public SignatureManager(DSASigner dsa_signer)
{
if (dsa_signer == null)
{
throw new ArgumentException("SignatureManager: DSA signer object cannot be null");
}
_dsa_signer = dsa_signer;
_dsa_public_key_bytes_encoded = new byte[_dsa_signer.GetPublicKeyEncodedMpi().Length];
Buffer.BlockCopy(_dsa_signer.GetPublicKeyEncodedMpi(), 0, _dsa_public_key_bytes_encoded, 0, _dsa_public_key_bytes_encoded.Length);
}
public static OTRKeyRing createOTRKeyRing(string sID)
{
OTRKeyRing otrKeyring = new OTRKeyRing ();
//create private DSA Key parameters
DSASigner dsaSigner = new DSASigner ();
otrKeyring.m_PrivateKey = dsaSigner.GetDSAKeyParameters ();
//create fingerprint
OTRFingerprint fingerprint = new OTRFingerprint ();
fingerprint.m_sOwnerId = sID;
fingerprint.m_sFingerprint = dsaSigner.GetDSAPublicKeyFingerPrintHex ();
//add fingerprint to keyring
otrKeyring.m_FingerprintList.Add(fingerprint);
return otrKeyring;
}
private static bool IsEncryptedSignatureVerified(AKEKeys ake_keys, DHKeyPair key_pair, byte[] their_public_key_mpi_byte_array,
byte[] encryted_byte_array, UInt64 counter, bool is_top_half_keys, ref UInt32 public_key_id, ref byte[] dsa_public_key_byte_array_encoded)
{
int _next_start_index = -1;
bool _is_verified = false;
byte[] _decrypted_x_data_array = null;
byte[] _hashed_m_data_signature = null;
byte[] _dh_kid_bytes = null;
byte[] _temp_byte_array = null;
byte[] _dsa_public_key_type = null;
byte[] _dsa_public_key_param_p_mpi = null;
byte[] _dsa_public_key_param_q_mpi = null;
byte[] _dsa_public_key_param_g_mpi = null;
byte[] _dsa_public_key_param_y_mpi = null;
try
{
/*get encrypted signature bytes*/
_next_start_index = 0;
_temp_byte_array = null;
_next_start_index = Utility.DecodeDataFromBytesBE(encryted_byte_array, _next_start_index, ref _temp_byte_array);
if (_temp_byte_array == null || _temp_byte_array.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded Encrypted OTR Data type byte array cannot be null/empty");
}
if (is_top_half_keys == true)
{
_decrypted_x_data_array = Utility.AESGetDecrypt(ake_keys.GetAESKey1(), _temp_byte_array, counter);
}
else
{
_decrypted_x_data_array = Utility.AESGetDecrypt(ake_keys.GetAESKey2(), _temp_byte_array, counter);
}
if (_decrypted_x_data_array == null || _decrypted_x_data_array.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decrypted byte array cannot be null/empty");
}
/*get public key parameter bytes*/
_next_start_index = 0;
_temp_byte_array = null;
//get public key type
int _pub_key_start_index = _next_start_index;
_next_start_index = Utility.DecodeShortFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_type);
if (_dsa_public_key_type == null || _dsa_public_key_type.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded DSA public key type byte array cannot be null/empty");
}
if (BitConverter.ToUInt16(_dsa_public_key_type, 0) != OTRConstants.DSA_PUB_KEY_TYPE)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The DSA public key type is invalid");
}
//get MPI encoded DSA public key parameters
_next_start_index = Utility.DecoupleMpiFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_param_p_mpi);
_next_start_index = Utility.DecoupleMpiFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_param_q_mpi);
_next_start_index = Utility.DecoupleMpiFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_param_g_mpi);
_next_start_index = Utility.DecoupleMpiFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_param_y_mpi);
int _pub_key_end_index = _next_start_index;
//get the whole encoded DSA key
dsa_public_key_byte_array_encoded = new byte[_pub_key_end_index - _pub_key_start_index];
Buffer.BlockCopy(_decrypted_x_data_array, _pub_key_start_index, dsa_public_key_byte_array_encoded, 0, dsa_public_key_byte_array_encoded.Length);
DsaPublicKeyParameters _dsa_public_key_params = GetDSAPublicKeyParams(_dsa_public_key_param_p_mpi, _dsa_public_key_param_q_mpi, _dsa_public_key_param_g_mpi, _dsa_public_key_param_y_mpi);
/*Get DH Key ID bytes*/
_next_start_index = Utility.DecodeIntFromBytes(_decrypted_x_data_array, _next_start_index, ref _dh_kid_bytes);
if (_dh_kid_bytes == null || _dh_kid_bytes.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded Key ID OTR Int type byte array cannot be null/empty");
}
public_key_id = BitConverter.ToUInt32(_dh_kid_bytes, 0);
/*Get Signed M_b*/
_hashed_m_data_signature = new byte[_decrypted_x_data_array.Length - _next_start_index];
Buffer.BlockCopy(_decrypted_x_data_array, _next_start_index, _hashed_m_data_signature, 0, _hashed_m_data_signature.Length);
if (_hashed_m_data_signature == null || _hashed_m_data_signature.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The extracted Signed byte array, M_b, cannot be null/empty");
}
/*Decode r and s */
_next_start_index = 0;
byte[] _decoded_signature_r_byte_array = null;
byte[] _decoded_signature_s_byte_array = null;
_next_start_index = Utility.DecodeMacFromBytesBE(_hashed_m_data_signature, _next_start_index, ref _decoded_signature_r_byte_array);
_next_start_index = Utility.DecodeMacFromBytesBE(_hashed_m_data_signature, _next_start_index, ref _decoded_signature_s_byte_array);
if (_decoded_signature_r_byte_array == null || _decoded_signature_r_byte_array.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded DSA signature parameter 'r' byte array cannot be null/empty");
}
if (_decoded_signature_s_byte_array == null || _decoded_signature_s_byte_array.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded DSA signature parameter 's' byte array cannot be null/empty");
}
/*Verify Signature*/
byte[] _hashed_m_data_byte_array = ComputeM(ake_keys, their_public_key_mpi_byte_array, key_pair.GetPublicKeyMpiBytes(), dsa_public_key_byte_array_encoded, _dh_kid_bytes, is_top_half_keys);
_is_verified = DSASigner.VerifySignature(_dsa_public_key_params, _hashed_m_data_byte_array, _decoded_signature_r_byte_array, _decoded_signature_s_byte_array);
}
catch (Exception ex)
{
_is_verified = false;
throw new InvalidDataException("IsEncryptedVerified:" + ex.ToString());
}
return(_is_verified);
}
private static byte[] ComputeX(DSASigner dsa_signer, byte[] dsa_public_key_bytes_encoded, byte[] key_id_byte_array, byte[] hashed_m_byte_array_data)
{
if (key_id_byte_array == null || key_id_byte_array.Length < 1)
{
throw new ArgumentException("ComputeX: The key id byte array should not be null/empty");
}
if (hashed_m_byte_array_data == null || hashed_m_byte_array_data.Length < 1)
{
throw new ArgumentException("ComputeX: The hashed m byte array should not be null/empty");
}
if (dsa_signer == null)
{
throw new ArgumentException("ComputeX: DSA signer object cannot be null");
}
byte[] _signature_r_byte_array = null;
byte[] _signature_s_byte_array = null;
dsa_signer.GenerateSignature(hashed_m_byte_array_data, ref _signature_r_byte_array, ref _signature_s_byte_array);
if (_signature_r_byte_array == null || _signature_r_byte_array.Length < 1)
{
throw new InvalidDataException("ComputeX: The computed DSA signature parameter 'r' byte array cannot be null/empty");
}
if (_signature_s_byte_array == null || _signature_s_byte_array.Length < 1)
{
throw new InvalidDataException("ComputeX: The computed DSA signature parameter 's' byte array cannot be null/empty");
}
byte[] _hashed_m_data_signature = null;
byte[] _encoded_key_id_byte_array = null;
try
{
byte[] _encoded_signature_r_byte_array = null;
byte[] _encoded_signature_s_byte_array = null;
/* This is unnecessary. It's just here to complement DecodeMacfromBytes used in IsEncryptedSignatureVerified().
* It should be removed if performance becomes an issue. */
Utility.EncodeOTRMacBE(_signature_r_byte_array, ref _encoded_signature_r_byte_array);
Utility.EncodeOTRMacBE(_signature_s_byte_array, ref _encoded_signature_s_byte_array);
if (_encoded_signature_r_byte_array == null || _encoded_signature_r_byte_array.Length < 1)
{
throw new InvalidDataException("ComputeX: The encoded DSA signature parameter 'r' byte array cannot be null/empty");
}
if (_encoded_signature_s_byte_array == null || _encoded_signature_s_byte_array.Length < 1)
{
throw new InvalidDataException("ComputeX: The encoded DSA signature parameter 's' byte array cannot be null/empty");
}
_hashed_m_data_signature = new byte[_encoded_signature_r_byte_array.Length + _encoded_signature_s_byte_array.Length];
Buffer.BlockCopy(_encoded_signature_r_byte_array, 0, _hashed_m_data_signature, 0, _encoded_signature_r_byte_array.Length);
Buffer.BlockCopy(_encoded_signature_s_byte_array, 0, _hashed_m_data_signature, _encoded_signature_r_byte_array.Length, _encoded_signature_s_byte_array.Length);
Utility.EncodeOTRInt(key_id_byte_array, ref _encoded_key_id_byte_array);
}
catch (Exception ex)
{
throw new InvalidDataException("ComputeX:" + ex.ToString());
}
if (_encoded_key_id_byte_array == null || _encoded_key_id_byte_array.Length < 1)
{
throw new InvalidDataException("ComputeX: The encoded key id byte array should not be null/empty");
}
int _x_data_array_length = _encoded_key_id_byte_array.Length + dsa_public_key_bytes_encoded.Length + _hashed_m_data_signature.Length;
byte[] _x_data_array = new byte[_x_data_array_length];
Buffer.BlockCopy(dsa_public_key_bytes_encoded, 0, _x_data_array, 0, dsa_public_key_bytes_encoded.Length);
Buffer.BlockCopy(_encoded_key_id_byte_array, 0, _x_data_array, dsa_public_key_bytes_encoded.Length, _encoded_key_id_byte_array.Length);
Buffer.BlockCopy(_hashed_m_data_signature, 0, _x_data_array, dsa_public_key_bytes_encoded.Length + _encoded_key_id_byte_array.Length, _hashed_m_data_signature.Length);
return(_x_data_array);
}
