/// <summary>
/// Try get algorithm from mechanism.
/// </summary>
/// <param name="mechanism">Algorithm mechanism.</param>
/// <param name="algorithm">Algorithm.</param>
/// <returns></returns>
public static bool TryGetAlgorithm(string mechanism, out IAsymmetricAlgorithm algorithm)
{
mechanism = mechanism.Replace('_', '-').ToUpperInvariant();
switch (mechanism)
{
case "DSA": algorithm = DSA; return(true);
case "ECDSA": algorithm = ECDSA; return(true);
case "ECGOST3410":
case "ECGOST3410-2001":
case "ECGOST-3410":
case "ECGOST-3410-2001": algorithm = ECGOST3410; return(true);
case "ED25519": algorithm = new Ed25519(); return(true);
case "ED448": algorithm = new Ed448(); return(true);
case "ELGAMAL": algorithm = (IAsymmetricAlgorithm)ElGamal; return(true);
case "GOST3410":
case "GOST3410-94":
case "GOST-3410":
case "GOST-3410-94": algorithm = GOST3410; return(true);
case "RSA": algorithm = (IAsymmetricAlgorithm)RSA; return(true);
case "SM2": algorithm = SM2; return(true);
default: algorithm = null; return(false);
}
}
private static byte[] AsymmetricEncrypt([NotNull] IAsymmetricAlgorithm asymmetric, [NotNull] byte[] data, RSASettings settings = null)
{
if (data.Length == 0)
{
return(null);
}
if (settings is { UseExpiration : true })
/// <inheritdoc />
/// <exception cref="ArgumentException" />
/// <exception cref="SignatureVerificationException" />
public void Validate(string decodedPayload, IAsymmetricAlgorithm alg, byte[] bytesToSign, byte[] decodedSignature)
{
var ex = GetValidationException(alg, decodedPayload, bytesToSign, decodedSignature);
if (ex is object)
{
throw ex;
}
}
private Exception GetValidationException(IAsymmetricAlgorithm alg, string payloadJson, byte[] bytesToSign, byte[] decodedSignature)
{
if (!alg.Verify(bytesToSign, decodedSignature))
{
return(new SignatureVerificationException("The signature is invalid according to the validation procedure."));
}
return(GetValidationException(payloadJson));
}
private static IAsymmetricAlgorithm EnsureAlgorithm(IAsymmetricAlgorithm asymmetricAlgorithm)
{
if (asymmetricAlgorithm is null)
{
return((IAsymmetricAlgorithm)AsymmetricAlgorithmHelper.RSA);
}
else if (asymmetricAlgorithm.Mechanism != "RSA")
{
throw new System.Security.Cryptography.CryptographicException("Requires RSA asymmetric algorithm.");
}
else
{
return(asymmetricAlgorithm);
}
}
private static IAsymmetricAlgorithm EnsureAlgorithm(IAsymmetricAlgorithm asymmetricAlgorithm)
{
if (asymmetricAlgorithm is null)
{
return(AsymmetricAlgorithmHelper.SM2);
}
else if (asymmetricAlgorithm.Mechanism != "SM2")
{
throw new CryptographicException("Requires SM2 asymmetric algorithm.");
}
else
{
return(asymmetricAlgorithm);
}
}
public static byte[] AsymmetricEncrypt([NotNull] X509Certificate2 certificate, [NotNull] byte[] data, RSASettings settings = null)
{
if (data.Length == 0)
{
return(null);
}
IAsymmetricAlgorithm asymmetric = null;
try
{
System.Security.Cryptography.RSA algorithm = certificate.GetPublicEncryptor <System.Security.Cryptography.RSA>();
asymmetric = new RSAAlgorithm <System.Security.Cryptography.RSA>(algorithm);
return(AsymmetricEncrypt(asymmetric, data, settings));
}
finally
{
ObjectHelper.Dispose(ref asymmetric);
}
}
public static byte[] AsymmetricEncrypt([NotNull] string publicKeyXml, [NotNull] byte[] data, RSASettings settings = null)
{
if (publicKeyXml.Length == 0)
{
throw new ArgumentNullException(nameof(publicKeyXml));
}
if (data.Length == 0)
{
return(null);
}
IAsymmetricAlgorithm asymmetric = null;
try
{
asymmetric = CreateAsymmetricAlgorithm(settings);
asymmetric.FromXmlString(publicKeyXml);
return(AsymmetricEncrypt(asymmetric, data, settings));
}
finally
{
ObjectHelper.Dispose(ref asymmetric);
}
}
/// <summary>
/// RSA/ISO9796-2.
/// </summary>
/// <param name="hashAlgorithm">Hash algorithm.</param>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public RSAandISO9796_2(IHashAlgorithm hashAlgorithm, IAsymmetricAlgorithm asymmetricAlgorithm)
: base(string.Format(CultureInfo.InvariantCulture, "{0}withISO9796-2", hashAlgorithm.Mechanism), EnsureAlgorithm(asymmetricAlgorithm))
{
_hashAlgorithm = hashAlgorithm;
}
/// <summary>
/// GOST3410.
/// </summary>
/// <param name="hashAlgorithm">Hash algorithm.</param>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public GOST3410(IHashAlgorithm hashAlgorithm, IAsymmetricAlgorithm asymmetricAlgorithm)
: base(string.Format(CultureInfo.InvariantCulture, "{0}withGOST3410", hashAlgorithm.Mechanism), EnsureAlgorithm(asymmetricAlgorithm))
{
_hashAlgorithm = hashAlgorithm;
}
/// <summary>
/// RSA.
/// <para/>Legal signature hash Algorithm:
/// <see cref="MD2"/>,<see cref="MD4"/>,<see cref="MD5"/>,
/// <see cref="SHA1"/>,<see cref="SHA224"/>,<see cref="SHA256"/>,<see cref="SHA384"/>,<see cref="SHA512"/>,
/// <see cref="RIPEMD128"/>,<see cref="RIPEMD160"/>,<see cref="RIPEMD256"/>.
/// </summary>
/// <param name="hashAlgorithm">Hash algorithm.</param>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public RSA(IHashAlgorithm hashAlgorithm, IAsymmetricAlgorithm asymmetricAlgorithm)
: base(string.Format(CultureInfo.InvariantCulture, "{0}withRSA", hashAlgorithm.Mechanism), EnsureAlgorithm(asymmetricAlgorithm))
{
_hashAlgorithm = hashAlgorithm;
_identifier = GetAlgorithmIdentifier(base.Mechanism, _finder);
}
/// <summary>
/// PLAIN-ECDSA.
/// </summary>
/// <param name="hashAlgorithm">Hash algorithm.</param>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public PLAIN_ECDSA(IHashAlgorithm hashAlgorithm, IAsymmetricAlgorithm asymmetricAlgorithm)
: base(string.Format(CultureInfo.InvariantCulture, "{0}withPLAIN-ECDSA", hashAlgorithm.Mechanism), EnsureAlgorithm(asymmetricAlgorithm))
{
_hashAlgorithm = hashAlgorithm;
}
/// <summary>
/// RSAandMGF1.
/// </summary>
/// <param name="hashAlgorithm">Hash algorithm.</param>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public RSAandMGF1(IHashAlgorithm hashAlgorithm, IAsymmetricAlgorithm asymmetricAlgorithm)
: base(string.Format(CultureInfo.InvariantCulture, "{0}withRSAandMGF1", hashAlgorithm.Mechanism), EnsureAlgorithm(asymmetricAlgorithm))
{
_hashAlgorithMgf = hashAlgorithm;
}
/// <summary>
/// Ed25519.
/// </summary>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public Ed25519(IAsymmetricAlgorithm asymmetricAlgorithm) : base("Ed25519", EnsureAlgorithm(asymmetricAlgorithm))
{
}
/// <summary>
/// Ed25519ctx.
/// <para/>Uses context byte[0] by default.
/// </summary>
/// <param name="context">Context.</param>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public Ed25519ctx(byte[] context, IAsymmetricAlgorithm asymmetricAlgorithm) : base("Ed25519ctx", EnsureAlgorithm(asymmetricAlgorithm))
{
_context = context;
}
private protected SignatureAlgorithm(string mechanism, IAsymmetricAlgorithm asymmetricAlgorithm)
{
this.Mechanism = mechanism;
_asymmetricAlgorithm = asymmetricAlgorithm;
this.X509 = GetX509Oid(mechanism);
}
/// <summary>
/// Ed448ph.
/// <para/>Uses context byte[0] by default.
/// </summary>
/// <param name="context">Context.</param>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public Ed448ph(byte[] context, IAsymmetricAlgorithm asymmetricAlgorithm) : base("Ed448ph", EnsureAlgorithm(asymmetricAlgorithm))
{
_context = context;
}
public InternalAsymmetricAlgorithmTests()
{
_algorithm = CoreExtensionBuilderHelper.CurrentServices.GetRequiredService <IAsymmetricAlgorithm>();
}
/// <inheritdoc />
/// <exception cref="ArgumentException" />
public bool TryValidate(string payloadJson, IAsymmetricAlgorithm alg, byte[] bytesToSign, byte[] decodedSignature, out Exception ex)
{
ex = GetValidationException(alg, payloadJson, bytesToSign, decodedSignature);
return(ex is null);
}
/// <summary>
/// RSA/X9.31.
/// <para/>Legal key size is more than or equal to 512 bits (64 bits increments).
/// <para/>Uses key size 2048 bits, certainty 25 by default.
/// <para/>Legal signature hash Algorithm:
/// <see cref="SHA1"/>,<see cref="SHA224"/>,<see cref="SHA256"/>,<see cref="SHA384"/>,<see cref="SHA512"/>,
/// <see cref="RIPEMD128"/>,<see cref="RIPEMD160"/>,
/// <see cref="SHA512T"/>/224,<see cref="SHA512T"/>/256,
/// <see cref="Whirlpool"/>.
/// </summary>
/// <param name="hashAlgorithm">Hash algorithm.</param>
/// <param name="asymmetricAlgorithm">Asymmetric algorithm. To provide function generate key pair, this argument is not required.</param>
public RSAandX931(IHashAlgorithm hashAlgorithm, IAsymmetricAlgorithm asymmetricAlgorithm)
: base(string.Format(CultureInfo.InvariantCulture, "{0}withRSA/X9.31", hashAlgorithm.Mechanism), asymmetricAlgorithm)
{
_hashAlgorithm = hashAlgorithm;
}
