Beispiel #1
0
        static void Main(string[] args)
        {
            Console.WriteLine("\n --- RSA.ALGORITHM ---\n");

            RsaAlgorithm rsa = new RsaAlgorithm();

            RsaPublicKey  publicKey  = rsa.GetPublicKeyEN();
            RsaPrivateKey privateKey = rsa.GetPrivateKeyDN();

            Console.WriteLine($" * Private key: {privateKey.D}, {privateKey.N}");
            Console.WriteLine($" * Public key: {publicKey.E}, {publicKey.N}");

            int input;

            do
            {
                Console.Write("\n - Enter for encrypt/decrypt (1 - 10000): ");
                input = int.Parse(Console.ReadLine() ?? string.Empty);
            } while (input < 1 || input > 10000);

            int encrypt = rsa.EncryptMessage(input);
            int decrypt = rsa.DecryptMessage(encrypt);

            Console.WriteLine($"\n * Encrypt: {encrypt}");
            Console.WriteLine($" * Decrypt: {decrypt}");

            Console.Write("\n --- Press <ENTER>: ");
            Console.ReadLine();
        }
Beispiel #2
0
        private void GenerateKeys(string seed)
        {
            // generate the RSA keypair for the address
            AsymmetricCipherKeyPair rsaKeyPair = WalletController.GetRSAKeyPairFromSeed(seed);

            RsaKeyParameters rsaPublicKey = rsaKeyPair.Public as RsaKeyParameters;
            RsaPublicKey     pbk          = new RsaPublicKey()
            {
                Exponent = rsaPublicKey.Exponent.ToByteArrayUnsigned(),
                Modulus  = rsaPublicKey.Modulus.ToByteArrayUnsigned()
            };

            RsaPrivateCrtKeyParameters rsaPrivateKey = rsaKeyPair.Private as RsaPrivateCrtKeyParameters;
            RsaPrivateKey prk = new RsaPrivateKey()
            {
                DP             = rsaPrivateKey.DP.ToByteArrayUnsigned(),
                DQ             = rsaPrivateKey.DQ.ToByteArrayUnsigned(),
                Exponent       = rsaPrivateKey.Exponent.ToByteArrayUnsigned(),
                Modulus        = rsaPrivateKey.Modulus.ToByteArrayUnsigned(),
                P              = rsaPrivateKey.P.ToByteArrayUnsigned(),
                PublicExponent = rsaPrivateKey.PublicExponent.ToByteArrayUnsigned(),
                Q              = rsaPrivateKey.Q.ToByteArrayUnsigned(),
                QInv           = rsaPrivateKey.QInv.ToByteArrayUnsigned()
            };

            this._testOutputHelper.WriteLine($"Public key: {pbk.ToHex()}");
            this._testOutputHelper.WriteLine($"Private key: {prk.ToHex()}");
        }
Beispiel #3
0
        // http://blog.endpoint.com/2014/10/openssl-csr-with-alternative-names-one.html

        public override PrivateKey GeneratePrivateKey(PrivateKeyParams pkp)
        {
            var rsaPkp = pkp as RsaPrivateKeyParams;

            if (rsaPkp != null)
            {
                var tempKeyFile = Path.GetTempFileName();

                try
                {
                    var args = $"genpkey -algorithm RSA -out {tempKeyFile}";
                    if (rsaPkp.NumBits > 0)
                    {
                        args += $" -pkeyopt rsa_keygen_bits:{rsaPkp.NumBits}";
                    }
                    if (!string.IsNullOrEmpty(rsaPkp.PubExp))
                    {
                        args += $" -pkeyopt rsa_keygen_pubexp:{rsaPkp.PubExp}";
                    }

                    RunCli(args);
                    var rsaPk = new RsaPrivateKey(rsaPkp.NumBits, rsaPkp.PubExp, File.ReadAllText(tempKeyFile));
                    return(rsaPk);
                }
                finally
                {
                    File.Delete(tempKeyFile);
                }
            }

            throw new NotSupportedException("unsupported private key parameters type");
        }
Beispiel #4
0
        public IActionResult LoginInit()
        {
            try
            {
                var serviceLocator = new ServiceLocator(
                    new MvcSessionDataHandler(HttpContext.Session),
                    new MvcLogger(mLogger))
                {
                    ServerConfig = new CustomGoodIdServerConfig(goodIdConfig)
                };

                var goodIdHttpResponse = GoodIdEndpointFactory.CreateGoodIDEndpoint(
                    serviceLocator,
                    new MvcIncomingRequest(Request),
                    goodIdConfig.Value.ClientId,
                    RsaPrivateKey.FromPem(goodIdConfig.Value.SigPrivKeyPem),
                    RsaPrivateKey.FromPem(goodIdConfig.Value.EncPrivKeyPem),
                    new OpenIdRequestObject(sSelectedclaims.ToString()),
                    goodIdConfig.Value.RedirectUri,
                    sSelectedAcr).Run();

                return(ToActionResult(goodIdHttpResponse));
            }
            catch (GoodIdException e)
            {
                mLogger.LogError(e, "GoodIdException happened on login initiation endpoint.");
                return(new StatusCodeResult(500));
            }
        }
Beispiel #5
0
        protected GoodIdEndpoint(
            IncomingRequest incomingRequest,
            string clientId,
            RsaPrivateKey signingKey,
            RsaPrivateKey encryptionKey,
            OpenIdRequestSource requestSource,
            string redirectUri,
            Acr acr,
            int?maxAge,
            ServiceLocator serviceLocator)
        {
            if (string.IsNullOrEmpty(clientId))
            {
                throw new GoodIdException($"{nameof(clientId)} can not be empty");
            }

            if (maxAge.HasValue && (maxAge.Value < MAX_AGE_MIN_VALUE || maxAge.Value > MAX_AGE_MAX_VALUE))
            {
                throw new GoodIdException($"{nameof(maxAge)} must be null or an int in the range [{MAX_AGE_MIN_VALUE}, {MAX_AGE_MAX_VALUE}]");
            }

            mIncomingRequest = incomingRequest;
            mClientId        = clientId;
            mSigningKey      = signingKey;
            mEncryptionKey   = encryptionKey;
            mRequestSource   = requestSource;
            mRedirectUri     = redirectUri;
            mAcr             = acr;
            mMaxAge          = maxAge;
            mServiceLocator  = serviceLocator;
        }
Beispiel #6
0
        public void LoadFromCertificateFile_Should_ThrowException_When_PrivateKeyPasswordNotProvided()
        {
            // Arrange
            var cert = $"{_assemblyPath}RsaEncrypt.pfx";

            // Assert
            Assert.Throws <ArgumentNullException>(() => RsaPrivateKey.LoadFromCertificateFile(cert, ""));
        }
Beispiel #7
0
        public void GenerateNewKeyset_Should_ThrowException_When_PublicKeyIsNull()
        {
            // Arrange
            var          key        = new RsaEncryption();
            var          privateKey = new RsaPrivateKey();
            RsaPublicKey publicKey  = null;

            // Act & Assert
            Assert.Throws <ArgumentNullException>(() => key.GenerateNewKeyset(ref publicKey, ref privateKey));
        }
Beispiel #8
0
        public void A_RsaPrivateKey_can_be_created_and_configured_in_code()
        {
            var privateKey = new RsaPrivateKey(ConfigUtils.GetAppSetting("ServerPrivateKey"));
            var factory    = new FactoryProvider(this.factoryConfig);

            factory.Register(privateKey);
            var resolvedPrivateKey = factory.Resolve <RsaPrivateKey>();

            Assert.That(resolvedPrivateKey, Is.Not.Null);
        }
Beispiel #9
0
        public void ExportToXmlFile_Should_ThrowException_IfPrivateKeyFileExist()
        {
            // Arrange
            var file = $"{_assemblyPath}{Guid.NewGuid()}.xml";
            var key  = RsaPrivateKey.LoadFromXmlFile($"{_assemblyPath}privateKey.xml");

            key.ExportToXmlFile(file);

            // Act & Assert
            Assert.Throws <IOException>(() => key.ExportToXmlFile(file));
        }
Beispiel #10
0
        public void LoadFromCertificateFile_Should_LoadCertificate_When_FileIsPasswordProtected()
        {
            // Arrange
            var cert = $"{_assemblyPath}RsaEncrypt.pfx";

            // Act
            var privateKey = RsaPrivateKey.LoadFromCertificateFile(cert, "password");

            // Assert
            Assert.NotNull(privateKey);
        }
Beispiel #11
0
        public void ToPublicKey_Should_ReturnThePublicKeyPortionOfAPrivateKey()
        {
            // Arrange
            var key = RsaPrivateKey.LoadFromXmlFile($"{_assemblyPath}privateKey.xml");

            // Act
            var publicKey = key.ToPublicKey();

            // Assert
            Assert.Equal("AQAB", publicKey.Exponent);
        }
Beispiel #12
0
        public void Constructor_Should_ThrowException_When_RSAPrivateKeyIsNotProvided()
        {
            // Arrange
            RsaPrivateKey key = null;

            // Act & Assert
            Assert.Throws <ArgumentNullException>(
                () =>
            {
                var e1 = new ASymmetricEncryption(key);
            });
        }
Beispiel #13
0
        public void ExportToXmlFile_Should_SaveThePrivateKey()
        {
            // Arrange
            var file = $"{_assemblyPath}{Guid.NewGuid()}.xml";
            var key  = RsaPrivateKey.LoadFromXmlFile($"{_assemblyPath}privateKey.xml");

            // Act
            key.ExportToXmlFile(file);

            // Assert
            Assert.True(File.Exists(file));
        }
Beispiel #14
0
        public void LoadFromXmlFile_Should_LoadThePrivateKeyFromFile()
        {
            // Arrange
            const string expected = "71bwZomEwGq5FFx+43FIFngA6uZEZqPTMcTfc250F8WH"
                                    + "7AFE94ucRpQR6JOKt6POZj/2NtY499YIKlJIjWM4Qw==";
            var file = $"{_assemblyPath}privateKey.xml";

            // Act
            var key = RsaPrivateKey.LoadFromXmlFile(file);

            // Assert
            Assert.Equal(expected, key.PrimeP);
        }
Beispiel #15
0
        public void Encrypt_Should_ThrowException_When_EncryptingToMuchData()
        {
            // Arrange
            var publicKey  = new RsaPublicKey();
            var privateKey = new RsaPrivateKey();
            var e1         = new RsaEncryption();

            // Act
            e1.GenerateNewKeyset(ref publicKey, ref privateKey);

            // Assert
            Assert.Throws <CryptographicException>(() => e1.Encrypt(new EncryptionData(_targetString), publicKey));
        }
Beispiel #16
0
        public void Encrypt_Should_ThrowException_When_DataIsNull()
        {
            // Arrange
            var publicKey  = new RsaPublicKey();
            var privateKey = new RsaPrivateKey();
            var e1         = new RsaEncryption();

            e1.GenerateNewKeyset(ref publicKey, ref privateKey);
            EncryptionData data = null;

            // Act & Assert
            Assert.Throws <ArgumentNullException>(() => e1.Encrypt(data, publicKey));
        }
Beispiel #17
0
        public void AgentCreateDeviceSetRsaKey()
        {
            // generate RSA key pair
            RsaKeyGenerator generator  = new RsaKeyGenerator();
            RsaPrivateKey   privateKey = generator.GeneratePrivateKey(2048);
            RsaPublicKey    publicKey  = generator.GeneratePublicKey(privateKey);

            // set RSA keys into a CreateDeviceRequest object
            CreateDeviceRequest request = new CreateDeviceRequest();

            request.ClientRsaPrivateKey = privateKey;
            request.ClientRsaPublicKey  = publicKey;
        }
Beispiel #18
0
        public async Task <IActionResult> Index()
        {
            const string rootUri = "/";

            // If it is a GoodID login:
            if (HttpContext.Request.Query.ContainsKey("code") || HttpContext.Request.Query.ContainsKey("error"))
            {
                try
                {
                    var serviceLocator = new ServiceLocator(
                        new MvcSessionDataHandler(HttpContext.Session),
                        new MvcLogger(mLogger))
                    {
                        ServerConfig = new CustomGoodIdServerConfig(goodIdConfig)
                    };

                    var response = await new GoodIdResponseCollector(
                        serviceLocator,
                        new MvcIncomingRequest(Request),
                        goodIdConfig.Value.ClientId,
                        goodIdConfig.Value.ClientSecret,
                        RsaPrivateKey.FromPem(goodIdConfig.Value.SigPrivKeyPem),
                        new RsaPrivateKey[] { RsaPrivateKey.FromPem(goodIdConfig.Value.EncPrivKeyPem) }
                        ).CollectAsync();

                    if (response is GoodIdResponseError errorResponse)
                    {
                        ViewData["Error"] = errorResponse.Error + ": " + errorResponse.ErrorDescription;
                    }
                    else if (response is GoodIdResponseSuccess successResponse)
                    {
                        mLogger.LogDebug("There was a success response");
                        ViewData["Response"] = successResponse.DataJObject.ToString();
                    }
                }
                catch (GoodIdException e)
                {
                    ViewData["Error"] = e.ToString();
                    // Please don't display the actual error string in production.
                }
            }

            ViewData["RootUri"]        = rootUri;
            ViewData["ClientId"]       = goodIdConfig.Value.ClientId;
            ViewData["SelectedClaims"] = sSelectedclaims;
            ViewData["SelectedAcr"]    = sSelectedAcr;
            ViewData["Claims"]         = "";

            return(View());
        }
Beispiel #19
0
        public IActionResult DecryptWantedSystemMessageAsync([FromBody] DecryptWantedSystemMessageRequest request)
        {
            Guard.NotNull(request, nameof(request));

            // checks the request is valid
            if (!this.ModelState.IsValid)
            {
                return(ModelStateErrors.BuildErrorResponse(this.ModelState));
            }

            try
            {
                Script        scriptPubKey  = this.network.CreateTransaction(request.TransactionHex).Outputs[request.MessageOutputIndex].ScriptPubKey;
                RsaPrivateKey rsaPrivateKey = null;
                if (!String.IsNullOrEmpty(request.RsaPrivateKeyHex))
                {
                    try
                    {
                        rsaPrivateKey = RsaPrivateKey.FromHex(request.RsaPrivateKeyHex);
                    }
                    catch
                    {
                        throw new Exception("The RSA private key you provided was not in the correct form.");
                    }
                }

                NBitcoin.Messaging.WantedSystemMessage sm = WantedSystemMessageTemplate.Instance.GetWantedSystemMessage(scriptPubKey, rsaPrivateKey);

                var model = new DecryptedWantedSystemMessageModel
                {
                    Version      = sm.Version,
                    Compression  = sm.Compression.ToString(),
                    ChecksumType = sm.ChecksumType.ToString(),
                    Encryption   = sm.Encryption.ToString(),
                    Metadata     = sm.Metadata.ToString(),
                    Text         = sm.Text
                };

                return(this.Json(model));
            }
            catch (Exception e)
            {
                this.logger.LogError("Exception occurred: {0}", e.ToString());
                return(ErrorHelpers.BuildErrorResponse(HttpStatusCode.BadRequest, e.Message, e.ToString()));
            }
        }
Beispiel #20
0
 public GoodIdResponseCollector(
     ServiceLocator serviceLocator,
     IncomingRequest incomingRequest,
     string clientId,
     string clientSecret,
     RsaPrivateKey signingKey,
     RsaPrivateKey[] encryptionKeys,
     bool matchingResponseValidation = true)
 {
     mServiceLocator             = serviceLocator;
     mIncomingRequest            = incomingRequest;
     mClientId                   = clientId;
     mClientSecret               = clientSecret;
     mSigningKey                 = signingKey;
     mEncryptionKeys             = encryptionKeys;
     mMatchingResponseValidation = matchingResponseValidation;
 }
Beispiel #21
0
        public void Decrypt_Should_ThrowException_When_ProvidedWrongPrivateKey()
        {
            // Arrange
            var wrongKey = RsaPrivateKey.LoadFromCertificateFile(
                $"{_assemblyPath}ASymmetricEncryptionWrong.pfx",
                "password");

            var e1 = new ASymmetricEncryption(_publicKey);
            var e2 = new ASymmetricEncryption(wrongKey);

            var encrypted = e1.Encrypt(_targetData);

            // Act & Assert
            Assert.Throws <CryptographicException>(() =>
            {
                var decrypted = e2.Decrypt(encrypted);
            });
        }
Beispiel #22
0
        public void Decrypt_Should_ReturnExpectedResult_When_UsingExplicitKeySizeAndGeneratedKeys()
        {
            // Arrange
            var publicKey  = new RsaPublicKey();
            var privateKey = new RsaPrivateKey();

            var e1 = new RsaEncryption(4096);
            var e2 = new RsaEncryption(4096);

            e1.GenerateNewKeyset(ref publicKey, ref privateKey);

            // Act
            var encryptedData = e1.Encrypt(new EncryptionData(Secret), publicKey);
            var decryptedData = e2.Decrypt(encryptedData, privateKey);

            // Assert
            Assert.Equal(decryptedData.Text, Secret);
        }
Beispiel #23
0
        public void Decrypt_Should_ReturnExpectedResult_When_KeyIsStoredInCertificate()
        {
            // Arrange
            var cert = $"{_assemblyPath}RsaEncrypt";

            var publicKey  = RsaPublicKey.LoadFromCertificateFile(cert + ".cer");
            var privateKey = RsaPrivateKey.LoadFromCertificateFile(cert + ".pfx", "password");

            var e1 = new RsaEncryption();
            var e2 = new RsaEncryption();

            // Act
            var encryptedData = e1.Encrypt(new EncryptionData(Secret), publicKey);
            var decryptedData = e2.Decrypt(encryptedData, privateKey);

            // Assert
            Assert.Equal(decryptedData.Text, Secret);
        }
Beispiel #24
0
        public void Verify_Should_ReturnTrue_When_ValidatingUnChangedSignedData()
        {
            // Arrange
            var secretData = new EncryptionData(Secret);

            var publicKey  = new RsaPublicKey();
            var privateKey = new RsaPrivateKey();
            var e1         = new RsaEncryption();

            e1.GenerateNewKeyset(ref publicKey, ref privateKey);

            // Act
            var signature = e1.Sign(secretData, privateKey);
            var actual    = e1.Verify(secretData, signature, publicKey);

            // Assert
            Assert.True(actual);
        }
Beispiel #25
0
        public void Decrypt_Should_ReturnExpectedResult_When_KeyIsStoredInXml()
        {
            // Arrange
            const string publicKeyXml = "<RSAKeyValue>" +
                                        "<Modulus>0D59Km2Eo9oopcm7Y2wOXx0TRRXQFybl9HHe/ve47Qcf2EoKbs9nkuMmhCJlJ" +
                                        "zrq6ZJzgQSEbpVyaWn8OHq0I50rQ13dJsALEquhlfwVWw6Hit7qRvveKlOAGfj8xdkaXJ" +
                                        "LYS1tA06tKHfYxgt6ysMBZd0DIedYoE1fe3VlLZyE=</Modulus>" +
                                        "<Exponent>AQAB</Exponent>" +
                                        "</RSAKeyValue>";

            const string privateKeyXml = "<RSAKeyValue>" +
                                         "<Modulus>0D59Km2Eo9oopcm7Y2wOXx0TRRXQFybl9HHe/ve47Qcf2EoKbs9nkuMmhCJlJ" +
                                         "zrq6ZJzgQSEbpVyaWn8OHq0I50rQ13dJsALEquhlfwVWw6Hit7qRvveKlOAGfj8xdkaXJ" +
                                         "LYS1tA06tKHfYxgt6ysMBZd0DIedYoE1fe3VlLZyE=</Modulus>" +
                                         "<Exponent>AQAB</Exponent>" +
                                         "<P>/1cvDks8qlF1IXKNwcXW8tjTlhjidjGtbT9k7FCYug+P6ZBDfqhUqfvjgLFF" +
                                         "/+dAkoofNqliv89b8DRy4gS4qQ==</P>" +
                                         "<Q>0Mgq7lyvmVPR1r197wnba1bWbJt8W2Ki8ilUN6lX6Lkk04ds9y3A0txy0ESya7dyg" +
                                         "9NLscfU3NQMH8RRVnJtuQ==</Q>" +
                                         "<DP>+uwfRumyxSDlfSgInFqh/+YKD5+GtGXfKtO4hu4xF+8BGqJ1YXtkL" +
                                         "+Njz2zmADOt5hOr1tigPSQ2EhhIqUnAeQ==</DP>" +
                                         "<DQ>M5Ofd28SOjCIwCHjwG+Q8v1qzz3CBNljI6uuEGoXO3ix" +
                                         "bkggVRfKcMzg2C6AXTfeZE6Ifoy9OyhvLlHTPiXakQ==</DQ>" +
                                         "<InverseQ>yQIJMLdL6kU4VK7M5b5PqWS8XzkgxfnaowRs9mhSEDdwwWPtUXO8aQ9G3" +
                                         "zuiDUqNq9j5jkdt77+c2stBdV97ew==</InverseQ>" +
                                         "<D>HOpQXu/OFyJXuo2EY43BgRt8bX9V4aEZFRQqrqSfHOp8VYASasiJzS+VTYupGAVqUP" +
                                         "xw5V1HNkOyG0kIKJ+BG6BpIwLIbVKQn/ROs7E3/vBdg2+QXKhikMz/4gY" +
                                         "x2oEsXW2kzN1GMRop2lrrJZJNGE/eG6i4lQ1/inj1Tk/sqQE=</D>" +
                                         "</RSAKeyValue>";

            var publicKey  = new RsaPublicKey(publicKeyXml);
            var privateKey = new RsaPrivateKey(privateKeyXml);

            var e1 = new RsaEncryption();
            var e2 = new RsaEncryption();

            // Act
            var encryptedData = e1.Encrypt(new EncryptionData(Secret), publicKey);
            var decryptedData = e2.Decrypt(encryptedData, privateKey);

            // Assert
            Assert.Equal(decryptedData.Text, Secret);
        }
Beispiel #26
0
        public void Decrypt_Should_ReturnExpectedResult_When_KeyIsStoredInConfig()
        {
            // Arrange
            AddKeysToEnvironment();

            var publicKey  = RsaPublicKey.LoadFromEnvironment();
            var privateKey = RsaPrivateKey.LoadFromEnvironment();

            var e1 = new RsaEncryption();
            var e2 = new RsaEncryption();

            // Act
            var encryptedData = e1.Encrypt(new EncryptionData(Secret), publicKey);
            var decryptedData = e2.Decrypt(encryptedData, privateKey);

            // Assert
            Assert.Equal(decryptedData.Text, Secret);

            RemoveKeysToEnvironment();
        }
Beispiel #27
0
        public void Sign_Should_CorrectlyCreateProperSignature()
        {
            // Arrange
            var secretData = new EncryptionData(Secret);

            var xml        = File.ReadAllText($"{_assemblyPath}privateKey.xml");
            var privateKey = RsaPrivateKey.LoadFromXml(xml);

            const string expected = "kZmV1cUO91lpOQkgz5HLbWsfeXabJOPfcWjH72EytH95AAJEVq+nonJm9A"
                                    + "UjHy53VAIagJFJYiORcgsHC1klkppM71hRD1xUs70ggPiMIcTv/CDij3"
                                    + "6FYxGd7n9GAh5LikojbWJxJHc3A5LqnAwSBBfOfY2K4gY5lZ3rSmhNHDM=";

            var e1 = new RsaEncryption();

            // Act

            var signature = e1.Sign(secretData, privateKey);

            // Assert
            Assert.Equal(signature.Base64, expected);
        }
Beispiel #28
0
        private static byte[] RSADecryptByteArray(byte[] ciphertext, RsaPrivateKey privateKey)
        {
            byte[] result = null;
            using (var rsa = RSA.Create())
            {
                RSAParameters rsaParameters = new RSAParameters();
                rsaParameters.D        = privateKey.Exponent;
                rsaParameters.DP       = privateKey.DP;
                rsaParameters.DQ       = privateKey.DQ;
                rsaParameters.Exponent = privateKey.PublicExponent;
                rsaParameters.InverseQ = privateKey.QInv;
                rsaParameters.Modulus  = privateKey.Modulus;
                rsaParameters.P        = privateKey.P;
                rsaParameters.Q        = privateKey.Q;
                rsa.ImportParameters(rsaParameters);

                result = rsa.Decrypt(ciphertext, RSAEncryptionPadding.Pkcs1);
            }

            return(result);
        }
Beispiel #29
0
        async Task <JObject> GetRequestJObjectAsync(string requestSource, RsaPrivateKey signingKey)
        {
            try
            {
                return(JObject.Parse(requestSource));
            }
            catch (JsonReaderException)
            {
                // It wasn't object, no problem
            }

            try
            {
                var requestUri = (string)JToken.Parse(requestSource);
                if (requestUri != OpenIdRequestSource.CONTENT_IS_ENCRYPTED)
                {
                    var downloadedRequestSource = await new OpenIdRequestUri(requestUri).ToJsonAsync(signingKey);

                    var jToken = JToken.Parse(downloadedRequestSource);

                    if (jToken.Type == JTokenType.Object)
                    {
                        return((JObject)jToken);
                    }

                    if (jToken.Type != JTokenType.String || (string)jToken != OpenIdRequestSource.CONTENT_IS_ENCRYPTED)
                    {
                        throw new Exception();
                    }
                }
            }
            catch (Exception)
            {
                throw new GoodIdException($"invalid {nameof(requestSource)}");
            }

            return(null);
        }
Beispiel #30
0
        public static GoodIdEndpoint CreateGoodIDEndpoint(
            ServiceLocator serviceLocator,
            IncomingRequest incomingRequest,
            string clientId,
            RsaPrivateKey signingKey,
            RsaPrivateKey encryptionKey,
            OpenIdRequestSource openIdRequestSource,
            string redirectUri,
            Acr acr    = Acr.LEVEL_DEFAULT,
            int?maxAge = null
            )
        {
            try
            {
                var goodIdServerConfig = serviceLocator.ServerConfig;

                var sessionDataHandler = serviceLocator.SessionDataHandler;
                var stateNonceHandler  = serviceLocator.StateNonceHandler;


                return(new GoodIdRequestBuilderEndpoint(
                           incomingRequest,
                           clientId,
                           signingKey,
                           encryptionKey,
                           openIdRequestSource,
                           redirectUri,
                           acr,
                           maxAge,
                           serviceLocator
                           ));
            }catch (GoodIdException) {
                throw;
            }
            catch (Exception e) {
                throw new GoodIdException("Unknown error: " + e.Message);
            }
        }
Beispiel #31
0
        public static byte[] RsaDecrypt(byte[] encryptedData, RsaPrivateKey key)
        {
            Argument.ValidateIsNotNull(encryptedData, "encryptedData");
            Argument.ValidateIsNotNull(key, "key");

            // RSA works with integers, not bytes, so transform the bytes into an integer.

            var encryptedInteger = BytesToBigInteger(encryptedData);

            // It's as simple as that: s = (c**d) mod n
            var decryptedInteger = BigInteger.ModPow(encryptedInteger, key.D, key.N);

            return BigIntegerToBytes(decryptedInteger);
        }
Beispiel #32
0
            /// <summary>
            /// Import the PKCS key.
            /// </summary>
            /// <param name="purpose">The purpose.</param>
            /// <param name="input">The input.</param>
            /// <param name="passwordPrompt">The pass phrase prompt.</param>
            /// <returns></returns>
            /// <exception cref="InvalidKeySetException">DSA key cannot be used for encryption and decryption!</exception>
            /// <exception cref="InvalidKeySetException">Unsupported key type!</exception>
            public virtual ImportedKeySet PkcsKey(KeyPurpose purpose, Stream input, Func<string> passwordPrompt = null)
            {
                using (var password = CachedPrompt.Password(passwordPrompt))
                {
                    AsymmetricKeyParameter bouncyKey;
                    var resetStream = Utility.ResetStreamWhenFinished(input);
                    using (var streamReader = new NondestructiveStreamReader(input))
                    {
                        bouncyKey =
                            new PemReader(streamReader, new PasswordFinder(password.Prompt)).ReadObject() as
                            AsymmetricKeyParameter;
                    }

                    if (bouncyKey == null)
                    {
                        resetStream.Reset();
                        bouncyKey = passwordPrompt == null
                                        ? PrivateKeyFactory.CreateKey(input)
                                        : PrivateKeyFactory.DecryptKey(
                                            (password.Prompt() ?? String.Empty).ToCharArray(), input);
                    }

                    Key key;

                    if (bouncyKey is RsaPrivateCrtKeyParameters)
                    {
                        var keyParam = bouncyKey as RsaPrivateCrtKeyParameters;
                        key = new RsaPrivateKey()
                                  {
                                      PublicKey = new RsaPublicKey()
                                                      {
                                                          Modulus = keyParam.Modulus.ToSystemBigInteger(),
                                                          PublicExponent = keyParam.PublicExponent.ToSystemBigInteger(),
                                                          Size = keyParam.Modulus.BitLength,
                                                      },
                                      PrimeP = keyParam.P.ToSystemBigInteger(),
                                      PrimeExponentP = keyParam.DP.ToSystemBigInteger(),
                                      PrimeExponentQ = keyParam.DQ.ToSystemBigInteger(),
                                      PrimeQ = keyParam.Q.ToSystemBigInteger(),
                                      CrtCoefficient = keyParam.QInv.ToSystemBigInteger(),
                                      PrivateExponent = keyParam.Exponent.ToSystemBigInteger(),
                                      Size = keyParam.Modulus.BitLength,
                                  };
                    }
                    else if (bouncyKey is DsaPrivateKeyParameters)
                    {
                        var keyParam = bouncyKey as DsaPrivateKeyParameters;
                        if (KeyPurpose.DecryptAndEncrypt == purpose)
                        {
                            throw new InvalidKeySetException("DSA key cannot be used for encryption and decryption!");
                        }

                        key = new DsaPrivateKey()
                                  {
                                      X = keyParam.X.ToSystemBigInteger(),
                                      PublicKey = new DsaPublicKey
                                                      {
                                                          Y =
                                                              keyParam.Parameters.G.ModPow(keyParam.X,
                                                                                           keyParam.Parameters.P)
                                                                      .ToSystemBigInteger(),
                                                          G = keyParam.Parameters.G.ToSystemBigInteger(),
                                                          P = keyParam.Parameters.P.ToSystemBigInteger(),
                                                          Q = keyParam.Parameters.Q.ToSystemBigInteger(),
                                                          Size = keyParam.Parameters.P.BitLength
                                                      },
                                      Size = keyParam.Parameters.P.BitLength
                                  };
                    }
                    else
                    {
                        throw new InvalidKeySetException("Unsupported key type!");
                    }

                    return new ImportedKeySet(key, purpose, "imported from pkcs file");
                }
            }