public BigInteger getQ() { Asn1Integer q = getFieldAs(DhParameterField.Q, Asn1Integer.class); return q.getValue(); } }
public void setQ(BigInteger q) { setFieldAsInt(DhParameterField.Q, q); }
/** * Check parameters against a well-known DH group * * @param dh1 The DHParameterSpec * @param dh2 The DhParameter */ public static boolean pkinitCheckDhParams(DHParameterSpec dh1, DhParameter dh2) { if (!dh1.getP().equals(dh2.getP())) { LOG.error("p is not well-known group dhparameter"); return false; } if (!dh1.getG().equals(dh2.getG())) { LOG.error("bad g dhparameter"); return false; } LOG.info("Good dhparams", dh1.getP().bitLength()); return true; }
DhParameter dhParameter = new DhParameter(); dhParameter.setP(type.getP()); dhParameter.setG(type.getG()); dhParameter.setQ(q); dhAlg.setParameters(dhParameter);
/** * KDC check the key parameter * @param pluginOpts The PluginOpts * @param cryptoctx The PkinitPlgCryptoContext * @param dhParameter The DhParameter * @throws KrbException e */ public static void serverCheckDH(PluginOpts pluginOpts, PkinitPlgCryptoContext cryptoctx, DhParameter dhParameter) throws KrbException { /* KDC SHOULD check to see if the key parameters satisfy its policy */ int dhPrimeBits = dhParameter.getP().bitLength(); if (dhPrimeBits < pluginOpts.getDhMinBits()) { String errMsg = "client sent dh params with " + dhPrimeBits + "bits, we require " + pluginOpts.getDhMinBits(); LOG.error(errMsg); throw new KrbException(KrbErrorCode.KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED, errMsg); } if (!checkDHWellknown(cryptoctx, dhParameter, dhPrimeBits)) { throw new KrbException(KrbErrorCode.KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED); } }
/** * Check parameters against a well-known DH group * * @param dh1 The DHParameterSpec * @param dh2 The DhParameter */ public static boolean pkinitCheckDhParams(DHParameterSpec dh1, DhParameter dh2) { if (!dh1.getP().equals(dh2.getP())) { LOG.error("p is not well-known group dhparameter"); return false; } if (!dh1.getG().equals(dh2.getG())) { LOG.error("bad g dhparameter"); return false; } LOG.info("Good dhparams", dh1.getP().bitLength()); return true; }
DhParameter dhParameter = new DhParameter(); dhParameter.setP(type.getP()); dhParameter.setG(type.getG()); dhParameter.setQ(q); dhAlg.setParameters(dhParameter);
/** * KDC check the key parameter * @param pluginOpts The PluginOpts * @param cryptoctx The PkinitPlgCryptoContext * @param dhParameter The DhParameter * @throws KrbException e */ public static void serverCheckDH(PluginOpts pluginOpts, PkinitPlgCryptoContext cryptoctx, DhParameter dhParameter) throws KrbException { /* KDC SHOULD check to see if the key parameters satisfy its policy */ int dhPrimeBits = dhParameter.getP().bitLength(); if (dhPrimeBits < pluginOpts.getDhMinBits()) { String errMsg = "client sent dh params with " + dhPrimeBits + "bits, we require " + pluginOpts.getDhMinBits(); LOG.error(errMsg); throw new KrbException(KrbErrorCode.KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED, errMsg); } if (!checkDHWellknown(cryptoctx, dhParameter, dhPrimeBits)) { throw new KrbException(KrbErrorCode.KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED); } }
public BigInteger getQ() { Asn1Integer q = getFieldAs(DhParameterField.Q, Asn1Integer.class); return q.getValue(); } }
public void setG(BigInteger g) { setFieldAsInt(DhParameterField.G, g); }
public BigInteger getP() { Asn1Integer p = getFieldAs(DhParameterField.P, Asn1Integer.class); return p.getValue(); }
public void setQ(BigInteger q) { setFieldAsInt(DhParameterField.Q, q); }
public BigInteger getG() { Asn1Integer g = getFieldAs(DhParameterField.G, Asn1Integer.class); return g.getValue(); }
public void setP(BigInteger p) { setFieldAsInt(DhParameterField.P, p); }
public BigInteger getG() { Asn1Integer g = getFieldAs(DhParameterField.G, Asn1Integer.class); return g.getValue(); }
public void setP(BigInteger p) { setFieldAsInt(DhParameterField.P, p); }
public BigInteger getP() { Asn1Integer p = getFieldAs(DhParameterField.P, Asn1Integer.class); return p.getValue(); }
public void setG(BigInteger g) { setFieldAsInt(DhParameterField.G, g); }