public void ImportCspBlob(byte[] keyBlob)
{
if (keyBlob == null)
{
throw new ArgumentNullException("keyBlob");
}
DSA dsa = CryptoConvert.FromCapiKeyBlobDSA(keyBlob);
if (dsa is DSACryptoServiceProvider)
{
DSAParameters dsap = dsa.ExportParameters(!(dsa as DSACryptoServiceProvider).PublicOnly);
ImportParameters(dsap);
}
else
{
// we can't know from DSA if the private key is available
try
{
// so we try it...
DSAParameters dsap = dsa.ExportParameters(true);
ImportParameters(dsap);
}
catch
{
// and fall back
DSAParameters dsap = dsa.ExportParameters(false);
ImportParameters(dsap);
}
}
}
public static void FromToXml()
{
using (DSA dsa = DSAFactory.Create())
{
DSAParameters pubOnly = dsa.ExportParameters(false);
DSAParameters pubPriv = dsa.ExportParameters(true);
string xmlPub = dsa.ToXmlString(false);
string xmlPriv = dsa.ToXmlString(true);
using (DSA dsaPub = DSAFactory.Create())
{
dsaPub.FromXmlString(xmlPub);
DSAImportExport.AssertKeyEquals(pubOnly, dsaPub.ExportParameters(false));
}
using (DSA dsaPriv = DSAFactory.Create())
{
dsaPriv.FromXmlString(xmlPriv);
DSAImportExport.AssertKeyEquals(pubPriv, dsaPriv.ExportParameters(true));
DSAImportExport.AssertKeyEquals(pubOnly, dsaPriv.ExportParameters(false));
}
}
}
public static void ExportAutoKey()
{
DSAParameters privateParams;
DSAParameters publicParams;
int keySize;
using (DSA dsa = DSAFactory.Create())
{
keySize = dsa.KeySize;
// We've not done anything with this instance yet, but it should automatically
// create the key, because we'll now asked about it.
privateParams = dsa.ExportParameters(true);
publicParams = dsa.ExportParameters(false);
// It shouldn't be changing things when it generated the key.
Assert.Equal(keySize, dsa.KeySize);
}
Assert.Null(publicParams.X);
Assert.NotNull(privateParams.X);
ValidateParameters(ref publicParams);
ValidateParameters(ref privateParams);
Assert.Equal(privateParams.G, publicParams.G);
Assert.Equal(privateParams.Y, publicParams.Y);
}
public byte[] ExportPublicKey()
{
var dsaParameters = dsa.ExportParameters(false);
int expectedLength = MPInteger.GetMPEncodedLength(dsaParameters.P !, dsaParameters.Q !, dsaParameters.G !, dsaParameters.Y !);
var destination = new byte[expectedLength];
WriteOpenPgpPublicKey(dsaParameters, destination);
return(destination);
}
static void AssertDSA(DSA dsa)
{
// first, check private key conversion
var expected = dsa.ExportParameters(true);
var keyParameter = dsa.AsAsymmetricKeyParameter();
DSA asymmetricAlgorithm;
try {
asymmetricAlgorithm = keyParameter.AsAsymmetricAlgorithm() as DSA;
} catch {
Console.WriteLine("System.Security DSA X parameter = {0}", expected.X.AsHex());
Console.WriteLine("Bouncy Castle DSA X parameter = {0}", ((DsaPrivateKeyParameters)keyParameter).X.ToByteArrayUnsigned().AsHex());
throw;
}
var actual = asymmetricAlgorithm.ExportParameters(true);
Assert.AreEqual(expected.Counter, actual.Counter, "Counter");
AssertAreEqual(expected.Seed, actual.Seed, "Seed");
AssertAreEqual(expected.G, actual.G, "G");
AssertAreEqual(expected.P, actual.P, "P");
AssertAreEqual(expected.Q, actual.Q, "Q");
AssertAreEqual(expected.X, actual.X, "X");
AssertAreEqual(expected.Y, actual.Y, "Y");
// test AsymmetricCipherKeyPair conversion
var keyPair = dsa.AsAsymmetricCipherKeyPair();
asymmetricAlgorithm = keyPair.AsAsymmetricAlgorithm() as DSA;
actual = asymmetricAlgorithm.ExportParameters(true);
Assert.AreEqual(expected.Counter, actual.Counter, "Counter");
AssertAreEqual(expected.Seed, actual.Seed, "Seed");
AssertAreEqual(expected.G, actual.G, "G");
AssertAreEqual(expected.P, actual.P, "P");
AssertAreEqual(expected.Q, actual.Q, "Q");
AssertAreEqual(expected.X, actual.X, "X");
AssertAreEqual(expected.Y, actual.Y, "Y");
// test public key conversion
expected = dsa.ExportParameters(false);
var pubdsa = new DSACryptoServiceProvider();
pubdsa.ImportParameters(expected);
keyParameter = pubdsa.AsAsymmetricKeyParameter();
asymmetricAlgorithm = keyParameter.AsAsymmetricAlgorithm() as DSA;
actual = asymmetricAlgorithm.ExportParameters(false);
Assert.AreEqual(expected.Counter, actual.Counter, "Counter");
AssertAreEqual(expected.Seed, actual.Seed, "Seed");
AssertAreEqual(expected.G, actual.G, "G");
AssertAreEqual(expected.P, actual.P, "P");
AssertAreEqual(expected.Q, actual.Q, "Q");
AssertAreEqual(expected.X, actual.X, "X");
AssertAreEqual(expected.Y, actual.Y, "Y");
}
public void DSAImportPrivateExportPrivate()
{
DSAParameters input = AllTests.GetKey(true);
dsa.ImportParameters(input);
string xmlDSA = dsa.ToXmlString(true);
dsa.FromXmlString(xmlDSA);
Assert.AreEqual(xmlPrivate, xmlDSA, "DSA Import Private Export Private (xml)");
DSAParameters output = dsa.ExportParameters(true);
AssertEquals("DSA Import Private Export Private (binary)", AllTests.GetKey(true), output, true);
}
static void AssertDSA(DSA dsa)
{
// first, check private key conversion
var expected = dsa.ExportParameters(true);
var keyParameter = dsa.AsAsymmetricKeyParameter();
var asymmetricAlgorithm = keyParameter.AsAsymmetricAlgorithm() as DSA;
var actual = asymmetricAlgorithm.ExportParameters(true);
Assert.AreEqual(expected.Counter, actual.Counter, "Counter");
AssertAreEqual(expected.Seed, actual.Seed, "Seed");
AssertAreEqual(expected.G, actual.G, "G");
AssertAreEqual(expected.P, actual.P, "P");
AssertAreEqual(expected.Q, actual.Q, "Q");
AssertAreEqual(expected.X, actual.X, "X");
AssertAreEqual(expected.Y, actual.Y, "Y");
// test AsymmetricCipherKeyPair conversion
var keyPair = dsa.AsAsymmetricCipherKeyPair();
asymmetricAlgorithm = keyPair.AsAsymmetricAlgorithm() as DSA;
actual = asymmetricAlgorithm.ExportParameters(true);
Assert.AreEqual(expected.Counter, actual.Counter, "Counter");
AssertAreEqual(expected.Seed, actual.Seed, "Seed");
AssertAreEqual(expected.G, actual.G, "G");
AssertAreEqual(expected.P, actual.P, "P");
AssertAreEqual(expected.Q, actual.Q, "Q");
AssertAreEqual(expected.X, actual.X, "X");
AssertAreEqual(expected.Y, actual.Y, "Y");
// test public key conversion
expected = dsa.ExportParameters(false);
var pubdsa = new DSACryptoServiceProvider();
pubdsa.ImportParameters(expected);
keyParameter = pubdsa.AsAsymmetricKeyParameter();
asymmetricAlgorithm = keyParameter.AsAsymmetricAlgorithm() as DSA;
actual = asymmetricAlgorithm.ExportParameters(false);
Assert.AreEqual(expected.Counter, actual.Counter, "Counter");
AssertAreEqual(expected.Seed, actual.Seed, "Seed");
AssertAreEqual(expected.G, actual.G, "G");
AssertAreEqual(expected.P, actual.P, "P");
AssertAreEqual(expected.Q, actual.Q, "Q");
AssertAreEqual(expected.X, actual.X, "X");
AssertAreEqual(expected.Y, actual.Y, "Y");
}
protected override PublicKey BuildPublicKey()
{
// DSA
Oid oid = new Oid("1.2.840.10040.4.1");
DSAParameters dsaParameters = _key.ExportParameters(false);
// Dss-Parms ::= SEQUENCE {
// p INTEGER,
// q INTEGER,
// g INTEGER
// }
byte[] p = EncodeUnsignedInteger(dsaParameters.P);
byte[] q = EncodeUnsignedInteger(dsaParameters.Q);
byte[] g = EncodeUnsignedInteger(dsaParameters.G);
byte[] algParameters =
new byte[] { 0x30 }.
Concat(EncodeLength(p.Length + q.Length + g.Length)).
Concat(p).
Concat(q).
Concat(g).
ToArray();
byte[] keyValue = EncodeUnsignedInteger(dsaParameters.Y);
return(new PublicKey(
oid,
new AsnEncodedData(oid, algParameters),
new AsnEncodedData(oid, keyValue)));
}
private static void VerifyKey_DSA(DSA dsa)
{
DSAParameters dsaParameters = dsa.ExportParameters(false);
byte[] expected_g = (
"859B5AEB351CF8AD3FABAC22AE0350148FD1D55128472691709EC08481584413" +
"E9E5E2F61345043B05D3519D88C021582CCEF808AF8F4B15BD901A310FEFD518" +
"AF90ABA6F85F6563DB47AE214A84D0B7740C9394AA8E3C7BFEF1BEEDD0DAFDA0" +
"79BF75B2AE4EDB7480C18B9CDFA22E68A06C0685785F5CFB09C2B80B1D05431D").HexToByteArray();
byte[] expected_p = (
"871018CC42552D14A5A9286AF283F3CFBA959B8835EC2180511D0DCEB8B97928" +
"5708C800FC10CB15337A4AC1A48ED31394072015A7A6B525986B49E5E1139737" +
"A794833C1AA1E0EAAA7E9D4EFEB1E37A65DBC79F51269BA41E8F0763AA613E29" +
"C81C3B977AEEB3D3C3F6FEB25C270CDCB6AEE8CD205928DFB33C44D2F2DBE819").HexToByteArray();
byte[] expected_q = "E241EDCF37C1C0E20AADB7B4E8FF7AA8FDE4E75D".HexToByteArray();
byte[] expected_y = (
"089A43F439B924BEF3529D8D6206D1FCA56A55CAF52B41D6CE371EBF07BDA132" +
"C8EADC040007FCF4DA06C1F30504EBD8A77D301F5A4702F01F0D2A0707AC1DA3" +
"8DD3251883286E12456234DA62EDA0DF5FE2FA07CD5B16F3638BECCA7786312D" +
"A7D3594A4BB14E353884DA0E9AECB86E3C9BDB66FCA78EA85E1CC3F2F8BF0963").HexToByteArray();
Assert.Equal(expected_g, dsaParameters.G);
Assert.Equal(expected_p, dsaParameters.P);
Assert.Equal(expected_q, dsaParameters.Q);
Assert.Equal(expected_y, dsaParameters.Y);
}
public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, DSA privateKey)
{
ArgumentNullException.ThrowIfNull(certificate);
ArgumentNullException.ThrowIfNull(privateKey);
if (certificate.HasPrivateKey)
{
throw new InvalidOperationException(SR.Cryptography_Cert_AlreadyHasPrivateKey);
}
using (DSA? publicKey = GetDSAPublicKey(certificate))
{
if (publicKey == null)
{
throw new ArgumentException(SR.Cryptography_PrivateKey_WrongAlgorithm);
}
DSAParameters currentParameters = publicKey.ExportParameters(false);
DSAParameters newParameters = privateKey.ExportParameters(false);
if (!currentParameters.G.ContentsEqual(newParameters.G) ||
!currentParameters.P.ContentsEqual(newParameters.P) ||
!currentParameters.Q.ContentsEqual(newParameters.Q) ||
!currentParameters.Y.ContentsEqual(newParameters.Y))
{
throw new ArgumentException(SR.Cryptography_PrivateKey_DoesNotMatch, nameof(privateKey));
}
}
ICertificatePal pal = certificate.Pal.CopyWithPrivateKey(privateKey);
return(new X509Certificate2(pal));
}
public static void AddSigner_DSA_EphemeralKey()
{
using (DSA dsa = DSA.Create())
using (X509Certificate2 publicCertificate = Certificates.Dsa1024.GetCertificate())
using (X509Certificate2 certificateWithKey = Certificates.Dsa1024.TryGetCertificateWithPrivateKey(exportable: true))
{
if (certificateWithKey == null)
{
return;
}
using (DSA privateKey = certificateWithKey.GetDSAPrivateKey())
using (DSA exportableKey = privateKey.MakeExportable())
{
dsa.ImportParameters(exportableKey.ExportParameters(true));
}
using (X509Certificate2 certWithEphemeralKey = publicCertificate.CopyWithPrivateKey(dsa))
{
ContentInfo content = new ContentInfo(new byte[] { 1, 2, 3 });
SignedCms cms = new SignedCms(content, false);
CmsSigner signer = new CmsSigner(certWithEphemeralKey)
{
DigestAlgorithm = new Oid(Oids.Sha1, Oids.Sha1)
};
cms.ComputeSignature(signer);
}
}
}
private static void GenerateKey(Func <DSA, int> getSize)
{
int keySize;
using (DSA dsa = DSAFactory.Create())
{
keySize = getSize(dsa);
}
using (DSA dsa = DSAFactory.Create(keySize))
{
Assert.Equal(keySize, dsa.KeySize);
// Some providers may generate the key in the constructor, but
// all of them should have generated it before answering ExportParameters.
DSAParameters keyParameters = dsa.ExportParameters(false);
DSAImportExport.ValidateParameters(ref keyParameters);
// KeySize should still be what we set it to originally.
Assert.Equal(keySize, dsa.KeySize);
dsa.ImportParameters(keyParameters);
Assert.Equal(keySize, dsa.KeySize);
}
}
public static void FromXmlWrongJ_OK()
{
// No one really reads the J value on import, but xmldsig defined it,
// so we read it.
// This key comes from FIPS-186-2, Appendix 5, Example of the DSA.
// The version in DSATestData does not have the seed or counter supplied.
using (DSA dsa = DSAFactory.Create())
{
dsa.FromXmlString(@"
<DSAKeyValue>
<P>
jfKklEkidqo9JXWbsGhpy+rA2Dr7jQz3y7gyTw14guXQdi/FtyEOr8Lprawyq3qs
SWk9+/g3JMLsBzbuMcgCkQ==
</P>
<Q>x3MhjHN+yO6ZO08t7TD0jtrOkV8=</Q>
<G>
Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
xC6fb0ZLCIzFcq9T5teIAg==
</G>
<Y>
GRMYcddbFhKoGfKdeNGw1zRveqd7tiqFm/1sVnXanSEtOjbvFnLvZguMfCVcwOx0
hY+6M/RMBmmWMKdrAw7jMw==
</Y>
<J>AgRO2deYCHK5/u5+ElWfz2J6fdI2PN/mnjBxceE11r5zt7x/DVqcoWAp2+dR</J>
<Seed>1QFOS2DvK6i2IRtAYroyJOBCfdM=</Seed>
<PgenCounter>aQ==</PgenCounter>
<X>IHCzIj26Ny/eHA/8ey47SYsmBhQ=</X>
</DSAKeyValue>");
DSATestData.GetDSA1024_186_2(out DSAParameters expected, out _, out _);
DSAImportExport.AssertKeyEquals(expected, dsa.ExportParameters(true));
}
}
static public byte[] ToCapiPublicKeyBlob(DSA dsa)
{
DSAParameters p = dsa.ExportParameters(false);
int keyLength = p.P.Length; // in bytes
// header + P + Q + G + Y + count + seed
byte[] blob = new byte [16 + keyLength + 20 + keyLength + keyLength + 4 + 20];
blob [0] = 0x06; // Type - PUBLICKEYBLOB (0x06)
blob [1] = 0x02; // Version - Always CUR_BLOB_VERSION (0x02)
// [2], [3] // RESERVED - Always 0
blob [5] = 0x22; // ALGID
blob [8] = 0x44; // Magic
blob [9] = 0x53;
blob [10] = 0x53;
blob [11] = 0x31;
byte[] bitlen = GetBytesLE(keyLength << 3);
blob [12] = bitlen [0];
blob [13] = bitlen [1];
blob [14] = bitlen [2];
blob [15] = bitlen [3];
int pos = 16;
byte[] part;
part = p.P;
Array.Reverse(part);
Buffer.BlockCopy(part, 0, blob, pos, keyLength);
pos += keyLength;
part = p.Q;
Array.Reverse(part);
Buffer.BlockCopy(part, 0, blob, pos, 20);
pos += 20;
part = p.G;
Array.Reverse(part);
Buffer.BlockCopy(part, 0, blob, pos, keyLength);
pos += keyLength;
part = p.Y;
Array.Reverse(part);
Buffer.BlockCopy(part, 0, blob, pos, keyLength);
pos += keyLength;
Buffer.BlockCopy(GetBytesLE(p.Counter), 0, blob, pos, 4);
pos += 4;
part = p.Seed;
Array.Reverse(part);
Buffer.BlockCopy(part, 0, blob, pos, 20);
return(blob);
}
public static void CreateWithKeysize_BigKeys(int keySizeInBits)
{
using (DSA dsa = DSA.Create(keySizeInBits))
{
Assert.Equal(keySizeInBits, dsa.KeySize);
DSAParameters parameters = dsa.ExportParameters(false);
Assert.Equal(keySizeInBits, parameters.Y.Length << 3);
Assert.Equal(keySizeInBits, dsa.KeySize);
}
}
private static void CreateWithParameters(DSAParameters parameters)
{
DSAParameters exportedPrivate;
using (DSA dsa = DSA.Create(parameters))
{
exportedPrivate = dsa.ExportParameters(true);
}
DSAImportExport.AssertKeyEquals(parameters, exportedPrivate);
}
public static void MultiExport()
{
DSAParameters imported = DSATestData.GetDSA1024Params();
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(imported);
DSAParameters exportedPrivate = dsa.ExportParameters(true);
DSAParameters exportedPrivate2 = dsa.ExportParameters(true);
DSAParameters exportedPublic = dsa.ExportParameters(false);
DSAParameters exportedPublic2 = dsa.ExportParameters(false);
DSAParameters exportedPrivate3 = dsa.ExportParameters(true);
DSAParameters exportedPublic3 = dsa.ExportParameters(false);
AssertKeyEquals(imported, exportedPrivate);
ValidateParameters(ref exportedPublic);
AssertKeyEquals(exportedPrivate, exportedPrivate2);
AssertKeyEquals(exportedPrivate, exportedPrivate3);
AssertKeyEquals(exportedPublic, exportedPublic2);
AssertKeyEquals(exportedPublic, exportedPublic3);
}
}
public void ImportExportWithoutJ()
{
DSA d = DSA.Create();
DSAParameters input = AllTests.GetKey(false);
input.J = null;
// J is calculated (usually pre-calculated)
d.ImportParameters(input);
input = d.ExportParameters(false);
// if J isn't imported, then it's not exportable and not part of the xml
Assert.IsNull(input.J, "exported-J");
Assert.AreEqual("<DSAKeyValue><P>s/Oc0t4gj0NRqkCKi4ynJnOAEukNhjkHJPOzNsHP69kyHMUwZ3AzOkLGYOWlOo2zlYKzSbZygDDI5dCWA5gQF2ZGHEUlWJMgUyHmkybOi44cyHaX9yeGfbnoc3xF9sYgkA3vPUZaJuYMOsBp3pyPdeN8/mLU8n0ivURyP+3Ge9M=</P><Q>qkcTW+Ce0L5k8OGTUMkRoGKDc1E=</Q><G>PU/MeGp6I/FBduuwD9UPeCFzg8Ib9H5osku5nT8AhHTY8zGqetuvHhxbESt4lLz8aXzX0oIiMsusBr6E/aBdooBI36fHwW8WndCmwkB1kv7mhRIB4302UrfvC2KWQuBypfl0++a1whBMCh5VTJYH1sBkFIaVNeUbt5Q6/UdiZVY=</G><Y>shJRUdGxEYxSKM5JVol9HAdQwIK+wF9X4n9SAD++vfZOMOYi+M1yuvQAlQvnSlTTWr7CZPRVAICLgDBbqi9iN+Id60ccJ+hw3pGDfLpJ7IdFPszJEeUO+SZBwf8njGXULqSODs/NTciiX7E07rm+KflxFOg0qtWAhmYLxIkDx7s=</Y><Seed>uYM5b20luvbuyevi9TXHwekbr5s=</Seed><PgenCounter>4A==</PgenCounter></DSAKeyValue>", d.ToXmlString(false), "xml");
}
static void GetAsymmetricKeyParameters(DSA dsa, bool publicOnly, out AsymmetricKeyParameter pub, out AsymmetricKeyParameter key)
{
var dp = dsa.ExportParameters(!publicOnly);
var validationParameters = dp.Seed != null ? new DsaValidationParameters(dp.Seed, dp.Counter) : null;
var parameters = new DsaParameters(
new BigInteger(1, dp.P),
new BigInteger(1, dp.Q),
new BigInteger(1, dp.G),
validationParameters);
pub = new DsaPublicKeyParameters(new BigInteger(1, dp.Y), parameters);
key = publicOnly ? null : new DsaPrivateKeyParameters(new BigInteger(1, dp.X), parameters);
}
public static void ExportAfterDispose(bool importKey)
{
DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(1024);
byte[] hash = new byte[20];
// Ensure that the key got created, and then Dispose it.
using (key)
{
try
{
key.CreateSignature(hash);
}
catch (PlatformNotSupportedException) when(!SupportsKeyGeneration)
{
}
}
Assert.Throws <ObjectDisposedException>(() => key.ExportParameters(false));
Assert.Throws <ObjectDisposedException>(() => key.ExportParameters(true));
Assert.Throws <ObjectDisposedException>(() => key.ImportParameters(DSATestData.GetDSA1024Params()));
}
internal override XmlElement GetXml(XmlDocument xmlDocument)
{
DSAParameters dsaParams = _key.ExportParameters(false);
XmlElement keyValueElement = xmlDocument.CreateElement(KeyValueElementName, SignedXml.XmlDsigNamespaceUrl);
XmlElement dsaKeyValueElement = xmlDocument.CreateElement(DSAKeyValueElementName, SignedXml.XmlDsigNamespaceUrl);
XmlElement pElement = xmlDocument.CreateElement(PElementName, SignedXml.XmlDsigNamespaceUrl);
pElement.AppendChild(xmlDocument.CreateTextNode(Convert.ToBase64String(dsaParams.P)));
dsaKeyValueElement.AppendChild(pElement);
XmlElement qElement = xmlDocument.CreateElement(QElementName, SignedXml.XmlDsigNamespaceUrl);
qElement.AppendChild(xmlDocument.CreateTextNode(Convert.ToBase64String(dsaParams.Q)));
dsaKeyValueElement.AppendChild(qElement);
XmlElement gElement = xmlDocument.CreateElement(GElementName, SignedXml.XmlDsigNamespaceUrl);
gElement.AppendChild(xmlDocument.CreateTextNode(Convert.ToBase64String(dsaParams.G)));
dsaKeyValueElement.AppendChild(gElement);
XmlElement yElement = xmlDocument.CreateElement(YElementName, SignedXml.XmlDsigNamespaceUrl);
yElement.AppendChild(xmlDocument.CreateTextNode(Convert.ToBase64String(dsaParams.Y)));
dsaKeyValueElement.AppendChild(yElement);
// Add optional components if present
if (dsaParams.J != null)
{
XmlElement jElement = xmlDocument.CreateElement(JElementName, SignedXml.XmlDsigNamespaceUrl);
jElement.AppendChild(xmlDocument.CreateTextNode(Convert.ToBase64String(dsaParams.J)));
dsaKeyValueElement.AppendChild(jElement);
}
if (dsaParams.Seed != null)
{ // note we assume counter is correct if Seed is present
XmlElement seedElement = xmlDocument.CreateElement(SeedElementName, SignedXml.XmlDsigNamespaceUrl);
seedElement.AppendChild(xmlDocument.CreateTextNode(Convert.ToBase64String(dsaParams.Seed)));
dsaKeyValueElement.AppendChild(seedElement);
XmlElement counterElement = xmlDocument.CreateElement(PgenCounterElementName, SignedXml.XmlDsigNamespaceUrl);
counterElement.AppendChild(xmlDocument.CreateTextNode(Convert.ToBase64String(Utils.ConvertIntToByteArray(dsaParams.Counter))));
dsaKeyValueElement.AppendChild(counterElement);
}
keyValueElement.AppendChild(dsaKeyValueElement);
return(keyValueElement);
}
public static void FromXmlWrongCounter_SometimesOK()
{
// DSACryptoServiceProvider doesn't check this error state, DSACng does.
//
// So, either the import gets rejected (because the counter value should be 105,
// but says 106) and throws a CryptographicException derivitive, or it succeeds,
// and exports the correct key material.
// This key comes from FIPS-186-2, Appendix 5, Example of the DSA.
// The version in DSATestData does not have the seed or counter supplied.
using (DSA dsa = DSAFactory.Create())
{
bool checkKey = true;
try
{
dsa.FromXmlString(@"
<DSAKeyValue>
<P>
jfKklEkidqo9JXWbsGhpy+rA2Dr7jQz3y7gyTw14guXQdi/FtyEOr8Lprawyq3qs
SWk9+/g3JMLsBzbuMcgCkQ==
</P>
<Q>x3MhjHN+yO6ZO08t7TD0jtrOkV8=</Q>
<G>
Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
xC6fb0ZLCIzFcq9T5teIAg==
</G>
<Y>
GRMYcddbFhKoGfKdeNGw1zRveqd7tiqFm/1sVnXanSEtOjbvFnLvZguMfCVcwOx0
hY+6M/RMBmmWMKdrAw7jMw==
</Y>
<J>AgRO2deYCHK5/u5+ElWfz2J6fdI2PN/mnjBxceE11r5zt7x/DVqcoWAp2+dr</J>
<Seed>1QFOS2DvK6i2IRtAYroyJOBCfdM=</Seed>
<PgenCounter>ag==</PgenCounter>
<X>IHCzIj26Ny/eHA/8ey47SYsmBhQ=</X>
</DSAKeyValue>");
}
catch (CryptographicException)
{
checkKey = false;
}
if (checkKey)
{
DSATestData.GetDSA1024_186_2(out DSAParameters expected, out _, out _);
DSAImportExport.AssertKeyEquals(expected, dsa.ExportParameters(true));
}
}
}
static AsymmetricCipherKeyPair GetBouncyCastleDsaKeyPair(DSA dsa)
{
var dp = dsa.ExportParameters(true);
var validationParameters = dp.Seed != null ?
new DsaValidationParameters(dp.Seed, dp.Counter) : null;
var parameters = new DsaParameters(
new BigInteger(1, dp.P),
new BigInteger(1, dp.Q),
new BigInteger(1, dp.G),
validationParameters);
var pubKey = new DsaPublicKeyParameters(new BigInteger(1, dp.Y), parameters);
var privKey = new DsaPrivateKeyParameters(new BigInteger(1, dp.X), parameters);
return(new AsymmetricCipherKeyPair(pubKey, privKey));
}
public static byte[] ToCapiPublicKeyBlob(DSA dsa)
{
DSAParameters dsaParameters = dsa.ExportParameters(false);
int length = dsaParameters.P.Length;
byte[] numArray = new byte[16 + length + 20 + length + length + 4 + 20];
numArray[0] = (byte)6;
numArray[1] = (byte)2;
numArray[5] = (byte)34;
numArray[8] = (byte)68;
numArray[9] = (byte)83;
numArray[10] = (byte)83;
numArray[11] = (byte)49;
byte[] bytesLe = CryptoConvert.GetBytesLE(length << 3);
numArray[12] = bytesLe[0];
numArray[13] = bytesLe[1];
numArray[14] = bytesLe[2];
numArray[15] = bytesLe[3];
int dstOffset1 = 16;
byte[] p = dsaParameters.P;
Array.Reverse((Array)p);
Buffer.BlockCopy((Array)p, 0, (Array)numArray, dstOffset1, length);
int dstOffset2 = dstOffset1 + length;
byte[] q = dsaParameters.Q;
Array.Reverse((Array)q);
Buffer.BlockCopy((Array)q, 0, (Array)numArray, dstOffset2, 20);
int dstOffset3 = dstOffset2 + 20;
byte[] g = dsaParameters.G;
Array.Reverse((Array)g);
Buffer.BlockCopy((Array)g, 0, (Array)numArray, dstOffset3, length);
int dstOffset4 = dstOffset3 + length;
byte[] y = dsaParameters.Y;
Array.Reverse((Array)y);
Buffer.BlockCopy((Array)y, 0, (Array)numArray, dstOffset4, length);
int dstOffset5 = dstOffset4 + length;
Buffer.BlockCopy((Array)CryptoConvert.GetBytesLE(dsaParameters.Counter), 0, (Array)numArray, dstOffset5, 4);
int dstOffset6 = dstOffset5 + 4;
byte[] seed = dsaParameters.Seed;
Array.Reverse((Array)seed);
Buffer.BlockCopy((Array)seed, 0, (Array)numArray, dstOffset6, 20);
return(numArray);
}
public static void ImportRoundTrip(bool includePrivate)
{
DSAParameters imported = DSATestData.GetDSA1024Params();
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(imported);
DSAParameters exported = dsa.ExportParameters(includePrivate);
using (DSA dsa2 = DSAFactory.Create())
{
dsa2.ImportParameters(exported);
DSAParameters exported2 = dsa2.ExportParameters(includePrivate);
AssertKeyEquals(in exported, in exported2);
}
}
}
internal override bool VerifySignature(
ReadOnlySpan <byte> valueHash,
ReadOnlyMemory <byte> signature,
string digestAlgorithmOid,
HashAlgorithmName digestAlgorithmName,
ReadOnlyMemory <byte>?signatureParameters,
X509Certificate2 certificate)
{
if (_expectedDigest != digestAlgorithmName)
{
throw new CryptographicException(
SR.Format(
SR.Cryptography_Cms_InvalidSignerHashForSignatureAlg,
digestAlgorithmOid,
_signatureAlgorithm));
}
DSA dsa = certificate.GetDSAPublicKey();
if (dsa == null)
{
return(false);
}
DSAParameters dsaParameters = dsa.ExportParameters(false);
int bufSize = 2 * dsaParameters.Q.Length;
ArrayPool <byte> pool = ArrayPool <byte> .Shared;
byte[] rented = pool.Rent(bufSize);
Span <byte> ieee = new Span <byte>(rented, 0, bufSize);
try
{
if (!DsaDerToIeee(signature, ieee))
{
return(false);
}
return(dsa.VerifySignature(valueHash, ieee));
}
finally
{
ieee.Clear();
pool.Return(rented);
}
}
public ICertificatePal CopyWithPrivateKey(DSA privateKey)
{
DSAOpenSsl typedKey = privateKey as DSAOpenSsl;
if (typedKey != null)
{
return(CopyWithPrivateKey((SafeEvpPKeyHandle)typedKey.DuplicateKeyHandle()));
}
DSAParameters dsaParameters = privateKey.ExportParameters(true);
using (PinAndClear.Track(dsaParameters.X))
using (typedKey = new DSAOpenSsl(dsaParameters))
{
return(CopyWithPrivateKey((SafeEvpPKeyHandle)typedKey.DuplicateKeyHandle()));
}
}
public ICertificatePal CopyWithPrivateKey(DSA privateKey)
{
var typedKey = privateKey as DSAImplementation.DSASecurityTransforms;
if (typedKey != null)
{
return(CopyWithPrivateKey(typedKey.GetKeys()));
}
DSAParameters dsaParameters = privateKey.ExportParameters(true);
using (PinAndClear.Track(dsaParameters.X))
using (typedKey = new DSAImplementation.DSASecurityTransforms())
{
typedKey.ImportParameters(dsaParameters);
return(CopyWithPrivateKey(typedKey.GetKeys()));
}
}
public static void ImportFromPem_Pkcs8UnEncrypted_Simple()
{
using (DSA dsa = DSAFactory.Create())
{
string pem = @"
-----BEGIN PRIVATE KEY-----
MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN
IHRnQNgv4U4UY2NifZGSUULc3uOEvgoeBO1b9fRxSG9NmG1CoufflQIVAPq19iXV
1eFkMKHvYw6+M4l8wiT5AkAIRMSQ5S71jgWQLGNtZNHV6yxggqDU87/RzgeOh7Q6
fve77OGaTv4qbZwinTYAg86p9yHzmwW6+XBS3vxnpYorBBYCFC49eoTIW2Z4Xh9v
55aYKyKwy5i8
-----END PRIVATE KEY-----";
dsa.ImportFromPem(pem);
DSAParameters dsaParameters = dsa.ExportParameters(true);
DSAImportExport.AssertKeyEquals(DSATestData.Dsa512Parameters, dsaParameters);
}
}
public static byte[] ToCapiPublicKeyBlob(DSA dsa)
{
DSAParameters dsaparameters = dsa.ExportParameters(false);
int num = dsaparameters.P.Length;
byte[] array = new byte[16 + num + 20 + num + num + 4 + 20];
array[0] = 6;
array[1] = 2;
array[5] = 34;
array[8] = 68;
array[9] = 83;
array[10] = 83;
array[11] = 49;
byte[] bytesLE = CryptoConvert.GetBytesLE(num << 3);
array[12] = bytesLE[0];
array[13] = bytesLE[1];
array[14] = bytesLE[2];
array[15] = bytesLE[3];
int num2 = 16;
byte[] array2 = dsaparameters.P;
Array.Reverse(array2);
Buffer.BlockCopy(array2, 0, array, num2, num);
num2 += num;
array2 = dsaparameters.Q;
Array.Reverse(array2);
Buffer.BlockCopy(array2, 0, array, num2, 20);
num2 += 20;
array2 = dsaparameters.G;
Array.Reverse(array2);
Buffer.BlockCopy(array2, 0, array, num2, num);
num2 += num;
array2 = dsaparameters.Y;
Array.Reverse(array2);
Buffer.BlockCopy(array2, 0, array, num2, num);
num2 += num;
Buffer.BlockCopy(CryptoConvert.GetBytesLE(dsaparameters.Counter), 0, array, num2, 4);
num2 += 4;
array2 = dsaparameters.Seed;
Array.Reverse(array2);
Buffer.BlockCopy(array2, 0, array, num2, 20);
return(array);
}
private static void VerifyKey_DSA(DSA dsa)
{
DSAParameters dsaParameters = dsa.ExportParameters(false);
byte[] expected_g = (
"859B5AEB351CF8AD3FABAC22AE0350148FD1D55128472691709EC08481584413" +
"E9E5E2F61345043B05D3519D88C021582CCEF808AF8F4B15BD901A310FEFD518" +
"AF90ABA6F85F6563DB47AE214A84D0B7740C9394AA8E3C7BFEF1BEEDD0DAFDA0" +
"79BF75B2AE4EDB7480C18B9CDFA22E68A06C0685785F5CFB09C2B80B1D05431D").HexToByteArray();
byte[] expected_p = (
"871018CC42552D14A5A9286AF283F3CFBA959B8835EC2180511D0DCEB8B97928" +
"5708C800FC10CB15337A4AC1A48ED31394072015A7A6B525986B49E5E1139737" +
"A794833C1AA1E0EAAA7E9D4EFEB1E37A65DBC79F51269BA41E8F0763AA613E29" +
"C81C3B977AEEB3D3C3F6FEB25C270CDCB6AEE8CD205928DFB33C44D2F2DBE819").HexToByteArray();
byte[] expected_q = "E241EDCF37C1C0E20AADB7B4E8FF7AA8FDE4E75D".HexToByteArray();
byte[] expected_y = (
"089A43F439B924BEF3529D8D6206D1FCA56A55CAF52B41D6CE371EBF07BDA132" +
"C8EADC040007FCF4DA06C1F30504EBD8A77D301F5A4702F01F0D2A0707AC1DA3" +
"8DD3251883286E12456234DA62EDA0DF5FE2FA07CD5B16F3638BECCA7786312D" +
"A7D3594A4BB14E353884DA0E9AECB86E3C9BDB66FCA78EA85E1CC3F2F8BF0963").HexToByteArray();
Assert.Equal(expected_g, dsaParameters.G);
Assert.Equal(expected_p, dsaParameters.P);
Assert.Equal(expected_q, dsaParameters.Q);
Assert.Equal(expected_y, dsaParameters.Y);
}
