/// <summary>
/// Todo :Need to be enhanced to return the correct public key but not used for now
/// </summary>
/// <param name="pem"></param>
/// <param name="key"></param>
/// <returns></returns>
public static Ed25519PublicKeyParameters GetPublicKeyFromPrivateKey(Ed25519PrivateKeyParameters privateKey)
{
// get the public key from the private key
Ed25519PublicKeyParameters publicKey = privateKey.GeneratePublicKey();
return(publicKey);
}
/// <summary>
/// Hashes the Public key with X509
/// </summary>
/// <param name="publicKey"></param>
/// <returns></returns>
public static byte[] EncodePublicKeyX509(Ed25519PublicKeyParameters publicKey)
{
var publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
var serializedPublicBytes = publicKeyInfo.GetEncoded();
return(serializedPublicBytes);
}
public void CanValidateSignature()
{
Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator();
kpg.Init(new Ed25519KeyGenerationParameters(Random));
AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private;
Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public;
var pubKeyBase64 = Convert.ToBase64String(publicKey.GetEncoded());
// create signature for item
byte[] msg = new byte[Random.NextInt() & 255];
Random.NextBytes(msg);
var signer = new Ed25519Signer();
signer.Init(true, privateKey);
signer.BlockUpdate(msg, 0, msg.Length);
byte[] signature = signer.GenerateSignature();
var signatureForAppCast = Convert.ToBase64String(signature);
// verify signature
var checker = new Ed25519Checker(NetSparkleUpdater.Enums.SecurityMode.Strict, pubKeyBase64);
Assert.True(checker.VerifySignature(signatureForAppCast, msg) == NetSparkleUpdater.Enums.ValidationResult.Valid);
}
/// <summary>
/// Gets the IPFS encoded public key for the specified key.
/// </summary>
/// <param name="name">
/// The local name of the key.
/// </param>
/// <param name="cancel">
/// Is used to stop the task. When cancelled, the <see cref="TaskCanceledException" /> is raised.
/// </param>
/// <returns>
/// A task that represents the asynchronous operation. The task's result is
/// the IPFS encoded public key.
/// </returns>
/// <remarks>
/// The IPFS public key is the base-64 encoding of a protobuf encoding containing
/// a type and the DER encoding of the PKCS Subject Public Key Info.
/// </remarks>
/// <seealso href="https://tools.ietf.org/html/rfc5280#section-4.1.2.7" />
public async Task <string> GetPublicKeyAsync(string name, CancellationToken cancel = default)
{
// TODO: Rename to GetIpfsPublicKeyAsync
string result = null;
var ekey = await Store.TryGetAsync(name, cancel).ConfigureAwait(false);
if (ekey != null)
{
UseEncryptedKey(ekey, key =>
{
var kp = GetKeyPairFromPrivateKey(key);
var spki = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public).GetDerEncoded();
// Add protobuf cruft.
var publicKey = new PublicKey
{
Data = spki,
Type = kp.Public switch
{
RsaKeyParameters _ => KeyType.Rsa,
Ed25519PublicKeyParameters _ => KeyType.Ed25519,
ECPublicKeyParameters _ => KeyType.Secp256K1,
_ => throw new NotSupportedException(
$"The key type {kp.Public.GetType().Name} is not supported.")
}
};
using var ms = new MemoryStream();
Serializer.Serialize(ms, publicKey);
result = Convert.ToBase64String(ms.ToArray());
});
/// <summary>
/// Generates the specified force.
/// </summary>
/// <param name="force">if set to <c>true</c> [force].</param>
/// <returns><c>true</c> if XXXX, <c>false</c> otherwise.</returns>
public bool Generate(bool force = false)
{
if (KeysExist() && !force)
{
Console.WriteLine("Keys already exist, use --force to force regeneration");
return(false);
}
// start key generation
Console.WriteLine("Generating key pair...");
var Random = new SecureRandom();
Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator();
kpg.Init(new Ed25519KeyGenerationParameters(Random));
AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private;
Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public;
var privKeyBase64 = Convert.ToBase64String(privateKey.GetEncoded());
var pubKeyBase64 = Convert.ToBase64String(publicKey.GetEncoded());
File.WriteAllText(_privateKeyFilePath, privKeyBase64);
File.WriteAllText(_publicKeyFilePath, pubKeyBase64);
Console.WriteLine("Storing public/private keys to " + _storagePath);
return(true);
}
private void ECDH_GenerateEphemeral(EncryptMessage msg)
{
CBORObject epk = CBORObject.NewMap();
if (_mKey.AsString("kty") == "EC")
{
X9ECParameters p = NistNamedCurves.GetByName(_mKey.AsString("crv"));
ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECKeyPairGenerator pGen = new ECKeyPairGenerator();
ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(parameters, Message.s_PRNG);
pGen.Init(genParam);
AsymmetricCipherKeyPair p1 = pGen.GenerateKeyPair();
epk.Add("kty", "EC");
epk.Add("crv", _mKey.AsString("crv"));
ECPublicKeyParameters priv = (ECPublicKeyParameters)p1.Public;
epk.Add("x", priv.Q.Normalize().XCoord.ToBigInteger().ToByteArrayUnsigned());
epk.Add("y", priv.Q.Normalize().YCoord.ToBigInteger().ToByteArrayUnsigned());
}
else if (_mKey.AsString("kty") == "OKP")
{
switch (_mKey.AsString("crv"))
{
case "X25519":
Ed25519KeyPairGenerator pGen = new Ed25519KeyPairGenerator();
Ed25519KeyGenerationParameters genParam = new Ed25519KeyGenerationParameters(Message.s_PRNG);
pGen.Init(genParam);
AsymmetricCipherKeyPair p1 = pGen.GenerateKeyPair();
Ed25519PublicKeyParameters pub = (Ed25519PublicKeyParameters)p1.Public;
epk.Add("kty", "OKP");
epk.Add("crv", "X25519");
epk.Add("x", pub.GetEncoded());
break;
default:
throw new JoseException("Unknown OPK curve");
}
}
else
{
throw new JoseException("Internal Error");
}
if (msg.FindAttribute(CBORObject.FromObject("epk"), PROTECTED) != null)
{
msg.AddAttribute(CBORObject.FromObject("epk"), epk, PROTECTED);
}
else if (msg.FindAttribute(CBORObject.FromObject("epk"), PROTECTED) != null)
{
msg.AddAttribute(CBORObject.FromObject("epk"), epk, PROTECTED);
}
else
{
AddAttribute("epk", epk, UNPROTECTED);
}
}
public virtual AsymmetricCipherKeyPair GenerateKeyPair()
{
Ed25519PrivateKeyParameters privateKey = new Ed25519PrivateKeyParameters(random);
Ed25519PublicKeyParameters publicKey = privateKey.GeneratePublicKey();
return(new AsymmetricCipherKeyPair(publicKey, privateKey));
}
private void DoTestConsistency(Ed25519.Algorithm algorithm, byte[] context)
{
Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator();
kpg.Init(new Ed25519KeyGenerationParameters(Random));
AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private;
Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public;
byte[] msg = new byte[Random.NextInt() & 255];
Random.NextBytes(msg);
ISigner signer = CreateSigner(algorithm, context);
signer.Init(true, privateKey);
signer.BlockUpdate(msg, 0, msg.Length);
byte[] signature = signer.GenerateSignature();
ISigner verifier = CreateSigner(algorithm, context);
{
verifier.Init(false, publicKey);
verifier.BlockUpdate(msg, 0, msg.Length);
bool shouldVerify = verifier.VerifySignature(signature);
if (!shouldVerify)
{
Fail("Ed25519(" + algorithm + ") signature failed to verify");
}
}
{
byte[] wrongLengthSignature = Arrays.Append(signature, 0x00);
verifier.Init(false, publicKey);
verifier.BlockUpdate(msg, 0, msg.Length);
bool shouldNotVerify = verifier.VerifySignature(wrongLengthSignature);
if (shouldNotVerify)
{
Fail("Ed25519(" + algorithm + ") wrong length signature incorrectly verified");
}
}
{
byte[] badSignature = Arrays.Clone(signature);
badSignature[Random.Next() % badSignature.Length] ^= (byte)(1 << (Random.NextInt() & 7));
verifier.Init(false, publicKey);
verifier.BlockUpdate(msg, 0, msg.Length);
bool shouldNotVerify = verifier.VerifySignature(badSignature);
if (shouldNotVerify)
{
Fail("Ed25519(" + algorithm + ") bad signature incorrectly verified");
}
}
}
/// <summary>
/// Encodes public key to PEM formatted string
/// </summary>
/// <param name="publicKey"></param>
/// <returns></returns>
public static string EncodePublicKey(Ed25519PublicKeyParameters publicKey)
{
// convert it to X509
string base64 = Convert.ToBase64String(EncodePublicKeyX509(publicKey));
base64 = string.Format("-----BEGIN ED25519 PUBLIC KEY-----\n{0}\n-----END ED25519 PUBLIC KEY-----\n", base64);
return(base64);
}
public RawKeyPair(string privateKey)
{
string privateKey32 = privateKey.Length == 128 ? privateKey.Substring(0, 64) : privateKey;
Ed25519PrivateKeyParameters privateKeyParams = new Ed25519PrivateKeyParameters(Hex.Decode(privateKey32), 0);
Ed25519PublicKeyParameters publicKeyParams = privateKeyParams.GeneratePublicKey();
PublicKey = publicKeyParams.GetEncoded();
PrivateKey = privateKeyParams.GetEncoded();
}
public AsymmetricKeyPair Generate()
{
Ed25519PrivateKeyParameters secretKeyParams = new Ed25519PrivateKeyParameters(_secureRandom);
Ed25519PublicKeyParameters publicKeyParams = secretKeyParams.GeneratePublicKey();
byte[] asn1SecretKey = SecretKeyAsn1Header.Concat(secretKeyParams.GetEncoded()).ToArray();
byte[] asn1PublicKey = PublicKeyAsn1Header.Concat(publicKeyParams.GetEncoded()).ToArray();
return(new AsymmetricKeyPair(new SecretKey(asn1SecretKey, KeyAlgorithm.Ed25519), new PublicKey(asn1PublicKey, KeyAlgorithm.Ed25519)));
}
/// <summary>
/// Verify the singature usign the public key and the raw message
/// </summary>
/// <param name="key"></param>
/// <param name="message"></param>
/// <param name="encodedSig"></param>
/// <returns></returns>
public static bool Verify(Ed25519PublicKeyParameters key, byte[] message, string encodedSig)
{
byte[] sig = CryptoUtils.DecodeSignature(encodedSig);
ISigner signer = SignerUtilities.GetSigner(Ed25519_ALGO);
signer.Init(false, key);
signer.BlockUpdate(message, 0, message.Length);
return(signer.VerifySignature(sig));
}
/// <summary>
/// Get the private key object from the raw key
/// </summary>
/// <param name="pem"></param>
/// <returns></returns>
public static Ed25519PublicKeyParameters DecodeEd25519PublicKey(string pem)
{
TextReader textReader = new StringReader(pem);
PemReader pemReader = new PemReader(textReader);
var pemObject = pemReader.ReadPemObject();
var keyParameters = new Ed25519PublicKeyParameters(pemObject.Content, 0);
var publicKey = DecodeEd25519PublicKey(pemObject.Content);
return(publicKey);
}
/// <summary>
/// Perform signature verification against the sender address
/// </summary>
/// <param name="address">Address to verify</param>
/// <returns>bool</returns>
public bool Verify(Address address)
{
if (this.logic == null)
{
return(false);
}
else if (this.sig != null && this.msig != null)
{
return(false);
}
else
{
try
{
Logic.CheckProgram(this.logic, this.args);
}
catch (Exception)
{
return(false);
}
if (this.sig == null && this.msig == null)
{
try
{
return(address.Equals(this.ToAddress()));
}
catch (Exception)
{
return(false);
}
}
if (this.sig != null)
{
try
{
var pk = new Ed25519PublicKeyParameters(address.Bytes, 0);
var signer = new Ed25519Signer();
signer.Init(false, pk); //false代表用于VerifySignature
signer.BlockUpdate(this.BytesToSign(), 0, this.BytesToSign().Length);
return(signer.VerifySignature(this.sig.Bytes));
}
catch (Exception err)
{
Console.WriteLine("Message = " + err.Message);
return(false);
}
}
else
{
return(this.msig.Verify(this.BytesToSign()));
}
}
}
public bool Verify(byte[] msg, byte[] sig, byte[] pubKey)
{
var keyedHash = Blake2b.GetDigest(msg);
var publicKey = new Ed25519PublicKeyParameters(pubKey, 0);
var verifier = new Ed25519Signer();
verifier.Init(false, publicKey);
verifier.BlockUpdate(keyedHash, 0, keyedHash.Length);
return(verifier.VerifySignature(sig));
}
public BaseKeyPair(string privateKey)
{
string privateKey32 = privateKey.Length == 128 ? privateKey.Substring(0, 64) : privateKey;
Ed25519PrivateKeyParameters privateKeyParams = new Ed25519PrivateKeyParameters(Hex.Decode(privateKey32), 0);
Ed25519PublicKeyParameters publicKeyParams = privateKeyParams.GeneratePublicKey();
byte[] publicBinary = publicKeyParams.GetEncoded();
byte[] privateBinary = privateKeyParams.GetEncoded();
PublicKey = Encoding.EncodeCheck(publicBinary, Constants.ApiIdentifiers.ACCOUNT_PUBKEY);
PrivateKey = Hex.ToHexString(privateBinary) + Hex.ToHexString(publicBinary);
}
public bool VerifyStamp(TimestampDao timestamp)
{
var fileHash = timestamp.FileHash.ToUpper().FromBase32();
var signature = timestamp.Signature.ToUpper().FromBase32();
var publicKey = new Ed25519PublicKeyParameters(timestamp.PublicKey.ToUpper().FromBase32(), 0);
var verifier = new Ed25519Signer();
verifier.Init(false, publicKey);
verifier.BlockUpdate(fileHash, 0, fileHash.Length);
return(verifier.VerifySignature(signature));
}
public MultisigSubsig(Ed25519PublicKeyParameters key, Signature sig = null)
{
this.key = JavaHelper <Ed25519PublicKeyParameters> .RequireNotNull(key, "public key cannot be null");
if (sig is null)
{
this.sig = new Signature();
}
else
{
this.sig = sig;
}
}
public static RawKeyPair Generate()
{
Ed25519KeyPairGenerator keyPairGenerator = new Ed25519KeyPairGenerator();
keyPairGenerator.Init(new Ed25519KeyGenerationParameters(new SecureRandom()));
AsymmetricCipherKeyPair asymmetricCipherKeyPair = keyPairGenerator.GenerateKeyPair();
Ed25519PublicKeyParameters publicKeyParams = (Ed25519PublicKeyParameters)asymmetricCipherKeyPair.Public;
Ed25519PrivateKeyParameters privateKeyParams = (Ed25519PrivateKeyParameters)asymmetricCipherKeyPair.Private;
byte[] publicKey = publicKeyParams.GetEncoded();
byte[] privateKey = privateKeyParams.GetEncoded();
return(new RawKeyPair(publicKey, privateKey));
}
internal bool VerifySignature(Ed25519PublicKeyParameters publicKey, byte[] signature)
{
#if PORTABLE
byte[] buf = ToArray();
int count = buf.Length;
#else
byte[] buf = GetBuffer();
int count = (int)Position;
#endif
byte[] pk = publicKey.GetEncoded();
bool result = Ed25519.Verify(signature, 0, pk, 0, buf, 0, count);
Reset();
return(result);
}
// **** Code to be reviewed - it compiles, but he has little if any relationship with the Dart code...
// ****
public String getEncoded()
{
byte[] seedBytes = HexEncDec.StringToByteArray(Seed);
Ed25519KeyPairGenerator wkGen = new Ed25519KeyPairGenerator();
SecureRandom rnd = new SecureRandom(seedBytes);
Ed25519KeyGenerationParameters genPar = new Ed25519KeyGenerationParameters(rnd);
wkGen.Init(genPar);
AsymmetricCipherKeyPair keys = wkGen.GenerateKeyPair();
Ed25519PublicKeyParameters key = (Ed25519PublicKeyParameters)keys.Public;
byte[] output = key.GetEncoded();
return(Convert.ToBase64String(output));
}
public void TestGetPublicKeyFromPrivateKey()
{
try
{
Ed25519PrivateKeyParameters pri = CryptoUtils.DecodeEd25519PrivateKey(privateKey);
Ed25519PublicKeyParameters pub = CryptoUtils.GetPublicKeyFromPrivateKey(pri);
string publicPEM = CryptoUtils.EncodePublicKey(pub);
Assert.AreEqual(publicPEM, publicKey, "Extract public key from private key failed");
}
catch (Exception e)
{
System.Diagnostics.Debug.WriteLine(e.ToString());
throw e;
}
}
public void Init(bool forSigning, ICipherParameters parameters)
{
if (forSigning)
{
privateKey = (Ed25519PrivateKeyParameters)parameters;
publicKey = privateKey.GeneratePublicKey();
}
else
{
publicKey = (Ed25519PublicKeyParameters)parameters;
privateKey = null;
}
Reset();
}
public void TestSignVerify()
{
try
{
Ed25519PrivateKeyParameters pri = CryptoUtils.DecodeEd25519PrivateKey(privateKey);
Ed25519PublicKeyParameters pub = CryptoUtils.GetPublicKeyFromPrivateKey(pri);
String encodedSig = CryptoUtils.Sign(pri, msg);
Assert.IsTrue(CryptoUtils.Verify(pub, msg, encodedSig), "Message Verification failed");
}
catch (Exception e)
{
System.Diagnostics.Debug.WriteLine(e.ToString());
throw e;
}
}
/// <summary>
/// verifyBytes verifies that the signature for the message is valid for the public key.
/// The message should have been prepended with "MX" when signing.
/// </summary>
/// <param name="message">the message that was signed</param>
/// <param name="signature">signature</param>
/// <returns>true if the signature is valid</returns>
public bool VerifyBytes(byte[] message, Signature signature)
{
var pk = new Ed25519PublicKeyParameters(this.Bytes, 0);
// prepend the message prefix
List <byte> prefixBytes = new List <byte>(BYTES_SIGN_PREFIX);
prefixBytes.AddRange(message);
// verify signature
// Generate new signature
var signer = new Ed25519Signer();
signer.Init(false, pk);
signer.BlockUpdate(prefixBytes.ToArray(), 0, prefixBytes.ToArray().Length);
return(signer.VerifySignature(signature.Bytes));
}
public virtual void Init(bool forSigning, ICipherParameters parameters)
{
this.forSigning = forSigning;
if (forSigning)
{
this.privateKey = (Ed25519PrivateKeyParameters)parameters;
this.publicKey = null;
}
else
{
this.privateKey = null;
this.publicKey = (Ed25519PublicKeyParameters)parameters;
}
Reset();
}
public static KeyPair generateEd25519KeyPair()
{
Org.BouncyCastle.Crypto.Generators.Ed25519KeyPairGenerator kpg = new Org.BouncyCastle.Crypto.Generators.Ed25519KeyPairGenerator();
kpg.Init(new Ed25519KeyGenerationParameters(secureRandom));
Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
KeyPair nkp = new KeyPair();
Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private;
Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public;
nkp.publicKey = new PublicKey(publicKey.GetEncoded());
nkp.privateKey = new PrivateKey(privateKey.GetEncoded());
if (nkp.privateKey.isValid())
{
return(nkp);
}
return(generateEd25519KeyPair());
}
public virtual void Init(bool forSigning, ICipherParameters parameters)
{
this.forSigning = forSigning;
if (forSigning)
{
// TODO Allow AsymmetricCipherKeyPair to be a CipherParameters?
this.privateKey = (Ed25519PrivateKeyParameters)parameters;
this.publicKey = privateKey.GeneratePublicKey();
}
else
{
this.privateKey = null;
this.publicKey = (Ed25519PublicKeyParameters)parameters;
}
Reset();
}
private void BasicSigTest()
{
Ed25519PrivateKeyParameters privateKey = new Ed25519PrivateKeyParameters(
Hex.DecodeStrict("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"), 0);
Ed25519PublicKeyParameters publicKey = new Ed25519PublicKeyParameters(
Hex.DecodeStrict("d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"), 0);
byte[] sig = Hex.Decode("e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b");
ISigner signer = new Ed25519Signer();
signer.Init(true, privateKey);
IsTrue(AreEqual(sig, signer.GenerateSignature()));
signer.Init(false, publicKey);
IsTrue(signer.VerifySignature(sig));
}
public MultisigSubsig([JsonProperty("pk")] byte[] key = null, [JsonProperty("s")] byte[] sig = null)
{
if (key != null)
{
this.key = new Ed25519PublicKeyParameters(key, 0);
}
else
{
this.key = new Ed25519PublicKeyParameters(new byte[0], 0);
}
if (sig != null)
{
this.sig = new Signature(sig);
}
else
{
this.sig = new Signature();
}
}
