Example #1
0
        public IStreamCalculator CreateCalculator()
        {
            var param = new ParametersWithRandom(privateKey, new SecureRandom());
            var gst   = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest());

            gst.Init(true, param);

            return(new DefaultSignatureCalculator(gst));
        }
        private void SignatureGost12Test(String signatureAlg, int expectedSignLen, AsymmetricCipherKeyPair p)

        {
            byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };

            ECPrivateKeyParameters sKey = (ECPrivateKeyParameters)p.Private;
            ECPublicKeyParameters  vKey = (ECPublicKeyParameters)p.Public;

            ECGOST3410_2012Signer s = new ECGOST3410_2012Signer();

            s.Init(true, sKey);
            BigInteger[] sig = s.GenerateSignature(data);


            s = new ECGOST3410_2012Signer();
            s.Init(false, vKey);

            if (!s.VerifySignature(data, sig[0], sig[1]))
            {
                Fail("Signature " + signatureAlg + " did not verify");
            }

            //
            // Test with Digest signer.
            //
            Gost3410DigestSigner digestSigner = new Gost3410DigestSigner(
                new ECGOST3410_2012Signer(),
                DigestUtilities.GetDigest(((ECGOST3410Parameters)vKey.Parameters).DigestParamSet));

            digestSigner.Init(true, sKey);
            digestSigner.BlockUpdate(data, 0, data.Length);
            byte[] sigBytes = digestSigner.GenerateSignature();

            if (sigBytes.Length != expectedSignLen)
            {
                Fail(signatureAlg + " signature failed at expected length");
            }

            digestSigner = new Gost3410DigestSigner(
                new ECGOST3410_2012Signer(),
                DigestUtilities.GetDigest(((ECGOST3410Parameters)vKey.Parameters).DigestParamSet));
            digestSigner.Init(false, vKey);
            digestSigner.BlockUpdate(data, 0, data.Length);

            if (!digestSigner.VerifySignature(sigBytes))
            {
                Fail("Signature " + signatureAlg + " did not verify");
            }
        }
        public static byte[] VerifySignature(CmsSignedData cms)
        {
            var store = cms.GetCertificates("COLLECTION");

            var signers = cms.GetSignerInfos();

            byte[] arr;

            using (var stream = new MemoryStream())
            {
                cms.SignedContent.Write(stream);

                arr = stream.ToArray();
            }

            foreach (var sig in signers.GetSigners())
            {
                var signer = (SignerInformation)sig;

                foreach (var st in store.GetMatches(signer.SignerID))
                {
                    var crt = (X509Certificate)st;

                    CheckCertificateValidity(crt);

                    var gst = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest());

                    gst.Init(false, crt.GetPublicKey());

                    gst.BlockUpdate(arr, 0, arr.Length);

                    var t = gst.VerifySignature(signer.GetSignature());

                    if (!t)
                    {
                        throw new CryptographicException("Cannot verify signature");
                    }
                }
            }

            return(arr);
        }
        private static void CheckCertificateValidity(X509Certificate cert)
        {
            cert.CheckValidity();

            var caCert = (X509Certificate)RootCertificates.GetRootCertGOST();

            var gst = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest());

            gst.Init(false, caCert.GetPublicKey());

            var tbsCertificate = cert.GetTbsCertificate();

            gst.BlockUpdate(tbsCertificate, 0, tbsCertificate.Length);

            var t = gst.VerifySignature(cert.GetSignature());

            if (!t)
            {
                throw new CryptographicException("Cannot verify signature");
            }
        }