Example #1
0
        public int ZJ_Hmac_SM3(string key, string secret, string unix_timestamp, string request_body, out string value)
        {
            try
            {
                var    stringToSign = $"{unix_timestamp}\n{ request_body}";
                byte[] msg1         = Encoding.UTF8.GetBytes(stringToSign);
                byte[] key1         = Encoding.UTF8.GetBytes(secret);

                Org.BouncyCastle.Crypto.Parameters.KeyParameter keyParameter = new Org.BouncyCastle.Crypto.Parameters.KeyParameter(key1);
                Org.BouncyCastle.Crypto.Digests.SM3Digest       sm3          = new Org.BouncyCastle.Crypto.Digests.SM3Digest();

                Org.BouncyCastle.Crypto.Macs.HMac mac = new Org.BouncyCastle.Crypto.Macs.HMac(sm3);//带密钥的杂凑算法
                mac.Init(keyParameter);
                mac.BlockUpdate(msg1, 0, msg1.Length);
                byte[] result = new byte[mac.GetMacSize()];

                mac.DoFinal(result, 0);
                value = new UTF8Encoding().GetString(Org.BouncyCastle.Utilities.Encoders.Hex.Encode(result));
                return(0);
            }
            catch (Exception ex)
            {
                value = ex.Message;
                return(1);
            }
        }
Example #2
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="key"></param>
        /// <param name="data"></param>
        /// <returns></returns>
        public static byte[] HMACSHA256(byte[] key, byte[] data)
        {
            var mac = new Org.BouncyCastle.Crypto.Macs.HMac(new Org.BouncyCastle.Crypto.Digests.Sha256Digest());

            mac.Init(new Org.BouncyCastle.Crypto.Parameters.KeyParameter(key));
            mac.BlockUpdate(data, 0, data.Length);
            byte[] result = new byte[mac.GetMacSize()];
            mac.DoFinal(result, 0);
            return(result);
        }
Example #3
0
        public static byte[] HmacSha512(string text, string key)
        {
            byte[] bytes = System.Text.Encoding.UTF8.GetBytes(text);

            Org.BouncyCastle.Crypto.Macs.HMac hmac = new Org.BouncyCastle.Crypto.Macs.HMac(new Org.BouncyCastle.Crypto.Digests.Sha512Digest());
            hmac.Init(new Org.BouncyCastle.Crypto.Parameters.KeyParameter(System.Text.Encoding.UTF8.GetBytes(key)));

            byte[] result = new byte[hmac.GetMacSize()];
            hmac.BlockUpdate(bytes, 0, bytes.Length);
            hmac.DoFinal(result, 0);

            return(result);
        }
Example #4
0
        // http://crypto.stackexchange.com/questions/5646/what-are-the-differences-between-a-digital-signature-a-mac-and-a-hash

        // Integrity:        Can the recipient be confident that the message has not been accidentally modified?
        // Authentication:   Can the recipient be confident that the message originates from the sender?
        // Non-repudiation:  If the recipient passes the message and the proof to a third party,
        //                   can the third party be confident that the message originated from the sender?

        // Cryptographic primitive | Hash |    MAC    | Digital
        // Security Goal           |      |           | signature
        // ------------------------+------+-----------+-------------
        // Integrity               |  Yes |    Yes    |   Yes
        // Authentication          |  No  |    Yes    |   Yes
        // Non-repudiation         |  No  |    No     |   Yes
        // ------------------------+------+-----------+-------------
        // Kind of keys            | none | symmetric | asymmetric
        //                         |      |    keys   |    keys

        static JsonWebToken()
        {
            JsonSerializer = new DefaultJsonSerializer();
            UnixEpoch      = new System.DateTime(1970, 1, 1, 0, 0, 0, 0, System.DateTimeKind.Utc);


            // https://stackoverflow.com/questions/10055158/is-there-a-json-web-token-jwt-example-in-c
            // https://stackoverflow.com/questions/34403823/verifying-jwt-signed-with-the-rs256-algorithm-using-public-key-in-c-sharp
            // http://codingstill.com/2016/01/verify-jwt-token-signed-with-rs256-using-the-public-key/
            HashAlgorithms = new System.Collections.Generic.Dictionary <JwtHashAlgorithm, GenericHashFunction_t>
            {
                { JwtHashAlgorithm.None, delegate(JwtKey key, byte[] value)
                  { throw new TokenAlgorithmRefusedException(); } },

                { JwtHashAlgorithm.HS256, delegate(JwtKey key, byte[] value)
                  {
                      // using (HMACSHA256 sha = new HMACSHA256(key.MacKeyBytes)) { return sha.ComputeHash(value); }

                      Org.BouncyCastle.Crypto.Macs.HMac hmac =
                          new Org.BouncyCastle.Crypto.Macs.HMac(
                              new Org.BouncyCastle.Crypto.Digests.Sha256Digest()
                              );

                      hmac.Init(new Org.BouncyCastle.Crypto.Parameters.KeyParameter(key.MacKeyBytes));

                      byte[] result = new byte[hmac.GetMacSize()];
                      hmac.BlockUpdate(value, 0, value.Length);
                      hmac.DoFinal(result, 0);

                      return(result);
                  } },

                // { JwtHashAlgorithm.HS384, delegate(byte[] key, byte[]value) { using (HMACSHA384 sha = new HMACSHA384(key)) { return sha.ComputeHash(value); } } },
                { JwtHashAlgorithm.HS384, delegate(JwtKey key, byte[] value)
                  {
                      // using (HMACSHA384 sha = new HMACSHA384(key.MacKeyBytes)) { return sha.ComputeHash(value); }

                      Org.BouncyCastle.Crypto.Macs.HMac hmac =
                          new Org.BouncyCastle.Crypto.Macs.HMac(
                              new Org.BouncyCastle.Crypto.Digests.Sha384Digest()
                              );

                      hmac.Init(new Org.BouncyCastle.Crypto.Parameters.KeyParameter(key.MacKeyBytes));

                      byte[] result = new byte[hmac.GetMacSize()];
                      hmac.BlockUpdate(value, 0, value.Length);
                      hmac.DoFinal(result, 0);

                      return(result);
                  } },

                { JwtHashAlgorithm.HS512, delegate(JwtKey key, byte[] value)
                  {
                      // using (HMACSHA512 sha = new HMACSHA512(key.MacKeyBytes)) { return sha.ComputeHash(value); }

                      Org.BouncyCastle.Crypto.Macs.HMac hmac =
                          new Org.BouncyCastle.Crypto.Macs.HMac(
                              new Org.BouncyCastle.Crypto.Digests.Sha512Digest()
                              );


                      hmac.Init(new Org.BouncyCastle.Crypto.Parameters.KeyParameter(key.MacKeyBytes));

                      byte[] result = new byte[hmac.GetMacSize()];
                      hmac.BlockUpdate(value, 0, value.Length);
                      hmac.DoFinal(result, 0);

                      return(result);
                  } },

                { JwtHashAlgorithm.RS256, delegate(JwtKey key, byte[] value)
                  {
                      Org.BouncyCastle.Crypto.AsymmetricKeyParameter privKey = key.PrivateKey;
                      Org.BouncyCastle.Crypto.ISigner signer =
                          // https://github.com/neoeinstein/bouncycastle/blob/master/crypto/src/security/SignerUtilities.cs
                          Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-256withRSA");
                      signer.Init(true, privKey);
                      signer.BlockUpdate(value, 0, value.Length);
                      return(signer.GenerateSignature());
                  } },

                { JwtHashAlgorithm.RS384, delegate(JwtKey key, byte[] value)
                  {
                      Org.BouncyCastle.Crypto.AsymmetricKeyParameter privKey = key.PrivateKey;
                      Org.BouncyCastle.Crypto.ISigner signer =
                          // https://github.com/neoeinstein/bouncycastle/blob/master/crypto/src/security/SignerUtilities.cs
                          Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-384withRSA");
                      signer.Init(true, privKey);
                      signer.BlockUpdate(value, 0, value.Length);
                      return(signer.GenerateSignature());
                  } },

                {
                    JwtHashAlgorithm.RS512
                    , delegate(JwtKey key, byte[] value)
                    {
                        Org.BouncyCastle.Crypto.AsymmetricKeyParameter privKey = key.PrivateKey;
                        Org.BouncyCastle.Crypto.ISigner signer =
                            // https://github.com/neoeinstein/bouncycastle/blob/master/crypto/src/security/SignerUtilities.cs
                            Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-512withRSA");

                        signer.Init(true, privKey);
                        signer.BlockUpdate(value, 0, value.Length);
                        return(signer.GenerateSignature());
                    }
                },


                // https://github.com/mono/mono/tree/master/mcs/class/referencesource/System.Core/System/Security/Cryptography
                // https://github.com/mono/mono/blob/master/mcs/class/referencesource/System.Core/System/Security/Cryptography/ECDsaCng.cs
                // https://github.com/mono/mono/blob/master/mcs/class/referencesource/System.Core/System/Security/Cryptography/ECDsa.cs
                // ECDsaCng => next generation cryptography
                // Is just a wrapper around ncrypt, plus some constructors throw on mono/netstandard... in short - horrible thing
                { JwtHashAlgorithm.ES256, delegate(JwtKey key, byte[] value) {
                      Org.BouncyCastle.Crypto.AsymmetricKeyParameter privKey = key.PrivateKey;
                      Org.BouncyCastle.Crypto.ISigner signer =
                          // https://github.com/neoeinstein/bouncycastle/blob/master/crypto/src/security/SignerUtilities.cs
                          Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-256withECDSA");

                      signer.Init(true, privKey);
                      signer.BlockUpdate(value, 0, value.Length);
                      return(signer.GenerateSignature());
                  } },

                { JwtHashAlgorithm.ES384, delegate(JwtKey key, byte[] value) {
                      Org.BouncyCastle.Crypto.AsymmetricKeyParameter privKey = key.PrivateKey;
                      Org.BouncyCastle.Crypto.ISigner signer =
                          // https://github.com/neoeinstein/bouncycastle/blob/master/crypto/src/security/SignerUtilities.cs
                          Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-384withECDSA");

                      signer.Init(true, privKey);
                      signer.BlockUpdate(value, 0, value.Length);
                      return(signer.GenerateSignature());
                  } },

                { JwtHashAlgorithm.ES512, delegate(JwtKey key, byte[] value) {
                      Org.BouncyCastle.Crypto.AsymmetricKeyParameter privKey = key.PrivateKey;
                      Org.BouncyCastle.Crypto.ISigner signer =
                          // https://github.com/neoeinstein/bouncycastle/blob/master/crypto/src/security/SignerUtilities.cs
                          Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-512withECDSA");

                      signer.Init(true, privKey);
                      signer.BlockUpdate(value, 0, value.Length);
                      return(signer.GenerateSignature());
                  } },
            };
        } // End Constructor