public void doTestECGost( string name) { // ECGenParameterSpec ecSpec = new ECGenParameterSpec(name); ECDomainParameters ecSpec = GetCurveParameters(name); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); // g.initialize(ecSpec, new SecureRandom()); g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); ISigner sgr = SignerUtilities.GetSigner("ECGOST3410"); AsymmetricCipherKeyPair pair = g.GenerateKeyPair(); AsymmetricKeyParameter sKey = pair.Private; AsymmetricKeyParameter vKey = pair.Public; sgr.Init(true, sKey); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail(name + " verification failed"); } // TODO Get this working? // // // // public key encoding test // // //// byte[] pubEnc = vKey.getEncoded(); // byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded(); // //// KeyFactory keyFac = KeyFactory.getInstance("ECGOST3410"); //// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); //// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); // ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); // //// if (!pubKey.getW().equals(((ECPublicKey)vKey).getW())) // if (!pubKey.Q.Equals(((ECPublicKeyParameters)vKey).Q)) // { // Fail("public key encoding (Q test) failed"); // } // TODO Put back in? // if (!(pubKey.Parameters is ECNamedCurveSpec)) // { // Fail("public key encoding not named curve"); // } // TODO Get this working? // // // // private key encoding test // // //// byte[] privEnc = sKey.getEncoded(); // byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded(); // //// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); //// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); // ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); // //// if (!privKey.getS().Equals(((ECPrivateKey)sKey).getS())) // if (!privKey.D.Equals(((ECPrivateKeyParameters)sKey).D)) // { // Fail("GOST private key encoding (D test) failed"); // } // TODO Put back in? // if (!(privKey.Parameters is ECNamedCurveSpec)) // { // Fail("GOST private key encoding not named curve"); // } // // ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams(); // if (!privSpec.getName().equalsIgnoreCase(name) // && !privSpec.getName().equalsIgnoreCase((String)CURVE_ALIASES[name])) // { // Fail("GOST private key encoding wrong named curve. Expected: " + name + " got " + privSpec.getName()); // } }
private bool VerifyDigest( byte[] digest, AsymmetricKeyParameter key, byte[] signature) { string algorithm = Helper.GetEncryptionAlgName(this.EncryptionAlgOid); try { if (algorithm.Equals("RSA")) { IBufferedCipher c = CmsEnvelopedHelper.Instance.CreateAsymmetricCipher("RSA/ECB/PKCS1Padding"); c.Init(false, key); byte[] decrypt = c.DoFinal(signature); DigestInfo digInfo = DerDecode(decrypt); if (!digInfo.AlgorithmID.ObjectID.Equals(digestAlgorithm.ObjectID)) { return(false); } if (!IsNull(digInfo.AlgorithmID.Parameters)) { return(false); } byte[] sigHash = digInfo.GetDigest(); return(Arrays.ConstantTimeAreEqual(digest, sigHash)); } else if (algorithm.Equals("DSA")) { ISigner sig = SignerUtilities.GetSigner("NONEwithDSA"); sig.Init(false, key); sig.BlockUpdate(digest, 0, digest.Length); return(sig.VerifySignature(signature)); } else { throw new CmsException("algorithm: " + algorithm + " not supported in base signatures."); } } catch (SecurityUtilityException e) { throw e; } catch (GeneralSecurityException e) { throw new CmsException("Exception processing signature: " + e, e); } catch (IOException e) { throw new CmsException("Exception decoding signature: " + e, e); } }
private void ecGOST3410Test() { BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395"); BigInteger s = new BigInteger("46959264877825372965922731380059061821746083849389763294914877353246631700866"); byte[] kData = new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395").ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p ECCurve curve = new FpCurve( mod_p, // p new BigInteger("7"), // a new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b ECDomainParameters spec = new ECDomainParameters( curve, curve.CreatePoint( new BigInteger("2"), new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( "ECGOST3410", new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d spec); ECPublicKeyParameters vKey = new ECPublicKeyParameters( "ECGOST3410", curve.CreatePoint( new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"), new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994")), spec); ISigner sgr = SignerUtilities.GetSigner("ECGOST3410"); sgr.Init(true, new ParametersWithRandom(sKey, k)); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail("ECGOST3410 verification failed"); } BigInteger[] sig = decode(sigBytes); if (!r.Equals(sig[0])) { Fail( ": r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail( ": s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } }
public override void Validate(SigType type, string signAlgName, byte[] tbsContent, byte[] signedValue) { if (type == SigType.Sign) { throw new ArgumentOutOfRangeException(nameof(type), "签名类型(type)必须是 Seal,不支持电子印章验证"); } // 计算原文摘要 GeneralDigest md = new SM3Digest(); md.BlockUpdate(tbsContent, 0, tbsContent.Length); byte[] expect = new byte[32]; md.DoFinal(expect, 0); SesSignature sesSignature = SesSignature.GetInstance(signedValue); TbsSign toSign = sesSignature.ToSign; byte[] expectDataHash = toSign.DataHash.GetOctets(); // 比较原文摘要 if (!Arrays.AreEqual(expect, expectDataHash)) { //throw new InvalidSignedValueException("Signature.xml 文件被篡改,电子签章失效。("+ toSign.getPropertyInfo().getString() + ")"); } //sg.initVerify(signCert); //sg.update(toSign.getEncoded("DER")); //if (!sg.verify(expSigVal)) //{ // throw new InvalidSignedValueException("电子签章数据签名值不匹配,电子签章数据失效。"); //} // 预期的电子签章数据,签章值 byte[] expSigVal = sesSignature.Signature.GetOctets(); //Signature sg = Signature(toSign.getSignatureAlgorithm().getId(),new BouncyCastleProvider()); ISigner sg = SignerUtilities.GetSigner(GMObjectIdentifiers.sm2encrypt_with_sm3); byte[] certDER = toSign.Cert.GetOctets(); //new X509V1CertificateGenerator().Generate() // 构造证书对象 //Certificate signCert = new CertificateFactory().engineGenerateCertificate(new ByteArrayInputStream(certDER)); //X509Certificate x509Certificate = new X509Certificate(new X509CertificateStructure(TbsCertificateStructure.GetInstance(certDER), null, new DerBitString(certDER))); X509Certificate x509Certificate = new X509CertificateParser().ReadCertificate(certDER); //x509Certificate.Verify(); AsymmetricKeyParameter p = x509Certificate.GetPublicKey(); sg.Init(false, p); //System.Security.Cryptography.X509Certificates.X509Certificate x509 = new System.Security.Cryptography.X509Certificates.X509Certificate(certDER); //sg.Init(false,new ECPublicKeyParameters()); // 获取一条SM2曲线参数 X9ECParameters sm2EcParameters = GMNamedCurves.GetByName("sm2p256v1"); // 构造domain参数 ECDomainParameters domainParameters = new ECDomainParameters(sm2EcParameters.Curve, sm2EcParameters.G, sm2EcParameters.N); //提取公钥点 ECPoint pukPoint = sm2EcParameters.Curve.DecodePoint(certDER); // 公钥前面的02或者03表示是压缩公钥,04表示未压缩公钥, 04的时候,可以去掉前面的04 ECPublicKeyParameters publicKeyParameters = new ECPublicKeyParameters(pukPoint, domainParameters); sg.Init(false, publicKeyParameters); byte[] input = toSign.GetDerEncoded(); sg.BlockUpdate(input, 0, input.Length); bool pass = sg.VerifySignature(expSigVal); if (!pass) { throw new Exception(); } }
public static void Update(this ISigner signer, byte[] data, int offset, int count) { signer.BlockUpdate(data, offset, count); }
public void TestECDsa239BitPrime() { BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176"); BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783"); byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); // EllipticCurve curve = new EllipticCurve( // new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q // new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a // new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters spec = new ECDomainParameters( curve, // ECPointUtil.DecodePoint(curve, Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n BigInteger.One); //1); // h ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d spec); ECPublicKeyParameters vKey = new ECPublicKeyParameters( "ECDSA", // ECPointUtil.DecodePoint(curve, Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q spec); ISigner sgr = SignerUtilities.GetSigner("ECDSA"); // KeyFactory f = KeyFactory.getInstance("ECDSA"); // AsymmetricKeyParameter sKey = f.generatePrivate(priKey); // AsymmetricKeyParameter vKey = f.generatePublic(pubKey); sgr.Init(true, new ParametersWithRandom(sKey, k)); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail("239 Bit EC verification failed"); } BigInteger[] sig = derDecode(sigBytes); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } }
public void TestAlgorithms() { // // RSA parameters // BigInteger rsaMod = new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16); BigInteger rsaPubExp = new BigInteger("10001", 16); BigInteger rsaPrivExp = new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16); BigInteger rsaPrivP = new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16); BigInteger rsaPrivQ = new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16); BigInteger rsaPrivDP = new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16); BigInteger rsaPrivDQ = new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16); BigInteger rsaPrivQinv = new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16); RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaMod, rsaPubExp); RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters( rsaMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); // // ECDSA parameters // BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv")); BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R")); BigInteger ECParraH = new BigInteger(Base64.Decode("AQ==")); BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L")); BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l")); BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx")); BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo")); FpCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecDomain = new ECDomainParameters(curve, new FpPoint(curve, curve.FromBigInteger(ECParraGX), curve.FromBigInteger(ECParraGY)), ECParraN); ECPublicKeyParameters ecPub = new ECPublicKeyParameters( new FpPoint(curve, curve.FromBigInteger(ECPubQX), curve.FromBigInteger(ECPubQY)), ecDomain); ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain); // // DSA parameters // BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM=")); BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs=")); BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx")); BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw==")); BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A=")); DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG); DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para); DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para); // // ECGOST3410 parameters // IAsymmetricCipherKeyPairGenerator ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); ecGostKpg.Init( new ECKeyGenerationParameters( CryptoProObjectIdentifiers.GostR3410x2001CryptoProA, new SecureRandom())); AsymmetricCipherKeyPair ecGostPair = ecGostKpg.GenerateKeyPair(); // // GOST3410 parameters // IAsymmetricCipherKeyPairGenerator gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); gostKpg.Init( new Gost3410KeyGenerationParameters( new SecureRandom(), CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); AsymmetricCipherKeyPair gostPair = gostKpg.GenerateKeyPair(); // // signer loop // byte[] shortMsg = new byte[] { 1, 4, 5, 6, 8, 8, 4, 2, 1, 3 }; byte[] longMsg = new byte[100]; new SecureRandom().NextBytes(longMsg); foreach (string algorithm in SignerUtilities.Algorithms) { ISigner signer = SignerUtilities.GetSigner(algorithm); string upper = algorithm.ToUpperInvariant(); int withPos = upper.LastIndexOf("WITH"); string cipherName = withPos < 0 ? upper : upper.Substring(withPos + "WITH".Length); ICipherParameters signParams = null, verifyParams = null; if (cipherName == "RSA" || cipherName == "RSAANDMGF1") { signParams = rsaPrivate; verifyParams = rsaPublic; } else if (cipherName == "ECDSA") { signParams = ecPriv; verifyParams = ecPub; } else if (cipherName == "DSA") { signParams = dsaPriv; verifyParams = dsaPub; } else if (cipherName == "ECGOST3410") { signParams = ecGostPair.Private; verifyParams = ecGostPair.Public; } else if (cipherName == "GOST3410") { signParams = gostPair.Private; verifyParams = gostPair.Public; } else { Assert.Fail("Unknown algorithm encountered: " + cipherName); } signer.Init(true, signParams); foreach (byte b in shortMsg) { signer.Update(b); } signer.BlockUpdate(longMsg, 0, longMsg.Length); byte[] sig = signer.GenerateSignature(); signer.Init(false, verifyParams); foreach (byte b in shortMsg) { signer.Update(b); } signer.BlockUpdate(longMsg, 0, longMsg.Length); Assert.IsTrue(signer.VerifySignature(sig), cipherName + " signer " + algorithm + " failed."); } }
private OcspReq GenerateRequest(DerObjectIdentifier signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, SecureRandom random) { //IL_018f: Expected O, but got Unknown Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector(); global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)list).GetEnumerator(); try { while (enumerator.MoveNext()) { RequestObject requestObject = (RequestObject)enumerator.get_Current(); try { asn1EncodableVector.Add(requestObject.ToRequest()); } catch (global::System.Exception e) { throw new OcspException("exception creating Request", e); } } } finally { global::System.IDisposable disposable = enumerator as global::System.IDisposable; if (disposable != null) { disposable.Dispose(); } } TbsRequest tbsRequest = new TbsRequest(requestorName, new DerSequence(asn1EncodableVector), requestExtensions); ISigner signer = null; Signature optionalSignature = null; if (signingAlgorithm != null) { if (requestorName == null) { throw new OcspException("requestorName must be specified if request is signed."); } try { signer = SignerUtilities.GetSigner(signingAlgorithm.Id); if (random != null) { signer.Init(forSigning: true, new ParametersWithRandom(privateKey, random)); } else { signer.Init(forSigning: true, privateKey); } } catch (global::System.Exception ex) { throw new OcspException(string.Concat((object)"exception creating signature: ", (object)ex), ex); } DerBitString derBitString = null; try { byte[] encoded = tbsRequest.GetEncoded(); signer.BlockUpdate(encoded, 0, encoded.Length); derBitString = new DerBitString(signer.GenerateSignature()); } catch (global::System.Exception ex2) { throw new OcspException(string.Concat((object)"exception processing TBSRequest: ", (object)ex2), ex2); } AlgorithmIdentifier signatureAlgorithm = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance); if (chain != null && chain.Length > 0) { Asn1EncodableVector asn1EncodableVector2 = new Asn1EncodableVector(); try { for (int i = 0; i != chain.Length; i++) { asn1EncodableVector2.Add(X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(chain[i].GetEncoded()))); } } catch (IOException val) { IOException e2 = val; throw new OcspException("error processing certs", (global::System.Exception)(object) e2); } catch (CertificateEncodingException e3) { throw new OcspException("error encoding certs", e3); } optionalSignature = new Signature(signatureAlgorithm, derBitString, new DerSequence(asn1EncodableVector2)); } else { optionalSignature = new Signature(signatureAlgorithm, derBitString); } } return(new OcspReq(new OcspRequest(tbsRequest, optionalSignature))); }
public override void PerformTest() { ISigner sig = SignerUtilities.GetSigner("SHA1WithRSAEncryption"); byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA"); fact.Init( new RsaKeyGenerationParameters( BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25)); AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair(); AsymmetricKeyParameter signingKey = keyPair.Private; AsymmetricKeyParameter verifyKey = keyPair.Public; doTestBadSig(signingKey, verifyKey); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); byte[] sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("SHA1 verification failed"); } sig = SignerUtilities.GetSigner("MD2WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("MD2 verification failed"); } sig = SignerUtilities.GetSigner("MD5WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("MD5 verification failed"); } sig = SignerUtilities.GetSigner("RIPEMD160WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("RIPEMD160 verification failed"); } // // RIPEMD-128 // sig = SignerUtilities.GetSigner("RIPEMD128WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("RIPEMD128 verification failed"); } // // RIPEMD256 // sig = SignerUtilities.GetSigner("RIPEMD256WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("RIPEMD256 verification failed"); } // // SHA-224 // sig = SignerUtilities.GetSigner("SHA224WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("SHA224 verification failed"); } // // SHA-256 // sig = SignerUtilities.GetSigner("SHA256WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("SHA256 verification failed"); } // // SHA-384 // sig = SignerUtilities.GetSigner("SHA384WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("SHA384 verification failed"); } // // SHA-512 // sig = SignerUtilities.GetSigner("SHA512WithRSAEncryption"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("SHA512 verification failed"); } // // ISO Sigs. // sig = SignerUtilities.GetSigner("MD5WithRSA/ISO9796-2"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("MD5/ISO verification failed"); } sig = SignerUtilities.GetSigner("SHA1WithRSA/ISO9796-2"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("SHA1/ISO verification failed"); } sig = SignerUtilities.GetSigner("RIPEMD160WithRSA/ISO9796-2"); sig.Init(true, signingKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); sig.Init(false, verifyKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("RIPEMD160/ISO verification failed"); } // // standard vector test - B.1.3 RIPEMD160, implicit. // BigInteger mod = new BigInteger("ffffffff78f6c55506c59785e871211ee120b0b5dd644aa796d82413a47b24573f1be5745b5cd9950f6b389b52350d4e01e90009669a8720bf265a2865994190a661dea3c7828e2e7ca1b19651adc2d5", 16); BigInteger pub = new BigInteger("03", 16); BigInteger pri = new BigInteger("2aaaaaaa942920e38120ee965168302fd0301d73a4e60c7143ceb0adf0bf30b9352f50e8b9e4ceedd65343b2179005b2f099915e4b0c37e41314bb0821ad8330d23cba7f589e0f129b04c46b67dfce9d", 16); // KeyFactory f = KeyFactory.getInstance("RSA"); // AsymmetricKeyParameter privKey = f.generatePrivate(new RSAPrivateKeySpec(mod, pri)); // AsymmetricKeyParameter pubKey = f.generatePublic(new RSAPublicKeySpec(mod, pub)); AsymmetricKeyParameter privKey = new RsaKeyParameters(true, mod, pri); AsymmetricKeyParameter pubKey = new RsaKeyParameters(false, mod, pub); byte[] testSig = Hex.Decode("5cf9a01854dbacaec83aae8efc563d74538192e95466babacd361d7c86000fe42dcb4581e48e4feb862d04698da9203b1803b262105104d510b365ee9c660857ba1c001aa57abfd1c8de92e47c275cae"); data = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210"); sig = SignerUtilities.GetSigner("RIPEMD160WithRSA/ISO9796-2"); sig.Init(true, privKey); sig.BlockUpdate(data, 0, data.Length); sigBytes = sig.GenerateSignature(); if (!AreEqual(testSig, sigBytes)) { Fail("SigTest: failed ISO9796-2 generation Test"); } sig.Init(false, pubKey); sig.BlockUpdate(data, 0, data.Length); if (!sig.VerifySignature(sigBytes)) { Fail("RIPEMD160/ISO verification failed"); } }
/* * we generate a self signed certificate for the sake of testing - SHA224withECDSA */ private void createECRequest( string algorithm, DerObjectIdentifier algOid) { X9ECParameters x9 = ECNamedCurveTable.GetByName("secp521r1"); ECCurve curve = x9.Curve; ECDomainParameters spec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); ECPrivateKeyParameters privKey = new ECPrivateKeyParameters( new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( // curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q spec); // // // // set up the keys // // // AsymmetricKeyParameter privKey; // AsymmetricKeyParameter pubKey; // // KeyFactory fact = KeyFactory.getInstance("ECDSA"); // // privKey = fact.generatePrivate(privKeySpec); // pubKey = fact.generatePublic(pubKeySpec); Pkcs10CertificationRequest req = new Pkcs10CertificationRequest( algorithm, new X509Name("CN=XXX"), pubKey, null, privKey); if (!req.Verify()) { Fail("Failed Verify check EC."); } req = new Pkcs10CertificationRequest(req.GetEncoded()); if (!req.Verify()) { Fail("Failed Verify check EC encoded."); } // // try with point compression turned off // // ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED"); ECPoint q = pubKey.Q.Normalize(); pubKey = new ECPublicKeyParameters( pubKey.AlgorithmName, q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()), pubKey.Parameters); req = new Pkcs10CertificationRequest( algorithm, new X509Name("CN=XXX"), pubKey, null, privKey); if (!req.Verify()) { Fail("Failed Verify check EC uncompressed."); } req = new Pkcs10CertificationRequest(req.GetEncoded()); if (!req.Verify()) { Fail("Failed Verify check EC uncompressed encoded."); } if (!req.SignatureAlgorithm.Algorithm.Equals(algOid)) { Fail("ECDSA oid incorrect."); } if (req.SignatureAlgorithm.Parameters != null) { Fail("ECDSA parameters incorrect."); } ISigner sig = SignerUtilities.GetSigner(algorithm); sig.Init(false, pubKey); byte[] b = req.GetCertificationRequestInfo().GetEncoded(); sig.BlockUpdate(b, 0, b.Length); if (!sig.VerifySignature(req.GetSignatureOctets())) { Fail("signature not mapped correctly."); } }
public void TestGeneration() { ISigner s = SignerUtilities.GetSigner("DSA"); byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; SecureRandom rand = new SecureRandom(); // KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA"); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); // test exception // doTestBadStrength(513); doTestBadStrength(510); doTestBadStrength(1025); //g.initialize(512, rand); { DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(512, 80, rand); g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters())); } IAsymmetricCipherKeyPair p = g.GenerateKeyPair(); IAsymmetricKeyParameter sKey = p.Private; IAsymmetricKeyParameter vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); byte[] sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("DSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("DSA verification failed"); } // // ECDSA Fp generation test // s = SignerUtilities.GetSigner("ECDSA"); ECCurve curve = new FPCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecSpec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); g.Init(new ECKeyGenerationParameters(ecSpec, rand)); p = g.GenerateKeyPair(); sKey = p.Private; vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("ECDSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("ECDSA verification failed"); } // // ECDSA F2m generation test // s = SignerUtilities.GetSigner("ECDSA"); curve = new F2MCurve( 239, // m 36, // k new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b ecSpec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n BigInteger.ValueOf(4)); // h g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); g.Init(new ECKeyGenerationParameters(ecSpec, rand)); p = g.GenerateKeyPair(); sKey = p.Private; vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("ECDSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("ECDSA verification failed"); } }
private OcspReq GenerateRequest(DerObjectIdentifier signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, SecureRandom random) { Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector(); foreach (RequestObject item in list) { try { asn1EncodableVector.Add(item.ToRequest()); } catch (Exception e) { throw new OcspException("exception creating Request", e); } } TbsRequest tbsRequest = new TbsRequest(requestorName, new DerSequence(asn1EncodableVector), requestExtensions); ISigner signer = null; Signature optionalSignature = null; if (signingAlgorithm != null) { if (requestorName == null) { throw new OcspException("requestorName must be specified if request is signed."); } try { signer = SignerUtilities.GetSigner(signingAlgorithm.Id); if (random != null) { signer.Init(forSigning: true, new ParametersWithRandom(privateKey, random)); } else { signer.Init(forSigning: true, privateKey); } } catch (Exception ex) { throw new OcspException("exception creating signature: " + ex, ex); } DerBitString derBitString = null; try { byte[] encoded = tbsRequest.GetEncoded(); signer.BlockUpdate(encoded, 0, encoded.Length); derBitString = new DerBitString(signer.GenerateSignature()); } catch (Exception ex2) { throw new OcspException("exception processing TBSRequest: " + ex2, ex2); } AlgorithmIdentifier signatureAlgorithm = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance); if (chain != null && chain.Length > 0) { Asn1EncodableVector asn1EncodableVector2 = new Asn1EncodableVector(); try { for (int i = 0; i != chain.Length; i++) { asn1EncodableVector2.Add(X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(chain[i].GetEncoded()))); } } catch (IOException e2) { throw new OcspException("error processing certs", e2); } catch (CertificateEncodingException e3) { throw new OcspException("error encoding certs", e3); } optionalSignature = new Signature(signatureAlgorithm, derBitString, new DerSequence(asn1EncodableVector2)); } else { optionalSignature = new Signature(signatureAlgorithm, derBitString); } } return(new OcspReq(new OcspRequest(tbsRequest, optionalSignature))); }
internal Asn1.Cms.SignerInfo ToSignerInfo( DerObjectIdentifier contentType, CmsProcessable content) { AlgorithmIdentifier digAlgId = new AlgorithmIdentifier( new DerObjectIdentifier(this.DigestAlgOid), DerNull.Instance); AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid); string digestName = Helper.GetDigestAlgName(digestOID); string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID); ISigner sig = Helper.GetSignatureInstance(signatureName); IDigest dig = Helper.GetDigestInstance(digestName); byte[] hash = null; if (content != null) { content.Write(new DigOutputStream(dig)); hash = DigestUtilities.DoFinal(dig); outer._digests.Add(digestOID, hash.Clone()); } IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash); Asn1.Cms.AttributeTable signed = (sAttr != null) // ? sAttr.GetAttributes(Collections.unmodifiableMap(parameters)) ? sAttr.GetAttributes(parameters) : null; Asn1Set signedAttr = outer.GetAttributeSet(signed); // // sig must be composed from the DER encoding. // byte[] tmp; if (signedAttr != null) { tmp = signedAttr.GetDerEncoded(); } else { MemoryStream bOut = new MemoryStream(); content.Write(bOut); tmp = bOut.ToArray(); } sig.Init(true, key); sig.BlockUpdate(tmp, 0, tmp.Length); Asn1OctetString encDigest = new DerOctetString(sig.GenerateSignature()); IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash); baseParameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone(); Asn1.Cms.AttributeTable unsigned = (unsAttr != null) // ? unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters)) ? unsAttr.GetAttributes(baseParameters) : null; Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned); X509Certificate cert = this.GetCertificate(); TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray(cert.GetTbsCertificate())); Asn1.Cms.IssuerAndSerialNumber encSid = new Asn1.Cms.IssuerAndSerialNumber( tbs.Issuer, tbs.SerialNumber.Value); return(new Asn1.Cms.SignerInfo(new SignerIdentifier(encSid), digAlgId, signedAttr, encAlgId, encDigest, unsignedAttr)); }
private void processDHEKeyExchange( MemoryStream inStr, ISigner signer) { Stream sigIn = inStr; if (signer != null) { signer.Init(false, this.serverPublicKey); signer.BlockUpdate(this.clientRandom, 0, this.clientRandom.Length); signer.BlockUpdate(this.serverRandom, 0, this.serverRandom.Length); sigIn = new SignerStream(inStr, signer, null); } /* * Parse the Structure */ byte[] pByte = TlsUtilities.ReadOpaque16(sigIn); byte[] gByte = TlsUtilities.ReadOpaque16(sigIn); byte[] YsByte = TlsUtilities.ReadOpaque16(sigIn); if (signer != null) { byte[] sigByte = TlsUtilities.ReadOpaque16(sigIn); /* * Verify the Signature. */ if (!signer.VerifySignature(sigByte)) { this.FailWithError(AL_fatal, AP_bad_certificate); } } this.AssertEmpty(inStr); /* * Do the DH calculation. */ BigInteger p = new BigInteger(1, pByte); BigInteger g = new BigInteger(1, gByte); BigInteger Ys = new BigInteger(1, YsByte); /* * Check the DH parameter values */ if (!p.IsProbablePrime(10)) { this.FailWithError(AL_fatal, AP_illegal_parameter); } if (g.CompareTo(BigInteger.Two) < 0 || g.CompareTo(p.Subtract(BigInteger.Two)) > 0) { this.FailWithError(AL_fatal, AP_illegal_parameter); } // TODO For static DH public values, see additional checks in RFC 2631 2.1.5 if (Ys.CompareTo(BigInteger.Two) < 0 || Ys.CompareTo(p.Subtract(BigInteger.One)) > 0) { this.FailWithError(AL_fatal, AP_illegal_parameter); } /* * Diffie-Hellman basic key agreement */ DHParameters dhParams = new DHParameters(p, g); // Generate a keypair DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator(); dhGen.Init(new DHKeyGenerationParameters(random, dhParams)); AsymmetricCipherKeyPair dhPair = dhGen.GenerateKeyPair(); // Store the public value to send to server this.Yc = ((DHPublicKeyParameters)dhPair.Public).Y; // Calculate the shared secret DHBasicAgreement dhAgree = new DHBasicAgreement(); dhAgree.Init(dhPair.Private); BigInteger agreement = dhAgree.CalculateAgreement(new DHPublicKeyParameters(Ys, dhParams)); this.pms = BigIntegers.AsUnsignedByteArray(agreement); }
private bool validateXmlSignature() { var signatureMethod = this.doc.GetElementsByTagName("ds:SignatureMethod")[0]; if (signatureMethod == null) { errorNotify("Missing ds:SignatureMethod in ds:Signature"); return(false); } var algorithmAttribute = signatureMethod.Attributes.GetNamedItem("Algorithm"); if (algorithmAttribute == null) { errorNotify("ds:SignatureMethod does not contain Algorithm"); return(false); } string signatureScheme = algorithmAttribute.InnerText; if (!validSchemes.Contains(signatureScheme)) { errorNotify("ds:SignatureMethod Algorithm is not supported"); return(false); } var canonicalizationMethod = this.doc.GetElementsByTagName("ds:CanonicalizationMethod")[0]; if (canonicalizationMethod == null) { errorNotify("ds:Signature element is missing the ds:CanonicalizationMethod"); return(false); } algorithmAttribute = canonicalizationMethod.Attributes.GetNamedItem("Algorithm"); if (algorithmAttribute == null) { errorNotify("CanonicalizationMethod does not have algorithm attribute"); return(false); } if (!algorithmAttribute.InnerText.Equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315")) { errorNotify("Canonicalization algorithm is invalid"); return(false); } //------------------ 3 TRANSFORM AND DIGEST METHOD ------------------ #region transform and digest method var signedInfo = this.doc.GetElementsByTagName("ds:SignedInfo")[0]; if (signedInfo == null) { errorNotify("ds:SignedInfo not found"); return(false); } var children = signedInfo.ChildNodes; for (int i = 0; i < children.Count; i++) { var n = children[i]; if (n.GetType() == typeof(XmlElement) && n.Name.Equals("ds:Reference")) { XmlElement e = (XmlElement)n; var digest = e.GetElementsByTagName("ds:DigestMethod")[0]; String digestAlgorighm = digest.Attributes.GetNamedItem("Algorithm").InnerText; if (!this.validAlgorithms.ContainsKey(digestAlgorighm)) { errorNotify("ds:DigestMethod algorithm in SignedInfo is not supported"); return(false); } var transforms = e.GetElementsByTagName("ds:Transforms")[0].ChildNodes; for (int j = 0; j < transforms.Count; j++) { var transform = transforms[j]; if (!transform.Name.Equals("ds:Transform")) { continue; } String transformAlgorithm = transform.Attributes.GetNamedItem("Algorithm").InnerText; if (!transformAlgorithm.Equals(canonicalization)) { errorNotify("One or more transforms are invalid"); return(false); } } } } #endregion #region Core validation var signatureValue = this.doc.GetElementsByTagName("ds:SignatureValue")[0]; var keyInfo = this.doc.GetElementsByTagName("ds:KeyInfo")[0]; if (signedInfo == null || signatureValue == null) { errorNotify("ds:SignedInfo or ds:SignatureValue are missing"); return(false); } if (signedInfo.GetType() == typeof(XmlElement)) { var signedInfoElement = (XmlElement)signedInfo; var references = signedInfoElement.GetElementsByTagName("ds:Reference"); for (int i = 0; i < references.Count; i++) { var n = references[i]; if (n.GetType() == typeof(XmlElement)) { var reference = (XmlElement)n; var refType = reference.GetAttribute("Type"); var digestMethod = ((XmlElement)reference.GetElementsByTagName("ds:DigestMethod")[0]).GetAttribute("Algorithm"); this.digMethod = digestMethod; if (refType.Equals(this.validReferenceTypes["MANIFEST"])) { var something = reference.Attributes.GetNamedItem("URI"); var manifestId = reference.Attributes.GetNamedItem("URI").InnerText.Substring(1); XmlNamespaceManager mn = new XmlNamespaceManager(doc.NameTable); mn.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); var manifests = this.doc.SelectNodes($"//*[@Id='{manifestId}']"); var manifest = manifests[0]; if (manifest == null) { errorNotify($"Element {manifestId} not found"); return(false); } var manifestContent = manifest.ToString(); try { XmlDsigC14NTransform transform = new XmlDsigC14NTransform(); transform.Algorithm = SignedXml.XmlDsigC14NTransformUrl; var a = transform.InputTypes; var streamManifest = GenerateStreamFromString(manifest.OuterXml); transform.LoadInput(streamManifest); var ms = (MemoryStream)transform.GetOutput(typeof(Stream)); var digestIdentifier = validAlgorithms[digestMethod]; if (digestIdentifier == null) { errorNotify("Digest method not supported"); return(false); } var digested = SHA256.Create().ComputeHash(ms); var ourDigest = Convert.ToBase64String(digested); var theirDigest = reference.GetElementsByTagName("ds:DigestValue")[0].InnerText; if (!ourDigest.Equals(theirDigest)) { errorNotify("Digest value mismatch for references"); return(false); } } catch (Exception e) { errorNotify("Unable to validate signature."); } } } } // signature validation var _cert = ((XmlElement)keyInfo).GetElementsByTagName("ds:X509Certificate")[0].InnerText; try { XmlDsigC14NTransform transform = new XmlDsigC14NTransform(); transform.LoadInput(GenerateStreamFromString(signedInfo.OuterXml)); var cannonSignedInfo = (MemoryStream)transform.GetOutput(typeof(Stream)); var certBytes = Convert.FromBase64String(_cert); SubjectPublicKeyInfo ski = X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(certBytes)).SubjectPublicKeyInfo; AsymmetricKeyParameter pk = PublicKeyFactory.CreateKey(ski); var algString = this.validAlgorithms[this.digMethod]; var signatureBytes = Convert.FromBase64String(signatureValue.InnerText); switch (ski.AlgorithmID.ObjectID.Id) { case "1.2.840.10040.4.1": algString += "withdsa"; break; case "1.2.840.113549.1.1.1": algString += "withrsa"; break; default: Console.WriteLine("Err."); break; } ISigner verif = SignerUtilities.GetSigner(algString); verif.Init(false, pk); verif.BlockUpdate(cannonSignedInfo.ToArray(), 0, cannonSignedInfo.ToArray().Length); var signatureVerificationResult = verif.VerifySignature(signatureBytes); if (!signatureVerificationResult) { errorNotify("Signature verification failed."); } } catch (Exception e) { errorNotify("Unable to validate signature."); } } #endregion #region signature element validation XmlNamespaceManager mn2 = new XmlNamespaceManager(doc.NameTable); mn2.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); var _sig = this.doc.SelectSingleNode($"//ds:Signature", mn2); if (_sig == null) { errorNotify("ds:Signature element is missing"); return(false); } var signature = (XmlElement)_sig; String id = signature.GetAttribute("Id"); if (id.Equals("")) { errorNotify("ds:Signature element does not have Id"); return(false); } String ds_ns = signature.GetAttribute("xmlns:ds"); if (ds_ns.Equals("")) { errorNotify("No xmlns:ds attribute in ds:Signature"); return(false); } if (!ds_ns.Equals(dsNs)) { errorNotify("ds:Signature element xmlns:ds attribute value is invalid"); return(false); } #endregion #region signatureValue valid var _sigVal = this.doc.SelectSingleNode($"//ds:SignatureValue", mn2); if (_sigVal == null) { errorNotify("ds:SignatureValue element is missing"); return(false); } var signatureValueElement = (XmlElement)_sigVal; var signatureValueId = signatureValueElement.GetAttribute("Id"); if (id.Equals("")) { errorNotify("ds:SignatureValue element is does not have Id"); return(false); } #endregion #region signedInfo reference var SignedInfoReferences = this.doc.SelectNodes($"//ds:SignedInfo/ds:Reference", mn2); if (SignedInfoReferences.Count == 0) { errorNotify("No references in the ds:SignedInfo "); return(false); } for (int i = 0; i < SignedInfoReferences.Count; i++) { var reference = (XmlElement)SignedInfoReferences[i]; String Id = reference.GetAttribute("Id"); if (Id.Equals("")) { errorNotify("ds:SignedInfo reference is missing the Id"); return(false); } String type = reference.GetAttribute("Type"); if (type.Equals("")) { errorNotify("Reference is missing the URI attribute {Id}"); return(false); } String URI = reference.GetAttribute("URI"); if (URI.Equals("")) { errorNotify($"Reference is missing the URI attribute {Id}"); return(false); } URI = URI.Substring(1); var referencedElement = this.doc.SelectSingleNode($"//*[@Id='{URI}']"); if (referencedElement == null) { errorNotify($"Reference {URI} in ds:SignedInfo not found"); return(false); } var name = referencedElement.Name; String requiredType = null; switch (name) { case ("xades:SignedProperties"): requiredType = referenceElements["SIGNEDPROPERTIES"]; break; case ("ds:SignatureProperties"): requiredType = referenceElements["SIGNATUREPROPERTIES"]; break; case ("ds:KeyInfo"): requiredType = referenceElements["OBJECT"]; break; default: requiredType = referenceElements["MANIFEST"]; break; } if (!type.Equals(requiredType)) { errorNotify("ds:SignedInfo reference type does not match"); return(false); } } #endregion return(true); }
protected virtual void CheckSignature( IAsymmetricKeyParameter publicKey, ISigner signature) { if (!IsAlgIDEqual(c.SignatureAlgorithm, c.TbsCertificate.Signature)) throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); Asn1Encodable parameters = c.SignatureAlgorithm.Parameters; X509SignatureUtilities.SetSignatureParameters(signature, parameters); signature.Init(false, publicKey); byte[] b = this.GetTbsCertificate(); signature.BlockUpdate(b, 0, b.Length); byte[] sig = this.GetSignature(); if (!signature.VerifySignature(sig)) { throw new InvalidKeyException("Public key presented not for certificate signature"); } }
private void DoTestConsistency(Ed25519.Algorithm algorithm, byte[] context) { Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator(); kpg.Init(new Ed25519KeyGenerationParameters(Random)); AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private; Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public; byte[] msg = new byte[Random.NextInt() & 255]; Random.NextBytes(msg); ISigner signer = CreateSigner(algorithm, context); signer.Init(true, privateKey); signer.BlockUpdate(msg, 0, msg.Length); byte[] signature = signer.GenerateSignature(); ISigner verifier = CreateSigner(algorithm, context); { verifier.Init(false, publicKey); verifier.BlockUpdate(msg, 0, msg.Length); bool shouldVerify = verifier.VerifySignature(signature); if (!shouldVerify) { Fail("Ed25519(" + algorithm + ") signature failed to verify"); } } { byte[] wrongLengthSignature = Arrays.Append(signature, 0x00); verifier.Init(false, publicKey); verifier.BlockUpdate(msg, 0, msg.Length); bool shouldNotVerify = verifier.VerifySignature(wrongLengthSignature); if (shouldNotVerify) { Fail("Ed25519(" + algorithm + ") wrong length signature incorrectly verified"); } } if (msg.Length > 0) { bool shouldNotVerify = verifier.VerifySignature(signature); if (shouldNotVerify) { Fail("Ed25519(" + algorithm + ") wrong length failure did not reset verifier"); } } { byte[] badSignature = Arrays.Clone(signature); badSignature[Random.Next() % badSignature.Length] ^= (byte)(1 << (Random.NextInt() & 7)); verifier.Init(false, publicKey); verifier.BlockUpdate(msg, 0, msg.Length); bool shouldNotVerify = verifier.VerifySignature(badSignature); if (shouldNotVerify) { Fail("Ed25519(" + algorithm + ") bad signature incorrectly verified"); } } }
public static void Update(this ISigner signer, byte[] data) { signer.BlockUpdate(data, 0, data.Length); }
public override void Write(byte[] buf, int off, int len) { s.BlockUpdate(buf, off, len); }
public void TestECDsa239BitBinary() { BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174"); byte[] kData = new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363").ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); // EllipticCurve curve = new EllipticCurve( // new ECFieldF2m(239, // m // new int[] { 36 }), // k // new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a // new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b ECCurve curve = new F2mCurve( 239, // m 36, // k new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, // ECPointUtil.DecodePoint(curve, Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n BigInteger.ValueOf(4)); //4); // h ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d parameters); ECPublicKeyParameters vKey = new ECPublicKeyParameters( "ECDSA", // ECPointUtil.DecodePoint(curve, Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q parameters); ISigner sgr = SignerUtilities.GetSigner("ECDSA"); // KeyFactory f = KeyFactory.getInstance("ECDSA"); // AsymmetricKeyParameter sKey = f.generatePrivate(priKeySpec); // AsymmetricKeyParameter vKey = f.generatePublic(pubKeySpec); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; sgr.Init(true, new ParametersWithRandom(sKey, k)); sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail("239 Bit EC verification failed"); } BigInteger[] sig = derDecode(sigBytes); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } }
/// <summary> /// When overridden in a derived class, writes a sequence of bytes to the current stream and advances the current position within this stream by the number of bytes written. /// </summary> /// <param name="buffer">An array of bytes. This method copies <paramref name="count"/> bytes from <paramref name="buffer"/> to the current stream.</param> /// <param name="offset">The zero-based byte offset in <paramref name="buffer"/> at which to begin copying bytes to the current stream.</param> /// <param name="count">The number of bytes to be written to the current stream.</param> /// <exception cref="T:System.ArgumentException">The sum of <paramref name="offset"/> and <paramref name="count"/> is greater than the buffer length. </exception> /// <exception cref="T:System.ArgumentNullException"> /// <paramref name="buffer"/> is null. </exception> /// <exception cref="T:System.ArgumentOutOfRangeException"> /// <paramref name="offset"/> or <paramref name="count"/> is negative. </exception> /// <exception cref="T:System.IO.IOException">An I/O error occurs. </exception> /// <exception cref="T:System.NotSupportedException">The stream does not support writing. </exception> /// <exception cref="T:System.ObjectDisposedException">Methods were called after the stream was closed. </exception> public override void Write(byte[] buffer, int offset, int count) { _digestSigner.BlockUpdate(buffer, offset, count); }
public SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm, byte[] calculatedDigest) { try { string digestName = Helper.GetDigestAlgName(_digestOID); string signatureName = digestName + "with" + _encName; // AlgorithmIdentifier digAlgId = DigestAlgorithmID; // // byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)]; // outer._digests[_digestOID] = hash.Clone(); byte[] bytesToSign = calculatedDigest; /* RFC 3852 5.4 * The result of the message digest calculation process depends on * whether the signedAttrs field is present. When the field is absent, * the result is just the message digest of the content as described * * above. When the field is present, however, the result is the message * digest of the complete DER encoding of the SignedAttrs value * contained in the signedAttrs field. */ Asn1Set signedAttr = null; if (_sAttr != null) { IDictionary parameters = outer.GetBaseParameters(contentType, digestAlgorithm, calculatedDigest); // Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(Collections.unmodifiableMap(parameters)); Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(parameters); if (contentType == null) //counter signature { if (signed != null && signed[CmsAttributes.ContentType] != null) { IDictionary tmpSigned = signed.ToDictionary(); tmpSigned.Remove(CmsAttributes.ContentType); signed = new Asn1.Cms.AttributeTable(tmpSigned); } } signedAttr = outer.GetAttributeSet(signed); // sig must be composed from the DER encoding. bytesToSign = signedAttr.GetEncoded(Asn1Encodable.Der); } else { // Note: Need to use raw signatures here since we have already calculated the digest if (_encName.Equals("RSA")) { DigestInfo dInfo = new DigestInfo(digestAlgorithm, calculatedDigest); bytesToSign = dInfo.GetEncoded(Asn1Encodable.Der); } } _sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length); byte[] sigBytes = _sig.GenerateSignature(); Asn1Set unsignedAttr = null; if (_unsAttr != null) { IDictionary parameters = outer.GetBaseParameters( contentType, digestAlgorithm, calculatedDigest); parameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone(); // Asn1.Cms.AttributeTable unsigned = _unsAttr.getAttributes(Collections.unmodifiableMap(parameters)); Asn1.Cms.AttributeTable unsigned = _unsAttr.GetAttributes(parameters); unsignedAttr = outer.GetAttributeSet(unsigned); } // TODO[RSAPSS] Need the ability to specify non-default parameters Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName); AlgorithmIdentifier digestEncryptionAlgorithm = Helper.GetEncAlgorithmIdentifier( new DerObjectIdentifier(_encOID), sigX509Parameters); return(new SignerInfo(_signerIdentifier, digestAlgorithm, signedAttr, digestEncryptionAlgorithm, new DerOctetString(sigBytes), unsignedAttr)); } catch (IOException e) { throw new CmsStreamException("encoding error.", e); } catch (SignatureException e) { throw new CmsStreamException("error creating signature.", e); } }
public void TestECDsa239BitPrime() { BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176"); BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783"); byte[] kData = BigIntegers.AsUnsignedByteArray( new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655")); SecureRandom k = FixedSecureRandom.From(kData); X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); ECCurve curve = x9.Curve; ECDomainParameters spec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q spec); ISigner sgr = SignerUtilities.GetSigner("ECDSA"); // KeyFactory f = KeyFactory.GetInstance("ECDSA"); // PrivateKey sKey = f.generatePrivate(priKey); // PublicKey vKey = f.generatePublic(pubKey); AsymmetricKeyParameter sKey = priKey; AsymmetricKeyParameter vKey = pubKey; sgr.Init(true, new ParametersWithRandom(sKey, k)); byte[] message = Encoding.ASCII.GetBytes("abc"); sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail("239 Bit EC verification failed"); } BigInteger[] sig = DerDecode(sigBytes); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } }
private void generationTest() { byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; ISigner s = SignerUtilities.GetSigner("GOST3410"); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); g.Init( new Gost3410KeyGenerationParameters( new SecureRandom(), CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); AsymmetricCipherKeyPair p = g.GenerateKeyPair(); AsymmetricKeyParameter sKey = p.Private; AsymmetricKeyParameter vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); byte[] sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("GOST3410"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("GOST3410 verification failed"); } // // default initialisation test // s = SignerUtilities.GetSigner("GOST3410"); g = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); // TODO This is supposed to be a 'default initialisation' test, but don't have a factory // These values are defaults from JCE provider g.Init( new Gost3410KeyGenerationParameters( new SecureRandom(), CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); p = g.GenerateKeyPair(); sKey = p.Private; vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("GOST3410"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("GOST3410 verification failed"); } // // encoded test // //KeyFactory f = KeyFactory.getInstance("GOST3410"); //X509EncodedKeySpec x509s = new X509EncodedKeySpec(vKey.GetEncoded()); //Gost3410PublicKeyParameters k1 = (Gost3410PublicKeyParameters)f.generatePublic(x509s); byte[] vKeyEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded(); Gost3410PublicKeyParameters k1 = (Gost3410PublicKeyParameters) PublicKeyFactory.CreateKey(vKeyEnc); if (!k1.Y.Equals(((Gost3410PublicKeyParameters)vKey).Y)) { Fail("public number not decoded properly"); } //PKCS8EncodedKeySpec pkcs8 = new PKCS8EncodedKeySpec(sKey.GetEncoded()); //Gost3410PrivateKeyParameters k2 = (Gost3410PrivateKeyParameters)f.generatePrivate(pkcs8); byte[] sKeyEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded(); Gost3410PrivateKeyParameters k2 = (Gost3410PrivateKeyParameters) PrivateKeyFactory.CreateKey(sKeyEnc); if (!k2.X.Equals(((Gost3410PrivateKeyParameters)sKey).X)) { Fail("private number not decoded properly"); } // // ECGOST3410 generation test // s = SignerUtilities.GetSigner("ECGOST3410"); g = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p ECCurve curve = new FpCurve( mod_p, // p new BigInteger("7"), // a new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b ECDomainParameters ecSpec = new ECDomainParameters( curve, curve.CreatePoint( new BigInteger("2"), new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); p = g.GenerateKeyPair(); sKey = p.Private; vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("ECGOST3410"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("ECGOST3410 verification failed"); } }
public void TestGeneration() { ISigner s = SignerUtilities.GetSigner("DSA"); byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; SecureRandom rand = new SecureRandom(); // KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA"); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); // test exception // doTestBadStrength(513); doTestBadStrength(510); doTestBadStrength(1025); //g.initialize(512, rand); { DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(512, 80, rand); g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters())); } AsymmetricCipherKeyPair p = g.GenerateKeyPair(); AsymmetricKeyParameter sKey = p.Private; AsymmetricKeyParameter vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); byte[] sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("DSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("DSA verification failed"); } // // ECDSA Fp generation test // s = SignerUtilities.GetSigner("ECDSA"); X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); ECCurve curve = x9.Curve; ECDomainParameters ecSpec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); g.Init(new ECKeyGenerationParameters(ecSpec, rand)); p = g.GenerateKeyPair(); sKey = p.Private; vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("ECDSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("ECDSA verification failed"); } // // ECDSA F2m generation test // s = SignerUtilities.GetSigner("ECDSA"); x9 = ECNamedCurveTable.GetByName("c2tnb239v1"); curve = x9.Curve; ecSpec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); g.Init(new ECKeyGenerationParameters(ecSpec, rand)); p = g.GenerateKeyPair(); sKey = p.Private; vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("ECDSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("ECDSA verification failed"); } }
/// <summary> /// Instantiate a Pkcs10CertificationRequest object with the necessary credentials. /// </summary> ///<param name="signatureAlgorithm">Name of Sig Alg.</param> /// <param name="subject">X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" </param> /// <param name="publicKey">Public Key to be included in cert reqest.</param> /// <param name="attributes">ASN1Set of Attributes.</param> /// <param name="signingKey">Matching Private key for nominated (above) public key to be used to sign the request.</param> public Pkcs10CertificationRequest( string signatureAlgorithm, X509Name subject, AsymmetricKeyParameter publicKey, Asn1Set attributes, AsymmetricKeyParameter signingKey) { if (signatureAlgorithm == null) { throw new ArgumentNullException("signatureAlgorithm"); } if (subject == null) { throw new ArgumentNullException("subject"); } if (publicKey == null) { throw new ArgumentNullException("publicKey"); } if (publicKey.IsPrivate) { throw new ArgumentException("expected public key", "publicKey"); } if (!signingKey.IsPrivate) { throw new ArgumentException("key for signing must be private", "signingKey"); } // DerObjectIdentifier sigOid = SignerUtilities.GetObjectIdentifier(signatureAlgorithm); string algorithmName = signatureAlgorithm.ToUpper(CultureInfo.InvariantCulture); DerObjectIdentifier sigOid = (DerObjectIdentifier)algorithms[algorithmName]; if (sigOid == null) { try { sigOid = new DerObjectIdentifier(algorithmName); } catch (Exception e) { throw new ArgumentException("Unknown signature type requested", e); } } if (noParams.Contains(sigOid)) { this.sigAlgId = new AlgorithmIdentifier(sigOid); } else if (exParams.Contains(algorithmName)) { this.sigAlgId = new AlgorithmIdentifier(sigOid, (Asn1Encodable)exParams[algorithmName]); } else { this.sigAlgId = new AlgorithmIdentifier(sigOid, DerNull.Instance); } SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey); this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes); ISigner sig = SignerUtilities.GetSigner(signatureAlgorithm); sig.Init(true, signingKey); try { // Encode. byte[] b = reqInfo.GetDerEncoded(); sig.BlockUpdate(b, 0, b.Length); } catch (Exception e) { throw new ArgumentException("exception encoding TBS cert request", e); } // Generate Signature. sigBits = new DerBitString(sig.GenerateSignature()); }
public void TestParameters() { // AlgorithmParameterGenerator a = AlgorithmParameterGenerator.GetInstance("DSA"); // a.init(512, random); DsaParametersGenerator a = new DsaParametersGenerator(); a.Init(512, 20, random); // AlgorithmParameters parameters = a.generateParameters(); DsaParameters p = a.GenerateParameters(); // byte[] encodeParams = parameters.GetEncoded(); byte[] encodeParams = new DsaParameter(p.P, p.Q, p.G).GetDerEncoded(); // AlgorithmParameters a2 = AlgorithmParameters.GetInstance("DSA"); // a2.init(encodeParams); DsaParameter dsaP = DsaParameter.GetInstance(Asn1Object.FromByteArray(encodeParams)); DsaParameters p2 = new DsaParameters(dsaP.P, dsaP.Q, dsaP.G); // a and a2 should be equivalent! // byte[] encodeParams_2 = a2.GetEncoded(); byte[] encodeParams_2 = new DsaParameter(p2.P, p2.Q, p2.G).GetDerEncoded(); if (!AreEqual(encodeParams, encodeParams_2)) { Fail("encode/Decode parameters failed"); } // DSAParameterSpec dsaP = (DSAParameterSpec)parameters.getParameterSpec(typeof(DSAParameterSpec)); // KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA"); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); // g.initialize(dsaP, new SecureRandom()); g.Init(new DsaKeyGenerationParameters(new SecureRandom(), p)); // KeyPair p = g.generateKeyPair(); AsymmetricCipherKeyPair pair = g.GenerateKeyPair(); // PrivateKey sKey = p.Private; // PublicKey vKey = p.Public; AsymmetricKeyParameter sKey = pair.Private; AsymmetricKeyParameter vKey = pair.Public; ISigner s = SignerUtilities.GetSigner("DSA"); byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); byte[] sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("DSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("DSA verification failed"); } }
private OcspReq GenerateRequest( DerObjectIdentifier signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, SecureRandom random) { Asn1EncodableVector requests = new Asn1EncodableVector(); foreach (RequestObject reqObj in list) { try { requests.Add(reqObj.ToRequest()); } catch (Exception e) { throw new OcspException("exception creating Request", e); } } TbsRequest tbsReq = new TbsRequest(requestorName, new DerSequence(requests), requestExtensions); ISigner sig = null; Signature signature = null; if (signingAlgorithm != null) { if (requestorName == null) { throw new OcspException("requestorName must be specified if request is signed."); } try { sig = SignerUtilities.GetSigner(signingAlgorithm.Id); if (random != null) { sig.Init(true, new ParametersWithRandom(privateKey, random)); } else { sig.Init(true, privateKey); } } catch (Exception e) { throw new OcspException("exception creating signature: " + e, e); } DerBitString bitSig = null; try { byte[] encoded = tbsReq.GetEncoded(); sig.BlockUpdate(encoded, 0, encoded.Length); bitSig = new DerBitString(sig.GenerateSignature()); } catch (Exception e) { throw new OcspException("exception processing TBSRequest: " + e, e); } AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance); if (chain != null && chain.Length > 0) { Asn1EncodableVector v = new Asn1EncodableVector(); try { for (int i = 0; i != chain.Length; i++) { v.Add( X509CertificateStructure.GetInstance( Asn1Object.FromByteArray(chain[i].GetEncoded()))); } } catch (IOException e) { throw new OcspException("error processing certs", e); } catch (CertificateEncodingException e) { throw new OcspException("error encoding certs", e); } signature = new Signature(sigAlgId, bitSig, new DerSequence(v)); } else { signature = new Signature(sigAlgId, bitSig); } } return(new OcspReq(new OcspRequest(tbsReq, signature))); }
public void TestDsa2Parameters() { byte[] seed = Hex.Decode("4783081972865EA95D43318AB2EAF9C61A2FC7BBF1B772A09017BDF5A58F4FF0"); //AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DSA", "BC"); //a.init(2048, new DSATestSecureRandom(seed)); DsaParametersGenerator a = new DsaParametersGenerator(new Sha256Digest()); a.Init(new DsaParameterGenerationParameters(2048, 256, 80, new DsaTestSecureRandom(seed))); //AlgorithmParameters parameters = a.generateParameters(); //DSAParameterSpec dsaP = (DSAParameterSpec)parameters.getParameterSpec(DSAParameterSpec.class); DsaParameters dsaP = a.GenerateParameters(); if (!dsaP.Q.Equals(new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16))) { Fail("Q incorrect"); } if (!dsaP.P.Equals(new BigInteger( "F56C2A7D366E3EBDEAA1891FD2A0D099" + "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" + "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" + "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" + "5909132627F51A0C866877E672E555342BDF9355347DBD43" + "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" + "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" + "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" + "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" + "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" + "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16))) { Fail("P incorrect"); } if (!dsaP.G.Equals(new BigInteger( "8DC6CC814CAE4A1C05A3E186A6FE27EA" + "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" + "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" + "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" + "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" + "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" + "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" + "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" + "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" + "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" + "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16))) { Fail("G incorrect"); } //KeyPairGenerator g = KeyPairGenerator.getInstance("DSA", "BC"); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); //g.initialize(dsaP, FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C"))); g.Init(new DsaKeyGenerationParameters(FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")), dsaP)); //KeyPair p = g.generateKeyPair(); AsymmetricCipherKeyPair p = g.GenerateKeyPair(); //DSAPrivateKey sKey = (DSAPrivateKey)p.getPrivate(); //DSAPublicKey vKey = (DSAPublicKey)p.getPublic(); DsaPrivateKeyParameters sKey = (DsaPrivateKeyParameters)p.Private; DsaPublicKeyParameters vKey = (DsaPublicKeyParameters)p.Public; if (!vKey.Y.Equals(new BigInteger( "2828003D7C747199143C370FDD07A286" + "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" + "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" + "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" + "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" + "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" + "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" + "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" + "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" + "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" + "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16))) { Fail("Y value incorrect"); } if (!sKey.X.Equals( new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16))) { Fail("X value incorrect"); } //byte[] encodeParams = parameters.getEncoded(); byte[] encodeParams = new DsaParameter(dsaP.P, dsaP.Q, dsaP.G).GetDerEncoded(); //AlgorithmParameters a2 = AlgorithmParameters.getInstance("DSA", "BC"); //a2.init(encodeParams); DsaParameter dsaP2 = DsaParameter.GetInstance(Asn1Object.FromByteArray(encodeParams)); DsaParameters p2 = new DsaParameters(dsaP.P, dsaP.Q, dsaP.G); // a and a2 should be equivalent! //byte[] encodeParams_2 = a2.GetEncoded(); byte[] encodeParams_2 = new DsaParameter(p2.P, p2.Q, p2.G).GetDerEncoded(); if (!AreEqual(encodeParams, encodeParams_2)) { Fail("encode/decode parameters failed"); } ISigner s = SignerUtilities.GetSigner("DSA"); byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); byte[] sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("DSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("DSA verification failed"); } }
public void DKIMSign(ISigner signer, CanonicalizationType headerCanonicalization, CanonicalizationType bodyCanonicalization, HashingAlgorithm hashAlgorithm, string domain, string selector) { if (IsSigned) throw new InvalidOperationException("Message already have DKIM header."); IsSigned = true; string hashtype = hashAlgorithm == HashingAlgorithm.RSASha1 ? "sha1" : "sha256"; StringBuilder dkim = new StringBuilder(300) .Append("v=1;") // version .Append("a=").Append("rsa-").Append(hashtype).Append(";") // hash algorithm .Append("c=").Append(string.Format("{0}/{1}", headerCanonicalization, bodyCanonicalization).ToLower()).Append(";") // canonicalization types headers/body .Append("d=").Append(domain).Append(";") // domain for diim check .Append("s=").Append(selector).Append(";") // TXT record selector .Append("t=").Append(Convert.ToInt64((DateTime.Now.ToUniversalTime() - DateTime.SpecifyKind(DateTime.Parse("00:00:00 January 1, 1970"), DateTimeKind.Utc)).TotalSeconds).ToString()).Append(";") // creation time .Append("bh=").Append(GetBodyHash(bodyCanonicalization, hashtype)).Append(";"); // body hash var headers = ComputedHeaders; List<string> h = new List<string>(); foreach (string header in headers) foreach (string value in headers.GetValues(header)) h.Add(header); dkim.Append("h=").Append(string.Join(":", h)).Append(";") // headers for hashing .Append("b="); // signature data var canonialized = DKIMCanonicalizer.CanonicalizeHeader(headerCanonicalization, headers) + "dkim-signature:" + dkim.ToString(); var bytes = (HeadersEncoding ?? Encoding.UTF8).GetBytes(canonialized); lock (signer) { signer.BlockUpdate(bytes, 0, bytes.Length); bytes = signer.GenerateSignature();//computing signature signer.Reset(); } dkim.Append(Convert.ToBase64String(bytes)); Headers.Add("dkim-signature", dkim.ToString());// adding DKIM header }
public ValidationError SignatureValueVerificationHandler(XmlDocument xmlDoc, string xmlFileName) { ValidationError validationError = new ValidationError(xmlFileName, null); var signedInfoElement = xmlDoc.SelectXmlNode("//ds:Signature/ds:SignedInfo"); var signatureMethodElement = xmlDoc.SelectXmlNode("//ds:Signature/ds:SignedInfo/ds:SignatureMethod"); var canonicalizationMethodElement = xmlDoc.SelectXmlNode("//ds:Signature/ds:SignedInfo/ds:CanonicalizationMethod"); var signatureValueElement = xmlDoc.SelectXmlNode("//ds:Signature/ds:SignatureValue"); if (signatureValueElement == null) { return(validationError.AppendErrorMessage(nameof(signatureValueElement) + " missing")); } if (signatureMethodElement == null) { return(validationError.AppendErrorMessage(nameof(signatureMethodElement) + " missing")); } if (canonicalizationMethodElement == null) { return(validationError.AppendErrorMessage(nameof(canonicalizationMethodElement) + " missing")); } if (signedInfoElement == null) { return(validationError.AppendErrorMessage(nameof(signedInfoElement) + " missing")); } var certificate = XmlNodeHelper.GetX509Certificate(xmlDoc); if (certificate == null) { return(validationError.AppendErrorMessage("X509Certificate element is missing")); } var canMethod = canonicalizationMethodElement.AtrValue("Algorithm"); if (canMethod != ValidationEnums.Canonicalization.CanonicalizationMethod) { return(validationError.AppendErrorMessage($"Not supported cannonicalization method. {canMethod}")); } var digestBytes = CanonicalizationHelper.CanonicalizeXml(signedInfoElement); string singnatureAlgorithm = signatureMethodElement.AtrValue("Algorithm"); if (!ValidationEnums.Cryptography.SupportedSignatureSchemasMappings.ContainsKey(singnatureAlgorithm)) { return(validationError.AppendErrorMessage($"Not supported signing algorithm {singnatureAlgorithm}")); } var signingAlgo = ValidationEnums.Cryptography.SupportedSignatureSchemasMappings[singnatureAlgorithm]; AsymmetricKeyParameter publicKey = certificate.GetPublicKey(); ISigner signer = SignerUtilities.GetSigner(signingAlgo); signer.Init(false, publicKey); signer.BlockUpdate(digestBytes, 0, digestBytes.Length); if (!signer.VerifySignature(Convert.FromBase64String(signatureValueElement.InnerText))) { return(validationError.AppendErrorMessage("Cannot verify signature with publick key.")); } return(validationError); }
private void processSRPKeyExchange( MemoryStream inStr, ISigner signer) { Stream sigIn = inStr; if (signer != null) { signer.Init(false, this.serverPublicKey); signer.BlockUpdate(this.clientRandom, 0, this.clientRandom.Length); signer.BlockUpdate(this.serverRandom, 0, this.serverRandom.Length); sigIn = new SignerStream(inStr, signer, null); } /* * Parse the Structure */ byte[] NByte = TlsUtilities.ReadOpaque16(sigIn); byte[] gByte = TlsUtilities.ReadOpaque16(sigIn); byte[] sByte = TlsUtilities.ReadOpaque8(sigIn); byte[] BByte = TlsUtilities.ReadOpaque16(sigIn); if (signer != null) { byte[] sigByte = TlsUtilities.ReadOpaque16(sigIn); /* * Verify the Signature. */ if (!signer.VerifySignature(sigByte)) { this.FailWithError(AL_fatal, AP_bad_certificate); } } this.AssertEmpty(inStr); BigInteger N = new BigInteger(1, NByte); BigInteger g = new BigInteger(1, gByte); byte[] s = sByte; BigInteger B = new BigInteger(1, BByte); Srp6Client srpClient = new Srp6Client(); srpClient.Init(N, g, new Sha1Digest(), random); this.SRP_A = srpClient.GenerateClientCredentials(s, this.SRP_identity, this.SRP_password); try { BigInteger S = srpClient.CalculateSecret(B); this.pms = BigIntegers.AsUnsignedByteArray(S); } catch (CryptoException) { this.FailWithError(AL_fatal, AP_illegal_parameter); } }
private BasicOcspResp GenerateResponse( string signatureName, AsymmetricKeyParameter privateKey, X509Certificate[] chain, DateTime producedAt, SecureRandom random) { DerObjectIdentifier signingAlgorithm; try { signingAlgorithm = OcspUtilities.GetAlgorithmOid(signatureName); } catch (Exception e) { throw new ArgumentException("unknown signing algorithm specified", e); } Asn1EncodableVector responses = new Asn1EncodableVector(); foreach (ResponseObject respObj in list) { try { responses.Add(respObj.ToResponse()); } catch (Exception e) { throw new OcspException("exception creating Request", e); } } ResponseData tbsResp = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt), new DerSequence(responses), responseExtensions); ISigner sig = null; try { sig = SignerUtilities.GetSigner(signatureName); if (random != null) { sig.Init(true, new ParametersWithRandom(privateKey, random)); } else { sig.Init(true, privateKey); } } catch (Exception e) { throw new OcspException("exception creating signature: " + e, e); } DerBitString bitSig = null; try { byte[] encoded = tbsResp.GetDerEncoded(); sig.BlockUpdate(encoded, 0, encoded.Length); bitSig = new DerBitString(sig.GenerateSignature()); } catch (Exception e) { throw new OcspException("exception processing TBSRequest: " + e, e); } AlgorithmIdentifier sigAlgId = OcspUtilities.GetSigAlgID(signingAlgorithm); DerSequence chainSeq = null; if (chain != null && chain.Length > 0) { Asn1EncodableVector v = new Asn1EncodableVector(); try { for (int i = 0; i != chain.Length; i++) { v.Add( X509CertificateStructure.GetInstance( Asn1Object.FromByteArray(chain[i].GetEncoded()))); } } catch (IOException e) { throw new OcspException("error processing certs", e); } catch (CertificateEncodingException e) { throw new OcspException("error encoding certs", e); } chainSeq = new DerSequence(v); } return(new BasicOcspResp(new BasicOcspResponse(tbsResp, sigAlgId, bitSig, chainSeq))); }
private void checkSignature( int size, ECPrivateKeyParameters sKey, ECPublicKeyParameters vKey, ISigner sgr, SecureRandom k, byte[] message, BigInteger r, BigInteger s) { sgr.Init(true, new ParametersWithRandom(sKey, k)); sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail(size + " bit EC verification failed"); } BigInteger[] sig = derDecode(sigBytes); if (!r.Equals(sig[0])) { Fail(size + "bit" + ": r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail(size + "bit" + ": s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } }
private bool DoVerify( AsymmetricKeyParameter key, Asn1.Cms.AttributeTable signedAttrTable) { string digestName = Helper.GetDigestAlgName(this.DigestAlgOid); string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(this.EncryptionAlgOid); ISigner sig = Helper.GetSignatureInstance(signatureName); IDigest digest = Helper.GetDigestInstance(digestName); try { sig.Init(false, key); if (signedAttributes == null) { if (content != null) { content.Write(new CmsSignedDataGenerator.SigOutputStream(sig)); content.Write(new CmsSignedDataGenerator.DigOutputStream(digest)); _resultDigest = DigestUtilities.DoFinal(digest); } else { _resultDigest = _digest; // need to decrypt signature and check message bytes return(VerifyDigest(_digest, key, this.GetSignature())); } } else { byte[] hash; if (content != null) { content.Write( new CmsSignedDataGenerator.DigOutputStream(digest)); hash = DigestUtilities.DoFinal(digest); } else { hash = _digest; } _resultDigest = hash; Asn1.Cms.Attribute dig = signedAttrTable[Asn1.Cms.CmsAttributes.MessageDigest]; Asn1.Cms.Attribute type = signedAttrTable[Asn1.Cms.CmsAttributes.ContentType]; if (dig == null) { throw new SignatureException("no hash for content found in signed attributes"); } if (type == null) { throw new SignatureException("no content type id found in signed attributes"); } Asn1Object hashObj = dig.AttrValues[0].ToAsn1Object(); if (hashObj is Asn1OctetString) { byte[] signedHash = ((Asn1OctetString)hashObj).GetOctets(); if (!Arrays.AreEqual(hash, signedHash)) { throw new SignatureException("content hash found in signed attributes different"); } } else if (hashObj is DerNull) { if (hash != null) { throw new SignatureException("NULL hash found in signed attributes when one expected"); } } DerObjectIdentifier typeOID = (DerObjectIdentifier)type.AttrValues[0]; if (!typeOID.Equals(contentType)) { throw new SignatureException("contentType in signed attributes different"); } { byte[] tmp = this.GetEncodedSignedAttributes(); sig.BlockUpdate(tmp, 0, tmp.Length); } } return(sig.VerifySignature(this.GetSignature())); } catch (InvalidKeyException e) { throw new CmsException( "key not appropriate to signature in message.", e); } catch (IOException e) { throw new CmsException( "can't process mime object to create signature.", e); } catch (SignatureException e) { throw new CmsException( "invalid signature format in message: " + e.Message, e); } }