/// <summary> /// Construct profile for the specified device. /// </summary> /// <param name="Name">The name of the device within profiles.</param> /// <param name="Description">Description of the device.</param> /// <param name="SignatureAlgorithmID">The public key algorithm to use for signature keys.</param> /// <param name="ExchangeAlgorithmID">The public key algorithm to use for encryption keys.</param> public DeviceProfile(string Name, string Description, CryptoAlgorithmID SignatureAlgorithmID, CryptoAlgorithmID ExchangeAlgorithmID) { this.Names = new List<string>(); this.Names.Add(Name); this.Description = Description; DeviceSignatureKey = PublicKey.Generate (KeyType.DSK, SignatureAlgorithmID); DeviceAuthenticationKey = PublicKey.Generate(KeyType.DAK, SignatureAlgorithmID); DeviceEncryptiontionKey = PublicKey.Generate(KeyType.DEK, ExchangeAlgorithmID); Identifier = DeviceSignatureKey.UDF; }
/// <summary> /// Create a MasterProfile using the specified signature and exchange /// algorithms. /// </summary> /// <param name="SignatureAlgorithmID">The signature algorithm to be used for /// the master signature key and the online signature key.</param> /// <param name="ExchangeAlgorithmID">The exchange a</param> public MasterProfile(CryptoAlgorithmID SignatureAlgorithmID, CryptoAlgorithmID ExchangeAlgorithmID) { MasterSignatureKey = PublicKey.Generate(KeyType.PMSK, SignatureAlgorithmID); MasterSignatureKey.SelfSignCertificate(Application.PersonalMaster); var OnlineSignatureKey = PublicKey.Generate(KeyType.POSK, SignatureAlgorithmID); OnlineSignatureKey.SignCertificate(Application.CA, MasterSignatureKey); OnlineSignatureKeys = new List<PublicKey>(); OnlineSignatureKeys.Add(OnlineSignatureKey); var MasterEscrowKey = PublicKey.Generate(KeyType.PMEK, ExchangeAlgorithmID); MasterEscrowKey.SignCertificate(Application.DataEncryption, MasterSignatureKey); MasterEscrowKeys = new List<PublicKey>(); MasterEscrowKeys.Add(MasterEscrowKey); Identifier = MasterSignatureKey.UDF; }
/// <summary> /// Generate a new key pair and return a PublicKey object for the public /// parameters. /// </summary> /// <param name="KeyType">The mest key type.</param> /// <param name="CryptoAlgorithmID">The algorithm to generate keys for.</param> /// <returns>The generated key pair</returns> public static PublicKey Generate(KeyType KeyType, CryptoAlgorithmID CryptoAlgorithmID) { var CryptoProvider = CryptoCatalog.Default.GetAsymmetric(CryptoAlgorithmID); CryptoProvider.Generate(GetKeySecurity(KeyType)); var KeyPair = CryptoProvider.KeyPair; var PublicKey = new PublicKey(); PublicKey.KeyPair = KeyPair; if (KeyPair.GetType() == typeof(RSAKeyPair)) { PublicKey.PublicParameters = new PublicKeyRSA(KeyPair as RSAKeyPair); return PublicKey; } throw new Exception("Not found"); }
/// <summary> /// Create an instance with the specified property values. /// </summary> /// <param name="CryptoAlgorithmID">CryptoAlgorithmID Identifier.</param> /// <param name="Name">.NET Framework name.</param> /// <param name="KeySize">Default algorithm key size.</param> /// <param name="JSON_alg">JSON Algorithm Identifier.</param> /// <param name="JSON_kty">JSON Key type.</param> /// <param name="JSON_use">JSON Key Use.</param> /// <param name="XML">XML algorithm identifier.</param> /// <param name="AlgorithmClass">Algorithm type.</param> /// <param name="GetCryptoProvider">Delegate returning the default crypto provider.</param> public CryptoAlgorithm( CryptoAlgorithmID CryptoAlgorithmID, string Name, int KeySize, string JSON_kty, string JSON_use, string JSON_alg, string XML, CryptoAlgorithmClass AlgorithmClass, GetCryptoProvider GetCryptoProvider) { _CryptoAlgorithmID = CryptoAlgorithmID; _Name = Name; _OID = CryptoConfig.MapNameToOID(Name); _GetCryptoProvider = GetCryptoProvider; _KeySize = KeySize; _JSON_alg = JSON_alg; _JSON_use = JSON_use; _JSON_kty = JSON_kty; _XML = XML; _AlgorithmClass = AlgorithmClass; }
/// <summary> /// Get a signature provider by algorithm identifier /// </summary>> /// <param name="Signature">Signature algorithm identifier.</param> /// <param name="Digest">Digest algorithm identifer.</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProviderExchange GetExchange(CryptoAlgorithmID Signature, CryptoAlgorithmID Digest) { return Get(Signature, Digest) as CryptoProviderExchange; }
/// <summary> /// Get a cryptographic provider by algorithm identifier /// </summary> /// <param name="ID">Algorithm identifier</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProviderSignature GetSignature(CryptoAlgorithmID ID) { return Get(OrDefault(ID, AlgorithmSignature)) as CryptoProviderSignature; }
/// <summary> /// Get a cryptographic provider by algorithm identifier /// </summary> /// <param name="ID">Algorithm identifier</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProviderEncryption GetEncryption(CryptoAlgorithmID ID) { return Get(OrDefault(ID, AlgorithmEncryption)) as CryptoProviderEncryption; }
/// <summary> /// Get a cryptographic provider by algorithm identifier /// </summary> /// <param name="ID">Algorithm identifier</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProviderDigest GetDigest(CryptoAlgorithmID ID) { return Get(OrDefault(ID, AlgorithmDigest)) as CryptoProviderDigest; }
/// <summary> /// Get a cryptographic provider by algorithm identifier /// </summary> /// <param name="ID">Principal algorithm identifier.</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProvider Get(CryptoAlgorithmID ID) { var Index = (int)ID; var Entry = Algorithms[Index]; return Entry.GetCryptoProvider(Entry.KeySize, CryptoAlgorithmID.NULL); }
/// <summary> /// Create an instance of the RSA crypto provider with specified /// default key size and digest algorithm. /// </summary> /// <param name="KeySize">Default key size.</param> /// <param name="DigestAlgorithm">Default digest algorithm.</param> public CryptoProviderSignatureRSA(int KeySize, CryptoAlgorithmID DigestAlgorithm) { this.KeySize = KeySize; this.DigestAlgorithm = DigestAlgorithm; }
public void TestDigest(CryptoAlgorithmID DigestID, string Input, string TestHex) { var TestVector = Trace.HexToByte(TestHex); var Provider = CryptoCatalog.GetDigest(DigestID); Trace.WriteLine("Test provider {0}", Provider.Name); var Result = Provider.Process(HelloWorld); Trace.WriteHex("Result", Result.Integrity); Trace.AssertEqual("Check Testvector", Result.Integrity, TestVector); // Reinitialize and retest Provider.Initialize(); var Result2 = Provider.Process(HelloWorld); Trace.WriteHex("Result#2", Result2.Integrity); Trace.AssertEqual("Check reinitialization", Result.Integrity, Result2.Integrity); // Check that the validation is correct Result.Integrity[0] = (byte)(Result.Integrity[0] ^ 0xff); Trace.AssertNotEqual("Check verification code", Result.Integrity, Result2.Integrity); }
public void TestPublicEncrypt(CryptoAlgorithmID PublicID, CryptoAlgorithmID BulkID, string Text) { var PublicProvider = CryptoCatalog.GetExchange(PublicID); var Encryptor = CryptoCatalog.GetEncryption(BulkID); Trace.WriteLine("Test provider {0} with {1}", PublicProvider.Name, Encryptor.Name); var BinaryText = Encoding.UTF8.GetBytes(Text); Encryptor.StartEncrypt(); var Key = Encryptor.Key; var IV = Encryptor.IV; var Result = Encryptor.Process(BinaryText); PublicProvider.Generate(KeySecurity.Ephemeral); var EncryptedKey = PublicProvider.Encrypt(Result); Trace.WriteHex("Public key blob:", EncryptedKey.Data); // find the key by UDF var PublicDecryptor = CryptoCatalog.GetExchange(PublicProvider.UDF); var DecryptedKey = PublicDecryptor.Decrypt(EncryptedKey); Trace.AssertEqual("Encryption Round Trip", Key, DecryptedKey.Key); var Decryptor = CryptoCatalog.GetEncryption(BulkID); Decryptor.StartDecrypt(DecryptedKey.Key, IV); Result.Key = DecryptedKey.Key; var Result2 = Decryptor.Decrypt(Result, Result.Data); Trace.AssertEqual("Encryption Round Trip", BinaryText, Result2.Data); }
public void TestSignVerify(CryptoAlgorithmID SignID, CryptoAlgorithmID DigestID, string Text) { var SignProvider = CryptoCatalog.GetSignature(SignID); var DigestProvider = CryptoCatalog.GetDigest(DigestID); Trace.WriteLine("Test provider {0} with {1}", SignProvider.Name, DigestProvider.Name); var Result = DigestProvider.Process(Text); Trace.WriteHex("Digest", Result.Integrity); SignProvider.Generate(KeySecurity.Ephemeral); Trace.WriteLine("fingerprint {0}", SignProvider.UDF); var Signature = SignProvider.Sign(Result); Trace.WriteHex("Signature", Signature.Integrity); // Find the signature provider in the local store by fingerprint. var VerifyProvider = CryptoCatalog.GetSignature(SignProvider.UDF); var ValidSignResult = VerifyProvider.Verify(Result, Signature); Trace.WriteLine("Checked valid signature valid={0}", ValidSignResult); Trace.Assert("Check valid signature", ValidSignResult); // Clobber the integrity data Result.Integrity[0] = (byte)(Result.Integrity[0] ^ 0xff); var InvalidSignResult = VerifyProvider.Verify(Result, Signature); Trace.WriteLine("Checked valid signature valid={0}", InvalidSignResult); Trace.Assert("Check invalid signature", !InvalidSignResult); }
public void TestEncryption(CryptoAlgorithmID EncID, string Text) { var BinaryText = Encoding.UTF8.GetBytes(Text); var Encryptor = CryptoCatalog.GetEncryption(EncID); Trace.WriteLine("Test provider {0}", Encryptor.Name); // Encrypt using provider generated Key and IV Encryptor.StartEncrypt(); var Result = Encryptor.Process(BinaryText); // Decrypt from cryto blob. var Decryptor = CryptoCatalog.GetEncryption(EncID); var Result2 = Decryptor.Decrypt(Result, Result.Data); Trace.AssertEqual("Encryption Round Trip", BinaryText, Result2.Data); }
public void TestAuthentication(CryptoAlgorithmID MACID, byte[] Key, byte[] Input, byte[] TestVector) { var Provider = CryptoCatalog.GetAuthentication(MACID); Provider.Key = Key; Trace.WriteLine("Test provider {0}", Provider.Name); var Result = Provider.Process(Input); Trace.WriteHex("Result", Result.Integrity); Trace.AssertEqual("Check Testvector", Result.Integrity, TestVector); // Reinitialize and retest Provider.Initialize(); var Result2 = Provider.Process(Input); Trace.WriteHex("Result#2", Result2.Integrity); Trace.AssertEqual("Check reinitialization", Result.Integrity, Result2.Integrity); // Check that the validation is correct Result.Integrity[0] = (byte)(Result.Integrity[0] ^ 0xff); Trace.AssertNotEqual("Check verification code", Result.Integrity, Result2.Integrity); }
void SetDefault(ref CryptoAlgorithmID Current, CryptoAlgorithm New, CryptoAlgorithmID ID, CryptoAlgorithmClass Class) { if (Current == CryptoAlgorithmID.NULL & (New.AlgorithmClass == Class)) { Current = ID; } }
CryptoAlgorithmID OrDefault(CryptoAlgorithmID Value, CryptoAlgorithmID Default) { return Value == CryptoAlgorithmID.NULL ? Default : Value; }
private static CryptoProvider Factory(int KeySize, CryptoAlgorithmID DigestAlgorithm) { return new CryptoProviderSignatureRSA(KeySize, DigestAlgorithm); }
/// <summary> /// Get a cryptographic provider by algorithm identifier /// </summary> /// <param name="ID">Principal algorithm identifier.</param> /// <param name="Bulk">Bulk algorithm identifier.</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProvider Get(CryptoAlgorithmID ID, CryptoAlgorithmID Bulk) { var Entry = Algorithms[(int)ID]; return Entry.GetCryptoProvider(Entry.KeySize, Bulk); }
private static CryptoProvider Factory(int KeySize, CryptoAlgorithmID Ignore) { return new CryptoProviderHMACSHA2_512(); }
/// <summary> /// Get a cryptographic provider by algorithm identifier /// </summary> /// <param name="ID">Algorithm identifier</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProviderAuthentication GetAuthentication(CryptoAlgorithmID ID) { return Get(OrDefault(ID, AlgorithmMAC)) as CryptoProviderAuthentication; }
private static CryptoProvider Factory(int KeySize, CryptoAlgorithmID DigestAlgorithm) { return new CryptoProviderExchangeRSA(KeySize); }
/// <summary> /// Get a cryptographic provider by algorithm identifier /// </summary> /// <param name="ID">Algorithm identifier</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProviderAsymmetric GetAsymmetric(CryptoAlgorithmID ID) { var Result = Get(ID); return Result as CryptoProviderAsymmetric; }
private static CryptoProvider Factory(int KeySize, CryptoAlgorithmID Ignore) { return new CryptoProviderExchangeRSAPKCS(KeySize); }
/// <summary> /// Get a signature provider by algorithm identifier /// </summary>> /// <param name="Signature">Signature algorithm identifier.</param> /// <param name="Digest">Digest algorithm identifer.</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProviderSignature GetSignature(CryptoAlgorithmID Signature, CryptoAlgorithmID Digest) { return Get(Signature, Digest) as CryptoProviderSignature; }
/// <summary> /// Create and populate a result for an encryption with authentication algorithm. /// </summary> /// <param name="Identifier"></param> /// <param name="OID"></param> /// <param name="Value"></param> /// <param name="Data"></param> public CryptoData(CryptoAlgorithmID Identifier, string OID, byte[] Value, byte[] Data) { _Identifier = Identifier; _Integrity = Value; _Data = Data; _OID = OID; _Key = null; _IV = null; _CryptoOperation = CryptoOperation.Unknown; }
/// <summary> /// Get a cryptographic provider by algorithm identifier /// </summary> /// <param name="ID">Algorithm identifier</param> /// <returns>Cryptographic provider if found or null otherwise.</returns> public CryptoProviderExchange GetExchange(CryptoAlgorithmID ID) { return Get(OrDefault(ID, AlgorithmExchange)) as CryptoProviderExchange; }
/// <summary> /// Create and populate a result for an encryption with authentication algorithm. /// </summary> /// <param name="Identifier"></param> /// <param name="OID"></param> /// <param name="Integrity"></param> /// <param name="Data"></param> /// <param name="Key">Key data</param> /// <param name="IV">Initialization Vector</param> public CryptoData(CryptoAlgorithmID Identifier, string OID, byte[] Integrity, byte[] Data, byte [] Key, byte []IV) { _Identifier = Identifier; _Integrity = Integrity; _Data = Data; _OID = OID; _Key = Key; _IV = IV; _CryptoOperation = CryptoOperation.Unknown; }
private static CryptoProvider Factory(int KeySize, CryptoAlgorithmID DigestAlgorithm) { return new CryptoProviderEncryptAES(KeySize); }
private static CryptoProvider Factory(int KeySize, CryptoAlgorithmID DigestAlgorithm) { return new CryptoProviderSHA1(); }