, (byte) 0xE1, (byte) 0xB1, (byte) 0x29,
    (byte) 0x40, (byte) 0x18, (byte) 0x11, (byte) 0x8D, (byte) 0x7C,
    (byte) 0x84, (byte) 0xA7, (byte) 0x0A, (byte) 0x72, (byte) 0xD6,
    (byte) 0x86, (byte) 0xC4, (byte) 0x03, (byte) 0x19, (byte) 0xC8,
    (byte) 0x07, (byte) 0x29, (byte) 0x7A, (byte) 0xCA, (byte) 0x95,
    (byte) 0x0C, (byte) 0xD9, (byte) 0x96, (byte) 0x9F, (byte) 0xAB,
    (byte) 0xD0, (byte) 0x0A, (byte) 0x50, (byte) 0x9B, (byte) 0x02,
    (byte) 0x46, (byte) 0xD3, (byte) 0x08, (byte) 0x3D, (byte) 0x66,
    (byte) 0xA4, (byte) 0x5D, (byte) 0x41, (byte) 0x9F, (byte) 0x9C,
    (byte) 0x7C, (byte) 0xBD, (byte) 0x89, (byte) 0x4B, (byte) 0x22,
    (byte) 0x19, (byte) 0x26, (byte) 0xBA, (byte) 0xAB, (byte) 0xA2,
    (byte) 0x5E, (byte) 0xC3, (byte) 0x55, (byte) 0xE9, (byte) 0x2F,
    (byte) 0x78, (byte) 0xC7 };

// The SKIP 1024 bit modulus
private static final BigInteger p512 = new BigInteger(1, skip1024ModulusBytes);
相关问题
最新问题