public static ISigner GetSigner(AsymmetricSigningAlgorithm asymmetricSigningAlgorithm, IDigest hash, Error error) { if (error == null) { return(null); } if (hash == null) { error.setError("AE008", "Hash digest is null"); return(null); } ISigner sig = null; switch (asymmetricSigningAlgorithm) { case AsymmetricSigningAlgorithm.RSA: sig = new RsaDigestSigner(hash); break; case AsymmetricSigningAlgorithm.ECDSA: ECDsaSigner dsaSigner = new ECDsaSigner(); sig = new DsaDigestSigner(dsaSigner, hash); break; } return(sig); }
private static bool ReadBody(IOwinContext context, byte[] signature) { var ms = new MemoryStream(); RsaDigestSigner eng = new RsaDigestSigner(new Sha256Digest()); //new PssSigner(new RsaEngine(), digest); eng.Init(false, publicKey.Value); byte[] buffer = new byte[81920]; int count; while ((count = context.Request.Body.Read(buffer, 0, buffer.Length)) != 0) { ms.Write(buffer, 0, count); eng.BlockUpdate(buffer, 0, count); } var sha256 = new SHA256Managed(); var cs = new CryptoStream(ms, sha256, CryptoStreamMode.Write); context.Request.Body.CopyTo(cs); cs.FlushFinalBlock(); ms.Seek(0, SeekOrigin.Begin); context.Request.Body = ms; return(eng.VerifySignature(signature)); }
/// <summary> /// Create the digest signing context. /// </summary> /// <remarks> /// Creates a new digest signing context. /// </remarks> /// <returns>The digest signer.</returns> /// <exception cref="System.NotSupportedException"> /// The <see cref="DkimSignerBase.SignatureAlgorithm"/> is not supported. /// </exception> internal protected virtual ISigner CreateSigningContext() { #if ENABLE_NATIVE_DKIM return(new SystemSecuritySigner(SignatureAlgorithm, PrivateKey.AsAsymmetricAlgorithm())); #else ISigner signer; switch (SignatureAlgorithm) { case DkimSignatureAlgorithm.RsaSha1: signer = new RsaDigestSigner(new Sha1Digest()); break; case DkimSignatureAlgorithm.RsaSha256: signer = new RsaDigestSigner(new Sha256Digest()); break; case DkimSignatureAlgorithm.Ed25519Sha256: signer = new Ed25519DigestSigner(new Sha256Digest()); break; default: throw new NotSupportedException(string.Format("{0} is not supported.", SignatureAlgorithm)); } signer.Init(true, PrivateKey); return(signer); #endif }
public void Test() { //var keys = GenerateKeys(1024); //Console.WriteLine(DotNetUtilities.ToRSA(((RsaPrivateCrtKeyParameters)keys.Private)).ToXmlString(true)); //Console.WriteLine(); //Console.WriteLine(DotNetUtilities.ToRSA(((RsaPrivateCrtKeyParameters)keys.Private)).ToXmlString(false)); var keys = GetRsaKeyPair(); byte[] msg = Guid.NewGuid().ToByteArray(); ISigner eng = new RsaDigestSigner(new Sha256Digest()); eng.Init(true, keys.Private); eng.BlockUpdate(msg, 0, msg.Length); byte[] s = eng.GenerateSignature(); eng = new RsaDigestSigner(new Sha256Digest()); eng.Init(false, keys.Public); eng.BlockUpdate(msg, 0, msg.Length); Assert.IsTrue(eng.VerifySignature(s)); }
public void TestRsaDigestSigner() { BigInteger rsaPubMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); BigInteger rsaPubExp = new BigInteger(Base64.Decode("EQ==")); BigInteger rsaPrivMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); BigInteger rsaPrivDP = new BigInteger(Base64.Decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ==")); BigInteger rsaPrivDQ = new BigInteger(Base64.Decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ==")); BigInteger rsaPrivExp = new BigInteger(Base64.Decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E=")); BigInteger rsaPrivP = new BigInteger(Base64.Decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE=")); BigInteger rsaPrivQ = new BigInteger(Base64.Decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0=")); BigInteger rsaPrivQinv = new BigInteger(Base64.Decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg==")); RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaPubMod, rsaPubExp); RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 }; RsaDigestSigner signer = new RsaDigestSigner(new Sha1Digest()); signer.Init(true, rsaPrivate); signer.BlockUpdate(msg, 0, msg.Length); byte[] sig = signer.GenerateSignature(); signer.Init(false, rsaPublic); signer.BlockUpdate(msg, 0, msg.Length); Assert.IsTrue(signer.VerifySignature(sig), "RSA IDigest Signer failed."); }
/// <summary> /// Create the digest signing context. /// </summary> /// <remarks> /// Creates a new digest signing context that uses the specified algorithm. /// </remarks> /// <param name="algorithm">The DKIM signature algorithm.</param> /// <param name="key">The public key.</param> /// <returns>The digest signer.</returns> internal virtual ISigner CreateVerifyContext(DkimSignatureAlgorithm algorithm, AsymmetricKeyParameter key) { #if ENABLE_NATIVE_DKIM return(new SystemSecuritySigner(algorithm, key.AsAsymmetricAlgorithm())); #else ISigner signer; switch (algorithm) { case DkimSignatureAlgorithm.RsaSha1: signer = new RsaDigestSigner(new Sha1Digest()); break; case DkimSignatureAlgorithm.RsaSha256: signer = new RsaDigestSigner(new Sha256Digest()); break; case DkimSignatureAlgorithm.Ed25519Sha256: signer = new Ed25519DigestSigner(new Sha256Digest()); break; default: throw new NotSupportedException(string.Format("{0} is not supported.", algorithm)); } signer.Init(key.IsPrivate, key); return(signer); #endif }
public byte[] GenerateSignature(byte[] data, string privateKey) { var signer = new RsaDigestSigner(new Sha256Digest()); signer.Init(true, GetPrivateKeyParameters(privateKey)); signer.BlockUpdate(data, 0, data.Length); return(signer.GenerateSignature()); }
public bool VerifySignature(byte[] message, byte[] signature, AsymmetricKeyParameter publicKey) { var signer = new RsaDigestSigner(new Sha512Digest()); signer.Init(false, publicKey); signer.BlockUpdate(message, 0, message.Length); return(signer.VerifySignature(signature)); }
public byte[] SignMessage(byte[] message) { var signer = new RsaDigestSigner(new Sha512Digest()); signer.Init(true, KeyPair.Private); signer.BlockUpdate(message, 0, message.Length); return(signer.GenerateSignature()); }
public bool VerifySignature(byte[] data, byte[] signature, string publicKey) { var signer = new RsaDigestSigner(new Sha256Digest()); signer.Init(false, GetPublicKeyParameters(publicKey)); signer.BlockUpdate(data, 0, data.Length); return(signer.VerifySignature(signature)); }
/// <summary> /// Signs the passed in data with a private key /// </summary> /// <param name="privateKey">the private key used to create the signature</param> /// <param name="data">The data to sign</param> /// <returns>the signature as a byte array</returns> public byte[] Sign(byte[] privateKey, byte[] data) { var signer = new RsaDigestSigner(new Sha1Digest()); var privKey = (RsaKeyParameters)CreateAsymmetricKeyParameterFromPrivateKeyInfo(privateKey); signer.Init(true, privKey); signer.BlockUpdate(data, 0, data.Length); return(signer.GenerateSignature()); }
private byte[] SignRsa(IDigest digest, byte[] buffer, int length) { RsaDigestSigner signer = new RsaDigestSigner(digest); signer.Init(true, new ParametersWithRandom(PrivateKeyFactory.CreateKey(PrivateKey), _secureRandom)); signer.BlockUpdate(buffer, 0, length); return(signer.GenerateSignature()); }
/// <summary> /// Verifies a signature to be authentic /// </summary> /// <param name="originalSignature">The signature which is be verified</param> /// <param name="publicKey">the public key used for the verification</param> /// <param name="data">the data which is signed</param> /// <returns>true if signature is authentic, false if not</returns> public bool Verify(byte[] originalSignature, byte[] publicKey, byte[] data) { var signer = new RsaDigestSigner(new Sha1Digest()); var pubKey = (RsaKeyParameters)CreateAsymmetricKeyParameterFromPublicKeyInfo(publicKey); signer.Init(false, pubKey); signer.BlockUpdate(data, 0, data.Length); return(signer.VerifySignature(originalSignature)); }
public static string SignContent(AsymmetricKeyParameter privateKey, string content) { var rsaDigestSigner = new RsaDigestSigner(new Sha1Digest()); rsaDigestSigner.Init(true, privateKey); var bytes = Encoding.UTF8.GetBytes(content); rsaDigestSigner.BlockUpdate(bytes, 0, bytes.Length); return(Convert.ToBase64String(rsaDigestSigner.GenerateSignature())); }
public byte[] SignMessageAsBytes(string message, string privateKey) { var bytesToEncrypt = Encoding.UTF8.GetBytes(message); var signer = new RsaDigestSigner(GetShaDigest()); signer.Init(true, GetPrivate(privateKey)); signer.BlockUpdate(bytesToEncrypt, 0, bytesToEncrypt.Length); return(signer.GenerateSignature()); }
public RsaPublicKey(RsaKeyParameters k) { _k = k; _instance = new Lazy <ISigner>(() => { var rsa = new RsaDigestSigner(new Sha256Digest()); rsa.Init(false, _k); return(rsa); }); }
private static byte[] GetSignature(MetaInfCertSfBuilder signature, ICipherParameters privateKey) { var signer = new RsaDigestSigner(new Sha1Digest()); //var signer = new RSADigestSigner(new MD5Digest()); signer.Init(true, privateKey); var raw = signature.ToArray(); signer.BlockUpdate(raw, 0, raw.Length); return(signer.GenerateSignature()); }
public bool VerifyMessage(string message, byte[] signature, AsymmetricKeyParameter publicKey) { var bytesToEncrypt = Encoding.UTF8.GetBytes(message); var signer = new RsaDigestSigner(GetShaDigest()); signer.Init(false, publicKey); signer.BlockUpdate(bytesToEncrypt, 0, bytesToEncrypt.Length); return(signer.VerifySignature(signature)); }
public RsaPrivateKey(RsaPrivateCrtKeyParameters sk, RsaKeyParameters pk = null) { _sk = sk; _pk = pk ?? new RsaKeyParameters(false, _sk.Modulus, _sk.PublicExponent); _instance = new Lazy <ISigner>(() => { var rsa = new RsaDigestSigner(new Sha256Digest()); rsa.Init(true, _sk); return(rsa); }); }
public bool VerifyMessage(string message, string signature, string publicKey) { var bytesToEncrypt = Encoding.UTF8.GetBytes(message); var signer = new RsaDigestSigner(GetShaDigest()); signer.Init(false, GetPublic(publicKey)); signer.BlockUpdate(bytesToEncrypt, 0, bytesToEncrypt.Length); return(signer.VerifySignature(Convert.FromBase64String(signature))); }
/// <summary> /// Creates an instance of a 'SoftToken'. /// </summary> /// <param name="name">The token's name.</param> /// <param name="certPath">Path to OCSP signer certificate.</param> /// <param name="keyPath">Path to OCSP signer certificate key.</param> public override byte[] SignData(byte[] data, IDigest digestAlgorithm) { byte[] signature; RsaDigestSigner rsaSigner = new RsaDigestSigner(digestAlgorithm); rsaSigner.Init(true, _privateKey); rsaSigner.BlockUpdate(data, 0, data.Length); signature = rsaSigner.GenerateSignature(); rsaSigner.Reset(); return(signature); }
public string GenerateSignature(string privateKey, string password, string documentId) { var keyPair = ReadPrivateKey(privateKey, password); var sha1Digest = new Sha1Digest(); var rsaDigestSigner = new RsaDigestSigner(sha1Digest); rsaDigestSigner.Init(true, keyPair); var documentIdToSign = Encoding.ASCII.GetBytes(documentId); rsaDigestSigner.BlockUpdate(documentIdToSign, 0, documentIdToSign.Length); return(Convert.ToBase64String(rsaDigestSigner.GenerateSignature())); }
public void ComputeSignature() { if (key != null) { if (m_signature.SignedInfo.SignatureMethod == null) { //defaults do RSA SHA256 Signature m_signature.SignedInfo.SignatureMethod = XmlDsigConstants.XmlDsigRSASHA256Url; } var sd = SignatureMethodParser.Parse(m_signature.SignedInfo.SignatureMethod); IDigest hash = XmlEncHashes.GetHashByName(sd.HashName); DigestReferences(); ISigner signer = null; // in need for a CryptoConfig factory if (key is DsaKeyParameters) { if (sd.CipherName != "DSA") { throw new CryptographicException("DSA SignatureAlgorithm is not supported by the signing key."); } signer = new DsaDigestSigner(new DsaSigner(), hash); } else if (key is RsaKeyParameters) { if (sd.CipherName != "RSA") { throw new CryptographicException("RSA SignatureAlgorithm is not supported by the signing key."); } signer = new RsaDigestSigner(hash); } if (signer != null) { signer.Init(true, key); byte[] signed = SignerHelper.ComputeSignature(signer, SignedInfoTransformed()); m_signature.SignatureValue = signed; } } else { throw new CryptographicException("signing key is not specified"); } }
protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning, ICipherParameters cp) { if ((algorithm != null) != TlsUtilities.IsTlsV12(mContext)) { throw new InvalidOperationException(); } if (algorithm != null && algorithm.Signature != SignatureAlgorithm.rsa) { throw new InvalidOperationException(); } IDigest d; if (raw) { d = new NullDigest(); } else if (algorithm == null) { d = new CombinedHash(); } else { d = TlsUtilities.CreateHash(algorithm.Hash); } ISigner s; if (algorithm != null) { /* * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1]. */ s = new RsaDigestSigner(d, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash)); } else { /* * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme * that did not include a DigestInfo encoding. */ s = new GenericSigner(CreateRsaImpl(), d); } s.Init(forSigning, cp); return(s); }
private bool VerifyRsa(IDigest digest, byte[] buffer, int length, byte[] signature) { RsaDigestSigner signer = new RsaDigestSigner(digest); int exponentOffset = 1; int exponentLength = PublicKey[0] == 0 ? DnsMessageBase.ParseUShort(PublicKey, ref exponentOffset) : PublicKey[0]; int moduloOffset = exponentOffset + exponentLength; int moduloLength = PublicKey.Length - moduloOffset; RsaKeyParameters parameters = new RsaKeyParameters(false, new BigInteger(1, PublicKey, moduloOffset, moduloLength), new BigInteger(1, PublicKey, exponentOffset, exponentLength)); signer.Init(false, new ParametersWithRandom(parameters, _secureRandom)); signer.BlockUpdate(buffer, 0, length); return(signer.VerifySignature(signature)); }
public ISigner CreateEngine(EngineUsage usage) { ISigner sig; if (parameters.Algorithm.Mode == AlgorithmMode.PKCSv1_5) { sig = new RsaDigestSigner(ENGINE_PROVIDER.CreateEngine(usage), FipsShs.CreateDigest(parameters.DigestAlgorithm)); } else { sig = new X931Signer(ENGINE_PROVIDER.CreateEngine(usage), FipsShs.CreateDigest(parameters.DigestAlgorithm), false); } sig.Init((usage == EngineUsage.SIGNING), sigParams); return(sig); }
public override byte[] SignHash(byte[] hash, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) { if (hashAlgorithm != HashAlgorithmName.SHA256) { throw new ArgumentException( $"Unsupported HashAlgorithmName '{hashAlgorithm}', only SHA256 supported.", nameof(hashAlgorithm)); } if (padding != RSASignaturePadding.Pkcs1) { throw new ArgumentException( $"Unsupported RSASignaturePadding '{padding}', only Pkcs1 supported.", nameof(padding)); } var signer = new RsaDigestSigner(new NullDigest(), NistObjectIdentifiers.IdSha256); signer.Init(true, _parameters); signer.BlockUpdate(hash, 0, hash.Length); return(signer.GenerateSignature()); }
public static byte[] Sign(byte[] data) { //RSAParameters p = new RSAParameters(); //var publicKey = DotNetUtilities.GetRsaPublicKey(p); //var cs = new RSACryptoServiceProvider(1024); //var publicKey = DotNetUtilities.GetRsaPublicKey(cs); var publicKey = GetRsaKeyPair(); ISigner eng = new RsaDigestSigner(new Sha256Digest()); //new PssSigner(new RsaEngine(), digest); eng.Init(true, publicKey.Private); eng.BlockUpdate(data, 0, data.Length); return(eng.GenerateSignature()); }
public static bool VerifySignature(byte[] data, byte[] modulus, byte[] exponent, byte[] signature) { //RSAParameters p = new RSAParameters(); //var publicKey = DotNetUtilities.GetRsaPublicKey(p); //var cs = new RSACryptoServiceProvider(1024); //var publicKey = DotNetUtilities.GetRsaPublicKey(cs); var publicKey = new RsaKeyParameters(false, new BigInteger(1, modulus), new BigInteger(1, exponent)); ISigner eng = new RsaDigestSigner(new Sha256Digest()); //new PssSigner(new RsaEngine(), digest); eng.Init(false, publicKey); eng.BlockUpdate(data, 0, data.Length); return(eng.VerifySignature(signature)); }
/* * SIGNING IMPLEMENTATION */ private void sign(RestRequest request) { byte[] bodyBytes = request.Body(); var sha256 = new Sha256Digest(); var signer = new RsaDigestSigner(sha256); signer.Init(true, (ICipherParameters)rsaKeyPair.Private); signer.BlockUpdate(bodyBytes, 0, bodyBytes.Length); byte[] signature = signer.GenerateSignature(); string hexEncoded = Hex.ToHexString(signature); var header = string.Format("{0} RS256-hex {1}", signingAPIKey, hexEncoded); request.AddHeader("Signature", header); }