/// <summary> /// Log the verification parameters when verifying the SignedInfo section of a signature using a /// keyed hash algorithm /// </summary> /// <param name="signedXml">SignedXml object doing the verification</param> /// <param name="mac">hash algoirthm doing the verification</param> /// <param name="actualHashValue">hash value of the signed info</param> /// <param name="signatureValue">raw signature value</param> internal static void LogVerifySignedInfo(SignedXml signedXml, KeyedHashAlgorithm mac, byte[] actualHashValue, byte[] signatureValue) { Debug.Assert(signedXml != null, "signedXml != null"); Debug.Assert(mac != null, "mac != null"); if (InformationLoggingEnabled) { string logMessage = String.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_VerifySignedInfoHmac"), mac.GetType().Name); WriteLine(signedXml, TraceEventType.Information, SignedXmlDebugEvent.VerifySignedInfo, logMessage); } if (VerboseLoggingEnabled) { string hashLog = String.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_ActualHashValue"), FormatBytes(actualHashValue)); WriteLine(signedXml, TraceEventType.Verbose, SignedXmlDebugEvent.VerifySignedInfo, hashLog); string signatureLog = String.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_RawSignatureValue"), FormatBytes(signatureValue)); WriteLine(signedXml, TraceEventType.Verbose, SignedXmlDebugEvent.VerifySignedInfo, signatureLog); } }
public JsonWebKey(KeyedHashAlgorithm key) { if (key is HMAC hmacKey) { SetHmacKey(hmacKey); return; } throw new ArgumentException($"Unsupported key type: {key.GetType()}"); }
public virtual IHasherTasks CloneLightHasher() { InitializeHashKey(); var hasher = new KeyedHasher { _hashAlgorithm = KeyedHashAlgorithm.Create(_hashAlgorithm.GetType().FullName), IsHashKeyInitialized = true, KeyStorage = null, }; hasher._hashAlgorithm.Key = (byte[])_hashAlgorithm.Key.Clone(); return(hasher); }
/// <summary> /// Log the computation of a signature value when signing with a keyed hash algorithm /// </summary> /// <param name="signedXml">SignedXml object calculating the signature</param> /// <param name="key">key the signature is created with</param> /// <param name="hash">hash algorithm used to digest the output</param> /// <param name="asymmetricSignatureFormatter">signature formatter used to do the signing</param> internal static void LogSigning(SignedXml signedXml, KeyedHashAlgorithm key) { Debug.Assert(signedXml != null, "signedXml != null"); Debug.Assert(key != null, "key != null"); if (InformationLoggingEnabled) { string logMessage = String.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_SigningHmac"), key.GetType().Name); WriteLine(signedXml, TraceEventType.Information, SignedXmlDebugEvent.Signing, logMessage); } }
public void ProcessOutputRecord(Record output) { Log.Trace("Processing output record with seq no: " + output.SequenceNumber); Log.Trace("Processing output record with MAC: " + _outputHasher.GetType().Name); Log.Trace("Processing output record with Crypto: " + _outputCipherSuite.CipherSuiteName); // Construct the sequence number correctly UInt64 seqNum = _outputSequenceNumber; if (output.Version.IsUsingDatagrams) { if ((_outputSequenceNumber >> 48) != 0) { // TODO: need renegotiation, throw Exception? } seqNum = (((UInt64)_outputEpoch) << 48) | _outputSequenceNumber; } // In case of AEAD we need to create a new encryptor for each record byte[] nonceExplicit = new byte[0]; if (_outputCipherSuite.BulkCipherAlgorithm.Type == BulkCipherAlgorithmType.AEAD) { _encryptor = CreateAEADEncryptor(_outputCipherSuite, output, _outputKey, _outputFixedIV, _outputRecordIV, seqNum, out nonceExplicit); } CompressRecord(output); //_outputHasher = _outputCipherSuite.MACAlgorithm.CreateHasher(_outputKeyBlock.ClientWriteMACKey); var mac = GenerateMAC(_outputCipherSuite, output, seqNum, _outputHasher); Log.Trace("MAC for seq " + seqNum + ": " + BitConverter.ToString(mac)); GeneratePadding(this._outputCipherSuite, output); EncryptRecord(this._outputCipherSuite, output, this._encryptor, nonceExplicit); // If we're running DTLS, set epoch and seqnum if (output.Version.IsUsingDatagrams) { output.Epoch = _outputEpoch; output.SequenceNumber = _outputSequenceNumber; } // Update the output sequence number _outputSequenceNumber++; }
/// <summary> /// <para>Determines if the <paramref name="key"/> is valid.</para> /// </summary> /// <param name="key">The key to test.</param> /// <returns><para><see langword="true"/> if the key is valid; otherwise <see langword="false"/>.</para></returns> public bool KeyIsValid(byte[] key) { bool result = false; try { algorithm.Key = key; algorithm.ComputeHash(new byte[] { 0, 1, 2, 3 }); result = true; } catch { /* suppress */ } algorithm = CreateAlgorithm(algorithm.GetType().AssemblyQualifiedName); return(result); }
internal static void LogVerifySignedInfo(SignedXml signedXml, KeyedHashAlgorithm mac, byte[] actualHashValue, byte[] signatureValue) { if (InformationLoggingEnabled) { string data = string.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_VerifySignedInfoHmac"), new object[] { mac.GetType().Name }); WriteLine(signedXml, TraceEventType.Information, SignedXmlDebugEvent.VerifySignedInfo, data); } if (VerboseLoggingEnabled) { string str2 = string.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_ActualHashValue"), new object[] { FormatBytes(actualHashValue) }); WriteLine(signedXml, TraceEventType.Verbose, SignedXmlDebugEvent.VerifySignedInfo, str2); string str3 = string.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_RawSignatureValue"), new object[] { FormatBytes(signatureValue) }); WriteLine(signedXml, TraceEventType.Verbose, SignedXmlDebugEvent.VerifySignedInfo, str3); } }
internal static void LogSigning(SignedXml signedXml, KeyedHashAlgorithm key) { if (InformationLoggingEnabled) { string data = string.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_SigningHmac"), new object[] { key.GetType().Name }); WriteLine(signedXml, TraceEventType.Information, SignedXmlDebugEvent.Signing, data); } }
/// <summary> /// Log the verification parameters when verifying the SignedInfo section of a signature using a /// keyed hash algorithm /// </summary> /// <param name="signedXml">SignedXml object doing the verification</param> /// <param name="mac">hash algoirthm doing the verification</param> /// <param name="actualHashValue">hash value of the signed info</param> /// <param name="signatureValue">raw signature value</param> internal static void LogVerifySignedInfo(SignedXml signedXml, KeyedHashAlgorithm mac, byte[] actualHashValue, byte[] signatureValue) { Debug.Assert(signedXml != null, "signedXml != null"); Debug.Assert(mac != null, "mac != null"); if (InformationLoggingEnabled) { string logMessage = String.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_VerifySignedInfoHmac"), mac.GetType().Name); WriteLine(signedXml, TraceEventType.Information, SignedXmlDebugEvent.VerifySignedInfo, logMessage); } if (VerboseLoggingEnabled) { string hashLog = String.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_ActualHashValue"), FormatBytes(actualHashValue)); WriteLine(signedXml, TraceEventType.Verbose, SignedXmlDebugEvent.VerifySignedInfo, hashLog); string signatureLog = String.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_RawSignatureValue"), FormatBytes(signatureValue)); WriteLine(signedXml, TraceEventType.Verbose, SignedXmlDebugEvent.VerifySignedInfo, signatureLog); } }
/// <summary> /// Log the computation of a signature value when signing with a keyed hash algorithm /// </summary> /// <param name="signedXml">SignedXml object calculating the signature</param> /// <param name="key">key the signature is created with</param> /// <param name="hash">hash algorithm used to digest the output</param> /// <param name="asymmetricSignatureFormatter">signature formatter used to do the signing</param> internal static void LogSigning(SignedXml signedXml, KeyedHashAlgorithm key) { Debug.Assert(signedXml != null, "signedXml != null"); Debug.Assert(key != null, "key != null"); if (InformationLoggingEnabled) { string logMessage = String.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_SigningHmac"), key.GetType().Name); WriteLine(signedXml, TraceEventType.Information, SignedXmlDebugEvent.Signing, logMessage); } }