private byte[] GetDecryptionKey(string pin, VipNetContainer defence)
{
var passwordData = Encoding.ASCII.GetBytes(pin ?? "");
if (DefenceKeyInfo.KeyClass.Value.IntValue == 64 && DefenceKeyInfo.KeyType.Value.IntValue == 24622)
{
// Контейнер зашифрован ключом, лежащим в ещё одном контейнере
if (defence == null)
{
throw new CryptographicException("Закрытый ключ зашифрован секретным ключом, расположенным в отдельном вспомогательном контейнере. Используйте опцию --defence");
}
return(defence.Entries[0].GetProtectionKey(pin));
}
if (DefenceKeyInfo.Algorithm != null &&
DefenceKeyInfo.Algorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdPbkdf2))
{
// PBKDF2 используется в контейнерах ViPNet Jcrypto SDK
// Самое смешное, что сам десктопный ViPNet CSP не понимает такие контейнеры
// А мы понимаем!
var p = Pbkdf2Params.GetInstance(DefenceKeyInfo.Algorithm.Parameters);
return(PBKDF2(
MacUtilities.GetMac(p.Prf.Algorithm),
passwordData,
p.GetSalt(),
p.IterationCount.IntValue,
p.KeyLength.IntValue
));
}
var digest = new Gost3411Digest();
var keyData = new byte[digest.GetDigestSize()];
var unwrappingKey = new byte[digest.GetDigestSize()];
digest.BlockUpdate(passwordData, 0, passwordData.Length);
digest.DoFinal(keyData, 0);
digest.Reset();
var secodeData = passwordData.Concat(keyData).ToArray();
digest.BlockUpdate(secodeData, 0, secodeData.Length);
digest.DoFinal(unwrappingKey, 0);
var tmp = new int[keyData.Length / 4];
for (int i = 0; i < keyData.Length; i += 4)
{
tmp[i / 4] = BitConverter.ToInt32(keyData, i) - BitConverter.ToInt32(unwrappingKey, i);
}
return(tmp.SelectMany(x => BitConverter.GetBytes(x)).ToArray());
}
public BigInteger GetDigest(byte[] message)
{
Gost3411Digest gost3411Digest = new Gost3411Digest();
gost3411Digest.BlockUpdate(message, 0, message.Length);
byte[] hashmessage = new byte[gost3411Digest.GetDigestSize()];
gost3411Digest.DoFinal(hashmessage, 0);
return(new BigInteger(hashmessage));
}
/**
* Test Sign and Verify with test parameters
* see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
* gostR3410-2001-TestParamSet P.46
*/
private void ecGOST3410_TestParam()
{
SecureRandom random = new SecureRandom();
BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619");
FpCurve curve = new FpCurve(
mod_p, // p
new BigInteger("7"), // a
new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b
mod_q, BigInteger.One);
ECDomainParameters parameters = new ECDomainParameters(
curve,
curve.CreatePoint(
new BigInteger("2"), // x
new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y
mod_q);
ECKeyPairGenerator pGen = new ECKeyPairGenerator();
ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
parameters,
random);
pGen.Init(genParam);
AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
ECGost3410Signer ecgost3410 = new ECGost3410Signer();
ecgost3410.Init(true, param);
//get hash message using the digest GOST3411.
byte[] message = Encoding.ASCII.GetBytes("Message for sign");
Gost3411Digest gost3411 = new Gost3411Digest();
gost3411.BlockUpdate(message, 0, message.Length);
byte[] hashmessage = new byte[gost3411.GetDigestSize()];
gost3411.DoFinal(hashmessage, 0);
BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage);
ecgost3410.Init(false, pair.Public);
if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1]))
{
Fail("signature fails");
}
}
private bool VerifyGost(byte[] buffer, int length, byte[] signature)
{
ECDomainParameters dParams = ECGost3410NamedCurves.GetByOid(CryptoProObjectIdentifiers.GostR3410x2001CryptoProA);
byte[] reversedPublicKey = PublicKey.Reverse().ToArray();
ECPoint q = dParams.Curve.CreatePoint(new BigInteger(1, reversedPublicKey, 32, 32), new BigInteger(1, reversedPublicKey, 0, 32), false);
ECPublicKeyParameters parameters = new ECPublicKeyParameters(q, dParams);
var signer = new ECGost3410Signer();
signer.Init(false, parameters);
var digest = new Gost3411Digest();
digest.BlockUpdate(buffer, 0, length);
byte[] hash = new byte[digest.GetDigestSize()];
digest.DoFinal(hash, 0);
return(signer.VerifySignature(hash, new BigInteger(1, signature, 32, 32), new BigInteger(1, signature, 0, 32)));
}
private byte[] SignGost(byte[] buffer, int length)
{
ECGost3410Signer signer = new ECGost3410Signer();
signer.Init(true, new ParametersWithRandom(PrivateKeyFactory.CreateKey(PrivateKey), _secureRandom));
var digest = new Gost3411Digest();
digest.BlockUpdate(buffer, 0, length);
byte[] hash = new byte[digest.GetDigestSize()];
digest.DoFinal(hash, 0);
var signature = signer.GenerateSignature(hash);
byte[] res = new byte[64];
signature[0].ToByteArrayUnsigned().CopyTo(res, 32);
signature[1].ToByteArrayUnsigned().CopyTo(res, 0);
return(res);
}
public int GetDigestSize()
{
return(digest.GetDigestSize());
}
