public void SignAndVerifyWithPem() { var data = "NewLife".GetBytes(); Byte[] sign; { var ec = ECDsaHelper.Create(prvKey); var key = ec.Key.Export(CngKeyBlobFormat.EccPrivateBlob).ToBase64(); Assert.Equal("RUNTMiAAAAARWz+jn65BtOMvdyHKcvjBeBSDZH2r1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087GevZzL1gdAFr88hb2OF/2NxApJCzGCEDdfSp6VQO30hw=", key); sign = ec.SignData(data); } { var ec = ECDsaHelper.Create(pubKey); var key = ec.Key.Export(CngKeyBlobFormat.EccPublicBlob).ToBase64(); Assert.Equal("RUNTMSAAAAARWz+jn65BtOMvdyHKcvjBeBSDZH2r1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087G", key); var rs = ec.VerifyData(data, sign); Assert.True(rs); } }
static MockedSecretarium() { GenesisPubKey = SecretariumPublicKeyBase64.FromBase64String().ReverseEndianness(); var privateKey = SecretariumPrivateKeyBase64.FromBase64String().ReverseEndianness(); SecretariumKey = ECDsaHelper.ImportPrivateKey(GenesisPubKey, privateKey); }
public void GenerateKey(Int32 keySize) { // 生成密钥 var ks = ECDsaHelper.GenerateKey(keySize); Assert.NotNull(ks); Assert.Equal(2, ks.Length); //var magic = ks[0].ToBase64().ReadBytes(0, 4).ToInt(); //var magic2 = ks[1].ToBase64().ReadBytes(0, 4).ToInt(); { // 重新导入 var data = ks[0].ToBase64(); var key = CngKey.Import(data, CngKeyBlobFormat.EccPrivateBlob); var ec = new ECDsaCng(key); // 解码KeyBlob格式 var eckey = new ECKey(); eckey.Read(data); Assert.Equal(data.ToBase64(), eckey.ToArray().ToBase64()); // 幻数(4) + 长度len(4) + X(len) + Y(len) + D(len) Assert.Equal($"ECDSA_PRIVATE_P{keySize}", eckey.Algorithm); // 构造参数 var ecp = eckey.ExportParameters(); // 再次以参数导入,然后导出key进行对比 var ec2 = new ECDsaCng(); ec2.ImportParameters(ecp); var key2 = ec2.Key.Export(CngKeyBlobFormat.EccPrivateBlob).ToBase64(); Assert.Equal(ks[0], key2); } { // 重新导入 var data = ks[1].ToBase64(); var key = CngKey.Import(data, CngKeyBlobFormat.EccPublicBlob); var ec = new ECDsaCng(key); // 解码KeyBlob格式 var eckey = new ECKey(); eckey.Read(data); Assert.Equal(data.ToBase64(), eckey.ToArray().ToBase64()); // 幻数(4) + 长度len(4) + X(len) + Y(len) + D(len) Assert.Equal($"ECDSA_PUBLIC_P{keySize}", eckey.Algorithm); // 构造参数 var ecp = eckey.ExportParameters(); // 再次以参数导入,然后导出key进行对比 var ec2 = new ECDsaCng(); ec2.ImportParameters(ecp); var key2 = ec2.Key.Export(CngKeyBlobFormat.EccPublicBlob).ToBase64(); Assert.Equal(ks[1], key2); } }
public void TestPublicPem() { var ec = ECDsaHelper.Create(pubKey); var key = ec.Key.Export(CngKeyBlobFormat.EccPublicBlob).ToBase64(); Assert.Equal("RUNTMSAAAAARWz+jn65BtOMvdyHKcvjBeBSDZH2r1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087G", key); //var rs = ec.VerifyData("NewLife".GetBytes(), "9rW9GddDi0jjVMnbAulgqiPpXQJR3oJIz/XX9mYVI9uIMePlmW9eNbwdq34AMFa5pp31513AR2WxQ1Nz6K2aZQ==".ToBase64()); //Assert.True(rs); }
public void TestPrivatePem() { var ec = ECDsaHelper.Create(prvKey); var key = ec.Key.Export(CngKeyBlobFormat.EccPrivateBlob).ToBase64(); Assert.Equal("RUNTMiAAAAARWz+jn65BtOMvdyHKcvjBeBSDZH2r1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087GevZzL1gdAFr88hb2OF/2NxApJCzGCEDdfSp6VQO30hw=", key); //var sign = ec.SignData("NewLife".GetBytes()); //Assert.Equal("9rW9GddDi0jjVMnbAulgqiPpXQJR3oJIz/XX9mYVI9uIMePlmW9eNbwdq34AMFa5pp31513AR2WxQ1Nz6K2aZQ==", sign.ToBase64()); }
private void SignAndVerify(byte[] publicKeyRaw, byte[] privateKeyRaw) { var privateKey = ECDsaHelper.ImportPrivateKey(publicKeyRaw, privateKeyRaw); Assert.NotNull(privateKey); var nonce = ByteHelper.GetRandom(32); var nonceSigned = privateKey.SignData(nonce); var publicKey = ECDsaHelper.ImportPublicKey(publicKeyRaw); Assert.NotNull(publicKey); Assert.IsTrue(publicKey.VerifyData(nonce, nonceSigned)); }
public void TestECDSAImportExport() { var key = ECDsaHelper.CreateECDsaCng256(); var expPubKey = key.ExportPublicKeyRaw(); var impPubKey = ECDsaHelper.ImportPublicKey(expPubKey); Assert.NotNull(impPubKey); var expPriKey = key.ExportPrivateKeyRaw(); var impPriKey = ECDsaHelper.ImportPrivateKey(expPubKey, expPriKey); Assert.NotNull(impPriKey); }
public bool GetServerProofOfIdentity(byte[] encryptedClientProofOfIdentity, out byte[] serverProofOfIdentity) { serverProofOfIdentity = null; // Decrypt Client Finished message signed with symmetric key var ivOffset = encryptedClientProofOfIdentity.Extract(0, 16); var clientProofOfIdentity = EncryptionMode == ScpConfig.EncryptionMode.AESCTR ? encryptedClientProofOfIdentity.Extract(16).AesCtrDecrypt(Session.SymmetricKey, ivOffset) : encryptedClientProofOfIdentity.Extract(16).AesGcmDecryptWithOffset(Session.SymmetricKey, ivOffset); if (!ClientProofOfIdentity.Parse(clientProofOfIdentity, out ClientProofOfIdentity cpoi)) { return(false); } // Verify eph pub key if (!cpoi.ephDHKey.SequenceEqual(Session.ClientEphDHPubKey)) { return(false); } // Verify signature var clientsECDsaCng = ECDsaHelper.ImportPublicKey(cpoi.publicKey); if (!clientsECDsaCng.VerifyData(cpoi.nonce, cpoi.nonceSigned)) { return(false); } Session.ClientPubKey = cpoi.publicKey; // Prepare answer var nonce = ByteHelper.GetRandom(32); var msg = "Hey you! Welcome to Secretarium!".ToBytes(); var signed = SecretariumKey.SignData(ByteHelper.Combine(nonce, msg)); // Generate a random IV offset ivOffset = ByteHelper.GetRandom(16); // Encrypt var combined = ByteHelper.Combine(nonce, signed); var encrypted = EncryptionMode == ScpConfig.EncryptionMode.AESCTR ? combined.AesCtrEncrypt(Session.SymmetricKey, ivOffset) : combined.AesGcmEncryptWithOffset(Session.SymmetricKey, ivOffset); serverProofOfIdentity = ByteHelper.Combine(ivOffset, encrypted); return(true); }
public void Create() { var ks = ECDsaHelper.GenerateKey(); var ec = ECDsaHelper.Create(ks[0]); Assert.NotNull(ec); var ec2 = ECDsaHelper.Create(prvKey); Assert.NotNull(ec2); var ec3 = ECDsaHelper.Create(pubKey); Assert.NotNull(ec3); }
private static void Test1() { var keys = ECDsaHelper.GenerateKey(); XTrace.WriteLine("prvKey:{0}", keys[0]); XTrace.WriteLine("pubKey:{0}", keys[1]); //"你好".SpeakAsync(); XTrace.WriteLine("FullPath:{0}", ".".GetFullPath()); XTrace.WriteLine("BasePath:{0}", ".".GetBasePath()); XTrace.WriteLine("TempPath:{0}", Path.GetTempPath()); var mi = MachineInfo.Current ?? MachineInfo.RegisterAsync().Result; foreach (var pi in mi.GetType().GetProperties(BindingFlags.Instance | BindingFlags.Public)) { XTrace.WriteLine("{0}:\t{1}", pi.Name, mi.GetValue(pi)); } Console.WriteLine(); #if __CORE__ foreach (var pi in typeof(RuntimeInformation).GetProperties()) { XTrace.WriteLine("{0}:\t{1}", pi.Name, pi.GetValue(null)); } #endif //Console.WriteLine(); //foreach (var pi in typeof(Environment).GetProperties()) //{ // XTrace.WriteLine("{0}:\t{1}", pi.Name, pi.GetValue(null)); //} mi = MachineInfo.Current; for (var i = 0; i < 100; i++) { XTrace.WriteLine("CPU={0:p2} Temp={1} Memory={2:n0} Disk={3}", mi.CpuRate, mi.Temperature, mi.AvailableMemory.ToGMK(), MachineInfo.GetFreeSpace().ToGMK()); Thread.Sleep(1000); mi.Refresh(); } Console.ReadKey(); }
public void CreateECKeySerializeDeserializeSignAndVerify(KeyStrength keyStrength) { var parameters = ECDsaHelper.CreateNewECDsaParameters(keyStrength); var key = new TagPubECKey(parameters); var bytes = key.EncodedBytes; TestContext.WriteLine(bytes.AsLiteral()); using var ms = new MemoryStream(bytes); var tag = ms.Decode <TagPubKey>(); Assert.NotNull(tag); Assert.AreEqual(key, tag); CollectionAssert.AreEqual(bytes, tag.EncodedBytes); var signatureBytes = ECDsaHelper.HashAndSign(bytes, parameters.Parameters, parameters.HashAlgorithm.ToName()); var signature = new TagSignature(Algorithm.EcDSA, signatureBytes); Assert.IsTrue(key.Verify(bytes, signature), "Signature failed!"); }
public void TestFullProtocolFromSecKeyCtr() { Assert.IsTrue(ScpConfigHelper.TryLoad("test.secKey.json", out ScpConfig config)); Assert.IsTrue(config.secretariumKey.TryGetECDsaKeys("SecretariumTestClient256", out byte[] publicKeyRaw, out byte[] privateKeyRaw)); var key = ECDsaHelper.ImportPrivateKey(publicKeyRaw, privateKeyRaw); Assert.NotNull(key); using (var scp = new SecureConnectionProtocol()) { scp.Init(config); scp.Set(key); var connected = scp.Connect(20000); Assert.IsTrue(connected); } }
private void KeyBtnLoad_Click(object sender, EventArgs e) { string b64PubKey = keyPublicInput.Text; string b64PriKey = keyPrivateInput.Text; if (string.IsNullOrEmpty(b64PubKey)) { LoadImg = _xlRibbon.LoadImage("error") as Bitmap; ErrorText = "Missing pulic key"; return; } if (string.IsNullOrEmpty(b64PriKey)) { LoadImg = _xlRibbon.LoadImage("error") as Bitmap; ErrorText = "Missing private key"; return; } try { var key = ECDsaHelper.Import(b64PubKey.FromBase64String(), b64PriKey.FromBase64String()); SecretariumFunctions.Scp.Set(key); LoadImg = _xlRibbon.LoadImage("success") as Bitmap; ErrorText = " "; } catch (Exception) { try { var key = ECDsaHelper.Import(b64PubKey.FromBase64String().ReverseEndianness(), b64PriKey.FromBase64String().ReverseEndianness()); SecretariumFunctions.Scp.Set(key); LoadImg = _xlRibbon.LoadImage("success") as Bitmap; ErrorText = " "; } catch (Exception) { LoadImg = _xlRibbon.LoadImage("error") as Bitmap; ErrorText = "Unable to load keys"; } } }
public void SignAndVerify() { var ks = ECDsaHelper.GenerateKey(256); var data = Rand.NextBytes(1000); { var sign = ECDsaHelper.Sign(data, ks[0]); Assert.NotNull(sign); var rs = ECDsaHelper.Verify(data, ks[1], sign); Assert.True(rs); } { var sign = ECDsaHelper.SignSha256(data, ks[0]); Assert.NotNull(sign); var rs = ECDsaHelper.VerifySha256(data, ks[1], sign); Assert.True(rs); } { var sign = ECDsaHelper.SignSha384(data, ks[0]); Assert.NotNull(sign); var rs = ECDsaHelper.VerifySha384(data, ks[1], sign); Assert.True(rs); } { var sign = ECDsaHelper.SignSha512(data, ks[0]); Assert.NotNull(sign); var rs = ECDsaHelper.VerifySha512(data, ks[1], sign); Assert.True(rs); } }
private bool FullProtocolFromX509(ScpConfig.EncryptionMode encryptionMode, out byte[] symmetricKey, out MockedSecretarium secretarium) { // Client keys Assert.IsTrue(ScpConfigHelper.TryLoad("test.x509.json", out ScpConfig config)); Assert.IsTrue(config.TryGetECDsaKey(out ECDsaCng clientECDsaKeyCng, "SecretariumTestClient256")); var clientPub = clientECDsaKeyCng.ExportPublicKeyRaw(); // Client Hello var clientEph = ECDHHelper.CreateCngKey(); var clientEphCng = ECDHHelper.CreateECDiffieHellmanCngSha256(clientEph); var clientEphPub = clientEphCng.PublicKey(); var clientHello = clientEphPub; Assert.IsTrue(ClientHello.Parse(clientHello, out ClientHello clientHelloObj)); // Server Hello secretarium = new MockedSecretarium(encryptionMode); secretarium.GetServerHello(clientHello, out byte[] serverHello); Assert.IsTrue(ServerHello.Parse(serverHello, 18, out ServerHello serverHelloObj)); // Client ClientProofOfWork Assert.IsTrue(DiffieHellmanHelper.ComputeProofOfWork(serverHelloObj.proofOfWorkDetails, out byte[] proofOfWork)); var clientProofOfWork = ByteHelper.Combine(proofOfWork.ExtendTo(32), MockedSecretarium.GenesisPubKey); Assert.IsTrue(ClientProofOfWork.Parse(clientProofOfWork, out ClientProofOfWork clientProofOfWorkObj)); // Server Identity secretarium.GetServerIdentity(clientProofOfWork, out byte[] serverIdentity); Assert.IsTrue(ServerIdentity.Parse(serverIdentity, out ServerIdentity serverIdentityObj)); // Client computes symmetric key symmetricKey = DiffieHellmanHelper.GetSymmetricKey( clientEphCng, serverIdentityObj.ephDHKey, serverIdentityObj.preMasterSecret); // Client Proof Of Identity var nonce = ByteHelper.GetRandom(32); var nonceSigned = clientECDsaKeyCng.SignData(nonce); var clientProofOfIdentity = ByteHelper.Combine(nonce, clientEphPub, clientPub, nonceSigned); Assert.IsTrue(ClientProofOfIdentity.Parse(clientProofOfIdentity, out ClientProofOfIdentity clientProofOfIdentityObj)); // Client Encrypts Client Proof Of Identity var ivOffset = ByteHelper.GetRandom(16); var encryptedClientProofOfIdentity = encryptionMode == ScpConfig.EncryptionMode.AESCTR ? clientProofOfIdentity.AesCtrEncrypt(symmetricKey, ivOffset) : clientProofOfIdentity.AesGcmEncryptWithOffset(symmetricKey, ivOffset); var encryptedClientProofOfIdentityWithIvOffset = ByteHelper.Combine(ivOffset, encryptedClientProofOfIdentity); // Server Checks And Sends Proof Of Identity Assert.IsTrue(secretarium.GetServerProofOfIdentity( encryptedClientProofOfIdentityWithIvOffset, out byte[] encryptedServerProofOfIdentity)); // Client Decrypts Server Proof Of Identity ivOffset = encryptedServerProofOfIdentity.Extract(0, 16); var serverProofOfIdentity = encryptionMode == ScpConfig.EncryptionMode.AESCTR ? encryptedServerProofOfIdentity.Extract(16).AesCtrDecrypt(symmetricKey, ivOffset) : encryptedServerProofOfIdentity.Extract(16).AesGcmDecryptWithOffset(symmetricKey, ivOffset); Assert.IsTrue(ServerProofOfIdentity.Parse(serverProofOfIdentity, out ServerProofOfIdentity serverProofOfIdentityObj)); // Client Checks Server Proof Of Idendity var msg = "Hey you! Welcome to Secretarium!".ToBytes(); var secretariumECDsaCng = ECDsaHelper.ImportPublicKey(serverIdentityObj.publicKey); Assert.IsTrue(secretariumECDsaCng.VerifyData( ByteHelper.Combine(serverProofOfIdentityObj.nonce, msg), serverProofOfIdentityObj.welcomeSigned)); return(true); }
public override TagSignature SignAndUpdate <T>(T data, Func <byte[], byte[]> encrypt = null) => Update(encrypt, ECDsaHelper.HashAndSignBytes(data, _keyParameters.Parameters, HashAlgorithmName.SHA256));
public override void GenerateNextKeys() => _nextKeyParameters = ECDsaHelper.CreateNewECDsaParameters(_data.Strength);
public bool Set(byte[] ecdsaPubKeyRaw, byte[] ecdsaPriKeyRaw) { return(Set(ECDsaHelper.ImportPrivateKey(ecdsaPubKeyRaw, ecdsaPriKeyRaw))); }