C# (CSharp) ECDsa.ExportParameters Beispiele

Beispiel #1

Datei: ECDsaImportExport.cs Projekt: emboldbz/runtime

        public static void ExportIncludingPrivateOnPublicOnlyKey()
        {
            ECParameters iutParameters = new ECParameters
            {
                Curve = ECCurve.NamedCurves.nistP521,
                Q     =
                {
                    X = "00d45615ed5d37fde699610a62cd43ba76bedd8f85ed31005fe00d6450fbbd101291abd96d4945a8b57bc73b3fe9f4671105309ec9b6879d0551d930dac8ba45d255".HexToByteArray(),
                    Y = "01425332844e592b440c0027972ad1526431c06732df19cd46a242172d4dd67c2c8c99dfc22e49949a56cf90c6473635ce82f25b33682fb19bc33bd910ed8ce3a7fa".HexToByteArray(),
                },
                D = "00816f19c1fb10ef94d4a1d81c156ec3d1de08b66761f03f06ee4bb9dcebbbfe1eaa1ed49a6a990838d8ed318c14d74cc872f95d05d07ad50f621ceb620cd905cfb8".HexToByteArray(),
            };

            using (ECDsa iut = ECDsaFactory.Create())
                using (ECDsa cavs = ECDsaFactory.Create())
                {
                    iut.ImportParameters(iutParameters);
                    cavs.ImportParameters(iut.ExportParameters(false));

                    Assert.ThrowsAny <CryptographicException>(() => cavs.ExportParameters(true));

                    if (ECExplicitCurvesSupported)
                    {
                        Assert.ThrowsAny <CryptographicException>(() => cavs.ExportExplicitParameters(true));
                    }
                }
        }

Beispiel #2

Datei: DNSKEYRecord.cs Projekt: vsssunder/automatica

        /// <summary>
        ///   Creates a new instance of the <see cref="DNSKEYRecord"/> class
        ///   from the specified ECDSA key.
        /// </summary>
        /// <param name="key">
        ///   A public or private ECDSA key.
        /// </param>
        /// <exception cref="ArgumentException">
        ///   <paramref name="key"/> is not named nistP256 nor nist384.
        /// </exception>
        /// <exception cref="CryptographicException">
        ///   <paramref name="key"/> is not valid.
        /// </exception>
        /// <remarks>
        ///   <note>
        ///   ECDSA key support is <b>NOT available</b> for NETSTANDARD14 nor NET45.
        ///   It is available for NETSTANDARD2, NET472 or greater.
        ///   </note>
        /// </remarks>
        public DNSKEYRecord(ECDsa key)
            : this()
        {
            var p = key.ExportParameters(includePrivateParameters: false);

            p.Validate();

            if (!p.Curve.IsNamed)
            {
                throw new ArgumentException("Only named ECDSA curves are allowed.");
            }
            Algorithm = SecurityAlgorithmRegistry.Algorithms
                        .Where(alg => alg.Value.OtherNames.Contains(p.Curve.Oid.FriendlyName))
                        .Select(alg => alg.Key)
                        .FirstOrDefault();
            if (Algorithm == (SecurityAlgorithm)0)
            {
                throw new ArgumentException($"ECDSA curve '{p.Curve.Oid.FriendlyName} is not known'.");
            }

            // ECDSA public keys consist of a single value, called "Q" in FIPS 186-3.
            // In DNSSEC keys, Q is a simple bit string that represents the
            // uncompressed form of a curve point, "x | y".
            using (var ms = new MemoryStream())
            {
                ms.Write(p.Q.X, 0, p.Q.X.Length);
                ms.Write(p.Q.Y, 0, p.Q.Y.Length);
                PublicKey = ms.ToArray();
            }
        }

Beispiel #3

        public static void AddSigner_ECDSA_EphemeralKey()
        {
            using (ECDsa ecdsa = ECDsa.Create())
                using (X509Certificate2 publicCertificate = Certificates.ECDsaP256Win.GetCertificate())
                    using (X509Certificate2 certificateWithKey = Certificates.ECDsaP256Win.TryGetCertificateWithPrivateKey(exportable: true))
                    {
                        if (certificateWithKey == null)
                        {
                            return;
                        }

                        using (ECDsa privateKey = certificateWithKey.GetECDsaPrivateKey())
                            using (ECDsa exportableKey = privateKey.MakeExportable())
                            {
                                ecdsa.ImportParameters(exportableKey.ExportParameters(true));
                            }
                        using (X509Certificate2 certWithEphemeralKey = publicCertificate.CopyWithPrivateKey(ecdsa))
                        {
                            ContentInfo content = new ContentInfo(new byte[] { 1, 2, 3 });
                            SignedCms   cms     = new SignedCms(content, false);
                            CmsSigner   signer  = new CmsSigner(certWithEphemeralKey);
                            cms.ComputeSignature(signer);
                        }
                    }
        }

Beispiel #4

Datei: CertificateRequestUsageTests.cs Projekt: layomia/dotnet_runtime

        public static void SelfSign_ECC_UseCertKeys()
        {
            X509Certificate2 cert;
            ECParameters     pubParams;

            ECDsa priv2;

            using (ECDsa ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP256))
            {
                pubParams = ecdsa.ExportParameters(false);

                CertificateRequest request = new CertificateRequest(
                    "CN=localhost, OU=.NET Framework (CoreFX), O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
                    ecdsa,
                    HashAlgorithmName.SHA256);

                DateTimeOffset now = DateTimeOffset.UtcNow;
                cert = request.CreateSelfSigned(now, now.AddDays(90));
            }

            using (cert)
                using (priv2 = cert.GetECDsaPrivateKey())
                    using (ECDsa pub = ECDsa.Create(pubParams))
                    {
                        Assert.True(cert.HasPrivateKey, "cert.HasPrivateKey");
                        Assert.NotNull(priv2);

                        byte[] sig = priv2.SignData(pubParams.Q.X, HashAlgorithmName.SHA384);

                        Assert.True(
                            pub.VerifyData(pubParams.Q.X, sig, HashAlgorithmName.SHA384),
                            "Cert signature validates with public key");
                    }
        }

Beispiel #5

        public static DnssecPrivateKey Create(DnssecAlgorithm algorithm, DnssecPrivateKeyType keyType, int keySize = -1)
        {
            switch (algorithm)
            {
            case DnssecAlgorithm.RSAMD5:
            case DnssecAlgorithm.RSASHA1:
            case DnssecAlgorithm.RSASHA1_NSEC3_SHA1:
            case DnssecAlgorithm.RSASHA256:
            case DnssecAlgorithm.RSASHA512:
                if ((keySize < 1024) || (keySize > 4096))
                {
                    throw new ArgumentOutOfRangeException(nameof(keySize), "Valid RSA key size range is between 1024-4096 bits.");
                }

                using (RSA rsa = RSA.Create(keySize))
                {
                    return(new DnssecRsaPrivateKey(algorithm, keyType, keySize, rsa.ExportParameters(true)));
                }

            case DnssecAlgorithm.ECDSAP256SHA256:
                using (ECDsa ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP256))
                {
                    return(new DnssecEcdsaPrivateKey(algorithm, keyType, ecdsa.ExportParameters(true)));
                }

            case DnssecAlgorithm.ECDSAP384SHA384:
                using (ECDsa ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP384))
                {
                    return(new DnssecEcdsaPrivateKey(algorithm, keyType, ecdsa.ExportParameters(true)));
                }

            default:
                throw new NotSupportedException("DNSSEC algorithm is not supported: " + algorithm.ToString());
            }
        }

Beispiel #6

Datei: CryptoExtensions.cs Projekt: encodeous/wstream

        /// <summary>
        /// Imports the ECDSA key from Pkcs8 format
        /// </summary>
        /// <param name="bytes">Private key store in the Pkcs8 format</param>
        /// <returns>The ECDSA key</returns>
        public static ECParameters ImportPrivateKey(byte[] bytes)
        {
            ECDsa ecDsa = ECDsa.Create(ECCurve.CreateFromFriendlyName("secp384r1"));

            ecDsa.ImportPkcs8PrivateKey(bytes, out var _);
            return(ecDsa.ExportParameters(true));
        }

Beispiel #7

        public static byte[] ExportECDsaPublicKey(ECDsa ecDsa, HashAlgorithmName?hashAlgName)
        {
            ECParameters ecParams = ecDsa.ExportParameters(includePrivateParameters: false);

            using var writer = new CborWriter(CborConformanceLevel.Ctap2Canonical);
            WriteECParametersAsCosePublicKey(writer, ecParams, hashAlgName);
            return(writer.GetEncoding());
        }

Beispiel #8

        public static void DiminishedCoordsRoundtrip()
        {
            ECParameters toImport = ECDsaTestData.GetNistP521DiminishedCoordsParameters();
            ECParameters privateParams;
            ECParameters publicParams;

            using (ECDsa ecdsa = ECDsa.Create(toImport))
            {
                privateParams = ecdsa.ExportParameters(true);
                publicParams  = ecdsa.ExportParameters(false);
            }

            ComparePublicKey(toImport.Q, privateParams.Q);
            ComparePrivateKey(toImport, privateParams);
            ComparePublicKey(toImport.Q, publicParams.Q);
            Assert.Null(publicParams.D);
        }

Beispiel #9

Datei: ECKey.cs Projekt: signature-opensource/CK-AppIdentity

 ECKey(ISystemClock clock, string kid, KeyOperations ops, ECDsa ec, DateTime bestBefore, uint maxUseCount, bool isPrivateKey)
     : base(clock, kid, KeyType.Ec, ops, bestBefore, maxUseCount)
 {
     _ec           = ec;
     _parameters   = ec.ExportParameters(includePrivateParameters: isPrivateKey);
     KeySizeInBits = _ec.KeySize;
     JWKCurveName  = GetJWKCurveName(_parameters.Curve.Oid);
 }

Beispiel #10

        public static byte[] ExportECDsaPublicKey(ECDsa ecDsa, HashAlgorithmName?hashAlgName)
        {
            ECParameters ecParams = ecDsa.ExportParameters(includePrivateParameters: false);
            var          writer   = new CborWriter(CborConformanceMode.Ctap2Canonical, convertIndefiniteLengthEncodings: true);

            WriteECParametersAsCosePublicKey(writer, ecParams, hashAlgName);
            return(writer.Encode());
        }

Beispiel #11

Datei: ECDsaCertificateExtensions.cs Projekt: vdimensions/dotnetfx_referencesource

        public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, ECDsa privateKey)
        {
            if (certificate == null)
            {
                throw new ArgumentNullException(nameof(certificate));
            }
            if (privateKey == null)
            {
                throw new ArgumentNullException(nameof(privateKey));
            }

            if (certificate.HasPrivateKey)
            {
                throw new InvalidOperationException(SR.GetString(SR.Cryptography_Cert_AlreadyHasPrivateKey));
            }

            using (ECDsa publicKey = GetECDsaPublicKey(certificate))
            {
                if (publicKey == null)
                {
                    throw new ArgumentException(SR.GetString(SR.Cryptography_PrivateKey_WrongAlgorithm));
                }

                if (!IsSameKey(publicKey, privateKey))
                {
                    throw new ArgumentException(SR.GetString(SR.Cryptography_PrivateKey_DoesNotMatch), nameof(privateKey));
                }
            }

            ECDsaCng         ecdsaCng = privateKey as ECDsaCng;
            X509Certificate2 newCert  = null;

            if (ecdsaCng != null)
            {
                newCert = CertificateExtensionsCommon.CopyWithPersistedCngKey(certificate, ecdsaCng.Key);
            }

            // No CAPI option for ECDSA

            if (newCert == null)
            {
                ECParameters parameters = privateKey.ExportParameters(true);

                using (PinAndClear.Track(parameters.D))
                    using (ecdsaCng = new ECDsaCng())
                    {
                        ecdsaCng.ImportParameters(parameters);

                        newCert = CertificateExtensionsCommon.CopyWithEphemeralCngKey(certificate, ecdsaCng.Key);
                    }
            }

            Debug.Assert(newCert != null);
            Debug.Assert(!ReferenceEquals(certificate, newCert));
            Debug.Assert(!certificate.HasPrivateKey);
            Debug.Assert(newCert.HasPrivateKey);
            return(newCert);
        }

Beispiel #12

        ///<inheritdoc/>
        public override ECParameters ExportParameters(bool includePrivateParameters)
        {
            if (includePrivateParameters)
            {
                throw new CryptographicException("Private keys cannot be exported by this provider");
            }

            return(publicKey.ExportParameters(false));
        }

Beispiel #13

Datei: CryptoECDsa.cs Projekt: GuusSeldenthuis/sharpcoin

 public static SharpKeyPair GenerateKeyPair()
 {
     // Curve ECDSA_P256 (weaker curve, but smaller keys)
     using (ECDsa dsa = ECDsa.Create(ECCurve.NamedCurves.nistP256))
     {
         ECParameters Params = dsa.ExportParameters(true);
         return(new SharpKeyPair(Params.Q.X.Concat(Params.Q.Y).ToArray(), Params.D));
     }
 }

Beispiel #14

            static ECCurve NormalizeCurveForPlatform(string friendlyName)
            {
                ECCurve namedCurve = ECCurve.CreateFromFriendlyName(friendlyName);

                using ECDsa ecDsa = ECDsa.Create(namedCurve);
                ECParameters platformParams = ecDsa.ExportParameters(includePrivateParameters: false);

                return(platformParams.Curve);
            }

Beispiel #15

Datei: ECDCertificatePopCryptoProvider.cs Projekt: zhangqiuyang/microsoft-authentication-library-for-dotnet

        private void InitializeSigningKey()
        {
            ECCurve eCCurve = ECCurve.CreateFromFriendlyName(ECCurve.NamedCurves.nistP256.Oid.FriendlyName);

            _signingKey = ECDsa.Create(eCCurve);

            ECParameters publicKeyInfo = _signingKey.ExportParameters(false);

            CannonicalPublicKeyJwk = ComputeCannonicalJwk(publicKeyInfo);
        }

Beispiel #16

Datei: ECDsaCertificateExtensions.cs Projekt: vdimensions/dotnetfx_referencesource

        private static bool IsSameKey(ECDsa a, ECDsa b)
        {
            ECParameters aParameters = a.ExportParameters(false);
            ECParameters bParameters = b.ExportParameters(false);

            if (aParameters.Curve.CurveType != bParameters.Curve.CurveType)
            {
                return(false);
            }

            if (!aParameters.Q.X.SequenceEqual(bParameters.Q.X) ||
                !aParameters.Q.Y.SequenceEqual(bParameters.Q.Y))
            {
                return(false);
            }

            ECCurve aCurve = aParameters.Curve;
            ECCurve bCurve = bParameters.Curve;

            if (aCurve.IsNamed)
            {
                // On Windows we care about FriendlyName, on Unix we care about Value
                return(aCurve.Oid.Value == bCurve.Oid.Value && aCurve.Oid.FriendlyName == bCurve.Oid.FriendlyName);
            }

            if (!aCurve.IsExplicit)
            {
                // Implicit curve, always fail.
                return(false);
            }

            // Ignore Cofactor (which is derivable from the prime or polynomial and Order)
            // Ignore Seed and Hash (which are entirely optional, and about how A and B were built)
            if (!aCurve.G.X.SequenceEqual(bCurve.G.X) ||
                !aCurve.G.Y.SequenceEqual(bCurve.G.Y) ||
                !aCurve.Order.SequenceEqual(bCurve.Order) ||
                !aCurve.A.SequenceEqual(bCurve.A) ||
                !aCurve.B.SequenceEqual(bCurve.B))
            {
                return(false);
            }

            if (aCurve.IsPrime)
            {
                return(aCurve.Prime.SequenceEqual(bCurve.Prime));
            }

            if (aCurve.IsCharacteristic2)
            {
                return(aCurve.Polynomial.SequenceEqual(bCurve.Polynomial));
            }

            Debug.Fail($"Missing match criteria for curve type {aCurve.CurveType}");
            return(false);
        }

Beispiel #17

Datei: JsonWebKey.cs Projekt: maririos/azure-sdk-for-net

        private void Initialize(ECDsa ecdsa, bool includePrivateParameters)
        {
            KeyType = KeyType.Ec;

            ECParameters ecParameters = ecdsa.ExportParameters(includePrivateParameters);

            CurveName = KeyCurveName.FromOid(ecParameters.Curve.Oid, ecdsa.KeySize).ToString() ?? throw new InvalidOperationException("elliptic curve name is invalid");
            D         = ecParameters.D;
            X         = ecParameters.Q.X;
            Y         = ecParameters.Q.Y;
        }

Beispiel #18

        public void KeySizeProp()
        {
            using (ECDsa e = ECDsaFactory.Create())
            {
                e.KeySize = 384;
                Assert.Equal(384, e.KeySize);
                ECParameters p384 = e.ExportParameters(false);
                Assert.True(p384.Curve.IsNamed);
                p384.Validate();

                e.KeySize = 521;
                Assert.Equal(521, e.KeySize);
                ECParameters p521 = e.ExportParameters(false);
                Assert.True(p521.Curve.IsNamed);
                p521.Validate();

                // Ensure the key was regenerated
                Assert.NotEqual(p384.Curve.Oid.FriendlyName, p521.Curve.Oid.FriendlyName);
            }
        }

Beispiel #19

        public virtual WalletAccount Import(X509Certificate2 cert)
        {
            byte[] privateKey;
            using (ECDsa ecdsa = cert.GetECDsaPrivateKey())
            {
                privateKey = ecdsa.ExportParameters(true).D;
            }
            WalletAccount account = CreateAccount(privateKey);

            Array.Clear(privateKey, 0, privateKey.Length);
            return(account);
        }

Beispiel #20

Datei: ECDsaX509SignatureGenerator.cs Projekt: yangfan111/Mscore

        protected override PublicKey BuildPublicKey()
        {
            ECParameters ecParameters = _key.ExportParameters(false);

            if (!ecParameters.Curve.IsNamed)
            {
                throw new InvalidOperationException(SR.GetString(SR.Cryptography_ECC_NamedCurvesOnly));
            }

            string curveOid = ecParameters.Curve.Oid.Value;

            if (string.IsNullOrEmpty(curveOid))
            {
                string friendlyName = ecParameters.Curve.Oid.FriendlyName;

                // Translate the three curves that were supported Windows 7-8.1, but emit no Oid.Value;
                // otherwise just wash the friendly name back through Oid to see if we can get a value.
                switch (friendlyName)
                {
                case "nistP256":
                    curveOid = Oids.EccCurveSecp256r1;
                    break;

                case "nistP384":
                    curveOid = Oids.EccCurveSecp384r1;
                    break;

                case "nistP521":
                    curveOid = Oids.EccCurveSecp521r1;
                    break;

                default:
                    curveOid = new Oid(friendlyName).Value;
                    break;
                }
            }

            Debug.Assert(ecParameters.Q.X.Length == ecParameters.Q.Y.Length);
            byte[] uncompressedPoint = new byte[1 + ecParameters.Q.X.Length + ecParameters.Q.Y.Length];

            // Uncompressed point (0x04)
            uncompressedPoint[0] = 0x04;

            Buffer.BlockCopy(ecParameters.Q.X, 0, uncompressedPoint, 1, ecParameters.Q.X.Length);
            Buffer.BlockCopy(ecParameters.Q.Y, 0, uncompressedPoint, 1 + ecParameters.Q.X.Length, ecParameters.Q.Y.Length);

            Oid ecPublicKey = new Oid(Oids.Ecc);

            return(new PublicKey(
                       ecPublicKey,
                       new AsnEncodedData(ecPublicKey, DerEncoder.EncodeOid(curveOid)),
                       new AsnEncodedData(ecPublicKey, uncompressedPoint)));
        }

Beispiel #21

Datei: JsonWebKeyTests.cs Projekt: maririos/azure-sdk-for-net

        public void FromECDsaNoPrivateKey()
        {
#if NET461
            Assert.Ignore("Creating ECDsa with JsonWebKey is not supported on net461.");
#else
            using ECDsa ecdsa = ECDsa.Create();
            ECParameters ecParameters = ecdsa.ExportParameters(false);
            ecdsa.ImportParameters(ecParameters);

            Assert.That <JsonWebKey>(() => new JsonWebKey(ecdsa, includePrivateParameters: true), Throws.InstanceOf <CryptographicException>());
#endif
        }

Beispiel #22

        /// <summary>
        /// Computes a sha256 hash over the <see cref="ECDsaSecurityKey"/>.
        /// </summary>
        /// <returns>A JWK thumbprint.</returns>
        /// <remarks>https://tools.ietf.org/html/rfc7638</remarks>
        public override byte[] ComputeJwkThumbprint()
        {
#if NET472 || NETSTANDARD2_0
            if (ECDsaAdapter.SupportsECParameters())
            {
                ECParameters parameters   = ECDsa.ExportParameters(false);
                var          canonicalJwk = $@"{{""{JsonWebKeyParameterNames.Crv}"":""{ECDsaAdapter.GetCrvParameterValue(parameters.Curve)}"",""{JsonWebKeyParameterNames.Kty}"":""{JsonWebAlgorithmsKeyTypes.EllipticCurve}"",""{JsonWebKeyParameterNames.X}"":""{Base64UrlEncoder.Encode(parameters.Q.X)}"",""{JsonWebKeyParameterNames.Y}"":""{Base64UrlEncoder.Encode(parameters.Q.Y)}""}}";
                return(Utility.GenerateSha256Hash(canonicalJwk));
            }
#endif
            throw LogHelper.LogExceptionMessage(new PlatformNotSupportedException(LogMessages.IDX10695));
        }

Beispiel #23

        public void PublicKey_CannotSign()
        {
            using (ECDsa ecdsaPriv = ECDsaFactory.Create())
                using (ECDsa ecdsa = ECDsaFactory.Create())
                {
                    ECParameters keyParameters = ecdsaPriv.ExportParameters(false);
                    ecdsa.ImportParameters(keyParameters);

                    Assert.ThrowsAny <CryptographicException>(
                        () => ecdsa.SignData(new byte[] { 1, 2, 3, 4, 5 }, HashAlgorithmName.SHA256));
                }
        }

Beispiel #24

        public void TestChangeFromNamedCurveToKeySize(CurveDef curveDef)
        {
            using (ECDsa ec = ECDsaFactory.Create(curveDef.Curve))
            {
                ECParameters param = ec.ExportParameters(false);

                // Avoid comparing against same key as in curveDef
                if (ec.KeySize != 384 && ec.KeySize != 521)
                {
                    ec.KeySize = 384;
                    ECParameters param384 = ec.ExportParameters(false);
                    Assert.NotEqual(param.Curve.Oid.FriendlyName, param384.Curve.Oid.FriendlyName);
                    Assert.Equal(384, ec.KeySize);

                    ec.KeySize = 521;
                    ECParameters param521 = ec.ExportParameters(false);
                    Assert.NotEqual(param384.Curve.Oid.FriendlyName, param521.Curve.Oid.FriendlyName);
                    Assert.Equal(521, ec.KeySize);
                }
            }
        }

Beispiel #25

        public KeyPair Import(X509Certificate2 cert)
        {
            byte[] privateKey;
            using (ECDsa ecdsa = cert.GetECDsaPrivateKey())
            {
                privateKey = ecdsa.ExportParameters(true).D;
            }
            KeyPair key = CreateKey(privateKey);

            Array.Clear(privateKey, 0, privateKey.Length);
            return(key);
        }

Beispiel #26

        protected override PublicKey BuildPublicKey()
        {
            ECParameters ecParameters = _key.ExportParameters(false);

            if (!ecParameters.Curve.IsNamed)
            {
                throw new InvalidOperationException(SR.Cryptography_ECC_NamedCurvesOnly);
            }

            string?curveOid = ecParameters.Curve.Oid.Value;

            byte[] curveOidEncoded;

            if (string.IsNullOrEmpty(curveOid))
            {
                string friendlyName = ecParameters.Curve.Oid.FriendlyName !;

                // Translate the three curves that were supported Windows 7-8.1, but emit no Oid.Value;
                // otherwise just wash the friendly name back through Oid to see if we can get a value.
                curveOid = friendlyName switch
                {
                    "nistP256" => Oids.secp256r1,
                    "nistP384" => Oids.secp384r1,
                    "nistP521" => Oids.secp521r1,
                    _ => new Oid(friendlyName).Value,
                };
            }

            using (AsnWriter writer = new AsnWriter(AsnEncodingRules.DER))
            {
                writer.WriteObjectIdentifier(curveOid !);
                curveOidEncoded = writer.Encode();
            }

            Debug.Assert(ecParameters.Q.X !.Length == ecParameters.Q.Y !.Length);
            byte[] uncompressedPoint = new byte[1 + ecParameters.Q.X.Length + ecParameters.Q.Y.Length];

            // Uncompressed point (0x04)
            uncompressedPoint[0] = 0x04;

            Buffer.BlockCopy(ecParameters.Q.X, 0, uncompressedPoint, 1, ecParameters.Q.X.Length);
            Buffer.BlockCopy(ecParameters.Q.Y, 0, uncompressedPoint, 1 + ecParameters.Q.X.Length, ecParameters.Q.Y.Length);

            Oid ecPublicKey = new Oid(Oids.EcPublicKey);

            return(new PublicKey(
                       ecPublicKey,
                       new AsnEncodedData(ecPublicKey, curveOidEncoded),
                       new AsnEncodedData(ecPublicKey, uncompressedPoint)));
        }

Beispiel #27

Datei: Fido2Tests.cs Projekt: sharmasecureservicesusa/fido2-net-lib

            internal byte[] SignData(COSE.KeyType kty, COSE.Algorithm alg, COSE.EllipticCurve curve, ECDsa ecdsa = null, RSA rsa = null, Key expandedPrivateKey = null, byte[] publicKey = null)
            {
                switch (kty)
                {
                case COSE.KeyType.EC2:
                {
                    var ecparams = ecdsa.ExportParameters(true);
                    _credentialPublicKey = MakeCredentialPublicKey(kty, alg, curve, ecparams.Q.X, ecparams.Q.Y);
                    var signature = ecdsa.SignData(_attToBeSigned, CryptoUtils.HashAlgFromCOSEAlg((int)alg));
                    return(EcDsaSigFromSig(signature, ecdsa.KeySize));
                }

                case COSE.KeyType.RSA:
                {
                    RSASignaturePadding padding;
                    switch (alg)         // https://www.iana.org/assignments/cose/cose.xhtml#algorithms
                    {
                    case COSE.Algorithm.PS256:
                    case COSE.Algorithm.PS384:
                    case COSE.Algorithm.PS512:
                        padding = RSASignaturePadding.Pss;
                        break;

                    case COSE.Algorithm.RS1:
                    case COSE.Algorithm.RS256:
                    case COSE.Algorithm.RS384:
                    case COSE.Algorithm.RS512:
                        padding = RSASignaturePadding.Pkcs1;
                        break;

                    default:
                        throw new ArgumentOutOfRangeException(nameof(alg), $"Missing or unknown alg {alg}");
                    }

                    var rsaparams = rsa.ExportParameters(true);
                    _credentialPublicKey = MakeCredentialPublicKey(kty, alg, rsaparams.Modulus, rsaparams.Exponent);
                    return(rsa.SignData(_attToBeSigned, CryptoUtils.HashAlgFromCOSEAlg((int)alg), padding));
                }

                case COSE.KeyType.OKP:
                {
                    _credentialPublicKey = MakeCredentialPublicKey(kty, alg, COSE.EllipticCurve.Ed25519, publicKey);
                    return(SignatureAlgorithm.Ed25519.Sign(expandedPrivateKey, _attToBeSigned));
                }

                default:
                    throw new ArgumentOutOfRangeException(nameof(kty), $"Missing or unknown kty {kty}");
                }
            }

Beispiel #28

Datei: Wallet.cs Projekt: wangtong73/AntShares

        public Account Import(X509Certificate2 cert)
        {
            byte[] privateKey;
            using (ECDsa ecdsa = cert.GetECDsaPrivateKey())
            {
#if NET461
                privateKey = ((ECDsaCng)ecdsa).Key.Export(CngKeyBlobFormat.EccPrivateBlob);
#else
                privateKey = ecdsa.ExportParameters(true).D;
#endif
            }
            Account account = CreateAccount(privateKey);
            Array.Clear(privateKey, 0, privateKey.Length);
            return(account);
        }

Beispiel #29

Datei: CertificateRequestChainTests.cs Projekt: Vettvangur/DotnetRuntime

 public static void CreateChain_Hybrid()
 {
     using (ECDsa rootKey = ECDsa.Create(ECCurve.NamedCurves.nistP521))
         using (RSA intermed1Key = RSA.Create(2048))
             using (RSA intermed2Key = RSA.Create(2048))
                 using (ECDsa leafKey = ECDsa.Create(ECCurve.NamedCurves.nistP256))
                     using (ECDsa leafPubKey = ECDsa.Create(leafKey.ExportParameters(false)))
                     {
                         CreateAndTestChain(
                             rootKey,
                             intermed1Key,
                             intermed2Key,
                             leafPubKey);
                     }
 }

Beispiel #30

Datei: ECDsaImportExport.cs Projekt: Vettvangur/DotnetRuntime

        public static void TestGeneralExportWithExplicitParameters()
        {
            using (ECDsa ecdsa = ECDsaFactory.Create())
            {
                ECParameters param = EccTestData.GetNistP256ExplicitTestData();
                param.Validate();
                ecdsa.ImportParameters(param);
                Assert.True(param.Curve.IsExplicit);

                param = ecdsa.ExportParameters(false);
                param.Validate();

                // We should have explicit values, not named, as this curve has no name.
                Assert.True(param.Curve.IsExplicit);
            }
        }

Beispiel #31

Datei: ECDsaImportExport.cs Projekt: ESgarbi/corefx

        private static void VerifyNamedCurve(ECParameters parameters, ECDsa ec, int keySize, bool includePrivate)
        {
            parameters.Validate();
            Assert.True(parameters.Curve.IsNamed);
            Assert.Equal(keySize, ec.KeySize);
            Assert.True(
                includePrivate && parameters.D.Length > 0 ||
                !includePrivate && parameters.D == null);

            if (includePrivate)
                ec.Exercise();

            // Ensure the key doesn't get regenerated after export
            ECParameters paramSecondExport = ec.ExportParameters(includePrivate);
            paramSecondExport.Validate();
            AssertEqual(parameters, paramSecondExport);
        }