Esempio n. 1
0
        // https://tools.ietf.org/html/rfc4357#section-5.2
        // https://tools.ietf.org/html/rfc7836#section-4.3
        public byte[] Vko(EncryptedPrivateKey encPk, ECPublicKeyParameters y)
        {
            var x = (ECPrivateKeyParameters)_keyPair.Private;

            var ukmBytes = (byte[])encPk.UKM.Clone();

            Array.Reverse(ukmBytes);
            var ukm = new BigInteger(1, ukmBytes);

            var p         = ukm.Multiply(x.D).Mod(y.Parameters.Curve.Order);
            var kekPoint  = y.Q.Multiply(p).Normalize();
            var kekPointX = kekPoint.AffineXCoord.ToBigInteger().ToByteArrayUnsigned();
            var kekPointY = kekPoint.AffineYCoord.ToBigInteger().ToByteArrayUnsigned();

            var kekBytes = new byte[kekPointX.Length + kekPointY.Length];

            Array.Copy(kekPointY, 0, kekBytes, 0, kekPointY.Length);
            Array.Copy(kekPointX, 0, kekBytes, kekPointY.Length, kekPointX.Length);
            Array.Reverse(kekBytes);

            var dig = GetDigest();
            var kek = new byte[dig.GetDigestSize()];

            dig.BlockUpdate(kekBytes, 0, kekBytes.Length);
            dig.DoFinal(kek, 0);

            return(kek);
        }
Esempio n. 2
0
        // https://tools.ietf.org/html/rfc4357#section-5.2
        public byte[] Vko(EncryptedPrivateKey encPk, ECPublicKeyParameters sessionKey)
        {
            var privKey = (ECPrivateKeyParameters)_keyPair.Private;

            var ukmBytes = (byte[])encPk.UKM.Clone();

            Array.Reverse(ukmBytes);
            var ukm = new BigInteger(1, ukmBytes);

            var p        = ukm.Multiply(privKey.D).Mod(sessionKey.Parameters.Curve.Order);
            var kekPoint = sessionKey.Q.Multiply(p).Normalize();
            var x        = kekPoint.XCoord.ToBigInteger().ToByteArrayUnsigned();
            var y        = kekPoint.YCoord.ToBigInteger().ToByteArrayUnsigned();

            var kekBytes = new byte[64];

            Array.Copy(y, 0, kekBytes, 0, 32);
            Array.Copy(x, 0, kekBytes, 32, 32);
            Array.Reverse(kekBytes);

            var kek = new byte[32];
            var dig = new Gost3411Digest();

            dig.BlockUpdate(kekBytes, 0, kekBytes.Length);
            dig.DoFinal(kek, 0);

            return(kek);
        }
Esempio n. 3
0
        public BigInteger ExportPrivateKey()
        {
            var context = GetHandle(_cert);

            var derive = new KeyDerivation();

            derive.Init();

            byte[] sessKey, privKeyBlob;
            ExportPrivateKey(context, derive.GetPublicKeyBytes(), out sessKey, out privKeyBlob);

            _encryptedPkey = new EncryptedPrivateKey(privKeyBlob);
            _sk            = new SessionKey(sessKey);
            var kek  = derive.Vko(_encryptedPkey, _sk.GetPublicKey());
            var pkey = _encryptedPkey.UnwrapKey(kek);

            Array.Reverse(pkey);

            return(new BigInteger(1, pkey));
        }
Esempio n. 4
0
        public BigInteger ExportPrivateKey()
        {
            var pkeyInfo = GetPrivateKeyInfo(_cert);

            CheckProvider(pkeyInfo);
            var provType = (ProviderType)pkeyInfo.ProviderType;
            var factory  = KeyExportFactory.Create(provType);

            var derive      = factory.CreateKeyDerivation();
            var blob        = factory.CreatePrivateKeyBlob();
            var privKeyBlob = blob.GetPrivateKeyBlob(_cert.Handle, derive);

            _encryptedPkey = factory.CreateEncryptedPrivateKey(privKeyBlob);
            _sk            = factory.CreateSessionKey(blob.SessionKey);
            var kek  = derive.Vko(_encryptedPkey, _sk.GetPublicKey());
            var pkey = _encryptedPkey.UnwrapKey(kek);

            Array.Reverse(pkey);

            return(new BigInteger(1, pkey));
        }