Ejemplo n.º 1
         * Create a new instance with the provided element (unsigned,
         * big-endian). This constructor checks the following rules:
         *   the modulus size must be at least 512 bits
         *   the modulus must be odd
         *   the exponent must be odd and greater than 1
        public RSAPublicKey(byte[] modulus, byte[] exponent)
            mod = BigInt.NormalizeBE(modulus, false);
            e   = BigInt.NormalizeBE(exponent, false);
            if (mod.Length < 64 || (mod.Length == 64 && mod[0] < 0x80))
                throw new CryptoException(
                          "Invalid RSA public key (less than 512 bits)");
            if ((mod[mod.Length - 1] & 0x01) == 0)
                throw new CryptoException(
                          "Invalid RSA public key (even modulus)");
            if (BigInt.IsZero(e))
                throw new CryptoException(
                          "Invalid RSA public key (exponent is zero)");
            if (BigInt.IsOne(e))
                throw new CryptoException(
                          "Invalid RSA public key (exponent is one)");
            if ((e[e.Length - 1] & 0x01) == 0)
                throw new CryptoException(
                          "Invalid RSA public key (even exponent)");

             * A simple hash code that will work well because RSA
             * keys are in practice quite randomish.
            hashCode = (int)(BigInt.HashInt(modulus)
                             ^ BigInt.HashInt(exponent));
Ejemplo n.º 2
         * Create a new instance with the provided elements. Values are
         * in unsigned big-endian representation.
         *   n    modulus
         *   e    public exponent
         *   d    private exponent
         *   p    first modulus factor
         *   q    second modulus factor
         *   dp   d mod (p-1)
         *   dq   d mod (q-1)
         *   iq   (1/q) mod p
         * Rules verified by this constructor:
         *   n must be odd and at least 512 bits
         *   e must be odd
         *   p must be odd
         *   q must be odd
         *   p and q are greater than 1
         *   n is equal to p*q
         *   dp must be non-zero and lower than p-1
         *   dq must be non-zero and lower than q-1
         *   iq must be non-zero and lower than p
         * This constructor does NOT verify that:
         *   p and q are prime
         *   d is equal to dp modulo p-1
         *   d is equal to dq modulo q-1
         *   dp is the inverse of e modulo p-1
         *   dq is the inverse of e modulo q-1
         *   iq is the inverse of q modulo p
        public RSAPrivateKey(byte[] n, byte[] e, byte[] d,
                             byte[] p, byte[] q, byte[] dp, byte[] dq, byte[] iq)
            n  = BigInt.NormalizeBE(n);
            e  = BigInt.NormalizeBE(e);
            d  = BigInt.NormalizeBE(d);
            p  = BigInt.NormalizeBE(p);
            q  = BigInt.NormalizeBE(q);
            dp = BigInt.NormalizeBE(dp);
            dq = BigInt.NormalizeBE(dq);
            iq = BigInt.NormalizeBE(iq);

            if (n.Length < 64 || (n.Length == 64 && n[0] < 0x80))
                throw new CryptoException(
                          "Invalid RSA private key (less than 512 bits)");
            if (!BigInt.IsOdd(n))
                throw new CryptoException(
                          "Invalid RSA private key (even modulus)");
            if (!BigInt.IsOdd(e))
                throw new CryptoException(
                          "Invalid RSA private key (even exponent)");
            if (!BigInt.IsOdd(p) || !BigInt.IsOdd(q))
                throw new CryptoException(
                          "Invalid RSA private key (even factor)");
            if (BigInt.IsOne(p) || BigInt.IsOne(q))
                throw new CryptoException(
                          "Invalid RSA private key (trivial factor)");
            if (BigInt.Compare(n, BigInt.Mul(p, q)) != 0)
                throw new CryptoException(
                          "Invalid RSA private key (bad factors)");
            if (dp.Length == 0 || dq.Length == 0)
                throw new CryptoException(
                          "Invalid RSA private key"
                          + " (null reduced private exponent)");

             * We can temporarily modify p[] and q[] (to compute
             * p-1 and q-1) since these are freshly produced copies.
            p[p.Length - 1]--;
            q[q.Length - 1]--;
            if (BigInt.Compare(dp, p) >= 0 || BigInt.Compare(dq, q) >= 0)
                throw new CryptoException(
                          "Invalid RSA private key"
                          + " (oversized reduced private exponent)");
            p[p.Length - 1]++;
            q[q.Length - 1]++;
            if (iq.Length == 0 || BigInt.Compare(iq, p) >= 0)
                throw new CryptoException(
                          "Invalid RSA private key"
                          + " (out of range CRT coefficient)");
            this.n  = n;
            this.e  = e;
            this.d  = d;
            this.p  = p;
            this.q  = q;
            this.dp = dp;
            this.dq = dq;
            this.iq = iq;