string ITestCase.Generate()
{
Ed25519PrivateKeyParameters privateKey = CryptoUtils.DecodeEd25519PrivateKey(privateKeyString);
Link link = new LinkBuilder("test_process", "test_map")
.WithAction("ʙᴀᴛᴍᴀɴ").Build();
link.Sign(privateKey.GetEncoded(), "");
link.Sign(privateKey.GetEncoded(), "[version,meta.mapId]");
// link.sign(rsaKey.getEncoded(), "[version,meta.mapId]");
Segment segment = link.Segmentify();
return(Convert.ToBase64String(segment.Serialize()));
}
/// <summary>
/// Generates the specified force.
/// </summary>
/// <param name="force">if set to <c>true</c> [force].</param>
/// <returns><c>true</c> if XXXX, <c>false</c> otherwise.</returns>
public bool Generate(bool force = false)
{
if (KeysExist() && !force)
{
Console.WriteLine("Keys already exist, use --force to force regeneration");
return(false);
}
// start key generation
Console.WriteLine("Generating key pair...");
var Random = new SecureRandom();
Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator();
kpg.Init(new Ed25519KeyGenerationParameters(Random));
AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private;
Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public;
var privKeyBase64 = Convert.ToBase64String(privateKey.GetEncoded());
var pubKeyBase64 = Convert.ToBase64String(publicKey.GetEncoded());
File.WriteAllText(_privateKeyFilePath, privKeyBase64);
File.WriteAllText(_publicKeyFilePath, pubKeyBase64);
Console.WriteLine("Storing public/private keys to " + _storagePath);
return(true);
}
/// <summary>
/// Creates a new Link from the given builder, signs it and executes the GraphQL
/// mutation.
/// </summary>
/// <typeparam name="TLinkData"></typeparam>
/// <param name="linkBuilder">The linkBuilder<see cref="TraceLinkBuilder{TLinkData}"/></param>
/// <returns>The <see cref="Task{TraceState{TState, TLinkData}}"/></returns>
private async Task <TraceState <TState, TLinkData> > CreateLinkAsync <TLinkData>(TraceLinkBuilder <TLinkData> linkBuilder)
{
// extract signing key from config
SdkConfig sdkConfig = await GetConfigAsync();
Ed25519PrivateKeyParameters signingPrivateKey = sdkConfig.SigningPrivateKey;
// build the link
TraceLink <TLinkData> link = linkBuilder.Build();
// sign the link
link.Sign(signingPrivateKey.GetEncoded(), "[version,data,meta]");
string linkObjJson = JsonHelper.ToJson(link.ALink);
Dictionary <string, object> linkObj = JsonHelper.ObjectToMap(link.GetLink());
Dictionary <string, object> dataObj = JsonHelper.ObjectToMap(((TraceLink <TLinkData>)link).FormData());
Dictionary <string, object> variables = new Dictionary <string, object>
{
["link"] = linkObj,
["data"] = dataObj
};
// Debug.WriteLine("Request : " + JsonHelper.ToJson(dataObj));
// execute graphql query
GraphQLResponse jsonResponse = await this.client.GraphqlAsync(GraphQL.MUTATION_CREATELINK, variables, null, null);
var trace = jsonResponse.Data.createLink.trace;
return(this.MakeTraceState <TLinkData>(trace));
}
/// <summary>
/// Encodes private key to PEM formatted string
/// </summary>
/// <param name="publicKey"></param>
/// <returns></returns>
public static string EncodePrivateKey(Ed25519PrivateKeyParameters privateKey)
{
var serializedPublicBytes = privateKey.GetEncoded();
var base64 = Convert.ToBase64String(serializedPublicBytes);
base64 = string.Format("-----BEGIN ED25519 PRIVATE KEY-----\n{0}\n-----END ED25519 PRIVATE KEY-----\n", base64);
return(base64);
}
public RawKeyPair(string privateKey)
{
string privateKey32 = privateKey.Length == 128 ? privateKey.Substring(0, 64) : privateKey;
Ed25519PrivateKeyParameters privateKeyParams = new Ed25519PrivateKeyParameters(Hex.Decode(privateKey32), 0);
Ed25519PublicKeyParameters publicKeyParams = privateKeyParams.GeneratePublicKey();
PublicKey = publicKeyParams.GetEncoded();
PrivateKey = privateKeyParams.GetEncoded();
}
public AsymmetricKeyPair Generate()
{
Ed25519PrivateKeyParameters secretKeyParams = new Ed25519PrivateKeyParameters(_secureRandom);
Ed25519PublicKeyParameters publicKeyParams = secretKeyParams.GeneratePublicKey();
byte[] asn1SecretKey = SecretKeyAsn1Header.Concat(secretKeyParams.GetEncoded()).ToArray();
byte[] asn1PublicKey = PublicKeyAsn1Header.Concat(publicKeyParams.GetEncoded()).ToArray();
return(new AsymmetricKeyPair(new SecretKey(asn1SecretKey, KeyAlgorithm.Ed25519), new PublicKey(asn1PublicKey, KeyAlgorithm.Ed25519)));
}
public BaseKeyPair(string privateKey)
{
string privateKey32 = privateKey.Length == 128 ? privateKey.Substring(0, 64) : privateKey;
Ed25519PrivateKeyParameters privateKeyParams = new Ed25519PrivateKeyParameters(Hex.Decode(privateKey32), 0);
Ed25519PublicKeyParameters publicKeyParams = privateKeyParams.GeneratePublicKey();
byte[] publicBinary = publicKeyParams.GetEncoded();
byte[] privateBinary = privateKeyParams.GetEncoded();
PublicKey = Encoding.EncodeCheck(publicBinary, Constants.ApiIdentifiers.ACCOUNT_PUBKEY);
PrivateKey = Hex.ToHexString(privateBinary) + Hex.ToHexString(publicBinary);
}
public static RawKeyPair Generate()
{
Ed25519KeyPairGenerator keyPairGenerator = new Ed25519KeyPairGenerator();
keyPairGenerator.Init(new Ed25519KeyGenerationParameters(new SecureRandom()));
AsymmetricCipherKeyPair asymmetricCipherKeyPair = keyPairGenerator.GenerateKeyPair();
Ed25519PublicKeyParameters publicKeyParams = (Ed25519PublicKeyParameters)asymmetricCipherKeyPair.Public;
Ed25519PrivateKeyParameters privateKeyParams = (Ed25519PrivateKeyParameters)asymmetricCipherKeyPair.Private;
byte[] publicKey = publicKeyParams.GetEncoded();
byte[] privateKey = privateKeyParams.GetEncoded();
return(new RawKeyPair(publicKey, privateKey));
}
/// <summary>
/// Creates a new Link from the given builder, signs it and executes the GraphQL
/// mutation.
/// </summary>
/// <typeparam name="TLinkData"></typeparam>
/// <param name="linkBuilder">The linkBuilder<see cref="TraceLinkBuilder{TLinkData}"/></param>
/// <param name="firstTry">if this is not the first try, do not retry</param>
/// <returns>The <see cref="Task{TraceState{TState, TLinkData}}"/></returns>
private async Task <TraceState <TState, TLinkData> > CreateLinkAsync <TLinkData>(TraceLinkBuilder <TLinkData> linkBuilder, bool firstTry = true)
{
// extract signing key from config
SdkConfig sdkConfig = await GetConfigAsync();
Ed25519PrivateKeyParameters signingPrivateKey = sdkConfig.SigningPrivateKey;
// build the link
TraceLink <TLinkData> link = linkBuilder.Build();
// sign the link
link.Sign(signingPrivateKey.GetEncoded(), "[version,data,meta]");
string linkObjJson = JsonHelper.ToJson(link.ALink);
Dictionary <string, object> linkObj = JsonHelper.ObjectToMap(link.GetLink());
Dictionary <string, object> dataObj = JsonHelper.ObjectToMap(((TraceLink <TLinkData>)link).FormData());
Dictionary <string, object> variables = new Dictionary <string, object>
{
["link"] = linkObj,
["data"] = dataObj
};
try
{
// execute graphql query
GraphQLResponse <dynamic> jsonResponse = await this.client.GraphqlAsync(GraphQL.MUTATION_CREATELINK, variables, null, null);
var trace = jsonResponse.Data.createLink.trace;
return(this.MakeTraceState <TLinkData>(trace));
}
catch (TraceSdkException e)
{
if (firstTry && e.Message == ERROR_CONFIG_DEPRECATED)
{
var cfg = await this.GetConfigAsync(true);
linkBuilder.WithConfigId(cfg.ConfigId);
link.GetLink().Signatures.Clear();
return(await this.CreateLinkAsync(linkBuilder, false));
}
throw e;
}
}
public static KeyPair generateEd25519KeyPair()
{
Org.BouncyCastle.Crypto.Generators.Ed25519KeyPairGenerator kpg = new Org.BouncyCastle.Crypto.Generators.Ed25519KeyPairGenerator();
kpg.Init(new Ed25519KeyGenerationParameters(secureRandom));
Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
KeyPair nkp = new KeyPair();
Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private;
Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public;
nkp.publicKey = new PublicKey(publicKey.GetEncoded());
nkp.privateKey = new PrivateKey(privateKey.GetEncoded());
if (nkp.privateKey.isValid())
{
return(nkp);
}
return(generateEd25519KeyPair());
}
public void CanGetAndVerifySignatureFromEnvironment()
{
// create tmp file
var tempData = RandomString(1024);
var path = Path.GetTempFileName();
File.WriteAllText(path, tempData);
Assert.True(File.Exists(path));
Assert.Equal(tempData, File.ReadAllText(path));
// create keys
var Random = new SecureRandom();
Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator();
kpg.Init(new Ed25519KeyGenerationParameters(Random));
AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private;
Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public;
var privKeyBase64 = Convert.ToBase64String(privateKey.GetEncoded());
var pubKeyBase64 = Convert.ToBase64String(publicKey.GetEncoded());
var manager = GetSignatureManager();
Environment.SetEnvironmentVariable(SignatureManager.PrivateKeyEnvironmentVariable, privKeyBase64);
Environment.SetEnvironmentVariable(SignatureManager.PublicKeyEnvironmentVariable, pubKeyBase64);
// get signature of file
var signature = manager.GetSignatureForFile(path);
manager.Generate(true); // force regeneration of keys to "prove" that we are using environment
// verify signature
Assert.True(manager.VerifySignature(path, signature));
// get rid of temp file
File.Delete(path);
}
/**
* Create a PrivateKeyInfo representation of a private key with attributes.
*
* @param privateKey the key to be encoded into the info object.
* @param attributes the set of attributes to be included.
* @return the appropriate PrivateKeyInfo
* @throws java.io.IOException on an error encoding the key
*/
public static PrivateKeyInfo CreatePrivateKeyInfo(AsymmetricKeyParameter privateKey, Asn1Set attributes)
{
if (privateKey == null)
{
throw new ArgumentNullException("privateKey");
}
if (!privateKey.IsPrivate)
{
throw new ArgumentException("Public key passed - private key expected", "privateKey");
}
if (privateKey is ElGamalPrivateKeyParameters)
{
ElGamalPrivateKeyParameters _key = (ElGamalPrivateKeyParameters)privateKey;
ElGamalParameters egp = _key.Parameters;
return(new PrivateKeyInfo(
new AlgorithmIdentifier(OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(egp.P, egp.G).ToAsn1Object()),
new DerInteger(_key.X),
attributes));
}
if (privateKey is DsaPrivateKeyParameters)
{
DsaPrivateKeyParameters _key = (DsaPrivateKeyParameters)privateKey;
DsaParameters dp = _key.Parameters;
return(new PrivateKeyInfo(
new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, new DsaParameter(dp.P, dp.Q, dp.G).ToAsn1Object()),
new DerInteger(_key.X),
attributes));
}
if (privateKey is DHPrivateKeyParameters)
{
DHPrivateKeyParameters _key = (DHPrivateKeyParameters)privateKey;
DHParameter p = new DHParameter(
_key.Parameters.P, _key.Parameters.G, _key.Parameters.L);
return(new PrivateKeyInfo(
new AlgorithmIdentifier(_key.AlgorithmOid, p.ToAsn1Object()),
new DerInteger(_key.X),
attributes));
}
if (privateKey is RsaKeyParameters)
{
AlgorithmIdentifier algID = new AlgorithmIdentifier(
PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance);
RsaPrivateKeyStructure keyStruct;
if (privateKey is RsaPrivateCrtKeyParameters)
{
RsaPrivateCrtKeyParameters _key = (RsaPrivateCrtKeyParameters)privateKey;
keyStruct = new RsaPrivateKeyStructure(
_key.Modulus,
_key.PublicExponent,
_key.Exponent,
_key.P,
_key.Q,
_key.DP,
_key.DQ,
_key.QInv);
}
else
{
RsaKeyParameters _key = (RsaKeyParameters)privateKey;
keyStruct = new RsaPrivateKeyStructure(
_key.Modulus,
BigInteger.Zero,
_key.Exponent,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero,
BigInteger.Zero);
}
return(new PrivateKeyInfo(algID, keyStruct.ToAsn1Object(), attributes));
}
if (privateKey is ECPrivateKeyParameters)
{
ECPrivateKeyParameters priv = (ECPrivateKeyParameters)privateKey;
DerBitString publicKey = new DerBitString(ECKeyPairGenerator.GetCorrespondingPublicKey(priv).Q.GetEncoded(false));
ECDomainParameters dp = priv.Parameters;
int orderBitLength = dp.N.BitLength;
AlgorithmIdentifier algID;
ECPrivateKeyStructure ec;
if (priv.AlgorithmName == "ECGOST3410")
{
if (priv.PublicKeyParamSet == null)
{
throw BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
priv.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
algID = new AlgorithmIdentifier(CryptoProObjectIdentifiers.GostR3410x2001, gostParams);
// TODO Do we need to pass any parameters here?
ec = new ECPrivateKeyStructure(orderBitLength, priv.D, publicKey, null);
}
else
{
X962Parameters x962;
if (priv.PublicKeyParamSet == null)
{
X9ECParameters ecP = new X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed());
x962 = new X962Parameters(ecP);
}
else
{
x962 = new X962Parameters(priv.PublicKeyParamSet);
}
ec = new ECPrivateKeyStructure(orderBitLength, priv.D, publicKey, x962);
algID = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, x962);
}
return(new PrivateKeyInfo(algID, ec, attributes));
}
if (privateKey is Gost3410PrivateKeyParameters)
{
Gost3410PrivateKeyParameters _key = (Gost3410PrivateKeyParameters)privateKey;
if (_key.PublicKeyParamSet == null)
{
throw BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
}
byte[] keyEnc = _key.X.ToByteArrayUnsigned();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyBytes.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian
}
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
_key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet, null);
AlgorithmIdentifier algID = new AlgorithmIdentifier(
CryptoProObjectIdentifiers.GostR3410x94,
algParams.ToAsn1Object());
return(new PrivateKeyInfo(algID, new DerOctetString(keyBytes), attributes));
}
if (privateKey is X448PrivateKeyParameters)
{
X448PrivateKeyParameters key = (X448PrivateKeyParameters)privateKey;
return(new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448),
new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()));
}
if (privateKey is X25519PrivateKeyParameters)
{
X25519PrivateKeyParameters key = (X25519PrivateKeyParameters)privateKey;
return(new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519),
new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()));
}
if (privateKey is Ed448PrivateKeyParameters)
{
Ed448PrivateKeyParameters key = (Ed448PrivateKeyParameters)privateKey;
return(new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448),
new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()));
}
if (privateKey is Ed25519PrivateKeyParameters)
{
Ed25519PrivateKeyParameters key = (Ed25519PrivateKeyParameters)privateKey;
return(new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519),
new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()));
}
throw new ArgumentException("Class provided is not convertible: " + BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.GetTypeName(privateKey));
}
