public static AsymmetricKeyParameter CreateKey( Stream inStr) { return(CreateKey( SubjectPublicKeyInfo.GetInstance( new Asn1InputStream(inStr).ReadObject()))); }
public static AsymmetricKeyParameter CreateKey( Stream inStr) { return(CreateKey( SubjectPublicKeyInfo.GetInstance( Asn1Object.FromStream(inStr)))); }
public static AsymmetricKeyParameter CreateKey( byte[] keyInfoData) { return(CreateKey( SubjectPublicKeyInfo.GetInstance( Asn1Object.FromByteArray(keyInfoData)))); }
private CertificationRequestInfo( Asn1Sequence seq) { version = (DerInteger)seq[0]; subject = X509Name.GetInstance(seq[1]); subjectPKInfo = SubjectPublicKeyInfo.GetInstance(seq[2]); // // some CertificationRequestInfo objects seem to treat this field // as optional. // if (seq.Count > 3) { DerTaggedObject tagobj = (DerTaggedObject)seq[3]; attributes = Asn1Set.GetInstance(tagobj, false); } ValidateAttributes(attributes); if (subject == null || version == null || subjectPKInfo == null) { throw new ArgumentException( "Not all mandatory fields set in CertificationRequestInfo generator."); } }
/// <summary> /// Constructs a new EF_DG15 file. /// </summary> /// <param name="data">bytes of the EF_DG15 file</param> public DG15File(byte[] data) { dgNumber = 15; raw = new byte[data.Length]; Array.Copy(data, RawBytes, data.Length); MemoryStream dg15MemStream = new MemoryStream(data); BERTLVInputStream dg15Stream = new BERTLVInputStream(dg15MemStream); int tag = dg15Stream.readTag(); if (tag != IDGFile.EF_DG15_TAG) { throw new ArgumentException("Expected EF_DG15_TAG"); } int dg15Length = dg15Stream.readLength(); byte[] value = dg15Stream.readValue(); Asn1InputStream aIn = new Asn1InputStream(value); /*Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); * string alg = ((DerSequence) seq[0])[0].ToString(); * byte[] publicKey = ((DerBitString)seq[1]).GetBytes();*/ SubjectPublicKeyInfo info = SubjectPublicKeyInfo.GetInstance(aIn.ReadObject()); PublicKey = RsaPublicKeyStructure.GetInstance(info.GetPublicKey()); }
internal TbsCertificateStructure( Asn1Sequence seq) { int seqStart = 0; this.seq = seq; // // some certficates don't include a version number - we assume v1 // if (seq[0] is DerTaggedObject) { version = DerInteger.GetInstance((Asn1TaggedObject)seq[0], true); } else { seqStart = -1; // field 0 is missing! version = new DerInteger(0); } serialNumber = DerInteger.GetInstance(seq[seqStart + 1]); signature = AlgorithmIdentifier.GetInstance(seq[seqStart + 2]); issuer = X509Name.GetInstance(seq[seqStart + 3]); // // before and after dates // Asn1Sequence dates = (Asn1Sequence)seq[seqStart + 4]; startDate = Time.GetInstance(dates[0]); endDate = Time.GetInstance(dates[1]); subject = X509Name.GetInstance(seq[seqStart + 5]); // // public key info. // subjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(seq[seqStart + 6]); for (int extras = seq.Count - (seqStart + 6) - 1; extras > 0; extras--) { DerTaggedObject extra = (DerTaggedObject)seq[seqStart + 6 + extras]; switch (extra.TagNo) { case 1: issuerUniqueID = DerBitString.GetInstance(extra, false); break; case 2: subjectUniqueID = DerBitString.GetInstance(extra, false); break; case 3: extensions = X509Extensions.GetInstance(extra); break; } } }
public PublicKeyAndChallenge( Asn1Sequence seq) { pkacSeq = seq; spki = SubjectPublicKeyInfo.GetInstance(seq[0]); challenge = DerIA5String.GetInstance(seq[1]); }
private static SubjectPublicKeyInfo decodeSubjectPublicKeyInfo(byte[] encodedSubjectPublicKeyInfo) { Asn1StreamParser asn1StreamParser = new Asn1StreamParser(encodedSubjectPublicKeyInfo); DerSequenceParser asn1SequenceParser = (DerSequenceParser)asn1StreamParser.ReadObject(); Asn1Object subjectPublicKeyInfoAsnObject = (Asn1Object)asn1SequenceParser.ToAsn1Object(); return(SubjectPublicKeyInfo.GetInstance(subjectPublicKeyInfoAsnObject)); }
private static SubjectPublicKeyInfo ToPublicKey(string publicKey) { SubjectPublicKeyInfo subjectPki = SubjectPublicKeyInfo.GetInstance(Convert.FromBase64String(publicKey)); return(subjectPki); // var keyPair = CreateEcKeyPair(); // return SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public); }
/// <summary> /// Parses and checks contents of the DICE extension /// </summary> /// <param name="c">Certificate to validate</param> /// <returns>Extension is well formed</returns> bool CheckDICEExtension(X509Certificate c) { var criticalOids = c.GetCriticalExtensionOids(); if (criticalOids.Contains(DICEExtensionOid)) { Error("DICE extension is marked critical and should be non-critical"); return(false); } var nonCriticalOids = c.GetNonCriticalExtensionOids(); if (!nonCriticalOids.Contains(DICEExtensionOid)) { Error("DICE extension not found"); return(false); } var diceExtension = c.GetExtensionValue(new DerObjectIdentifier(DICEExtensionOid)); try { DerOctetString envelope = (DerOctetString)DerOctetString.FromByteArray(diceExtension.GetEncoded()); DerSequence seq = (DerSequence)DerSequence.FromByteArray(envelope.GetOctets()); // first field is version number var versionNumber = (DerInteger)seq[0]; if (versionNumber.PositiveValue.IntValue != 1) { Error($"DICE Extension has Wrong version number. Expecing {DICEExtensionVersionNumber}, cert contains {versionNumber.ToString()}"); return(false); } // second field is DeviceID var devIdPubKey = SubjectPublicKeyInfo.GetInstance(seq[1]); // will check it's good later PubKeyInfoFromDICEExtension = devIdPubKey; // third field contains {hashOid, hashVal} var hashEnvelope = (DerSequence)seq[2]; var hashAlg = (DerObjectIdentifier)hashEnvelope[0]; if (hashAlg.Id != NistObjectIdentifiers.IdSha256.ToString()) { Error("DICE Extension hash alg is wrong. "); return(false); } var hashVal = (DerOctetString)hashEnvelope[1]; if (hashVal.GetOctets().Length != 32) { Error("DICE Extension hash value length is wrong. "); return(false); } } catch (Exception e) { Error($"Failed to parse the DICE extension. Parsing exception was {e.ToString()}"); return(false); } return(true); }
private static AsymmetricKeyParameter decodePublicKeyParameter(byte[] encodedSubjectPublicKeyInfo) { Asn1StreamParser asn1StreamParser = new Asn1StreamParser(encodedSubjectPublicKeyInfo); DerSequenceParser asn1SequenceParser = (DerSequenceParser)asn1StreamParser.ReadObject(); Asn1Object subjectPublicKeyInfoAsnObject = (Asn1Object)asn1SequenceParser.ToAsn1Object(); SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(subjectPublicKeyInfoAsnObject); return(PublicKeyFactory.CreateKey(subjectPublicKeyInfo)); }
public static RsaKeyParameters GetPublicKey(string publicKey) { var inputStream = new Asn1InputStream(publicKey.FromHexString()); var obj = inputStream.ReadObject(); var seq = (Asn1Sequence)obj; var pkInfo = SubjectPublicKeyInfo.GetInstance(seq); var pubk = RsaPublicKeyStructure.GetInstance(pkInfo.GetPublicKey()); return(new RsaKeyParameters(false, pubk.Modulus, pubk.PublicExponent)); }
private RsaKeyParameters GetPublicKeyParameters(string publicKey) { using var reader = new StringReader(publicKey); var pemReader = new PemReader(reader); var content = pemReader.ReadPemObject().Content; var asn1PublicKey = SubjectPublicKeyInfo.GetInstance(content).ParsePublicKey(); var key = RsaPublicKeyStructure.GetInstance(asn1PublicKey); return(new RsaKeyParameters(false, key.Modulus, key.PublicExponent)); }
/// <summary> /// 获取公钥对象 /// </summary> /// <param name="s"></param> /// <returns></returns> public static AsymmetricKeyParameter GetPublicKeyParameter(string s) { byte[] publicInfoByte = Convert.FromBase64String(s); Asn1Object aobject = Asn1Object.FromByteArray(publicInfoByte); SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.GetInstance(aobject); AsymmetricKeyParameter pubKey = (RsaKeyParameters)PublicKeyFactory.CreateKey(pubInfo); return(pubKey); }
/// <summary> /// 公钥加密 (需私钥解密) /// </summary> /// <param name="source">要加密的文本</param> /// <param name="publicKey">公钥</param> /// <returns></returns> public string EncryptByPublicKey(string source, string publicKey) { var publicInfoByte = Convert.FromBase64String(publicKey); Asn1Object pubKeyObj = Asn1Object.FromByteArray(publicInfoByte);//这里也可以从流中读取,从本地导入 AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(SubjectPublicKeyInfo.GetInstance(pubKeyObj)); IAsymmetricBlockCipher cipher = new RsaEngine(); cipher.Init(true, pubKey);//true表示加密 byte[] encryptData = Encoding.UTF8.GetBytes(source); encryptData = cipher.ProcessBlock(encryptData, 0, encryptData.Length); return(Convert.ToBase64String(encryptData)); }
/// <summary> /// Set the public key that this certificate identifies. /// </summary> /// <param name="publicKey">The public key to be carried by the generated certificate.</param> public void SetPublicKey( IAsymmetricPublicKey publicKey) { try { tbsGen.SetSubjectPublicKeyInfo(SubjectPublicKeyInfo.GetInstance(publicKey.GetEncoded())); } catch (Exception e) { throw new ArgumentException("unable to process key - " + e.ToString()); } }
private CertTemplate(Asn1Sequence seq) { this.seq = seq; foreach (Asn1TaggedObject tObj in seq) { switch (tObj.TagNo) { case 0: version = DerInteger.GetInstance(tObj, false); break; case 1: serialNumber = DerInteger.GetInstance(tObj, false); break; case 2: signingAlg = AlgorithmIdentifier.GetInstance(tObj, false); break; case 3: issuer = X509Name.GetInstance(tObj, true); // CHOICE break; case 4: validity = OptionalValidity.GetInstance(Asn1Sequence.GetInstance(tObj, false)); break; case 5: subject = X509Name.GetInstance(tObj, true); // CHOICE break; case 6: publicKey = SubjectPublicKeyInfo.GetInstance(tObj, false); break; case 7: issuerUID = DerBitString.GetInstance(tObj, false); break; case 8: subjectUID = DerBitString.GetInstance(tObj, false); break; case 9: extensions = X509Extensions.GetInstance(tObj, false); break; default: throw new ArgumentException("unknown tag: " + tObj.TagNo, "seq"); } } }
/// <summary> /// Parses the AddedTo data that is returned from TPM2_CertifyX509() /// </summary> /// <param name="data"></param> /// <returns></returns> public static AddedToCertificate FromDerEncoding(byte[] data) { var ret = new AddedToCertificate(); var sequence = (DerSequence)DerSequence.FromByteArray(data); var taggedVersion = (DerTaggedObject)(sequence[0]); Debug.Assert(taggedVersion.TagNo == 0); ret.Version = (DerInteger)taggedVersion.GetObject(); ret.SerialNumber = (DerInteger)sequence[1]; ret.Signature = AlgorithmIdentifier.GetInstance(sequence[2]); ret.SubjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(sequence[3]); return(ret); }
private CertificationRequestInfo(Asn1Sequence seq) { this.version = (DerInteger)seq[0]; this.subject = X509Name.GetInstance(seq[1]); this.subjectPKInfo = SubjectPublicKeyInfo.GetInstance(seq[2]); if (seq.Count > 3) { DerTaggedObject obj = (DerTaggedObject)seq[3]; this.attributes = Asn1Set.GetInstance(obj, false); } if (this.subject == null || this.version == null || this.subjectPKInfo == null) { throw new ArgumentException("Not all mandatory fields set in CertificationRequestInfo generator."); } }
/// <summary> /// 加载公钥 /// </summary> /// <param name="publicKey"></param> /// <returns></returns> public static AsymmetricKeyParameter loadPublicKey(string publicKey) { try { publicKey = KeyClear(publicKey); byte[] pubkey = Convert.FromBase64String(publicKey); Asn1Object pubKeyObj = Asn1Object.FromByteArray(pubkey);//这里也可以从流中读取,从本地导入 AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(SubjectPublicKeyInfo.GetInstance(pubKeyObj)); return(pubKey); } catch (Exception) { throw new Exception("密钥格式不正确"); } }
/// <summary> /// 公钥解密 /// </summary> /// <param name="pContent">要解密的内容</param> /// <param name="pPublicKey">公钥</param> /// <returns></returns> public static string PublicKeyDecrypt(string pContent, string pPublicKey) { byte[] btPem = Convert.FromBase64String(pPublicKey); //加密、解密 Asn1Object pubKeyObj = Asn1Object.FromByteArray(btPem);//这里也可以从流中读取,从本地导入 AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(SubjectPublicKeyInfo.GetInstance(pubKeyObj)); IAsymmetricBlockCipher eng = new Pkcs1Encoding(new RsaEngine()); eng.Init(false, pubKey); //解密已加密的数据 byte[] encryptedData = Convert.FromBase64String(pContent); encryptedData = eng.ProcessBlock(encryptedData, 0, encryptedData.Length); string result = Encoding.UTF8.GetString(encryptedData, 0, encryptedData.Length); return(result); }
//加密 public static string RSAEncrypt(string data, string pubkey) { byte[] publicInfoByte = Convert.FromBase64String(pubkey); //加密 Asn1Object pubKeyObj = Asn1Object.FromByteArray(publicInfoByte); AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(SubjectPublicKeyInfo.GetInstance(pubKeyObj)); IAsymmetricBlockCipher cipher = new RsaEngine(); //true表示加密 cipher.Init(true, pubKey); //加密 byte[] encryptData = cipher.ProcessBlock(Encoding.UTF8.GetBytes(data), 0, Encoding.UTF8.GetBytes(data).Length); string retData = Convert.ToBase64String(encryptData); return(retData); }
public override void PerformTest() { SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.GetInstance( Asn1Object.FromByteArray(pubKeyInfo)); SubjectKeyIdentifier ski = SubjectKeyIdentifier.CreateSha1KeyIdentifier(pubInfo); if (!Arrays.AreEqual(shaID, ski.GetKeyIdentifier())) { Fail("SHA-1 ID does not match"); } ski = SubjectKeyIdentifier.CreateTruncatedSha1KeyIdentifier(pubInfo); if (!Arrays.AreEqual(shaTruncID, ski.GetKeyIdentifier())) { Fail("truncated SHA-1 ID does not match"); } }
private PopoSigningKeyInput(Asn1Sequence seq) { Asn1Encodable asn1Encodable = seq[0]; if (asn1Encodable is Asn1TaggedObject) { Asn1TaggedObject asn1TaggedObject = (Asn1TaggedObject)asn1Encodable; if (asn1TaggedObject.TagNo != 0) { throw new ArgumentException("Unknown authInfo tag: " + asn1TaggedObject.TagNo, "seq"); } this.sender = GeneralName.GetInstance(asn1TaggedObject.GetObject()); } else { this.publicKeyMac = PKMacValue.GetInstance(asn1Encodable); } this.publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]); }
public void CreateCertificateShouldSucceed() { // some public key in base64 DER encoded, that will be used as public key of the new certificate, // it should be ECDSA with SHA256 for this example, since the signing Certificate is also ECDSA with SHA256 (OID 1.2.840.10045.4.3.2) const string publicKey = @"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEhpFTpKgGDqfxSwp9WlPJMa2o3XR5x1xKAgC4CR2AFbSzGFAjCIkUKtBCUrA5Te6ydhxVduA3JFE2hzqy/6V6qA=="; // The certificate should exist in the certificate store // on LocalMachine in CA store with appropriate subject CN // as it is defined in with the given "issuerSubject". // This certificate should have an associated private key that may not be exportable. const string issuerSubject = "L2"; var privateKey = new PksEcPrivateKey( issuerSubject, "CA", "LocalMachine"); const string algorithm = "SHA256withECDSA"; ISignatureFactory signatureFactory = new PksAsn1SignatureFactory(algorithm, privateKey); // signatureCalculatorFactory can be used for generating a new certificate with BouncyCastle var certificateGenerator = new X509V3CertificateGenerator(); // ... set all other required fields of the X509V3CertificateGenerator certificateGenerator.SetSerialNumber(BigInteger.One); certificateGenerator.SetIssuerDN(ToX509Name(issuerSubject)); certificateGenerator.SetSubjectDN(ToX509Name("My-new-cert", "My-org")); certificateGenerator.SetPublicKey( PublicKeyFactory.CreateKey( SubjectPublicKeyInfo.GetInstance(Convert.FromBase64String(publicKey)))); certificateGenerator.SetNotBefore(DateTime.Now.Subtract(TimeSpan.FromMinutes(10))); certificateGenerator.SetNotAfter(DateTime.Now.Add(TimeSpan.FromDays(14))); // finally run the generator for a new certificate: X509Certificate cert = certificateGenerator.Generate(signatureFactory); Assert.IsNotNull(cert); }
private void BaseOaepTest( int id, byte[] pubKeyEnc, byte[] privKeyEnc, byte[] output) { // // extract the public key info. // Asn1Object pubKeyObj = Asn1Object.FromByteArray(pubKeyEnc); RsaPublicKeyStructure pubStruct = RsaPublicKeyStructure.GetInstance( SubjectPublicKeyInfo.GetInstance(pubKeyObj).GetPublicKey()); // // extract the private key info. // Asn1Object privKeyObj = Asn1Object.FromByteArray(privKeyEnc); RsaPrivateKeyStructure privStruct = RsaPrivateKeyStructure.GetInstance( PrivateKeyInfo.GetInstance(privKeyObj).ParsePrivateKey()); RsaKeyParameters pubParameters = new RsaKeyParameters( false, pubStruct.Modulus, pubStruct.PublicExponent); RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters( privStruct.Modulus, privStruct.PublicExponent, privStruct.PrivateExponent, privStruct.Prime1, privStruct.Prime2, privStruct.Exponent1, privStruct.Exponent2, privStruct.Coefficient); byte[] input = new byte[] { (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a }; EncDec("id(" + id + ")", pubParameters, privParameters, seed, input, output); }
/// <summary> /// Reads a base64 and ASN.1 DER-encoded public key and returns its RSA key parameters /// </summary> /// <returns></returns> /// <exception cref="Exception">thrown when the public key is malformed</exception> private RsaKeyParameters GetRsaKeyParameters(string encodedPublicKey) { var rawPublicKeyBytes = Convert.FromBase64String(encodedPublicKey); var inputStream = new Asn1InputStream(rawPublicKeyBytes); var sequence = Asn1Sequence.GetInstance(inputStream.ReadObject()); var publicKeyInfo = SubjectPublicKeyInfo.GetInstance(sequence); var publicKeySequence = Asn1Sequence.GetInstance(publicKeyInfo.GetPublicKey()); if (publicKeySequence.Count != 2) { throw new Exception("expected public key to contain a modulus and an exponent"); } var modulus = new Org.BouncyCastle.Math.BigInteger(publicKeySequence[0].ToString()); var exponent = new Org.BouncyCastle.Math.BigInteger(publicKeySequence[1].ToString()); return(new RsaKeyParameters(false, modulus, exponent)); }
private PopoSigningKeyInput(Asn1Sequence seq) { //IL_003f: Unknown result type (might be due to invalid IL or missing references) Asn1Encodable asn1Encodable = seq[0]; if (asn1Encodable is Asn1TaggedObject) { Asn1TaggedObject asn1TaggedObject = (Asn1TaggedObject)asn1Encodable; if (asn1TaggedObject.TagNo != 0) { throw new ArgumentException(string.Concat((object)"Unknown authInfo tag: ", (object)asn1TaggedObject.TagNo), "seq"); } sender = GeneralName.GetInstance(asn1TaggedObject.GetObject()); } else { publicKeyMac = PKMacValue.GetInstance(asn1Encodable); } publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]); }
private PopoSigningKeyInput(Asn1Sequence seq) { Asn1Encodable authInfo = (Asn1Encodable)seq[0]; if (authInfo is Asn1TaggedObject) { Asn1TaggedObject tagObj = (Asn1TaggedObject)authInfo; if (tagObj.TagNo != 0) { throw new ArgumentException("Unknown authInfo tag: " + tagObj.TagNo, "seq"); } sender = GeneralName.GetInstance(tagObj.GetObject()); } else { publicKeyMac = PKMacValue.GetInstance(authInfo); } publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]); }
public static IAsymmetricPublicKey CreatePublicKey(byte[] encodedPublicKeyInfo) { SubjectPublicKeyInfo keyInfo = SubjectPublicKeyInfo.GetInstance(encodedPublicKeyInfo); AlgorithmIdentifier algId = keyInfo.AlgorithmID; if (algId.Algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption) || algId.Algorithm.Equals(X509ObjectIdentifiers.IdEARsa)) { return(new AsymmetricRsaPublicKey(FipsRsa.Alg, encodedPublicKeyInfo)); } else if (algId.Algorithm.Equals(X9ObjectIdentifiers.IdDsa) || algId.Algorithm.Equals(OiwObjectIdentifiers.DsaWithSha1)) { return(new AsymmetricDsaPublicKey(FipsDsa.Alg, encodedPublicKeyInfo)); } else if (algId.Algorithm.Equals(X9ObjectIdentifiers.IdECPublicKey)) { return(new AsymmetricECPublicKey(FipsEC.Alg, encodedPublicKeyInfo)); } else if (algId.Algorithm.Equals(BCObjectIdentifiers.sphincs256)) { return(new AsymmetricSphincsPublicKey(Sphincs.Alg, encodedPublicKeyInfo)); } else if (algId.Algorithm.Equals(BCObjectIdentifiers.newHope)) { return(new AsymmetricNHPublicKey(NewHope.Alg, encodedPublicKeyInfo)); } else if (algId.Algorithm.Equals(X9ObjectIdentifiers.DHPublicNumber) || algId.Algorithm.Equals(PkcsObjectIdentifiers.DhKeyAgreement)) { return(new AsymmetricDHPublicKey(new GeneralAlgorithm("DH"), encodedPublicKeyInfo)); } else if (algId.Algorithm.Equals(OiwObjectIdentifiers.ElGamalAlgorithm)) { return(new AsymmetricDHPublicKey(ElGamal.Alg, encodedPublicKeyInfo)); } else { throw new ArgumentException("algorithm identifier in key not recognised"); } }