/// <summary> /// Initializes a new instance of the <see cref="ECDHPublicKeyParameters" /> class. /// </summary> /// <param name="q">The q.</param> /// <param name="parameters">The parameters.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="symmetricKeyAlgorithm">The symmetric key algorithm.</param> public ECDHPublicKeyParameters(ECPoint q, ECDomainParameters parameters, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) : base("ECDH", q, parameters) { this.HashAlgorithm = hashAlgorithm; this.SymmetricKeyAlgorithm = symmetricKeyAlgorithm; }
/// <summary> /// Initializes a new instance of the <see cref="ECKeyGenerationParameters"/> class. /// </summary> /// <param name="publicKeyParamSet">The public key param set.</param> /// <param name="random">The random.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="symmetricKeyAlgorithm">The symmetric key algorithm.</param> public ECKeyGenerationParameters(DerObjectIdentifier publicKeyParamSet, ISecureRandom random, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) : this(ECKeyParameters.LookupParameters(publicKeyParamSet), random) { _publicKeyParamSet = publicKeyParamSet; _hashAlgorithm = hashAlgorithm; _symmetricKeyAlgorithm = symmetricKeyAlgorithm; }
/// <summary> /// Initializes a new instance of the <see cref="ECDHPublicKeyParameters" /> class. /// </summary> /// <param name="q">The q.</param> /// <param name="publicKeyParamSet">The public key param set.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="symmetricKeyAlgorithm">The symmetric key algorithm.</param> public ECDHPublicKeyParameters(ECPoint q, DerObjectIdentifier publicKeyParamSet, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) : base("ECDH", q, publicKeyParamSet) { this.HashAlgorithm = hashAlgorithm; this.SymmetricKeyAlgorithm = symmetricKeyAlgorithm; }
/// <summary> /// Initializes a new instance of the <see cref="ECKeyGenerationParameters"/> class. /// </summary> /// <param name="domainParameters">The domain parameters.</param> /// <param name="random">The random.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="symmetricKeyAlgorithm">The symmetric key algorithm.</param> public ECKeyGenerationParameters(ECDomainParameters domainParameters, ISecureRandom random, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) : base(random, domainParameters.N.BitLength) { _domainParams = domainParameters; _hashAlgorithm = hashAlgorithm; _symmetricKeyAlgorithm = symmetricKeyAlgorithm; }
internal S2k(Stream inStr) { //IL_0069: Unknown result type (might be due to invalid IL or missing references) type = inStr.ReadByte(); algorithm = (HashAlgorithmTag)inStr.ReadByte(); if (type != 101) { if (type != 0) { iv = new byte[8]; if (Streams.ReadFully(inStr, iv, 0, iv.Length) < iv.Length) { throw new EndOfStreamException(); } if (type == 3) { itCount = inStr.ReadByte(); } } } else { inStr.ReadByte(); inStr.ReadByte(); inStr.ReadByte(); protectionMode = inStr.ReadByte(); } }
public static string GetSignatureName( PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm) { string encAlg; switch (keyAlgorithm) { case PublicKeyAlgorithmTag.RsaGeneral: case PublicKeyAlgorithmTag.RsaSign: encAlg = "RSA"; break; case PublicKeyAlgorithmTag.Dsa: encAlg = "DSA"; break; case PublicKeyAlgorithmTag.ECDH: encAlg = "ECDH"; break; case PublicKeyAlgorithmTag.ECDsa: encAlg = "ECDSA"; break; case PublicKeyAlgorithmTag.ElGamalEncrypt: // in some malformed cases. case PublicKeyAlgorithmTag.ElGamalGeneral: encAlg = "ElGamal"; break; default: throw new PgpException("unknown algorithm tag in signature:" + keyAlgorithm); } return GetDigestName(hashAlgorithm) + "with" + encAlg; }
public static Task <string> SignData(byte[] data, HashAlgorithmTag hash = HashAlgorithmTag.Sha512) { if (masterPrivateKey == null) { throw new ErrorObject { ErrorCode = ErrorCodes.SealedStatus, ErrorField = "gpgkey", Message = "The GPG Key is currently encrypted. Please decrypt it first with Unseal" }.ToException(); } return(Task.Run(() => { using (var ms = new MemoryStream()) { var s = new ArmoredOutputStream(ms); using (var bOut = new BcpgOutputStream(s)) { var sGen = new PgpSignatureGenerator(masterSecretKey.PublicKey.Algorithm, hash); sGen.InitSign(PgpSignature.BinaryDocument, masterPrivateKey); sGen.Update(data, 0, data.Length); sGen.Generate().Encode(bOut); s.Close(); ms.Seek(0, SeekOrigin.Begin); return Tools.GPG2Quanto(Encoding.UTF8.GetString(ms.ToArray()), masterSecretKey.PublicKey.GetFingerprint().ToHexString(), hash); } } })); }
public static string GetSignatureName(PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm) { string text; switch (keyAlgorithm) { case PublicKeyAlgorithmTag.RsaGeneral: case PublicKeyAlgorithmTag.RsaSign: text = "RSA"; break; case PublicKeyAlgorithmTag.Dsa: text = "DSA"; break; case PublicKeyAlgorithmTag.EC: text = "ECDH"; break; case PublicKeyAlgorithmTag.ECDsa: text = "ECDSA"; break; case PublicKeyAlgorithmTag.ElGamalEncrypt: case PublicKeyAlgorithmTag.ElGamalGeneral: text = "ElGamal"; break; default: throw new PgpException(string.Concat((object)"unknown algorithm tag in signature:", (object)keyAlgorithm)); } return(GetDigestName(hashAlgorithm) + "with" + text); }
/// <summary> /// Initializes a new instance of the <see cref="S2k"/> class. /// </summary> /// <param name="algorithm">The algorithm.</param> /// <param name="iv">The iv.</param> /// <param name="itCount">It count.</param> public S2k(HashAlgorithmTag algorithm, byte[] iv, int itCount) { _type = 3; _algorithm = algorithm; _iv = iv; _itCount = itCount; }
public static string GetDigestName( HashAlgorithmTag hashAlgorithm) { switch (hashAlgorithm) { case HashAlgorithmTag.Sha1: return "SHA1"; case HashAlgorithmTag.MD2: return "MD2"; case HashAlgorithmTag.MD5: return "MD5"; case HashAlgorithmTag.RipeMD160: return "RIPEMD160"; case HashAlgorithmTag.Sha224: return "SHA224"; case HashAlgorithmTag.Sha256: return "SHA256"; case HashAlgorithmTag.Sha384: return "SHA384"; case HashAlgorithmTag.Sha512: return "SHA512"; default: throw new PgpException("unknown hash algorithm tag in GetDigestName: " + hashAlgorithm); } }
public static string GetSignatureName( PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm) { string encAlg; switch (keyAlgorithm) { case PublicKeyAlgorithmTag.RsaGeneral: case PublicKeyAlgorithmTag.RsaSign: encAlg = "RSA"; break; case PublicKeyAlgorithmTag.Dsa: encAlg = "DSA"; break; case PublicKeyAlgorithmTag.ElGamalEncrypt: // in some malformed cases. case PublicKeyAlgorithmTag.ElGamalGeneral: encAlg = "ElGamal"; break; default: throw new PgpException("unknown algorithm tag in signature:" + keyAlgorithm); } return(GetDigestName(hashAlgorithm) + "with" + encAlg); }
/// <summary> /// Create a new key ring generator. /// </summary> /// <remarks> /// Allows the caller to handle the encoding of the passphrase to bytes. /// </remarks> /// <param name="certificationLevel">The certification level for keys on this ring.</param> /// <param name="masterKey">The master key pair.</param> /// <param name="id">The id to be associated with the ring.</param> /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="rawPassPhrase">The passPhrase to be used to protect secret keys.</param> /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param> /// <param name="hashedPackets">Packets to be included in the certification hash.</param> /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param> /// <param name="rand">input secured random.</param> public PgpKeyRingGenerator( int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, byte[] rawPassPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) { this.certificationLevel = certificationLevel; this.masterKey = masterKey; this.id = id; this.encAlgorithm = encAlgorithm; this.rawPassPhrase = rawPassPhrase; this.useSha1 = useSha1; this.hashedPacketVector = hashedPackets; this.unhashedPacketVector = unhashedPackets; this.rand = rand; this.hashAlgorithm = hashAlgorithm; keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand)); }
internal S2k( Stream inStr) { type = inStr.ReadByte(); algorithm = (HashAlgorithmTag) inStr.ReadByte(); // // if this happens we have a dummy-S2k packet. // if (type != GnuDummyS2K) { if (type != 0) { iv = new byte[8]; if (Streams.ReadFully(inStr, iv, 0, iv.Length) < iv.Length) throw new EndOfStreamException(); if (type == 3) { itCount = inStr.ReadByte(); } } } else { inStr.ReadByte(); // G inStr.ReadByte(); // N inStr.ReadByte(); // U protectionMode = inStr.ReadByte(); // protection mode } }
public S2k(HashAlgorithmTag algorithm, byte[] iv, int itCount) { type = 3; this.algorithm = algorithm; this.iv = iv; this.itCount = itCount; }
public Task <string> SignData(string fingerPrint, byte[] data, HashAlgorithmTag hash = HashAlgorithmTag.Sha512) { if (fingerPrint.Length == 8 && FP8TO16.ContainsKey(fingerPrint)) { fingerPrint = FP8TO16[fingerPrint]; } if (!decryptedKeys.ContainsKey(fingerPrint)) { throw new KeyNotDecryptedException(fingerPrint); } var pgpSec = privateKeys[fingerPrint]; var pgpPrivKey = decryptedKeys[fingerPrint]; return(Task.Run(() => { using (var ms = new MemoryStream()) { var s = new ArmoredOutputStream(ms); using (var bOut = new BcpgOutputStream(s)) { var sGen = new PgpSignatureGenerator(pgpSec.PublicKey.Algorithm, hash); sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); sGen.Update(data, 0, data.Length); sGen.Generate().Encode(bOut); s.Close(); ms.Seek(0, SeekOrigin.Begin); return Encoding.UTF8.GetString(ms.ToArray()); } } })); }
public SignaturePacket( int version, int signatureType, long keyId, PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm, SignatureSubpacket[] hashedData, SignatureSubpacket[] unhashedData, byte[] fingerprint, MPInteger[] signature) { this.version = version; this.signatureType = signatureType; this.keyId = keyId; this.keyAlgorithm = keyAlgorithm; this.hashAlgorithm = hashAlgorithm; this.hashedData = hashedData; this.unhashedData = unhashedData; this.fingerprint = fingerprint; this.signature = signature; if (hashedData != null) { setCreationTime(); } }
public PgpV3SignatureGenerator(PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm) { this.keyAlgorithm = keyAlgorithm; this.hashAlgorithm = hashAlgorithm; dig = DigestUtilities.GetDigest(PgpUtilities.GetDigestName(hashAlgorithm)); sig = SignerUtilities.GetSigner(PgpUtilities.GetSignatureName(keyAlgorithm, hashAlgorithm)); }
/// <summary> /// Initializes a new instance of the <see cref="S2k"/> class. /// </summary> /// <param name="inStr">The in STR.</param> /// <exception cref="System.IO.EndOfStreamException"></exception> internal S2k(Stream inStr) { _type = inStr.ReadByte(); _algorithm = (HashAlgorithmTag)inStr.ReadByte(); // // if this happens we have a dummy-S2k packet. // if (_type != GnuDummyS2K) { if (_type != 0) { _iv = new byte[8]; if (Streams.ReadFully(inStr, _iv, 0, _iv.Length) < _iv.Length) { throw new EndOfStreamException(); } if (_type == 3) { _itCount = inStr.ReadByte(); } } } else { inStr.ReadByte(); // G inStr.ReadByte(); // N inStr.ReadByte(); // U _protectionMode = inStr.ReadByte(); // protection mode } }
internal S2k(Stream inStr) { this.type = inStr.ReadByte(); this.algorithm = (HashAlgorithmTag)inStr.ReadByte(); if (this.type != 101) { if (this.type != 0) { this.iv = new byte[8]; if (Streams.ReadFully(inStr, this.iv, 0, this.iv.Length) < this.iv.Length) { throw new EndOfStreamException(); } if (this.type == 3) { this.itCount = inStr.ReadByte(); return; } } } else { inStr.ReadByte(); inStr.ReadByte(); inStr.ReadByte(); this.protectionMode = inStr.ReadByte(); } }
public static string GetDigestName( HashAlgorithmTag hashAlgorithm) { switch (hashAlgorithm) { case HashAlgorithmTag.Sha1: return("SHA1"); case HashAlgorithmTag.MD2: return("MD2"); case HashAlgorithmTag.MD5: return("MD5"); case HashAlgorithmTag.RipeMD160: return("RIPEMD160"); case HashAlgorithmTag.Sha224: return("SHA224"); case HashAlgorithmTag.Sha256: return("SHA256"); case HashAlgorithmTag.Sha384: return("SHA384"); case HashAlgorithmTag.Sha512: return("SHA512"); default: throw new PgpException("unknown hash algorithm tag in GetDigestName: " + hashAlgorithm); } }
/// <summary> /// Add a subkey with specific hashed and unhashed packets associated with it and /// default certification. /// </summary> /// <param name="keyPair">Public/private key pair.</param> /// <param name="hashedPackets">Hashed packet values to be included in certification.</param> /// <param name="unhashedPackets">Unhashed packets values to be included in certification.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <exception cref="Org.BouncyCastle.Bcpg.OpenPgp.PgpException">exception adding subkey: </exception> /// <exception cref="PgpException"></exception> public void AddSubKey( PgpKeyPair keyPair, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, HashAlgorithmTag hashAlgorithm) { try { PgpSignatureGenerator sGen = new PgpSignatureGenerator(masterKey.PublicKey.Algorithm, hashAlgorithm); // // Generate the certification // sGen.InitSign(PgpSignature.SubkeyBinding, masterKey.PrivateKey); sGen.SetHashedSubpackets(hashedPackets); sGen.SetUnhashedSubpackets(unhashedPackets); IList subSigs = Platform.CreateArrayList(); subSigs.Add(sGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey)); keys.Add(new PgpSecretKey(keyPair.PrivateKey, new PgpPublicKey(keyPair.PublicKey, null, subSigs), encAlgorithm, rawPassPhrase, false, useSha1, rand, false)); } catch (PgpException) { throw; } catch (Exception e) { throw new PgpException("exception adding subkey: ", e); } }
/// <summary> /// Helper for creating a PgpSignatureGenerator from private key file and its password /// </summary> /// <param name="stream">Stream to use for signature initialization</param> /// <param name="input">Encryption task input</param> /// <returns>PgpSignatureGenerator to be used when signing a file</returns> internal static PgpSignatureGenerator InitPgpSignatureGenerator(Stream stream, PgpEncryptInput input) { HashAlgorithmTag hashAlgorithm = input.SigningSettings.SignatureHashAlgorithm.ConvertEnum <HashAlgorithmTag>(); try { PgpSecretKey secretKey = ReadSecretKey(input.SigningSettings.PrivateKeyFile); PgpPrivateKey privateKey = secretKey.ExtractPrivateKey(input.SigningSettings.PrivateKeyPassword.ToCharArray()); var pgpSignatureGenerator = new PgpSignatureGenerator(secretKey.PublicKey.Algorithm, hashAlgorithm); pgpSignatureGenerator.InitSign(PgpSignature.BinaryDocument, privateKey); foreach (string userId in secretKey.PublicKey.GetUserIds()) { PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(); spGen.SetSignerUserId(false, userId); pgpSignatureGenerator.SetHashedSubpackets(spGen.Generate()); // Just the first one! break; } pgpSignatureGenerator.GenerateOnePassVersion(false).Encode(stream); return(pgpSignatureGenerator); } catch (PgpException e) { throw new Exception("Private key extraction failed, password might be incorrect", e); } }
public SignaturePacket( int version, int signatureType, long keyId, PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm, ISignatureSubpacket[] hashedData, ISignatureSubpacket[] unhashedData, byte[] fingerprint, MPInteger[] signature) { this._version = version; this._signatureType = signatureType; this._keyId = keyId; this._keyAlgorithm = keyAlgorithm; this._hashAlgorithm = hashAlgorithm; this._hashedData = hashedData; this._unhashedData = unhashedData; this._fingerprint = fingerprint; this._signature = signature; if (hashedData != null) { SetCreationTime(); } }
public S2k( HashAlgorithmTag algorithm, byte[] iv) { this.type = 1; this.algorithm = algorithm; this.iv = iv; }
/// <summary>Create a generator for the passed in keyAlgorithm and hashAlgorithm codes.</summary> public PgpSignatureGenerator(PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm) { _keyAlgorithm = keyAlgorithm; _hashAlgorithm = hashAlgorithm; _dig = DigestUtilities.GetDigest(PgpUtilities.GetDigestName(hashAlgorithm)); _sig = SignerUtilities.GetSigner(PgpUtilities.GetSignatureName(keyAlgorithm, hashAlgorithm)); }
/// <summary> /// Creates a ECDH public key parameters from the given encoded point. /// </summary> /// <param name="encodedPoint">The encoded point.</param> /// <param name="publicKeyParamSet">The public key param set.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="symmetricKeyAlgorithm">The symmetric key algorithm.</param> /// <returns></returns> public static ECDHPublicKeyParameters Create(IBigInteger encodedPoint, DerObjectIdentifier publicKeyParamSet, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) { var curve = ECKeyPairGenerator.FindECCurveByOid(publicKeyParamSet); var point = curve.Curve.DecodePoint(encodedPoint.ToByteArrayUnsigned()); return new ECDHPublicKeyParameters(point, publicKeyParamSet, hashAlgorithm, symmetricKeyAlgorithm); }
/// <summary> /// Creates a ECDH public key parameters from the given encoded point. /// </summary> /// <param name="encodedPoint">The encoded point.</param> /// <param name="publicKeyParamSet">The public key param set.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="symmetricKeyAlgorithm">The symmetric key algorithm.</param> /// <returns></returns> public static ECDHPublicKeyParameters Create(IBigInteger encodedPoint, DerObjectIdentifier publicKeyParamSet, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) { var curve = ECKeyPairGenerator.FindECCurveByOid(publicKeyParamSet); var point = curve.Curve.DecodePoint(encodedPoint.ToByteArrayUnsigned()); return(new ECDHPublicKeyParameters(point, publicKeyParamSet, hashAlgorithm, symmetricKeyAlgorithm)); }
public ECDHPublicBcpgKey(DerObjectIdentifier oid, ECPoint point, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) : base(oid, point) { reserved = 1; hashFunctionId = hashAlgorithm; symAlgorithmId = symmetricKeyAlgorithm; VerifyHashAlgorithm(); VerifySymmetricKeyAlgorithm(); }
private void verifySignature( byte[] encodedSig, HashAlgorithmTag hashAlgorithm, PgpPublicKey pubKey, byte[] original) { PgpObjectFactory pgpFact = new PgpObjectFactory(encodedSig); PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); PgpOnePassSignature ops = p1[0]; PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); Stream dIn = p2.GetInputStream(); ops.InitVerify(pubKey); int ch; while ((ch = dIn.ReadByte()) >= 0) { ops.Update((byte)ch); } PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); PgpSignature sig = p3[0]; DateTime creationTime = sig.CreationTime; // Check creationTime is recent if (creationTime.CompareTo(DateTime.UtcNow) > 0 || creationTime.CompareTo(DateTime.UtcNow.AddMinutes(-10)) < 0) { Fail("bad creation time in signature: " + creationTime); } if (sig.KeyId != pubKey.KeyId) { Fail("key id mismatch in signature"); } if (!ops.Verify(sig)) { Fail("Failed generated signature check - " + hashAlgorithm); } sig.InitVerify(pubKey); for (int i = 0; i != original.Length; i++) { sig.Update(original[i]); } sig.Update(original); if (!sig.Verify()) { Fail("Failed generated signature check against original data"); } }
public OnePassSignaturePacket(int sigType, HashAlgorithmTag hashAlgorithm, PublicKeyAlgorithmTag keyAlgorithm, long keyId, bool isNested) { version = 3; this.sigType = sigType; this.hashAlgorithm = hashAlgorithm; this.keyAlgorithm = keyAlgorithm; this.keyId = keyId; nested = ((!isNested) ? 1 : 0); }
public SigWithDigestFactory(PublicKeyAlgorithmTag keyAlg, HashAlgorithmTag hashAlg, long keyId, AsymmetricRsaPrivateKey privateKey) { this.keyAlg = keyAlg; this.hashAlg = hashAlg; this.keyId = keyId; this.privateKey = privateKey; sigFact = CryptoServicesRegistrar.CreateService(privateKey, new SecureRandom()).CreateSignatureFactory(FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)PgpUtils.digests[hashAlg])); digFact = CryptoServicesRegistrar.CreateService((FipsShs.Parameters)PgpUtils.digests[hashAlg]); }
/// <summary>Add a PBE encryption method to the encrypted object.</summary> public void AddMethod(char[] passPhrase, HashAlgorithmTag s2KDigest) { var iv = new byte[8]; _rand.NextBytes(iv); var s2K = new S2k(s2KDigest, iv, 0x60); _methods.Add(new PbeMethod(_defAlgorithm, s2K, PgpUtilities.MakeKeyFromPassPhrase(_defAlgorithm, s2K, passPhrase))); }
/// <summary>Create a generator for the passed in keyAlgorithm and hashAlgorithm codes.</summary> public PgpV3SignatureGenerator( PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm) { this.keyAlgorithm = keyAlgorithm; this.hashAlgorithm = hashAlgorithm; dig = DigestUtilities.GetDigest(PgpUtilities.GetDigestName(hashAlgorithm)); sig = SignerUtilities.GetSigner(PgpUtilities.GetSignatureName(keyAlgorithm, hashAlgorithm)); }
private void doTestSigV3( PublicKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, PgpPublicKey pubKey, PgpPrivateKey privKey) { byte[] bytes = generateV3BinarySig(privKey, encAlgorithm, hashAlgorithm); verifySignature(bytes, hashAlgorithm, pubKey, TEST_DATA); }
public S2k( HashAlgorithmTag algorithm, byte[] iv, int itCount) { this.type = 3; this.algorithm = algorithm; this.iv = iv; this.itCount = itCount; }
/// <summary> /// Sign a file with PGP signature. See documentation at https://github.com/CommunityHiQ/Frends.Community.PgpSignature Returns: Object {string FilePath} /// </summary> public static PgpSignatureResult SignFile(PgpSignatureInput input) { HashAlgorithmTag digest = input.HashFunction.ConvertEnum <HashAlgorithmTag>(); using (var privateKeyStream = File.OpenRead(input.PrivateKeyFile)) { var pgpSecKey = PgpServices.SignatureReadSecretKey(privateKeyStream); var pgpPrivKey = pgpSecKey.ExtractPrivateKey(input.Password.ToCharArray()); var signatureGenerator = new PgpSignatureGenerator(pgpSecKey.PublicKey.Algorithm, digest); var signatureSubpacketGenerator = new PgpSignatureSubpacketGenerator(); signatureGenerator.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); var enumerator = pgpSecKey.PublicKey.GetUserIds().GetEnumerator(); if (enumerator.MoveNext()) { signatureSubpacketGenerator.SetSignerUserId(false, (string)enumerator.Current); signatureGenerator.SetHashedSubpackets(signatureSubpacketGenerator.Generate()); } using (var outputStream = File.Create(input.OutputFile)) { var armoredOutputStream = new ArmoredOutputStream(outputStream); var bcbgOutputStream = new BcpgOutputStream(armoredOutputStream); signatureGenerator.GenerateOnePassVersion(false).Encode(bcbgOutputStream); var file = new FileInfo(input.InputFile); var literalDataGenerator = new PgpLiteralDataGenerator(); var literalDataOut = literalDataGenerator.Open(bcbgOutputStream, PgpLiteralData.Binary, file.Name, file.Length, DateTime.Now); using (var fileIn = file.OpenRead()) { int ch; while ((ch = fileIn.ReadByte()) >= 0) { literalDataOut.WriteByte((byte)ch); signatureGenerator.Update((byte)ch); } fileIn.Close(); literalDataGenerator.Close(); signatureGenerator.Generate().Encode(bcbgOutputStream); armoredOutputStream.Close(); outputStream.Close(); var ret = new PgpSignatureResult { FilePath = input.OutputFile }; return(ret); } } } }
/// <summary>Add a PBE encryption method to the encrypted object.</summary> public void AddMethod( char[] passPhrase, HashAlgorithmTag s2kDigest) { byte[] iv = new byte[8]; rand.NextBytes(iv); S2k s2k = new S2k(s2kDigest, iv, 0x60); methods.Add(new PbeMethod(defAlgorithm, s2k, PgpUtilities.MakeKeyFromPassPhrase(defAlgorithm, s2k, passPhrase))); }
/// <summary> /// Initializes a new instance of the <see cref="ECDHPublicBcpgKey"/> class. /// </summary> /// <param name="point">The point.</param> /// <param name="oid">The oid.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="symmetricKeyAlgorithm">The symmetric key algorithm.</param> public ECDHPublicBcpgKey(ECPoint point, DerObjectIdentifier oid, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) : base(point, oid) { _reserved = 1; _hashFunctionId = (byte)hashAlgorithm; _symAlgorithmId = (byte)symmetricKeyAlgorithm; this.VerifyHashAlgorithm(); this.VerifySymmetricKeyAlgorithm(); }
/** * Generate a version 4 signature packet. * * @param signatureType * @param keyAlgorithm * @param hashAlgorithm * @param hashedData * @param unhashedData * @param fingerprint * @param signature */ public SignaturePacket( int signatureType, long keyId, PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm, SignatureSubpacket[] hashedData, SignatureSubpacket[] unhashedData, byte[] fingerprint, MPInteger[] signature) : this(4, signatureType, keyId, keyAlgorithm, hashAlgorithm, hashedData, unhashedData, fingerprint, signature) { }
/** * Generate a version 2/3 signature packet. * * @param signatureType * @param keyAlgorithm * @param hashAlgorithm * @param fingerprint * @param signature */ public SignaturePacket( int version, int signatureType, long keyId, PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm, long creationTime, byte[] fingerprint, MPInteger[] signature) : this(version, signatureType, keyId, keyAlgorithm, hashAlgorithm, null, null, fingerprint, signature) { this.creationTime = creationTime; }
public ECDHPublicBcpgKey( DerObjectIdentifier oid, ECPoint point, HashAlgorithmTag hashAlgorithm, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) : base(oid, point) { reserved = 1; hashFunctionId = hashAlgorithm; symAlgorithmId = symmetricKeyAlgorithm; VerifyHashAlgorithm(); VerifySymmetricKeyAlgorithm(); }
public PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, ISecureRandom rand) : this(keyPair.PrivateKey, CertifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets, hashAlgorithm), encAlgorithm, passPhrase, useSha1, rand, true) { }
public OnePassSignaturePacket( int sigType, HashAlgorithmTag hashAlgorithm, PublicKeyAlgorithmTag keyAlgorithm, long keyId, bool isNested) { this.version = 3; this.sigType = sigType; this.hashAlgorithm = hashAlgorithm; this.keyAlgorithm = keyAlgorithm; this.keyId = keyId; this.nested = (isNested) ? 0 : 1; }
/// <param name="bcpgIn">The stream to read the packet from.</param> public ECDHPublicBcpgKey( BcpgInputStream bcpgIn) : base(bcpgIn) { int length = bcpgIn.ReadByte(); byte[] kdfParameters = new byte[length]; if (kdfParameters.Length != 3) throw new InvalidOperationException("kdf parameters size of 3 expected."); bcpgIn.ReadFully(kdfParameters); reserved = kdfParameters[0]; hashFunctionId = (HashAlgorithmTag)kdfParameters[1]; symAlgorithmId = (SymmetricKeyAlgorithmTag)kdfParameters[2]; VerifyHashAlgorithm(); VerifySymmetricKeyAlgorithm(); }
internal OnePassSignaturePacket( BcpgInputStream bcpgIn) { version = bcpgIn.ReadByte(); sigType = bcpgIn.ReadByte(); hashAlgorithm = (HashAlgorithmTag) bcpgIn.ReadByte(); keyAlgorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte(); keyId |= (long)bcpgIn.ReadByte() << 56; keyId |= (long)bcpgIn.ReadByte() << 48; keyId |= (long)bcpgIn.ReadByte() << 40; keyId |= (long)bcpgIn.ReadByte() << 32; keyId |= (long)bcpgIn.ReadByte() << 24; keyId |= (long)bcpgIn.ReadByte() << 16; keyId |= (long)bcpgIn.ReadByte() << 8; keyId |= (uint)bcpgIn.ReadByte(); nested = bcpgIn.ReadByte(); }
public SignaturePacket( int version, int signatureType, long keyId, PublicKeyAlgorithmTag keyAlgorithm, HashAlgorithmTag hashAlgorithm, SignatureSubpacket[] hashedData, SignatureSubpacket[] unhashedData, byte[] fingerprint, MPInteger[] signature) { this.version = version; this.signatureType = signatureType; this.keyId = keyId; this.keyAlgorithm = keyAlgorithm; this.hashAlgorithm = hashAlgorithm; this.hashedData = hashedData; this.unhashedData = unhashedData; this.fingerprint = fingerprint; this.signature = signature; }
internal S2k( Stream inputStream) { //Stream dIn = inputStream; BinaryReader dIn = new BinaryReader(inputStream); type = dIn.ReadByte(); algorithm = (HashAlgorithmTag) dIn.ReadByte(); // // if this happens we have a dummy-S2k packet. // if (type != GnuDummyS2K) { if (type != 0) { iv = dIn.ReadBytes(8); if (iv.Length < 8) { throw new EndOfStreamException(); } } if (type == 3) { itCount = dIn.ReadByte(); } } else { dIn.ReadByte(); // G dIn.ReadByte(); // N dIn.ReadByte(); // U protectionMode = dIn.ReadByte(); // protection mode } }
private void verifySignature( byte[] encodedSig, HashAlgorithmTag hashAlgorithm, IPgpPublicKey pubKey, byte[] original) { PgpObjectFactory pgpFact = new PgpObjectFactory(encodedSig); PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); PgpOnePassSignature ops = p1[0]; PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); Stream dIn = p2.GetInputStream(); ops.InitVerify(pubKey); int ch; while ((ch = dIn.ReadByte()) >= 0) { ops.Update((byte)ch); } PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); PgpSignature sig = p3[0]; DateTime creationTime = sig.CreationTime; // Check creationTime is recent if (creationTime.CompareTo(DateTime.UtcNow) > 0 || creationTime.CompareTo(DateTime.UtcNow.AddMinutes(-10)) < 0) { Fail("bad creation time in signature: " + creationTime); } if (sig.KeyId != pubKey.KeyId) { Fail("key id mismatch in signature"); } if (!ops.Verify(sig)) { Fail("Failed generated signature check - " + hashAlgorithm); } sig.InitVerify(pubKey); for (int i = 0; i != original.Length; i++) { sig.Update(original[i]); } sig.Update(original); if (!sig.Verify()) { Fail("Failed generated signature check against original data"); } }
private byte[] generateV3BinarySig( IPgpPrivateKey privKey, PublicKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm) { MemoryStream bOut = new MemoryStream(); MemoryStream testIn = new MemoryStream(TEST_DATA, false); PgpV3SignatureGenerator sGen = new PgpV3SignatureGenerator(encAlgorithm, hashAlgorithm); sGen.InitSign(PgpSignature.BinaryDocument, privKey); sGen.GenerateOnePassVersion(false).Encode(bOut); PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); Stream lOut = lGen.Open( new UncloseableStream(bOut), PgpLiteralData.Binary, "_CONSOLE", TEST_DATA.Length * 2, DateTime.UtcNow); int ch; while ((ch = testIn.ReadByte()) >= 0) { lOut.WriteByte((byte)ch); sGen.Update((byte)ch); } lOut.Write(TEST_DATA, 0, TEST_DATA.Length); sGen.Update(TEST_DATA); lGen.Close(); sGen.Generate().Encode(bOut); return bOut.ToArray(); }
private void doTestTextSigV3( PublicKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, IPgpPublicKey pubKey, IPgpPrivateKey privKey, byte[] data, byte[] canonicalData) { PgpV3SignatureGenerator sGen = new PgpV3SignatureGenerator(encAlgorithm, HashAlgorithmTag.Sha1); MemoryStream bOut = new MemoryStream(); MemoryStream testIn = new MemoryStream(data, false); sGen.InitSign(PgpSignature.CanonicalTextDocument, privKey); sGen.GenerateOnePassVersion(false).Encode(bOut); PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); Stream lOut = lGen.Open( new UncloseableStream(bOut), PgpLiteralData.Text, "_CONSOLE", data.Length * 2, DateTime.UtcNow); int ch; while ((ch = testIn.ReadByte()) >= 0) { lOut.WriteByte((byte)ch); sGen.Update((byte)ch); } lOut.Write(data, 0, data.Length); sGen.Update(data); lGen.Close(); PgpSignature sig = sGen.Generate(); if (sig.CreationTime == DateTimeUtilities.UnixMsToDateTime(0)) { Fail("creation time not set in v3 signature"); } sig.Encode(bOut); verifySignature(bOut.ToArray(), hashAlgorithm, pubKey, canonicalData); }
private void doTestSigV3( PublicKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, IPgpPublicKey pubKey, IPgpPrivateKey privKey) { byte[] bytes = generateV3BinarySig(privKey, encAlgorithm, hashAlgorithm); verifySignature(bytes, hashAlgorithm, pubKey, TEST_DATA); }
private static PgpPublicKey CertifiedPublicKey( int certificationLevel, PgpKeyPair keyPair, string id, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, HashAlgorithmTag hashAlgorithm) { PgpSignatureGenerator sGen; try { sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, hashAlgorithm); } catch (Exception e) { throw new PgpException("Creating signature generator: " + e.Message, e); } // // Generate the certification // sGen.InitSign(certificationLevel, keyPair.PrivateKey); sGen.SetHashedSubpackets(hashedPackets); sGen.SetUnhashedSubpackets(unhashedPackets); try { PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey); return PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification); } catch (Exception e) { throw new PgpException("Exception doing certification: " + e.Message, e); } }
/** * Start a clear text signed message. * @param hashAlgorithm */ public void BeginClearText(HashAlgorithmTag hashAlgorithm) { string hash; switch (hashAlgorithm) { case HashAlgorithmTag.Sha1: hash = "SHA1"; break; case HashAlgorithmTag.Sha256: hash = "SHA256"; break; case HashAlgorithmTag.Sha384: hash = "SHA384"; break; case HashAlgorithmTag.Sha512: hash = "SHA512"; break; case HashAlgorithmTag.MD2: hash = "MD2"; break; case HashAlgorithmTag.MD5: hash = "MD5"; break; case HashAlgorithmTag.RipeMD160: hash = "RIPEMD160"; break; default: throw new IOException("unknown hash algorithm tag in beginClearText: " + hashAlgorithm); } DoWrite("-----BEGIN PGP SIGNED MESSAGE-----" + NewLine); DoWrite("Hash: " + hash + NewLine + NewLine); _clearText = true; _newLine = true; _lastb = 0; }