public override void SetHashAlgorithm(string strName)
{
if (strName == null)
{
throw new ArgumentNullException("strName");
}
var instance = PKCS1.CreateFromName(strName) as SHA1;
if (instance == null)
{
throw new CryptographicUnexpectedOperationException(
Locale.GetText("DSA requires SHA1"));
}
}
/// <summary>Creates the encrypted key exchange data from the specified input data.</summary>
/// <returns>The encrypted key exchange data to be sent to the intended recipient.</returns>
/// <param name="rgbData">The secret information to be passed in the key exchange. </param>
/// <exception cref="T:System.Security.Cryptography.CryptographicUnexpectedOperationException">The key is missing.</exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
/// </PermissionSet>
public override byte[] CreateKeyExchange(byte[] rgbData)
{
if (this.random == null)
{
this.random = RandomNumberGenerator.Create();
}
if (this.rsa == null)
{
string text = Locale.GetText("No RSA key specified");
throw new CryptographicUnexpectedOperationException(text);
}
SHA1 hash = SHA1.Create();
return(PKCS1.Encrypt_OAEP(this.rsa, hash, this.random, rgbData));
}
/// <summary>Verifies that a digital signature is valid by determining the hash value in the signature using the provided public key and comparing it to the provided hash value.</summary>
/// <returns>true if the signature is valid; otherwise, false.</returns>
/// <param name="rgbHash">The hash value of the signed data. </param>
/// <param name="str">The hash algorithm identifier (OID) used to create the hash value of the data. </param>
/// <param name="rgbSignature">The signature data to use for verification. </param>
/// <exception cref="T:System.ArgumentNullException">The <paramref name="rgbHash" /> parameter is null.-or- The <paramref name="rgbSignature" /> parameter is null. </exception>
/// <exception cref="T:System.Security.Cryptography.CryptographicException">The cryptographic service provider (CSP) cannot be acquired.-or- The signature cannot be verified. </exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
/// </PermissionSet>
public bool VerifyHash(byte[] rgbHash, string str, byte[] rgbSignature)
{
if (rgbHash == null)
{
throw new ArgumentNullException("rgbHash");
}
if (rgbSignature == null)
{
throw new ArgumentNullException("rgbSignature");
}
string hashName = (str != null) ? this.GetHashNameFromOID(str) : "SHA1";
HashAlgorithm hash = HashAlgorithm.Create(hashName);
return(PKCS1.Verify_v15(this, hash, rgbHash, rgbSignature));
}
public override byte[] CreateSignature (byte[] rgbHash)
{
if (rsa == null) {
throw new CryptographicUnexpectedOperationException (
Locale.GetText ("No key pair available."));
}
if (hash == null) {
throw new CryptographicUnexpectedOperationException (
Locale.GetText ("Missing hash algorithm."));
}
if (rgbHash == null)
throw new ArgumentNullException ("rgbHash");
return PKCS1.Sign_v15 (rsa, hash, rgbHash);
}
public override byte[] CreateKeyExchange(byte[] rgbData)
{
if (random == null)
{
random = RandomNumberGenerator.Create(); // create default
}
if (rsa == null)
{
string msg = Locale.GetText("No RSA key specified");
throw new CryptographicUnexpectedOperationException(msg);
}
SHA1 sha1 = SHA1.Create();
return(PKCS1.Encrypt_OAEP(rsa, sha1, random, rgbData));
}
/// <summary>Verifies that a digital signature is valid by determining the hash value in the signature using the provided public key and comparing it to the hash value of the provided data.</summary>
/// <returns>true if the signature is valid; otherwise, false.</returns>
/// <param name="buffer">The data that was signed. </param>
/// <param name="halg">The name of the hash algorithm used to create the hash value of the data. </param>
/// <param name="signature">The signature data to use for verification. </param>
/// <exception cref="T:System.ArgumentNullException">The <paramref name="halg" /> parameter is null. </exception>
/// <exception cref="T:System.ArgumentException">The <paramref name="halg" /> parameter is not a valid type. </exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
/// </PermissionSet>
public bool VerifyData(byte[] buffer, object halg, byte[] signature)
{
if (buffer == null)
{
throw new ArgumentNullException("buffer");
}
if (signature == null)
{
throw new ArgumentNullException("signature");
}
HashAlgorithm hash = this.GetHash(halg);
byte[] hashValue = hash.ComputeHash(buffer);
return(PKCS1.Verify_v15(this, hash, hashValue, signature));
}
/// <summary>Extracts secret information from the encrypted key exchange data.</summary>
/// <returns>The secret information derived from the key exchange data.</returns>
/// <param name="rgbData">The key exchange data within which the secret information is hidden. </param>
/// <exception cref="T:System.Security.Cryptography.CryptographicException">The key exchange data verification has failed. </exception>
/// <exception cref="T:System.Security.Cryptography.CryptographicUnexpectedOperationException">The key is missing.</exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
/// </PermissionSet>
public override byte[] DecryptKeyExchange(byte[] rgbData)
{
if (this.rsa == null)
{
string text = Locale.GetText("No RSA key specified");
throw new CryptographicUnexpectedOperationException(text);
}
SHA1 hash = SHA1.Create();
byte[] array = PKCS1.Decrypt_OAEP(this.rsa, hash, rgbData);
if (array != null)
{
return(array);
}
throw new CryptographicException(Locale.GetText("OAEP decoding error."));
}
public override byte[] DecryptKeyExchange(byte[] rgbIn)
{
if (rsa == null)
{
throw new CryptographicUnexpectedOperationException(
Locale.GetText("No key pair available."));
}
byte[] result = PKCS1.Decrypt_v15(rsa, rgbIn);
if (result != null)
{
return(result);
}
throw new CryptographicException(Locale.GetText("PKCS1 decoding error."));
}
public bool VerifyHash(byte[] rgbHash, string str, byte[] rgbSignature)
{
if (rgbHash == null)
{
throw new ArgumentNullException("rgbHash");
}
if (rgbSignature == null)
{
throw new ArgumentNullException("rgbSignature");
}
// Fx 2.0 defaults to the SHA-1
string hashName = (str == null) ? "SHA1" : GetHashNameFromOID(str);
HashAlgorithm hash = HashAlgorithm.Create(hashName);
return(PKCS1.Verify_v15(this, hash, rgbHash, rgbSignature));
}
// NOTE: this method can work with ANY configured (OID in machine.config)
// HashAlgorithm descendant
public bool VerifyData(byte[] buffer, object halg, byte[] signature)
{
#if NET_1_1
if (buffer == null)
{
throw new ArgumentNullException("buffer");
}
#endif
if (signature == null)
{
throw new ArgumentNullException("signature");
}
HashAlgorithm hash = GetHash(halg);
byte[] toBeVerified = hash.ComputeHash(buffer);
return(PKCS1.Verify_v15(this, hash, toBeVerified, signature));
}
public override byte[] DecryptKeyExchange(byte[] rgbData)
{
if (rsa == null)
{
string msg = Locale.GetText("No RSA key specified");
throw new CryptographicUnexpectedOperationException(msg);
}
SHA1 sha1 = SHA1.Create();
byte[] result = PKCS1.Decrypt_OAEP(rsa, sha1, rgbData);
if (result != null)
{
return(result);
}
throw new CryptographicException(Locale.GetText("OAEP decoding error."));
}
public override byte[] CreateKeyExchange(byte[] rgbData)
{
if (rgbData == null)
{
throw new ArgumentNullException("rgbData");
}
if (rsa == null)
{
string msg = Locale.GetText("No RSA key specified");
throw new CryptographicUnexpectedOperationException(msg);
}
if (random == null)
{
random = RandomNumberGenerator.Create(); // create default
}
return(PKCS1.Encrypt_v15(rsa, random, rgbData));
}
// LAMESPEC: str is not the hash name but an OID
// NOTE: this method is LIMITED to SHA1 and MD5 like the MS framework 1.0
// and 1.1 because there's no method to get a hash algorithm from an OID.
// However there's no such limit when using the [De]Formatter class.
public byte[] SignHash(byte[] rgbHash, string str)
{
if (rgbHash == null)
{
throw new ArgumentNullException("rgbHash");
}
#if NET_2_0
// Fx 2.0 defaults to the SHA-1
string hashName = (str == null) ? "SHA1" : GetHashNameFromOID(str);
#else
if (str == null)
{
throw new CryptographicException(Locale.GetText("No OID specified"));
}
string hashName = GetHashNameFromOID(str);
#endif
HashAlgorithm hash = HashAlgorithm.Create(hashName);
return(PKCS1.Sign_v15(this, hash, rgbHash));
}
/// <summary>Verifies the <see cref="T:System.Security.Cryptography.RSA" /> PKCS#1 signature for the specified data.</summary>
/// <returns>true if <paramref name="rgbSignature" /> matches the signature computed using the specified hash algorithm and key on <paramref name="rgbHash" />; otherwise, false.</returns>
/// <param name="rgbHash">The data signed with <paramref name="rgbSignature" />. </param>
/// <param name="rgbSignature">The signature to be verified for <paramref name="rgbHash" />. </param>
/// <exception cref="T:System.Security.Cryptography.CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
/// <exception cref="T:System.ArgumentNullException">The <paramref name="rgbHash" /> parameter is null.-or- The <paramref name="rgbSignature" /> parameter is null. </exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
/// </PermissionSet>
public override bool VerifySignature(byte[] rgbHash, byte[] rgbSignature)
{
if (this.rsa == null)
{
throw new CryptographicUnexpectedOperationException(Locale.GetText("No public key available."));
}
if (this.hashName == null)
{
throw new CryptographicUnexpectedOperationException(Locale.GetText("Missing hash algorithm."));
}
if (rgbHash == null)
{
throw new ArgumentNullException("rgbHash");
}
if (rgbSignature == null)
{
throw new ArgumentNullException("rgbSignature");
}
return(PKCS1.Verify_v15(this.rsa, HashAlgorithm.Create(this.hashName), rgbHash, rgbSignature));
}
/// <summary>Generates and returns a mask from the specified random seed of the specified length.</summary>
/// <returns>A randomly generated mask whose length is equal to the <paramref name="cbReturn" /> parameter.</returns>
/// <param name="rgbSeed">The random seed to use for computing the mask. </param>
/// <param name="cbReturn">The length of the generated mask in bytes. </param>
public override byte[] GenerateMask(byte[] rgbSeed, int cbReturn)
{
HashAlgorithm hash = HashAlgorithm.Create(this.hashName);
return(PKCS1.MGF1(hash, rgbSeed, cbReturn));
}
byte[] SignHash(byte[] rgbHash, int calgHash)
{
return(PKCS1.Sign_v15(this, InternalHashToHashAlgorithm(calgHash), rgbHash));
}
bool VerifyHash(byte[] rgbHash, int calgHash, byte[] rgbSignature)
{
return(PKCS1.Verify_v15(this, InternalHashToHashAlgorithm(calgHash), rgbHash, rgbSignature));
}
// This method is not compatible with the one provided by MS in
// framework 1.0 and 1.1 but IS compliant with PKCS#1 v.2.1 and
// work for implementing OAEP
public override byte[] GenerateMask(byte[] mgfSeed, int maskLen)
{
HashAlgorithm hash = HashAlgorithm.Create(hashName);
return(PKCS1.MGF1(hash, mgfSeed, maskLen));
}