コード例 #1
0
        /**
         * return the object identifier signified by the passed in name. Null
         * if there is no object identifier associated with name.
         *
         * @return the object identifier associated with name, if present.
         */
        public static DerObjectIdentifier GetOid(string name)
        {
            DerObjectIdentifier oid = X962NamedCurves.GetOid(name);

            if (oid == null)
            {
                oid = SecNamedCurves.GetOid(name);
            }

            if (oid == null)
            {
                oid = NistNamedCurves.GetOid(name);
            }

            if (oid == null)
            {
                oid = TeleTrusTNamedCurves.GetOid(name);
            }

            if (oid == null)
            {
                oid = AnssiNamedCurves.GetOid(name);
            }

            return(oid);
        }
コード例 #2
0
ファイル: PkiKeyPair.cs プロジェクト: win-acme/ACMESharpCore
        public static PkiKeyPair GenerateEcdsaKeyPair(int bits, int hashBits = -1)
        {
            // Based on:
            //    https://github.com/bcgit/bc-csharp/blob/master/crypto/test/src/crypto/test/ECTest.cs#L331
            //    https://www.codeproject.com/Tips/1150485/Csharp-Elliptical-Curve-Cryptography-with-Bouncy-C

            // This produced the following error against Let's Encrypt CA:
            //    ACMESharp.Protocol.AcmeProtocolException : Error parsing certificate request: asn1: structure error: tags don't match (6 vs {class:0 tag:16 length:247 isCompound:true}) {optional:false explicit:false application:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} ObjectIdentifier @3

            // var ecNistParams = NistNamedCurves.GetByName("P-" + bits);
            // var ecDomainParams = new ECDomainParameters(ecNistParams.Curve,
            //         ecNistParams.G, ecNistParams.N, ecNistParams.H, ecNistParams.GetSeed());
            // var ecParams = new ECKeyGenerationParameters(ecDomainParams, new SecureRandom());

            // So according to [this](https://github.com/golang/go/issues/18634#issuecomment-272527314)
            // it seems we were passing in arbitrary curve details instead of a named curve OID as we do here:

            var ecCurveOid = NistNamedCurves.GetOid("P-" + bits);;
            var ecParams   = new ECKeyGenerationParameters(ecCurveOid, new SecureRandom());
            var ecKpGen    = GeneratorUtilities.GetKeyPairGenerator("ECDSA");

            ecKpGen.Init(ecParams);
            var nativeKeyPair = ecKpGen.GenerateKeyPair();

            return(new PkiKeyPair(nativeKeyPair,
                                  new PkiKeyPairEcdsaParams(bits)
            {
                HashBits = hashBits
            }));
        }
コード例 #3
0
        public static PkiKeyPair GenerateEcdsaKeyPair(int bits, int hashBits = -1)
        {
            // Based on:
            //    https://github.com/bcgit/bc-csharp/blob/master/crypto/test/src/crypto/test/ECTest.cs#L331
            //    https://www.codeproject.com/Tips/1150485/Csharp-Elliptical-Curve-Cryptography-with-Bouncy-C

            // This produced the following error against Let's Encrypt CA:
            //    ACMESharp.Protocol.AcmeProtocolException : Error parsing certificate request: asn1: structure error: tags don't match (6 vs {class:0 tag:16 length:247 isCompound:true}) {optional:false explicit:false application:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} ObjectIdentifier @3

            // var ecNistParams = NistNamedCurves.GetByName("P-" + bits);
            // var ecDomainParams = new ECDomainParameters(ecNistParams.Curve,
            //         ecNistParams.G, ecNistParams.N, ecNistParams.H, ecNistParams.GetSeed());
            // var ecParams = new ECKeyGenerationParameters(ecDomainParams, new SecureRandom());

            // So according to [this](https://github.com/golang/go/issues/18634#issuecomment-272527314)
            // it seems we were passing in arbitrary curve details instead of a named curve OID as we do here:

            var ecCurveOid = NistNamedCurves.GetOid("P-" + bits);;
            var ecParams   = new ECKeyGenerationParameters(ecCurveOid, new SecureRandom());
            var ecKpGen    = GeneratorUtilities.GetKeyPairGenerator("ECDSA");

            ecKpGen.Init(ecParams);
            var nativeKeyPair = ecKpGen.GenerateKeyPair();

            var kpg = new Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator();

            kpg.Init(ecParams);

            // SHA + ECDSA algor selection based on:
            //    https://github.com/bcgit/bc-csharp/blob/master/crypto/src/security/SignerUtilities.cs
            // Transcode Length:
            //    * lengths are specified as in:
            //       https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-24#section-3.4
            //    * see explanation in the docs for "TranscodeSignatureToConcat" for what this is all about
            var transcodeLength = 0;

            if (hashBits == -1)
            {
                switch (bits)
                {
                case 521: hashBits = 512; transcodeLength = 132; break;

                case 384: hashBits = 384; transcodeLength = 96; break;

                default: hashBits = 256; transcodeLength = 64; break;
                }
            }
            var sigAlgor = $"SHA{hashBits}WITHECDSA";

            return(new PkiKeyPair(nativeKeyPair, PkiAsymmetricAlgorithm.Ecdsa,
                                  (prv, data) => Sign(sigAlgor, prv, data, transcodeLength),
                                  (pub, data, sig) => Verify(sigAlgor, pub, data, sig),
                                  (keys, prv) => ExportEcJwk(bits, keys, prv)));
        }
コード例 #4
0
ファイル: EccKeyBlob.cs プロジェクト: hugocurran/OSCA2
        /// <summary>
        /// Determine the curve OID from an EC key blob
        /// </summary>
        /// <param name="magic">Magic number</param>
        /// <returns>Curve OID</returns>
        private static DerObjectIdentifier getCurveOid(int magic, CurveNamespace nameSpace)
        {
            switch (magic)
            {
            case (int)KeyBlobMagicNumber.ECDHPublicP256:
            case (int)KeyBlobMagicNumber.ECDsaPublicP256:
                switch (nameSpace)
                {
                case CurveNamespace.X962:
                    return(X962NamedCurves.GetOid("prime256v1"));

                case CurveNamespace.NIST:
                    return(NistNamedCurves.GetOid("P-256"));

                case CurveNamespace.SEC:
                    return(SecNamedCurves.GetOid("SecP256r1"));
                }
                break;

            case (int)KeyBlobMagicNumber.ECDHPublicP384:
            case (int)KeyBlobMagicNumber.ECDsaPublicP384:
                switch (nameSpace)
                {
                case CurveNamespace.X962:                   // These aren't in the BC list
                    return(X962NamedCurves.GetOid("prime384v1"));

                case CurveNamespace.NIST:
                    return(NistNamedCurves.GetOid("P-384"));

                case CurveNamespace.SEC:
                    return(SecNamedCurves.GetOid("SecP384r1"));
                }
                break;

            case (int)KeyBlobMagicNumber.ECDHPublicP521:
            case (int)KeyBlobMagicNumber.ECDsaPublicP521:
                switch (nameSpace)
                {
                case CurveNamespace.X962:               // These aren't in the BC list
                    return(X962NamedCurves.GetOid("prime521v1"));

                case CurveNamespace.NIST:
                    return(NistNamedCurves.GetOid("P-521"));

                case CurveNamespace.SEC:
                    return(SecNamedCurves.GetOid("SecP521r1"));
                }
                break;
            }
            return(null);
        }