public SimpleTestResult EncodeRecodePublicKey()
{
DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid("Tc26-Gost-3410-12-512-paramSetA");
ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid));
ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, null);
ECKeyGenerationParameters paramameters = new ECKeyGenerationParameters(gostParams, new SecureRandom());
ECKeyPairGenerator engine = new ECKeyPairGenerator();
engine.Init(paramameters);
AsymmetricCipherKeyPair pair = engine.GenerateKeyPair();
ECPublicKeyParameters generatedKeyParameters = (ECPublicKeyParameters)pair.Public;
ECPublicKeyParameters keyParameters = generatedKeyParameters;
//
// Continuously encode/decode the key and check for loss of information.
//
for (int t = 0; t < 3; t++)
{
SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyParameters);
keyParameters = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(info);
{ // Specifically cast and test gost parameters.
ECGOST3410Parameters gParam = (ECGOST3410Parameters)generatedKeyParameters.Parameters;
ECGOST3410Parameters rParam = (ECGOST3410Parameters)keyParameters.Parameters;
bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) &&
SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) &&
SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet);
if (!ok)
{
return(new SimpleTestResult(false, "GOST parameters does not match"));
}
}
if (!((ECGOST3410Parameters)keyParameters.Parameters).Name.Equals(
((ECGOST3410Parameters)generatedKeyParameters.Parameters).Name))
{
return(new SimpleTestResult(false, "Name does not match"));
}
if (keyParameters.IsPrivate != generatedKeyParameters.IsPrivate)
{
return(new SimpleTestResult(false, "isPrivate does not match"));
}
if (!Arrays.AreEqual(keyParameters.Q.GetEncoded(true), generatedKeyParameters.Q.GetEncoded(true)))
{
return(new SimpleTestResult(false, "Q does not match"));
}
if (!keyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve))
{
return(new SimpleTestResult(false, "Curve does not match"));
}
if (!Arrays.AreEqual(
keyParameters.Parameters.G.GetEncoded(true),
generatedKeyParameters.Parameters.G.GetEncoded(true)))
{
return(new SimpleTestResult(false, "G does not match"));
}
if (!keyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H))
{
return(new SimpleTestResult(false, "H does not match"));
}
if (!keyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv))
{
return(new SimpleTestResult(false, "Hinv does not match"));
}
if (!keyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N))
{
return(new SimpleTestResult(false, "N does not match"));
}
if (!Arrays.AreEqual(keyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed()))
{
return(new SimpleTestResult(false, "Seed does not match"));
}
}
return(new SimpleTestResult(true, null));
}
public SimpleTestResult EncodeDecodePublicLW(string oidStr, DerObjectIdentifier digest)
{
DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid(oidStr);
ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid));
ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid, digest, null);
ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom());
ECKeyPairGenerator engine = new ECKeyPairGenerator();
engine.Init(parameters);
AsymmetricCipherKeyPair pair = engine.GenerateKeyPair();
ECPublicKeyParameters generatedKeyParameters = (ECPublicKeyParameters)pair.Public;
SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(generatedKeyParameters);
ECPublicKeyParameters recoveredKeyParameters = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(info);
{ // Specifically cast and test gost parameters.
ECGOST3410Parameters gParam = (ECGOST3410Parameters)generatedKeyParameters.Parameters;
ECGOST3410Parameters rParam = (ECGOST3410Parameters)recoveredKeyParameters.Parameters;
bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) &&
SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) &&
SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet);
if (!ok)
{
return(new SimpleTestResult(false, "GOST parameters does not match"));
}
}
if (!((ECGOST3410Parameters)recoveredKeyParameters.Parameters).Name.Equals(
((ECGOST3410Parameters)generatedKeyParameters.Parameters).Name))
{
return(new SimpleTestResult(false, "Name does not match"));
}
if (recoveredKeyParameters.IsPrivate != generatedKeyParameters.IsPrivate)
{
return(new SimpleTestResult(false, "isPrivate does not match"));
}
if (!Arrays.AreEqual(recoveredKeyParameters.Q.GetEncoded(true), generatedKeyParameters.Q.GetEncoded(true)))
{
return(new SimpleTestResult(false, "Q does not match"));
}
if (!recoveredKeyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve))
{
return(new SimpleTestResult(false, "Curve does not match"));
}
if (!Arrays.AreEqual(
recoveredKeyParameters.Parameters.G.GetEncoded(true),
generatedKeyParameters.Parameters.G.GetEncoded(true)))
{
return(new SimpleTestResult(false, "G does not match"));
}
if (!recoveredKeyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H))
{
return(new SimpleTestResult(false, "H does not match"));
}
if (!recoveredKeyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv))
{
return(new SimpleTestResult(false, "Hinv does not match"));
}
if (!recoveredKeyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N))
{
return(new SimpleTestResult(false, "N does not match"));
}
if (!Arrays.AreEqual(recoveredKeyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed()))
{
return(new SimpleTestResult(false, "Seed does not match"));
}
return(new SimpleTestResult(true, null));
}
public void EcGOST34102012256Test()
{
BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395");
BigInteger s = new BigInteger("574973400270084654178925310019147038455227042649098563933718999175515839552");
BigInteger e = new BigInteger("20798893674476452017134061561508270130637142515379653289952617252661468872421");
byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395"));
SecureRandom k = new TestRandomBigInteger(kData);
BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041");
BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619");
ECCurve curve = new FpCurve(
mod_p,
new BigInteger("7"), // a
new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b
mod_q, BigInteger.One);
ECDomainParameters spec = new ECDomainParameters(curve,
curve.CreatePoint(
new BigInteger("2"), // x
new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y
mod_q, BigInteger.One);
ECPrivateKeyParameters privateKey = new ECPrivateKeyParameters(
new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d
spec);
ECPublicKeyParameters publicKey = new ECPublicKeyParameters(curve.CreatePoint(
new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"), // x
new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994")), // y
spec);
ECGOST3410_2012Signer signer = new ECGOST3410_2012Signer();
signer.Init(true, new ParametersWithRandom(privateKey, k));
byte[] rev = e.ToByteArray();
byte[] message = new byte[rev.Length];
for (int i = 0; i != rev.Length; i++)
{
message[i] = rev[rev.Length - 1 - i];
}
BigInteger[] sig = signer.GenerateSignature(message);
signer.Init(false, publicKey);
if (!signer.VerifySignature(message, sig[0], sig[1]))
{
Fail("ECGOST3410 2012 verification failed");
}
if (!r.Equals(sig[0]))
{
Fail(
": r component wrong." + Environment.NewLine
+ " expecting: " + r + Environment.NewLine
+ " got : " + sig[0]);
}
if (!s.Equals(sig[1]))
{
Fail(
": s component wrong." + Environment.NewLine
+ " expecting: " + s + Environment.NewLine
+ " got : " + sig[1]);
}
// 256Bit
{
DerObjectIdentifier oid = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA;
ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid));
ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid,
RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256, null);
ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom());
ECKeyPairGenerator engine = new ECKeyPairGenerator();
engine.Init(parameters);
AsymmetricCipherKeyPair pair = engine.GenerateKeyPair();
SignatureGost12Test("ECGOST3410-2012-256", 64, pair);
}
// 512Bit
{
DerObjectIdentifier oid = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA;
ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid));
ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid,
RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, null);
ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom());
ECKeyPairGenerator engine = new ECKeyPairGenerator();
engine.Init(parameters);
AsymmetricCipherKeyPair pair = engine.GenerateKeyPair();
SignatureGost12Test("ECGOST3410-2012-512", 128, pair);
}
}
/**
* Create a PrivateKeyInfo representation of a private key with attributes.
*
* @param privateKey the key to be encoded into the info object.
* @param attributes the set of attributes to be included.
* @return the appropriate PrivateKeyInfo
* @throws java.io.IOException on an error encoding the key
*/
public static PrivateKeyInfo CreatePrivateKeyInfo(AsymmetricKeyParameter privateKey, Asn1Set attributes)
{
if (privateKey == null)
{
throw new ArgumentNullException("privateKey");
}
if (!privateKey.IsPrivate)
{
throw new ArgumentException("Public key passed - private key expected", "privateKey");
}
if (privateKey is ElGamalPrivateKeyParameters)
{
ElGamalPrivateKeyParameters _key = (ElGamalPrivateKeyParameters)privateKey;
ElGamalParameters egp = _key.Parameters;
return(new PrivateKeyInfo(
new AlgorithmIdentifier(OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(egp.P, egp.G).ToAsn1Object()),
new DerInteger(_key.X),
attributes));
}
if (privateKey is DsaPrivateKeyParameters)
{
DsaPrivateKeyParameters _key = (DsaPrivateKeyParameters)privateKey;
DsaParameters dp = _key.Parameters;
return(new PrivateKeyInfo(
new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, new DsaParameter(dp.P, dp.Q, dp.G).ToAsn1Object()),
new DerInteger(_key.X),
attributes));
}
if (privateKey is DHPrivateKeyParameters)
{
DHPrivateKeyParameters _key = (DHPrivateKeyParameters)privateKey;
DHParameter p = new DHParameter(
_key.Parameters.P, _key.Parameters.G, _key.Parameters.L);
return(new PrivateKeyInfo(
new AlgorithmIdentifier(_key.AlgorithmOid, p.ToAsn1Object()),
new DerInteger(_key.X),
attributes));
}
if (privateKey is RsaKeyParameters)
{
AlgorithmIdentifier algID = new AlgorithmIdentifier(
PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance);
RsaPrivateKeyStructure keyStruct;
if (privateKey is RsaPrivateCrtKeyParameters)
{
RsaPrivateCrtKeyParameters _key = (RsaPrivateCrtKeyParameters)privateKey;
keyStruct = new RsaPrivateKeyStructure(
_key.Modulus,
_key.PublicExponent,
_key.Exponent,
_key.P,
_key.Q,
_key.DP,
_key.DQ,
_key.QInv);
}
else
{
RsaKeyParameters _key = (RsaKeyParameters)privateKey;
keyStruct = new RsaPrivateKeyStructure(
_key.Modulus,
BigInteger.Zero,
_key.Exponent,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero);
}
return(new PrivateKeyInfo(algID, keyStruct.ToAsn1Object(), attributes));
}
if (privateKey is ECPrivateKeyParameters)
{
ECPrivateKeyParameters priv = (ECPrivateKeyParameters)privateKey;
DerBitString publicKey = new DerBitString(ECKeyPairGenerator.GetCorrespondingPublicKey(priv).Q.GetEncoded(false));
ECDomainParameters dp = priv.Parameters;
// ECGOST3410
if (dp is ECGOST3410Parameters)
{
ECGOST3410Parameters domainParameters = (ECGOST3410Parameters)dp;
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
(domainParameters).PublicKeyParamSet,
(domainParameters).DigestParamSet,
(domainParameters).EncryptionParamSet);
bool is512 = priv.D.BitLength > 256;
DerObjectIdentifier identifier = (is512) ?
RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512 :
RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
int size = (is512) ? 64 : 32;
byte[] encKey = new byte[size];
ExtractBytes(encKey, size, 0, priv.D);
return(new PrivateKeyInfo(new AlgorithmIdentifier(identifier, gostParams), new DerOctetString(encKey)));
}
int orderBitLength = dp.N.BitLength;
AlgorithmIdentifier algID;
ECPrivateKeyStructure ec;
if (priv.AlgorithmName == "ECGOST3410")
{
if (priv.PublicKeyParamSet == null)
{
throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
priv.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
algID = new AlgorithmIdentifier(CryptoProObjectIdentifiers.GostR3410x2001, gostParams);
// TODO Do we need to pass any parameters here?
ec = new ECPrivateKeyStructure(orderBitLength, priv.D, publicKey, null);
}
else
{
X962Parameters x962;
if (priv.PublicKeyParamSet == null)
{
X9ECParameters ecP = new X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed());
x962 = new X962Parameters(ecP);
}
else
{
x962 = new X962Parameters(priv.PublicKeyParamSet);
}
ec = new ECPrivateKeyStructure(orderBitLength, priv.D, publicKey, x962);
algID = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, x962);
}
return(new PrivateKeyInfo(algID, ec, attributes));
}
if (privateKey is Gost3410PrivateKeyParameters)
{
Gost3410PrivateKeyParameters _key = (Gost3410PrivateKeyParameters)privateKey;
if (_key.PublicKeyParamSet == null)
{
throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
byte[] keyEnc = _key.X.ToByteArrayUnsigned();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyBytes.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian
}
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
_key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet, null);
AlgorithmIdentifier algID = new AlgorithmIdentifier(
CryptoProObjectIdentifiers.GostR3410x94,
algParams.ToAsn1Object());
return(new PrivateKeyInfo(algID, new DerOctetString(keyBytes), attributes));
}
if (privateKey is X448PrivateKeyParameters)
{
X448PrivateKeyParameters key = (X448PrivateKeyParameters)privateKey;
return(new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448),
new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()));
}
if (privateKey is X25519PrivateKeyParameters)
{
X25519PrivateKeyParameters key = (X25519PrivateKeyParameters)privateKey;
return(new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519),
new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()));
}
if (privateKey is Ed448PrivateKeyParameters)
{
Ed448PrivateKeyParameters key = (Ed448PrivateKeyParameters)privateKey;
return(new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448),
new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()));
}
if (privateKey is Ed25519PrivateKeyParameters)
{
Ed25519PrivateKeyParameters key = (Ed25519PrivateKeyParameters)privateKey;
return(new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519),
new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()));
}
throw new ArgumentException("Class provided is not convertible: " + Platform.GetTypeName(privateKey));
}
/// <summary>
/// Create a Subject Public Key Info object for a given public key.
/// </summary>
/// <param name="publicKey">One of ElGammalPublicKeyParameters, DSAPublicKeyParameter, DHPublicKeyParameters, RsaKeyParameters or ECPublicKeyParameters</param>
/// <returns>A subject public key info object.</returns>
/// <exception cref="Exception">Throw exception if object provided is not one of the above.</exception>
public static SubjectPublicKeyInfo CreateSubjectPublicKeyInfo(
AsymmetricKeyParameter publicKey)
{
if (publicKey == null)
{
throw new ArgumentNullException("publicKey");
}
if (publicKey.IsPrivate)
{
throw new ArgumentException("Private key passed - public key expected.", "publicKey");
}
if (publicKey is ElGamalPublicKeyParameters)
{
ElGamalPublicKeyParameters _key = (ElGamalPublicKeyParameters)publicKey;
ElGamalParameters kp = _key.Parameters;
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
new AlgorithmIdentifier(
OiwObjectIdentifiers.ElGamalAlgorithm,
new ElGamalParameter(kp.P, kp.G).ToAsn1Object()),
new DerInteger(_key.Y));
return(info);
}
if (publicKey is DsaPublicKeyParameters)
{
DsaPublicKeyParameters _key = (DsaPublicKeyParameters)publicKey;
DsaParameters kp = _key.Parameters;
Asn1Encodable ae = kp == null
? null
: new DsaParameter(kp.P, kp.Q, kp.G).ToAsn1Object();
return(new SubjectPublicKeyInfo(
new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, ae),
new DerInteger(_key.Y)));
}
if (publicKey is DHPublicKeyParameters)
{
DHPublicKeyParameters _key = (DHPublicKeyParameters)publicKey;
DHParameters kp = _key.Parameters;
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
new AlgorithmIdentifier(
_key.AlgorithmOid,
new DHParameter(kp.P, kp.G, kp.L).ToAsn1Object()),
new DerInteger(_key.Y));
return(info);
} // End of DH
if (publicKey is RsaKeyParameters)
{
RsaKeyParameters _key = (RsaKeyParameters)publicKey;
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance),
new RsaPublicKeyStructure(_key.Modulus, _key.Exponent).ToAsn1Object());
return(info);
} // End of RSA.
if (publicKey is ECPublicKeyParameters)
{
ECPublicKeyParameters _key = (ECPublicKeyParameters)publicKey;
if (_key.Parameters is ECGOST3410Parameters)
{
ECGOST3410Parameters gostParams = (ECGOST3410Parameters)_key.Parameters;
BigInteger bX = _key.Q.AffineXCoord.ToBigInteger();
BigInteger bY = _key.Q.AffineYCoord.ToBigInteger();
bool is512 = (bX.BitLength > 256);
Gost3410PublicKeyAlgParameters parameters = new Gost3410PublicKeyAlgParameters(
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
int encKeySize;
int offset;
DerObjectIdentifier algIdentifier;
if (is512)
{
encKeySize = 128;
offset = 64;
algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512;
}
else
{
encKeySize = 64;
offset = 32;
algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
}
byte[] encKey = new byte[encKeySize];
ExtractBytes(encKey, encKeySize / 2, 0, bX);
ExtractBytes(encKey, encKeySize / 2, offset, bY);
return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(algIdentifier, parameters), new DerOctetString(encKey)));
} // End of ECGOST3410_2012
if (_key.AlgorithmName == "ECGOST3410")
{
if (_key.PublicKeyParamSet == null)
{
throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
ECPoint q = _key.Q.Normalize();
BigInteger bX = q.AffineXCoord.ToBigInteger();
BigInteger bY = q.AffineYCoord.ToBigInteger();
byte[] encKey = new byte[64];
ExtractBytes(encKey, 0, bX);
ExtractBytes(encKey, 32, bY);
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
_key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
AlgorithmIdentifier algID = new AlgorithmIdentifier(
CryptoProObjectIdentifiers.GostR3410x2001,
gostParams.ToAsn1Object());
return(new SubjectPublicKeyInfo(algID, new DerOctetString(encKey)));
}
else
{
X962Parameters x962;
if (_key.PublicKeyParamSet == null)
{
ECDomainParameters kp = _key.Parameters;
X9ECParameters ecP = new X9ECParameters(kp.Curve, kp.G, kp.N, kp.H, kp.GetSeed());
x962 = new X962Parameters(ecP);
}
else
{
x962 = new X962Parameters(_key.PublicKeyParamSet);
}
byte[] pubKey = _key.Q.GetEncoded(false);
AlgorithmIdentifier algID = new AlgorithmIdentifier(
X9ObjectIdentifiers.IdECPublicKey, x962.ToAsn1Object());
return(new SubjectPublicKeyInfo(algID, pubKey));
}
} // End of EC
if (publicKey is Gost3410PublicKeyParameters)
{
Gost3410PublicKeyParameters _key = (Gost3410PublicKeyParameters)publicKey;
if (_key.PublicKeyParamSet == null)
{
throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
byte[] keyEnc = _key.Y.ToByteArrayUnsigned();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyBytes.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian
}
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
_key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
AlgorithmIdentifier algID = new AlgorithmIdentifier(
CryptoProObjectIdentifiers.GostR3410x94,
algParams.ToAsn1Object());
return(new SubjectPublicKeyInfo(algID, new DerOctetString(keyBytes)));
}
if (publicKey is X448PublicKeyParameters)
{
X448PublicKeyParameters key = (X448PublicKeyParameters)publicKey;
return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448), key.GetEncoded()));
}
if (publicKey is X25519PublicKeyParameters)
{
X25519PublicKeyParameters key = (X25519PublicKeyParameters)publicKey;
return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), key.GetEncoded()));
}
if (publicKey is Ed448PublicKeyParameters)
{
Ed448PublicKeyParameters key = (Ed448PublicKeyParameters)publicKey;
return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448), key.GetEncoded()));
}
if (publicKey is Ed25519PublicKeyParameters)
{
Ed25519PublicKeyParameters key = (Ed25519PublicKeyParameters)publicKey;
return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519), key.GetEncoded()));
}
throw new ArgumentException("Class provided no convertible: " + Platform.GetTypeName(publicKey));
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(
keyInfo.GetPublicKey());
return(new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent));
}
else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
DHPublicKey dhPublicKey = DHPublicKey.GetInstance(keyInfo.GetPublicKey());
BigInteger y = dhPublicKey.Y.Value;
if (IsPkcsDHParam(seq))
{
return(ReadPkcsDHParam(algOid, y, seq));
}
DHDomainParameters dhParams = DHDomainParameters.GetInstance(seq);
BigInteger p = dhParams.P.Value;
BigInteger g = dhParams.G.Value;
BigInteger q = dhParams.Q.Value;
BigInteger j = null;
if (dhParams.J != null)
{
j = dhParams.J.Value;
}
DHValidationParameters validation = null;
DHValidationParms dhValidationParms = dhParams.ValidationParms;
if (dhValidationParms != null)
{
byte[] seed = dhValidationParms.Seed.GetBytes();
BigInteger pgenCounter = dhValidationParms.PgenCounter.Value;
// TODO Check pgenCounter size?
validation = new DHValidationParameters(seed, pgenCounter.IntValue);
}
return(new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation)));
}
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(ReadPkcsDHParam(algOid, derY.Value, seq));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(
derY.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa) ||
algOid.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPublicKeyParameters(derY.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object());
X9ECParameters x9;
if (para.IsNamedCurve)
{
x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
}
else
{
x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
}
Asn1OctetString key = new DerOctetString(keyInfo.PublicKeyData.GetBytes());
X9ECPoint derQ = new X9ECPoint(x9.Curve, key);
ECPoint q = derQ.Point;
if (para.IsNamedCurve)
{
return(new ECPublicKeyParameters("EC", q, (DerObjectIdentifier)para.Parameters));
}
ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
return(new ECPublicKeyParameters(q, dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = key.GetOctets();
byte[] x = new byte[32];
byte[] y = new byte[32];
for (int i = 0; i != y.Length; i++)
{
x[i] = keyEnc[32 - 1 - i];
}
for (int i = 0; i != x.Length; i++)
{
y[i] = keyEnc[64 - 1 - i];
}
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
ECPoint q = ecP.Curve.CreatePoint(new BigInteger(1, x), new BigInteger(1, y));
return(new ECPublicKeyParameters("ECGOST3410", q, gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
DerOctetString derY;
try
{
derY = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = derY.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger y = new BigInteger(1, keyBytes);
return(new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X25519))
{
return(new X25519PublicKeyParameters(GetRawKey(keyInfo, X25519PublicKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X448))
{
return(new X448PublicKeyParameters(GetRawKey(keyInfo, X448PublicKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519))
{
return(new Ed25519PublicKeyParameters(GetRawKey(keyInfo, Ed25519PublicKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448))
{
return(new Ed448PublicKeyParameters(GetRawKey(keyInfo, Ed448PublicKeyParameters.KeySize), 0));
}
else if (
algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256) ||
algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
{
byte[] keyEnc = ((DerOctetString)Asn1Object.FromByteArray(keyInfo.PublicKeyData.GetOctets())).str;
int fieldSize = 32;
if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
{
fieldSize = 64;
}
int keySize = 2 * fieldSize;
byte[] x9Encoding = new byte[1 + keySize];
x9Encoding[0] = 0x04;
for (int i = 1; i <= fieldSize; ++i)
{
x9Encoding[i] = keyEnc[fieldSize - i];
x9Encoding[i + fieldSize] = keyEnc[keySize - i];
}
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(keyInfo.AlgorithmID.Parameters);
ECGOST3410Parameters ecDomainParameters =
new ECGOST3410Parameters(
new ECNamedDomainParameters(gostParams.PublicKeyParamSet, ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet)),
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
return(new ECPublicKeyParameters(ecDomainParameters.Curve.DecodePoint(x9Encoding), ecDomainParameters));
}
else
{
throw new SecurityUtilityException("algorithm identifier in public key not recognised: " + algOid);
}
}
public static AsymmetricKeyParameter CreateKey(
PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.PrivateKeyAlgorithm;
DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPrivateKeyStructure keyStructure = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
return(new RsaPrivateCrtKeyParameters(
keyStructure.Modulus,
keyStructure.PublicExponent,
keyStructure.PrivateExponent,
keyStructure.Prime1,
keyStructure.Prime2,
keyStructure.Exponent1,
keyStructure.Exponent2,
keyStructure.Coefficient));
}
// TODO?
// else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
DHParameter para = new DHParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
BigInteger lVal = para.L;
int l = lVal == null ? 0 : lVal.IntValue;
DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
return(new DHPrivateKeyParameters(derX.Value, dhParams, algOid));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
return(new ElGamalPrivateKeyParameters(
derX.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa))
{
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPrivateKeyParameters(derX.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object());
X9ECParameters x9;
if (para.IsNamedCurve)
{
x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
}
else
{
x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
}
ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
BigInteger d = ec.GetKey();
if (para.IsNamedCurve)
{
return(new ECPrivateKeyParameters("EC", d, (DerObjectIdentifier)para.Parameters));
}
ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
return(new ECPrivateKeyParameters(d, dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key");
}
Asn1Object privKey = keyInfo.ParsePrivateKey();
ECPrivateKeyStructure ec;
if (privKey is DerInteger)
{
ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).PositiveValue);
}
else
{
ec = ECPrivateKeyStructure.GetInstance(privKey);
}
return(new ECPrivateKeyParameters("ECGOST3410", ec.GetKey(), gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters);
Asn1Object privKey = keyInfo.ParsePrivateKey();
BigInteger x;
if (privKey is DerInteger)
{
x = DerInteger.GetInstance(privKey).PositiveValue;
}
else
{
x = new BigInteger(1, Arrays.Reverse(Asn1OctetString.GetInstance(privKey).GetOctets()));
}
return(new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X25519))
{
return(new X25519PrivateKeyParameters(GetRawKey(keyInfo, X25519PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X448))
{
return(new X448PrivateKeyParameters(GetRawKey(keyInfo, X448PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519))
{
return(new Ed25519PrivateKeyParameters(GetRawKey(keyInfo, Ed25519PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448))
{
return(new Ed448PrivateKeyParameters(GetRawKey(keyInfo, Ed448PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512) ||
algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters);
ECGOST3410Parameters ecSpec = null;
BigInteger d = null;
Asn1Object p = keyInfo.PrivateKeyAlgorithm.Parameters.ToAsn1Object();
if (p is Asn1Sequence && (Asn1Sequence.GetInstance(p).Count == 2 || Asn1Sequence.GetInstance(p).Count == 3))
{
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
ecSpec = new ECGOST3410Parameters(
new ECNamedDomainParameters(
gostParams.PublicKeyParamSet, ecP),
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
Asn1Encodable privKey = keyInfo.ParsePrivateKey();
if (privKey is DerInteger)
{
d = DerInteger.GetInstance(privKey).PositiveValue;
}
else
{
byte[] encVal = Asn1OctetString.GetInstance(privKey).GetOctets();
byte[] dVal = new byte[encVal.Length];
for (int i = 0; i != encVal.Length; i++)
{
dVal[i] = encVal[encVal.Length - 1 - i];
}
d = new BigInteger(1, dVal);
}
}
else
{
X962Parameters parameters = X962Parameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters);
if (parameters.IsNamedCurve)
{
DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(parameters.Parameters);
X9ECParameters ecP = ECNamedCurveTable.GetByOid(oid);
if (ecP == null)
{
ECDomainParameters gParam = ECGost3410NamedCurves.GetByOid(oid);
ecSpec = new ECGOST3410Parameters(new ECNamedDomainParameters(
oid,
gParam.Curve,
gParam.G,
gParam.N,
gParam.H,
gParam.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
else
{
ecSpec = new ECGOST3410Parameters(new ECNamedDomainParameters(
oid,
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
}
else if (parameters.IsImplicitlyCA)
{
ecSpec = null;
}
else
{
X9ECParameters ecP = X9ECParameters.GetInstance(parameters.Parameters);
ecSpec = new ECGOST3410Parameters(new ECNamedDomainParameters(
algOid,
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed()),
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
Asn1Encodable privKey = keyInfo.ParsePrivateKey();
if (privKey is DerInteger)
{
DerInteger derD = DerInteger.GetInstance(privKey);
d = derD.Value;
}
else
{
ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(privKey);
d = ec.GetKey();
}
}
return(new ECPrivateKeyParameters(
d,
new ECGOST3410Parameters(
ecSpec,
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet)));
}
else
{
throw new SecurityUtilityException("algorithm identifier in private key not recognised");
}
}
