public override VerifyResult Verify(SignatureAlgorithm algorithm, byte[] digest, byte[] signature, CancellationToken cancellationToken)
        {
            Argument.AssertNotNull(digest, nameof(digest));
            Argument.AssertNotNull(signature, nameof(signature));

            HashAlgorithmName hashAlgorithm = algorithm.GetHashAlgorithmName();

            if (hashAlgorithm == default)
            {
                KeysEventSource.Singleton.AlgorithmNotSupported(nameof(Verify), algorithm);
                return(null);
            }

            RSASignaturePadding padding = algorithm.GetRsaSignaturePadding();

            if (padding is null)
            {
                KeysEventSource.Singleton.AlgorithmNotSupported(nameof(Verify), algorithm);
                return(null);
            }

            using RSA rsa = KeyMaterial.ToRSA();
            bool isValid = rsa.VerifyHash(digest, signature, hashAlgorithm, padding);

            return(new VerifyResult
            {
                Algorithm = algorithm,
                IsValid = isValid,
                KeyId = KeyMaterial.Id,
            });
        }
Esempio n. 2
0
        public override VerifyResult Verify(SignatureAlgorithm algorithm, byte[] digest, byte[] signature, CancellationToken cancellationToken)
        {
            Argument.AssertNotNull(digest, nameof(digest));
            Argument.AssertNotNull(signature, nameof(signature));

            HashAlgorithmName hashAlgorithm = algorithm.GetHashAlgorithmName();

            if (hashAlgorithm == default)
            {
                // TODO: Log that we don't support the given algorithm.
                return(null);
            }

            RSASignaturePadding padding = algorithm.GetRsaSignaturePadding();

            if (padding is null)
            {
                // TODO: Log that we don't support the given algorithm.
                return(null);
            }

            using RSA rsa = KeyMaterial.ToRSA();
            bool isValid = rsa.VerifyHash(digest, signature, hashAlgorithm, padding);

            return(new VerifyResult
            {
                Algorithm = algorithm,
                IsValid = isValid,
                KeyId = KeyMaterial.Id,
            });
        }
        public override SignResult Sign(SignatureAlgorithm algorithm, byte[] digest, CancellationToken cancellationToken)
        {
            Argument.AssertNotNull(digest, nameof(digest));

            ThrowIfTimeInvalid();

            // A private key is required to sign. Send to the server.
            if (MustRemote)
            {
                KeysEventSource.Singleton.PrivateKeyRequired(nameof(Sign));
                return(null);
            }

            HashAlgorithmName hashAlgorithm = algorithm.GetHashAlgorithmName();

            if (hashAlgorithm == default)
            {
                KeysEventSource.Singleton.AlgorithmNotSupported(nameof(Sign), algorithm);
                return(null);
            }

            RSASignaturePadding padding = algorithm.GetRsaSignaturePadding();

            if (padding is null)
            {
                KeysEventSource.Singleton.AlgorithmNotSupported(nameof(Sign), algorithm);
                return(null);
            }

            using RSA rsa = KeyMaterial.ToRSA(true);
            byte[] signature = rsa.SignHash(digest, hashAlgorithm, padding);

            return(new SignResult
            {
                Algorithm = algorithm,
                KeyId = KeyMaterial.Id,
                Signature = signature,
            });
        }
Esempio n. 4
0
        public override SignResult Sign(SignatureAlgorithm algorithm, byte[] digest, CancellationToken cancellationToken)
        {
            Argument.AssertNotNull(digest, nameof(digest));

            ThrowIfTimeInvalid();

            // A private key is required to sign. Send to the server.
            if (MustRemote)
            {
                // TODO: Log that we need a private key.
                return(null);
            }

            HashAlgorithmName hashAlgorithm = algorithm.GetHashAlgorithmName();

            if (hashAlgorithm == default)
            {
                // TODO: Log that we don't support the given algorithm.
                return(null);
            }

            RSASignaturePadding padding = algorithm.GetRsaSignaturePadding();

            if (padding is null)
            {
                // TODO: Log that we don't support the given algorithm.
                return(null);
            }

            using RSA rsa = KeyMaterial.ToRSA(true);
            byte[] signature = rsa.SignHash(digest, hashAlgorithm, padding);

            return(new SignResult
            {
                Algorithm = algorithm,
                KeyId = KeyMaterial.Id,
                Signature = signature,
            });
        }
Esempio n. 5
0
        public SignResult Sign(SignatureAlgorithm algorithm, byte[] digest, CancellationToken cancellationToken)
        {
            Argument.AssertNotNull(digest, nameof(digest));

            // A private key is required to sign. Send to the server.
            if (_jwk.KeyId != null && !_jwk.HasPrivateKey)
            {
                // TODO: Log that we need a private key.
                return(null);
            }

            HashAlgorithmName hashAlgorithm = algorithm.GetHashAlgorithmName();

            if (hashAlgorithm == default)
            {
                // TODO: Log that we don't support the given algorithm.
                return(null);
            }

            RSASignaturePadding padding = algorithm.GetRsaSignaturePadding();

            if (padding is null)
            {
                // TODO: Log that we don't support the given algorithm.
                return(null);
            }

            using RSA rsa = _jwk.ToRSA(true);
            byte[] signature = rsa.SignHash(digest, hashAlgorithm, padding);

            return(new SignResult
            {
                Algorithm = algorithm,
                KeyId = _jwk.KeyId,
                Signature = signature,
            });
        }