public ECIES (ECDomainNames name)
{
_domain = ECDomains.GetDomainParameter (name);
_kdf = new ANSI_X963_KDF (new SHA1Managed ());
_params = new ECIESParameters (_domain);
_mac = new HMACSHA1 ();
}
private static byte[] ExportCertificate(X509Certificate certificate, AsymmetricCipherKeyPair subjectKeyPair, TCertificateFormat certificateFormat)
{
byte[] result = null;
switch (certificateFormat)
{
case TCertificateFormat.NotSet:
break;
case TCertificateFormat.PEM:
using (MemoryStream stream = new MemoryStream())
{
using (StreamWriter writer = new StreamWriter(stream))
{
Org.BouncyCastle.Utilities.IO.Pem.PemWriter pemWriter = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(writer);
if (subjectKeyPair.Private is ECKeyParameters)
{
ECPrivateKeyParameters priv = (ECPrivateKeyParameters)subjectKeyPair.Private;
ECDomainParameters dp = priv.Parameters;
int orderBitLength = dp.N.BitLength;
Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure ec;
Org.BouncyCastle.Asn1.X9.X962Parameters x962;
if (priv.PublicKeyParamSet == null)
{
Org.BouncyCastle.Asn1.X9.X9ECParameters ecP = new Org.BouncyCastle.Asn1.X9.X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed());
x962 = new Org.BouncyCastle.Asn1.X9.X962Parameters(ecP);
}
else
{
x962 = new Org.BouncyCastle.Asn1.X9.X962Parameters(priv.PublicKeyParamSet);
}
ec = new Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure(orderBitLength, priv.D, SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(subjectKeyPair.Public).PublicKeyData, x962);
pemWriter.WriteObject(new Org.BouncyCastle.Utilities.IO.Pem.PemObject("EC PRIVATE KEY", ec.GetEncoded()));
}
else
{
pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(subjectKeyPair.Private));
}
pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(subjectKeyPair.Public));
pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(certificate));
writer.Flush();
result = stream.ToArray();
}
}
break;
case TCertificateFormat.PFX:
//Asn1Sequence asn1Sequence = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(certificate.GetEncoded()));
//asn1Sequence.GetObjects
//Org.BouncyCastle.Asn1.Pkcs.Pfx pfx = new Org.BouncyCastle.Asn1.Pkcs.Pfx();
//Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo info = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private);
//result = pfx.GetEncoded(Asn1Encodable.Der);
break;
case TCertificateFormat.CER:
result = certificate.GetEncoded();
break;
default:
break;
}
return(result);
}
private void doTestParams(
byte[] ecParameterEncoded,
bool compress)
{
// string keyStorePass = "******";
Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(ecParameterEncoded);
X9ECParameters x9 = new X9ECParameters(seq);
AsymmetricCipherKeyPair kp = null;
bool success = false;
while (!success)
{
IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
// kpg.Init(new ECParameterSpec(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()));
ECDomainParameters ecParams = new ECDomainParameters(
x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
kpg.Init(new ECKeyGenerationParameters(ecParams, new SecureRandom()));
kp = kpg.GenerateKeyPair();
// The very old Problem... we need a certificate chain to
// save a private key...
ECPublicKeyParameters pubKey = (ECPublicKeyParameters)kp.Public;
if (!compress)
{
//pubKey.setPointFormat("UNCOMPRESSED");
pubKey = SetPublicUncompressed(pubKey, false);
}
byte[] x = pubKey.Q.X.ToBigInteger().ToByteArrayUnsigned();
byte[] y = pubKey.Q.Y.ToBigInteger().ToByteArrayUnsigned();
if (x.Length == y.Length)
{
success = true;
}
}
// The very old Problem... we need a certificate chain to
// save a private key...
X509CertificateEntry[] chain = new X509CertificateEntry[] {
new X509CertificateEntry(GenerateSelfSignedSoftECCert(kp, compress))
};
// KeyStore keyStore = KeyStore.getInstance("BKS");
// keyStore.load(null, keyStorePass.ToCharArray());
Pkcs12Store keyStore = new Pkcs12StoreBuilder().Build();
keyStore.SetCertificateEntry("ECCert", chain[0]);
ECPrivateKeyParameters privateECKey = (ECPrivateKeyParameters)kp.Private;
keyStore.SetKeyEntry("ECPrivKey", new AsymmetricKeyEntry(privateECKey), chain);
// Test ec sign / verify
ECPublicKeyParameters pub = (ECPublicKeyParameters)kp.Public;
// string oldPrivateKey = new string(Hex.encode(privateECKey.getEncoded()));
byte[] oldPrivateKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateECKey).GetDerEncoded();
string oldPrivateKey = Hex.ToHexString(oldPrivateKeyBytes);
// string oldPublicKey = new string(Hex.encode(pub.getEncoded()));
byte[] oldPublicKeyBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub).GetDerEncoded();
string oldPublicKey = Hex.ToHexString(oldPublicKeyBytes);
ECPrivateKeyParameters newKey = (ECPrivateKeyParameters)
keyStore.GetKey("ECPrivKey").Key;
ECPublicKeyParameters newPubKey = (ECPublicKeyParameters)
keyStore.GetCertificate("ECCert").Certificate.GetPublicKey();
if (!compress)
{
// TODO Private key compression?
//newKey.setPointFormat("UNCOMPRESSED");
//newPubKey.setPointFormat("UNCOMPRESSED");
newPubKey = SetPublicUncompressed(newPubKey, false);
}
// string newPrivateKey = new string(Hex.encode(newKey.getEncoded()));
byte[] newPrivateKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(newKey).GetDerEncoded();
string newPrivateKey = Hex.ToHexString(newPrivateKeyBytes);
// string newPublicKey = new string(Hex.encode(newPubKey.getEncoded()));
byte[] newPublicKeyBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(newPubKey).GetDerEncoded();
string newPublicKey = Hex.ToHexString(newPublicKeyBytes);
if (!oldPrivateKey.Equals(newPrivateKey))
// if (!privateECKey.Equals(newKey))
{
Fail("failed private key comparison");
}
if (!oldPublicKey.Equals(newPublicKey))
// if (!pub.Equals(newPubKey))
{
Fail("failed public key comparison");
}
}
public static AsymmetricKeyParameter CreateKey(PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier privateKeyAlgorithm = keyInfo.PrivateKeyAlgorithm;
DerObjectIdentifier algorithm = privateKeyAlgorithm.Algorithm;
if (algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption) || algorithm.Equals(X509ObjectIdentifiers.IdEARsa) || algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss) || algorithm.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPrivateKeyStructure instance = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
return(new RsaPrivateCrtKeyParameters(instance.Modulus, instance.PublicExponent, instance.PrivateExponent, instance.Prime1, instance.Prime2, instance.Exponent1, instance.Exponent2, instance.Coefficient));
}
if (algorithm.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
DHParameter dHParameter = new DHParameter(Asn1Sequence.GetInstance(privateKeyAlgorithm.Parameters.ToAsn1Object()));
DerInteger derInteger = (DerInteger)keyInfo.ParsePrivateKey();
int l = dHParameter.L?.IntValue ?? 0;
DHParameters parameters = new DHParameters(dHParameter.P, dHParameter.G, null, l);
return(new DHPrivateKeyParameters(derInteger.Value, parameters, algorithm));
}
if (algorithm.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter elGamalParameter = new ElGamalParameter(Asn1Sequence.GetInstance(privateKeyAlgorithm.Parameters.ToAsn1Object()));
DerInteger derInteger2 = (DerInteger)keyInfo.ParsePrivateKey();
return(new ElGamalPrivateKeyParameters(derInteger2.Value, new ElGamalParameters(elGamalParameter.P, elGamalParameter.G)));
}
if (algorithm.Equals(X9ObjectIdentifiers.IdDsa))
{
DerInteger derInteger3 = (DerInteger)keyInfo.ParsePrivateKey();
Asn1Encodable parameters2 = privateKeyAlgorithm.Parameters;
DsaParameters parameters3 = null;
if (parameters2 != null)
{
DsaParameter instance2 = DsaParameter.GetInstance(parameters2.ToAsn1Object());
parameters3 = new DsaParameters(instance2.P, instance2.Q, instance2.G);
}
return(new DsaPrivateKeyParameters(derInteger3.Value, parameters3));
}
if (algorithm.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters x962Parameters = new X962Parameters(privateKeyAlgorithm.Parameters.ToAsn1Object());
X9ECParameters x9ECParameters = (!x962Parameters.IsNamedCurve) ? new X9ECParameters((Asn1Sequence)x962Parameters.Parameters) : ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)x962Parameters.Parameters);
ECPrivateKeyStructure instance3 = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
BigInteger key = instance3.GetKey();
if (x962Parameters.IsNamedCurve)
{
return(new ECPrivateKeyParameters("EC", key, (DerObjectIdentifier)x962Parameters.Parameters));
}
ECDomainParameters parameters4 = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N, x9ECParameters.H, x9ECParameters.GetSeed());
return(new ECPrivateKeyParameters(key, parameters4));
}
if (algorithm.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gost3410PublicKeyAlgParameters = new Gost3410PublicKeyAlgParameters(Asn1Sequence.GetInstance(privateKeyAlgorithm.Parameters.ToAsn1Object()));
ECDomainParameters byOid = ECGost3410NamedCurves.GetByOid(gost3410PublicKeyAlgParameters.PublicKeyParamSet);
if (byOid == null)
{
throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key");
}
Asn1Object asn1Object = keyInfo.ParsePrivateKey();
ECPrivateKeyStructure eCPrivateKeyStructure = (!(asn1Object is DerInteger)) ? ECPrivateKeyStructure.GetInstance(asn1Object) : new ECPrivateKeyStructure(byOid.N.BitLength, ((DerInteger)asn1Object).Value);
return(new ECPrivateKeyParameters("ECGOST3410", eCPrivateKeyStructure.GetKey(), gost3410PublicKeyAlgParameters.PublicKeyParamSet));
}
if (algorithm.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters gost3410PublicKeyAlgParameters2 = new Gost3410PublicKeyAlgParameters(Asn1Sequence.GetInstance(privateKeyAlgorithm.Parameters.ToAsn1Object()));
DerOctetString derOctetString = (DerOctetString)keyInfo.ParsePrivateKey();
BigInteger x = new BigInteger(1, Arrays.Reverse(derOctetString.GetOctets()));
return(new Gost3410PrivateKeyParameters(x, gost3410PublicKeyAlgParameters2.PublicKeyParamSet));
}
throw new SecurityUtilityException("algorithm identifier in key not recognised");
}
internal ECDSAParameters (Number d, ECPoint Q, ECDomainParameters domain) : base (d, Q, domain)
{
}
static Secp256K1()
{
var x9Params = SECNamedCurves.GetByName("secp256k1");
EcParams = new ECDomainParameters(
x9Params.Curve, x9Params.G, x9Params.N, x9Params.H);
}
internal ECDiffieHellmanParameters (Number d, ECPoint Q, ECDomainParameters domain) : base (d, Q, domain)
{
}
static ECGost3410NamedCurves()
{
BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319");
BigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
ECCurve curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a
new BigInteger("166"), // b
mod_q, BigInteger.One));
ECDomainParameters ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("1"), // x
new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y
mod_q, BigInteger.One);
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = ecParams;
mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319");
mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"),
new BigInteger("166"),
mod_q, BigInteger.One));
ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("1"), // x
new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y
mod_q, BigInteger.One);
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = ecParams;
mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p
mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); //q
curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a
new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595"), // b
mod_q, BigInteger.One));
ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("1"), // x
new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124")), // y
mod_q, BigInteger.One);
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = ecParams;
mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619");
mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601");
curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"),
new BigInteger("32858"),
mod_q, BigInteger.One));
ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("0"),
new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")),
mod_q, BigInteger.One);
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = ecParams;
mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p
mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); //q
curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a
new BigInteger("32858"), // b
mod_q, BigInteger.One));
ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("0"), // x
new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), // y
mod_q, BigInteger.One);
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = ecParams;
//GOST34.10 2012
mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", 16); //p
mod_q = new BigInteger("400000000000000000000000000000000FD8CDDFC87B6635C115AF556C360C67", 16); //q
curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("C2173F1513981673AF4892C23035A27CE25E2013BF95AA33B22C656F277E7335", 16), // a
new BigInteger("295F9BAE7428ED9CCC20E7C359A9D41A22FCCD9108E17BF7BA9337A6F8AE9513", 16), // b
mod_q, BigInteger.Four));
ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("91E38443A5E82C0D880923425712B2BB658B9196932E02C78B2582FE742DAA28", 16), // x
new BigInteger("32879423AB1A0375895786C4BB46E9565FDE0B5344766740AF268ADB32322E5C", 16)), // y
mod_q, BigInteger.Four);
parameters[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA] = ecParams;
mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7", 16); //p
mod_q = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF27E69532F48D89116FF22B8D4E0560609B4B38ABFAD2B85DCACDB1411F10B275", 16); //q
curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC4", 16), // a
new BigInteger("E8C2505DEDFC86DDC1BD0B2B6667F1DA34B82574761CB0E879BD081CFD0B6265EE3CB090F30D27614CB4574010DA90DD862EF9D4EBEE4761503190785A71C760", 16), // b
mod_q, BigInteger.One));
ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003"), // x
new BigInteger("7503CFE87A836AE3A61B8816E25450E6CE5E1C93ACF1ABC1778064FDCBEFA921DF1626BE4FD036E93D75E6A50E3A41E98028FE5FC235F5B889A589CB5215F2A4", 16)), // y
mod_q, BigInteger.One);
parameters[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA] = ecParams;
mod_p = new BigInteger("8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006F", 16); //p
mod_q = new BigInteger("800000000000000000000000000000000000000000000000000000000000000149A1EC142565A545ACFDB77BD9D40CFA8B996712101BEA0EC6346C54374F25BD", 16); //q
curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006C", 16), // a
new BigInteger("687D1B459DC841457E3E06CF6F5E2517B97C7D614AF138BCBF85DC806C4B289F3E965D2DB1416D217F8B276FAD1AB69C50F78BEE1FA3106EFB8CCBC7C5140116", 16), // b
mod_q, BigInteger.One));
ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"), // x
new BigInteger("1A8F7EDA389B094C2C071E3647A8940F3C123B697578C213BE6DD9E6C8EC7335DCB228FD1EDF4A39152CBCAAF8C0398828041055F94CEEEC7E21340780FE41BD", 16)), // y
mod_q, BigInteger.One);
parameters[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB] = ecParams;
mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7", 16); //p
mod_q = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC98CDBA46506AB004C33A9FF5147502CC8EDA9E7A769A12694623CEF47F023ED", 16); //q
curve = ConfigureCurve(new FpCurve(
mod_p, // p
new BigInteger("DC9203E514A721875485A529D2C722FB187BC8980EB866644DE41C68E143064546E861C0E2C9EDD92ADE71F46FCF50FF2AD97F951FDA9F2A2EB6546F39689BD3", 16), // a
new BigInteger("B4C4EE28CEBC6C2C8AC12952CF37F16AC7EFB6A9F69F4B57FFDA2E4F0DE5ADE038CBC2FFF719D2C18DE0284B8BFEF3B52B8CC7A5F5BF0A3C8D2319A5312557E1", 16), // b
mod_q, BigInteger.Four));
ecParams = new ECDomainParameters(
curve,
ConfigureBasepoint(curve,
new BigInteger("E2E31EDFC23DE7BDEBE241CE593EF5DE2295B7A9CBAEF021D385F7074CEA043AA27272A7AE602BF2A7B9033DB9ED3610C6FB85487EAE97AAC5BC7928C1950148", 16), // x
new BigInteger("F5CE40D95B5EB899ABBCCFF5911CB8577939804D6527378B8C108C3D2090FF9BE18E2D33E3021ED2EF32D85822423B6304F726AA854BAE07D0396E9A9ADDC40F", 16)), // y
mod_q, BigInteger.Four);
parameters[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC] = ecParams;
objIds["GostR3410-2001-CryptoPro-A"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProA;
objIds["GostR3410-2001-CryptoPro-B"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProB;
objIds["GostR3410-2001-CryptoPro-C"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProC;
objIds["GostR3410-2001-CryptoPro-XchA"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA;
objIds["GostR3410-2001-CryptoPro-XchB"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB;
objIds["Tc26-Gost-3410-12-256-paramSetA"] = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA;
objIds["Tc26-Gost-3410-12-512-paramSetA"] = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA;
objIds["Tc26-Gost-3410-12-512-paramSetB"] = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB;
objIds["Tc26-Gost-3410-12-512-paramSetC"] = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC;
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = "GostR3410-2001-CryptoPro-A";
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = "GostR3410-2001-CryptoPro-B";
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = "GostR3410-2001-CryptoPro-C";
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = "GostR3410-2001-CryptoPro-XchA";
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = "GostR3410-2001-CryptoPro-XchB";
names[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA] = "Tc26-Gost-3410-12-256-paramSetA";
names[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA] = "Tc26-Gost-3410-12-512-paramSetA";
names[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB] = "Tc26-Gost-3410-12-512-paramSetB";
names[RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC] = "Tc26-Gost-3410-12-512-paramSetC";
}
public void TestCreationECDSA()
{
BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv"));
BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R"));
BigInteger ECParraH = new BigInteger(Base64.Decode("AQ=="));
BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L"));
BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l"));
BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx"));
BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo"));
FpCurve curve = new FpCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECDomainParameters ecDomain =
new ECDomainParameters(curve, new FpPoint(curve, curve.FromBigInteger(ECParraGX), curve.FromBigInteger(ECParraGY)), ECParraN);
ECPublicKeyParameters ecPub = new ECPublicKeyParameters(
"ECDSA",
new FpPoint(curve,
curve.FromBigInteger(ECPubQX),
curve.FromBigInteger(ECPubQY)),
ecDomain);
ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters("ECDSA", ECPrivD, ecDomain);
IDictionary attrs = new Hashtable();
attrs[X509Name.C] = "AU";
attrs[X509Name.O] = "The Legion of the Bouncy Castle";
attrs[X509Name.L] = "Melbourne";
attrs[X509Name.ST] = "Victoria";
attrs[X509Name.E] = "*****@*****.**";
IList ord = new ArrayList();
ord.Add(X509Name.C);
ord.Add(X509Name.O);
ord.Add(X509Name.L);
ord.Add(X509Name.ST);
ord.Add(X509Name.E);
IList values = new ArrayList();
values.Add("AU");
values.Add("The Legion of the Bouncy Castle");
values.Add("Melbourne");
values.Add("Victoria");
values.Add("*****@*****.**");
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
certGen.SetSerialNumber(BigInteger.One);
certGen.SetIssuerDN(new X509Name(ord, attrs));
certGen.SetNotBefore(DateTime.Today.Subtract(new TimeSpan(1, 0, 0, 0)));
certGen.SetNotAfter(DateTime.Today.AddDays(1));
certGen.SetSubjectDN(new X509Name(ord, attrs));
certGen.SetPublicKey(ecPub);
certGen.SetSignatureAlgorithm("SHA1WITHECDSA");
certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
X509Certificate cert = certGen.Generate(ecPriv);
// Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)");
cert.CheckValidity();
cert.Verify(ecPub);
ISet extOidSet = cert.GetCriticalExtensionOids();
if (extOidSet.Count != 1)
{
Fail("wrong number of oids");
}
//if (dummySet != null)
//{
// foreach (string key in dummySet)
// {
// Console.WriteLine("\t{0}:\t{1}", key);
// }
//}
//Console.WriteLine();
//dummySet = cert.GetNonCriticalExtensionOids();
//if (dummySet != null)
//{
// foreach (string key in dummySet)
// {
// Console.WriteLine("\t{0}:\t{1}", key);
// }
//}
//Console.WriteLine();
}
static ECGost3410NamedCurves()
{
IBigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319");
IBigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
FPCurve curve = new FPCurve(
mod_p, // p
new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a
new BigInteger("166")); // b
ECDomainParameters ecParams = new ECDomainParameters(
curve,
curve.CreatePoint(
BigInteger.One, // x
new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"), // y
false),
mod_q);
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = ecParams;
mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319");
mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
curve = new FPCurve(
mod_p, // p
new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"),
new BigInteger("166"));
ecParams = new ECDomainParameters(
curve,
curve.CreatePoint(
BigInteger.One, // x
new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"), // y
false),
mod_q);
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = ecParams;
mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p
mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); //q
curve = new FPCurve(
mod_p, // p
new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a
new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595")); // b
ecParams = new ECDomainParameters(
curve,
curve.CreatePoint(
BigInteger.One, // x
new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124"), // y
false),
mod_q); // q
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = ecParams;
mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619");
mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601");
curve = new FPCurve(
mod_p, // p
new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"),
new BigInteger("32858"));
ecParams = new ECDomainParameters(
curve,
curve.CreatePoint(
BigInteger.Zero, // x
new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"), // y
false),
mod_q);
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = ecParams;
mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p
mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); //q
curve = new FPCurve(
mod_p, // p
new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a
new BigInteger("32858")); // b
ecParams = new ECDomainParameters(
curve,
curve.CreatePoint(
BigInteger.Zero, // x
new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"), // y
false),
mod_q); // q
parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = ecParams;
objIds["GostR3410-2001-CryptoPro-A"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProA;
objIds["GostR3410-2001-CryptoPro-B"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProB;
objIds["GostR3410-2001-CryptoPro-C"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProC;
objIds["GostR3410-2001-CryptoPro-XchA"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA;
objIds["GostR3410-2001-CryptoPro-XchB"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB;
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = "GostR3410-2001-CryptoPro-A";
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = "GostR3410-2001-CryptoPro-B";
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = "GostR3410-2001-CryptoPro-C";
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = "GostR3410-2001-CryptoPro-XchA";
names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = "GostR3410-2001-CryptoPro-XchB";
}
private static X9ECParameters FromDomainParameters(ECDomainParameters dp)
{
return(dp == null ? null : new X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()));
}
public override void PerformTest()
{
generationTest(512, "RSA", "SHA1withRSA");
generationTest(512, "GOST3410", "GOST3411withGOST3410");
// if (Security.getProvider("SunRsaSign") != null)
// {
// generationTest(512, "RSA", "SHA1withRSA", "SunRsaSign");
// }
// elliptic curve GOST A parameter set
Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(gost3410EC_A);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_A.");
}
// elliptic curve GOST B parameter set
req = new Pkcs10CertificationRequest(gost3410EC_B);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_B.");
}
// elliptic curve GOST C parameter set
req = new Pkcs10CertificationRequest(gost3410EC_C);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_C.");
}
// elliptic curve GOST ExA parameter set
req = new Pkcs10CertificationRequest(gost3410EC_ExA);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_ExA.");
}
// elliptic curve GOST ExB parameter set
req = new Pkcs10CertificationRequest(gost3410EC_ExB);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_ExA.");
}
// elliptic curve openSSL
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
ECCurve curve = new FpCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECDomainParameters ecSpec = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
// g.initialize(ecSpec, new SecureRandom());
g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
AsymmetricCipherKeyPair kp = g.GenerateKeyPair();
req = new Pkcs10CertificationRequest(
"ECDSAWITHSHA1", new X509Name("CN=XXX"), kp.Public, null, kp.Private);
if (!req.Verify())
{
Fail("Failed Verify check EC.");
}
createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
createECRequest("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
createECRequest("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
createECRequest("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
createECRequest("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
createECGostRequest();
// TODO The setting of parameters for MGF algorithms is not implemented
// createPssTest("SHA1withRSAandMGF1");
// createPssTest("SHA224withRSAandMGF1");
// createPssTest("SHA256withRSAandMGF1");
// createPssTest("SHA384withRSAandMGF1");
nullPointerTest();
}
/*
* we generate a self signed certificate for the sake of testing - SHA224withECDSA
*/
private void createECRequest(
string algorithm,
DerObjectIdentifier algOid)
{
FpCurve curve = new FpCurve(
new BigInteger("6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151"), // q (or p)
new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", 16), // a
new BigInteger("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", 16)); // b
ECDomainParameters spec = new ECDomainParameters(
curve,
// curve.DecodePoint(Hex.Decode("02C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G
curve.DecodePoint(Hex.Decode("0200C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G
new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 16)); // n
ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(
new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
spec);
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
// curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
spec);
// //
// // set up the keys
// //
// AsymmetricKeyParameter privKey;
// AsymmetricKeyParameter pubKey;
//
// KeyFactory fact = KeyFactory.getInstance("ECDSA");
//
// privKey = fact.generatePrivate(privKeySpec);
// pubKey = fact.generatePublic(pubKeySpec);
Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(
algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
if (!req.Verify())
{
Fail("Failed Verify check EC.");
}
req = new Pkcs10CertificationRequest(req.GetEncoded());
if (!req.Verify())
{
Fail("Failed Verify check EC encoded.");
}
//
// try with point compression turned off
//
// ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
ECPoint q = pubKey.Q.Normalize();
pubKey = new ECPublicKeyParameters(
pubKey.AlgorithmName,
q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()),
pubKey.Parameters);
req = new Pkcs10CertificationRequest(
algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
if (!req.Verify())
{
Fail("Failed Verify check EC uncompressed.");
}
req = new Pkcs10CertificationRequest(req.GetEncoded());
if (!req.Verify())
{
Fail("Failed Verify check EC uncompressed encoded.");
}
if (!req.SignatureAlgorithm.Algorithm.Equals(algOid))
{
Fail("ECDSA oid incorrect.");
}
if (req.SignatureAlgorithm.Parameters != null)
{
Fail("ECDSA parameters incorrect.");
}
ISigner sig = SignerUtilities.GetSigner(algorithm);
sig.Init(false, pubKey);
byte[] b = req.GetCertificationRequestInfo().GetEncoded();
sig.BlockUpdate(b, 0, b.Length);
if (!sig.VerifySignature(req.GetSignatureOctets()))
{
Fail("signature not mapped correctly.");
}
}
/// <summary>
/// Creates a new signing key pair
/// </summary>
/// <param name="name">The name of the key or zone</param>
/// <param name="recordClass">The record class of the DnsKeyRecord</param>
/// <param name="timeToLive">The TTL in seconds to the DnsKeyRecord</param>
/// <param name="flags">The Flags of the DnsKeyRecord</param>
/// <param name="protocol">The protocol version</param>
/// <param name="algorithm">The key algorithm</param>
/// <param name="keyStrength">The key strength or 0 for default strength</param>
/// <returns></returns>
public static DnsKeyRecord CreateSigningKey(DomainName name, RecordClass recordClass, int timeToLive, DnsKeyFlags flags, byte protocol, DnsSecAlgorithm algorithm, int keyStrength = 0)
{
byte[] privateKey;
byte[] publicKey;
switch (algorithm)
{
case DnsSecAlgorithm.RsaSha1:
case DnsSecAlgorithm.RsaSha1Nsec3Sha1:
case DnsSecAlgorithm.RsaSha256:
case DnsSecAlgorithm.RsaSha512:
if (keyStrength == 0)
{
keyStrength = (flags == (DnsKeyFlags.Zone | DnsKeyFlags.SecureEntryPoint)) ? 2048 : 1024;
}
RsaKeyPairGenerator rsaKeyGen = new RsaKeyPairGenerator();
rsaKeyGen.Init(new KeyGenerationParameters(_secureRandom, keyStrength));
var rsaKey = rsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaKey.Private).GetDerEncoded();
var rsaPublicKey = (RsaKeyParameters)rsaKey.Public;
var rsaExponent = rsaPublicKey.Exponent.ToByteArrayUnsigned();
var rsaModulus = rsaPublicKey.Modulus.ToByteArrayUnsigned();
int offset = 1;
if (rsaExponent.Length > 255)
{
publicKey = new byte[3 + rsaExponent.Length + rsaModulus.Length];
DnsMessageBase.EncodeUShort(publicKey, ref offset, (ushort)publicKey.Length);
}
else
{
publicKey = new byte[1 + rsaExponent.Length + rsaModulus.Length];
publicKey[0] = (byte)rsaExponent.Length;
}
DnsMessageBase.EncodeByteArray(publicKey, ref offset, rsaExponent);
DnsMessageBase.EncodeByteArray(publicKey, ref offset, rsaModulus);
break;
case DnsSecAlgorithm.Dsa:
case DnsSecAlgorithm.DsaNsec3Sha1:
if (keyStrength == 0)
{
keyStrength = 1024;
}
DsaParametersGenerator dsaParamsGen = new DsaParametersGenerator();
dsaParamsGen.Init(keyStrength, 12, _secureRandom);
DsaKeyPairGenerator dsaKeyGen = new DsaKeyPairGenerator();
dsaKeyGen.Init(new DsaKeyGenerationParameters(_secureRandom, dsaParamsGen.GenerateParameters()));
var dsaKey = dsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dsaKey.Private).GetDerEncoded();
var dsaPublicKey = (DsaPublicKeyParameters)dsaKey.Public;
var dsaY = dsaPublicKey.Y.ToByteArrayUnsigned();
var dsaP = dsaPublicKey.Parameters.P.ToByteArrayUnsigned();
var dsaQ = dsaPublicKey.Parameters.Q.ToByteArrayUnsigned();
var dsaG = dsaPublicKey.Parameters.G.ToByteArrayUnsigned();
var dsaT = (byte)((dsaY.Length - 64) / 8);
publicKey = new byte[21 + 3 * dsaY.Length];
publicKey[0] = dsaT;
dsaQ.CopyTo(publicKey, 1);
dsaP.CopyTo(publicKey, 21);
dsaG.CopyTo(publicKey, 21 + dsaY.Length);
dsaY.CopyTo(publicKey, 21 + 2 * dsaY.Length);
break;
case DnsSecAlgorithm.EccGost:
ECDomainParameters gostEcDomainParameters = ECGost3410NamedCurves.GetByOid(CryptoProObjectIdentifiers.GostR3410x2001CryptoProA);
var gostKeyGen = new ECKeyPairGenerator();
gostKeyGen.Init(new ECKeyGenerationParameters(gostEcDomainParameters, _secureRandom));
var gostKey = gostKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(gostKey.Private).GetDerEncoded();
var gostPublicKey = (ECPublicKeyParameters)gostKey.Public;
publicKey = new byte[64];
gostPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 32);
gostPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0);
publicKey = publicKey.Reverse().ToArray();
break;
case DnsSecAlgorithm.EcDsaP256Sha256:
case DnsSecAlgorithm.EcDsaP384Sha384:
int ecDsaDigestSize;
X9ECParameters ecDsaCurveParameter;
if (algorithm == DnsSecAlgorithm.EcDsaP256Sha256)
{
ecDsaDigestSize = new Sha256Digest().GetDigestSize();
ecDsaCurveParameter = NistNamedCurves.GetByOid(SecObjectIdentifiers.SecP256r1);
}
else
{
ecDsaDigestSize = new Sha384Digest().GetDigestSize();
ecDsaCurveParameter = NistNamedCurves.GetByOid(SecObjectIdentifiers.SecP384r1);
}
ECDomainParameters ecDsaP384EcDomainParameters = new ECDomainParameters(
ecDsaCurveParameter.Curve,
ecDsaCurveParameter.G,
ecDsaCurveParameter.N,
ecDsaCurveParameter.H,
ecDsaCurveParameter.GetSeed());
var ecDsaKeyGen = new ECKeyPairGenerator();
ecDsaKeyGen.Init(new ECKeyGenerationParameters(ecDsaP384EcDomainParameters, _secureRandom));
var ecDsaKey = ecDsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecDsaKey.Private).GetDerEncoded();
var ecDsaPublicKey = (ECPublicKeyParameters)ecDsaKey.Public;
publicKey = new byte[ecDsaDigestSize * 2];
ecDsaPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0);
ecDsaPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, ecDsaDigestSize);
break;
default:
throw new NotSupportedException();
}
return(new DnsKeyRecord(name, recordClass, timeToLive, flags, protocol, algorithm, publicKey, privateKey));
}
public static AsymmetricKeyParameter CreateKey(
PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.PrivateKeyAlgorithm;
DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPrivateKeyStructure keyStructure = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
return(new RsaPrivateCrtKeyParameters(
keyStructure.Modulus,
keyStructure.PublicExponent,
keyStructure.PrivateExponent,
keyStructure.Prime1,
keyStructure.Prime2,
keyStructure.Exponent1,
keyStructure.Exponent2,
keyStructure.Coefficient));
}
// TODO?
// else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
DHParameter para = new DHParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
BigInteger lVal = para.L;
int l = lVal == null ? 0 : lVal.IntValue;
DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
return(new DHPrivateKeyParameters(derX.Value, dhParams, algOid));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
return(new ElGamalPrivateKeyParameters(
derX.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa))
{
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPrivateKeyParameters(derX.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object());
X9ECParameters x9;
if (para.IsNamedCurve)
{
x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
}
else
{
x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
}
ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
BigInteger d = ec.GetKey();
if (para.IsNamedCurve)
{
return(new ECPrivateKeyParameters("EC", d, (DerObjectIdentifier)para.Parameters));
}
ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
return(new ECPrivateKeyParameters(d, dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key");
}
Asn1Object privKey = keyInfo.ParsePrivateKey();
ECPrivateKeyStructure ec;
if (privKey is DerInteger)
{
ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).PositiveValue);
}
else
{
ec = ECPrivateKeyStructure.GetInstance(privKey);
}
return(new ECPrivateKeyParameters("ECGOST3410", ec.GetKey(), gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters);
Asn1Object privKey = keyInfo.ParsePrivateKey();
BigInteger x;
if (privKey is DerInteger)
{
x = DerInteger.GetInstance(privKey).PositiveValue;
}
else
{
x = new BigInteger(1, Arrays.Reverse(Asn1OctetString.GetInstance(privKey).GetOctets()));
}
return(new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X25519))
{
return(new X25519PrivateKeyParameters(GetRawKey(keyInfo, X25519PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X448))
{
return(new X448PrivateKeyParameters(GetRawKey(keyInfo, X448PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519))
{
return(new Ed25519PrivateKeyParameters(GetRawKey(keyInfo, Ed25519PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448))
{
return(new Ed448PrivateKeyParameters(GetRawKey(keyInfo, Ed448PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512) ||
algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters);
ECGost3410Parameters ecSpec = null;
BigInteger d = null;
Asn1Object p = keyInfo.PrivateKeyAlgorithm.Parameters.ToAsn1Object();
if (p is Asn1Sequence && (Asn1Sequence.GetInstance(p).Count == 2 || Asn1Sequence.GetInstance(p).Count == 3))
{
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
ecSpec = new ECGost3410Parameters(
new ECNamedDomainParameters(
gostParams.PublicKeyParamSet, ecP),
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
Asn1Encodable privKey = keyInfo.ParsePrivateKey();
if (privKey is DerInteger)
{
d = DerInteger.GetInstance(privKey).PositiveValue;
}
else
{
byte[] encVal = Asn1OctetString.GetInstance(privKey).GetOctets();
byte[] dVal = new byte[encVal.Length];
for (int i = 0; i != encVal.Length; i++)
{
dVal[i] = encVal[encVal.Length - 1 - i];
}
d = new BigInteger(1, dVal);
}
}
else
{
X962Parameters parameters = X962Parameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters);
if (parameters.IsNamedCurve)
{
DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(parameters.Parameters);
X9ECParameters ecP = ECNamedCurveTable.GetByOid(oid);
if (ecP == null)
{
ECDomainParameters gParam = ECGost3410NamedCurves.GetByOid(oid);
ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters(
oid,
gParam.Curve,
gParam.G,
gParam.N,
gParam.H,
gParam.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
else
{
ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters(
oid,
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
}
else if (parameters.IsImplicitlyCA)
{
ecSpec = null;
}
else
{
X9ECParameters ecP = X9ECParameters.GetInstance(parameters.Parameters);
ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters(
algOid,
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed()),
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
Asn1Encodable privKey = keyInfo.ParsePrivateKey();
if (privKey is DerInteger)
{
DerInteger derD = DerInteger.GetInstance(privKey);
d = derD.Value;
}
else
{
ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(privKey);
d = ec.GetKey();
}
}
return(new ECPrivateKeyParameters(
d,
new ECGost3410Parameters(
ecSpec,
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet)));
}
else
{
throw new SecurityUtilityException("algorithm identifier in private key not recognised");
}
}
public static X9ECParameters GetByOidX9(DerObjectIdentifier oid)
{
ECDomainParameters ec = (ECDomainParameters)parameters[oid];
return(ec == null ? null : new X9ECParameters(ec.Curve, new X9ECPoint(ec.G, false), ec.N, ec.H, ec.GetSeed()));
}
public static PrivateKeyInfo CreatePrivateKeyInfo(
AsymmetricKeyParameter key)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (!key.IsPrivate)
{
throw new ArgumentException("Public key passed - private key expected", "key");
}
#if ENABLE_EC
if (key is ElGamalPrivateKeyParameters)
{
ElGamalPrivateKeyParameters _key = (ElGamalPrivateKeyParameters)key;
return(new PrivateKeyInfo(
new AlgorithmIdentifier(
OiwObjectIdentifiers.ElGamalAlgorithm,
new ElGamalParameter(
_key.Parameters.P,
_key.Parameters.G).ToAsn1Object()),
new DerInteger(_key.X)));
}
#endif
if (key is DsaPrivateKeyParameters)
{
DsaPrivateKeyParameters _key = (DsaPrivateKeyParameters)key;
return(new PrivateKeyInfo(
new AlgorithmIdentifier(
X9ObjectIdentifiers.IdDsa,
new DsaParameter(
_key.Parameters.P,
_key.Parameters.Q,
_key.Parameters.G).ToAsn1Object()),
new DerInteger(_key.X)));
}
#if ENABLE_EC
if (key is DHPrivateKeyParameters)
{
DHPrivateKeyParameters _key = (DHPrivateKeyParameters)key;
DHParameter p = new DHParameter(
_key.Parameters.P, _key.Parameters.G, _key.Parameters.L);
return(new PrivateKeyInfo(
new AlgorithmIdentifier(_key.AlgorithmOid, p.ToAsn1Object()),
new DerInteger(_key.X)));
}
#endif
if (key is RsaKeyParameters)
{
AlgorithmIdentifier algID = new AlgorithmIdentifier(
PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance);
RsaPrivateKeyStructure keyStruct;
if (key is RsaPrivateCrtKeyParameters)
{
RsaPrivateCrtKeyParameters _key = (RsaPrivateCrtKeyParameters)key;
keyStruct = new RsaPrivateKeyStructure(
_key.Modulus,
_key.PublicExponent,
_key.Exponent,
_key.P,
_key.Q,
_key.DP,
_key.DQ,
_key.QInv);
}
else
{
RsaKeyParameters _key = (RsaKeyParameters)key;
keyStruct = new RsaPrivateKeyStructure(
_key.Modulus,
BigInteger.Zero,
_key.Exponent,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero);
}
return(new PrivateKeyInfo(algID, keyStruct.ToAsn1Object()));
}
#if ENABLE_EC
if (key is ECPrivateKeyParameters)
{
ECPrivateKeyParameters priv = (ECPrivateKeyParameters)key;
ECDomainParameters dp = priv.Parameters;
int orderBitLength = dp.N.BitLength;
AlgorithmIdentifier algID;
ECPrivateKeyStructure ec;
if (priv.AlgorithmName == "ECGOST3410")
{
if (priv.PublicKeyParamSet == null)
{
throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
priv.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
algID = new AlgorithmIdentifier(CryptoProObjectIdentifiers.GostR3410x2001, gostParams);
// TODO Do we need to pass any parameters here?
ec = new ECPrivateKeyStructure(orderBitLength, priv.D);
}
else
{
X962Parameters x962;
if (priv.PublicKeyParamSet == null)
{
X9ECParameters ecP = new X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed());
x962 = new X962Parameters(ecP);
}
else
{
x962 = new X962Parameters(priv.PublicKeyParamSet);
}
// TODO Possible to pass the publicKey bitstring here?
ec = new ECPrivateKeyStructure(orderBitLength, priv.D, x962);
algID = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, x962);
}
return(new PrivateKeyInfo(algID, ec));
}
if (key is Gost3410PrivateKeyParameters)
{
Gost3410PrivateKeyParameters _key = (Gost3410PrivateKeyParameters)key;
if (_key.PublicKeyParamSet == null)
{
throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
byte[] keyEnc = _key.X.ToByteArrayUnsigned();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyBytes.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian
}
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
_key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet, null);
AlgorithmIdentifier algID = new AlgorithmIdentifier(
CryptoProObjectIdentifiers.GostR3410x94,
algParams.ToAsn1Object());
return(new PrivateKeyInfo(algID, new DerOctetString(keyBytes)));
}
#endif
throw new ArgumentException("Class provided is not convertible: " + Platform.GetTypeName(key));
}
public void TestAlgorithms()
{
//
// RSA parameters
//
BigInteger rsaMod = new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16);
BigInteger rsaPubExp = new BigInteger("10001", 16);
BigInteger rsaPrivExp = new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16);
BigInteger rsaPrivP = new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16);
BigInteger rsaPrivQ = new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16);
BigInteger rsaPrivDP = new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16);
BigInteger rsaPrivDQ = new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16);
BigInteger rsaPrivQinv = new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16);
RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaMod, rsaPubExp);
RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(
rsaMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);
//
// ECDSA parameters
//
BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv"));
BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R"));
BigInteger ECParraH = new BigInteger(Base64.Decode("AQ=="));
BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L"));
BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l"));
BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx"));
BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo"));
FpCurve curve = new FpCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECDomainParameters ecDomain = new ECDomainParameters(curve,
new FpPoint(curve,
curve.FromBigInteger(ECParraGX),
curve.FromBigInteger(ECParraGY)),
ECParraN);
ECPublicKeyParameters ecPub = new ECPublicKeyParameters(
new FpPoint(curve,
curve.FromBigInteger(ECPubQX),
curve.FromBigInteger(ECPubQY)),
ecDomain);
ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain);
//
// DSA parameters
//
BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM="));
BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs="));
BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx"));
BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw=="));
BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A="));
DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG);
DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para);
DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para);
//
// ECGOST3410 parameters
//
IAsymmetricCipherKeyPairGenerator ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410");
ecGostKpg.Init(
new ECKeyGenerationParameters(
CryptoProObjectIdentifiers.GostR3410x2001CryptoProA,
new SecureRandom()));
AsymmetricCipherKeyPair ecGostPair = ecGostKpg.GenerateKeyPair();
//
// GOST3410 parameters
//
IAsymmetricCipherKeyPairGenerator gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
gostKpg.Init(
new Gost3410KeyGenerationParameters(
new SecureRandom(),
CryptoProObjectIdentifiers.GostR3410x94CryptoProA));
AsymmetricCipherKeyPair gostPair = gostKpg.GenerateKeyPair();
//
// signer loop
//
byte[] shortMsg = new byte[] { 1, 4, 5, 6, 8, 8, 4, 2, 1, 3 };
byte[] longMsg = new byte[100];
new SecureRandom().NextBytes(longMsg);
foreach (string algorithm in SignerUtilities.Algorithms)
{
ISigner signer = SignerUtilities.GetSigner(algorithm);
string upper = algorithm.ToUpper(CultureInfo.InvariantCulture);
int withPos = upper.LastIndexOf("WITH");
string cipherName = withPos < 0
? upper
: upper.Substring(withPos + "WITH".Length);
ICipherParameters signParams = null, verifyParams = null;
if (cipherName == "RSA" || cipherName == "RSAANDMGF1")
{
signParams = rsaPrivate;
verifyParams = rsaPublic;
}
else if (cipherName == "ECDSA")
{
signParams = ecPriv;
verifyParams = ecPub;
}
else if (cipherName == "DSA")
{
signParams = dsaPriv;
verifyParams = dsaPub;
}
else if (cipherName == "ECGOST3410")
{
signParams = ecGostPair.Private;
verifyParams = ecGostPair.Public;
}
else if (cipherName == "GOST3410")
{
signParams = gostPair.Private;
verifyParams = gostPair.Public;
}
else
{
Assert.Fail("Unknown algorithm encountered: " + cipherName);
}
signer.Init(true, signParams);
foreach (byte b in shortMsg)
{
signer.Update(b);
}
signer.BlockUpdate(longMsg, 0, longMsg.Length);
byte[] sig = signer.GenerateSignature();
signer.Init(false, verifyParams);
foreach (byte b in shortMsg)
{
signer.Update(b);
}
signer.BlockUpdate(longMsg, 0, longMsg.Length);
Assert.IsTrue(signer.VerifySignature(sig), cipherName + " signer " + algorithm + " failed.");
}
}
public void doTestECGost(
string name)
{
// ECGenParameterSpec ecSpec = new ECGenParameterSpec(name);
ECDomainParameters ecSpec = GetCurveParameters(name);
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410");
// g.initialize(ecSpec, new SecureRandom());
g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
ISigner sgr = SignerUtilities.GetSigner("ECGOST3410");
IAsymmetricCipherKeyPair pair = g.GenerateKeyPair();
IAsymmetricKeyParameter sKey = pair.Private;
IAsymmetricKeyParameter vKey = pair.Public;
sgr.Init(true, sKey);
byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
sgr.BlockUpdate(message, 0, message.Length);
byte[] sigBytes = sgr.GenerateSignature();
sgr.Init(false, vKey);
sgr.BlockUpdate(message, 0, message.Length);
if (!sgr.VerifySignature(sigBytes))
{
Fail(name + " verification failed");
}
// TODO Get this working?
// //
// // public key encoding test
// //
//// byte[] pubEnc = vKey.getEncoded();
// byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded();
//
//// KeyFactory keyFac = KeyFactory.getInstance("ECGOST3410");
//// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
//// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
// ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc);
//
//// if (!pubKey.getW().equals(((ECPublicKey)vKey).getW()))
// if (!pubKey.Q.Equals(((ECPublicKeyParameters)vKey).Q))
// {
// Fail("public key encoding (Q test) failed");
// }
// TODO Put back in?
// if (!(pubKey.Parameters is ECNamedCurveSpec))
// {
// Fail("public key encoding not named curve");
// }
// TODO Get this working?
// //
// // private key encoding test
// //
//// byte[] privEnc = sKey.getEncoded();
// byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded();
//
//// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
//// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
// ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc);
//
//// if (!privKey.getS().Equals(((ECPrivateKey)sKey).getS()))
// if (!privKey.D.Equals(((ECPrivateKeyParameters)sKey).D))
// {
// Fail("GOST private key encoding (D test) failed");
// }
// TODO Put back in?
// if (!(privKey.Parameters is ECNamedCurveSpec))
// {
// Fail("GOST private key encoding not named curve");
// }
//
// ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams();
// if (!privSpec.getName().equalsIgnoreCase(name)
// && !privSpec.getName().equalsIgnoreCase((String)CURVE_ALIASES[name]))
// {
// Fail("GOST private key encoding wrong named curve. Expected: " + name + " got " + privSpec.getName());
// }
}
internal ECMQV (ECDomainParameters domain)
{
_params = new ECMQVParameters (domain);
_kdf = new ANSI_X963_KDF (new SHA1Managed ());
}
public void doTestCurve(
string name)
{
// ECGenParameterSpec ecSpec = new ECGenParameterSpec(name);
ECDomainParameters ecSpec = GetCurveParameters(name);
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDH");
// g.initialize(ecSpec, new SecureRandom());
g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
//
// a side
//
IAsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
// KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDHC");
IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("ECDHC");
aKeyAgree.Init(aKeyPair.Private);
//
// b side
//
IAsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair();
// KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDHC");
IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement("ECDHC");
bKeyAgree.Init(bKeyPair.Private);
//
// agreement
//
// aKeyAgree.doPhase(bKeyPair.Public, true);
// bKeyAgree.doPhase(aKeyPair.Public, true);
//
// IBigInteger k1 = new BigInteger(aKeyAgree.generateSecret());
// IBigInteger k2 = new BigInteger(bKeyAgree.generateSecret());
IBigInteger k1 = aKeyAgree.CalculateAgreement(bKeyPair.Public);
IBigInteger k2 = bKeyAgree.CalculateAgreement(aKeyPair.Public);
if (!k1.Equals(k2))
{
Fail("2-way test failed");
}
//
// public key encoding test
//
// byte[] pubEnc = aKeyPair.Public.getEncoded();
byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded();
// KeyFactory keyFac = KeyFactory.getInstance("ECDH");
// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
ECPublicKeyParameters pubKey = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pubEnc);
// if (!pubKey.getW().Equals(((ECPublicKey)aKeyPair.Public).getW()))
if (!pubKey.Q.Equals(((ECPublicKeyParameters)aKeyPair.Public).Q))
{
Fail("public key encoding (Q test) failed");
}
// TODO Put back in?
// if (!(pubKey.getParams() is ECNamedCurveSpec))
// {
// Fail("public key encoding not named curve");
// }
//
// private key encoding test
//
// byte[] privEnc = aKeyPair.Private.getEncoded();
byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded();
// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privEnc);
// if (!privKey.getS().Equals(((ECPrivateKey)aKeyPair.Private).getS()))
if (!privKey.D.Equals(((ECPrivateKeyParameters)aKeyPair.Private).D))
{
Fail("private key encoding (S test) failed");
}
// TODO Put back in?
// if (!(privKey.getParams() is ECNamedCurveSpec))
// {
// Fail("private key encoding not named curve");
// }
//
// ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams();
// if (!(privSpec.GetName().Equals(name) || privSpec.GetName().Equals(CurveNames.get(name))))
// {
// Fail("private key encoding wrong named curve. Expected: "
// + CurveNames[name] + " got " + privSpec.GetName());
// }
}
internal ECMQVParameters (ECDomainParameters domain)
{
_pair1 = new ECKeyPair (null, null, domain);
_pair2 = new ECKeyPair (null, null, domain);
}
/// <summary>
/// Create a Subject Public Key Info object for a given public key.
/// </summary>
/// <param name="key">One of ElGammalPublicKeyParameters, DSAPublicKeyParameter, DHPublicKeyParameters, RsaKeyParameters or ECPublicKeyParameters</param>
/// <returns>A subject public key info object.</returns>
/// <exception cref="Exception">Throw exception if object provided is not one of the above.</exception>
public static SubjectPublicKeyInfo CreateSubjectPublicKeyInfo(
AsymmetricKeyParameter key)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (key.IsPrivate)
{
throw new ArgumentException("Private key passed - public key expected.", "key");
}
if (key is ElGamalPublicKeyParameters)
{
ElGamalPublicKeyParameters _key = (ElGamalPublicKeyParameters)key;
ElGamalParameters kp = _key.Parameters;
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
new AlgorithmIdentifier(
OiwObjectIdentifiers.ElGamalAlgorithm,
new ElGamalParameter(kp.P, kp.G).ToAsn1Object()),
new DerInteger(_key.Y));
return(info);
}
if (key is DsaPublicKeyParameters)
{
DsaPublicKeyParameters _key = (DsaPublicKeyParameters)key;
DsaParameters kp = _key.Parameters;
Asn1Encodable ae = kp == null
? null
: new DsaParameter(kp.P, kp.Q, kp.G).ToAsn1Object();
return(new SubjectPublicKeyInfo(
new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, ae),
new DerInteger(_key.Y)));
}
if (key is DHPublicKeyParameters)
{
DHPublicKeyParameters _key = (DHPublicKeyParameters)key;
DHParameters kp = _key.Parameters;
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
new AlgorithmIdentifier(
_key.AlgorithmOid,
new DHParameter(kp.P, kp.G, kp.L).ToAsn1Object()),
new DerInteger(_key.Y));
return(info);
} // End of DH
if (key is RsaKeyParameters)
{
RsaKeyParameters _key = (RsaKeyParameters)key;
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance),
new RsaPublicKeyStructure(_key.Modulus, _key.Exponent).ToAsn1Object());
return(info);
} // End of RSA.
if (key is ECPublicKeyParameters)
{
ECPublicKeyParameters _key = (ECPublicKeyParameters)key;
if (_key.AlgorithmName == "ECGOST3410")
{
if (_key.PublicKeyParamSet == null)
{
throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
ECPoint q = _key.Q;
BigInteger bX = q.X.ToBigInteger();
BigInteger bY = q.Y.ToBigInteger();
byte[] encKey = new byte[64];
ExtractBytes(encKey, 0, bX);
ExtractBytes(encKey, 32, bY);
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
_key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
AlgorithmIdentifier algID = new AlgorithmIdentifier(
CryptoProObjectIdentifiers.GostR3410x2001,
gostParams.ToAsn1Object());
return(new SubjectPublicKeyInfo(algID, new DerOctetString(encKey)));
}
else
{
X962Parameters x962;
if (_key.PublicKeyParamSet == null)
{
ECDomainParameters kp = _key.Parameters;
X9ECParameters ecP = new X9ECParameters(kp.Curve, kp.G, kp.N, kp.H, kp.GetSeed());
x962 = new X962Parameters(ecP);
}
else
{
x962 = new X962Parameters(_key.PublicKeyParamSet);
}
Asn1OctetString p = (Asn1OctetString)(new X9ECPoint(_key.Q).ToAsn1Object());
AlgorithmIdentifier algID = new AlgorithmIdentifier(
X9ObjectIdentifiers.IdECPublicKey, x962.ToAsn1Object());
return(new SubjectPublicKeyInfo(algID, p.GetOctets()));
}
} // End of EC
if (key is Gost3410PublicKeyParameters)
{
Gost3410PublicKeyParameters _key = (Gost3410PublicKeyParameters)key;
if (_key.PublicKeyParamSet == null)
{
throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
byte[] keyEnc = _key.Y.ToByteArrayUnsigned();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyBytes.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian
}
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
_key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
AlgorithmIdentifier algID = new AlgorithmIdentifier(
CryptoProObjectIdentifiers.GostR3410x94,
algParams.ToAsn1Object());
return(new SubjectPublicKeyInfo(algID, new DerOctetString(keyBytes)));
}
throw new ArgumentException("Class provided no convertible: " + key.GetType().FullName);
}
public bool VerifySignature(byte[] message, byte[] signature, byte[] pubkey)
{
if (pubkey.Length == 33 && (pubkey[0] == 0x02 || pubkey[0] == 0x03))
{
try
{
pubkey = ECPoint.DecodePoint(pubkey, ECCurve.Secp256r1).EncodePoint(false).Skip(1).ToArray();
}
catch
{
return(false);
}
}
else if (pubkey.Length == 65 && pubkey[0] == 0x04)
{
pubkey = pubkey.Skip(1).ToArray();
}
else if (pubkey.Length != 64)
{
throw new ArgumentException();
}
BigInteger x = new BigInteger(1, pubkey.Take(32).ToArray());
BigInteger y = new BigInteger(1, pubkey.Skip(32).ToArray());
X9ECParameters ecParams = NistNamedCurves.GetByName("P-256");
ECDomainParameters domainParameters = new ECDomainParameters(ecParams.Curve, ecParams.G, ecParams.N,
ecParams.H, ecParams.GetSeed());
var G = ecParams.G;
Org.BouncyCastle.Math.EC.ECCurve curve = ecParams.Curve;
Org.BouncyCastle.Math.EC.ECPoint q = curve.CreatePoint(x, y);
ECPublicKeyParameters pubkeyParam = new ECPublicKeyParameters(q, domainParameters);
var verifier = SignerUtilities.GetSigner("SHA-256withECDSA");
verifier.Init(false, pubkeyParam);
verifier.BlockUpdate(message, 0, message.Length);
// expected format is SEQUENCE {INTEGER r, INTEGER s}
var derSignature = new DerSequence(
// first 32 bytes is "r" number
new DerInteger(new BigInteger(1, signature.Take(32).ToArray())),
// last 32 bytes is "s" number
new DerInteger(new BigInteger(1, signature.Skip(32).ToArray())))
.GetDerEncoded();
///old verify method
///
/*
* const int ECDSA_PUBLIC_P256_MAGIC = 0x31534345;
* pubkey = BitConverter.GetBytes(ECDSA_PUBLIC_P256_MAGIC).Concat(BitConverter.GetBytes(32)).Concat(pubkey).ToArray();
* using (CngKey key = CngKey.Import(pubkey, CngKeyBlobFormat.EccPublicBlob))
* using (ECDsaCng ecdsa = new ECDsaCng(key))
* {
* var result = ecdsa.VerifyData(message, signature, HashAlgorithmName.SHA256);
* }
*/
///////////////////
return(verifier.VerifySignature(derSignature));
}
public Secp256r1()
{
// set curve
_curve = ECNamedCurveTable.GetByName("secp256r1");
_curveSpec = new ECDomainParameters(_curve.Curve, _curve.G, _curve.N, _curve.H);
}
