// Note: PKCS#8 doesn't define how to generate the key required for encryption
// so you're on your own. Just don't try to copy the big guys too much ;)
// Netscape: http://www.cs.auckland.ac.nz/~pgut001/pubs/netscape.txt
// Microsoft: http://www.cs.auckland.ac.nz/~pgut001/pubs/breakms.txt
public byte[] GetBytes()
{
if (_algorithm == null)
{
throw new CryptographicException("No algorithm OID specified");
}
ASN1 encryptionAlgorithm = new ASN1(0x30);
encryptionAlgorithm.Add(ASN1Convert.FromOid(_algorithm));
// parameters ANY DEFINED BY algorithm OPTIONAL
if ((_iterations > 0) || (_salt != null))
{
ASN1 salt = new ASN1(0x04, _salt);
ASN1 iterations = ASN1Convert.FromInt32(_iterations);
ASN1 parameters = new ASN1(0x30);
parameters.Add(salt);
parameters.Add(iterations);
encryptionAlgorithm.Add(parameters);
}
// encapsulates EncryptedData into an OCTET STRING
ASN1 encryptedData = new ASN1(0x04, _data);
ASN1 encryptedPrivateKeyInfo = new ASN1(0x30);
encryptedPrivateKeyInfo.Add(encryptionAlgorithm);
encryptedPrivateKeyInfo.Add(encryptedData);
return(encryptedPrivateKeyInfo.GetBytes());
}
public byte[] GetBytes()
{
ASN1 privateKeyAlgorithm = new ASN1(0x30);
privateKeyAlgorithm.Add(ASN1Convert.FromOid(_algorithm));
privateKeyAlgorithm.Add(new ASN1(0x05)); // ASN.1 NULL
ASN1 pki = new ASN1(0x30);
pki.Add(new ASN1(0x02, new byte[1] {
(byte)_version
}));
pki.Add(privateKeyAlgorithm);
pki.Add(new ASN1(0x04, _key));
if (_list.Count > 0)
{
ASN1 attributes = new ASN1(0xA0);
foreach (ASN1 attribute in _list)
{
attributes.Add(attribute);
}
pki.Add(attributes);
}
return(pki.GetBytes());
}
/// <summary>
/// Encodes the RSAParameters as an asn1-encoded RSAPublicKey or RSAPrivateKey struct, as defined by PKCS#1 / rfc3447.
/// </summary>
/// <param name="rsa">The RSA.</param>
/// <returns></returns>
/// <remarks>Adapted from Mono.Security</remarks>
public static byte[] EncodeAsAsn1(RSAParameters param)
{
ASN1 asn1;
// See: http://tools.ietf.org/html/rfc3447
// - A.1.1 RSA public key syntax
// - A.1.2 RSA private key syntax
if (param.D == null)
{
// Emit a RSAPublicKey ASN.1 type.
asn1 = new ASN1(0x30);
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Modulus));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Exponent));
}
else
{
// Emit a RSAPrivateKey ASN.1 type.
asn1 = new ASN1(0x30);
asn1.Add(new ASN1(0x02, new byte[1] {
0x00
}));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Modulus));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Exponent));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.D));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.P));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Q));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.DP));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.DQ));
asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.InverseQ));
}
return(asn1.GetBytes());
}
private static ASN1 AlgorithmIdentifier(string oid, ASN1 parameters)
{
ASN1 ai = new ASN1(0x30);
ai.Add(ASN1Convert.FromOid(oid));
ai.Add(parameters);
return(ai);
}
private static ASN1 AlgorithmIdentifier(string oid)
{
ASN1 ai = new ASN1(0x30);
ai.Add(ASN1Convert.FromOid(oid));
ai.Add(new ASN1(0x05)); // NULL
return(ai);
}
// methods
private void Decode(byte[] data)
{
ASN1 encryptedPrivateKeyInfo = new ASN1(data);
if (encryptedPrivateKeyInfo.Tag != 0x30)
{
throw new CryptographicException("invalid EncryptedPrivateKeyInfo");
}
ASN1 encryptionAlgorithm = encryptedPrivateKeyInfo[0];
if (encryptionAlgorithm.Tag != 0x30)
{
throw new CryptographicException("invalid encryptionAlgorithm");
}
ASN1 algorithm = encryptionAlgorithm[0];
if (algorithm.Tag != 0x06)
{
throw new CryptographicException("invalid algorithm");
}
_algorithm = ASN1Convert.ToOid(algorithm);
// parameters ANY DEFINED BY algorithm OPTIONAL
if (encryptionAlgorithm.Count > 1)
{
ASN1 parameters = encryptionAlgorithm[1];
if (parameters.Tag != 0x30)
{
throw new CryptographicException("invalid parameters");
}
ASN1 salt = parameters[0];
if (salt.Tag != 0x04)
{
throw new CryptographicException("invalid salt");
}
_salt = salt.Value;
ASN1 iterationCount = parameters[1];
if (iterationCount.Tag != 0x02)
{
throw new CryptographicException("invalid iterationCount");
}
_iterations = ASN1Convert.ToInt32(iterationCount);
}
ASN1 encryptedData = encryptedPrivateKeyInfo[1];
if (encryptedData.Tag != 0x04)
{
throw new CryptographicException("invalid EncryptedData");
}
_data = encryptedData.Value;
}
// methods
private void Decode(byte[] data)
{
ASN1 privateKeyInfo = new ASN1(data);
if (privateKeyInfo.Tag != 0x30)
{
throw new CryptographicException("invalid PrivateKeyInfo");
}
ASN1 version = privateKeyInfo[0];
if (version.Tag != 0x02)
{
throw new CryptographicException("invalid version");
}
_version = version.Value[0];
ASN1 privateKeyAlgorithm = privateKeyInfo[1];
if (privateKeyAlgorithm.Tag != 0x30)
{
throw new CryptographicException("invalid algorithm");
}
ASN1 algorithm = privateKeyAlgorithm[0];
if (algorithm.Tag != 0x06)
{
throw new CryptographicException("missing algorithm OID");
}
_algorithm = ASN1Convert.ToOid(algorithm);
ASN1 privateKey = privateKeyInfo[2];
_key = privateKey.Value;
// attributes [0] IMPLICIT Attributes OPTIONAL
if (privateKeyInfo.Count > 3)
{
ASN1 attributes = privateKeyInfo[3];
for (int i = 0; i < attributes.Count; i++)
{
_list.Add(attributes[i]);
}
}
}
public static RSAParameters DecodePkcs8PublicKey(byte[] pkcs8blob)
{
// See: http://tools.ietf.org/html/rfc5280
// http://www.cryptopp.com/wiki/Keys_and_Formats#Dumping_PKCS_.238_and_X.509_Keys
//
// SubjectPublicKeyInfo ::= SEQUENCE {
// algorithm AlgorithmIdentifier,
// subjectPublicKey BIT STRING }
ASN1 publicKeyInfo = new ASN1(pkcs8blob);
if (publicKeyInfo.Tag != 0x30)
{
throw new CryptographicException("invalid PublicKeyInfo");
}
ASN1 keyAlgorithm = publicKeyInfo[0];
if (keyAlgorithm.Tag != 0x30)
{
throw new CryptographicException("invalid algorithm");
}
ASN1 algorithm = keyAlgorithm[0];
if (algorithm.Tag != 0x06)
{
throw new CryptographicException("missing algorithm OID");
}
if (ASN1Convert.ToOid(algorithm) != Oid.rsaEncryption)
{
throw new NotSupportedException("Only RSA keys are currently supported.");
}
var keyBits = publicKeyInfo[1];
if (keyBits.Tag != 0x03)
{
throw new CryptographicException("Invalid or corrupted key container, expecint a BIT STRING, found tag: " + keyBits.Tag);
}
var sanitizedKeyBits = RemoveLeadingZero(keyBits.Value);
return(DecodeAsn1RsaPublicKey(new ASN1(sanitizedKeyBits)));
}
/*
* RSAPrivateKey ::= SEQUENCE {
* version Version,
* modulus INTEGER, -- n
* publicExponent INTEGER, -- e
* privateExponent INTEGER, -- d
* prime1 INTEGER, -- p
* prime2 INTEGER, -- q
* exponent1 INTEGER, -- d mod (p-1)
* exponent2 INTEGER, -- d mod (q-1)
* coefficient INTEGER, -- (inverse of q) mod p
* otherPrimeInfos OtherPrimeInfos OPTIONAL
* }
*/
static public byte[] Encode(RSA rsa)
{
RSAParameters param = rsa.ExportParameters(true);
ASN1 rsaPrivateKey = new ASN1(0x30);
rsaPrivateKey.Add(new ASN1(0x02, new byte[1] {
0x00
}));
rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Modulus));
rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Exponent));
rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.D));
rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.P));
rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Q));
rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.DP));
rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.DQ));
rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.InverseQ));
return(rsaPrivateKey.GetBytes());
}
static public byte[] Encode(DSA dsa)
{
DSAParameters param = dsa.ExportParameters(true);
return(ASN1Convert.FromUnsignedBigInteger(param.X).GetBytes());
}