public GostSharedSecretAlgorithm(SafeProvHandleImpl provHandle, SafeKeyHandleImpl keyHandle, GostKeyExchangeParameters keyExchangeParameters, GostAlgorithmType algType)
{
if (provHandle == null)
{
throw ExceptionUtility.ArgumentNull("provHandle");
}
if (keyHandle == null)
{
throw ExceptionUtility.ArgumentNull("keyHandle");
}
if (keyExchangeParameters == null)
{
throw ExceptionUtility.ArgumentNull("keyExchangeParameters");
}
_provHandle = provHandle.DangerousAddRef();
_keyHandle = keyHandle.DangerousAddRef();
_keyExchangeParameters = keyExchangeParameters;
_algType = algType;
}
public static byte[] EncodePublicBlob(GostKeyExchangeParameters publicKeyParameters, GostAlgorithmType algorithm)
{
if (publicKeyParameters == null)
{
throw ExceptionUtility.ArgumentNull("publicKeyParameters");
}
int size;
int value;
switch (algorithm)
{
case GostAlgorithmType.Gost2001:
size = 512;
value = Constants.CALG_GR3410EL;
break;
case GostAlgorithmType.Gost2012_256:
size = 512;
value = Constants.CALG_GR3410_2012_256;
break;
case GostAlgorithmType.Gost2012_512:
size = 1024;
value = Constants.CALG_GR3410_2012_512;
break;
default:
throw new CryptographicException(Resources.AlgorithmNotAvailable);
}
var encodeKeyParameters = publicKeyParameters.EncodeParameters();
var importedKeyBytes = new byte[(encodeKeyParameters.Length + 16) + publicKeyParameters.PublicKey.Length];
importedKeyBytes[0] = 6;
importedKeyBytes[1] = 32;
Array.Copy(BitConverter.GetBytes(value), 0, importedKeyBytes, 4, 4);
Array.Copy(BitConverter.GetBytes(Constants.GR3410_1_MAGIC), 0, importedKeyBytes, 8, 4);
Array.Copy(BitConverter.GetBytes(size), 0, importedKeyBytes, 12, 4);
Array.Copy(encodeKeyParameters, 0, importedKeyBytes, 16, encodeKeyParameters.Length);
Array.Copy(publicKeyParameters.PublicKey, 0, importedKeyBytes, encodeKeyParameters.Length + 16, publicKeyParameters.PublicKey.Length);
return(importedKeyBytes);
}
public static SafeKeyHandleImpl ImportPublicKey(SafeProvHandleImpl providerHandle, GostKeyExchangeParameters publicKeyParameters, GostAlgorithmType algorithm)
{
if (publicKeyParameters == null)
{
throw ExceptionUtility.ArgumentNull("publicKeyParameters");
}
var importedKeyBytes = EncodePublicBlob(publicKeyParameters, algorithm);
SafeKeyHandleImpl hKeyExchange;
ImportCspBlob(importedKeyBytes, providerHandle, SafeKeyHandleImpl.InvalidHandle, out hKeyExchange);
return(hKeyExchange);
}
private static GostKeyExchangeParameters DecodePublicBlob(byte[] encodedPublicBlob, GostAlgorithmType algorithm)
{
if (encodedPublicBlob == null)
{
throw ExceptionUtility.ArgumentNull("encodedPublicBlob");
}
int size;
switch (algorithm)
{
case GostAlgorithmType.Gost2001:
size = 512;
break;
case GostAlgorithmType.Gost2012_256:
size = 512;
break;
case GostAlgorithmType.Gost2012_512:
size = 1024;
break;
default:
throw new CryptographicException(Resources.AlgorithmNotAvailable);
}
if (encodedPublicBlob.Length < 16 + size / 8)
{
throw ExceptionUtility.CryptographicException(Constants.NTE_BAD_DATA);
}
var gostKeyMask = BitConverter.ToUInt32(encodedPublicBlob, 8);
if (gostKeyMask != Constants.GR3410_1_MAGIC)
{
throw ExceptionUtility.CryptographicException(Constants.NTE_BAD_DATA);
}
var gostKeySize = BitConverter.ToUInt32(encodedPublicBlob, 12);
if (gostKeySize != size)
{
throw ExceptionUtility.CryptographicException(Constants.NTE_BAD_DATA);
}
var publicKeyParameters = new GostKeyExchangeParameters();
var encodeKeyParameters = new byte[(encodedPublicBlob.Length - 16) - size / 8];
Array.Copy(encodedPublicBlob, 16, encodeKeyParameters, 0, (encodedPublicBlob.Length - 16) - size / 8);
publicKeyParameters.DecodeParameters(encodeKeyParameters);
var publicKey = new byte[64];
Array.Copy(encodedPublicBlob, encodedPublicBlob.Length - size / 8, publicKey, 0, size / 8);
publicKeyParameters.PublicKey = publicKey;
return(publicKeyParameters);
}
public static GostKeyExchangeParameters ExportPublicKey(SafeKeyHandleImpl symKeyHandle, GostAlgorithmType algorithm)
{
var exportedKeyBytes = ExportCspBlob(symKeyHandle, SafeKeyHandleImpl.InvalidHandle, Constants.PUBLICKEYBLOB);
return(DecodePublicBlob(exportedKeyBytes, algorithm));
}
private static SafeHashHandleImpl SetupHashAlgorithm(SafeProvHandleImpl providerHandle, byte[] hashValue, GostAlgorithmType alg)
{
SafeHashHandleImpl hashHandle;
if (alg == GostAlgorithmType.Gost2012_256)
{
hashHandle = CreateHash_3411_2012_256(providerHandle);
}
else if (alg == GostAlgorithmType.Gost2012_512)
{
hashHandle = CreateHash_3411_2012_512(providerHandle);
}
else
{
hashHandle = CreateHash_3411_94(providerHandle);
}
//uint hashLength = 0;
//if (!CryptoApi.CryptGetHashParam(hashHandle, Constants.HP_HASHVAL, null, ref hashLength, 0))
//{
// throw CreateWin32Error();
//}
//if (hashValue.Length != hashLength)
//{
// throw ExceptionUtility.CryptographicException(Constants.NTE_BAD_HASH);
//}
if (!CryptoApi.CryptSetHashParam(hashHandle, Constants.HP_HASHVAL, hashValue, 0))
{
throw CreateWin32Error();
}
return(hashHandle);
}
public static bool VerifySign(SafeProvHandleImpl providerHandle, SafeKeyHandleImpl keyHandle, byte[] hashValue, byte[] signatureValue, GostAlgorithmType alg)
{
using (var hashHandle = SetupHashAlgorithm(providerHandle, hashValue, alg))
{
return(CryptoApi.CryptVerifySignature(hashHandle, signatureValue, (uint)signatureValue.Length, keyHandle, null, 0));
}
}
public static byte[] SignValue(SafeProvHandleImpl hProv, int keyNumber, byte[] hashValue, GostAlgorithmType alg)
{
using (var hashHandle = SetupHashAlgorithm(hProv, hashValue, alg))
{
int signatureLength = 0;
// Вычисление размера подписи
if (!CryptoApi.CryptSignHash(hashHandle, (int)keyNumber, null, 0, null, ref signatureLength))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
var signatureValue = new byte[signatureLength];
// Вычисление значения подписи
if (!CryptoApi.CryptSignHash(hashHandle, (int)keyNumber, null, 0, signatureValue, ref signatureLength))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
return(signatureValue);
}
}
public static SafeKeyHandleImpl ImportAndMakeKeyExchange(SafeProvHandleImpl providerHandle, GostKeyExchangeParameters keyExchangeParameters, SafeKeyHandleImpl publicKeyHandle, GostAlgorithmType alg)
{
if (keyExchangeParameters == null)
{
throw ExceptionUtility.ArgumentNull("keyExchangeParameters");
}
var importedKeyBytes = EncodePublicBlob(keyExchangeParameters, alg);
SafeKeyHandleImpl keyExchangeHandle;
ImportCspBlob(importedKeyBytes, providerHandle, publicKeyHandle, out keyExchangeHandle);
return(keyExchangeHandle);
}
