public bool VerifySignature()
{
var versig = I2PSignature.SupportedSignatureType(PublicSigningKey.Certificate.SignatureType);
if (!versig)
{
DebugUtils.LogDebug("I2PLeaseSet: VerifySignature false. Not supported: " +
PublicSigningKey.Certificate.SignatureType.ToString());
return(false);
}
var signfields = new List <BufLen>();
signfields.Add(new BufLen(Destination.ToByteArray()));
signfields.Add(PublicKey.Key);
signfields.Add(PublicSigningKey.Key);
signfields.Add((BufLen)(byte)Leases.Count);
lock ( Leases )
{
foreach (var lease in Leases)
{
signfields.Add(new BufLen(lease.ToByteArray()));
}
}
versig = I2PSignature.DoVerify(PublicSigningKey, Signature, signfields.ToArray());
if (!versig)
{
DebugUtils.LogDebug("I2PLeaseSet: I2PSignature.DoVerify failed: " + PublicSigningKey.Certificate.SignatureType.ToString());
return(false);
}
return(true);
}
public void Write(List <byte> dest)
{
Destination.Write(dest);
Info.PublicKey.Write(dest);
Info.PublicSigningKey.Write(dest);
var cnt = (byte)Leases.Count;
if (cnt > 16)
{
throw new OverflowException("Max 16 leases per I2PLeaseSet");
}
var signfields = new List <BufLen>();
signfields.Add(new BufLen(Destination.ToByteArray()));
signfields.Add(Info.PublicKey.Key);
signfields.Add(Info.PublicSigningKey.Key);
signfields.Add((BufLen)cnt);
lock ( Leases )
{
dest.Add((byte)Leases.Count);
foreach (var lease in Leases)
{
var buf = lease.ToByteArray();
dest.AddRange(buf);
signfields.Add(new BufLen(buf));
}
}
dest.AddRange(I2PSignature.DoSign(Info.PrivateSigningKey, signfields.ToArray()));
}
public static bool DoVerifyEcDsa(
IEnumerable <BufLen> bufs,
I2PSigningPublicKey key,
I2PSignature signed,
IDigest digest,
X9ECParameters ecparam)
{
if (!SupportedSignatureType(signed.Certificate.SignatureType))
{
throw new NotImplementedException();
}
foreach (var buf in bufs)
{
digest.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length);
}
var hash = new byte[digest.GetDigestSize()];
digest.DoFinal(hash, 0);
var param = new ECDomainParameters(ecparam.Curve, ecparam.G, ecparam.N, ecparam.H);
var pk = new ECPublicKeyParameters(ecparam.Curve.DecodePoint(key.ToByteArray()), param);
var dsa = new Org.BouncyCastle.Crypto.Signers.DsaSigner();
var sigsize = signed.Certificate.SignatureLength;
var r = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset, sigsize / 2);
var s = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + sigsize / 2, sigsize / 2);
dsa.Init(false, pk);
var result = dsa.VerifySignature(hash, r, s);
DebugUtils.LogDebug("DoVerifyEcDsa: " + result.ToString() + ": " + digest.ToString());
return(result);
}
public static bool DoVerify(I2PSigningPublicKey key, I2PSignature signed, params BufLen[] bufs)
{
//DebugUtils.LogDebug( "DoVerify: " + key.Certificate.SignatureType.ToString() );
switch (key.Certificate.SignatureType)
{
case I2PSigningKey.SigningKeyTypes.DSA_SHA1:
return(DoVerifyDsaSha1(bufs, key, signed));
case I2PSigningKey.SigningKeyTypes.ECDSA_SHA256_P256:
return(DoVerifyEcDsa(bufs, key, signed, new Sha256Digest(), NistNamedCurves.GetByName("P-256")));
case I2PSigningKey.SigningKeyTypes.ECDSA_SHA384_P384:
return(DoVerifyEcDsa(bufs, key, signed, new Sha384Digest(), NistNamedCurves.GetByName("P-384")));
case I2PSigningKey.SigningKeyTypes.ECDSA_SHA512_P521:
return(DoVerifyEcDsa(bufs, key, signed, new Sha512Digest(), NistNamedCurves.GetByName("P-521")));
case I2PSigningKey.SigningKeyTypes.EdDSA_SHA512_Ed25519:
return(DoVerifyEdDSASHA512Ed25519(bufs, key, signed));
default:
throw new NotImplementedException();
}
}
public I2PRouterInfo(BufRef reader, bool verifysig)
{
var startview = new BufRef(reader);
Identity = new I2PRouterIdentity(reader);
PublishedDate = new I2PDate(reader);
int addrcount = reader.Read8();
var addresses = new List <I2PRouterAddress>();
for (int i = 0; i < addrcount; ++i)
{
addresses.Add(new I2PRouterAddress(reader));
}
Adresses = addresses.ToArray();
reader.Seek(reader.Read8() * 32); // peer_size. Unused.
Options = new I2PMapping(reader);
var payloadend = new BufRef(reader);
Data = new BufLen(startview, 0, reader - startview);
Signature = new I2PSignature(reader, Identity.Certificate);
if (verifysig)
{
var versig = VerifySignature();
if (!versig)
{
throw new InvalidOperationException("I2PRouterInfo signature check failed");
}
}
}
public I2PRouterInfo(
I2PRouterIdentity identity,
I2PDate publisheddate,
I2PRouterAddress[] adresses,
I2PMapping options,
I2PSigningPrivateKey privskey)
{
Identity = identity;
PublishedDate = publisheddate;
Adresses = adresses;
Options = options;
var dest = new List <byte>();
Identity.Write(dest);
PublishedDate.Write(dest);
dest.Add((byte)Adresses.Length);
foreach (var addr in Adresses)
{
addr.Write(dest);
}
dest.Add(0); // Always zero
Options.Write(dest);
Data = new BufLen(dest.ToArray());
Signature = new I2PSignature(new BufRefLen(I2PSignature.DoSign(privskey, Data)), privskey.Certificate);
}
public I2PSessionConfig(BufRef reader)
{
var start = new BufRefLen(reader);
Destination = new I2PDestination(reader);
Options = new I2PMapping(reader);
Date = new I2PDate(reader);
SignedBuf = new BufLen(start, 0, reader - start);
Signature = new I2PSignature(reader, Destination.Certificate);
}
public void Write(BufRefStream dest)
{
var dest2 = new BufRefStream();
Destination.Write(dest2);
Map.Write(dest2);
Date.Write(dest2);
var dest2data = dest2.ToArray();
var sig = new I2PSignature(new BufRefLen(I2PSignature.DoSign(PrivateSigningKey, new BufLen(dest2data))), PrivateSigningKey.Certificate);
dest.Write(dest2data);
sig.Write(dest);
}
public I2PSessionConfig(
I2PDestination dest,
I2PMapping map,
I2PDate date,
I2PSignature sign,
I2PSigningPrivateKey privsignkey)
{
Destination = dest;
Options = map != null ? map : new I2PMapping();
Date = date != null ? date : new I2PDate(DateTime.Now);
Signature = sign;
PrivateSigningKey = privsignkey;
}
public I2PLeaseSet(BufRef reader)
{
Destination = new I2PDestination(reader);
PublicKey = new I2PPublicKey(reader, I2PKeyType.DefaultAsymetricKeyCert);
PublicSigningKey = new I2PSigningPublicKey(reader, Destination.Certificate);
var leases = new List <I2PLease>();
int leasecount = reader.Read8();
for (int i = 0; i < leasecount; ++i)
{
leases.Add(new I2PLease(reader));
}
Leases = leases;
Signature = new I2PSignature(reader, Destination.Certificate);
}
public bool VerifySignature()
{
var versig = I2PSignature.SupportedSignatureType(Identity.Certificate.SignatureType);
if (!versig)
{
DebugUtils.LogDebug("RouterInfo: VerifySignature false. Not supported: " + Identity.Certificate.SignatureType.ToString());
return(false);
}
versig = I2PSignature.DoVerify(Identity.SigningPublicKey, Signature, Data);
if (!versig)
{
DebugUtils.LogDebug("RouterInfo: I2PSignature.DoVerify failed: " + Identity.Certificate.SignatureType.ToString());
return(false);
}
return(true);
}
public static bool DoVerifyEcDsaSha256P256_old(IEnumerable <BufLen> bufs, I2PSigningPublicKey key, I2PSignature signed)
{
if (!SupportedSignatureType(signed.Certificate.SignatureType))
{
throw new NotImplementedException();
}
var sha = new Sha256Digest();
foreach (var buf in bufs)
{
sha.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length);
}
var hash = new byte[sha.GetDigestSize()];
sha.DoFinal(hash, 0);
var p = Org.BouncyCastle.Asn1.Nist.NistNamedCurves.GetByName("P-256");
var param = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
var pk = new ECPublicKeyParameters(p.Curve.DecodePoint(key.ToByteArray()), param);
var dsa = new Org.BouncyCastle.Crypto.Signers.DsaSigner();
var sigsize = signed.Certificate.SignatureLength;
var r = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + 0, sigsize / 2);
var s = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + sigsize / 2, sigsize / 2);
dsa.Init(false, pk);
var result = dsa.VerifySignature(hash, r, s);
DebugUtils.LogDebug("DoVerifyEcDsaSha256P256: " + result.ToString());
return(result);
}
public static bool DoVerifyDsaSha1(IEnumerable <BufLen> bufs, I2PSigningPublicKey key, I2PSignature signed)
{
if (!SupportedSignatureType(signed.Certificate.SignatureType))
{
throw new NotImplementedException();
}
var sha = new Sha1Digest();
foreach (var buf in bufs)
{
sha.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length);
}
var hash = new byte[sha.GetDigestSize()];
sha.DoFinal(hash, 0);
var dsa = new Org.BouncyCastle.Crypto.Signers.DsaSigner();
var sigsize = signed.Certificate.SignatureLength;
var r = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + 0, sigsize / 2);
var s = new BigInteger(1, signed.Sig.BaseArray, signed.Sig.BaseArrayOffset + sigsize / 2, sigsize / 2);
var dsaparams =
new DsaPublicKeyParameters(
key.ToBigInteger(),
new DsaParameters(
I2PConstants.DsaP,
I2PConstants.DsaQ,
I2PConstants.DsaG));
dsa.Init(false, dsaparams);
return(dsa.VerifySignature(hash, r, s));
}
public static bool DoVerifyEdDSASHA512Ed25519(IEnumerable <BufLen> bufs, I2PSigningPublicKey key, I2PSignature signed)
{
return(Chaos.NaCl.Ed25519.Verify(signed.Sig.ToByteArray(), bufs.SelectMany(b => b.ToByteArray()).ToArray(), key.ToByteArray()));
}
