Implement ECDH for TomCrypt.

1 files changed, 57 insertions, 5 deletions

diff --git a/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java b/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
index d1b1f42..fee0ea8 100644
--- a/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
+++ b/src/cz/crcs/ectester/standalone/libs/jni/NativeKeyAgreementSpi.java
@@ -1,46 +1,98 @@
 package cz.crcs.ectester.standalone.libs.jni;
 
+import cz.crcs.ectester.common.util.ECUtil;
+
 import javax.crypto.KeyAgreementSpi;
 import javax.crypto.SecretKey;
 import javax.crypto.ShortBufferException;
 import java.security.*;
+import java.security.interfaces.ECPrivateKey;
+import java.security.interfaces.ECPublicKey;
 import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.ECParameterSpec;
 
 /**
  * @author Jan Jancar johny@neuromancer.sk
  */
 public abstract class NativeKeyAgreementSpi extends KeyAgreementSpi {
+    private ECPrivateKey privateKey;
+    private ECPublicKey publicKey;
+    private ECParameterSpec params;
+
     @Override
     protected void engineInit(Key key, SecureRandom random) throws InvalidKeyException {
-
+        if (!(key instanceof ECPrivateKey)) {
+            throw new InvalidKeyException
+                    ("Key must be instance of PrivateKey");
+        }
+        privateKey = (ECPrivateKey) key;
+        this.params = privateKey.getParams();
     }
 
     @Override
     protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
-
+        if (!(params instanceof ECParameterSpec)) {
+            throw new InvalidAlgorithmParameterException();
+        }
+        engineInit(key, random);
+        this.params = (ECParameterSpec) params;
     }
 
     @Override
     protected Key engineDoPhase(Key key, boolean lastPhase) throws InvalidKeyException, IllegalStateException {
+        if (privateKey == null) {
+            throw new IllegalStateException("Not initialized");
+        }
+        if (publicKey != null) {
+            throw new IllegalStateException("Phase already executed");
+        }
+        if (!lastPhase) {
+            throw new IllegalStateException
+                    ("Only two party agreement supported, lastPhase must be true");
+        }
+        if (!(key instanceof ECPublicKey)) {
+            throw new InvalidKeyException
+                    ("Key must be a PublicKey with algorithm EC");
+        }
+        ECParameterSpec publicParams = ((ECPublicKey) key).getParams();
+        if (!(params.getCurve().equals(publicParams.getCurve()) &&
+                params.getGenerator().equals(publicParams.getGenerator()) &&
+                params.getOrder().equals(publicParams.getOrder()) &&
+                params.getCofactor() == publicParams.getCofactor())) {
+            throw new IllegalStateException("Mismatched parameters.");
+        }
+        publicKey = (ECPublicKey) key;
         return null;
     }
 
     @Override
     protected byte[] engineGenerateSecret() throws IllegalStateException {
-        return new byte[0];
+        byte[] pubkey = ECUtil.toX962Uncompressed(publicKey.getW());
+        byte[] privkey = privateKey.getS().toByteArray();
+        return generateSecret(pubkey, privkey, params);
     }
 
     @Override
     protected int engineGenerateSecret(byte[] sharedSecret, int offset) throws IllegalStateException, ShortBufferException {
-        return 0;
+        byte[] secret = engineGenerateSecret();
+        if (sharedSecret.length < offset + secret.length) {
+            throw new ShortBufferException();
+        }
+        System.arraycopy(secret, 0, sharedSecret, offset, secret.length);
+        return secret.length;
     }
 
     @Override
     protected SecretKey engineGenerateSecret(String algorithm) throws IllegalStateException, NoSuchAlgorithmException, InvalidKeyException {
-        return null;
+        throw new NoSuchAlgorithmException(algorithm);
     }
 
+    abstract byte[] generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params);
+
+
     public static class TomCrypt extends NativeKeyAgreementSpi {
 
+        @Override
+        native byte[] generateSecret(byte[] pubkey, byte[] privkey, ECParameterSpec params);
     }
 }