/// <summary> /// Create a Subject Public Key Info object for a given public key. /// </summary> /// <param name="key">One of ElGammalPublicKeyParameters, DSAPublicKeyParameter, DHPublicKeyParameters, RsaKeyParameters or ECPublicKeyParameters</param> /// <returns>A subject public key info object.</returns> /// <exception cref="Exception">Throw exception if object provided is not one of the above.</exception> public static SubjectPublicKeyInfo CreateSubjectPublicKeyInfo( AsymmetricKeyParameter key) { if (key == null) { throw new ArgumentNullException("key"); } if (key.IsPrivate) { throw new ArgumentException("Private key passed - public key expected.", "key"); } if (key is ElGamalPublicKeyParameters) { ElGamalPublicKeyParameters _key = (ElGamalPublicKeyParameters)key; ElGamalParameters kp = _key.Parameters; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier( OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(kp.P, kp.G).ToAsn1Object()), new DerInteger(_key.Y)); return(info); } if (key is DsaPublicKeyParameters) { DsaPublicKeyParameters _key = (DsaPublicKeyParameters)key; DsaParameters kp = _key.Parameters; Asn1Encodable ae = kp == null ? null : new DsaParameter(kp.P, kp.Q, kp.G).ToAsn1Object(); return(new SubjectPublicKeyInfo( new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, ae), new DerInteger(_key.Y))); } if (key is DHPublicKeyParameters) { DHPublicKeyParameters _key = (DHPublicKeyParameters)key; DHParameters kp = _key.Parameters; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier( X9ObjectIdentifiers.DHPublicNumber, new DHParameter(kp.P, kp.G, kp.L).ToAsn1Object()), new DerInteger(_key.Y)); return(info); } // End of DH if (key is RsaKeyParameters) { RsaKeyParameters _key = (RsaKeyParameters)key; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance), new RsaPublicKeyStructure(_key.Modulus, _key.Exponent).ToAsn1Object()); return(info); } // End of RSA. if (key is ECPublicKeyParameters) { ECPublicKeyParameters _key = (ECPublicKeyParameters)key; if (_key.AlgorithmName == "ECGOST3410") { if (_key.PublicKeyParamSet == null) { throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } ECPoint q = _key.Q; BigInteger bX = q.X.ToBigInteger(); BigInteger bY = q.Y.ToBigInteger(); byte[] encKey = new byte[64]; ExtractBytes(encKey, 0, bX); ExtractBytes(encKey, 32, bY); Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); AlgorithmIdentifier algID = new AlgorithmIdentifier( CryptoProObjectIdentifiers.GostR3410x2001, gostParams.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, new DerOctetString(encKey))); } else { ECDomainParameters kp = _key.Parameters; X9ECParameters ecP = new X9ECParameters(kp.Curve, kp.G, kp.N, kp.H, kp.GetSeed()); X962Parameters x962 = new X962Parameters(ecP); Asn1OctetString p = (Asn1OctetString)(new X9ECPoint(_key.Q).ToAsn1Object()); AlgorithmIdentifier algID = new AlgorithmIdentifier( X9ObjectIdentifiers.IdECPublicKey, x962.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, p.GetOctets())); } } // End of EC if (key is Gost3410PublicKeyParameters) { Gost3410PublicKeyParameters _key = (Gost3410PublicKeyParameters)key; if (_key.PublicKeyParamSet == null) { throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } byte[] keyEnc = _key.Y.ToByteArrayUnsigned(); byte[] keyBytes = new byte[keyEnc.Length]; for (int i = 0; i != keyBytes.Length; i++) { keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian } Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters( _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); AlgorithmIdentifier algID = new AlgorithmIdentifier( CryptoProObjectIdentifiers.GostR3410x94, algParams.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, new DerOctetString(keyBytes))); } throw new ArgumentException("Class provided no convertible: " + key.GetType().FullName); }
private void DoTestGp( int size, int privateValueSize, IBigInteger g, IBigInteger p) { IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("ElGamal"); // DHParameterSpec elParams = new DHParameterSpec(p, g); // keyGen.initialize(elParams); ElGamalParameters elParams = new ElGamalParameters(p, g, privateValueSize); ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters( new SecureRandom(), elParams); keyGen.Init(elKgp); IAsymmetricCipherKeyPair keyPair = keyGen.GenerateKeyPair(); SecureRandom rand = new SecureRandom(); checkKeySize(privateValueSize, keyPair); IBufferedCipher cipher = CipherUtilities.GetCipher("ElGamal"); cipher.Init(true, new ParametersWithRandom(keyPair.Public, rand)); byte[] inBytes = Encoding.ASCII.GetBytes("This is a test"); if (cipher.GetOutputSize(inBytes.Length) != (size / 8) * 2) { Fail("getOutputSize wrong on encryption"); } byte[] outBytes = cipher.DoFinal(inBytes); cipher.Init(false, keyPair.Private); if (cipher.GetOutputSize(outBytes.Length) != (size / 8) - 1) { Fail("GetOutputSize wrong on decryption"); } // // No Padding - maximum length // byte[] modBytes = ((ElGamalPublicKeyParameters)keyPair.Public).Parameters.P.ToByteArray(); byte[] maxInput = new byte[modBytes.Length - 1]; maxInput[0] |= 0x7f; cipher.Init(true, new ParametersWithRandom(keyPair.Public, rand)); outBytes = cipher.DoFinal(maxInput); cipher.Init(false, keyPair.Private); outBytes = cipher.DoFinal(outBytes); if (!AreEqual(outBytes, maxInput)) { Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(maxInput) + " got " + Hex.ToHexString(outBytes)); } // // encrypt/decrypt // IBufferedCipher c1 = CipherUtilities.GetCipher("ElGamal"); IBufferedCipher c2 = CipherUtilities.GetCipher("ElGamal"); c1.Init(true, new ParametersWithRandom(keyPair.Public, rand)); byte[] out1 = c1.DoFinal(inBytes); c2.Init(false, keyPair.Private); byte[] out2 = c2.DoFinal(out1); if (!AreEqual(inBytes, out2)) { Fail(size + " encrypt test failed"); } // // encrypt/decrypt with update // int outLen = c1.ProcessBytes(inBytes, 0, 2, out1, 0); outLen += c1.DoFinal(inBytes, 2, inBytes.Length - 2, out1, outLen); outLen = c2.ProcessBytes(out1, 0, 2, out2, 0); outLen += c2.DoFinal(out1, 2, out1.Length - 2, out2, outLen); if (!AreEqual(inBytes, out2)) { Fail(size + " encrypt with update test failed"); } // // public key encoding test // // byte[] pubEnc = keyPair.Public.GetEncoded(); byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public).GetDerEncoded(); // KeyFactory keyFac = KeyFactory.GetInstance("ElGamal"); // X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); // DHPublicKeyParameters pubKey = (DHPublicKeyParameters)keyFac.generatePublic(pubX509); ElGamalPublicKeyParameters pubKey = (ElGamalPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); ElGamalParameters spec = pubKey.Parameters; if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P)) { Fail(size + " bit public key encoding/decoding test failed on parameters"); } if (!((ElGamalPublicKeyParameters)keyPair.Public).Y.Equals(pubKey.Y)) { Fail(size + " bit public key encoding/decoding test failed on y value"); } /* * // * // public key serialisation test * // * // TODO Is there some standard this serialization must conform to? * BinaryFormatter formatter = new BinaryFormatter(); * * MemoryStream bOut = new MemoryStream(); * // ObjectOutputStream oOut = new ObjectOutputStream(bOut); * // oOut.writeObject(keyPair.Public); * formatter.Serialize(bOut, keyPair.Public); * * MemoryStream bIn = new MemoryStream(bOut.ToArray(), false); * // ObjectInputStream oIn = new ObjectInputStream(bIn); * // pubKey = (DHPublicKeyParameters)oIn.readObject(); * pubKey = (ElGamalPublicKeyParameters) formatter.Deserialize(bIn); * spec = pubKey.Parameters; * * if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P)) * { * Fail(size + " bit public key serialisation test failed on parameters"); * } * * if (!((ElGamalPublicKeyParameters )keyPair.Public).Y.Equals(pubKey.Y)) * { * Fail(size + " bit public key serialisation test failed on y value"); * } */ // // private key encoding test // // TODO Keys don't support GetEncoded // byte[] privEnc = keyPair.Private.GetEncoded(); byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private).GetDerEncoded(); // PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); // DHPrivateKeyParameters privKey = (DHPrivateKeyParameters)keyFac.generatePrivate(privPKCS8); ElGamalPrivateKeyParameters privKey = (ElGamalPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); spec = privKey.Parameters; if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P)) { Fail(size + " bit private key encoding/decoding test failed on parameters"); } if (!((ElGamalPrivateKeyParameters)keyPair.Private).X.Equals(privKey.X)) { Fail(size + " bit private key encoding/decoding test failed on y value"); } /* * // * // private key serialisation test * // * bOut = new MemoryStream(); * // oOut = new ObjectOutputStream(bOut); * // oOut.writeObject(keyPair.Private); * formatter.Serialize(bOut, keyPair.Private); * * bIn = new MemoryStream(bOut.ToArray(), false); * // oIn = new ObjectInputStream(bIn); * // privKey = (DHPrivateKeyParameters)oIn.readObject(); * privKey = (ElGamalPrivateKeyParameters) formatter.Deserialize(bIn); * spec = privKey.Parameters; * * if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P)) * { * Fail(size + " bit private key serialisation test failed on parameters"); * } * * if (!((ElGamalPrivateKeyParameters) keyPair.Private).X.Equals(privKey.X)) * { * Fail(size + " bit private key serialisation test failed on y value"); * } */ }
/** * Process a single block using the basic ElGamal algorithm. * * @param in the input array. * @param inOff the offset into the input buffer where the data starts. * @param length the length of the data to be processed. * @return the result of the ElGamal process. * @exception DataLengthException the input block is too large. */ public byte[] ProcessBlock( byte[] input, int inOff, int length) { if (key == null) { throw new InvalidOperationException("ElGamal engine not initialised"); } int maxLength = forEncryption ? (bitSize - 1 + 7) / 8 : GetInputBlockSize(); if (length > maxLength) { throw new DataLengthException("input too large for ElGamal cipher.\n"); } BigInteger p = key.Parameters.P; byte[] output; if (key is ElGamalPrivateKeyParameters) // decryption { int halfLength = length / 2; BigInteger gamma = new BigInteger(1, input, inOff, halfLength); BigInteger phi = new BigInteger(1, input, inOff + halfLength, halfLength); ElGamalPrivateKeyParameters priv = (ElGamalPrivateKeyParameters)key; // a shortcut, which generally relies on p being prime amongst other things. // if a problem with this shows up, check the p and g values! BigInteger m = gamma.ModPow(p.Subtract(BigInteger.One).Subtract(priv.X), p).Multiply(phi).Mod(p); output = m.ToByteArrayUnsigned(); } else // encryption { BigInteger tmp = new BigInteger(1, input, inOff, length); if (tmp.BitLength >= p.BitLength) { throw new DataLengthException("input too large for ElGamal cipher.\n"); } ElGamalPublicKeyParameters pub = (ElGamalPublicKeyParameters)key; BigInteger pSub2 = p.Subtract(BigInteger.Two); // TODO In theory, a series of 'k', 'g.ModPow(k, p)' and 'y.ModPow(k, p)' can be pre-calculated BigInteger k; do { k = new BigInteger(p.BitLength, random); }while (k.SignValue == 0 || k.CompareTo(pSub2) > 0); BigInteger g = key.Parameters.G; BigInteger gamma = g.ModPow(k, p); BigInteger phi = tmp.Multiply(pub.Y.ModPow(k, p)).Mod(p); output = new byte[this.GetOutputBlockSize()]; // TODO Add methods to allow writing BigInteger to existing byte array? byte[] out1 = gamma.ToByteArrayUnsigned(); byte[] out2 = phi.ToByteArrayUnsigned(); out1.CopyTo(output, output.Length / 2 - out1.Length); out2.CopyTo(output, output.Length - out2.Length); } return(output); }
/// <summary> /// Create a PgpPublicKey from the passed in lightweight one. /// </summary> /// <remarks> /// Note: the time passed in affects the value of the key's keyId, so you probably only want /// to do this once for a lightweight key, or make sure you keep track of the time you used. /// </remarks> /// <param name="algorithm">Asymmetric algorithm type representing the public key.</param> /// <param name="pubKey">Actual public key to associate.</param> /// <param name="time">Date of creation.</param> /// <exception cref="ArgumentException">If <c>pubKey</c> is not public.</exception> /// <exception cref="PgpException">On key creation problem.</exception> public PgpPublicKey( PublicKeyAlgorithmTag algorithm, AsymmetricKeyParameter pubKey, DateTime time) { if (pubKey.IsPrivate) { throw new ArgumentException("Expected a public key", "pubKey"); } IBcpgKey bcpgKey; if (pubKey is RsaKeyParameters) { RsaKeyParameters rK = (RsaKeyParameters)pubKey; bcpgKey = new RsaPublicBcpgKey(rK.Modulus, rK.Exponent); } else if (pubKey is DsaPublicKeyParameters) { DsaPublicKeyParameters dK = (DsaPublicKeyParameters)pubKey; DsaParameters dP = dK.Parameters; bcpgKey = new DsaPublicBcpgKey(dP.P, dP.Q, dP.G, dK.Y); } else if (pubKey is ECPublicKeyParameters) { ECPublicKeyParameters ecK = (ECPublicKeyParameters)pubKey; if (algorithm == PublicKeyAlgorithmTag.ECDH) { bcpgKey = new ECDHPublicBcpgKey(ecK.PublicKeyParamSet, ecK.Q, HashAlgorithmTag.Sha256, SymmetricKeyAlgorithmTag.Aes128); } else if (algorithm == PublicKeyAlgorithmTag.ECDsa) { bcpgKey = new ECDsaPublicBcpgKey(ecK.PublicKeyParamSet, ecK.Q); } else { throw new PgpException("unknown EC algorithm"); } } else if (pubKey is ElGamalPublicKeyParameters) { ElGamalPublicKeyParameters eK = (ElGamalPublicKeyParameters)pubKey; ElGamalParameters eS = eK.Parameters; bcpgKey = new ElGamalPublicBcpgKey(eS.P, eS.G, eK.Y); } else { throw new PgpException("unknown key class"); } this.publicPk = new PublicKeyPacket(algorithm, time, bcpgKey); this.ids = Platform.CreateArrayList(); this.idSigs = Platform.CreateArrayList(); try { Init(); } catch (IOException e) { throw new PgpException("exception calculating keyId", e); } }
/// <summary> /// Create a Subject Public Key Info object for a given public key. /// </summary> /// <param name="publicKey">One of ElGammalPublicKeyParameters, DSAPublicKeyParameter, DHPublicKeyParameters, RsaKeyParameters or ECPublicKeyParameters</param> /// <returns>A subject public key info object.</returns> /// <exception cref="Exception">Throw exception if object provided is not one of the above.</exception> public static SubjectPublicKeyInfo CreateSubjectPublicKeyInfo( AsymmetricKeyParameter publicKey) { if (publicKey == null) { throw new ArgumentNullException("publicKey"); } if (publicKey.IsPrivate) { throw new ArgumentException("Private key passed - public key expected.", "publicKey"); } if (publicKey is ElGamalPublicKeyParameters) { ElGamalPublicKeyParameters _key = (ElGamalPublicKeyParameters)publicKey; ElGamalParameters kp = _key.Parameters; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier( OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(kp.P, kp.G).ToAsn1Object()), new DerInteger(_key.Y)); return(info); } if (publicKey is DsaPublicKeyParameters) { DsaPublicKeyParameters _key = (DsaPublicKeyParameters)publicKey; DsaParameters kp = _key.Parameters; Asn1Encodable ae = kp == null ? null : new DsaParameter(kp.P, kp.Q, kp.G).ToAsn1Object(); return(new SubjectPublicKeyInfo( new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, ae), new DerInteger(_key.Y))); } if (publicKey is DHPublicKeyParameters) { DHPublicKeyParameters _key = (DHPublicKeyParameters)publicKey; DHParameters kp = _key.Parameters; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier( _key.AlgorithmOid, new DHParameter(kp.P, kp.G, kp.L).ToAsn1Object()), new DerInteger(_key.Y)); return(info); } // End of DH if (publicKey is RsaKeyParameters) { RsaKeyParameters _key = (RsaKeyParameters)publicKey; SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance), new RsaPublicKeyStructure(_key.Modulus, _key.Exponent).ToAsn1Object()); return(info); } // End of RSA. if (publicKey is ECPublicKeyParameters) { ECPublicKeyParameters _key = (ECPublicKeyParameters)publicKey; if (_key.Parameters is ECGost3410Parameters) { ECGost3410Parameters gostParams = (ECGost3410Parameters)_key.Parameters; BigInteger bX = _key.Q.AffineXCoord.ToBigInteger(); BigInteger bY = _key.Q.AffineYCoord.ToBigInteger(); bool is512 = (bX.BitLength > 256); Gost3410PublicKeyAlgParameters parameters = new Gost3410PublicKeyAlgParameters( gostParams.PublicKeyParamSet, gostParams.DigestParamSet, gostParams.EncryptionParamSet); int encKeySize; int offset; DerObjectIdentifier algIdentifier; if (is512) { encKeySize = 128; offset = 64; algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512; } else { encKeySize = 64; offset = 32; algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; } byte[] encKey = new byte[encKeySize]; ExtractBytes(encKey, encKeySize / 2, 0, bX); ExtractBytes(encKey, encKeySize / 2, offset, bY); return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(algIdentifier, parameters), new DerOctetString(encKey))); } // End of ECGOST3410_2012 if (_key.AlgorithmName == "ECGOST3410") { if (_key.PublicKeyParamSet == null) { throw BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } ECPoint q = _key.Q.Normalize(); BigInteger bX = q.AffineXCoord.ToBigInteger(); BigInteger bY = q.AffineYCoord.ToBigInteger(); byte[] encKey = new byte[64]; ExtractBytes(encKey, 0, bX); ExtractBytes(encKey, 32, bY); Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); AlgorithmIdentifier algID = new AlgorithmIdentifier( CryptoProObjectIdentifiers.GostR3410x2001, gostParams.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, new DerOctetString(encKey))); } else { X962Parameters x962; if (_key.PublicKeyParamSet == null) { ECDomainParameters kp = _key.Parameters; X9ECParameters ecP = new X9ECParameters(kp.Curve, kp.G, kp.N, kp.H, kp.GetSeed()); x962 = new X962Parameters(ecP); } else { x962 = new X962Parameters(_key.PublicKeyParamSet); } byte[] pubKey = _key.Q.GetEncoded(false); AlgorithmIdentifier algID = new AlgorithmIdentifier( X9ObjectIdentifiers.IdECPublicKey, x962.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, pubKey)); } } // End of EC if (publicKey is Gost3410PublicKeyParameters) { Gost3410PublicKeyParameters _key = (Gost3410PublicKeyParameters)publicKey; if (_key.PublicKeyParamSet == null) { throw BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } byte[] keyEnc = _key.Y.ToByteArrayUnsigned(); byte[] keyBytes = new byte[keyEnc.Length]; for (int i = 0; i != keyBytes.Length; i++) { keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian } Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters( _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); AlgorithmIdentifier algID = new AlgorithmIdentifier( CryptoProObjectIdentifiers.GostR3410x94, algParams.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, new DerOctetString(keyBytes))); } if (publicKey is X448PublicKeyParameters) { X448PublicKeyParameters key = (X448PublicKeyParameters)publicKey; return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448), key.GetEncoded())); } if (publicKey is X25519PublicKeyParameters) { X25519PublicKeyParameters key = (X25519PublicKeyParameters)publicKey; return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), key.GetEncoded())); } if (publicKey is Ed448PublicKeyParameters) { Ed448PublicKeyParameters key = (Ed448PublicKeyParameters)publicKey; return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448), key.GetEncoded())); } if (publicKey is Ed25519PublicKeyParameters) { Ed25519PublicKeyParameters key = (Ed25519PublicKeyParameters)publicKey; return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519), key.GetEncoded())); } throw new ArgumentException("Class provided no convertible: " + BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.GetTypeName(publicKey)); }
public static SubjectPublicKeyInfo CreateSubjectPublicKeyInfo(AsymmetricKeyParameter key) { if (key == null) { throw new ArgumentNullException("key"); } if (key.IsPrivate) { throw new ArgumentException("Private key passed - public key expected.", "key"); } if (key is ElGamalPublicKeyParameters) { ElGamalPublicKeyParameters elGamalPublicKeyParameters = (ElGamalPublicKeyParameters)key; ElGamalParameters parameters = elGamalPublicKeyParameters.Parameters; return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(parameters.P, parameters.G).ToAsn1Object()), new DerInteger(elGamalPublicKeyParameters.Y))); } if (key is DsaPublicKeyParameters) { DsaPublicKeyParameters dsaPublicKeyParameters = (DsaPublicKeyParameters)key; DsaParameters parameters2 = dsaPublicKeyParameters.Parameters; Asn1Encodable parameters3 = (parameters2 == null) ? null : new DsaParameter(parameters2.P, parameters2.Q, parameters2.G).ToAsn1Object(); return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, parameters3), new DerInteger(dsaPublicKeyParameters.Y))); } if (key is DHPublicKeyParameters) { DHPublicKeyParameters dHPublicKeyParameters = (DHPublicKeyParameters)key; DHParameters parameters4 = dHPublicKeyParameters.Parameters; return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(dHPublicKeyParameters.AlgorithmOid, new DHParameter(parameters4.P, parameters4.G, parameters4.L).ToAsn1Object()), new DerInteger(dHPublicKeyParameters.Y))); } if (key is RsaKeyParameters) { RsaKeyParameters rsaKeyParameters = (RsaKeyParameters)key; return(new SubjectPublicKeyInfo(new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance), new RsaPublicKeyStructure(rsaKeyParameters.Modulus, rsaKeyParameters.Exponent).ToAsn1Object())); } if (key is ECPublicKeyParameters) { ECPublicKeyParameters eCPublicKeyParameters = (ECPublicKeyParameters)key; if (eCPublicKeyParameters.AlgorithmName == "ECGOST3410") { if (eCPublicKeyParameters.PublicKeyParamSet == null) { throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } ECPoint eCPoint = eCPublicKeyParameters.Q.Normalize(); BigInteger bI = eCPoint.AffineXCoord.ToBigInteger(); BigInteger bI2 = eCPoint.AffineYCoord.ToBigInteger(); byte[] array = new byte[64]; ExtractBytes(array, 0, bI); ExtractBytes(array, 32, bI2); Gost3410PublicKeyAlgParameters gost3410PublicKeyAlgParameters = new Gost3410PublicKeyAlgParameters(eCPublicKeyParameters.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); AlgorithmIdentifier algID = new AlgorithmIdentifier(CryptoProObjectIdentifiers.GostR3410x2001, gost3410PublicKeyAlgParameters.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID, new DerOctetString(array))); } X962Parameters x962Parameters; if (eCPublicKeyParameters.PublicKeyParamSet == null) { ECDomainParameters parameters5 = eCPublicKeyParameters.Parameters; X9ECParameters ecParameters = new X9ECParameters(parameters5.Curve, parameters5.G, parameters5.N, parameters5.H, parameters5.GetSeed()); x962Parameters = new X962Parameters(ecParameters); } else { x962Parameters = new X962Parameters(eCPublicKeyParameters.PublicKeyParamSet); } Asn1OctetString asn1OctetString = (Asn1OctetString) new X9ECPoint(eCPublicKeyParameters.Q).ToAsn1Object(); AlgorithmIdentifier algID2 = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, x962Parameters.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID2, asn1OctetString.GetOctets())); } if (key is Gost3410PublicKeyParameters) { Gost3410PublicKeyParameters gost3410PublicKeyParameters = (Gost3410PublicKeyParameters)key; if (gost3410PublicKeyParameters.PublicKeyParamSet == null) { throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); } byte[] array2 = gost3410PublicKeyParameters.Y.ToByteArrayUnsigned(); byte[] array3 = new byte[array2.Length]; for (int i = 0; i != array3.Length; i++) { array3[i] = array2[array2.Length - 1 - i]; } Gost3410PublicKeyAlgParameters gost3410PublicKeyAlgParameters2 = new Gost3410PublicKeyAlgParameters(gost3410PublicKeyParameters.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); AlgorithmIdentifier algID3 = new AlgorithmIdentifier(CryptoProObjectIdentifiers.GostR3410x94, gost3410PublicKeyAlgParameters2.ToAsn1Object()); return(new SubjectPublicKeyInfo(algID3, new DerOctetString(array3))); } throw new ArgumentException("Class provided no convertible: " + Platform.GetTypeName(key)); }
/** * Process a single block using the basic ElGamal algorithm. * * @param in the input array. * @param inOff the offset into the input buffer where the data starts. * @param inLen the length of the data to be processed. * @return the result of the ElGamal process. * @exception DataLengthException the input block is too large. */ public byte[] processBlock( byte[] inBytes, int inOff, int inLen) { if (inLen > (getInputBlockSize() + 1)) { throw new DataLengthException("input too large for ElGamal cipher.\n"); } else if (inLen == (getInputBlockSize() + 1) && (inBytes[inOff] & 0x80) != 0) { throw new DataLengthException("input too large for ElGamal cipher.\n"); } byte[] block; if (inOff != 0 || inLen != inBytes.Length) { block = new byte[inLen]; Array.Copy(inBytes, inOff, block, 0, inLen); } else { block = inBytes; } BigInteger input = new BigInteger(1, block); BigInteger g = key.getParameters().getG(); BigInteger p = key.getParameters().getP(); if (typeof(ElGamalPrivateKeyParameters).IsInstanceOfType(key)) { byte[] in1 = new byte[inBytes.Length / 2]; byte[] in2 = new byte[inBytes.Length / 2]; Array.Copy(inBytes, 0, in1, 0, in1.Length); Array.Copy(inBytes, in1.Length, in2, 0, in2.Length); BigInteger gamma = new BigInteger(1, in1); BigInteger phi = new BigInteger(1, in2); ElGamalPrivateKeyParameters priv = (ElGamalPrivateKeyParameters)key; BigInteger m = gamma.modPow(p.subtract(ONE).subtract(priv.getX()), p).multiply(phi).mod(p); byte[] outBytes = m.toByteArray(); if (outBytes[0] != 0) { return(outBytes); } else { byte[] output = new byte[outBytes.Length - 1]; Array.Copy(outBytes, 1, output, 0, output.Length); return(output); } } else { ElGamalPublicKeyParameters pub = (ElGamalPublicKeyParameters)key; BigInteger k = new BigInteger(p.bitLength(), random); while (k.Equals(ZERO) || (k.compareTo(p.subtract(TWO)) > 0)) { k = new BigInteger(p.bitLength(), random); } BigInteger gamma = g.modPow(k, p); BigInteger phi = input.multiply(pub.getY().modPow(k, p)).mod(p); byte[] out1 = gamma.toByteArray(); byte[] out2 = phi.toByteArray(); byte[] output = new byte[this.getOutputBlockSize()]; if (out1[0] == 0) { Array.Copy(out1, 1, output, output.Length / 2 - (out1.Length - 1), out1.Length - 1); } else { Array.Copy(out1, 0, output, output.Length / 2 - out1.Length, out1.Length); } if (out2[0] == 0) { Array.Copy(out2, 1, output, output.Length - (out2.Length - 1), out2.Length - 1); } else { Array.Copy(out2, 0, output, output.Length - out2.Length, out2.Length); } return(output); } }
private void doTestEnc( int size, int privateValueSize, IBigInteger g, IBigInteger p) { ElGamalParameters dhParams = new ElGamalParameters(p, g, privateValueSize); ElGamalKeyGenerationParameters ekgParams = new ElGamalKeyGenerationParameters(new SecureRandom(), dhParams); ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator(); kpGen.Init(ekgParams); // // generate pair // IAsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); ElGamalPublicKeyParameters pu = (ElGamalPublicKeyParameters)pair.Public; ElGamalPrivateKeyParameters pv = (ElGamalPrivateKeyParameters)pair.Private; checkKeySize(privateValueSize, pv); ElGamalEngine e = new ElGamalEngine(); e.Init(true, pu); if (e.GetOutputBlockSize() != size / 4) { Fail(size + " GetOutputBlockSize() on encryption failed."); } byte[] message = Hex.Decode("5468697320697320612074657374"); byte[] pText = message; byte[] cText = e.ProcessBlock(pText, 0, pText.Length); e.Init(false, pv); if (e.GetOutputBlockSize() != (size / 8) - 1) { Fail(size + " GetOutputBlockSize() on decryption failed."); } pText = e.ProcessBlock(cText, 0, cText.Length); if (!Arrays.AreEqual(message, pText)) { Fail(size + " bit test failed"); } e.Init(true, pu); byte[] bytes = new byte[e.GetInputBlockSize() + 2]; try { e.ProcessBlock(bytes, 0, bytes.Length); Fail("out of range block not detected"); } catch (DataLengthException) { // expected } try { bytes[0] = (byte)0xff; e.ProcessBlock(bytes, 0, bytes.Length - 1); Fail("out of range block not detected"); } catch (DataLengthException) { // expected } try { bytes[0] = (byte)0x7f; e.ProcessBlock(bytes, 0, bytes.Length - 1); } catch (DataLengthException) { Fail("in range block failed"); } }