Beispiel #1
0
 public static AsymmetricKeyParameter CreateKey(
     Stream inStr)
 {
     return(CreateKey(
                SubjectPublicKeyInfo.GetInstance(
                    new Asn1InputStream(inStr).ReadObject())));
 }
 public static AsymmetricKeyParameter CreateKey(
     Stream inStr)
 {
     return(CreateKey(
                SubjectPublicKeyInfo.GetInstance(
                    Asn1Object.FromStream(inStr))));
 }
 public static AsymmetricKeyParameter CreateKey(
     byte[] keyInfoData)
 {
     return(CreateKey(
                SubjectPublicKeyInfo.GetInstance(
                    Asn1Object.FromByteArray(keyInfoData))));
 }
Beispiel #4
0
        private CertificationRequestInfo(
            Asn1Sequence seq)
        {
            version = (DerInteger)seq[0];

            subject       = X509Name.GetInstance(seq[1]);
            subjectPKInfo = SubjectPublicKeyInfo.GetInstance(seq[2]);

            //
            // some CertificationRequestInfo objects seem to treat this field
            // as optional.
            //
            if (seq.Count > 3)
            {
                DerTaggedObject tagobj = (DerTaggedObject)seq[3];
                attributes = Asn1Set.GetInstance(tagobj, false);
            }

            ValidateAttributes(attributes);

            if (subject == null || version == null || subjectPKInfo == null)
            {
                throw new ArgumentException(
                          "Not all mandatory fields set in CertificationRequestInfo generator.");
            }
        }
Beispiel #5
0
        /// <summary>
        /// Constructs a new EF_DG15 file.
        /// </summary>
        /// <param name="data">bytes of the EF_DG15 file</param>
        public DG15File(byte[] data)
        {
            dgNumber = 15;
            raw      = new byte[data.Length];
            Array.Copy(data, RawBytes, data.Length);
            MemoryStream      dg15MemStream = new MemoryStream(data);
            BERTLVInputStream dg15Stream    = new BERTLVInputStream(dg15MemStream);
            int tag = dg15Stream.readTag();

            if (tag != IDGFile.EF_DG15_TAG)
            {
                throw new ArgumentException("Expected EF_DG15_TAG");
            }
            int dg15Length = dg15Stream.readLength();

            byte[] value = dg15Stream.readValue();


            Asn1InputStream aIn = new Asn1InputStream(value);

            /*Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
             * string alg =  ((DerSequence) seq[0])[0].ToString();
             * byte[] publicKey = ((DerBitString)seq[1]).GetBytes();*/

            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.GetInstance(aIn.ReadObject());

            PublicKey = RsaPublicKeyStructure.GetInstance(info.GetPublicKey());
        }
Beispiel #6
0
        internal TbsCertificateStructure(
            Asn1Sequence seq)
        {
            int seqStart = 0;

            this.seq = seq;

            //
            // some certficates don't include a version number - we assume v1
            //
            if (seq[0] is DerTaggedObject)
            {
                version = DerInteger.GetInstance((Asn1TaggedObject)seq[0], true);
            }
            else
            {
                seqStart = -1;                          // field 0 is missing!
                version  = new DerInteger(0);
            }

            serialNumber = DerInteger.GetInstance(seq[seqStart + 1]);

            signature = AlgorithmIdentifier.GetInstance(seq[seqStart + 2]);
            issuer    = X509Name.GetInstance(seq[seqStart + 3]);

            //
            // before and after dates
            //
            Asn1Sequence dates = (Asn1Sequence)seq[seqStart + 4];

            startDate = Time.GetInstance(dates[0]);
            endDate   = Time.GetInstance(dates[1]);

            subject = X509Name.GetInstance(seq[seqStart + 5]);

            //
            // public key info.
            //
            subjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(seq[seqStart + 6]);

            for (int extras = seq.Count - (seqStart + 6) - 1; extras > 0; extras--)
            {
                DerTaggedObject extra = (DerTaggedObject)seq[seqStart + 6 + extras];

                switch (extra.TagNo)
                {
                case 1:
                    issuerUniqueID = DerBitString.GetInstance(extra, false);
                    break;

                case 2:
                    subjectUniqueID = DerBitString.GetInstance(extra, false);
                    break;

                case 3:
                    extensions = X509Extensions.GetInstance(extra);
                    break;
                }
            }
        }
Beispiel #7
0
 public PublicKeyAndChallenge(
     Asn1Sequence seq)
 {
     pkacSeq   = seq;
     spki      = SubjectPublicKeyInfo.GetInstance(seq[0]);
     challenge = DerIA5String.GetInstance(seq[1]);
 }
Beispiel #8
0
        private static SubjectPublicKeyInfo decodeSubjectPublicKeyInfo(byte[] encodedSubjectPublicKeyInfo)
        {
            Asn1StreamParser  asn1StreamParser              = new Asn1StreamParser(encodedSubjectPublicKeyInfo);
            DerSequenceParser asn1SequenceParser            = (DerSequenceParser)asn1StreamParser.ReadObject();
            Asn1Object        subjectPublicKeyInfoAsnObject = (Asn1Object)asn1SequenceParser.ToAsn1Object();

            return(SubjectPublicKeyInfo.GetInstance(subjectPublicKeyInfoAsnObject));
        }
        private static SubjectPublicKeyInfo ToPublicKey(string publicKey)
        {
            SubjectPublicKeyInfo subjectPki = SubjectPublicKeyInfo.GetInstance(Convert.FromBase64String(publicKey));

            return(subjectPki);
            // var keyPair = CreateEcKeyPair();
            // return SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public);
        }
Beispiel #10
0
        /// <summary>
        /// Parses and checks contents of the DICE extension
        /// </summary>
        /// <param name="c">Certificate to validate</param>
        /// <returns>Extension is well formed</returns>
        bool CheckDICEExtension(X509Certificate c)
        {
            var criticalOids = c.GetCriticalExtensionOids();

            if (criticalOids.Contains(DICEExtensionOid))
            {
                Error("DICE extension is marked critical and should be non-critical");
                return(false);
            }

            var nonCriticalOids = c.GetNonCriticalExtensionOids();

            if (!nonCriticalOids.Contains(DICEExtensionOid))
            {
                Error("DICE extension not found");
                return(false);
            }
            var diceExtension = c.GetExtensionValue(new DerObjectIdentifier(DICEExtensionOid));

            try
            {
                DerOctetString envelope = (DerOctetString)DerOctetString.FromByteArray(diceExtension.GetEncoded());
                DerSequence    seq      = (DerSequence)DerSequence.FromByteArray(envelope.GetOctets());
                // first field is version number
                var versionNumber = (DerInteger)seq[0];
                if (versionNumber.PositiveValue.IntValue != 1)
                {
                    Error($"DICE Extension has Wrong version number.  Expecing {DICEExtensionVersionNumber}, cert contains {versionNumber.ToString()}");
                    return(false);
                }
                // second field is DeviceID
                var devIdPubKey = SubjectPublicKeyInfo.GetInstance(seq[1]);
                // will check it's good later
                PubKeyInfoFromDICEExtension = devIdPubKey;

                // third field contains {hashOid, hashVal}
                var hashEnvelope = (DerSequence)seq[2];
                var hashAlg      = (DerObjectIdentifier)hashEnvelope[0];
                if (hashAlg.Id != NistObjectIdentifiers.IdSha256.ToString())
                {
                    Error("DICE Extension hash alg is wrong.  ");
                    return(false);
                }
                var hashVal = (DerOctetString)hashEnvelope[1];
                if (hashVal.GetOctets().Length != 32)
                {
                    Error("DICE Extension hash value length is wrong.  ");
                    return(false);
                }
            }
            catch (Exception e)
            {
                Error($"Failed to parse the DICE extension.  Parsing exception was {e.ToString()}");
                return(false);
            }

            return(true);
        }
Beispiel #11
0
        private static AsymmetricKeyParameter decodePublicKeyParameter(byte[] encodedSubjectPublicKeyInfo)
        {
            Asn1StreamParser     asn1StreamParser              = new Asn1StreamParser(encodedSubjectPublicKeyInfo);
            DerSequenceParser    asn1SequenceParser            = (DerSequenceParser)asn1StreamParser.ReadObject();
            Asn1Object           subjectPublicKeyInfoAsnObject = (Asn1Object)asn1SequenceParser.ToAsn1Object();
            SubjectPublicKeyInfo subjectPublicKeyInfo          = SubjectPublicKeyInfo.GetInstance(subjectPublicKeyInfoAsnObject);

            return(PublicKeyFactory.CreateKey(subjectPublicKeyInfo));
        }
Beispiel #12
0
        public static RsaKeyParameters GetPublicKey(string publicKey)
        {
            var inputStream = new Asn1InputStream(publicKey.FromHexString());
            var obj         = inputStream.ReadObject();
            var seq         = (Asn1Sequence)obj;
            var pkInfo      = SubjectPublicKeyInfo.GetInstance(seq);
            var pubk        = RsaPublicKeyStructure.GetInstance(pkInfo.GetPublicKey());

            return(new RsaKeyParameters(false, pubk.Modulus, pubk.PublicExponent));
        }
        private RsaKeyParameters GetPublicKeyParameters(string publicKey)
        {
            using var reader = new StringReader(publicKey);
            var pemReader     = new PemReader(reader);
            var content       = pemReader.ReadPemObject().Content;
            var asn1PublicKey = SubjectPublicKeyInfo.GetInstance(content).ParsePublicKey();
            var key           = RsaPublicKeyStructure.GetInstance(asn1PublicKey);

            return(new RsaKeyParameters(false, key.Modulus, key.PublicExponent));
        }
Beispiel #14
0
        /// <summary>
        /// 获取公钥对象
        /// </summary>
        /// <param name="s"></param>
        /// <returns></returns>
        public static AsymmetricKeyParameter GetPublicKeyParameter(string s)
        {
            byte[] publicInfoByte = Convert.FromBase64String(s);

            Asn1Object             aobject = Asn1Object.FromByteArray(publicInfoByte);
            SubjectPublicKeyInfo   pubInfo = SubjectPublicKeyInfo.GetInstance(aobject);
            AsymmetricKeyParameter pubKey  = (RsaKeyParameters)PublicKeyFactory.CreateKey(pubInfo);

            return(pubKey);
        }
Beispiel #15
0
        /// <summary>
        /// 公钥加密 (需私钥解密)
        /// </summary>
        /// <param name="source">要加密的文本</param>
        /// <param name="publicKey">公钥</param>
        /// <returns></returns>
        public string EncryptByPublicKey(string source, string publicKey)
        {
            var                    publicInfoByte = Convert.FromBase64String(publicKey);
            Asn1Object             pubKeyObj      = Asn1Object.FromByteArray(publicInfoByte);//这里也可以从流中读取,从本地导入
            AsymmetricKeyParameter pubKey         = PublicKeyFactory.CreateKey(SubjectPublicKeyInfo.GetInstance(pubKeyObj));
            IAsymmetricBlockCipher cipher         = new RsaEngine();

            cipher.Init(true, pubKey);//true表示加密
            byte[] encryptData = Encoding.UTF8.GetBytes(source);
            encryptData = cipher.ProcessBlock(encryptData, 0, encryptData.Length);
            return(Convert.ToBase64String(encryptData));
        }
Beispiel #16
0
 /// <summary>
 /// Set the public key that this certificate identifies.
 /// </summary>
 /// <param name="publicKey">The public key to be carried by the generated certificate.</param>
 public void SetPublicKey(
     IAsymmetricPublicKey publicKey)
 {
     try
     {
         tbsGen.SetSubjectPublicKeyInfo(SubjectPublicKeyInfo.GetInstance(publicKey.GetEncoded()));
     }
     catch (Exception e)
     {
         throw new ArgumentException("unable to process key - " + e.ToString());
     }
 }
Beispiel #17
0
        private CertTemplate(Asn1Sequence seq)
        {
            this.seq = seq;

            foreach (Asn1TaggedObject tObj in seq)
            {
                switch (tObj.TagNo)
                {
                case 0:
                    version = DerInteger.GetInstance(tObj, false);
                    break;

                case 1:
                    serialNumber = DerInteger.GetInstance(tObj, false);
                    break;

                case 2:
                    signingAlg = AlgorithmIdentifier.GetInstance(tObj, false);
                    break;

                case 3:
                    issuer = X509Name.GetInstance(tObj, true); // CHOICE
                    break;

                case 4:
                    validity = OptionalValidity.GetInstance(Asn1Sequence.GetInstance(tObj, false));
                    break;

                case 5:
                    subject = X509Name.GetInstance(tObj, true); // CHOICE
                    break;

                case 6:
                    publicKey = SubjectPublicKeyInfo.GetInstance(tObj, false);
                    break;

                case 7:
                    issuerUID = DerBitString.GetInstance(tObj, false);
                    break;

                case 8:
                    subjectUID = DerBitString.GetInstance(tObj, false);
                    break;

                case 9:
                    extensions = X509Extensions.GetInstance(tObj, false);
                    break;

                default:
                    throw new ArgumentException("unknown tag: " + tObj.TagNo, "seq");
                }
            }
        }
Beispiel #18
0
        /// <summary>
        /// Parses the AddedTo data that is returned from TPM2_CertifyX509()
        /// </summary>
        /// <param name="data"></param>
        /// <returns></returns>
        public static AddedToCertificate FromDerEncoding(byte[] data)
        {
            var ret           = new AddedToCertificate();
            var sequence      = (DerSequence)DerSequence.FromByteArray(data);
            var taggedVersion = (DerTaggedObject)(sequence[0]);

            Debug.Assert(taggedVersion.TagNo == 0);
            ret.Version              = (DerInteger)taggedVersion.GetObject();
            ret.SerialNumber         = (DerInteger)sequence[1];
            ret.Signature            = AlgorithmIdentifier.GetInstance(sequence[2]);
            ret.SubjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(sequence[3]);
            return(ret);
        }
Beispiel #19
0
 private CertificationRequestInfo(Asn1Sequence seq)
 {
     this.version       = (DerInteger)seq[0];
     this.subject       = X509Name.GetInstance(seq[1]);
     this.subjectPKInfo = SubjectPublicKeyInfo.GetInstance(seq[2]);
     if (seq.Count > 3)
     {
         DerTaggedObject obj = (DerTaggedObject)seq[3];
         this.attributes = Asn1Set.GetInstance(obj, false);
     }
     if (this.subject == null || this.version == null || this.subjectPKInfo == null)
     {
         throw new ArgumentException("Not all mandatory fields set in CertificationRequestInfo generator.");
     }
 }
 /// <summary>
 /// 加载公钥
 /// </summary>
 /// <param name="publicKey"></param>
 /// <returns></returns>
 public static AsymmetricKeyParameter loadPublicKey(string publicKey)
 {
     try
     {
         publicKey = KeyClear(publicKey);
         byte[]                 pubkey    = Convert.FromBase64String(publicKey);
         Asn1Object             pubKeyObj = Asn1Object.FromByteArray(pubkey);//这里也可以从流中读取,从本地导入
         AsymmetricKeyParameter pubKey    = PublicKeyFactory.CreateKey(SubjectPublicKeyInfo.GetInstance(pubKeyObj));
         return(pubKey);
     }
     catch (Exception)
     {
         throw new Exception("密钥格式不正确");
     }
 }
Beispiel #21
0
        /// <summary>
        /// 公钥解密
        /// </summary>
        /// <param name="pContent">要解密的内容</param>
        /// <param name="pPublicKey">公钥</param>
        /// <returns></returns>
        public static string PublicKeyDecrypt(string pContent, string pPublicKey)
        {
            byte[] btPem = Convert.FromBase64String(pPublicKey);
            //加密、解密
            Asn1Object             pubKeyObj = Asn1Object.FromByteArray(btPem);//这里也可以从流中读取,从本地导入
            AsymmetricKeyParameter pubKey    = PublicKeyFactory.CreateKey(SubjectPublicKeyInfo.GetInstance(pubKeyObj));
            IAsymmetricBlockCipher eng       = new Pkcs1Encoding(new RsaEngine());

            eng.Init(false, pubKey);
            //解密已加密的数据
            byte[] encryptedData = Convert.FromBase64String(pContent);
            encryptedData = eng.ProcessBlock(encryptedData, 0, encryptedData.Length);
            string result = Encoding.UTF8.GetString(encryptedData, 0, encryptedData.Length);

            return(result);
        }
Beispiel #22
0
        //加密
        public static string RSAEncrypt(string data, string pubkey)
        {
            byte[] publicInfoByte = Convert.FromBase64String(pubkey);

            //加密
            Asn1Object             pubKeyObj = Asn1Object.FromByteArray(publicInfoByte);
            AsymmetricKeyParameter pubKey    = PublicKeyFactory.CreateKey(SubjectPublicKeyInfo.GetInstance(pubKeyObj));
            IAsymmetricBlockCipher cipher    = new RsaEngine();

            //true表示加密
            cipher.Init(true, pubKey);
            //加密
            byte[] encryptData = cipher.ProcessBlock(Encoding.UTF8.GetBytes(data), 0, Encoding.UTF8.GetBytes(data).Length);
            string retData     = Convert.ToBase64String(encryptData);

            return(retData);
        }
Beispiel #23
0
        public override void PerformTest()
        {
            SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.GetInstance(
                Asn1Object.FromByteArray(pubKeyInfo));
            SubjectKeyIdentifier ski = SubjectKeyIdentifier.CreateSha1KeyIdentifier(pubInfo);

            if (!Arrays.AreEqual(shaID, ski.GetKeyIdentifier()))
            {
                Fail("SHA-1 ID does not match");
            }

            ski = SubjectKeyIdentifier.CreateTruncatedSha1KeyIdentifier(pubInfo);

            if (!Arrays.AreEqual(shaTruncID, ski.GetKeyIdentifier()))
            {
                Fail("truncated SHA-1 ID does not match");
            }
        }
Beispiel #24
0
        private PopoSigningKeyInput(Asn1Sequence seq)
        {
            Asn1Encodable asn1Encodable = seq[0];

            if (asn1Encodable is Asn1TaggedObject)
            {
                Asn1TaggedObject asn1TaggedObject = (Asn1TaggedObject)asn1Encodable;
                if (asn1TaggedObject.TagNo != 0)
                {
                    throw new ArgumentException("Unknown authInfo tag: " + asn1TaggedObject.TagNo, "seq");
                }
                this.sender = GeneralName.GetInstance(asn1TaggedObject.GetObject());
            }
            else
            {
                this.publicKeyMac = PKMacValue.GetInstance(asn1Encodable);
            }
            this.publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]);
        }
        public void CreateCertificateShouldSucceed()
        {
            // some public key in base64 DER encoded, that will be used as public key of the new certificate,
            // it should be ECDSA with SHA256 for this example, since the signing Certificate is also ECDSA with SHA256 (OID 1.2.840.10045.4.3.2)
            const string publicKey = @"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEhpFTpKgGDqfxSwp9WlPJMa2o3XR5x1xKAgC4CR2AFbSzGFAjCIkUKtBCUrA5Te6ydhxVduA3JFE2hzqy/6V6qA==";

            // The certificate should exist in the certificate store
            // on LocalMachine in CA store with appropriate subject CN
            // as it is defined in with the given "issuerSubject".
            // This certificate should have an associated private key that may not be exportable.
            const string issuerSubject = "L2";

            var privateKey = new PksEcPrivateKey(
                issuerSubject,
                "CA",
                "LocalMachine");

            const string algorithm = "SHA256withECDSA";

            ISignatureFactory signatureFactory = new PksAsn1SignatureFactory(algorithm, privateKey);


            // signatureCalculatorFactory can be used for generating a new certificate with BouncyCastle
            var certificateGenerator = new X509V3CertificateGenerator();

            // ... set all other required fields of the X509V3CertificateGenerator
            certificateGenerator.SetSerialNumber(BigInteger.One);
            certificateGenerator.SetIssuerDN(ToX509Name(issuerSubject));
            certificateGenerator.SetSubjectDN(ToX509Name("My-new-cert", "My-org"));

            certificateGenerator.SetPublicKey(
                PublicKeyFactory.CreateKey(
                    SubjectPublicKeyInfo.GetInstance(Convert.FromBase64String(publicKey))));
            certificateGenerator.SetNotBefore(DateTime.Now.Subtract(TimeSpan.FromMinutes(10)));

            certificateGenerator.SetNotAfter(DateTime.Now.Add(TimeSpan.FromDays(14)));

            // finally run the generator for a new certificate:
            X509Certificate cert = certificateGenerator.Generate(signatureFactory);

            Assert.IsNotNull(cert);
        }
Beispiel #26
0
        private void BaseOaepTest(
            int id,
            byte[]      pubKeyEnc,
            byte[]      privKeyEnc,
            byte[]      output)
        {
            //
            // extract the public key info.
            //
            Asn1Object            pubKeyObj = Asn1Object.FromByteArray(pubKeyEnc);
            RsaPublicKeyStructure pubStruct = RsaPublicKeyStructure.GetInstance(
                SubjectPublicKeyInfo.GetInstance(pubKeyObj).GetPublicKey());

            //
            // extract the private key info.
            //
            Asn1Object             privKeyObj = Asn1Object.FromByteArray(privKeyEnc);
            RsaPrivateKeyStructure privStruct = RsaPrivateKeyStructure.GetInstance(
                PrivateKeyInfo.GetInstance(privKeyObj).ParsePrivateKey());

            RsaKeyParameters pubParameters = new RsaKeyParameters(
                false,
                pubStruct.Modulus,
                pubStruct.PublicExponent);

            RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters(
                privStruct.Modulus,
                privStruct.PublicExponent,
                privStruct.PrivateExponent,
                privStruct.Prime1,
                privStruct.Prime2,
                privStruct.Exponent1,
                privStruct.Exponent2,
                privStruct.Coefficient);

            byte[] input = new byte[] {
                (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34,
                (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a
            };

            EncDec("id(" + id + ")", pubParameters, privParameters, seed, input, output);
        }
Beispiel #27
0
        /// <summary>
        /// Reads a base64 and ASN.1 DER-encoded public key and returns its RSA key parameters
        /// </summary>
        /// <returns></returns>
        /// <exception cref="Exception">thrown when the public key is malformed</exception>
        private RsaKeyParameters GetRsaKeyParameters(string encodedPublicKey)
        {
            var rawPublicKeyBytes = Convert.FromBase64String(encodedPublicKey);
            var inputStream       = new Asn1InputStream(rawPublicKeyBytes);

            var sequence = Asn1Sequence.GetInstance(inputStream.ReadObject());

            var publicKeyInfo     = SubjectPublicKeyInfo.GetInstance(sequence);
            var publicKeySequence = Asn1Sequence.GetInstance(publicKeyInfo.GetPublicKey());

            if (publicKeySequence.Count != 2)
            {
                throw new Exception("expected public key to contain a modulus and an exponent");
            }

            var modulus  = new Org.BouncyCastle.Math.BigInteger(publicKeySequence[0].ToString());
            var exponent = new Org.BouncyCastle.Math.BigInteger(publicKeySequence[1].ToString());

            return(new RsaKeyParameters(false, modulus, exponent));
        }
Beispiel #28
0
        private PopoSigningKeyInput(Asn1Sequence seq)
        {
            //IL_003f: Unknown result type (might be due to invalid IL or missing references)
            Asn1Encodable asn1Encodable = seq[0];

            if (asn1Encodable is Asn1TaggedObject)
            {
                Asn1TaggedObject asn1TaggedObject = (Asn1TaggedObject)asn1Encodable;
                if (asn1TaggedObject.TagNo != 0)
                {
                    throw new ArgumentException(string.Concat((object)"Unknown authInfo tag: ", (object)asn1TaggedObject.TagNo), "seq");
                }
                sender = GeneralName.GetInstance(asn1TaggedObject.GetObject());
            }
            else
            {
                publicKeyMac = PKMacValue.GetInstance(asn1Encodable);
            }
            publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]);
        }
        private PopoSigningKeyInput(Asn1Sequence seq)
        {
            Asn1Encodable authInfo = (Asn1Encodable)seq[0];

            if (authInfo is Asn1TaggedObject)
            {
                Asn1TaggedObject tagObj = (Asn1TaggedObject)authInfo;
                if (tagObj.TagNo != 0)
                {
                    throw new ArgumentException("Unknown authInfo tag: " + tagObj.TagNo, "seq");
                }
                sender = GeneralName.GetInstance(tagObj.GetObject());
            }
            else
            {
                publicKeyMac = PKMacValue.GetInstance(authInfo);
            }

            publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]);
        }
        public static IAsymmetricPublicKey CreatePublicKey(byte[] encodedPublicKeyInfo)
        {
            SubjectPublicKeyInfo keyInfo = SubjectPublicKeyInfo.GetInstance(encodedPublicKeyInfo);
            AlgorithmIdentifier  algId   = keyInfo.AlgorithmID;

            if (algId.Algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
                algId.Algorithm.Equals(X509ObjectIdentifiers.IdEARsa))
            {
                return(new AsymmetricRsaPublicKey(FipsRsa.Alg, encodedPublicKeyInfo));
            }
            else if (algId.Algorithm.Equals(X9ObjectIdentifiers.IdDsa) ||
                     algId.Algorithm.Equals(OiwObjectIdentifiers.DsaWithSha1))
            {
                return(new AsymmetricDsaPublicKey(FipsDsa.Alg, encodedPublicKeyInfo));
            }
            else if (algId.Algorithm.Equals(X9ObjectIdentifiers.IdECPublicKey))
            {
                return(new AsymmetricECPublicKey(FipsEC.Alg, encodedPublicKeyInfo));
            }
            else if (algId.Algorithm.Equals(BCObjectIdentifiers.sphincs256))
            {
                return(new AsymmetricSphincsPublicKey(Sphincs.Alg, encodedPublicKeyInfo));
            }
            else if (algId.Algorithm.Equals(BCObjectIdentifiers.newHope))
            {
                return(new AsymmetricNHPublicKey(NewHope.Alg, encodedPublicKeyInfo));
            }
            else if (algId.Algorithm.Equals(X9ObjectIdentifiers.DHPublicNumber) ||
                     algId.Algorithm.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
            {
                return(new AsymmetricDHPublicKey(new GeneralAlgorithm("DH"), encodedPublicKeyInfo));
            }
            else if (algId.Algorithm.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
            {
                return(new AsymmetricDHPublicKey(ElGamal.Alg, encodedPublicKeyInfo));
            }
            else
            {
                throw new ArgumentException("algorithm identifier in key not recognised");
            }
        }