static internal ECDomainParameters DecodeCurveParameters(AlgorithmIdentifier algId)
{
if (!algId.Algorithm.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
throw new ArgumentException("Unknown algorithm type: " + algId.Algorithm);
}
X962Parameters parameters = X962Parameters.GetInstance(algId.Parameters);
X9ECParameters x9;
if (parameters.IsNamedCurve)
{
DerObjectIdentifier oid = (DerObjectIdentifier)parameters.Parameters;
x9 = CustomNamedCurves.GetByOid(oid);
if (x9 == null)
{
x9 = ECNamedCurveTable.GetByOid(oid);
}
return(new NamedECDomainParameters(oid, x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()));
}
else if (!parameters.IsImplicitlyCA)
{
x9 = X9ECParameters.GetInstance(parameters.Parameters);
return(new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()));
}
else
{
return(null);
//return new ECImplicitDomainParameters(CryptoServicesRegistrar.<ECDomainParameters>getProperty(CryptoServicesRegistrar.Property.EC_IMPLICITLY_CA));
}
}
public static ICipherParameters ConvertPubkeyBytesToCipherParams(byte[] pubKeyBytes)
{
X9ECParameters ecCurve = ECNamedCurveTable.GetByOid(ECCurveAlgo);
ECPoint point = ecCurve.Curve.DecodePoint(pubKeyBytes);
return(new ECPublicKeyParameters(KeyExchangeAlgorithm, point, ECCurveAlgo));
}
internal static X9ECParameters FindECCurveByOid(DerObjectIdentifier oid)
{
X9ECParameters byOid = CustomNamedCurves.GetByOid(oid);
if (byOid == null)
{
byOid = ECNamedCurveTable.GetByOid(oid);
}
return(byOid);
}
internal static X9ECParameters FindECCurveByOid(DerObjectIdentifier oid)
{
// TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
X9ECParameters ecP = CustomNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = ECNamedCurveTable.GetByOid(oid);
}
return(ecP);
}
protected override AsymmetricCipherKeyPair GenerateNewECDHKey()
{
X9ECParameters x9EC = ECNamedCurveTable.GetByOid(TeleTrusTObjectIdentifiers.BrainpoolP256R1);
ECDomainParameters ecDomain = new ECDomainParameters(x9EC.Curve, x9EC.G, x9EC.N, x9EC.H, x9EC.GetSeed());
return(new AsymmetricCipherKeyPair(
new ECPublicKeyParameters(x9EC.Curve.CreatePoint(
new BigInteger(1, HexStringToByteArray(EphemeralPublicKeyX)),
new BigInteger(1, HexStringToByteArray(EphemeralPublicKeyY))
), ecDomain),
new ECPrivateKeyParameters(new BigInteger(1, HexStringToByteArray(EccPrivateKey)), ecDomain)));
}
/**
* Retrieve an EC based domain parameter by OID. A custom curve will be returned if one is available.
*
* @param paramOid object identifier for the domain parameters.
* @return the matching domain parameters if found, null otherwise.
*/
public static NamedECDomainParameters LookupDomainParameters(DerObjectIdentifier paramOid)
{
X9ECParameters rv = CustomNamedCurves.GetByOid(paramOid);
if (rv == null)
{
rv = ECNamedCurveTable.GetByOid(paramOid);
}
if (rv != null)
{
return(new NamedECDomainParameters(paramOid, rv.Curve, rv.G, rv.N, rv.H, rv.GetSeed()));
}
return(null);
}
private void WriteEcPublicKey(ReadOnlySpan <byte> publicKey)
{
var ecps = CustomNamedCurves.GetByOid(X9ObjectIdentifiers.Prime256v1) ??
ECNamedCurveTable.GetByOid(X9ObjectIdentifiers.Prime256v1);
byte[] encoded = new byte[publicKey.Length + 1];
encoded[0] = 0x04;
publicKey.CopyTo(new Span <byte>(encoded, 1, publicKey.Length));
var ecdp = new ECDomainParameters(ecps.Curve, ecps.G, ecps.N, ecps.H, ecps.GetSeed());
var basePoint =
TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(null, ecdp, encoded));
var subinfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(basePoint);
var publicKeyObject = PublicKeyFactory.CreateKey(subinfo);
using (var fout = new StreamWriter(File.Open(PublicKey, FileMode.Create))) {
var writer = new PemWriter(fout);
writer.WriteObject(publicKeyObject);
}
}
private void Init(IKeyFingerPrintCalculator fingerPrintCalculator)
{
IBcpgKey key = publicPk.Key;
this.fingerprint = fingerPrintCalculator.CalculateFingerprint(publicPk);
if (publicPk.Version <= 3)
{
RsaPublicBcpgKey rK = (RsaPublicBcpgKey)key;
this.keyId = rK.Modulus.LongValue;
this.keyStrength = rK.Modulus.BitLength;
}
else
{
this.keyId = ((long)(fingerprint[fingerprint.Length - 8] & 0xff) << 56)
| ((long)(fingerprint[fingerprint.Length - 7] & 0xff) << 48)
| ((long)(fingerprint[fingerprint.Length - 6] & 0xff) << 40)
| ((long)(fingerprint[fingerprint.Length - 5] & 0xff) << 32)
| ((long)(fingerprint[fingerprint.Length - 4] & 0xff) << 24)
| ((long)(fingerprint[fingerprint.Length - 3] & 0xff) << 16)
| ((long)(fingerprint[fingerprint.Length - 2] & 0xff) << 8)
| ((fingerprint[fingerprint.Length - 1] & 0xff));
if (key is RsaPublicBcpgKey)
{
this.keyStrength = ((RsaPublicBcpgKey)key).Modulus.BitLength;
}
else if (key is DsaPublicBcpgKey)
{
this.keyStrength = ((DsaPublicBcpgKey)key).P.BitLength;
}
else if (key is ElGamalPublicBcpgKey)
{
this.keyStrength = ((ElGamalPublicBcpgKey)key).P.BitLength;
}
else if (key is ECPublicBcpgKey)
{
this.keyStrength = ECNamedCurveTable.GetByOid(((ECPublicBcpgKey)key).CurveOid).Curve.FieldSize;
}
}
}
private void Init()
{
IBcpgKey key = publicPk.Key;
if (publicPk.Version <= 3)
{
RsaPublicBcpgKey rK = (RsaPublicBcpgKey)key;
this.keyId = rK.Modulus.LongValue;
try
{
IDigest digest = DigestUtilities.GetDigest("MD5");
byte[] bytes = rK.Modulus.ToByteArrayUnsigned();
digest.BlockUpdate(bytes, 0, bytes.Length);
bytes = rK.PublicExponent.ToByteArrayUnsigned();
digest.BlockUpdate(bytes, 0, bytes.Length);
this.fingerprint = DigestUtilities.DoFinal(digest);
}
//catch (NoSuchAlgorithmException)
catch (Exception e)
{
throw new IOException("can't find MD5", e);
}
this.keyStrength = rK.Modulus.BitLength;
}
else
{
byte[] kBytes = publicPk.GetEncodedContents();
try
{
IDigest digest = DigestUtilities.GetDigest("SHA1");
digest.Update(0x99);
digest.Update((byte)(kBytes.Length >> 8));
digest.Update((byte)kBytes.Length);
digest.BlockUpdate(kBytes, 0, kBytes.Length);
this.fingerprint = DigestUtilities.DoFinal(digest);
}
catch (Exception e)
{
throw new IOException("can't find SHA1", e);
}
this.keyId = (long)(((ulong)fingerprint[fingerprint.Length - 8] << 56)
| ((ulong)fingerprint[fingerprint.Length - 7] << 48)
| ((ulong)fingerprint[fingerprint.Length - 6] << 40)
| ((ulong)fingerprint[fingerprint.Length - 5] << 32)
| ((ulong)fingerprint[fingerprint.Length - 4] << 24)
| ((ulong)fingerprint[fingerprint.Length - 3] << 16)
| ((ulong)fingerprint[fingerprint.Length - 2] << 8)
| (ulong)fingerprint[fingerprint.Length - 1]);
if (key is RsaPublicBcpgKey)
{
this.keyStrength = ((RsaPublicBcpgKey)key).Modulus.BitLength;
}
else if (key is DsaPublicBcpgKey)
{
this.keyStrength = ((DsaPublicBcpgKey)key).P.BitLength;
}
else if (key is ElGamalPublicBcpgKey)
{
this.keyStrength = ((ElGamalPublicBcpgKey)key).P.BitLength;
}
else if (key is ECPublicBcpgKey)
{
this.keyStrength = ECNamedCurveTable.GetByOid(((ECPublicBcpgKey)key).CurveOid).Curve.FieldSize;
}
}
}
public static AsymmetricKeyParameter CreateKey(
PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.PrivateKeyAlgorithm;
DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPrivateKeyStructure keyStructure = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
return(new RsaPrivateCrtKeyParameters(
keyStructure.Modulus,
keyStructure.PublicExponent,
keyStructure.PrivateExponent,
keyStructure.Prime1,
keyStructure.Prime2,
keyStructure.Exponent1,
keyStructure.Exponent2,
keyStructure.Coefficient));
}
// TODO?
// else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
DHParameter para = new DHParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
BigInteger lVal = para.L;
int l = lVal == null ? 0 : lVal.IntValue;
DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
return(new DHPrivateKeyParameters(derX.Value, dhParams, algOid));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
return(new ElGamalPrivateKeyParameters(
derX.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa))
{
DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPrivateKeyParameters(derX.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = X962Parameters.GetInstance(algID.Parameters.ToAsn1Object());
X9ECParameters x9;
if (para.IsNamedCurve)
{
x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
}
else
{
x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
}
ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
BigInteger d = ec.GetKey();
if (para.IsNamedCurve)
{
return(new ECPrivateKeyParameters("EC", d, (DerObjectIdentifier)para.Parameters));
}
ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
return(new ECPrivateKeyParameters(d, dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(
algID.Parameters.ToAsn1Object());
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key");
}
Asn1Object privKey = keyInfo.ParsePrivateKey();
ECPrivateKeyStructure ec;
if (privKey is DerInteger)
{
ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).PositiveValue);
}
else
{
ec = ECPrivateKeyStructure.GetInstance(privKey);
}
return(new ECPrivateKeyParameters("ECGOST3410", ec.GetKey(), gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters);
Asn1Object privKey = keyInfo.ParsePrivateKey();
BigInteger x;
if (privKey is DerInteger)
{
x = DerInteger.GetInstance(privKey).PositiveValue;
}
else
{
x = new BigInteger(1, Arrays.Reverse(Asn1OctetString.GetInstance(privKey).GetOctets()));
}
return(new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X25519))
{
return(new X25519PrivateKeyParameters(GetRawKey(keyInfo, X25519PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X448))
{
return(new X448PrivateKeyParameters(GetRawKey(keyInfo, X448PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519))
{
return(new Ed25519PrivateKeyParameters(GetRawKey(keyInfo, Ed25519PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448))
{
return(new Ed448PrivateKeyParameters(GetRawKey(keyInfo, Ed448PrivateKeyParameters.KeySize), 0));
}
else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512) ||
algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters);
ECGost3410Parameters ecSpec = null;
BigInteger d = null;
Asn1Object p = keyInfo.PrivateKeyAlgorithm.Parameters.ToAsn1Object();
if (p is Asn1Sequence && (Asn1Sequence.GetInstance(p).Count == 2 || Asn1Sequence.GetInstance(p).Count == 3))
{
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
ecSpec = new ECGost3410Parameters(
new ECNamedDomainParameters(
gostParams.PublicKeyParamSet, ecP),
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
Asn1OctetString privEnc = keyInfo.PrivateKeyData;
if (privEnc.GetOctets().Length == 32 || privEnc.GetOctets().Length == 64)
{
byte[] dVal = Arrays.Reverse(privEnc.GetOctets());
d = new BigInteger(1, dVal);
}
else
{
Asn1Encodable privKey = keyInfo.ParsePrivateKey();
if (privKey is DerInteger)
{
d = DerInteger.GetInstance(privKey).PositiveValue;
}
else
{
byte[] dVal = Arrays.Reverse(Asn1OctetString.GetInstance(privKey).GetOctets());
d = new BigInteger(1, dVal);
}
}
}
else
{
X962Parameters parameters = X962Parameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters);
if (parameters.IsNamedCurve)
{
DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(parameters.Parameters);
X9ECParameters ecP = ECNamedCurveTable.GetByOid(oid);
if (ecP == null)
{
ECDomainParameters gParam = ECGost3410NamedCurves.GetByOid(oid);
ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters(
oid,
gParam.Curve,
gParam.G,
gParam.N,
gParam.H,
gParam.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
else
{
ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters(
oid,
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed()), gostParams.PublicKeyParamSet, gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
}
else if (parameters.IsImplicitlyCA)
{
ecSpec = null;
}
else
{
X9ECParameters ecP = X9ECParameters.GetInstance(parameters.Parameters);
ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters(
algOid,
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed()),
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
}
Asn1Encodable privKey = keyInfo.ParsePrivateKey();
if (privKey is DerInteger)
{
DerInteger derD = DerInteger.GetInstance(privKey);
d = derD.Value;
}
else
{
ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(privKey);
d = ec.GetKey();
}
}
return(new ECPrivateKeyParameters(
d,
new ECGost3410Parameters(
ecSpec,
gostParams.PublicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet)));
}
else
{
throw new SecurityUtilityException("algorithm identifier in private key not recognised");
}
}
private static ECPoint RestorePublicFromPrivateKey(BigInteger privateKey)
{
var curve = ECNamedCurveTable.GetByOid(X9ObjectIdentifiers.Prime256v1);
return(curve.G.Multiply(privateKey).Normalize());
}
// Based on RFCs 5480 and 5915, a named curve is used whenever possible.
public IEcKey GetPublicKey(byte[] q, string curve)
{
ECPublicKeyParameters ecPublicKeyParameter;
if (curve == "curve25519")
{
ecPublicKeyParameter = GetNonStandardCurve(q, curve);
}
else
{
DerObjectIdentifier curveOid = ECNamedCurveTable.GetOid(curve) ?? CustomNamedCurves.GetOid(curve);
X9ECParameters curveParameters = CustomNamedCurves.GetByOid(curveOid) ?? ECNamedCurveTable.GetByOid(curveOid);
ECPoint qPoint = curveParameters.Curve.DecodePoint(q);
ecPublicKeyParameter = new ECPublicKeyParameters("EC", qPoint, curveOid);
}
byte[] publicKeyContent = GetPublicKey(ecPublicKeyParameter);
int keyLength = GetKeyLength(ecPublicKeyParameter);
string curveName = curveNameMapper.MapCurveToName(ecPublicKeyParameter.Parameters.Curve);
return(new EcKey(publicKeyContent, AsymmetricKeyType.Public, keyLength, curveName));
}
