public Key Uncover(Key scan, PubKey ephem)
{
X9ECParameters curve = ECKey.Secp256k1;
byte[] priv = new BigInteger(1, PubKey.GetStealthSharedSecret(scan, ephem))
.Add(new BigInteger(1, this.ToBytes()))
.Mod(curve.N)
.ToByteArrayUnsigned();
if (priv.Length < 32)
{
priv = new byte[32 - priv.Length].Concat(priv).ToArray();
}
var key = new Key(priv, fCompressedIn: this.IsCompressed);
return(key);
}
public static X9ECParameters GetByOid(DerObjectIdentifier oid)
{
X9ECParameters byOid = X962NamedCurves.GetByOid(oid);
if (byOid == null)
{
byOid = SecNamedCurves.GetByOid(oid);
}
if (byOid == null)
{
byOid = TeleTrusTNamedCurves.GetByOid(oid);
}
if (byOid == null)
{
byOid = AnssiNamedCurves.GetByOid(oid);
}
return(byOid);
}
public static KeyPairEC SecP256r1KeyPairGen()
{
string curve = "secp256r1";
X9ECParameters ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName(curve);
ECDomainParameters domainParameters = new ECDomainParameters(ecParams.Curve,
ecParams.G, ecParams.N, ecParams.H,
ecParams.GetSeed());
ECKeyGenerationParameters keyGenParams =
new ECKeyGenerationParameters(domainParameters, new SecureRandom());
AsymmetricCipherKeyPair keyPair;
ECKeyPairGenerator generator = new ECKeyPairGenerator();
generator.Init(keyGenParams);
keyPair = generator.GenerateKeyPair();
ECPrivateKeyParameters privateKey = (ECPrivateKeyParameters)keyPair.Private;
ECPublicKeyParameters publicKey = (ECPublicKeyParameters)keyPair.Public;
var privKeyBytes = privateKey.D.ToByteArrayUnsigned();
var pubKeyBytes = publicKey.Q.GetEncoded();
string privKey = ToSolidHex(privKeyBytes);
string pubKey = ToSolidHex(pubKeyBytes);
Console.WriteLine($"Curve: {curve}");
Console.WriteLine($"Generated private key ({privKeyBytes.Length} bytes):");
Console.WriteLine($"{ToHex(privKeyBytes)}");
Console.WriteLine($"Generated public key ({pubKeyBytes.Length} bytes):");
Console.WriteLine($"{ToHex(pubKeyBytes)}");
Console.WriteLine("=====================================");
Console.WriteLine($"priv:");
Console.WriteLine($"{privKey}");
Console.WriteLine($"pub:");
Console.WriteLine($"{pubKey}");
return(new KeyPairEC()
{
PrivKey = privKeyBytes,
PubKey = pubKeyBytes,
PrivKeyByteHexStr = privKey,
PubKeyByteHexStr = pubKey
});
}
private void GenerateKeys(string curveName)
{
X9ECParameters ecParams = SecNamedCurves.GetByName(curveName);
_domainParameters = new ECDomainParameters(ecParams.Curve,
ecParams.G, ecParams.N, ecParams.H,
ecParams.GetSeed());
ECKeyGenerationParameters keyGenParams =
new ECKeyGenerationParameters(_domainParameters, new SecureRandom());
AsymmetricCipherKeyPair keyPair;
ECKeyPairGenerator generator = new ECKeyPairGenerator();
generator.Init(keyGenParams);
keyPair = generator.GenerateKeyPair();
_privateKey = (ECPrivateKeyParameters)keyPair.Private;
_publicKey = (ECPublicKeyParameters)keyPair.Public;
}
public static void Main()
{
X9ECParameters secp256k1 = ECNamedCurveTable.GetByName("secp256k1");
ECDomainParameters domainParams = new ECDomainParameters(secp256k1.Curve, secp256k1.G, secp256k1.N, secp256k1.H, secp256k1.GetSeed());
const string d = "e8HThqO0wR_Qw4pNIb80Cs0mYuCSqT6BSQj-o-tKTrg";
const string x = "A3hkIubgDggcoHzmVdXIm11gZ7UMaOa71JVf1eCifD8";
const string y = "ejpRwmCvNMdXMOjR2DodOt09OLPgNUrcKA9hBslaFU0";
var point = secp256k1.Curve.CreatePoint(
new BigInteger(1, Base64UrlEncoder.DecodeBytes(x)),
new BigInteger(1, Base64UrlEncoder.DecodeBytes(y)));
var handler = new JsonWebTokenHandler();
var token = handler.CreateToken(new SecurityTokenDescriptor
{
Issuer = "me",
Audience = "you",
SigningCredentials = new SigningCredentials(new BouncyCastleEcdsaSecurityKey(
new ECPrivateKeyParameters(new BigInteger(1, Base64UrlEncoder.DecodeBytes(d)), domainParams))
{
KeyId = "123"
}, "ES256K")
});
Console.WriteLine(token);
var result = handler.ValidateToken(
token,
new TokenValidationParameters
{
ValidIssuer = "me",
ValidAudience = "you",
IssuerSigningKey = new BouncyCastleEcdsaSecurityKey(
new ECPublicKeyParameters(point, domainParams))
{
KeyId = "123"
}
});
Console.WriteLine($"Is signature valid: {result.IsValid}");
}
private void AddTestCurves(IList x9s, X9ECParameters x9)
{
ECCurve curve = x9.Curve;
int[] coords = ECCurve.GetAllCoordinateSystems();
for (int i = 0; i < coords.Length; ++i)
{
int coord = coords[i];
if (curve.CoordinateSystem == coord)
{
x9s.Add(x9);
}
else if (curve.SupportsCoordinateSystem(coord))
{
ECCurve c = curve.Configure().SetCoordinateSystem(coord).Create();
x9s.Add(new X9ECParameters(c, c.ImportPoint(x9.G), x9.N, x9.H));
}
}
}
private ECPrivateKeyParameters ParseKey(string data)
{
Dictionary <string, string> values = ToDictionnary(data);
string curveName = values["curve"].Replace("NIST", "");
X9ECParameters curve = SecNamedCurves.GetByOid(curves[curveName]);
var domain = new ECDomainParameters(curve.Curve, curve.G, new BigInteger(values["q"], 16), curve.H);
Assert.Equal(domain.N, curve.N);
var key = new ECPrivateKeyParameters(new BigInteger(values["x"], 16), domain);
ECPoint pub = curve.G.Multiply(key.D);
Assert.Equal(pub.Normalize().XCoord.ToBigInteger(), new BigInteger(values["Ux"], 16));
Assert.Equal(pub.Normalize().YCoord.ToBigInteger(), new BigInteger(values["Uy"], 16));
return(key);
}
public ICipherParameters DecodePublicKey(byte[] encodedPublicKey)
{
try
{
X9ECParameters curve = SecNamedCurves.GetByOid(_curve);
ECPoint point = curve.Curve.DecodePoint(encodedPublicKey);
ECDomainParameters ecP = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H);
return(new ECPublicKeyParameters(point, ecP));
}
catch (InvalidKeySpecException e)
{
throw new U2fException(ErrorDecodingPublicKey, e);
}
catch (Exception e)
{
throw new U2fException("Could not parse user public key", e);
}
}
/// <summary>
/// SM2解密
/// </summary>
/// <param name="privateKey">私钥</param>
/// <param name="cipherData">密文</param>
/// <returns></returns>
public static string Decrypt(string privateKey, string cipherData)
{
byte[] cipherDataByte = Hex.Decode(cipherData);
//获取一条SM2曲线参数
X9ECParameters sm2EcParameters = GMNamedCurves.GetByName("sm2p256v1");
//构造domain参数
ECDomainParameters domainParameters = new ECDomainParameters(sm2EcParameters.Curve, sm2EcParameters.G, sm2EcParameters.N);
BigInteger privateKeyD = new BigInteger(privateKey, 16);
ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(privateKeyD, domainParameters);
SM2Engine sm2Engine = new SM2Engine();
sm2Engine.Init(false, privateKeyParameters);
byte[] arrayOfBytes = sm2Engine.ProcessBlock(cipherDataByte, 0, cipherDataByte.Length);
return(Encoding.UTF8.GetString(arrayOfBytes));
}
// private static readonly Hashtable CurveNames = new Hashtable();
// private static readonly Hashtable CurveAliases = new Hashtable();
//
// static NamedCurveTest()
// {
// CurveNames.Add("prime192v1", "prime192v1"); // X9.62
// CurveNames.Add("sect571r1", "sect571r1"); // sec
// CurveNames.Add("secp224r1", "secp224r1");
// CurveNames.Add("B-409", SecNamedCurves.GetName(NistNamedCurves.GetOid("B-409"))); // nist
// CurveNames.Add("P-521", SecNamedCurves.GetName(NistNamedCurves.GetOid("P-521")));
// CurveNames.Add("brainpoolp160r1", "brainpoolp160r1"); // TeleTrusT
//
// CurveAliases.Add("secp192r1", "prime192v1");
// CurveAliases.Add("secp256r1", "prime256v1");
// }
private static ECDomainParameters GetCurveParameters(
string name)
{
ECDomainParameters ecdp = ECGost3410NamedCurves.GetByName(name);
if (ecdp != null)
{
return(ecdp);
}
X9ECParameters ecP = ECNamedCurveTable.GetByName(name);
if (ecP == null)
{
throw new Exception("unknown curve name: " + name);
}
return(new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()));
}
private void RandMult(string label, X9ECParameters spec)
{
ECCurve C = spec.Curve;
ECPoint G = (ECPoint)spec.G;
BigInteger n = spec.N;
SecureRandom random = new SecureRandom();
random.SetSeed(DateTimeUtilities.CurrentUnixMs());
Console.WriteLine(label);
int[] coords = ECCurve.GetAllCoordinateSystems();
for (int i = 0; i < coords.Length; ++i)
{
int coord = coords[i];
if (C.SupportsCoordinateSystem(coord))
{
ECCurve c = C;
ECPoint g = G;
if (c.CoordinateSystem != coord)
{
c = C.Configure().SetCoordinateSystem(coord).Create();
g = c.ImportPoint(G);
}
double avgDuration = RandMult(random, g, n);
string coordName = COORD_NAMES[coord];
StringBuilder sb = new StringBuilder();
sb.Append(" ");
sb.Append(coordName);
for (int j = coordName.Length; j < 30; ++j)
{
sb.Append(' ');
}
sb.Append(": ");
sb.Append(avgDuration);
sb.Append("ms");
Console.WriteLine(sb.ToString());
}
}
}
internal static ECDomainParameters LookupParameters(DerObjectIdentifier publicKeyParamSet)
{
if (publicKeyParamSet == null)
{
throw new ArgumentNullException("publicKeyParamSet");
}
ECDomainParameters eCDomainParameters = ECGost3410NamedCurves.GetByOid(publicKeyParamSet);
if (eCDomainParameters == null)
{
X9ECParameters x9ECParameters = ECKeyPairGenerator.FindECCurveByOid(publicKeyParamSet);
if (x9ECParameters == null)
{
throw new ArgumentException("OID is not a valid public key parameter set", "publicKeyParamSet");
}
eCDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N, x9ECParameters.H, x9ECParameters.GetSeed());
}
return(eCDomainParameters);
}
private static ECPoint Recover(BigInteger[] sig, byte[] hash, int recid, bool check)
{
X9ECParameters ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1");
int i = recid / 2;
BigInteger order = ecParams.N;
BigInteger field = (ecParams.Curve as FpCurve).Q;
BigInteger x = order.Multiply(new BigInteger(i.ToString())).Add(sig[0]);
if (x.CompareTo(field) >= 0)
{
throw new Exception("X too large");
}
byte[] compressedPoint = new Byte[x.ToByteArrayUnsigned().Length + 1];
compressedPoint[0] = (byte)(0x02 + (recid % 2));
Buffer.BlockCopy(x.ToByteArrayUnsigned(), 0, compressedPoint, 1, compressedPoint.Length - 1);
ECPoint R = ecParams.Curve.DecodePoint(compressedPoint);
if (check)
{
ECPoint O = R.Multiply(order);
if (!O.IsInfinity)
{
throw new Exception("Check failed");
}
}
int n = (ecParams.Curve as FpCurve).Q.ToByteArrayUnsigned().Length * 8;
BigInteger e = new BigInteger(1, hash);
if (8 * hash.Length > n)
{
e = e.ShiftRight(8 - (n & 7));
}
e = BigInteger.Zero.Subtract(e).Mod(order);
BigInteger rr = sig[0].ModInverse(order);
BigInteger sor = sig[1].Multiply(rr).Mod(order);
BigInteger eor = e.Multiply(rr).Mod(order);
ECPoint Q = ecParams.G.Multiply(eor).Add(R.Multiply(sor));
return(Q);
}
/// <summary>
/// 生成SM2公私钥对
/// </summary>
/// <returns></returns>
private static AsymmetricCipherKeyPair CreateKeyPairInternal()
{
//获取一条SM2曲线参数
X9ECParameters sm2EcParameters = GMNamedCurves.GetByName("sm2p256v1");
//构造domain参数
ECDomainParameters domainParameters = new ECDomainParameters(sm2EcParameters.Curve, sm2EcParameters.G, sm2EcParameters.N);
//1.创建密钥生成器
ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
//2.初始化生成器,带上随机数
keyPairGenerator.Init(new ECKeyGenerationParameters(domainParameters, SecureRandom.GetInstance("SHA1PRNG")));
//3.生成密钥对
AsymmetricCipherKeyPair asymmetricCipherKeyPair = keyPairGenerator.GenerateKeyPair();
return(asymmetricCipherKeyPair);
}
private void EncodePrivateKey()
{
X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
//
// named curve
//
X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), new ECPrivateKeyStructure(BigInteger.Ten).ToAsn1Object());
if (!Arrays.AreEqual(info.GetEncoded(), namedPriv))
{
Fail("failed private named generation");
}
Asn1Object o = Asn1Object.FromByteArray(namedPriv);
if (!info.Equals(o))
{
Fail("failed private named equality");
}
//
// explicit curve parameters
//
_params = new X962Parameters(ecP);
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), new ECPrivateKeyStructure(BigInteger.ValueOf(20)).ToAsn1Object());
if (!Arrays.AreEqual(info.GetEncoded(), expPriv))
{
Fail("failed private explicit generation");
}
o = Asn1Object.FromByteArray(expPriv);
if (!info.Equals(o))
{
Fail("failed private explicit equality");
}
}
public static ECDomainParameters GetParametersForNamedCurve(int namedCurve)
{
string nameOfNamedCurve = GetNameOfNamedCurve(namedCurve);
if (nameOfNamedCurve == null)
{
return(null);
}
X9ECParameters byName = CustomNamedCurves.GetByName(nameOfNamedCurve);
if (byName == null)
{
byName = ECNamedCurveTable.GetByName(nameOfNamedCurve);
if (byName == null)
{
return(null);
}
}
return(new ECDomainParameters(byName.Curve, byName.G, byName.N, byName.H, byName.GetSeed()));
}
internal static ECDomainParameters GetECParameters(NamedCurve namedCurve)
{
if (!Enum.IsDefined(typeof(NamedCurve), namedCurve))
{
return(null);
}
string curveName = namedCurve.ToString();
// Lazily created the first time a particular curve is accessed
X9ECParameters ecP = SecNamedCurves.GetByName(curveName);
if (ecP == null)
{
return(null);
}
// It's a bit inefficient to do this conversion every time
return(new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()));
}
public void PrepareKey()
{
try
{
byte key_idx = 0;
X9ECParameters curve = SecNamedCurves.GetByName("secp256k1");
AsymmetricKeyParameter pub_key = null;
pub_key = new ECPublicKeyParameters("ECDSA", curve.Curve.DecodePoint(Hex.Decode(ECPubKeyStr)), SecNamedCurves.GetOid("secp256k1"));
AsymmetricKeyParameter priv_key = null;
setParameters(this, pub_key, priv_key, key_idx, "ECDSA");
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
// TODO Add an equivalent class for ECNamedCurveParameterSpec?
//private ECNamedCurveParameterSpec ReadECParameters(
// private X9ECParameters ReadECParameters(PemObject pemObject)
// {
// DerObjectIdentifier oid = (DerObjectIdentifier)Asn1Object.FromByteArray(pemObject.Content);
//
// //return ECNamedCurveTable.getParameterSpec(oid.Id);
// return GetCurveParameters(oid.Id);
// }
//private static ECDomainParameters GetCurveParameters(
private static X9ECParameters GetCurveParameters(
string name)
{
// TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
X9ECParameters ecP = CustomNamedCurves.GetByName(name);
if (ecP == null)
{
ecP = ECNamedCurveTable.GetByName(name);
}
if (ecP == null)
{
throw new Exception("unknown curve name: " + name);
}
//return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
return(ecP);
}
/// <summary>
/// Create a new ephermal key on the curve.
/// </summary>
/// <param name="curveName">
/// The name of the curve, for example "P-256".
/// </param>
/// <returns>
/// The new created emphermal key.
/// </returns>
public static EphermalKey Generate(string curveName)
{
X9ECParameters ecP = ECNamedCurveTable.GetByName(curveName);
if (ecP == null)
{
throw new Exception($"Unknown curve name '{curveName}'.");
}
var domain = new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
var g = GeneratorUtilities.GetKeyPairGenerator("EC");
g.Init(new ECKeyGenerationParameters(domain, new SecureRandom()));
var keyPair = g.GenerateKeyPair();
return(new EphermalKey
{
privateKey = (ECPrivateKeyParameters)keyPair.Private,
publicKey = (ECPublicKeyParameters)keyPair.Public
});
}
internal static ECDomainParameters LookupParameters(DerObjectIdentifier publicKeyParamSet)
{
if (publicKeyParamSet == null)
{
throw new ArgumentNullException("publicKeyParamSet");
}
ECDomainParameters byOid = ECGost3410NamedCurves.GetByOid(publicKeyParamSet);
if (byOid != null)
{
return(byOid);
}
X9ECParameters parameters2 = ECKeyPairGenerator.FindECCurveByOid(publicKeyParamSet);
if (parameters2 == null)
{
throw new ArgumentException("OID is not a valid public key parameter set", "publicKeyParamSet");
}
return(new ECDomainParameters(parameters2.Curve, parameters2.G, parameters2.N, parameters2.H, parameters2.GetSeed()));
}
public static Ecdsa Generate()
{
X9ECParameters ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1");
ECDomainParameters domainParameters = new ECDomainParameters(ecParams.Curve,
ecParams.G, ecParams.N, ecParams.H,
ecParams.GetSeed());
ECKeyGenerationParameters keyGenParams =
new ECKeyGenerationParameters(domainParameters, new SecureRandom());
AsymmetricCipherKeyPair keyPair;
ECKeyPairGenerator generator = new ECKeyPairGenerator();
generator.Init(keyGenParams);
keyPair = generator.GenerateKeyPair();
ECPrivateKeyParameters privateKey = (ECPrivateKeyParameters)keyPair.Private;
ECPublicKeyParameters publicKey = (ECPublicKeyParameters)keyPair.Public;
return(new Ecdsa(publicKey.Q.GetEncoded(), privateKey.D.ToByteArrayUnsigned()));
}
public static bool VerifyHashed(byte[] signature, byte[] publicKey, byte[] data)
{
var(sigR, sigS, _) = GetRSV(signature);
try
{
X9ECParameters spec = ECNamedCurveTable.GetByName("secp256k1");
ECDomainParameters domain = new ECDomainParameters(spec.Curve, spec.G, spec.N);
ECPublicKeyParameters publicKeyParams =
new ECPublicKeyParameters(spec.Curve.DecodePoint(publicKey), domain);
ECDsaSigner signer = new ECDsaSigner();
signer.Init(false, publicKeyParams);
return(signer.VerifySignature(data, new BigInteger(1, sigR.ToByteArray()),
new BigInteger(1, sigS.ToByteArray())));
}
catch
{
return(false);
}
}
/// <summary>
/// SM2加密
/// </summary>
/// <param name="publicKey">公钥</param>
/// <param name="data">明文</param>
/// <returns>密文</returns>
public static string Encrypt(string publicKey, string data)
{
// 获取一条SM2曲线参数
X9ECParameters sm2EcParameters = GMNamedCurves.GetByName("sm2p256v1");
// 构造domain参数
ECDomainParameters domainParameters = new ECDomainParameters(sm2EcParameters.Curve, sm2EcParameters.G, sm2EcParameters.N);
//提取公钥点
ECPoint pukPoint = sm2EcParameters.Curve.DecodePoint(Hex.Decode(publicKey));
// 公钥前面的02或者03表示是压缩公钥,04表示未压缩公钥, 04的时候,可以去掉前面的04
ECPublicKeyParameters publicKeyParameters = new ECPublicKeyParameters(pukPoint, domainParameters);
SM2Engine sm2Engine = new SM2Engine();
sm2Engine.Init(true, new ParametersWithRandom(publicKeyParameters, new SecureRandom()));
byte[] input = Encoding.UTF8.GetBytes(data);
byte[] arrayOfBytes = sm2Engine.ProcessBlock(input, 0, input.Length);
return(Hex.ToHexString(arrayOfBytes));
}
private static ECDsa LoadPrivateKey(byte[] key)
{
BigInteger privKeyInt = new BigInteger(+1, key);
X9ECParameters parameters = SecNamedCurves.GetByName("secp256k1");
ECPoint ecPoint = parameters.G.Multiply(privKeyInt);
byte[] privKeyX = ecPoint.Normalize().XCoord.ToBigInteger().ToByteArrayUnsigned();
byte[] privKeyY = ecPoint.Normalize().YCoord.ToBigInteger().ToByteArrayUnsigned();
return(ECDsa.Create(new ECParameters
{
Curve = ECCurve.CreateFromFriendlyName("secp256k1"),
D = privKeyInt.ToByteArrayUnsigned(),
Q = new System.Security.Cryptography.ECPoint
{
X = privKeyX,
Y = privKeyY
}
}));
}
protected override TlsSignerCredentials GetECDsaSignerCredentials()
{
#if SUPPORT_RPK
foreach (OneKey k in _serverKeys)
{
if (k.HasKeyType((int)COSE.GeneralValuesInt.KeyType_EC2) &&
k.HasAlgorithm(COSE.AlgorithmValues.ECDSA_256))
{
X9ECParameters p = k.GetCurve();
ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECPrivateKeyParameters privKey = new ECPrivateKeyParameters("ECDSA", ConvertBigNum(k[CoseKeyParameterKeys.EC_D]), parameters);
ECPoint point = k.GetPoint();
ECPublicKeyParameters param = new ECPublicKeyParameters(point, parameters);
SubjectPublicKeyInfo spi = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(param);
return(new DefaultTlsSignerCredentials(mContext, new RawPublicKey(spi), privKey, new SignatureAndHashAlgorithm(HashAlgorithm.sha256, SignatureAlgorithm.ecdsa)));
}
}
#endif
// If we did not fine appropriate signer credientials - ask for help
TlsEvent e = new TlsEvent(TlsEvent.EventCode.SignCredentials)
{
CipherSuite = KeyExchangeAlgorithm.ECDHE_ECDSA
};
EventHandler <TlsEvent> handler = TlsEventHandler;
if (handler != null)
{
handler(this, e);
}
if (e.SignerCredentials != null)
{
return(e.SignerCredentials);
}
throw new TlsFatalAlert(AlertDescription.internal_error);
}
public static byte[] DoSignEcDsa(
IEnumerable <BufLen> bufs,
I2PSigningPrivateKey key,
IDigest digest,
X9ECParameters ecparam,
int sigsize)
{
foreach (var buf in bufs)
{
digest.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length);
}
var hash = new byte[digest.GetDigestSize()];
digest.DoFinal(hash, 0);
var param = new ECDomainParameters(ecparam.Curve, ecparam.G, ecparam.N, ecparam.H);
var pk = new ECPrivateKeyParameters(key.ToBigInteger(), param);
var s = new Org.BouncyCastle.Crypto.Signers.ECDsaSigner();
s.Init(true, new ParametersWithRandom(pk));
var sig = s.GenerateSignature(hash);
var result = new byte[sigsize];
var b1 = sig[0].ToByteArrayUnsigned();
var b2 = sig[1].ToByteArrayUnsigned();
// https://geti2p.net/en/docs/spec/common-structures#type_Signature
// When a signature is composed of two elements (for example values R,S),
// it is serialized by padding each element to length/2 with leading zeros if necessary.
// All types are Big Endian, except for EdDSA, which is stored and transmitted in a Little Endian format.
// Pad msb. Big endian.
Array.Copy(b1, 0, result, sigsize / 2 - b1.Length, b1.Length);
Array.Copy(b2, 0, result, sigsize - b2.Length, b2.Length);
DebugUtils.LogDebug("DoSignEcDsa: " + digest.ToString() + ": Used.");
return(result);
}
public static BigInteger CalculateSharedKey(BigInteger BIx, BigInteger BIy, ECPrivateKeyParameters privateKey)
{
IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("ECDH");
aKeyAgree.Init(privateKey);
X9ECParameters ecP = NistNamedCurves.GetByName("P-521");
ECDomainParameters ecSpec = new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
FpCurve c = (FpCurve)ecSpec.Curve;
ECFieldElement x = new FpFieldElement(c.Q, BIx);
ECFieldElement y = new FpFieldElement(c.Q, BIy);
ECPoint q = new FpPoint(ecP.Curve, x, y);
ECPublicKeyParameters publicKey = new ECPublicKeyParameters("ECDH", q, SecObjectIdentifiers.SecP521r1);
BigInteger k1 = aKeyAgree.CalculateAgreement(publicKey);
return(k1);
}
public ICipherParameters AsPublicKey()
{
if (PublicKeyX != null)
{
return(PublicKeyX);
}
switch (_json["kty"].AsString())
{
case "EC":
X9ECParameters p = NistNamedCurves.GetByName(this.AsString("crv"));
ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECPoint point = p.Curve.CreatePoint(this.AsBigInteger("x"), this.AsBigInteger("y"));
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(point, parameters);
PublicKeyX = pubKey;
break;
}
return(PublicKeyX);
}
public static Byte[] getSharedSecret(Byte[] PrivateKeyIn, Byte[] PublicKeyIn)
{
ECDHCBasicAgreement agreement = new ECDHCBasicAgreement();
X9ECParameters curve = null;
ECDomainParameters ecParam = null;
ECPrivateKeyParameters privKey = null;
ECPublicKeyParameters pubKey = null;
ECPoint point = null;
curve = NistNamedCurves.GetByName("P-256");
ecParam = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
privKey = new ECPrivateKeyParameters(new BigInteger(PrivateKeyIn), ecParam);
point = ecParam.Curve.DecodePoint(PublicKeyIn);
pubKey = new ECPublicKeyParameters(point, ecParam);
agreement.Init(privKey);
BigInteger secret = agreement.CalculateAgreement(pubKey);
return(secret.ToByteArrayUnsigned());
}
