/**
* X9.62 - 1998,<br/>
* J.3.1, Page 152, ECDSA over the field Fp<br/>
* an example with 192 bit prime
*/
private static IBigInteger CalculateAgreement(
IAsymmetricCipherKeyPair u1,
IAsymmetricCipherKeyPair u2,
IAsymmetricCipherKeyPair v1,
IAsymmetricCipherKeyPair v2)
{
var u = new ECMqvBasicAgreement();
u.Init(new MqvPrivateParameters(
(ECPrivateKeyParameters)u1.Private,
(ECPrivateKeyParameters)u2.Private,
(ECPublicKeyParameters)u2.Public));
IBigInteger ux = u.CalculateAgreement(new MqvPublicParameters(
(ECPublicKeyParameters)v1.Public,
(ECPublicKeyParameters)v2.Public));
var v = new ECMqvBasicAgreement();
v.Init(new MqvPrivateParameters(
(ECPrivateKeyParameters)v1.Private,
(ECPrivateKeyParameters)v2.Private,
(ECPublicKeyParameters)v2.Public));
IBigInteger vx = v.CalculateAgreement(new MqvPublicParameters(
(ECPublicKeyParameters)u1.Public,
(ECPublicKeyParameters)u2.Public));
if (ux.Equals(vx))
{
return(ux);
}
return(null);
}
public void TestECMqvRandom()
{
var random = new SecureRandom();
var curve = new FPCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
var parameters = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
var pGen = new ECKeyPairGenerator();
pGen.Init(new ECKeyGenerationParameters(parameters, random));
// Pre-established key pairs
IAsymmetricCipherKeyPair u1 = pGen.GenerateKeyPair();
IAsymmetricCipherKeyPair v1 = pGen.GenerateKeyPair();
// Ephemeral key pairs
IAsymmetricCipherKeyPair u2 = pGen.GenerateKeyPair();
IAsymmetricCipherKeyPair v2 = pGen.GenerateKeyPair();
IBigInteger x = CalculateAgreement(u1, u2, v1, v2);
if (x == null)
{
Fail("MQV Test Vector (random) agreement failed");
}
}
public static X509Certificate MakeCertificate(IAsymmetricCipherKeyPair _subKP,
string _subDN, IAsymmetricCipherKeyPair _issKP, string _issDN, string algorithm, bool _ca)
{
IAsymmetricKeyParameter _subPub = _subKP.Public;
IAsymmetricKeyParameter _issPriv = _issKP.Private;
IAsymmetricKeyParameter _issPub = _issKP.Public;
X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
_v3CertGen.Reset();
_v3CertGen.SetSerialNumber(allocateSerialNumber());
_v3CertGen.SetIssuerDN(new X509Name(_issDN));
_v3CertGen.SetNotBefore(DateTime.UtcNow);
_v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
_v3CertGen.SetSubjectDN(new X509Name(_subDN));
_v3CertGen.SetPublicKey(_subPub);
_v3CertGen.SetSignatureAlgorithm(algorithm);
_v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
_v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false,
createAuthorityKeyId(_issPub));
_v3CertGen.AddExtension(X509Extensions.BasicConstraints, false,
new BasicConstraints(_ca));
X509Certificate _cert = _v3CertGen.Generate(_issPriv);
_cert.CheckValidity(DateTime.UtcNow);
_cert.Verify(_issPub);
return _cert;
}
private static void ExportKeyPair(
Stream secretOut,
Stream publicOut,
IAsymmetricCipherKeyPair signingKey,
IAsymmetricCipherKeyPair encryptionKey,
string identity,
char[] passPhrase,
bool armor,
ISecureRandom random)
{
if (armor)
{
secretOut = new ArmoredOutputStream(secretOut);
}
var masterKey = new PgpKeyPair(PublicKeyAlgorithmTag.Ecdsa, signingKey, DateTime.UtcNow);
var subKey = new PgpKeyPair(PublicKeyAlgorithmTag.Ecdh, encryptionKey, DateTime.UtcNow);
var keyRingGenerator = new PgpKeyRingGenerator(
PgpSignature.PositiveCertification, masterKey, identity,
SymmetricKeyAlgorithmTag.Aes256, HashAlgorithmTag.Sha256, passPhrase, true, null, null, random);
keyRingGenerator.AddSubKey(subKey);
keyRingGenerator.GenerateSecretKeyRing().Encode(secretOut);
if (armor)
{
secretOut.Close();
publicOut = new ArmoredOutputStream(publicOut);
}
keyRingGenerator.GeneratePublicKeyRing().Encode(publicOut);
{
publicOut.Close();
}
}
// previous code found to cause a NullPointerException
private void nullPointerTest()
{
IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
IAsymmetricCipherKeyPair pair = keyGen.GenerateKeyPair();
IList oids = new ArrayList();
IList values = new ArrayList();
oids.Add(X509Extensions.BasicConstraints);
values.Add(new X509Extension(true, new DerOctetString(new BasicConstraints(true))));
oids.Add(X509Extensions.KeyUsage);
values.Add(new X509Extension(true, new DerOctetString(
new KeyUsage(KeyUsage.KeyCertSign | KeyUsage.CrlSign))));
SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifierStructure(pair.Public);
X509Extension ski = new X509Extension(false, new DerOctetString(subjectKeyIdentifier));
oids.Add(X509Extensions.SubjectKeyIdentifier);
values.Add(ski);
AttributePkcs attribute = new AttributePkcs(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest,
new DerSet(new X509Extensions(oids, values)));
Pkcs10CertificationRequest p1 = new Pkcs10CertificationRequest(
"SHA1WithRSA", new X509Name("cn=csr"), pair.Public, new DerSet(attribute), pair.Private);
Pkcs10CertificationRequest p2 = new Pkcs10CertificationRequest(
"SHA1WithRSA", new X509Name("cn=csr"), pair.Public, new DerSet(attribute), pair.Private);
if (!p1.Equals(p2))
{
Fail("cert request comparison failed");
}
}
public PgpKeyPair(
PublicKeyAlgorithmTag algorithm,
IAsymmetricCipherKeyPair keyPair,
DateTime time)
: this(algorithm, keyPair.Public, keyPair.Private, time)
{
}
public override void PerformTest()
{
IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
dsaKpg.Init(new DsaKeyGenerationParameters(random, testDsaParams));
IAsymmetricCipherKeyPair testDsaKp = dsaKpg.GenerateKeyPair();
IAsymmetricKeyParameter testDsaKey = testDsaKp.Private;
doWriteReadTest(testDsaKey);
doWriteReadTests(testDsaKey, algorithms);
doWriteReadTest(testRsaKey);
doWriteReadTests(testRsaKey, algorithms);
IAsymmetricKeyParameter ecPriv = PrivateKeyFactory.CreateKey(testEcDsaKeyBytes);
doWriteReadTest(ecPriv);
doWriteReadTests(ecPriv, algorithms);
IAsymmetricCipherKeyPairGenerator ecKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
ecKpg.Init(new KeyGenerationParameters(random, 239));
ecPriv = ecKpg.GenerateKeyPair().Private;
doWriteReadTest(ecPriv);
doWriteReadTests(ecPriv, algorithms);
// override test
PemWriter pWrt = new PemWriter(new StringWriter());
object o = new PemObject("FRED", new byte[100]);
pWrt.WriteObject(o);
pWrt.Writer.Close();
}
public static X509Certificate MakeCertificate(IAsymmetricCipherKeyPair _subKP,
string _subDN, IAsymmetricCipherKeyPair _issKP, string _issDN, string algorithm, bool _ca)
{
IAsymmetricKeyParameter _subPub = _subKP.Public;
IAsymmetricKeyParameter _issPriv = _issKP.Private;
IAsymmetricKeyParameter _issPub = _issKP.Public;
X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
_v3CertGen.Reset();
_v3CertGen.SetSerialNumber(allocateSerialNumber());
_v3CertGen.SetIssuerDN(new X509Name(_issDN));
_v3CertGen.SetNotBefore(DateTime.UtcNow);
_v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
_v3CertGen.SetSubjectDN(new X509Name(_subDN));
_v3CertGen.SetPublicKey(_subPub);
_v3CertGen.SetSignatureAlgorithm(algorithm);
_v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
_v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false,
createAuthorityKeyId(_issPub));
_v3CertGen.AddExtension(X509Extensions.BasicConstraints, false,
new BasicConstraints(_ca));
X509Certificate _cert = _v3CertGen.Generate(_issPriv);
_cert.CheckValidity(DateTime.UtcNow);
_cert.Verify(_issPub);
return(_cert);
}
public PgpKeyPair(
PublicKeyAlgorithmTag algorithm,
IAsymmetricCipherKeyPair keyPair,
DateTime time)
: this(algorithm, keyPair.Public, keyPair.Private, time)
{
}
public override void PerformTest()
{
IAsymmetricCipherKeyPairGenerator pGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25);
pGen.Init(genParam);
IAsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
//
// set up the parameters
//
byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
int iterationCount = 100;
//
// set up the key
//
char[] password1 = { 'h', 'e', 'l', 'l', 'o' };
EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(alg, password1, salt, iterationCount, PrivateKeyInfoFactory.CreatePrivateKeyInfo(pair.Private));
PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password1, encInfo);
IAsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(info);
if (!key.Equals(pair.Private))
{
Fail("Key corrupted");
}
doOpensslTestKeys();
}
/**
* Create a self signed cert for our software emulation
*
* @param kp
* is the keypair for our certificate
* @return a self signed cert for our software emulation
* @throws InvalidKeyException
* on error
* @throws SignatureException
* on error
*/
private X509Certificate GenerateSelfSignedSoftECCert(
IAsymmetricCipherKeyPair kp,
bool compress)
{
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
ECPrivateKeyParameters privECKey = (ECPrivateKeyParameters)kp.Private;
ECPublicKeyParameters pubECKey = (ECPublicKeyParameters)kp.Public;
if (!compress)
{
// TODO Private key compression?
//privECKey.setPointFormat("UNCOMPRESSED");
//pubECKey.setPointFormat("UNCOMPRESSED");
pubECKey = SetPublicUncompressed(pubECKey, false);
}
certGen.SetSignatureAlgorithm("ECDSAwithSHA1");
certGen.SetSerialNumber(BigInteger.One);
certGen.SetIssuerDN(new X509Name("CN=Software emul (EC Cert)"));
certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50000));
certGen.SetSubjectDN(new X509Name("CN=Software emul (EC Cert)"));
certGen.SetPublicKey(pubECKey);
return(certGen.Generate(privECKey));
}
/**
* this test is can take quiet a while
*/
private void doTestGeneration(
int size)
{
DHParametersGenerator pGen = new DHParametersGenerator();
pGen.Init(size, 10, new SecureRandom());
DHParameters dhParams = pGen.GenerateParameters();
if (dhParams.L != 0)
{
Fail("DHParametersGenerator failed to set J to 0 in generated DHParameters");
}
DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator();
kpGen.Init(dhkgParams);
//
// generate first pair
//
IAsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
//
// generate second pair
//
dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), pu1.Parameters);
kpGen.Init(dhkgParams);
pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
//
// two way
//
DHBasicAgreement e1 = new DHBasicAgreement();
DHBasicAgreement e2 = new DHBasicAgreement();
e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));
IBigInteger k1 = e1.CalculateAgreement(pu2);
IBigInteger k2 = e2.CalculateAgreement(pu1);
if (!k1.Equals(k2))
{
Fail("basic with " + size + " bit 2-way test failed");
}
}
private void parametersTest()
{
// AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("GOST3410");
// a.init(512, random);
// AlgorithmParameters params = a.generateParameters();
//
// byte[] encodeParams = params.getEncoded();
//
// AlgorithmParameters a2 = AlgorithmParameters.getInstance("GOST3410");
// a2.init(encodeParams);
//
// // a and a2 should be equivalent!
// byte[] encodeParams_2 = a2.getEncoded();
//
// if (!arrayEquals(encodeParams, encodeParams_2))
// {
// Fail("encode/decode parameters failed");
// }
// GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec(
// CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_B.getId());
// g.initialize(gost3410P, new SecureRandom());
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
g.Init(
new Gost3410KeyGenerationParameters(
new SecureRandom(),
CryptoProObjectIdentifiers.GostR3410x94CryptoProB));
IAsymmetricCipherKeyPair p = g.GenerateKeyPair();
IAsymmetricKeyParameter sKey = p.Private;
IAsymmetricKeyParameter vKey = p.Public;
ISigner s = SignerUtilities.GetSigner("GOST3410");
byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
s.Init(true, sKey);
s.BlockUpdate(data, 0, data.Length);
byte[] sigBytes = s.GenerateSignature();
s = SignerUtilities.GetSigner("GOST3410");
s.Init(false, vKey);
s.BlockUpdate(data, 0, data.Length);
if (!s.VerifySignature(sigBytes))
{
Fail("GOST3410 verification failed");
}
keyStoreTest(sKey, vKey);
}
public void TestECBasicAgreementTest()
{
var random = new SecureRandom();
var curve = new FPCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
var parameters = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
var pGen = new ECKeyPairGenerator();
var genParam = new ECKeyGenerationParameters(parameters, random);
pGen.Init(genParam);
IAsymmetricCipherKeyPair p1 = pGen.GenerateKeyPair();
IAsymmetricCipherKeyPair p2 = pGen.GenerateKeyPair();
//
// two way
//
IBasicAgreement e1 = new ECDHBasicAgreement();
IBasicAgreement e2 = new ECDHBasicAgreement();
e1.Init(p1.Private);
e2.Init(p2.Private);
IBigInteger k1 = e1.CalculateAgreement(p2.Public);
IBigInteger k2 = e2.CalculateAgreement(p1.Public);
if (!k1.Equals(k2))
{
Fail("calculated agreement test failed");
}
//
// two way
//
e1 = new ECDHCBasicAgreement();
e2 = new ECDHCBasicAgreement();
e1.Init(p1.Private);
e2.Init(p2.Private);
k1 = e1.CalculateAgreement(p2.Public);
k2 = e2.CalculateAgreement(p1.Public);
if (!k1.Equals(k2))
{
Fail("calculated agreement test failed");
}
}
protected virtual void GenerateEphemeralClientKeyExchange(ECDomainParameters ecParams, Stream output)
{
IAsymmetricCipherKeyPair ecAgreeClientKeyPair = GenerateECKeyPair(ecParams);
this.ecAgreeClientPrivateKey = (ECPrivateKeyParameters)ecAgreeClientKeyPair.Private;
byte[] keData = ExternalizeKey((ECPublicKeyParameters)ecAgreeClientKeyPair.Public);
TlsUtilities.WriteUint24(keData.Length + 1, output);
TlsUtilities.WriteOpaque8(keData, output);
}
private void doTestDesAndDesEde(
IBigInteger g,
IBigInteger p)
{
DHParameters dhParams = new DHParameters(p, g, null, 256);
IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
keyGen.Init(new DHKeyGenerationParameters(new SecureRandom(), dhParams));
IAsymmetricCipherKeyPair kp = keyGen.GenerateKeyPair();
IBasicAgreement keyAgreement = AgreementUtilities.GetBasicAgreement("DH");
keyAgreement.Init(kp.Private);
IBigInteger agreed = keyAgreement.CalculateAgreement(kp.Public);
byte[] agreedBytes = agreed.ToByteArrayUnsigned();
// TODO Figure out where the magic happens of choosing the right
// bytes from 'agreedBytes' for each key type - need C# equivalent?
// (see JCEDHKeyAgreement.engineGenerateSecret)
// SecretKey key = keyAgreement.generateSecret("DES");
//
// if (key.getEncoded().length != 8)
// {
// Fail("DES length wrong");
// }
//
// if (!DESKeySpec.isParityAdjusted(key.getEncoded(), 0))
// {
// Fail("DES parity wrong");
// }
//
// key = keyAgreement.generateSecret("DESEDE");
//
// if (key.getEncoded().length != 24)
// {
// Fail("DESEDE length wrong");
// }
//
// if (!DESedeKeySpec.isParityAdjusted(key.getEncoded(), 0))
// {
// Fail("DESEDE parity wrong");
// }
//
// key = keyAgreement.generateSecret("Blowfish");
//
// if (key.getEncoded().length != 16)
// {
// Fail("Blowfish length wrong");
// }
}
protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output)
{
IAsymmetricCipherKeyPair dhAgreeClientKeyPair = GenerateDHKeyPair(dhParams);
this.dhAgreeClientPrivateKey = (DHPrivateKeyParameters)dhAgreeClientKeyPair.Private;
IBigInteger Yc = ((DHPublicKeyParameters)dhAgreeClientKeyPair.Public).Y;
byte[] keData = BigIntegers.AsUnsignedByteArray(Yc);
TlsUtilities.WriteUint24(keData.Length + 2, output);
TlsUtilities.WriteOpaque16(keData, output);
}
private void createECGostRequest()
{
string algorithm = "GOST3411withECGOST3410";
IAsymmetricCipherKeyPairGenerator ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410");
ecGostKpg.Init(
new ECKeyGenerationParameters(
CryptoProObjectIdentifiers.GostR3410x2001CryptoProA,
new SecureRandom()));
//
// set up the keys
//
IAsymmetricCipherKeyPair pair = ecGostKpg.GenerateKeyPair();
IAsymmetricKeyParameter privKey = pair.Private;
IAsymmetricKeyParameter pubKey = pair.Public;
Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(
algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
if (!req.Verify())
{
Fail("Failed Verify check EC.");
}
req = new Pkcs10CertificationRequest(req.GetEncoded());
if (!req.Verify())
{
Fail("Failed Verify check EC encoded.");
}
if (!req.SignatureAlgorithm.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001))
{
Fail("ECGOST oid incorrect.");
}
if (req.SignatureAlgorithm.Parameters != null)
{
Fail("ECGOST parameters incorrect.");
}
ISigner sig = SignerUtilities.GetSigner(algorithm);
sig.Init(false, pubKey);
byte[] b = req.GetCertificationRequestInfo().GetEncoded();
sig.BlockUpdate(b, 0, b.Length);
if (!sig.VerifySignature(req.Signature.GetBytes()))
{
Fail("signature not mapped correctly.");
}
}
public ITestResult Perform()
{
try
{
// IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/PKCS5Padding");
IWrapper cipher = WrapperUtilities.GetWrapper("DES/ECB/PKCS5Padding");
IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA");
fact.Init(
new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001),
new SecureRandom(),
512,
25));
IAsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair();
IAsymmetricKeyParameter priKey = keyPair.Private;
IAsymmetricKeyParameter pubKey = keyPair.Public;
byte[] priKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey).GetDerEncoded();
CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator("DES");
// Key wrapKey = keyGen.generateKey();
byte[] wrapKeyBytes = keyGen.GenerateKey();
KeyParameter wrapKey = new DesParameters(wrapKeyBytes);
// cipher.Init(IBufferedCipher.WRAP_MODE, wrapKey);
cipher.Init(true, wrapKey);
// byte[] wrappedKey = cipher.Wrap(priKey);
byte[] wrappedKey = cipher.Wrap(priKeyBytes, 0, priKeyBytes.Length);
// cipher.Init(IBufferedCipher.UNWRAP_MODE, wrapKey);
cipher.Init(false, wrapKey);
// Key key = cipher.unwrap(wrappedKey, "RSA", IBufferedCipher.PRIVATE_KEY);
byte[] unwrapped = cipher.Unwrap(wrappedKey, 0, wrappedKey.Length);
//if (!Arrays.AreEqual(priKey.getEncoded(), key.getEncoded()))
if (!Arrays.AreEqual(priKeyBytes, unwrapped))
{
return(new SimpleTestResult(false, "Unwrapped key does not match"));
}
return(new SimpleTestResult(true, Name + ": Okay"));
}
catch (Exception e)
{
return(new SimpleTestResult(false, Name + ": exception - " + e.ToString()));
}
}
private void doTestExplicitWrapping(
int size,
int privateValueSize,
IBigInteger g,
IBigInteger p)
{
DHParameters dhParams = new DHParameters(p, g, null, privateValueSize);
IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
keyGen.Init(new DHKeyGenerationParameters(new SecureRandom(), dhParams));
//
// a side
//
IAsymmetricCipherKeyPair aKeyPair = keyGen.GenerateKeyPair();
IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("DH");
checkKeySize(privateValueSize, aKeyPair);
aKeyAgree.Init(aKeyPair.Private);
//
// b side
//
IAsymmetricCipherKeyPair bKeyPair = keyGen.GenerateKeyPair();
IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement("DH");
checkKeySize(privateValueSize, bKeyPair);
bKeyAgree.Init(bKeyPair.Private);
//
// agreement
//
// aKeyAgree.doPhase(bKeyPair.Public, true);
// bKeyAgree.doPhase(aKeyPair.Public, true);
//
// SecretKey k1 = aKeyAgree.generateSecret(PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id);
// SecretKey k2 = bKeyAgree.generateSecret(PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id);
// TODO Does this really test the same thing as the above code?
IBigInteger b1 = aKeyAgree.CalculateAgreement(bKeyPair.Public);
IBigInteger b2 = bKeyAgree.CalculateAgreement(aKeyPair.Public);
if (!b1.Equals(b2))
{
Fail("Explicit wrapping test failed");
}
}
private void checkKeySize(int privateValueSize, IAsymmetricCipherKeyPair aKeyPair)
{
if (privateValueSize != 0)
{
// DHPrivateKey key = (DHPrivateKey)aKeyPair.getPrivate();
ElGamalPrivateKeyParameters key = (ElGamalPrivateKeyParameters)aKeyPair.Private;
if (key.X.BitLength != privateValueSize)
{
Fail("limited key check failed for key size " + privateValueSize);
}
}
}
private void generationTest(
int keySize,
string keyName,
string sigName)
{
IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator(keyName);
// kpg.initialize(keySize);
kpg.Init(new KeyGenerationParameters(new SecureRandom(), keySize));
IAsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
IDictionary attrs = new Hashtable();
attrs.Add(X509Name.C, "AU");
attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
attrs.Add(X509Name.L, "Melbourne");
attrs.Add(X509Name.ST, "Victoria");
attrs.Add(X509Name.EmailAddress, "*****@*****.**");
IList order = new ArrayList();
order.Add(X509Name.C);
order.Add(X509Name.O);
order.Add(X509Name.L);
order.Add(X509Name.ST);
order.Add(X509Name.EmailAddress);
X509Name subject = new X509Name(order, attrs);
Pkcs10CertificationRequest req1 = new Pkcs10CertificationRequest(
sigName,
subject,
kp.Public,
null,
kp.Private);
byte[] bytes = req1.GetEncoded();
Pkcs10CertificationRequest req2 = new Pkcs10CertificationRequest(bytes);
if (!req2.Verify())
{
Fail(sigName + ": Failed Verify check.");
}
if (!req2.GetPublicKey().Equals(req1.GetPublicKey()))
{
Fail(keyName + ": Failed public key check.");
}
}
/**
* Test Sign and Verify with test parameters
* see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
* gostR3410-2001-TestParamSet P.46
*/
private void ecGOST3410_TestParam()
{
SecureRandom random = new SecureRandom();
IBigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
FPCurve curve = new FPCurve(
mod_p, // p
new BigInteger("7"), // a
new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b
ECDomainParameters parameters = new ECDomainParameters(
curve,
new FPPoint(curve,
new FPFieldElement(mod_p, new BigInteger("2")), // x
new FPFieldElement(mod_p, new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280"))), // y
new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q
ECKeyPairGenerator pGen = new ECKeyPairGenerator();
ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
parameters,
random);
pGen.Init(genParam);
IAsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
ECGost3410Signer ecgost3410 = new ECGost3410Signer();
ecgost3410.Init(true, param);
//get hash message using the digest GOST3411.
byte[] message = Encoding.ASCII.GetBytes("Message for sign");
Gost3411Digest gost3411 = new Gost3411Digest();
gost3411.BlockUpdate(message, 0, message.Length);
byte[] hashmessage = new byte[gost3411.GetDigestSize()];
gost3411.DoFinal(hashmessage, 0);
IBigInteger[] sig = ecgost3410.GenerateSignature(hashmessage);
ecgost3410.Init(false, pair.Public);
if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1]))
{
Fail("signature fails");
}
}
public void TestGeneration()
{
//
// ECDSA generation test
//
byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
ISigner s = SignerUtilities.GetSigner("ECDSA");
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
// EllipticCurve curve = new EllipticCurve(
// new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
// new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
// new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECCurve curve = new FPCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECDomainParameters ecSpec = new ECDomainParameters(
curve,
// ECPointUtil.DecodePoint(curve,
curve.DecodePoint(
Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
BigInteger.One); //1); // h
g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
IAsymmetricCipherKeyPair p = g.GenerateKeyPair();
IAsymmetricKeyParameter sKey = p.Private;
IAsymmetricKeyParameter vKey = p.Public;
s.Init(true, sKey);
s.BlockUpdate(data, 0, data.Length);
byte[] sigBytes = s.GenerateSignature();
s = SignerUtilities.GetSigner("ECDSA");
s.Init(false, vKey);
s.BlockUpdate(data, 0, data.Length);
if (!s.VerifySignature(sigBytes))
{
Fail("ECDSA verification failed");
}
}
public static X509Certificate MakeV1Certificate(IAsymmetricCipherKeyPair subKP,
string _subDN, IAsymmetricCipherKeyPair issKP, string _issDN)
{
IAsymmetricKeyParameter subPub = subKP.Public;
IAsymmetricKeyParameter issPriv = issKP.Private;
IAsymmetricKeyParameter issPub = issKP.Public;
X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator();
v1CertGen.Reset();
v1CertGen.SetSerialNumber(AllocateSerialNumber());
v1CertGen.SetIssuerDN(new X509Name(_issDN));
v1CertGen.SetNotBefore(DateTime.UtcNow);
v1CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
v1CertGen.SetSubjectDN(new X509Name(_subDN));
v1CertGen.SetPublicKey(subPub);
if (issPub is RsaKeyParameters)
{
v1CertGen.SetSignatureAlgorithm("SHA1WithRSA");
}
else if (issPub is DsaPublicKeyParameters)
{
v1CertGen.SetSignatureAlgorithm("SHA1withDSA");
}
else if (issPub is ECPublicKeyParameters)
{
ECPublicKeyParameters ecPub = (ECPublicKeyParameters)issPub;
if (ecPub.AlgorithmName == "ECGOST3410")
{
v1CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410");
}
else
{
v1CertGen.SetSignatureAlgorithm("SHA1withECDSA");
}
}
else
{
v1CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410");
}
X509Certificate _cert = v1CertGen.Generate(issPriv);
_cert.CheckValidity(DateTime.UtcNow);
_cert.Verify(issPub);
return(_cert);
}
public static X509Certificate GenerateRootCert(
IAsymmetricCipherKeyPair pair)
{
X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
certGen.SetSerialNumber(BigInteger.One);
certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate"));
certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate"));
certGen.SetPublicKey(pair.Public);
certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
return(certGen.Generate(pair.Private));
}
public void TestNONEwithDSA()
{
byte[] dummySha1 = Hex.Decode("01020304050607080910111213141516");
SecureRandom rand = new SecureRandom();
DsaParametersGenerator pGen = new DsaParametersGenerator();
pGen.Init(512, 80, rand);
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters()));
IAsymmetricCipherKeyPair kp = g.GenerateKeyPair();
ISigner sig = SignerUtilities.GetSigner("NONEwithDSA");
sig.Init(true, kp.Private);
sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
byte[] sigBytes = sig.GenerateSignature();
sig.Init(false, kp.Public);
sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
sig.VerifySignature(sigBytes);
// reset test
sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
if (!sig.VerifySignature(sigBytes))
{
Fail("NONEwithDSA failed to reset");
}
// lightweight test
DsaSigner signer = new DsaSigner();
Asn1Sequence derSig = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(sigBytes));
signer.Init(false, kp.Public);
if (!signer.VerifySignature(dummySha1,
DerInteger.GetInstance(derSig[0]).Value, DerInteger.GetInstance(derSig[1]).Value))
{
Fail("NONEwithDSA not really NONE!");
}
}
public static int Main(string[] args)
{
var secureRandom = new SecureRandom();
var ecParams = new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, secureRandom);
var ecdsa = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
ecdsa.Init(ecParams);
var ecdh = GeneratorUtilities.GetKeyPairGenerator("ECDH");
ecdh.Init(ecParams);
IAsymmetricCipherKeyPair kpEcdsa = ecdsa.GenerateKeyPair();
IAsymmetricCipherKeyPair kpEcdh = ecdh.GenerateKeyPair();
if (args.Length < 2)
{
Console.WriteLine("EcKeyRingGenerator [-a] identity passPhrase");
return(0);
}
Stream out1, out2;
if (args[0].Equals("-a"))
{
if (args.Length < 3)
{
Console.WriteLine("EcKeyRingGenerator [-a] identity passPhrase");
return(0);
}
out1 = File.Create("secret.asc");
out2 = File.Create("pub.asc");
ExportKeyPair(out1, out2, kpEcdsa, kpEcdh, args[1], args[2].ToCharArray(), true, secureRandom);
}
else
{
out1 = File.Create("secret.bpg");
out2 = File.Create("pub.bpg");
ExportKeyPair(out1, out2, kpEcdsa, kpEcdh, args[0], args[1].ToCharArray(), false, secureRandom);
}
out1.Close();
out2.Close();
return(0);
}
public void doTest(
IAsymmetricCipherKeyPairGenerator g,
IBufferedCipher c1,
IBufferedCipher c2)
{
//
// a side
//
IAsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
IAsymmetricKeyParameter aPub = aKeyPair.Public;
IAsymmetricKeyParameter aPriv = aKeyPair.Private;
//
// b side
//
IAsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair();
IAsymmetricKeyParameter bPub = bKeyPair.Public;
IAsymmetricKeyParameter bPriv = bKeyPair.Private;
// TODO Put back in
// //
// // stream test
// //
// IEKeySpec c1Key = new IEKeySpec(aPriv, bPub);
// IEKeySpec c2Key = new IEKeySpec(bPriv, aPub);
//
// byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
// byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
//
// IESParameterSpec param = new IESParameterSpec(d, e, 128);
//
// c1.Init(true, c1Key, param);
//
// c2.Init(false, c2Key, param);
//
// byte[] message = Hex.Decode("1234567890abcdef");
//
// byte[] out1 = c1.DoFinal(message, 0, message.Length);
//
// byte[] out2 = c2.DoFinal(out1, 0, out1.Length);
//
// if (!AreEqual(out2, message))
// {
// Fail("stream cipher test failed");
// }
}
/**
* this test is can take quiet a while
*
* @param size size of key in bits.
*/
private void doTestGeneration(
int size)
{
ElGamalParametersGenerator pGen = new ElGamalParametersGenerator();
pGen.Init(size, 10, new SecureRandom());
ElGamalParameters elParams = pGen.GenerateParameters();
if (elParams.L != 0)
{
Fail("ElGamalParametersGenerator failed to set L to 0 in generated ElGamalParameters");
}
ElGamalKeyGenerationParameters ekgParams = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams);
ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator();
kpGen.Init(ekgParams);
//
// generate first pair
//
IAsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
ElGamalPublicKeyParameters pu = (ElGamalPublicKeyParameters)pair.Public;
ElGamalPrivateKeyParameters pv = (ElGamalPrivateKeyParameters)pair.Private;
ElGamalEngine e = new ElGamalEngine();
e.Init(true, new ParametersWithRandom(pu, new SecureRandom()));
byte[] message = Hex.Decode("5468697320697320612074657374");
byte[] pText = message;
byte[] cText = e.ProcessBlock(pText, 0, pText.Length);
e.Init(false, pv);
pText = e.ProcessBlock(cText, 0, cText.Length);
if (!Arrays.AreEqual(message, pText))
{
Fail("generation test failed");
}
}
private void testNoExtraLocalKeyID(byte[] store1data)
{
IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
kpg.Init(new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25));
IAsymmetricCipherKeyPair newPair = kpg.GenerateKeyPair();
Pkcs12Store store1 = new Pkcs12StoreBuilder().Build();
store1.Load(new MemoryStream(store1data, false), passwd);
Pkcs12Store store2 = new Pkcs12StoreBuilder().Build();
AsymmetricKeyEntry k1 = store1.GetKey("privatekey");
X509CertificateEntry[] chain1 = store1.GetCertificateChain("privatekey");
X509CertificateEntry[] chain2 = new X509CertificateEntry[chain1.Length + 1];
Array.Copy(chain1, 0, chain2, 1, chain1.Length);
chain2[0] = CreateCert(newPair.Public, k1.Key, "*****@*****.**", "*****@*****.**");
if (chain1[0][PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null)
{
Fail("localKeyID not found initially");
}
store2.SetKeyEntry("new", new AsymmetricKeyEntry(newPair.Private), chain2);
MemoryStream bOut = new MemoryStream();
store2.Save(bOut, passwd, new SecureRandom());
store2.Load(new MemoryStream(bOut.ToArray(), false), passwd);
chain2 = store2.GetCertificateChain("new");
if (chain2[1][PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] != null)
{
Fail("localKeyID found after save");
}
}
public static X509Crl MakeCrl(
IAsymmetricCipherKeyPair pair)
{
X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
DateTime now = DateTime.UtcNow;
crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
return(crlGen.Generate(pair.Private));
}
private void doTestDHBasic(
int size,
int privateValueSize,
IBigInteger g,
IBigInteger p)
{
DHBasicKeyPairGenerator kpGen = getDHBasicKeyPairGenerator(g, p, privateValueSize);
//
// generate first pair
//
IAsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
checkKeySize(privateValueSize, pv1);
//
// generate second pair
//
pair = kpGen.GenerateKeyPair();
DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
checkKeySize(privateValueSize, pv2);
//
// two way
//
DHBasicAgreement e1 = new DHBasicAgreement();
DHBasicAgreement e2 = new DHBasicAgreement();
e1.Init(pv1);
e2.Init(pv2);
IBigInteger k1 = e1.CalculateAgreement(pu2);
IBigInteger k2 = e2.CalculateAgreement(pu1);
if (!k1.Equals(k2))
{
Fail("basic " + size + " bit 2-way test failed");
}
}
public static X509Certificate MakeCertificate(IAsymmetricCipherKeyPair _subKP,
string _subDN, IAsymmetricCipherKeyPair _issKP, string _issDN)
{
return MakeCertificate(_subKP, _subDN, _issKP, _issDN, false);
}
public static X509Certificate MakeCertificate(IAsymmetricCipherKeyPair _subKP,
string _subDN, IAsymmetricCipherKeyPair _issKP, string _issDN, bool _ca)
{
IAsymmetricKeyParameter _subPub = _subKP.Public;
IAsymmetricKeyParameter _issPriv = _issKP.Private;
IAsymmetricKeyParameter _issPub = _issKP.Public;
X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
_v3CertGen.Reset();
_v3CertGen.SetSerialNumber(allocateSerialNumber());
_v3CertGen.SetIssuerDN(new X509Name(_issDN));
_v3CertGen.SetNotBefore(DateTime.UtcNow);
_v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
_v3CertGen.SetSubjectDN(new X509Name(_subDN));
_v3CertGen.SetPublicKey(_subPub);
_v3CertGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
_v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
_v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false,
createAuthorityKeyId(_issPub));
if (_ca)
{
_v3CertGen.AddExtension(X509Extensions.BasicConstraints, false,
new BasicConstraints(_ca));
}
else
{
_v3CertGen.AddExtension(X509Extensions.ExtendedKeyUsage, true,
ExtendedKeyUsage.GetInstance(new DerSequence(KeyPurposeID.IdKPTimeStamping)));
}
X509Certificate _cert = _v3CertGen.Generate(_issPriv);
_cert.CheckValidity(DateTime.UtcNow);
_cert.Verify(_issPub);
return _cert;
}
private void SubjectKeyIDTest(
IAsymmetricCipherKeyPair signaturePair,
X509Certificate signatureCert,
string digestAlgorithm)
{
IList certList = new ArrayList();
IList crlList = new ArrayList();
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
certList.Add(signatureCert);
certList.Add(OrigCert);
crlList.Add(SignCrl);
IX509Store x509Certs = X509StoreFactory.Create(
"Certificate/Collection",
new X509CollectionStoreParameters(certList));
IX509Store x509Crls = X509StoreFactory.Create(
"CRL/Collection",
new X509CollectionStoreParameters(crlList));
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(signaturePair.Private,
CmsTestUtil.CreateSubjectKeyId(signatureCert.GetPublicKey()).GetKeyIdentifier(),
digestAlgorithm);
gen.AddCertificates(x509Certs);
gen.AddCrls(x509Crls);
CmsSignedData s = gen.Generate(msg, true);
Assert.AreEqual(3, s.Version);
MemoryStream bIn = new MemoryStream(s.GetEncoded(), false);
Asn1InputStream aIn = new Asn1InputStream(bIn);
s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject()));
x509Certs = s.GetCertificates("Collection");
x509Crls = s.GetCrls("Collection");
SignerInformationStore signers = s.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
IEnumerator certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
X509Certificate cert = (X509Certificate) certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
}
//
// check for CRLs
//
ArrayList crls = new ArrayList(x509Crls.GetMatches(null));
Assert.AreEqual(1, crls.Count);
Assert.IsTrue(crls.Contains(SignCrl));
//
// try using existing signer
//
gen = new CmsSignedDataGenerator();
gen.AddSigners(s.GetSignerInfos());
gen.AddCertificates(s.GetCertificates("Collection"));
gen.AddCrls(s.GetCrls("Collection"));
s = gen.Generate(msg, true);
bIn = new MemoryStream(s.GetEncoded(), false);
aIn = new Asn1InputStream(bIn);
s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject()));
x509Certs = s.GetCertificates("Collection");
x509Crls = s.GetCrls("Collection");
signers = s.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
IEnumerator certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
X509Certificate cert = (X509Certificate) certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
}
CheckSignerStoreReplacement(s, signers);
}
/**
* Create a self signed cert for our software emulation
*
* @param kp
* is the keypair for our certificate
* @return a self signed cert for our software emulation
* @throws InvalidKeyException
* on error
* @throws SignatureException
* on error
*/
private X509Certificate GenerateSelfSignedSoftECCert(
IAsymmetricCipherKeyPair kp,
bool compress)
{
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
ECPrivateKeyParameters privECKey = (ECPrivateKeyParameters) kp.Private;
ECPublicKeyParameters pubECKey = (ECPublicKeyParameters) kp.Public;
if (!compress)
{
// TODO Private key compression?
//privECKey.setPointFormat("UNCOMPRESSED");
//pubECKey.setPointFormat("UNCOMPRESSED");
pubECKey = SetPublicUncompressed(pubECKey, false);
}
certGen.SetSignatureAlgorithm("ECDSAwithSHA1");
certGen.SetSerialNumber(BigInteger.One);
certGen.SetIssuerDN(new X509Name("CN=Software emul (EC Cert)"));
certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50000));
certGen.SetSubjectDN(new X509Name("CN=Software emul (EC Cert)"));
certGen.SetPublicKey(pubECKey);
return certGen.Generate(privECKey);
}
public static X509Certificate GenerateRootCert(
IAsymmetricCipherKeyPair pair)
{
X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
certGen.SetSerialNumber(BigInteger.One);
certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate"));
certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate"));
certGen.SetPublicKey(pair.Public);
certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
return certGen.Generate(pair.Private);
}
/**
* X9.62 - 1998,<br/>
* J.3.1, Page 152, ECDSA over the field Fp<br/>
* an example with 192 bit prime
*/
private static IBigInteger CalculateAgreement(
IAsymmetricCipherKeyPair u1,
IAsymmetricCipherKeyPair u2,
IAsymmetricCipherKeyPair v1,
IAsymmetricCipherKeyPair v2)
{
var u = new ECMqvBasicAgreement();
u.Init(new MqvPrivateParameters(
(ECPrivateKeyParameters) u1.Private,
(ECPrivateKeyParameters) u2.Private,
(ECPublicKeyParameters) u2.Public));
IBigInteger ux = u.CalculateAgreement(new MqvPublicParameters(
(ECPublicKeyParameters) v1.Public,
(ECPublicKeyParameters) v2.Public));
var v = new ECMqvBasicAgreement();
v.Init(new MqvPrivateParameters(
(ECPrivateKeyParameters) v1.Private,
(ECPrivateKeyParameters) v2.Private,
(ECPublicKeyParameters) v2.Public));
IBigInteger vx = v.CalculateAgreement(new MqvPublicParameters(
(ECPublicKeyParameters) u1.Public,
(ECPublicKeyParameters) u2.Public));
if (ux.Equals(vx))
return ux;
return null;
}
public static X509Certificate MakeV1Certificate(IAsymmetricCipherKeyPair subKP,
string _subDN, IAsymmetricCipherKeyPair issKP, string _issDN)
{
IAsymmetricKeyParameter subPub = subKP.Public;
IAsymmetricKeyParameter issPriv = issKP.Private;
IAsymmetricKeyParameter issPub = issKP.Public;
X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator();
v1CertGen.Reset();
v1CertGen.SetSerialNumber(AllocateSerialNumber());
v1CertGen.SetIssuerDN(new X509Name(_issDN));
v1CertGen.SetNotBefore(DateTime.UtcNow);
v1CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
v1CertGen.SetSubjectDN(new X509Name(_subDN));
v1CertGen.SetPublicKey(subPub);
if (issPub is RsaKeyParameters)
{
v1CertGen.SetSignatureAlgorithm("SHA1WithRSA");
}
else if (issPub is DsaPublicKeyParameters)
{
v1CertGen.SetSignatureAlgorithm("SHA1withDSA");
}
else if (issPub is ECPublicKeyParameters)
{
ECPublicKeyParameters ecPub = (ECPublicKeyParameters)issPub;
if (ecPub.AlgorithmName == "ECGOST3410")
{
v1CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410");
}
else
{
v1CertGen.SetSignatureAlgorithm("SHA1withECDSA");
}
}
else
{
v1CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410");
}
X509Certificate _cert = v1CertGen.Generate(issPriv);
_cert.CheckValidity(DateTime.UtcNow);
_cert.Verify(issPub);
return _cert;
}
public static X509Crl MakeCrl(
IAsymmetricCipherKeyPair pair)
{
X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
DateTime now = DateTime.UtcNow;
crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
return crlGen.Generate(pair.Private);
}
public static X509Certificate MakeCertificate(IAsymmetricCipherKeyPair _subKP,
string _subDN, IAsymmetricCipherKeyPair _issKP, string _issDN, bool _ca)
{
return MakeCertificate(_subKP,_subDN, _issKP, _issDN, "MD5withRSA", _ca);
}
private void DoTest(
IAsymmetricCipherKeyPair p1,
IAsymmetricCipherKeyPair p2)
{
//
// stream test
//
IesEngine i1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()));
IesEngine i2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()));
byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
IesParameters p = new IesParameters(d, e, 64);
i1.Init(true, p1.Private, p2.Public, p);
i2.Init(false, p2.Private, p1.Public, p);
byte[] message = Hex.Decode("1234567890abcdef");
byte[] out1 = i1.ProcessBlock(message, 0, message.Length);
byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length);
if (!AreEqual(out2, message))
{
Fail("stream cipher test failed");
}
//
// twofish with CBC
//
BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
new CbcBlockCipher(new TwofishEngine()));
BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
new CbcBlockCipher(new TwofishEngine()));
i1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()),
c1);
i2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()),
c2);
d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
p = new IesWithCipherParameters(d, e, 64, 128);
i1.Init(true, p1.Private, p2.Public, p);
i2.Init(false, p2.Private, p1.Public, p);
message = Hex.Decode("1234567890abcdef");
out1 = i1.ProcessBlock(message, 0, message.Length);
out2 = i2.ProcessBlock(out1, 0, out1.Length);
if (!AreEqual(out2, message))
{
Fail("twofish cipher test failed");
}
}
public static X509Certificate MakeCertificate(
IAsymmetricCipherKeyPair subKP, string _subDN,
IAsymmetricCipherKeyPair issKP, string _issDN, bool _ca)
{
IAsymmetricKeyParameter subPub = subKP.Public;
IAsymmetricKeyParameter issPriv = issKP.Private;
IAsymmetricKeyParameter issPub = issKP.Public;
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen.Reset();
v3CertGen.SetSerialNumber(AllocateSerialNumber());
v3CertGen.SetIssuerDN(new X509Name(_issDN));
v3CertGen.SetNotBefore(DateTime.UtcNow);
v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
v3CertGen.SetSubjectDN(new X509Name(_subDN));
v3CertGen.SetPublicKey(subPub);
if (issPub is RsaKeyParameters)
{
v3CertGen.SetSignatureAlgorithm("SHA1WithRSA");
}
else if (issPub is ECPublicKeyParameters)
{
ECPublicKeyParameters ecPub = (ECPublicKeyParameters) issPub;
if (ecPub.AlgorithmName == "ECGOST3410")
{
v3CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410");
}
else
{
v3CertGen.SetSignatureAlgorithm("SHA1withECDSA");
}
}
else
{
v3CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410");
}
v3CertGen.AddExtension(
X509Extensions.SubjectKeyIdentifier,
false,
CreateSubjectKeyId(subPub));
v3CertGen.AddExtension(
X509Extensions.AuthorityKeyIdentifier,
false,
CreateAuthorityKeyId(issPub));
v3CertGen.AddExtension(
X509Extensions.BasicConstraints,
false,
new BasicConstraints(_ca));
X509Certificate _cert = v3CertGen.Generate(issPriv);
_cert.CheckValidity();
_cert.Verify(issPub);
return _cert;
}
private static void ExportKeyPair(
Stream secretOut,
Stream publicOut,
IAsymmetricCipherKeyPair dsaKp,
IAsymmetricCipherKeyPair elgKp,
string identity,
char[] passPhrase,
bool armor)
{
if (armor)
{
secretOut = new ArmoredOutputStream(secretOut);
}
PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow);
PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow);
PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair,
identity, SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, new SecureRandom());
keyRingGen.AddSubKey(elgKeyPair);
keyRingGen.GenerateSecretKeyRing().Encode(secretOut);
if (armor)
{
secretOut.Close();
publicOut = new ArmoredOutputStream(publicOut);
}
keyRingGen.GeneratePublicKeyRing().Encode(publicOut);
if (armor)
{
publicOut.Close();
}
}
private void keyPairTest(
string name,
IAsymmetricCipherKeyPair pair)
{
MemoryStream bOut = new MemoryStream();
PemWriter pWrt = new PemWriter(new StreamWriter(bOut));
pWrt.WriteObject(pair.Public);
pWrt.Writer.Close();
PemReader pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false)));
IAsymmetricKeyParameter pubK = (AsymmetricKeyParameter) pemRd.ReadObject();
if (!pubK.Equals(pair.Public))
{
Fail("Failed public key read: " + name);
}
bOut = new MemoryStream();
pWrt = new PemWriter(new StreamWriter(bOut));
pWrt.WriteObject(pair.Private);
pWrt.Writer.Close();
pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false)));
IAsymmetricCipherKeyPair kPair = (AsymmetricCipherKeyPair) pemRd.ReadObject();
if (!kPair.Private.Equals(pair.Private))
{
Fail("Failed private key read: " + name);
}
if (!kPair.Public.Equals(pair.Public))
{
Fail("Failed private key public read: " + name);
}
}
private void checkKeySize(
int privateValueSize,
IAsymmetricCipherKeyPair aKeyPair)
{
if (privateValueSize != 0)
{
DHPrivateKeyParameters key = (DHPrivateKeyParameters)aKeyPair.Private;
if (key.X.BitLength != privateValueSize)
{
Fail("limited key check failed for key size " + privateValueSize);
}
}
}
