public CounterSignature1(OneKey key, CBORObject algorithm = null) : base(key, algorithm)
{
context = "CounterSignature0";
if (UnprotectedMap.Count > 0)
{
UnprotectedMap = CBORObject.NewMap();
}
}
public static OneKey FromPkcs8(byte[] data)
{
AsymmetricKeyParameter akp = PrivateKeyFactory.CreateKey(data);
OneKey key = new OneKey();
key.FromKey(akp);
return(key);
}
public bool Validate(OneKey recipientReceiver)
{
byte[] rgbKey;
if (recipientReceiver[CoseKeyKeys.KeyType].AsInt32() != (int)GeneralValuesInt.KeyType_Octet)
{
throw new CoseException("Key type not octet");
}
rgbKey = recipientReceiver[CoseKeyParameterKeys.Octet_k].GetByteString();
return(Validate(rgbKey));
}
public static OneKey FromX509(byte[] x509)
{
X509Certificate cert = new X509CertificateParser().ReadCertificate(x509);
SubjectPublicKeyInfo spki = cert.CertificateStructure.SubjectPublicKeyInfo;
AsymmetricKeyParameter pub = PublicKeyFactory.CreateKey(spki);
OneKey newKey = new OneKey();
newKey.FromKey(pub);
return(newKey);
}
public Signer(OneKey key, CBORObject algorithm = null)
{
if (algorithm != null)
{
AddAttribute(HeaderKeys.Algorithm, algorithm, UNPROTECTED);
}
if (key.ContainsName(CoseKeyKeys.KeyIdentifier))
{
AddAttribute(HeaderKeys.KeyId, key[CoseKeyKeys.KeyIdentifier], UNPROTECTED);
}
if (key.ContainsName("use"))
{
string usage = key.AsString("use");
if (usage != "sig")
{
throw new Exception("Key cannot be used for encryption");
}
}
if (key.ContainsName(CoseKeyKeys.Key_Operations))
{
CBORObject usageObject = key[CoseKeyKeys.Key_Operations];
bool validUsage = false;
if (usageObject.Type != CBORType.Array)
{
throw new Exception("key_ops is incorrectly formed");
}
for (int i = 0; i < usageObject.Count; i++)
{
switch (usageObject[i].AsString())
{
case "encrypt":
case "keywrap":
validUsage = true;
break;
}
}
if (!validUsage)
{
throw new Exception("Key cannot be used for encryption");
}
}
_keyToSign = key;
}
/// <summary>
/// See if a field in two keys is the same
/// </summary>
/// <param name="key2">2nd key to use</param>
/// <param name="label">label of field to compare</param>
/// <returns></returns>
private bool CompareField(OneKey key2, CBORObject label)
{
if (_map.ContainsKey(label))
{
if (!key2._map.ContainsKey(label))
{
return(false);
}
return(_map[label].Equals(key2._map[label]));
}
else
{
return(!key2._map.ContainsKey(label));
}
}
public void SetKey(OneKey key)
{
_keyToSign = key;
}
public static bool Validate(byte[] content, CBORObject alg, OneKey signKey, byte[] rgbSignature)
{
IDigest digest = null;
IDigest digest2 = null;
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
case "HSS-LMS":
break;
default:
throw new Exception("Unknown signature algorithm");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.RSA_PSS_256:
digest = new Sha256Digest();
digest2 = new Sha256Digest();
break;
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.RSA_PSS_384:
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
case AlgorithmValuesInt.ECDSA_512:
case AlgorithmValuesInt.RSA_PSS_512:
digest = new Sha512Digest();
digest2 = new Sha512Digest();
break;
case AlgorithmValuesInt.EdDSA:
break;
default:
throw new CoseException("Unknown signature algorith");
}
}
else
{
throw new CoseException("Algorithm incorrectly encoded");
}
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
case "HSS-LMS":
return(HashSig.Validate(content,
signKey[CoseKeyParameterKeys.Lms_Public].GetByteString(),
rgbSignature));
default:
throw new CoseException("Unknown Algorithm");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.RSA_PSS_256:
case AlgorithmValuesInt.RSA_PSS_384:
case AlgorithmValuesInt.RSA_PSS_512: {
PssSigner signer = new PssSigner(new RsaEngine(), digest, digest2, digest.GetDigestSize());
ICipherParameters prv = signKey.AsPublicKey();
ParametersWithRandom param = new ParametersWithRandom(prv, Message.GetPRNG());
signer.Init(false, param);
signer.BlockUpdate(content, 0, content.Length);
return(signer.VerifySignature(rgbSignature));
}
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.ECDSA_512: {
if (signKey.GetKeyType() != GeneralValuesInt.KeyType_EC2)
{
throw new CoseException("Key is not correctly constructed.");
}
digest.BlockUpdate(content, 0, content.Length);
byte[] digestedMessage = new byte[digest.GetDigestSize()];
digest.DoFinal(digestedMessage, 0);
ICipherParameters param = signKey.AsPublicKey();
ECDsaSigner ecdsa = new ECDsaSigner();
ecdsa.Init(false, param);
BigInteger r = new BigInteger(1, rgbSignature, 0, rgbSignature.Length / 2);
BigInteger s = new BigInteger(1, rgbSignature, rgbSignature.Length / 2, rgbSignature.Length / 2);
return(ecdsa.VerifySignature(digestedMessage, r, s));
}
#if true
case AlgorithmValuesInt.EdDSA: {
ISigner eddsa;
if (signKey[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed25519))
{
ICipherParameters privKey = signKey.AsPublicKey();
eddsa = new Ed25519Signer();
eddsa.Init(false, privKey);
}
else if (signKey[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed448))
{
Ed448PublicKeyParameters privKey =
new Ed448PublicKeyParameters(signKey[CoseKeyParameterKeys.OKP_X].GetByteString(), 0);
eddsa = new Ed448Signer(new byte[0]);
eddsa.Init(false, privKey);
}
else
{
throw new CoseException("Unrecognized curve");
}
eddsa.BlockUpdate(content, 0, content.Length);
return(eddsa.VerifySignature(rgbSignature));
}
#endif
default:
throw new CoseException("Unknown Algorithm");
}
}
else
{
throw new CoseException("Algorithm incorrectly encoded");
}
}
public static byte[] Sign(byte[] toBeSigned, CBORObject alg, OneKey keyToSign)
{
IDigest digest = null;
IDigest digest2 = null;
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
case "PS384":
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
case "HSS-LMS":
break;
default:
throw new Exception("Unknown signature algorithm");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.RSA_PSS_256:
digest = new Sha256Digest();
digest2 = new Sha256Digest();
break;
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.RSA_PSS_384:
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
case AlgorithmValuesInt.ECDSA_512:
case AlgorithmValuesInt.RSA_PSS_512:
digest = new Sha512Digest();
digest2 = new Sha512Digest();
break;
case AlgorithmValuesInt.EdDSA:
break;
default:
throw new CoseException("Unknown signature algorithm");
}
}
else
{
throw new CoseException("Algorithm incorrectly encoded");
}
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
case "HSS-LMS":
HashSig sig = new HashSig(keyToSign[CoseKeyParameterKeys.Lms_Private].AsString());
byte[] signBytes = sig.Sign(toBeSigned);
keyToSign.Replace(CoseKeyParameterKeys.Lms_Private, CBORObject.FromObject(sig.PrivateKey));
return(signBytes);
default:
throw new CoseException("Unknown Algorithm");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.RSA_PSS_256:
case AlgorithmValuesInt.RSA_PSS_384:
case AlgorithmValuesInt.RSA_PSS_512: {
PssSigner signer = new PssSigner(new RsaEngine(), digest, digest2, digest.GetDigestSize());
ICipherParameters prv = keyToSign.AsPrivateKey();
ParametersWithRandom param = new ParametersWithRandom(prv, Message.GetPRNG());
signer.Init(true, param);
signer.BlockUpdate(toBeSigned, 0, toBeSigned.Length);
return(signer.GenerateSignature());
}
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.ECDSA_512: {
SecureRandom random = Message.GetPRNG();
digest.BlockUpdate(toBeSigned, 0, toBeSigned.Length);
byte[] digestedMessage = new byte[digest.GetDigestSize()];
digest.DoFinal(digestedMessage, 0);
ICipherParameters privKey = keyToSign.AsPrivateKey();
X9ECParameters p = keyToSign.GetCurve();
ParametersWithRandom param = new ParametersWithRandom(privKey, random);
ECDsaSigner ecdsa = new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest()));
ecdsa.Init(true, param);
BigInteger[] sig = ecdsa.GenerateSignature(digestedMessage);
byte[] r = sig[0].ToByteArrayUnsigned();
byte[] s = sig[1].ToByteArrayUnsigned();
int cbR = (p.Curve.FieldSize + 7) / 8;
byte[] sigs = new byte[cbR * 2];
Array.Copy(r, 0, sigs, cbR - r.Length, r.Length);
Array.Copy(s, 0, sigs, cbR + cbR - s.Length, s.Length);
return(sigs);
}
case AlgorithmValuesInt.EdDSA: {
ISigner eddsa;
if (keyToSign[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed25519))
{
ICipherParameters privKey = keyToSign.AsPrivateKey();
eddsa = new Ed25519Signer();
eddsa.Init(true, privKey);
}
else if (keyToSign[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed448))
{
ICipherParameters privKey = keyToSign.AsPrivateKey();
eddsa = new Ed448Signer(new byte[0]);
eddsa.Init(true, privKey);
}
else
{
throw new CoseException("Unrecognized curve");
}
eddsa.BlockUpdate(toBeSigned, 0, toBeSigned.Length);
return(eddsa.GenerateSignature());
}
default:
throw new CoseException("Unknown Algorithm");
}
}
else
{
throw new CoseException("Algorithm incorrectly encoded");
}
}
public bool Validate(OneKey signerKey)
{
CBORObject alg; // Get the set algorithm or infer one
byte[] bytesToBeSigned = toBeSigned();
alg = FindAttribute(HeaderKeys.Algorithm);
if (alg == null)
{
throw new CoseException("No algorithm specified");
}
IDigest digest = null;
IDigest digest2 = null;
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
case "ES384":
case "PS384":
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
case "HSS-LMS":
break;
default:
throw new CoseException("Unknown signature algorithm");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.RSA_PSS_256:
digest = new Sha256Digest();
digest2 = new Sha256Digest();
break;
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.RSA_PSS_384:
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
case AlgorithmValuesInt.ECDSA_512:
case AlgorithmValuesInt.RSA_PSS_512:
digest = new Sha512Digest();
digest2 = new Sha512Digest();
break;
case AlgorithmValuesInt.EdDSA:
break;
default:
throw new CoseException("Unknown signature algorithm");
}
}
else
{
throw new CoseException("Algorthm incorrectly encoded");
}
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
case "HSS-LMS":
return(HashSig.Validate(bytesToBeSigned,
signerKey[CoseKeyParameterKeys.Lms_Public].GetByteString(),
_rgbSignature));
default:
throw new CoseException("Unknown Algorithm");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.RSA_PSS_256:
case AlgorithmValuesInt.RSA_PSS_384:
case AlgorithmValuesInt.RSA_PSS_512: {
PssSigner signer = new PssSigner(new RsaEngine(), digest, digest2, digest.GetByteLength());
RsaKeyParameters prv = new RsaPrivateCrtKeyParameters(signerKey.AsBigInteger(CoseKeyParameterKeys.RSA_n), signerKey.AsBigInteger(CoseKeyParameterKeys.RSA_e), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_d), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_p), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_q), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dP), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dQ), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_qInv));
ParametersWithRandom param = new ParametersWithRandom(prv, GetPRNG());
signer.Init(false, param);
signer.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
return(signer.VerifySignature(_rgbSignature));
}
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.ECDSA_512: {
digest.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
byte[] digestedMessage = new byte[digest.GetDigestSize()];
digest.DoFinal(digestedMessage, 0);
X9ECParameters p = signerKey.GetCurve();
ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECPoint point = signerKey.GetPoint();
ECPublicKeyParameters param = new ECPublicKeyParameters(point, parameters);
ECDsaSigner ecdsa = new ECDsaSigner();
ecdsa.Init(false, param);
BigInteger r = new BigInteger(1, _rgbSignature, 0, _rgbSignature.Length / 2);
BigInteger s = new BigInteger(1, _rgbSignature, _rgbSignature.Length / 2, _rgbSignature.Length / 2);
return(ecdsa.VerifySignature(digestedMessage, r, s));
}
#if true
case AlgorithmValuesInt.EdDSA: {
ISigner eddsa;
if (signerKey[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed25519))
{
Ed25519PublicKeyParameters privKey =
new Ed25519PublicKeyParameters(signerKey[CoseKeyParameterKeys.OKP_X].GetByteString(), 0);
eddsa = new Ed25519Signer();
eddsa.Init(false, privKey);
}
else if (signerKey[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed448))
{
Ed448PublicKeyParameters privKey =
new Ed448PublicKeyParameters(signerKey[CoseKeyParameterKeys.OKP_X].GetByteString(), 0);
eddsa = new Ed448Signer(new byte[0]);
eddsa.Init(false, privKey);
}
else
{
throw new CoseException("Unrecognized curve");
}
eddsa.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
return(eddsa.VerifySignature(_rgbSignature));
}
#endif
default:
throw new CoseException("Unknown Algorithm");
}
}
else
{
throw new CoseException("Algorithm incorrectly encoded");
}
}
public void Sign(OneKey privateKey)
{
AddSigner(privateKey);
PerformSignature();
}
public CounterSignature(OneKey key, CBORObject algorithm = null) : base(key, algorithm)
{
context = "CounterSignature";
}
/// <summary>
/// Compare to keys to see if they are equivalent.
/// Comparison ignores a large number of fields.
/// </summary>
/// <param name="key2">Second key to compare</param>
/// <returns></returns>
public bool Compare(OneKey key2)
{
if (!key2[CoseKeyKeys.KeyType].Equals(_map[CoseKeyKeys.KeyType]))
{
return(false);
}
if (!CompareField(key2, CoseKeyKeys.KeyIdentifier))
{
return(false);
}
if (!CompareField(key2, CoseKeyKeys.Algorithm))
{
return(false);
}
if (_map[CoseKeyKeys.KeyType].Type == CBORType.TextString)
{
switch (_map[CoseKeyKeys.KeyType].AsString())
{
default:
return(true);
}
}
else
{
switch ((GeneralValuesInt)_map[CoseKeyKeys.KeyType].AsInt32())
{
case GeneralValuesInt.KeyType_RSA:
if (!CompareField(key2, CoseKeyParameterKeys.RSA_e) ||
!CompareField(key2, CoseKeyParameterKeys.RSA_n))
{
return(false);
}
break;
case GeneralValuesInt.KeyType_EC2:
if (!CompareField(key2, CoseKeyParameterKeys.EC_Curve) ||
!CompareField(key2, CoseKeyParameterKeys.EC_X) ||
!CompareField(key2, CoseKeyParameterKeys.EC_Y))
{
return(false);
}
break;
case GeneralValuesInt.KeyType_Octet:
if (!CompareField(key2, CoseKeyParameterKeys.Octet_k))
{
return(false);
}
break;
case GeneralValuesInt.KeyType_HssLms:
if (!CompareField(key2, CoseKeyParameterKeys.Lms_Public))
{
return(false);
}
break;
default:
return(true);
}
}
return(true);
}
