public override bool Verify(byte[] signature) { HashAlgorithm hash = HashAlgorithm.Create("SHA1"); byte[] toBeVerified = hash.ComputeHash(ms.ToArray()); return(PKCS1.Verify_v15(rsa, hash, toBeVerified, signature)); // return rsa.VerifyData (ms.ToArray (), "SHA1", signature); }
public void PKCS15_SignAndVerify_UnknownHash() { // this hash algorithm isn't known from CryptoConfig so no OID is available MD5SHA1 hash = new MD5SHA1(); byte[] value = GetValue(hash.HashSize >> 3); byte[] unknown = PKCS1.Sign_v15(rsa, hash, value); Assert.IsTrue(PKCS1.Verify_v15(rsa, hash, value, unknown), "Verify"); }
public bool CheckSignature(byte[] hash, string hashAlgorithm, byte[] signature) { #if MOONLIGHT string hashName = GetHashNameFromOID(hashAlgorithm); HashAlgorithm algo = HashAlgorithm.Create(hashName); return(PKCS1.Verify_v15(RSA, algo, hash, signature)); #else RSACryptoServiceProvider r = (RSACryptoServiceProvider)RSA; return(r.VerifyHash(hash, hashAlgorithm, signature)); #endif }
public static bool VerifySignature(SignatureAndHashAlgorithm type, HashAlgorithm hash, SecureBuffer hashData, AsymmetricAlgorithm key, SecureBuffer signature) { if (!VerifyHashType(type, hash)) { throw new TlsException(AlertDescription.IlegalParameter); } if (type.Signature == SignatureAlgorithmType.Rsa) { return(PKCS1.Verify_v15((RSA)key, hash, hashData.Buffer, signature.Buffer)); } else { throw new NotSupportedException(); } }
public bool VerifyHash(byte[] rgbHash, string str, byte[] rgbSignature) { if (rgbHash == null) { throw new ArgumentNullException("rgbHash"); } if (rgbSignature == null) { throw new ArgumentNullException("rgbSignature"); } // Fx 2.0 defaults to the SHA-1 string hashName = (str == null) ? "SHA1" : GetHashNameFromOID(str); HashAlgorithm hash = HashAlgorithm.Create(hashName); return(PKCS1.Verify_v15(this, hash, rgbHash, rgbSignature)); }
// NOTE: this method can work with ANY configured (OID in machine.config) // HashAlgorithm descendant public bool VerifyData(byte[] buffer, object halg, byte[] signature) { if (buffer == null) { throw new ArgumentNullException("buffer"); } if (signature == null) { throw new ArgumentNullException("signature"); } HashAlgorithm hash = GetHash(halg); byte[] toBeVerified = hash.ComputeHash(buffer); return(PKCS1.Verify_v15(this, hash, toBeVerified, signature)); }
public override bool VerifySignature(byte[] rgbHash, byte[] rgbSignature) { if (key == null) { throw new CryptographicUnexpectedOperationException("The key is a null reference"); } if (hash == null) { throw new CryptographicUnexpectedOperationException("The hash algorithm is a null reference."); } if (rgbHash == null) { throw new ArgumentNullException("The rgbHash parameter is a null reference."); } return(PKCS1.Verify_v15(key, hash, rgbHash, rgbSignature)); }
public override bool VerifySignature(byte[] rgbHash, byte[] rgbSignature) { if (rsa == null) { throw new CryptographicUnexpectedOperationException( Locale.GetText("No public key available.")); } if (hashName == null) { throw new CryptographicUnexpectedOperationException( Locale.GetText("Missing hash algorithm.")); } if (rgbHash == null) { throw new ArgumentNullException("rgbHash"); } if (rgbSignature == null) { throw new ArgumentNullException("rgbSignature"); } return(PKCS1.Verify_v15(rsa, hashName, rgbHash, rgbSignature)); }
private bool VerifyCounterSignature (PKCS7.SignerInfo cs, byte[] signature) { // SEQUENCE { // INTEGER 1 if (cs.Version != 1) return false; // SEQUENCE { // SEQUENCE { string contentType = null; ASN1 messageDigest = null; for (int i=0; i < cs.AuthenticatedAttributes.Count; i++) { // SEQUENCE { // OBJECT IDENTIFIER ASN1 attr = (ASN1) cs.AuthenticatedAttributes [i]; string oid = ASN1Convert.ToOid (attr[0]); switch (oid) { case "1.2.840.113549.1.9.3": // contentType contentType = ASN1Convert.ToOid (attr[1][0]); break; case "1.2.840.113549.1.9.4": // messageDigest messageDigest = attr[1][0]; break; case "1.2.840.113549.1.9.5": // SEQUENCE { // OBJECT IDENTIFIER // signingTime (1 2 840 113549 1 9 5) // SET { // UTCTime '030124013651Z' // } // } timestamp = ASN1Convert.ToDateTime (attr[1][0]); break; default: break; } } if (contentType != PKCS7.Oid.data) return false; // verify message digest if (messageDigest == null) return false; // TODO: must be read from the ASN.1 structure string hashName = null; switch (messageDigest.Length) { case 16: hashName = "MD5"; break; case 20: hashName = "SHA1"; break; } HashAlgorithm ha = HashAlgorithm.Create (hashName); if (!messageDigest.CompareValue (ha.ComputeHash (signature))) return false; // verify signature byte[] counterSignature = cs.Signature; // change to SET OF (not [0]) as per PKCS #7 1.5 ASN1 aa = new ASN1 (0x31); foreach (ASN1 a in cs.AuthenticatedAttributes) aa.Add (a); byte[] p7hash = ha.ComputeHash (aa.GetBytes ()); // we need to try all certificates string issuer = cs.IssuerName; byte[] serial = cs.SerialNumber; foreach (X509Certificate x509 in coll) { if (CompareIssuerSerial (issuer, serial, x509)) { if (x509.PublicKey.Length > counterSignature.Length) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider) x509.RSA; // we need to HACK around bad (PKCS#1 1.5) signatures made by Verisign Timestamp Service // and this means copying stuff into our own RSAManaged to get the required flexibility RSAManaged rsam = new RSAManaged (); rsam.ImportParameters (rsa.ExportParameters (false)); if (PKCS1.Verify_v15 (rsam, ha, p7hash, counterSignature, true)) { timestampChain.LoadCertificates (coll); return (timestampChain.Build (x509)); } } } } // no certificate can verify this signature! return false; }
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature) { if (cs.Version != 1) { return(false); } string a = null; ASN1 asn = null; int i = 0; while (i < cs.AuthenticatedAttributes.Count) { ASN1 asn2 = (ASN1)cs.AuthenticatedAttributes[i]; string text = ASN1Convert.ToOid(asn2[0]); string text2 = text; switch (text2) { case "1.2.840.113549.1.9.3": a = ASN1Convert.ToOid(asn2[1][0]); break; case "1.2.840.113549.1.9.4": asn = asn2[1][0]; break; case "1.2.840.113549.1.9.5": this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]); break; } IL_FC: i++; continue; goto IL_FC; } if (a != "1.2.840.113549.1.7.1") { return(false); } if (asn == null) { return(false); } string hashName = null; int length = asn.Length; if (length != 16) { if (length == 20) { hashName = "SHA1"; } } else { hashName = "MD5"; } HashAlgorithm hashAlgorithm = HashAlgorithm.Create(hashName); if (!asn.CompareValue(hashAlgorithm.ComputeHash(signature))) { return(false); } byte[] signature2 = cs.Signature; ASN1 asn3 = new ASN1(49); foreach (object obj in cs.AuthenticatedAttributes) { ASN1 asn4 = (ASN1)obj; asn3.Add(asn4); } byte[] hashValue = hashAlgorithm.ComputeHash(asn3.GetBytes()); string issuerName = cs.IssuerName; byte[] serialNumber = cs.SerialNumber; foreach (X509Certificate x509Certificate in this.coll) { if (this.CompareIssuerSerial(issuerName, serialNumber, x509Certificate) && x509Certificate.PublicKey.Length > signature2.Length) { RSACryptoServiceProvider rsacryptoServiceProvider = (RSACryptoServiceProvider)x509Certificate.RSA; RSAManaged rsamanaged = new RSAManaged(); rsamanaged.ImportParameters(rsacryptoServiceProvider.ExportParameters(false)); if (PKCS1.Verify_v15(rsamanaged, hashAlgorithm, hashValue, signature2, true)) { this.timestampChain.LoadCertificates(this.coll); return(this.timestampChain.Build(x509Certificate)); } } } return(false); }
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature) { if (cs.Version == 1) { string str = null; ASN1 asn = null; for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++) { ASN1 asn2 = (ASN1)cs.AuthenticatedAttributes[i]; string key = ASN1Convert.ToOid(asn2[0]); if (key != null) { if (__f__switch_map3 == null) { Dictionary <string, int> dictionary = new Dictionary <string, int>(3) { { "1.2.840.113549.1.9.3", 0 }, { "1.2.840.113549.1.9.4", 1 }, { "1.2.840.113549.1.9.5", 2 } }; __f__switch_map3 = dictionary; } if (__f__switch_map3.TryGetValue(key, out int num2)) { switch (num2) { case 0: str = ASN1Convert.ToOid(asn2[1][0]); break; case 1: asn = asn2[1][0]; break; case 2: this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]); break; } } } } if (str != "1.2.840.113549.1.7.1") { return(false); } if (asn == null) { return(false); } string hashName = null; switch (asn.Length) { case 0x10: hashName = "MD5"; break; case 20: hashName = "SHA1"; break; } HashAlgorithm hash = HashAlgorithm.Create(hashName); if (asn.CompareValue(hash.ComputeHash(signature))) { byte[] buffer = cs.Signature; ASN1 asn3 = new ASN1(0x31); IEnumerator enumerator = cs.AuthenticatedAttributes.GetEnumerator(); try { while (enumerator.MoveNext()) { ASN1 current = (ASN1)enumerator.Current; asn3.Add(current); } } finally { if (enumerator is IDisposable disposable) { disposable.Dispose(); } } byte[] hashValue = hash.ComputeHash(asn3.GetBytes()); string issuerName = cs.IssuerName; byte[] serialNumber = cs.SerialNumber; X509CertificateCollection.X509CertificateEnumerator enumerator2 = this.coll.GetEnumerator(); try { while (enumerator2.MoveNext()) { X509Certificate current = enumerator2.Current; if (this.CompareIssuerSerial(issuerName, serialNumber, current) && (current.PublicKey.Length > buffer.Length)) { RSACryptoServiceProvider rSA = (RSACryptoServiceProvider)current.RSA; RSAManaged rsa = new RSAManaged(); rsa.ImportParameters(rSA.ExportParameters(false)); if (PKCS1.Verify_v15(rsa, hash, hashValue, buffer, true)) { this.timestampChain.LoadCertificates(this.coll); return(this.timestampChain.Build(current)); } } } } finally { if (enumerator2 is IDisposable disposable2) { disposable2.Dispose(); } } } } return(false); }
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature) { if (cs.Version != 1) { return(false); } string a = null; ASN1 aSN = null; for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++) { ASN1 aSN2 = (ASN1)cs.AuthenticatedAttributes[i]; switch (ASN1Convert.ToOid(aSN2[0])) { case "1.2.840.113549.1.9.3": a = ASN1Convert.ToOid(aSN2[1][0]); break; case "1.2.840.113549.1.9.4": aSN = aSN2[1][0]; break; case "1.2.840.113549.1.9.5": timestamp = ASN1Convert.ToDateTime(aSN2[1][0]); break; } } if (a != "1.2.840.113549.1.7.1") { return(false); } if (aSN == null) { return(false); } string hashName = null; switch (aSN.Length) { case 16: hashName = "MD5"; break; case 20: hashName = "SHA1"; break; } HashAlgorithm hashAlgorithm = HashAlgorithm.Create(hashName); if (!aSN.CompareValue(hashAlgorithm.ComputeHash(signature))) { return(false); } byte[] signature2 = cs.Signature; ASN1 aSN3 = new ASN1(49); foreach (ASN1 authenticatedAttribute in cs.AuthenticatedAttributes) { aSN3.Add(authenticatedAttribute); } byte[] hashValue = hashAlgorithm.ComputeHash(aSN3.GetBytes()); string issuerName = cs.IssuerName; byte[] serialNumber = cs.SerialNumber; foreach (X509Certificate item in coll) { if (CompareIssuerSerial(issuerName, serialNumber, item) && item.PublicKey.Length > signature2.Length) { RSACryptoServiceProvider rSACryptoServiceProvider = (RSACryptoServiceProvider)item.RSA; RSAManaged rSAManaged = new RSAManaged(); rSAManaged.ImportParameters(rSACryptoServiceProvider.ExportParameters(includePrivateParameters: false)); if (PKCS1.Verify_v15(rSAManaged, hashAlgorithm, hashValue, signature2, tryNonStandardEncoding: true)) { timestampChain.LoadCertificates(coll); return(timestampChain.Build(item)); } } } return(false); }