/// <exception cref="NoSuchAlgorithmException"/>
public static KeyPair GenerateKeyPair(string algorithm)
{
KeyPairGenerator keyGen = KeyPairGenerator.GetInstance(algorithm);
keyGen.Initialize(1024);
return(keyGen.GenKeyPair());
}
public void SyncNextAnnouncement_WithSyncingAndEmptyAnnoucements_EndsSync()
{
Mock <IMessageReader> reader = new Mock <IMessageReader>();
Mock <IMessageWriter> messageWritter = new Mock <IMessageWriter>();
ECKeyPair kp = new KeyPairGenerator().Generate();
Peer p = new Peer(new TcpClient(), reader.Object, messageWritter.Object, 1234, kp, 0);
var(_, handshake) = NetworkTestHelpers.CreateKeyPairAndHandshake(1235);
p.AuthentifyWith(handshake); // set "other peer as authentified"
var annoucement = new Announce {
Height = 10, Id = ByteString.CopyFromUtf8("FakeHash")
};
p.StashAnnouncement(annoucement);
// trigger sync
p.SyncNextAnnouncement();
// end sync
var movedToNext = p.SyncNextAnnouncement();
// Check that sync ended
Assert.False(movedToNext);
Assert.Null(p.SyncedAnnouncement);
Assert.False(p.AnyStashed);
}
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
//ORIGINAL LINE: public void createSelfSignedCertificate(java.io.File certificatePath, java.io.File privateKeyPath, String hostName) throws java.security.GeneralSecurityException, java.io.IOException, org.bouncycastle.operator.OperatorCreationException
public virtual void CreateSelfSignedCertificate(File certificatePath, File privateKeyPath, string hostName)
{
InstallCleanupHook(certificatePath, privateKeyPath);
KeyPairGenerator keyGen = KeyPairGenerator.getInstance(DEFAULT_ENCRYPTION);
keyGen.initialize(2048, _random);
KeyPair keypair = keyGen.generateKeyPair();
// Prepare the information required for generating an X.509 certificate.
X500Name owner = new X500Name("CN=" + hostName);
X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(owner, new BigInteger(64, _random), _notBefore, _notAfter, owner, keypair.Public);
// Subject alternative name (part of SNI extension, used for hostname verification)
GeneralNames subjectAlternativeName = new GeneralNames(new GeneralName(GeneralName.dNSName, hostName));
builder.addExtension(Extension.subjectAlternativeName, false, subjectAlternativeName);
PrivateKey privateKey = keypair.Private;
ContentSigner signer = (new JcaContentSignerBuilder("SHA512WithRSAEncryption")).build(privateKey);
X509CertificateHolder certHolder = builder.build(signer);
X509Certificate cert = (new JcaX509CertificateConverter()).setProvider(_provider).getCertificate(certHolder);
//check so that cert is valid
cert.verify(keypair.Public);
//write to disk
WritePem("CERTIFICATE", cert.Encoded, certificatePath);
WritePem("PRIVATE KEY", privateKey.Encoded, privateKeyPath);
// Mark as done so we don't clean up certificates
_cleanupRequired = false;
}
public void Start_AuthentificationTimout_ShouldThrowEvent()
{
Mock <IMessageReader> reader = new Mock <IMessageReader>();
Mock <IMessageWriter> messageWritter = new Mock <IMessageWriter>();
ECKeyPair key = new KeyPairGenerator().Generate();
Peer p = new Peer(new TcpClient(), reader.Object, messageWritter.Object, 1234, key, 0);
p.AuthTimeout = 100;
AuthFinishedArgs authFinishedArgs = null;
p.AuthFinished += (sender, args) =>
{
authFinishedArgs = args as AuthFinishedArgs;
};
p.Start();
Task.Delay(200).Wait();
Assert.NotNull(authFinishedArgs);
Assert.False(authFinishedArgs.IsAuthentified);
Assert.True(authFinishedArgs.Reason == RejectReason.AuthTimeout);
Assert.False(p.IsAuthentified);
}
/// <inheritdoc/>
public ICryptographicKey CreateKeyPair(int keySize)
{
Requires.Range(keySize > 0, "keySize");
var keyGen = KeyPairGenerator.GetInstance("RSA");
keyGen.Initialize(keySize);
var key = keyGen.GenerateKeyPair();
var privateKeyParameters = key.Private.JavaCast <IRSAPrivateCrtKey>();
var parameters = new RSAParameters
{
Modulus = privateKeyParameters.Modulus.ToByteArray(),
Exponent = privateKeyParameters.PublicExponent.ToByteArray(),
P = privateKeyParameters.PrimeP.ToByteArray(),
Q = privateKeyParameters.PrimeQ.ToByteArray(),
DP = privateKeyParameters.PrimeExponentP.ToByteArray(),
DQ = privateKeyParameters.PrimeExponentQ.ToByteArray(),
InverseQ = privateKeyParameters.CrtCoefficient.ToByteArray(),
D = privateKeyParameters.PrivateExponent.ToByteArray(),
};
// Normalize RSAParameters (remove leading zeros, etc.)
parameters = KeyFormatter.Pkcs1.Read(KeyFormatter.Pkcs1.Write(parameters));
return(new RsaCryptographicKey(key.Public, key.Private, parameters, this.algorithm));
}
public ECKeyPair Create(string password)
{
ECKeyPair keyPair = new KeyPairGenerator().Generate();
bool res = WriteKeyPair(keyPair, password);
return(!res ? null : keyPair);
}
// Generates keys for RSA signing
public IxianKeyPair generateKeys(int keySize, bool skip_header = false)
{
KeyPair kp = null;
try
{
KeyPairGenerator kpg = KeyPairGenerator.GetInstance("RSA");
kpg.Initialize(keySize);
kp = kpg.GenKeyPair();
IxianKeyPair ixi_kp = new IxianKeyPair();
ixi_kp.privateKeyBytes = rsaKeyToBytes(kp, true, skip_header);
ixi_kp.publicKeyBytes = rsaKeyToBytes(kp, false, skip_header);
byte[] plain = Encoding.UTF8.GetBytes("Plain text string");
if (!testKeys(plain, ixi_kp))
{
return(null);
}
return(ixi_kp);
}
catch (Exception e)
{
Logging.warn(string.Format("Exception while generating signature keys: {0}", e.ToString()));
return(null);
}
}
//BELOW API 23
public KeyPair GetAsymmetricKey()
{
var asymmetricAlias = $"{alias}.asymmetric";
var privateKey = keyStore.GetKey(asymmetricAlias, null)?.JavaCast <IPrivateKey>();
var publicKey = keyStore.GetCertificate(asymmetricAlias)?.PublicKey;
if (privateKey != null && publicKey != null)
{
return(new KeyPair(publicKey, privateKey));
}
// var originalLocale = Platform.
var generator = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, CONST_ANDROIDKEY);
var end = DateTime.UtcNow.AddYears(20);
var startDate = new Java.Util.Date();
var endDate = new Java.Util.Date(end.Year, end.Month, end.Day);
var builder = new KeyPairGeneratorSpec.Builder(appContext)
.SetAlias(asymmetricAlias)
.SetSerialNumber(Java.Math.BigInteger.One)
.SetSubject(new Javax.Security.Auth.X500.X500Principal($"CN={asymmetricAlias} CA Certificate"))
.SetStartDate(startDate)
.SetEndDate(endDate);
generator.Initialize(builder.Build());
return(generator.GenerateKeyPair());
}
public async Task <byte[]> GenerateKeyPair(CancellationToken ct, string name)
{
if (this.Log().IsEnabled(LogLevel.Debug))
{
this.Log().Debug($"Generating a key pair (name: '{name}').");
}
name.Validation().NotNullOrEmpty(nameof(name));
using (await _asyncLock.LockAsync(ct))
{
var keygen = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmEc, ANDROID_KEYSTORE);
keygen.Initialize(new KeyGenParameterSpec.Builder(name, KeyStorePurpose.Sign)
.SetAlgorithmParameterSpec(new ECGenParameterSpec(CURVE_NAME))
.SetDigests(KeyProperties.DigestSha256)
.SetUserAuthenticationRequired(true)
.Build()
);
if (this.Log().IsEnabled(LogLevel.Information))
{
this.Log().Info($"Return the generated key pair (name: '{name}').");
}
return(keygen.GenerateKeyPair().Public.GetEncoded());
}
}
public void SignAndVerifyTransaction()
{
// Generate the key pair
ECKeyPair keyPair = new KeyPairGenerator().Generate();
Transaction tx = new Transaction();
tx.From = Address.FromRawBytes(CryptoHelpers.RandomFill(ADR_LENGTH));
tx.To = Address.FromRawBytes(CryptoHelpers.RandomFill(ADR_LENGTH));
Block block = new Block();
block.AddTransaction(tx);
// Serialize and hash the transaction
Hash hash = tx.GetHash();
// Sign the hash
ECSigner signer = new ECSigner();
ECSignature signature = signer.Sign(keyPair, hash.DumpByteArray());
ECVerifier verifier = new ECVerifier(keyPair);
Assert.True(verifier.Verify(signature, hash.DumpByteArray()));
}
public void CreateKeyPair()
{
DeleteKey();
KeyPairGenerator keyGenerator =
KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, KEYSTORE_NAME);
if (Build.VERSION.SdkInt >= BuildVersionCodes.JellyBeanMr2 &&
Build.VERSION.SdkInt <= BuildVersionCodes.LollipopMr1)
{
var calendar = Calendar.GetInstance(_context.Resources.Configuration.Locale);
var endDate = Calendar.GetInstance(_context.Resources.Configuration.Locale);
endDate.Add(CalendarField.Year, 20);
//this API is obsolete after Android M, but I am supporting Android L
#pragma warning disable 618
var builder = new KeyPairGeneratorSpec.Builder(_context)
#pragma warning restore 618
.SetAlias(_keyName).SetSerialNumber(BigInteger.One)
.SetSubject(new X500Principal($"CN={_keyName} CA Certificate"))
.SetStartDate(calendar.Time)
.SetEndDate(endDate.Time).SetKeySize(KeySize);
keyGenerator.Initialize(builder.Build());
}
else if (Build.VERSION.SdkInt >= BuildVersionCodes.M)
{
var builder =
new KeyGenParameterSpec.Builder(_keyName, KeyStorePurpose.Encrypt | KeyStorePurpose.Decrypt)
.SetBlockModes(KeyProperties.BlockModeEcb)
.SetEncryptionPaddings(KeyProperties.EncryptionPaddingRsaPkcs1)
.SetRandomizedEncryptionRequired(false).SetKeySize(KeySize);
keyGenerator.Initialize(builder.Build());
}
keyGenerator.GenerateKeyPair();
}
KeyPair GetAsymmetricKeyPair()
{
var asymmetricAlias = $"{alias}.asymmetric";
var privateKey = keyStore.GetKey(asymmetricAlias, null)?.JavaCast <IPrivateKey>();
var publicKey = keyStore.GetCertificate(asymmetricAlias)?.PublicKey;
// Return the existing key if found
if (privateKey != null && publicKey != null)
{
return(new KeyPair(publicKey, privateKey));
}
// Otherwise we create a new key
var generator = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, androidKeyStore);
var end = DateTime.UtcNow.AddYears(20);
var startDate = new Java.Util.Date();
var endDate = new Java.Util.Date(end.Year, end.Month, end.Day);
#pragma warning disable CS0618
var builder = new KeyPairGeneratorSpec.Builder(Platform.AppContext)
.SetAlias(asymmetricAlias)
.SetSerialNumber(Java.Math.BigInteger.One)
.SetSubject(new Javax.Security.Auth.X500.X500Principal($"CN={asymmetricAlias} CA Certificate"))
.SetStartDate(startDate)
.SetEndDate(endDate);
generator.Initialize(builder.Build());
#pragma warning restore CS0618
return(generator.GenerateKeyPair());
}
public void Start_AuthentificationNoTimout_ShouldThrowEvent()
{
int localPort = 1234;
int remotePort = 1235;
Mock <IMessageReader> reader = new Mock <IMessageReader>();
Mock <IMessageWriter> messageWritter = new Mock <IMessageWriter>();
ECKeyPair key = new KeyPairGenerator().Generate();
Peer p = new Peer(new TcpClient(), reader.Object, messageWritter.Object, localPort, key, 0);
p.AuthTimeout = 100;
AuthFinishedArgs authFinishedArgs = null;
p.AuthFinished += (sender, args) => {
authFinishedArgs = args as AuthFinishedArgs;
};
p.Start();
var(_, handshake) = NetworkTestHelpers.CreateKeyPairAndHandshake(remotePort);
p.AuthentifyWith(handshake);
Task.Delay(200).Wait();
Assert.Null(authFinishedArgs);
Assert.True(p.IsAuthentified);
}
/// <summary>
/// Generate a new random decrypt key for RSA based on the given params.
/// </summary>
///
/// <param name="params">The key params with the key size (in bits).</param>
/// <returns>The new decrypt key (PKCS8-encoded private key).</returns>
public static DecryptKey generateKey(RsaKeyParams paras)
{
KeyPairGenerator generator = System.KeyPairGenerator.getInstance("RSA");
generator.initialize(paras.getKeySize());
KeyPair pair = generator.generateKeyPair();
return(new DecryptKey(new Blob(pair.getPrivate().getEncoded(), false)));
}
public void SyncNextAnnouncement_NoStashAndNotSyncing_throws()
{
// Calling the method while not in sync and no requests is invalid.
ECKeyPair kp = new KeyPairGenerator().Generate();
Peer p = new Peer(new TcpClient(), null, null, 0, kp, 0);
Assert.Throws <InvalidOperationException>(() => p.SyncNextAnnouncement());
}
// ctor()?
public __RSACryptoServiceProvider(int dwKeySize, CspParameters parameters)
{
// what if ctor is here for import instead of gen?
// X:\jsc.svn\examples\java\hybrid\JVMCLRRSACryptoServiceProviderExport\JVMCLRRSACryptoServiceProviderExport\Program.cs
// If this is not a random container we generate, create it eagerly
// in the constructor so we can report any errors now.
// Environment.GetCompatibilityFlag(CompatibilityFlag.EagerlyGenerateRandomAsymmKeys)
// GetKeyPair();
// We only attempt to generate a random key on desktop runtimes because the CoreCLR
// RSA surface area is limited to simply verifying signatures. Since generating a
// random key to verify signatures will always lead to failure (unless we happend to
// win the lottery and randomly generate the signing key ...), there is no need
// to add this functionality to CoreCLR at this point.
// ? what
this.dwKeySize = dwKeySize;
this.parameters = parameters;
// when would we want to delay key gen?
// lets gen it early.
// X:\jsc.svn\examples\javascript\appengine\Test\TestCryptoKeyGenerate\TestCryptoKeyGenerate\ApplicationWebService.cs
try
{
// it works.
// can we now wrap rsa for all platforms
// and use it as a generic nuget?
var sw = Stopwatch.StartNew();
Console.WriteLine("RSACryptoServiceProvider before generateKeyPair " + new { dwKeySize });
var keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(dwKeySize);
this.InternalKeyPair = keyGen.generateKeyPair();
this.InternalRSAPublicKey = (RSAPublicKey)this.InternalKeyPair.getPublic();
this.InternalRSAPrivateKey = (RSAPrivateCrtKey)this.InternalKeyPair.getPrivate();
Console.WriteLine("RSACryptoServiceProvider after generateKeyPair " + new { sw.ElapsedMilliseconds });
//before generateKeyPair { { ElapsedMilliseconds = 2 } }
//after generateKeyPair { { ElapsedMilliseconds = 1130 } }
}
catch
{
throw;
}
}
public void VerifySignature_CorrectDataAndSig_ReturnsTrue()
{
ECKeyPair keyPair = new KeyPairGenerator().Generate();
byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
ECSigner signer = new ECSigner();
ECSignature signature = signer.Sign(keyPair, message);
ECVerifier verifier = new ECVerifier(keyPair);
Assert.True(verifier.Verify(signature, message));
}
private void CreateNewKey(string alias)
{
KeyGenParameterSpec spec = new KeyGenParameterSpec.Builder(alias, KeyStorePurpose.Decrypt | KeyStorePurpose.Encrypt)
.SetBlockModes(KeyProperties.BlockModeCbc)
.SetEncryptionPaddings(KeyProperties.EncryptionPaddingRsaPkcs1)
.Build();
KeyPairGenerator generator = KeyPairGenerator.GetInstance("RSA", "AndroidKeyStore");
generator.Initialize(spec);
generator.GenerateKeyPair();
}
KeyPair GetAsymmetricKeyPair()
{
// set that we generated keys on pre-m device.
Preferences.Set(useSymmetricPreferenceKey, false, SecureStorage.Alias);
var asymmetricAlias = $"{alias}.asymmetric";
var privateKey = keyStore.GetKey(asymmetricAlias, null)?.JavaCast <IPrivateKey>();
var publicKey = keyStore.GetCertificate(asymmetricAlias)?.PublicKey;
// Return the existing key if found
if (privateKey != null && publicKey != null)
{
return(new KeyPair(publicKey, privateKey));
}
var originalLocale = Platform.GetLocale();
try
{
// Force to english for known bug in date parsing:
// https://issuetracker.google.com/issues/37095309
Platform.SetLocale(Java.Util.Locale.English);
// Otherwise we create a new key
var generator = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, androidKeyStore);
var end = DateTime.UtcNow.AddYears(20);
var startDate = new Java.Util.Date();
#pragma warning disable CS0618 // Type or member is obsolete
var endDate = new Java.Util.Date(end.Year, end.Month, end.Day);
#pragma warning restore CS0618 // Type or member is obsolete
#pragma warning disable CS0618
var builder = new KeyPairGeneratorSpec.Builder(Platform.AppContext)
.SetAlias(asymmetricAlias)
.SetSerialNumber(Java.Math.BigInteger.One)
.SetSubject(new Javax.Security.Auth.X500.X500Principal($"CN={asymmetricAlias} CA Certificate"))
.SetStartDate(startDate)
.SetEndDate(endDate);
generator.Initialize(builder.Build());
#pragma warning restore CS0618
return(generator.GenerateKeyPair());
}
finally
{
Platform.SetLocale(originalLocale);
}
}
/// <summary>
/// Generates an RSA keypair of the provided length using Java libraries
/// and configures an RSACryptoServiceProvider with them for ease of use with .NET systems.
/// This is much more performant than generating keys directly from an RSACryptoServiceProvider
/// when running on an Android system.
/// </summary>
/// <returns></returns>
public static RSACryptoServiceProvider GenerateRsaKeyPair(int keySize = 2048)
{
//Generate an RSA key-pair of the provided size. This approach is as fast as anything I have found for Android devices.
//On a Nexus 6P, this code consistently creates a 2048-bit key-pair in less than 10 seconds while standard .NET libraries
//and BouncyCastle all took anywhere from 10 - 30 seconds.
var keyPairGenerator = KeyPairGenerator.GetInstance("RSA");
keyPairGenerator.Initialize(keySize);
var keys = keyPairGenerator.GenerateKeyPair();
KeyFactory kf = KeyFactory.GetInstance("RSA");
var spec = (RSAPrivateCrtKeySpec)kf.GetKeySpec(keys.Private, Class.FromType(typeof(RSAPrivateCrtKeySpec)));
//Create an Xml node for the provided element name using the provided number in Base64-string format as its value
string FormatElement(string name, BigInteger value)
{
var bytes = value.ToByteArray();
int length = bytes.Length;
if (length % 2 != 0 && bytes[0] == 0) //BigInteger is signed, so remove the extra byte
{
bytes = Arrays.CopyOfRange(bytes, 1, length);
}
var content = Base64.EncodeToString(bytes, Base64Flags.Default);
return($"<{name}>{content}</{name}>");
}
//Create an XML version of the private key
var stb = new System.Text.StringBuilder();
stb.Append("<RSAKeyValue>");
stb.Append(FormatElement("Modulus", spec.Modulus));
stb.Append(FormatElement("Exponent", spec.PublicExponent));
stb.Append(FormatElement("P", spec.PrimeP));
stb.Append(FormatElement("Q", spec.PrimeQ));
stb.Append(FormatElement("DP", spec.PrimeExponentP));
stb.Append(FormatElement("DQ", spec.PrimeExponentQ));
stb.Append(FormatElement("InverseQ", spec.CrtCoefficient));
stb.Append(FormatElement("D", spec.PrivateExponent));
stb.Append("</RSAKeyValue>");
var privateKeyXml = stb.ToString();
//Configure an RSACryptoServiceProvider using the generated key XML
var rsaCryptoServiceProvider = new RSACryptoServiceProvider(keySize);
rsaCryptoServiceProvider.FromXmlString(privateKeyXml);
return(rsaCryptoServiceProvider);
}
private void GenerateStoreKey(bool withDate)
{
if (_keyStore.ContainsAlias(KeyAlias))
{
return;
}
ClearSettings();
var end = Calendar.Instance;
end.Add(CalendarField.Year, 99);
if (_oldAndroid)
{
var subject = new X500Principal($"CN={KeyAlias}");
var builder = new KeyPairGeneratorSpec.Builder(Application.Context)
.SetAlias(KeyAlias)
.SetSubject(subject)
.SetSerialNumber(BigInteger.Ten);
if (withDate)
{
builder.SetStartDate(new Date(0)).SetEndDate(end.Time);
}
var spec = builder.Build();
var gen = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, AndroidKeyStore);
gen.Initialize(spec);
gen.GenerateKeyPair();
}
else
{
var builder = new KeyGenParameterSpec.Builder(KeyAlias, KeyStorePurpose.Decrypt | KeyStorePurpose.Encrypt)
.SetBlockModes(KeyProperties.BlockModeGcm)
.SetEncryptionPaddings(KeyProperties.EncryptionPaddingNone);
if (withDate)
{
builder.SetKeyValidityStart(new Date(0)).SetKeyValidityEnd(end.Time);
}
var spec = builder.Build();
var gen = KeyGenerator.GetInstance(KeyProperties.KeyAlgorithmAes, AndroidKeyStore);
gen.Init(spec);
gen.GenerateKey();
}
}
private void PrepareKeyStore()
{
_keyStore = KeyStore.GetInstance(AndroidKeyStoreKey);
_keyStore.Load(null);
if (_keyStore.ContainsAlias(ProtectedDataKey))
{
_keyStore.GetKey(ProtectedDataKey, null);
}
else
{
var context = global::Android.App.Application.Context;
// thanks to https://dzone.com/articles/xamarin-android-asymmetric-encryption-without-any
var keyGenerator = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, AndroidKeyStoreKey);
if (_sdkLessThan23)
{
var calendar = Calendar.GetInstance(context.Resources.Configuration.Locale);
var endDate = Calendar.GetInstance(context.Resources.Configuration.Locale);
endDate.Add(CalendarField.Year, 20);
#pragma warning disable 618
var builder = new KeyPairGeneratorSpec.Builder(context)
#pragma warning restore 618
.SetAlias(ProtectedDataKey)
.SetSerialNumber(BigInteger.One)
.SetSubject(new X500Principal($"CN={ProtectedDataKey} CA Certificate"))
.SetStartDate(calendar.Time)
.SetEndDate(endDate.Time)
.SetKeySize(2048);
keyGenerator.Initialize(builder.Build());
}
else
{
var builder = new KeyGenParameterSpec.Builder(ProtectedDataKey, KeyStorePurpose.Encrypt | KeyStorePurpose.Decrypt)
.SetBlockModes(KeyProperties.BlockModeEcb)
.SetEncryptionPaddings(KeyProperties.EncryptionPaddingRsaPkcs1)
.SetRandomizedEncryptionRequired(false)
.SetKeySize(2048);
keyGenerator.Initialize(builder.Build());
}
keyGenerator.GenerateKeyPair();
}
}
public void SignatureDecoding_Decode_ShouldBeEqualToOriginal()
{
// GenerareceivedKeyte the key pair
ECKeyPair keyPair = new KeyPairGenerator().Generate();
// Get its byte array representation
byte[] initialPublicKey = keyPair.GetEncodedPublicKey(compressed: true);
// Reconstruct it and check if the key is the same
ECKeyPair recipientKeyPair = ECKeyPair.FromPublicKey(initialPublicKey);
byte[] receivedKey = recipientKeyPair.GetEncodedPublicKey(true);
Assert.True(receivedKey.SequenceEqual(initialPublicKey));
}
private KeyPair GenerateKeyPair(string keyName, bool invalidatedByBiometricEnrollment)
{
var keyPairGenerator = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmEc, KEY_STORE_NAME);
var builder = new KeyGenParameterSpec.Builder(keyName, KeyStorePurpose.Sign)
.SetAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"))
.SetDigests(KeyProperties.DigestSha256, KeyProperties.DigestSha384, KeyProperties.DigestSha512)
// Require the user to authenticate with a biometric to authorize every use of the key
.SetUserAuthenticationRequired(true)
// Generated keys will be invalidated if the biometric templates are added more to user device
.SetInvalidatedByBiometricEnrollment(invalidatedByBiometricEnrollment);
keyPairGenerator.Initialize(builder.Build());
return(keyPairGenerator.GenerateKeyPair());
}
public void SignAndVerifyTransaction()
{
byte[] fromAdress = CryptoHelpers.RandomFill(ADR_LENGTH);
byte[] toAdress = CryptoHelpers.RandomFill(ADR_LENGTH);
// Generate the key pair
ECKeyPair keyPair = new KeyPairGenerator().Generate();
;
Transaction tx = new Transaction();
tx.From = Address.FromRawBytes(fromAdress);
tx.To = Address.FromRawBytes(toAdress);
tx.Sig = new Signature
{
P = ByteString.CopyFrom(keyPair.PublicKey.Q.GetEncoded())
};
// Serialize and hash the transaction
Hash hash = tx.GetHash();
// Sign the hash
ECSigner signer = new ECSigner();
ECSignature signature = signer.Sign(keyPair, hash.DumpByteArray());
// Update the signature
tx.Sig.R = ByteString.CopyFrom(signature.R);
tx.Sig.S = ByteString.CopyFrom(signature.S);
// Serialize as for sending over the network
byte[] serializedTx = tx.Serialize();
/**** broadcast/receive *****/
Transaction dTx = Transaction.Parser.ParseFrom(serializedTx);
// Serialize and hash the transaction
Hash dHash = dTx.GetHash();
byte[] uncompressedPrivKey = tx.Sig.P.ToByteArray();
ECKeyPair recipientKeyPair = ECKeyPair.FromPublicKey(uncompressedPrivKey);
ECVerifier verifier = new ECVerifier(recipientKeyPair);
Assert.True(verifier.Verify(dTx.GetSignature(), dHash.DumpByteArray()));
}
/// <summary>
/// Generate a pair of asymmetric keys.
/// </summary>
///
/// <param name="keyName">The name of the key pair.</param>
/// <param name="params">The parameters of the key.</param>
/// <exception cref="System.Security.SecurityException"></exception>
public sealed override void generateKeyPair(Name keyName, KeyParams paras)
{
if (doesKeyExist(keyName, net.named_data.jndn.security.KeyClass.PUBLIC))
{
throw new SecurityException("Public Key already exists");
}
if (doesKeyExist(keyName, net.named_data.jndn.security.KeyClass.PRIVATE))
{
throw new SecurityException("Private Key already exists");
}
String keyAlgorithm;
int keySize;
if (paras.getKeyType() == net.named_data.jndn.security.KeyType.RSA)
{
keyAlgorithm = "RSA";
keySize = ((RsaKeyParams)paras).getKeySize();
}
else if (paras.getKeyType() == net.named_data.jndn.security.KeyType.EC)
{
keyAlgorithm = "EC";
keySize = ((EcKeyParams)paras).getKeySize();
}
else
{
throw new SecurityException("Cannot generate a key pair of type "
+ paras.getKeyType());
}
KeyPairGenerator generator = null;
try {
generator = System.KeyPairGenerator.getInstance(keyAlgorithm);
} catch (Exception e) {
throw new SecurityException(
"FilePrivateKeyStorage: Could not create the key generator: "
+ e.Message);
}
// generate
generator.initialize(keySize);
KeyPair pair = generator.generateKeyPair();
// save
this.write(keyName, net.named_data.jndn.security.KeyClass.PRIVATE, pair.getPrivate().getEncoded());
this.write(keyName, net.named_data.jndn.security.KeyClass.PUBLIC, pair.getPublic().getEncoded());
}
public List <Transaction> CreateTx(Hash chainId)
{
var contractAddressZero = AddressHelpers.GetSystemContractAddress(chainId, GlobalConfig.GenesisBasicContract);
Console.WriteLine($"zero {contractAddressZero}");
var code = ExampleContractCode;
ECKeyPair keyPair = new KeyPairGenerator().Generate();
ECSigner signer = new ECSigner();
var txPrint = new Transaction()
{
From = keyPair.GetAddress(),
To = contractAddressZero,
IncrementId = NewIncrementId(),
MethodName = "Print",
Params = ByteString.CopyFrom(new Parameters()
{
Params =
{
new Param
{
StrVal = "AElf"
}
}
}.ToByteArray()),
Fee = TxPoolConfig.Default.FeeThreshold + 1
};
Hash hash = txPrint.GetHash();
ECSignature signature = signer.Sign(keyPair, hash.DumpByteArray());
txPrint.Sig = new Signature
{
P = ByteString.CopyFrom(keyPair.PublicKey.Q.GetEncoded()),
R = ByteString.CopyFrom(signature.R),
S = ByteString.CopyFrom(signature.S),
};
var txs = new List <Transaction>()
{
txPrint
};
return(txs);
}
public void VerifySignature_WrongData_ReturnsFalse()
{
ECKeyPair keyPair = new KeyPairGenerator().Generate();
byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
ECSigner signer = new ECSigner();
ECSignature signature = signer.Sign(keyPair, message);
// Change the message
message = new BigInteger("9682368737159881417056907351531570756676647951").ToByteArray();
ECVerifier verifier = new ECVerifier(keyPair);
Assert.False(verifier.Verify(signature, message));
}
// private
// public
/// <exception cref="System.Exception"></exception>
public virtual void Init(int key_size)
{
KeyPairGenerator keyGen = KeyPairGenerator.GetInstance("DSA");
keyGen.Initialize(key_size, new SecureRandom());
Sharpen.KeyPair pair = keyGen.GenerateKeyPair();
PublicKey pubKey = pair.GetPublic();
PrivateKey prvKey = pair.GetPrivate();
x = ((DSAPrivateKey)prvKey).GetX().GetBytes();
y = ((DSAPublicKey)pubKey).GetY().GetBytes();
DSAParams @params = ((DSAKey)prvKey).GetParams();
p = @params.GetP().GetBytes();
q = @params.GetQ().GetBytes();
g = @params.GetG().GetBytes();
}
public void SyncNextAnnouncement_WithAnnouncement_TriggersSync()
{
Mock <IMessageReader> reader = new Mock <IMessageReader>();
Mock <IMessageWriter> messageWritter = new Mock <IMessageWriter>();
ECKeyPair kp = new KeyPairGenerator().Generate();
Peer p = new Peer(new TcpClient(), reader.Object, messageWritter.Object, 1234, kp, 0);
var(_, handshake) = NetworkTestHelpers.CreateKeyPairAndHandshake(1235);
p.AuthentifyWith(handshake); // set "other peer as authentified"
BlockRequest req = null;
messageWritter
.Setup(w => w.EnqueueMessage(It.Is <Message>(m => m.Type == (int)AElfProtocolMsgType.RequestBlock), It.IsAny <Action <Message> >()))
.Callback <Message, Action <Message> >((m, a) =>
{
if (m != null)
{
req = BlockRequest.Parser.ParseFrom(m.Payload);
}
});
var annoucement = new Announce {
Height = 10, Id = ByteString.CopyFromUtf8("FakeHash")
};
p.StashAnnouncement(annoucement);
// trigger sync
var movedToNext = p.SyncNextAnnouncement();
Assert.NotNull(req?.Id);
// Should effectively request the block
Assert.True(movedToNext);
Assert.Equal(req.Height, 10);
Assert.Equal(req.Id.ToStringUtf8(), "FakeHash");
Assert.Equal(p.SyncedAnnouncement, annoucement);
Assert.False(p.AnyStashed);
Assert.Equal(p.SyncTarget, 0);
Assert.Equal(p.CurrentlyRequestedHeight, 0);
}
