public Object encrypt(jwkPublicKey publicKey, byte[] plainBytes, string hashAlgorithm)
{
rsaPublicKey rsaKey = new rsaPublicKey(publicKey);
RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider();
RSAParameters rsaParams = rsaKey.toRSAParameters();
rsaCsp.ImportParameters(rsaParams);
byte[] encryptedBytes;
try
{
if (hashAlgorithm == null)
{
encryptedBytes = rsaCsp.Encrypt(plainBytes, false);
}
else
{
rsaParams = rsaCsp.ExportParameters(false);
encryptedBytes = encryptCamelotOAEP(rsaParams, hashAlgorithm, plainBytes);
}
}
catch (Exception ex)
{
return(new Error(ex));
}
return(encryptedBytes);
}
public Object verify(String mode, jwkPublicKey publicKey, byte[] plainBytes, string hashAlgorithm, string curveName, byte[] signatureBytes)
{
bool verified = false;
if (mode == "ecdsa")
{
EllipticCurveFp curve = selectCamelotCurve(curveName);
ecPublicKey ecPublicKey = new ecPublicKey(publicKey);
EllipticCurvePointFp point =
new EllipticCurvePointFp(curve, false, ecPublicKey.X, ecPublicKey.Y);
camelot.ECKeyPair ecKeyPair =
new camelot.ECKeyPair(curve, SEC1EncodingFp.EncodePoint(point));
camelot.HashAlgorithm h = selectCamelotHashAlgorithm(hashAlgorithm);
byte[] digest = h.ComputeHash(plainBytes);
verified = verifyCamelotEcdsa(ecKeyPair, digest, signatureBytes);
}
else
{
rsaPublicKey rsaKey = new rsaPublicKey(publicKey);
RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider();
RSAParameters rsaParams = rsaKey.toRSAParameters();
rsaCsp.ImportParameters(rsaParams);
if (mode == "rsa-pss")
{
verified = verifyCamelotPSS(rsaParams, hashAlgorithm, plainBytes, signatureBytes);
}
else if (mode == "rsassa-pkcs1-v1_5")
{
verified = rsaCsp.VerifyData(plainBytes, selectCSPHashAlgorithm(hashAlgorithm), signatureBytes);
}
else
{
throw new InvalidOperationException("Unsupported mode");
}
}
return(verified);
}
public Object deriveBits(jwkPublicKey publicKey, string hashAlgorithmName)
{
CngAlgorithm alg = selectCngCurve(publicKey.crv);
// Generate a new key pair
CngKeyCreationParameters keyCreationParameters = new CngKeyCreationParameters();
keyCreationParameters.ExportPolicy = CngExportPolicies.AllowExport;
keyCreationParameters.KeyUsage = CngKeyUsages.KeyAgreement;
CngKey serverKeyPair = CngKey.Create(alg, null, keyCreationParameters);
CngKey clientPubicKey = publicKey.toPublicCngKey();
ECDiffieHellmanCng ecdh = new ECDiffieHellmanCng(serverKeyPair);
ecdh.HashAlgorithm = selectCngHashAlgorithm(hashAlgorithmName);
byte[] keyMaterial = ecdh.DeriveKeyMaterial(clientPubicKey);
return(new object[] { new jwkPublicKey(serverKeyPair), keyMaterial });
}
public ecPublicKey(jwkPublicKey jwkFormatKey)
{
this.X = Base64Url.from(jwkFormatKey.x);
this.Y = Base64Url.from(jwkFormatKey.y);
}
public rsaPublicKey(jwkPublicKey jwkFormatKey)
{
this.Modulus = Base64Url.from(jwkFormatKey.n);
this.Exponent = Base64Url.from(jwkFormatKey.e);
}
