public bool VerifySignature() { var versig = I2PSignature.SupportedSignatureType(PublicSigningKey.Certificate.SignatureType); if (!versig) { DebugUtils.LogDebug("I2PLeaseSet: VerifySignature false. Not supported: " + PublicSigningKey.Certificate.SignatureType.ToString()); return(false); } var signfields = new List <BufLen>(); signfields.Add(new BufLen(Destination.ToByteArray())); signfields.Add(PublicKey.Key); signfields.Add(PublicSigningKey.Key); signfields.Add((BufLen)(byte)Leases.Count); lock ( Leases ) { foreach (var lease in Leases) { signfields.Add(new BufLen(lease.ToByteArray())); } } versig = I2PSignature.DoVerify(PublicSigningKey, Signature, signfields.ToArray()); if (!versig) { DebugUtils.LogDebug("I2PLeaseSet: I2PSignature.DoVerify failed: " + PublicSigningKey.Certificate.SignatureType.ToString()); return(false); } return(true); }
public void Write(List <byte> dest) { Destination.Write(dest); Info.PublicKey.Write(dest); Info.PublicSigningKey.Write(dest); var cnt = (byte)Leases.Count; if (cnt > 16) { throw new OverflowException("Max 16 leases per I2PLeaseSet"); } var signfields = new List <BufLen>(); signfields.Add(new BufLen(Destination.ToByteArray())); signfields.Add(Info.PublicKey.Key); signfields.Add(Info.PublicSigningKey.Key); signfields.Add((BufLen)cnt); lock ( Leases ) { dest.Add((byte)Leases.Count); foreach (var lease in Leases) { var buf = lease.ToByteArray(); dest.AddRange(buf); signfields.Add(new BufLen(buf)); } } dest.AddRange(I2PSignature.DoSign(Info.PrivateSigningKey, signfields.ToArray())); }
public static bool DoVerifyEcDsa( IEnumerable <BufLen> bufs, I2PSigningPublicKey key, I2PSignature signed, IDigest digest, X9ECParameters ecparam) { if (!SupportedSignatureType(signed.Certificate.SignatureType)) { throw new NotImplementedException(); } foreach (var buf in bufs) { digest.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length); } var hash = new byte[digest.GetDigestSize()]; digest.DoFinal(hash, 0); var param = new ECDomainParameters(ecparam.Curve, ecparam.G, ecparam.N, ecparam.H); var pk = new ECPublicKeyParameters(ecparam.Curve.DecodePoint(key.ToByteArray()), param); var dsa = new Org.BouncyCastle.Crypto.Signers.DsaSigner(); var sigsize = signed.Certificate.SignatureLength; var r = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset, sigsize / 2); var s = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + sigsize / 2, sigsize / 2); dsa.Init(false, pk); var result = dsa.VerifySignature(hash, r, s); DebugUtils.LogDebug("DoVerifyEcDsa: " + result.ToString() + ": " + digest.ToString()); return(result); }
public static bool DoVerify(I2PSigningPublicKey key, I2PSignature signed, params BufLen[] bufs) { //DebugUtils.LogDebug( "DoVerify: " + key.Certificate.SignatureType.ToString() ); switch (key.Certificate.SignatureType) { case I2PSigningKey.SigningKeyTypes.DSA_SHA1: return(DoVerifyDsaSha1(bufs, key, signed)); case I2PSigningKey.SigningKeyTypes.ECDSA_SHA256_P256: return(DoVerifyEcDsa(bufs, key, signed, new Sha256Digest(), NistNamedCurves.GetByName("P-256"))); case I2PSigningKey.SigningKeyTypes.ECDSA_SHA384_P384: return(DoVerifyEcDsa(bufs, key, signed, new Sha384Digest(), NistNamedCurves.GetByName("P-384"))); case I2PSigningKey.SigningKeyTypes.ECDSA_SHA512_P521: return(DoVerifyEcDsa(bufs, key, signed, new Sha512Digest(), NistNamedCurves.GetByName("P-521"))); case I2PSigningKey.SigningKeyTypes.EdDSA_SHA512_Ed25519: return(DoVerifyEdDSASHA512Ed25519(bufs, key, signed)); default: throw new NotImplementedException(); } }
public I2PRouterInfo(BufRef reader, bool verifysig) { var startview = new BufRef(reader); Identity = new I2PRouterIdentity(reader); PublishedDate = new I2PDate(reader); int addrcount = reader.Read8(); var addresses = new List <I2PRouterAddress>(); for (int i = 0; i < addrcount; ++i) { addresses.Add(new I2PRouterAddress(reader)); } Adresses = addresses.ToArray(); reader.Seek(reader.Read8() * 32); // peer_size. Unused. Options = new I2PMapping(reader); var payloadend = new BufRef(reader); Data = new BufLen(startview, 0, reader - startview); Signature = new I2PSignature(reader, Identity.Certificate); if (verifysig) { var versig = VerifySignature(); if (!versig) { throw new InvalidOperationException("I2PRouterInfo signature check failed"); } } }
public I2PRouterInfo( I2PRouterIdentity identity, I2PDate publisheddate, I2PRouterAddress[] adresses, I2PMapping options, I2PSigningPrivateKey privskey) { Identity = identity; PublishedDate = publisheddate; Adresses = adresses; Options = options; var dest = new List <byte>(); Identity.Write(dest); PublishedDate.Write(dest); dest.Add((byte)Adresses.Length); foreach (var addr in Adresses) { addr.Write(dest); } dest.Add(0); // Always zero Options.Write(dest); Data = new BufLen(dest.ToArray()); Signature = new I2PSignature(new BufRefLen(I2PSignature.DoSign(privskey, Data)), privskey.Certificate); }
public I2PSessionConfig(BufRef reader) { var start = new BufRefLen(reader); Destination = new I2PDestination(reader); Options = new I2PMapping(reader); Date = new I2PDate(reader); SignedBuf = new BufLen(start, 0, reader - start); Signature = new I2PSignature(reader, Destination.Certificate); }
public void Write(BufRefStream dest) { var dest2 = new BufRefStream(); Destination.Write(dest2); Map.Write(dest2); Date.Write(dest2); var dest2data = dest2.ToArray(); var sig = new I2PSignature(new BufRefLen(I2PSignature.DoSign(PrivateSigningKey, new BufLen(dest2data))), PrivateSigningKey.Certificate); dest.Write(dest2data); sig.Write(dest); }
public I2PSessionConfig( I2PDestination dest, I2PMapping map, I2PDate date, I2PSignature sign, I2PSigningPrivateKey privsignkey) { Destination = dest; Options = map != null ? map : new I2PMapping(); Date = date != null ? date : new I2PDate(DateTime.Now); Signature = sign; PrivateSigningKey = privsignkey; }
public I2PLeaseSet(BufRef reader) { Destination = new I2PDestination(reader); PublicKey = new I2PPublicKey(reader, I2PKeyType.DefaultAsymetricKeyCert); PublicSigningKey = new I2PSigningPublicKey(reader, Destination.Certificate); var leases = new List <I2PLease>(); int leasecount = reader.Read8(); for (int i = 0; i < leasecount; ++i) { leases.Add(new I2PLease(reader)); } Leases = leases; Signature = new I2PSignature(reader, Destination.Certificate); }
public bool VerifySignature() { var versig = I2PSignature.SupportedSignatureType(Identity.Certificate.SignatureType); if (!versig) { DebugUtils.LogDebug("RouterInfo: VerifySignature false. Not supported: " + Identity.Certificate.SignatureType.ToString()); return(false); } versig = I2PSignature.DoVerify(Identity.SigningPublicKey, Signature, Data); if (!versig) { DebugUtils.LogDebug("RouterInfo: I2PSignature.DoVerify failed: " + Identity.Certificate.SignatureType.ToString()); return(false); } return(true); }
public static bool DoVerifyEcDsaSha256P256_old(IEnumerable <BufLen> bufs, I2PSigningPublicKey key, I2PSignature signed) { if (!SupportedSignatureType(signed.Certificate.SignatureType)) { throw new NotImplementedException(); } var sha = new Sha256Digest(); foreach (var buf in bufs) { sha.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length); } var hash = new byte[sha.GetDigestSize()]; sha.DoFinal(hash, 0); var p = Org.BouncyCastle.Asn1.Nist.NistNamedCurves.GetByName("P-256"); var param = new ECDomainParameters(p.Curve, p.G, p.N, p.H); var pk = new ECPublicKeyParameters(p.Curve.DecodePoint(key.ToByteArray()), param); var dsa = new Org.BouncyCastle.Crypto.Signers.DsaSigner(); var sigsize = signed.Certificate.SignatureLength; var r = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + 0, sigsize / 2); var s = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + sigsize / 2, sigsize / 2); dsa.Init(false, pk); var result = dsa.VerifySignature(hash, r, s); DebugUtils.LogDebug("DoVerifyEcDsaSha256P256: " + result.ToString()); return(result); }
public static bool DoVerifyDsaSha1(IEnumerable <BufLen> bufs, I2PSigningPublicKey key, I2PSignature signed) { if (!SupportedSignatureType(signed.Certificate.SignatureType)) { throw new NotImplementedException(); } var sha = new Sha1Digest(); foreach (var buf in bufs) { sha.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length); } var hash = new byte[sha.GetDigestSize()]; sha.DoFinal(hash, 0); var dsa = new Org.BouncyCastle.Crypto.Signers.DsaSigner(); var sigsize = signed.Certificate.SignatureLength; var r = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + 0, sigsize / 2); var s = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + sigsize / 2, sigsize / 2); var dsaparams = new DsaPublicKeyParameters( key.ToBigInteger(), new DsaParameters( I2PConstants.DsaP, I2PConstants.DsaQ, I2PConstants.DsaG)); dsa.Init(false, dsaparams); return(dsa.VerifySignature(hash, r, s)); }
public static bool DoVerifyEdDSASHA512Ed25519(IEnumerable <BufLen> bufs, I2PSigningPublicKey key, I2PSignature signed) { return(Chaos.NaCl.Ed25519.Verify(signed.Sig.ToByteArray(), bufs.SelectMany(b => b.ToByteArray()).ToArray(), key.ToByteArray())); }