public ECIES (ECDomainNames name) { _domain = ECDomains.GetDomainParameter (name); _kdf = new ANSI_X963_KDF (new SHA1Managed ()); _params = new ECIESParameters (_domain); _mac = new HMACSHA1 (); }
private static byte[] ExportCertificate(X509Certificate certificate, AsymmetricCipherKeyPair subjectKeyPair, TCertificateFormat certificateFormat) { byte[] result = null; switch (certificateFormat) { case TCertificateFormat.NotSet: break; case TCertificateFormat.PEM: using (MemoryStream stream = new MemoryStream()) { using (StreamWriter writer = new StreamWriter(stream)) { Org.BouncyCastle.Utilities.IO.Pem.PemWriter pemWriter = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(writer); if (subjectKeyPair.Private is ECKeyParameters) { ECPrivateKeyParameters priv = (ECPrivateKeyParameters)subjectKeyPair.Private; ECDomainParameters dp = priv.Parameters; int orderBitLength = dp.N.BitLength; Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure ec; Org.BouncyCastle.Asn1.X9.X962Parameters x962; if (priv.PublicKeyParamSet == null) { Org.BouncyCastle.Asn1.X9.X9ECParameters ecP = new Org.BouncyCastle.Asn1.X9.X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()); x962 = new Org.BouncyCastle.Asn1.X9.X962Parameters(ecP); } else { x962 = new Org.BouncyCastle.Asn1.X9.X962Parameters(priv.PublicKeyParamSet); } ec = new Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure(orderBitLength, priv.D, SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(subjectKeyPair.Public).PublicKeyData, x962); pemWriter.WriteObject(new Org.BouncyCastle.Utilities.IO.Pem.PemObject("EC PRIVATE KEY", ec.GetEncoded())); } else { pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(subjectKeyPair.Private)); } pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(subjectKeyPair.Public)); pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(certificate)); writer.Flush(); result = stream.ToArray(); } } break; case TCertificateFormat.PFX: //Asn1Sequence asn1Sequence = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(certificate.GetEncoded())); //asn1Sequence.GetObjects //Org.BouncyCastle.Asn1.Pkcs.Pfx pfx = new Org.BouncyCastle.Asn1.Pkcs.Pfx(); //Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo info = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private); //result = pfx.GetEncoded(Asn1Encodable.Der); break; case TCertificateFormat.CER: result = certificate.GetEncoded(); break; default: break; } return(result); }
private void doTestParams( byte[] ecParameterEncoded, bool compress) { // string keyStorePass = "******"; Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(ecParameterEncoded); X9ECParameters x9 = new X9ECParameters(seq); AsymmetricCipherKeyPair kp = null; bool success = false; while (!success) { IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); // kpg.Init(new ECParameterSpec(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed())); ECDomainParameters ecParams = new ECDomainParameters( x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()); kpg.Init(new ECKeyGenerationParameters(ecParams, new SecureRandom())); kp = kpg.GenerateKeyPair(); // The very old Problem... we need a certificate chain to // save a private key... ECPublicKeyParameters pubKey = (ECPublicKeyParameters)kp.Public; if (!compress) { //pubKey.setPointFormat("UNCOMPRESSED"); pubKey = SetPublicUncompressed(pubKey, false); } byte[] x = pubKey.Q.X.ToBigInteger().ToByteArrayUnsigned(); byte[] y = pubKey.Q.Y.ToBigInteger().ToByteArrayUnsigned(); if (x.Length == y.Length) { success = true; } } // The very old Problem... we need a certificate chain to // save a private key... X509CertificateEntry[] chain = new X509CertificateEntry[] { new X509CertificateEntry(GenerateSelfSignedSoftECCert(kp, compress)) }; // KeyStore keyStore = KeyStore.getInstance("BKS"); // keyStore.load(null, keyStorePass.ToCharArray()); Pkcs12Store keyStore = new Pkcs12StoreBuilder().Build(); keyStore.SetCertificateEntry("ECCert", chain[0]); ECPrivateKeyParameters privateECKey = (ECPrivateKeyParameters)kp.Private; keyStore.SetKeyEntry("ECPrivKey", new AsymmetricKeyEntry(privateECKey), chain); // Test ec sign / verify ECPublicKeyParameters pub = (ECPublicKeyParameters)kp.Public; // string oldPrivateKey = new string(Hex.encode(privateECKey.getEncoded())); byte[] oldPrivateKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateECKey).GetDerEncoded(); string oldPrivateKey = Hex.ToHexString(oldPrivateKeyBytes); // string oldPublicKey = new string(Hex.encode(pub.getEncoded())); byte[] oldPublicKeyBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub).GetDerEncoded(); string oldPublicKey = Hex.ToHexString(oldPublicKeyBytes); ECPrivateKeyParameters newKey = (ECPrivateKeyParameters) keyStore.GetKey("ECPrivKey").Key; ECPublicKeyParameters newPubKey = (ECPublicKeyParameters) keyStore.GetCertificate("ECCert").Certificate.GetPublicKey(); if (!compress) { // TODO Private key compression? //newKey.setPointFormat("UNCOMPRESSED"); //newPubKey.setPointFormat("UNCOMPRESSED"); newPubKey = SetPublicUncompressed(newPubKey, false); } // string newPrivateKey = new string(Hex.encode(newKey.getEncoded())); byte[] newPrivateKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(newKey).GetDerEncoded(); string newPrivateKey = Hex.ToHexString(newPrivateKeyBytes); // string newPublicKey = new string(Hex.encode(newPubKey.getEncoded())); byte[] newPublicKeyBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(newPubKey).GetDerEncoded(); string newPublicKey = Hex.ToHexString(newPublicKeyBytes); if (!oldPrivateKey.Equals(newPrivateKey)) // if (!privateECKey.Equals(newKey)) { Fail("failed private key comparison"); } if (!oldPublicKey.Equals(newPublicKey)) // if (!pub.Equals(newPubKey)) { Fail("failed public key comparison"); } }
public static AsymmetricKeyParameter CreateKey(PrivateKeyInfo keyInfo) { AlgorithmIdentifier privateKeyAlgorithm = keyInfo.PrivateKeyAlgorithm; DerObjectIdentifier algorithm = privateKeyAlgorithm.Algorithm; if (algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption) || algorithm.Equals(X509ObjectIdentifiers.IdEARsa) || algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss) || algorithm.Equals(PkcsObjectIdentifiers.IdRsaesOaep)) { RsaPrivateKeyStructure instance = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey()); return(new RsaPrivateCrtKeyParameters(instance.Modulus, instance.PublicExponent, instance.PrivateExponent, instance.Prime1, instance.Prime2, instance.Exponent1, instance.Exponent2, instance.Coefficient)); } if (algorithm.Equals(PkcsObjectIdentifiers.DhKeyAgreement)) { DHParameter dHParameter = new DHParameter(Asn1Sequence.GetInstance(privateKeyAlgorithm.Parameters.ToAsn1Object())); DerInteger derInteger = (DerInteger)keyInfo.ParsePrivateKey(); int l = dHParameter.L?.IntValue ?? 0; DHParameters parameters = new DHParameters(dHParameter.P, dHParameter.G, null, l); return(new DHPrivateKeyParameters(derInteger.Value, parameters, algorithm)); } if (algorithm.Equals(OiwObjectIdentifiers.ElGamalAlgorithm)) { ElGamalParameter elGamalParameter = new ElGamalParameter(Asn1Sequence.GetInstance(privateKeyAlgorithm.Parameters.ToAsn1Object())); DerInteger derInteger2 = (DerInteger)keyInfo.ParsePrivateKey(); return(new ElGamalPrivateKeyParameters(derInteger2.Value, new ElGamalParameters(elGamalParameter.P, elGamalParameter.G))); } if (algorithm.Equals(X9ObjectIdentifiers.IdDsa)) { DerInteger derInteger3 = (DerInteger)keyInfo.ParsePrivateKey(); Asn1Encodable parameters2 = privateKeyAlgorithm.Parameters; DsaParameters parameters3 = null; if (parameters2 != null) { DsaParameter instance2 = DsaParameter.GetInstance(parameters2.ToAsn1Object()); parameters3 = new DsaParameters(instance2.P, instance2.Q, instance2.G); } return(new DsaPrivateKeyParameters(derInteger3.Value, parameters3)); } if (algorithm.Equals(X9ObjectIdentifiers.IdECPublicKey)) { X962Parameters x962Parameters = new X962Parameters(privateKeyAlgorithm.Parameters.ToAsn1Object()); X9ECParameters x9ECParameters = (!x962Parameters.IsNamedCurve) ? new X9ECParameters((Asn1Sequence)x962Parameters.Parameters) : ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)x962Parameters.Parameters); ECPrivateKeyStructure instance3 = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey()); BigInteger key = instance3.GetKey(); if (x962Parameters.IsNamedCurve) { return(new ECPrivateKeyParameters("EC", key, (DerObjectIdentifier)x962Parameters.Parameters)); } ECDomainParameters parameters4 = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N, x9ECParameters.H, x9ECParameters.GetSeed()); return(new ECPrivateKeyParameters(key, parameters4)); } if (algorithm.Equals(CryptoProObjectIdentifiers.GostR3410x2001)) { Gost3410PublicKeyAlgParameters gost3410PublicKeyAlgParameters = new Gost3410PublicKeyAlgParameters(Asn1Sequence.GetInstance(privateKeyAlgorithm.Parameters.ToAsn1Object())); ECDomainParameters byOid = ECGost3410NamedCurves.GetByOid(gost3410PublicKeyAlgParameters.PublicKeyParamSet); if (byOid == null) { throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key"); } Asn1Object asn1Object = keyInfo.ParsePrivateKey(); ECPrivateKeyStructure eCPrivateKeyStructure = (!(asn1Object is DerInteger)) ? ECPrivateKeyStructure.GetInstance(asn1Object) : new ECPrivateKeyStructure(byOid.N.BitLength, ((DerInteger)asn1Object).Value); return(new ECPrivateKeyParameters("ECGOST3410", eCPrivateKeyStructure.GetKey(), gost3410PublicKeyAlgParameters.PublicKeyParamSet)); } if (algorithm.Equals(CryptoProObjectIdentifiers.GostR3410x94)) { Gost3410PublicKeyAlgParameters gost3410PublicKeyAlgParameters2 = new Gost3410PublicKeyAlgParameters(Asn1Sequence.GetInstance(privateKeyAlgorithm.Parameters.ToAsn1Object())); DerOctetString derOctetString = (DerOctetString)keyInfo.ParsePrivateKey(); BigInteger x = new BigInteger(1, Arrays.Reverse(derOctetString.GetOctets())); return(new Gost3410PrivateKeyParameters(x, gost3410PublicKeyAlgParameters2.PublicKeyParamSet)); } throw new SecurityUtilityException("algorithm identifier in key not recognised"); }
internal ECDSAParameters (Number d, ECPoint Q, ECDomainParameters domain) : base (d, Q, domain) { }
static Secp256K1() { var x9Params = SECNamedCurves.GetByName("secp256k1"); EcParams = new ECDomainParameters( x9Params.Curve, x9Params.G, x9Params.N, x9Params.H); }
internal ECDiffieHellmanParameters (Number d, ECPoint Q, ECDomainParameters domain) : base (d, Q, domain) { }
static ECGost3410NamedCurves() { BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); BigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); ECCurve curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a new BigInteger("166"), // b mod_q, BigInteger.One)); ECDomainParameters ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("1"), // x new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y mod_q, BigInteger.One); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = ecParams; mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), new BigInteger("166"), mod_q, BigInteger.One)); ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("1"), // x new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y mod_q, BigInteger.One); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = ecParams; mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); //q curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595"), // b mod_q, BigInteger.One)); ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("1"), // x new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124")), // y mod_q, BigInteger.One); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = ecParams; mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), new BigInteger("32858"), mod_q, BigInteger.One)); ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("0"), new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), mod_q, BigInteger.One); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = ecParams; mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); //q curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a new BigInteger("32858"), // b mod_q, BigInteger.One)); ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("0"), // x new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), // y mod_q, BigInteger.One); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = ecParams; //GOST34.10 2012 mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", 16); //p mod_q = new BigInteger("400000000000000000000000000000000FD8CDDFC87B6635C115AF556C360C67", 16); //q curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("C2173F1513981673AF4892C23035A27CE25E2013BF95AA33B22C656F277E7335", 16), // a new BigInteger("295F9BAE7428ED9CCC20E7C359A9D41A22FCCD9108E17BF7BA9337A6F8AE9513", 16), // b mod_q, BigInteger.Four)); ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("91E38443A5E82C0D880923425712B2BB658B9196932E02C78B2582FE742DAA28", 16), // x new BigInteger("32879423AB1A0375895786C4BB46E9565FDE0B5344766740AF268ADB32322E5C", 16)), // y mod_q, BigInteger.Four); parameters[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA] = ecParams; mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7", 16); //p mod_q = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF27E69532F48D89116FF22B8D4E0560609B4B38ABFAD2B85DCACDB1411F10B275", 16); //q curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC4", 16), // a new BigInteger("E8C2505DEDFC86DDC1BD0B2B6667F1DA34B82574761CB0E879BD081CFD0B6265EE3CB090F30D27614CB4574010DA90DD862EF9D4EBEE4761503190785A71C760", 16), // b mod_q, BigInteger.One)); ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003"), // x new BigInteger("7503CFE87A836AE3A61B8816E25450E6CE5E1C93ACF1ABC1778064FDCBEFA921DF1626BE4FD036E93D75E6A50E3A41E98028FE5FC235F5B889A589CB5215F2A4", 16)), // y mod_q, BigInteger.One); parameters[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA] = ecParams; mod_p = new BigInteger("8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006F", 16); //p mod_q = new BigInteger("800000000000000000000000000000000000000000000000000000000000000149A1EC142565A545ACFDB77BD9D40CFA8B996712101BEA0EC6346C54374F25BD", 16); //q curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006C", 16), // a new BigInteger("687D1B459DC841457E3E06CF6F5E2517B97C7D614AF138BCBF85DC806C4B289F3E965D2DB1416D217F8B276FAD1AB69C50F78BEE1FA3106EFB8CCBC7C5140116", 16), // b mod_q, BigInteger.One)); ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"), // x new BigInteger("1A8F7EDA389B094C2C071E3647A8940F3C123B697578C213BE6DD9E6C8EC7335DCB228FD1EDF4A39152CBCAAF8C0398828041055F94CEEEC7E21340780FE41BD", 16)), // y mod_q, BigInteger.One); parameters[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB] = ecParams; mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7", 16); //p mod_q = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC98CDBA46506AB004C33A9FF5147502CC8EDA9E7A769A12694623CEF47F023ED", 16); //q curve = ConfigureCurve(new FpCurve( mod_p, // p new BigInteger("DC9203E514A721875485A529D2C722FB187BC8980EB866644DE41C68E143064546E861C0E2C9EDD92ADE71F46FCF50FF2AD97F951FDA9F2A2EB6546F39689BD3", 16), // a new BigInteger("B4C4EE28CEBC6C2C8AC12952CF37F16AC7EFB6A9F69F4B57FFDA2E4F0DE5ADE038CBC2FFF719D2C18DE0284B8BFEF3B52B8CC7A5F5BF0A3C8D2319A5312557E1", 16), // b mod_q, BigInteger.Four)); ecParams = new ECDomainParameters( curve, ConfigureBasepoint(curve, new BigInteger("E2E31EDFC23DE7BDEBE241CE593EF5DE2295B7A9CBAEF021D385F7074CEA043AA27272A7AE602BF2A7B9033DB9ED3610C6FB85487EAE97AAC5BC7928C1950148", 16), // x new BigInteger("F5CE40D95B5EB899ABBCCFF5911CB8577939804D6527378B8C108C3D2090FF9BE18E2D33E3021ED2EF32D85822423B6304F726AA854BAE07D0396E9A9ADDC40F", 16)), // y mod_q, BigInteger.Four); parameters[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC] = ecParams; objIds["GostR3410-2001-CryptoPro-A"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProA; objIds["GostR3410-2001-CryptoPro-B"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProB; objIds["GostR3410-2001-CryptoPro-C"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProC; objIds["GostR3410-2001-CryptoPro-XchA"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA; objIds["GostR3410-2001-CryptoPro-XchB"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB; objIds["Tc26-Gost-3410-12-256-paramSetA"] = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA; objIds["Tc26-Gost-3410-12-512-paramSetA"] = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA; objIds["Tc26-Gost-3410-12-512-paramSetB"] = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB; objIds["Tc26-Gost-3410-12-512-paramSetC"] = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = "GostR3410-2001-CryptoPro-A"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = "GostR3410-2001-CryptoPro-B"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = "GostR3410-2001-CryptoPro-C"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = "GostR3410-2001-CryptoPro-XchA"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = "GostR3410-2001-CryptoPro-XchB"; names[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA] = "Tc26-Gost-3410-12-256-paramSetA"; names[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA] = "Tc26-Gost-3410-12-512-paramSetA"; names[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB] = "Tc26-Gost-3410-12-512-paramSetB"; names[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC] = "Tc26-Gost-3410-12-512-paramSetC"; }
public void TestCreationECDSA() { BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv")); BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R")); BigInteger ECParraH = new BigInteger(Base64.Decode("AQ==")); BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L")); BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l")); BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx")); BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo")); FpCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecDomain = new ECDomainParameters(curve, new FpPoint(curve, curve.FromBigInteger(ECParraGX), curve.FromBigInteger(ECParraGY)), ECParraN); ECPublicKeyParameters ecPub = new ECPublicKeyParameters( "ECDSA", new FpPoint(curve, curve.FromBigInteger(ECPubQX), curve.FromBigInteger(ECPubQY)), ecDomain); ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters("ECDSA", ECPrivD, ecDomain); IDictionary attrs = new Hashtable(); attrs[X509Name.C] = "AU"; attrs[X509Name.O] = "The Legion of the Bouncy Castle"; attrs[X509Name.L] = "Melbourne"; attrs[X509Name.ST] = "Victoria"; attrs[X509Name.E] = "*****@*****.**"; IList ord = new ArrayList(); ord.Add(X509Name.C); ord.Add(X509Name.O); ord.Add(X509Name.L); ord.Add(X509Name.ST); ord.Add(X509Name.E); IList values = new ArrayList(); values.Add("AU"); values.Add("The Legion of the Bouncy Castle"); values.Add("Melbourne"); values.Add("Victoria"); values.Add("*****@*****.**"); X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.SetSerialNumber(BigInteger.One); certGen.SetIssuerDN(new X509Name(ord, attrs)); certGen.SetNotBefore(DateTime.Today.Subtract(new TimeSpan(1, 0, 0, 0))); certGen.SetNotAfter(DateTime.Today.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(ecPub); certGen.SetSignatureAlgorithm("SHA1WITHECDSA"); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); X509Certificate cert = certGen.Generate(ecPriv); // Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)"); cert.CheckValidity(); cert.Verify(ecPub); ISet extOidSet = cert.GetCriticalExtensionOids(); if (extOidSet.Count != 1) { Fail("wrong number of oids"); } //if (dummySet != null) //{ // foreach (string key in dummySet) // { // Console.WriteLine("\t{0}:\t{1}", key); // } //} //Console.WriteLine(); //dummySet = cert.GetNonCriticalExtensionOids(); //if (dummySet != null) //{ // foreach (string key in dummySet) // { // Console.WriteLine("\t{0}:\t{1}", key); // } //} //Console.WriteLine(); }
static ECGost3410NamedCurves() { IBigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); IBigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); FPCurve curve = new FPCurve( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a new BigInteger("166")); // b ECDomainParameters ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.One, // x new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"), // y false), mod_q); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = ecParams; mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); curve = new FPCurve( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), new BigInteger("166")); ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.One, // x new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"), // y false), mod_q); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = ecParams; mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); //q curve = new FPCurve( mod_p, // p new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595")); // b ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.One, // x new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124"), // y false), mod_q); // q parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = ecParams; mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); curve = new FPCurve( mod_p, // p new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), new BigInteger("32858")); ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.Zero, // x new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"), // y false), mod_q); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = ecParams; mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); //q curve = new FPCurve( mod_p, // p new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a new BigInteger("32858")); // b ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.Zero, // x new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"), // y false), mod_q); // q parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = ecParams; objIds["GostR3410-2001-CryptoPro-A"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProA; objIds["GostR3410-2001-CryptoPro-B"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProB; objIds["GostR3410-2001-CryptoPro-C"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProC; objIds["GostR3410-2001-CryptoPro-XchA"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA; objIds["GostR3410-2001-CryptoPro-XchB"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = "GostR3410-2001-CryptoPro-A"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = "GostR3410-2001-CryptoPro-B"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = "GostR3410-2001-CryptoPro-C"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = "GostR3410-2001-CryptoPro-XchA"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = "GostR3410-2001-CryptoPro-XchB"; }
private static X9ECParameters FromDomainParameters(ECDomainParameters dp) { return(dp == null ? null : new X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed())); }
public override void PerformTest() { generationTest(512, "RSA", "SHA1withRSA"); generationTest(512, "GOST3410", "GOST3411withGOST3410"); // if (Security.getProvider("SunRsaSign") != null) // { // generationTest(512, "RSA", "SHA1withRSA", "SunRsaSign"); // } // elliptic curve GOST A parameter set Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(gost3410EC_A); if (!req.Verify()) { Fail("Failed Verify check gost3410EC_A."); } // elliptic curve GOST B parameter set req = new Pkcs10CertificationRequest(gost3410EC_B); if (!req.Verify()) { Fail("Failed Verify check gost3410EC_B."); } // elliptic curve GOST C parameter set req = new Pkcs10CertificationRequest(gost3410EC_C); if (!req.Verify()) { Fail("Failed Verify check gost3410EC_C."); } // elliptic curve GOST ExA parameter set req = new Pkcs10CertificationRequest(gost3410EC_ExA); if (!req.Verify()) { Fail("Failed Verify check gost3410EC_ExA."); } // elliptic curve GOST ExB parameter set req = new Pkcs10CertificationRequest(gost3410EC_ExB); if (!req.Verify()) { Fail("Failed Verify check gost3410EC_ExA."); } // elliptic curve openSSL IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); ECCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecSpec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n // g.initialize(ecSpec, new SecureRandom()); g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); AsymmetricCipherKeyPair kp = g.GenerateKeyPair(); req = new Pkcs10CertificationRequest( "ECDSAWITHSHA1", new X509Name("CN=XXX"), kp.Public, null, kp.Private); if (!req.Verify()) { Fail("Failed Verify check EC."); } createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ECDsaWithSha1); createECRequest("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224); createECRequest("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256); createECRequest("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384); createECRequest("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512); createECGostRequest(); // TODO The setting of parameters for MGF algorithms is not implemented // createPssTest("SHA1withRSAandMGF1"); // createPssTest("SHA224withRSAandMGF1"); // createPssTest("SHA256withRSAandMGF1"); // createPssTest("SHA384withRSAandMGF1"); nullPointerTest(); }
/* * we generate a self signed certificate for the sake of testing - SHA224withECDSA */ private void createECRequest( string algorithm, DerObjectIdentifier algOid) { FpCurve curve = new FpCurve( new BigInteger("6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151"), // q (or p) new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", 16), // a new BigInteger("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", 16)); // b ECDomainParameters spec = new ECDomainParameters( curve, // curve.DecodePoint(Hex.Decode("02C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G curve.DecodePoint(Hex.Decode("0200C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 16)); // n ECPrivateKeyParameters privKey = new ECPrivateKeyParameters( new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( // curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q spec); // // // // set up the keys // // // AsymmetricKeyParameter privKey; // AsymmetricKeyParameter pubKey; // // KeyFactory fact = KeyFactory.getInstance("ECDSA"); // // privKey = fact.generatePrivate(privKeySpec); // pubKey = fact.generatePublic(pubKeySpec); Pkcs10CertificationRequest req = new Pkcs10CertificationRequest( algorithm, new X509Name("CN=XXX"), pubKey, null, privKey); if (!req.Verify()) { Fail("Failed Verify check EC."); } req = new Pkcs10CertificationRequest(req.GetEncoded()); if (!req.Verify()) { Fail("Failed Verify check EC encoded."); } // // try with point compression turned off // // ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED"); ECPoint q = pubKey.Q.Normalize(); pubKey = new ECPublicKeyParameters( pubKey.AlgorithmName, q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()), pubKey.Parameters); req = new Pkcs10CertificationRequest( algorithm, new X509Name("CN=XXX"), pubKey, null, privKey); if (!req.Verify()) { Fail("Failed Verify check EC uncompressed."); } req = new Pkcs10CertificationRequest(req.GetEncoded()); if (!req.Verify()) { Fail("Failed Verify check EC uncompressed encoded."); } if (!req.SignatureAlgorithm.Algorithm.Equals(algOid)) { Fail("ECDSA oid incorrect."); } if (req.SignatureAlgorithm.Parameters != null) { Fail("ECDSA parameters incorrect."); } ISigner sig = SignerUtilities.GetSigner(algorithm); sig.Init(false, pubKey); byte[] b = req.GetCertificationRequestInfo().GetEncoded(); sig.BlockUpdate(b, 0, b.Length); if (!sig.VerifySignature(req.GetSignatureOctets())) { Fail("signature not mapped correctly."); } }
/// <summary> /// Creates a new signing key pair /// </summary> /// <param name="name">The name of the key or zone</param> /// <param name="recordClass">The record class of the DnsKeyRecord</param> /// <param name="timeToLive">The TTL in seconds to the DnsKeyRecord</param> /// <param name="flags">The Flags of the DnsKeyRecord</param> /// <param name="protocol">The protocol version</param> /// <param name="algorithm">The key algorithm</param> /// <param name="keyStrength">The key strength or 0 for default strength</param> /// <returns></returns> public static DnsKeyRecord CreateSigningKey(DomainName name, RecordClass recordClass, int timeToLive, DnsKeyFlags flags, byte protocol, DnsSecAlgorithm algorithm, int keyStrength = 0) { byte[] privateKey; byte[] publicKey; switch (algorithm) { case DnsSecAlgorithm.RsaSha1: case DnsSecAlgorithm.RsaSha1Nsec3Sha1: case DnsSecAlgorithm.RsaSha256: case DnsSecAlgorithm.RsaSha512: if (keyStrength == 0) { keyStrength = (flags == (DnsKeyFlags.Zone | DnsKeyFlags.SecureEntryPoint)) ? 2048 : 1024; } RsaKeyPairGenerator rsaKeyGen = new RsaKeyPairGenerator(); rsaKeyGen.Init(new KeyGenerationParameters(_secureRandom, keyStrength)); var rsaKey = rsaKeyGen.GenerateKeyPair(); privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaKey.Private).GetDerEncoded(); var rsaPublicKey = (RsaKeyParameters)rsaKey.Public; var rsaExponent = rsaPublicKey.Exponent.ToByteArrayUnsigned(); var rsaModulus = rsaPublicKey.Modulus.ToByteArrayUnsigned(); int offset = 1; if (rsaExponent.Length > 255) { publicKey = new byte[3 + rsaExponent.Length + rsaModulus.Length]; DnsMessageBase.EncodeUShort(publicKey, ref offset, (ushort)publicKey.Length); } else { publicKey = new byte[1 + rsaExponent.Length + rsaModulus.Length]; publicKey[0] = (byte)rsaExponent.Length; } DnsMessageBase.EncodeByteArray(publicKey, ref offset, rsaExponent); DnsMessageBase.EncodeByteArray(publicKey, ref offset, rsaModulus); break; case DnsSecAlgorithm.Dsa: case DnsSecAlgorithm.DsaNsec3Sha1: if (keyStrength == 0) { keyStrength = 1024; } DsaParametersGenerator dsaParamsGen = new DsaParametersGenerator(); dsaParamsGen.Init(keyStrength, 12, _secureRandom); DsaKeyPairGenerator dsaKeyGen = new DsaKeyPairGenerator(); dsaKeyGen.Init(new DsaKeyGenerationParameters(_secureRandom, dsaParamsGen.GenerateParameters())); var dsaKey = dsaKeyGen.GenerateKeyPair(); privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dsaKey.Private).GetDerEncoded(); var dsaPublicKey = (DsaPublicKeyParameters)dsaKey.Public; var dsaY = dsaPublicKey.Y.ToByteArrayUnsigned(); var dsaP = dsaPublicKey.Parameters.P.ToByteArrayUnsigned(); var dsaQ = dsaPublicKey.Parameters.Q.ToByteArrayUnsigned(); var dsaG = dsaPublicKey.Parameters.G.ToByteArrayUnsigned(); var dsaT = (byte)((dsaY.Length - 64) / 8); publicKey = new byte[21 + 3 * dsaY.Length]; publicKey[0] = dsaT; dsaQ.CopyTo(publicKey, 1); dsaP.CopyTo(publicKey, 21); dsaG.CopyTo(publicKey, 21 + dsaY.Length); dsaY.CopyTo(publicKey, 21 + 2 * dsaY.Length); break; case DnsSecAlgorithm.EccGost: ECDomainParameters gostEcDomainParameters = ECGost3410NamedCurves.GetByOid(CryptoProObjectIdentifiers.GostR3410x2001CryptoProA); var gostKeyGen = new ECKeyPairGenerator(); gostKeyGen.Init(new ECKeyGenerationParameters(gostEcDomainParameters, _secureRandom)); var gostKey = gostKeyGen.GenerateKeyPair(); privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(gostKey.Private).GetDerEncoded(); var gostPublicKey = (ECPublicKeyParameters)gostKey.Public; publicKey = new byte[64]; gostPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 32); gostPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0); publicKey = publicKey.Reverse().ToArray(); break; case DnsSecAlgorithm.EcDsaP256Sha256: case DnsSecAlgorithm.EcDsaP384Sha384: int ecDsaDigestSize; X9ECParameters ecDsaCurveParameter; if (algorithm == DnsSecAlgorithm.EcDsaP256Sha256) { ecDsaDigestSize = new Sha256Digest().GetDigestSize(); ecDsaCurveParameter = NistNamedCurves.GetByOid(SecObjectIdentifiers.SecP256r1); } else { ecDsaDigestSize = new Sha384Digest().GetDigestSize(); ecDsaCurveParameter = NistNamedCurves.GetByOid(SecObjectIdentifiers.SecP384r1); } ECDomainParameters ecDsaP384EcDomainParameters = new ECDomainParameters( ecDsaCurveParameter.Curve, ecDsaCurveParameter.G, ecDsaCurveParameter.N, ecDsaCurveParameter.H, ecDsaCurveParameter.GetSeed()); var ecDsaKeyGen = new ECKeyPairGenerator(); ecDsaKeyGen.Init(new ECKeyGenerationParameters(ecDsaP384EcDomainParameters, _secureRandom)); var ecDsaKey = ecDsaKeyGen.GenerateKeyPair(); privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecDsaKey.Private).GetDerEncoded(); var ecDsaPublicKey = (ECPublicKeyParameters)ecDsaKey.Public; publicKey = new byte[ecDsaDigestSize * 2]; ecDsaPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0); ecDsaPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, ecDsaDigestSize); break; default: throw new NotSupportedException(); } return(new DnsKeyRecord(name, recordClass, timeToLive, flags, protocol, algorithm, publicKey, privateKey)); }
public static AsymmetricKeyParameter CreateKey( PrivateKeyInfo keyInfo) { AlgorithmIdentifier algID = keyInfo.PrivateKeyAlgorithm; DerObjectIdentifier algOid = algID.Algorithm; // TODO See RSAUtil.isRsaOid in Java build if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) || algOid.Equals(X509ObjectIdentifiers.IdEARsa) || algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) || algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep)) { RsaPrivateKeyStructure keyStructure = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey()); return(new RsaPrivateCrtKeyParameters( keyStructure.Modulus, keyStructure.PublicExponent, keyStructure.PrivateExponent, keyStructure.Prime1, keyStructure.Prime2, keyStructure.Exponent1, keyStructure.Exponent2, keyStructure.Coefficient)); } // TODO? // else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber)) else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement)) { DHParameter para = new DHParameter( Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey(); BigInteger lVal = para.L; int l = lVal == null ? 0 : lVal.IntValue; DHParameters dhParams = new DHParameters(para.P, para.G, null, l); return(new DHPrivateKeyParameters(derX.Value, dhParams, algOid)); } else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm)) { ElGamalParameter para = new ElGamalParameter( Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey(); return(new ElGamalPrivateKeyParameters( derX.Value, new ElGamalParameters(para.P, para.G))); } else if (algOid.Equals(X9ObjectIdentifiers.IdDsa)) { DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey(); Asn1Encodable ae = algID.Parameters; DsaParameters parameters = null; if (ae != null) { DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object()); parameters = new DsaParameters(para.P, para.Q, para.G); } return(new DsaPrivateKeyParameters(derX.Value, parameters)); } else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey)) { X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object()); X9ECParameters x9; if (para.IsNamedCurve) { x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters); } else { x9 = new X9ECParameters((Asn1Sequence)para.Parameters); } ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey()); BigInteger d = ec.GetKey(); if (para.IsNamedCurve) { return(new ECPrivateKeyParameters("EC", d, (DerObjectIdentifier)para.Parameters)); } ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()); return(new ECPrivateKeyParameters(d, dParams)); } else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001)) { Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet); if (ecP == null) { throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key"); } Asn1Object privKey = keyInfo.ParsePrivateKey(); ECPrivateKeyStructure ec; if (privKey is DerInteger) { ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).PositiveValue); } else { ec = ECPrivateKeyStructure.GetInstance(privKey); } return(new ECPrivateKeyParameters("ECGOST3410", ec.GetKey(), gostParams.PublicKeyParamSet)); } else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94)) { Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters); Asn1Object privKey = keyInfo.ParsePrivateKey(); BigInteger x; if (privKey is DerInteger) { x = DerInteger.GetInstance(privKey).PositiveValue; } else { x = new BigInteger(1, Arrays.Reverse(Asn1OctetString.GetInstance(privKey).GetOctets())); } return(new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet)); } else if (algOid.Equals(EdECObjectIdentifiers.id_X25519)) { return(new X25519PrivateKeyParameters(GetRawKey(keyInfo, X25519PrivateKeyParameters.KeySize), 0)); } else if (algOid.Equals(EdECObjectIdentifiers.id_X448)) { return(new X448PrivateKeyParameters(GetRawKey(keyInfo, X448PrivateKeyParameters.KeySize), 0)); } else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519)) { return(new Ed25519PrivateKeyParameters(GetRawKey(keyInfo, Ed25519PrivateKeyParameters.KeySize), 0)); } else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448)) { return(new Ed448PrivateKeyParameters(GetRawKey(keyInfo, Ed448PrivateKeyParameters.KeySize), 0)); } else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512) || algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256)) { Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters); ECGost3410Parameters ecSpec = null; BigInteger d = null; Asn1Object p = keyInfo.PrivateKeyAlgorithm.Parameters.ToAsn1Object(); if (p is Asn1Sequence && (Asn1Sequence.GetInstance(p).Count == 2 || Asn1Sequence.GetInstance(p).Count == 3)) { ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet); ecSpec = new ECGost3410Parameters( new ECNamedDomainParameters( gostParams.PublicKeyParamSet, ecP), gostParams.PublicKeyParamSet, gostParams.DigestParamSet, gostParams.EncryptionParamSet); Asn1Encodable privKey = keyInfo.ParsePrivateKey(); if (privKey is DerInteger) { d = DerInteger.GetInstance(privKey).PositiveValue; } else { byte[] encVal = Asn1OctetString.GetInstance(privKey).GetOctets(); byte[] dVal = new byte[encVal.Length]; for (int i = 0; i != encVal.Length; i++) { dVal[i] = encVal[encVal.Length - 1 - i]; } d = new BigInteger(1, dVal); } } else { X962Parameters parameters = X962Parameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters); if (parameters.IsNamedCurve) { DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(parameters.Parameters); X9ECParameters ecP = ECNamedCurveTable.GetByOid(oid); if (ecP == null) { ECDomainParameters gParam = ECGost3410NamedCurves.GetByOid(oid); ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters( oid, gParam.Curve, gParam.G, gParam.N, gParam.H, gParam.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet, gostParams.EncryptionParamSet); } else { ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters( oid, ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet, gostParams.EncryptionParamSet); } } else if (parameters.IsImplicitlyCA) { ecSpec = null; } else { X9ECParameters ecP = X9ECParameters.GetInstance(parameters.Parameters); ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters( algOid, ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet, gostParams.EncryptionParamSet); } Asn1Encodable privKey = keyInfo.ParsePrivateKey(); if (privKey is DerInteger) { DerInteger derD = DerInteger.GetInstance(privKey); d = derD.Value; } else { ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(privKey); d = ec.GetKey(); } } return(new ECPrivateKeyParameters( d, new ECGost3410Parameters( ecSpec, gostParams.PublicKeyParamSet, gostParams.DigestParamSet, gostParams.EncryptionParamSet))); } else { throw new SecurityUtilityException("algorithm identifier in private key not recognised"); } }
public static X9ECParameters GetByOidX9(DerObjectIdentifier oid) { ECDomainParameters ec = (ECDomainParameters)parameters[oid]; return(ec == null ? null : new X9ECParameters(ec.Curve, new X9ECPoint(ec.G, false), ec.N, ec.H, ec.GetSeed())); }
public static PrivateKeyInfo CreatePrivateKeyInfo( AsymmetricKeyParameter key) { if (key == null) { throw new ArgumentNullException("key"); } if (!key.IsPrivate) { throw new ArgumentException("Public key passed - private key expected", "key"); } #if ENABLE_EC if (key is ElGamalPrivateKeyParameters) { ElGamalPrivateKeyParameters _key = (ElGamalPrivateKeyParameters)key; return(new PrivateKeyInfo( new AlgorithmIdentifier( OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter( _key.Parameters.P, _key.Parameters.G).ToAsn1Object()), new DerInteger(_key.X))); } #endif if (key is DsaPrivateKeyParameters) { DsaPrivateKeyParameters _key = (DsaPrivateKeyParameters)key; return(new PrivateKeyInfo( new AlgorithmIdentifier( X9ObjectIdentifiers.IdDsa, new DsaParameter( _key.Parameters.P, _key.Parameters.Q, _key.Parameters.G).ToAsn1Object()), new DerInteger(_key.X))); } #if ENABLE_EC if (key is DHPrivateKeyParameters) { DHPrivateKeyParameters _key = (DHPrivateKeyParameters)key; DHParameter p = new DHParameter( _key.Parameters.P, _key.Parameters.G, _key.Parameters.L); return(new PrivateKeyInfo( new AlgorithmIdentifier(_key.AlgorithmOid, p.ToAsn1Object()), new DerInteger(_key.X))); } #endif if (key is RsaKeyParameters) { AlgorithmIdentifier algID = new AlgorithmIdentifier( PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance); RsaPrivateKeyStructure keyStruct; if (key is RsaPrivateCrtKeyParameters) { RsaPrivateCrtKeyParameters _key = (RsaPrivateCrtKeyParameters)key; keyStruct = new RsaPrivateKeyStructure( _key.Modulus, _key.PublicExponent, _key.Exponent, _key.P, _key.Q, _key.DP, _key.DQ, _key.QInv); } else { RsaKeyParameters _key = (RsaKeyParameters)key; keyStruct = new RsaPrivateKeyStructure( _key.Modulus, BigInteger.Zero, _key.Exponent, BigInteger.Zero, BigInteger.Zero, BigInteger.Zero, BigInteger.Zero, BigInteger.Zero); } return(new PrivateKeyInfo(algID, keyStruct.ToAsn1Object())); } #if ENABLE_EC if (key is ECPrivateKeyParameters) { ECPrivateKeyParameters priv = (ECPrivateKeyParameters)key; ECDomainParameters dp = priv.Parameters; int orderBitLength = dp.N.BitLength; AlgorithmIdentifier algID; ECPrivateKeyStructure ec; if (priv.AlgorithmName == "ECGOST3410") { if (priv.PublicKeyParamSet == null) { throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( priv.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); algID = new AlgorithmIdentifier(CryptoProObjectIdentifiers.GostR3410x2001, gostParams); // TODO Do we need to pass any parameters here? ec = new ECPrivateKeyStructure(orderBitLength, priv.D); } else { X962Parameters x962; if (priv.PublicKeyParamSet == null) { X9ECParameters ecP = new X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()); x962 = new X962Parameters(ecP); } else { x962 = new X962Parameters(priv.PublicKeyParamSet); } // TODO Possible to pass the publicKey bitstring here? ec = new ECPrivateKeyStructure(orderBitLength, priv.D, x962); algID = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, x962); } return(new PrivateKeyInfo(algID, ec)); } if (key is Gost3410PrivateKeyParameters) { Gost3410PrivateKeyParameters _key = (Gost3410PrivateKeyParameters)key; if (_key.PublicKeyParamSet == null) { throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } byte[] keyEnc = _key.X.ToByteArrayUnsigned(); byte[] keyBytes = new byte[keyEnc.Length]; for (int i = 0; i != keyBytes.Length; i++) { keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian } Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters( _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet, null); AlgorithmIdentifier algID = new AlgorithmIdentifier( CryptoProObjectIdentifiers.GostR3410x94, algParams.ToAsn1Object()); return(new PrivateKeyInfo(algID, new DerOctetString(keyBytes))); } #endif throw new ArgumentException("Class provided is not convertible: " + Platform.GetTypeName(key)); }
public void TestAlgorithms() { // // RSA parameters // BigInteger rsaMod = new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16); BigInteger rsaPubExp = new BigInteger("10001", 16); BigInteger rsaPrivExp = new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16); BigInteger rsaPrivP = new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16); BigInteger rsaPrivQ = new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16); BigInteger rsaPrivDP = new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16); BigInteger rsaPrivDQ = new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16); BigInteger rsaPrivQinv = new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16); RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaMod, rsaPubExp); RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters( rsaMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); // // ECDSA parameters // BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv")); BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R")); BigInteger ECParraH = new BigInteger(Base64.Decode("AQ==")); BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L")); BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l")); BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx")); BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo")); FpCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecDomain = new ECDomainParameters(curve, new FpPoint(curve, curve.FromBigInteger(ECParraGX), curve.FromBigInteger(ECParraGY)), ECParraN); ECPublicKeyParameters ecPub = new ECPublicKeyParameters( new FpPoint(curve, curve.FromBigInteger(ECPubQX), curve.FromBigInteger(ECPubQY)), ecDomain); ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain); // // DSA parameters // BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM=")); BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs=")); BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx")); BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw==")); BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A=")); DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG); DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para); DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para); // // ECGOST3410 parameters // IAsymmetricCipherKeyPairGenerator ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); ecGostKpg.Init( new ECKeyGenerationParameters( CryptoProObjectIdentifiers.GostR3410x2001CryptoProA, new SecureRandom())); AsymmetricCipherKeyPair ecGostPair = ecGostKpg.GenerateKeyPair(); // // GOST3410 parameters // IAsymmetricCipherKeyPairGenerator gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); gostKpg.Init( new Gost3410KeyGenerationParameters( new SecureRandom(), CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); AsymmetricCipherKeyPair gostPair = gostKpg.GenerateKeyPair(); // // signer loop // byte[] shortMsg = new byte[] { 1, 4, 5, 6, 8, 8, 4, 2, 1, 3 }; byte[] longMsg = new byte[100]; new SecureRandom().NextBytes(longMsg); foreach (string algorithm in SignerUtilities.Algorithms) { ISigner signer = SignerUtilities.GetSigner(algorithm); string upper = algorithm.ToUpper(CultureInfo.InvariantCulture); int withPos = upper.LastIndexOf("WITH"); string cipherName = withPos < 0 ? upper : upper.Substring(withPos + "WITH".Length); ICipherParameters signParams = null, verifyParams = null; if (cipherName == "RSA" || cipherName == "RSAANDMGF1") { signParams = rsaPrivate; verifyParams = rsaPublic; } else if (cipherName == "ECDSA") { signParams = ecPriv; verifyParams = ecPub; } else if (cipherName == "DSA") { signParams = dsaPriv; verifyParams = dsaPub; } else if (cipherName == "ECGOST3410") { signParams = ecGostPair.Private; verifyParams = ecGostPair.Public; } else if (cipherName == "GOST3410") { signParams = gostPair.Private; verifyParams = gostPair.Public; } else { Assert.Fail("Unknown algorithm encountered: " + cipherName); } signer.Init(true, signParams); foreach (byte b in shortMsg) { signer.Update(b); } signer.BlockUpdate(longMsg, 0, longMsg.Length); byte[] sig = signer.GenerateSignature(); signer.Init(false, verifyParams); foreach (byte b in shortMsg) { signer.Update(b); } signer.BlockUpdate(longMsg, 0, longMsg.Length); Assert.IsTrue(signer.VerifySignature(sig), cipherName + " signer " + algorithm + " failed."); } }
public void doTestECGost( string name) { // ECGenParameterSpec ecSpec = new ECGenParameterSpec(name); ECDomainParameters ecSpec = GetCurveParameters(name); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); // g.initialize(ecSpec, new SecureRandom()); g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); ISigner sgr = SignerUtilities.GetSigner("ECGOST3410"); IAsymmetricCipherKeyPair pair = g.GenerateKeyPair(); IAsymmetricKeyParameter sKey = pair.Private; IAsymmetricKeyParameter vKey = pair.Public; sgr.Init(true, sKey); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail(name + " verification failed"); } // TODO Get this working? // // // // public key encoding test // // //// byte[] pubEnc = vKey.getEncoded(); // byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded(); // //// KeyFactory keyFac = KeyFactory.getInstance("ECGOST3410"); //// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); //// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); // ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); // //// if (!pubKey.getW().equals(((ECPublicKey)vKey).getW())) // if (!pubKey.Q.Equals(((ECPublicKeyParameters)vKey).Q)) // { // Fail("public key encoding (Q test) failed"); // } // TODO Put back in? // if (!(pubKey.Parameters is ECNamedCurveSpec)) // { // Fail("public key encoding not named curve"); // } // TODO Get this working? // // // // private key encoding test // // //// byte[] privEnc = sKey.getEncoded(); // byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded(); // //// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); //// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); // ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); // //// if (!privKey.getS().Equals(((ECPrivateKey)sKey).getS())) // if (!privKey.D.Equals(((ECPrivateKeyParameters)sKey).D)) // { // Fail("GOST private key encoding (D test) failed"); // } // TODO Put back in? // if (!(privKey.Parameters is ECNamedCurveSpec)) // { // Fail("GOST private key encoding not named curve"); // } // // ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams(); // if (!privSpec.getName().equalsIgnoreCase(name) // && !privSpec.getName().equalsIgnoreCase((String)CURVE_ALIASES[name])) // { // Fail("GOST private key encoding wrong named curve. Expected: " + name + " got " + privSpec.getName()); // } }
internal ECMQV (ECDomainParameters domain) { _params = new ECMQVParameters (domain); _kdf = new ANSI_X963_KDF (new SHA1Managed ()); }
public void doTestCurve( string name) { // ECGenParameterSpec ecSpec = new ECGenParameterSpec(name); ECDomainParameters ecSpec = GetCurveParameters(name); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDH"); // g.initialize(ecSpec, new SecureRandom()); g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); // // a side // IAsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair(); // KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDHC"); IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("ECDHC"); aKeyAgree.Init(aKeyPair.Private); // // b side // IAsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair(); // KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDHC"); IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement("ECDHC"); bKeyAgree.Init(bKeyPair.Private); // // agreement // // aKeyAgree.doPhase(bKeyPair.Public, true); // bKeyAgree.doPhase(aKeyPair.Public, true); // // IBigInteger k1 = new BigInteger(aKeyAgree.generateSecret()); // IBigInteger k2 = new BigInteger(bKeyAgree.generateSecret()); IBigInteger k1 = aKeyAgree.CalculateAgreement(bKeyPair.Public); IBigInteger k2 = bKeyAgree.CalculateAgreement(aKeyPair.Public); if (!k1.Equals(k2)) { Fail("2-way test failed"); } // // public key encoding test // // byte[] pubEnc = aKeyPair.Public.getEncoded(); byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded(); // KeyFactory keyFac = KeyFactory.getInstance("ECDH"); // X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); // ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); ECPublicKeyParameters pubKey = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pubEnc); // if (!pubKey.getW().Equals(((ECPublicKey)aKeyPair.Public).getW())) if (!pubKey.Q.Equals(((ECPublicKeyParameters)aKeyPair.Public).Q)) { Fail("public key encoding (Q test) failed"); } // TODO Put back in? // if (!(pubKey.getParams() is ECNamedCurveSpec)) // { // Fail("public key encoding not named curve"); // } // // private key encoding test // // byte[] privEnc = aKeyPair.Private.getEncoded(); byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded(); // PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); // ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privEnc); // if (!privKey.getS().Equals(((ECPrivateKey)aKeyPair.Private).getS())) if (!privKey.D.Equals(((ECPrivateKeyParameters)aKeyPair.Private).D)) { Fail("private key encoding (S test) failed"); } // TODO Put back in? // if (!(privKey.getParams() is ECNamedCurveSpec)) // { // Fail("private key encoding not named curve"); // } // // ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams(); // if (!(privSpec.GetName().Equals(name) || privSpec.GetName().Equals(CurveNames.get(name)))) // { // Fail("private key encoding wrong named curve. Expected: " // + CurveNames[name] + " got " + privSpec.GetName()); // } }
internal ECMQVParameters (ECDomainParameters domain) { _pair1 = new ECKeyPair (null, null, domain); _pair2 = new ECKeyPair (null, null, domain); }
/// <summary> /// Create a Subject Public Key Info object for a given public key. /// </summary> /// <param name="key">One of ElGammalPublicKeyParameters, DSAPublicKeyParameter, DHPublicKeyParameters, RsaKeyParameters or ECPublicKeyParameters</param> /// <returns>A subject public key info object.</returns> /// <exception cref="Exception">Throw exception if object provided is not one of the above.</exception> public static SubjectPublicKeyInfo CreateSubjectPublicKeyInfo( AsymmetricKeyParameter key) { if (key == null) { throw new ArgumentNullException("key"); } if (key.IsPrivate) { throw new ArgumentException("Private key passed - public key expected.", "key"); } if (key is ElGamalPublicKeyParameters) { ElGamalPublicKeyParameters _key = (ElGamalPublicKeyParameters)key; ElGamalParameters kp = _key.Parameters; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier( OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(kp.P, kp.G).ToAsn1Object()), new DerInteger(_key.Y)); return(info); } if (key is DsaPublicKeyParameters) { DsaPublicKeyParameters _key = (DsaPublicKeyParameters)key; DsaParameters kp = _key.Parameters; Asn1Encodable ae = kp == null ? null : new DsaParameter(kp.P, kp.Q, kp.G).ToAsn1Object(); return(new SubjectPublicKeyInfo( new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, ae), new DerInteger(_key.Y))); } if (key is DHPublicKeyParameters) { DHPublicKeyParameters _key = (DHPublicKeyParameters)key; DHParameters kp = _key.Parameters; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier( _key.AlgorithmOid, new DHParameter(kp.P, kp.G, kp.L).ToAsn1Object()), new DerInteger(_key.Y)); return(info); } // End of DH if (key is RsaKeyParameters) { RsaKeyParameters _key = (RsaKeyParameters)key; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance), new RsaPublicKeyStructure(_key.Modulus, _key.Exponent).ToAsn1Object()); return(info); } // End of RSA. if (key is ECPublicKeyParameters) { ECPublicKeyParameters _key = (ECPublicKeyParameters)key; if (_key.AlgorithmName == "ECGOST3410") { if (_key.PublicKeyParamSet == null) { throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } ECPoint q = _key.Q; BigInteger bX = q.X.ToBigInteger(); BigInteger bY = q.Y.ToBigInteger(); byte[] encKey = new byte[64]; ExtractBytes(encKey, 0, bX); ExtractBytes(encKey, 32, bY); Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); AlgorithmIdentifier algID = new AlgorithmIdentifier( CryptoProObjectIdentifiers.GostR3410x2001, gostParams.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, new DerOctetString(encKey))); } else { X962Parameters x962; if (_key.PublicKeyParamSet == null) { ECDomainParameters kp = _key.Parameters; X9ECParameters ecP = new X9ECParameters(kp.Curve, kp.G, kp.N, kp.H, kp.GetSeed()); x962 = new X962Parameters(ecP); } else { x962 = new X962Parameters(_key.PublicKeyParamSet); } Asn1OctetString p = (Asn1OctetString)(new X9ECPoint(_key.Q).ToAsn1Object()); AlgorithmIdentifier algID = new AlgorithmIdentifier( X9ObjectIdentifiers.IdECPublicKey, x962.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, p.GetOctets())); } } // End of EC if (key is Gost3410PublicKeyParameters) { Gost3410PublicKeyParameters _key = (Gost3410PublicKeyParameters)key; if (_key.PublicKeyParamSet == null) { throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } byte[] keyEnc = _key.Y.ToByteArrayUnsigned(); byte[] keyBytes = new byte[keyEnc.Length]; for (int i = 0; i != keyBytes.Length; i++) { keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian } Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters( _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); AlgorithmIdentifier algID = new AlgorithmIdentifier( CryptoProObjectIdentifiers.GostR3410x94, algParams.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, new DerOctetString(keyBytes))); } throw new ArgumentException("Class provided no convertible: " + key.GetType().FullName); }
public bool VerifySignature(byte[] message, byte[] signature, byte[] pubkey) { if (pubkey.Length == 33 && (pubkey[0] == 0x02 || pubkey[0] == 0x03)) { try { pubkey = ECPoint.DecodePoint(pubkey, ECCurve.Secp256r1).EncodePoint(false).Skip(1).ToArray(); } catch { return(false); } } else if (pubkey.Length == 65 && pubkey[0] == 0x04) { pubkey = pubkey.Skip(1).ToArray(); } else if (pubkey.Length != 64) { throw new ArgumentException(); } BigInteger x = new BigInteger(1, pubkey.Take(32).ToArray()); BigInteger y = new BigInteger(1, pubkey.Skip(32).ToArray()); X9ECParameters ecParams = NistNamedCurves.GetByName("P-256"); ECDomainParameters domainParameters = new ECDomainParameters(ecParams.Curve, ecParams.G, ecParams.N, ecParams.H, ecParams.GetSeed()); var G = ecParams.G; Org.BouncyCastle.Math.EC.ECCurve curve = ecParams.Curve; Org.BouncyCastle.Math.EC.ECPoint q = curve.CreatePoint(x, y); ECPublicKeyParameters pubkeyParam = new ECPublicKeyParameters(q, domainParameters); var verifier = SignerUtilities.GetSigner("SHA-256withECDSA"); verifier.Init(false, pubkeyParam); verifier.BlockUpdate(message, 0, message.Length); // expected format is SEQUENCE {INTEGER r, INTEGER s} var derSignature = new DerSequence( // first 32 bytes is "r" number new DerInteger(new BigInteger(1, signature.Take(32).ToArray())), // last 32 bytes is "s" number new DerInteger(new BigInteger(1, signature.Skip(32).ToArray()))) .GetDerEncoded(); ///old verify method /// /* * const int ECDSA_PUBLIC_P256_MAGIC = 0x31534345; * pubkey = BitConverter.GetBytes(ECDSA_PUBLIC_P256_MAGIC).Concat(BitConverter.GetBytes(32)).Concat(pubkey).ToArray(); * using (CngKey key = CngKey.Import(pubkey, CngKeyBlobFormat.EccPublicBlob)) * using (ECDsaCng ecdsa = new ECDsaCng(key)) * { * var result = ecdsa.VerifyData(message, signature, HashAlgorithmName.SHA256); * } */ /////////////////// return(verifier.VerifySignature(derSignature)); }
public Secp256r1() { // set curve _curve = ECNamedCurveTable.GetByName("secp256r1"); _curveSpec = new ECDomainParameters(_curve.Curve, _curve.G, _curve.N, _curve.H); }