protected override X9ECParameters CreateParameters()
{
byte[] S = null;
ECCurve curve = ConfigureCurve(new Curve25519());
/*
* NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
* involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
*
* The Curve25519 paper doesn't say which of the two possible y values the base
* point has. The choice here is guided by language in the Ed25519 paper.
*
* (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14)
*/
X9ECPoint G = ConfigureBasepoint(curve,
"042AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9");
return(new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S));
}
protected override X9ECParameters CreateParameters()
{
BigInteger q = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D");
BigInteger zero = BigInteger.Zero;
BigInteger b = BigInteger.ValueOf(5L);
byte[] seed = null;
BigInteger bigInteger = FromHex("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7");
BigInteger one = BigInteger.One;
GlvTypeBParameters p = new GlvTypeBParameters(new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16), new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16), new BigInteger[2]
{
new BigInteger("6b8cf07d4ca75c88957d9d670591", 16),
new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16)
}, new BigInteger[2]
{
new BigInteger("1243ae1b4d71613bc9f780a03690e", 16),
new BigInteger("6b8cf07d4ca75c88957d9d670591", 16)
}, new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16), new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16), 240);
ECCurve eCCurve = ConfigureCurveGlv(new FpCurve(q, zero, b, bigInteger, one), p);
X9ECPoint g = new X9ECPoint(eCCurve, Hex.Decode("04A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5"));
return(new X9ECParameters(eCCurve, g, bigInteger, one, seed));
}
protected override X9ECParameters CreateParameters()
{
BigInteger q = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37");
BigInteger zero = BigInteger.Zero;
BigInteger b = BigInteger.ValueOf(3L);
byte[] seed = null;
BigInteger bigInteger = FromHex("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D");
BigInteger one = BigInteger.One;
GlvTypeBParameters p = new GlvTypeBParameters(new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16), new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16), new BigInteger[2]
{
new BigInteger("71169be7330b3038edb025f1", 16),
new BigInteger("-b3fb3400dec5c4adceb8655c", 16)
}, new BigInteger[2]
{
new BigInteger("12511cfe811d0f4e6bc688b4d", 16),
new BigInteger("71169be7330b3038edb025f1", 16)
}, new BigInteger("71169be7330b3038edb025f1d0f9", 16), new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16), 208);
ECCurve eCCurve = ConfigureCurveGlv(new FpCurve(q, zero, b, bigInteger, one), p);
X9ECPoint g = new X9ECPoint(eCCurve, Hex.Decode("04DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D"));
return(new X9ECParameters(eCCurve, g, bigInteger, one, seed));
}
protected override X9ECParameters CreateParameters()
{
BigInteger q = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73");
BigInteger zero = BigInteger.Zero;
BigInteger b = BigInteger.ValueOf(7L);
byte[] seed = null;
BigInteger bigInteger = FromHex("0100000000000000000001B8FA16DFAB9ACA16B6B3");
BigInteger one = BigInteger.One;
GlvTypeBParameters p = new GlvTypeBParameters(new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16), new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16), new BigInteger[2]
{
new BigInteger("9162fbe73984472a0a9e", 16),
new BigInteger("-96341f1138933bc2f505", 16)
}, new BigInteger[2]
{
new BigInteger("127971af8721782ecffa3", 16),
new BigInteger("9162fbe73984472a0a9e", 16)
}, new BigInteger("9162fbe73984472a0a9d0590", 16), new BigInteger("96341f1138933bc2f503fd44", 16), 176);
ECCurve eCCurve = ConfigureCurveGlv(new FpCurve(q, zero, b, bigInteger, one), p);
X9ECPoint g = new X9ECPoint(eCCurve, Hex.Decode("043B4C382CE37AA192A4019E763036F4F5DD4D7EBB938CF935318FDCED6BC28286531733C3F03C4FEE"));
return(new X9ECParameters(eCCurve, g, bigInteger, one, seed));
}
protected override X9ECParameters CreateParameters()
{
BigInteger q = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F");
BigInteger zero = BigInteger.Zero;
BigInteger b = BigInteger.ValueOf(7L);
byte[] seed = null;
BigInteger bigInteger = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
BigInteger one = BigInteger.One;
GlvTypeBParameters p = new GlvTypeBParameters(new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16), new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16), new BigInteger[2]
{
new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16),
new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16)
}, new BigInteger[2]
{
new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16),
new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16)
}, new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16), new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16), 272);
ECCurve eCCurve = ConfigureCurveGlv(new FpCurve(q, zero, b, bigInteger, one), p);
X9ECPoint g = new X9ECPoint(eCCurve, Hex.Decode("0479BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"));
return(new X9ECParameters(eCCurve, g, bigInteger, one, seed));
}
protected override X9ECParameters CreateParameters()
{
byte[] S = null;
GlvTypeBParameters glv = new GlvTypeBParameters(
new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16),
new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16),
new BigInteger[] {
new BigInteger("6b8cf07d4ca75c88957d9d670591", 16),
new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16)
},
new BigInteger[] {
new BigInteger("1243ae1b4d71613bc9f780a03690e", 16),
new BigInteger("6b8cf07d4ca75c88957d9d670591", 16)
},
new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16),
new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16),
240);
ECCurve curve = ConfigureCurveGlv(new SecP224K1Curve(), glv);
X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C"
+ "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5"));
return(new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S));
}
protected override X9ECParameters CreateParameters()
{
byte[] S = null;
GlvTypeBParameters glv = new GlvTypeBParameters(
new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16),
new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16),
new BigInteger[] {
new BigInteger("9162fbe73984472a0a9e", 16),
new BigInteger("-96341f1138933bc2f505", 16)
},
new BigInteger[] {
new BigInteger("127971af8721782ecffa3", 16),
new BigInteger("9162fbe73984472a0a9e", 16)
},
new BigInteger("9162fbe73984472a0a9d0590", 16),
new BigInteger("96341f1138933bc2f503fd44", 16),
176);
ECCurve curve = ConfigureCurveGlv(new SecP160K1Curve(), glv);
X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+ "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"
+ "938CF935318FDCED6BC28286531733C3F03C4FEE"));
return(new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S));
}
protected override X9ECParameters CreateParameters()
{
byte[] S = null;
GlvTypeBParameters glv = new GlvTypeBParameters(
new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16),
new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16),
new BigInteger[] {
new BigInteger("71169be7330b3038edb025f1", 16),
new BigInteger("-b3fb3400dec5c4adceb8655c", 16)
},
new BigInteger[] {
new BigInteger("12511cfe811d0f4e6bc688b4d", 16),
new BigInteger("71169be7330b3038edb025f1", 16)
},
new BigInteger("71169be7330b3038edb025f1d0f9", 16),
new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16),
208);
ECCurve curve = ConfigureCurveGlv(new SecP192K1Curve(), glv);
X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D"
+ "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D"));
return(new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S));
}
protected override X9ECParameters CreateParameters()
{
byte[] S = null;
GlvTypeBParameters glv = new GlvTypeBParameters(
new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16),
new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16),
new BigInteger[] {
new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16),
new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16)
},
new BigInteger[] {
new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16),
new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16)
},
new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16),
new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16),
272);
ECCurve curve = ConfigureCurveGlv(new SecP256K1Curve(), glv);
X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
+ "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"));
return(new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S));
}
/// <summary>
/// Load EC public key.
/// </summary>
/// <param name="key">public key bytes.</param>
/// <returns>EC public key</returns>
/// <exception cref="Exception">invalid key bytes</exception>
public static ECPublicKeyParameters LoadPublicEcKey(byte[] key)
{
var point = new X9ECPoint(EcParameters.Curve, new DerOctetString(key)).Point;
return(new ECPublicKeyParameters(point, EcParameters));
}
public static AsymmetricKeyParameter CreateKey(SubjectPublicKeyInfo keyInfo)
{
DerOctetString publicKey;
AlgorithmIdentifier algorithmID = keyInfo.AlgorithmID;
DerObjectIdentifier algorithm = algorithmID.Algorithm;
if ((algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption) || algorithm.Equals(X509ObjectIdentifiers.IdEARsa)) || (algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss) || algorithm.Equals(PkcsObjectIdentifiers.IdRsaesOaep)))
{
RsaPublicKeyStructure instance = RsaPublicKeyStructure.GetInstance(keyInfo.GetPublicKey());
return(new RsaKeyParameters(false, instance.Modulus, instance.PublicExponent));
}
if (algorithm.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
Asn1Sequence instance = Asn1Sequence.GetInstance(algorithmID.Parameters.ToAsn1Object());
BigInteger y = DHPublicKey.GetInstance(keyInfo.GetPublicKey()).Y.Value;
if (IsPkcsDHParam(instance))
{
return(ReadPkcsDHParam(algorithm, y, instance));
}
DHDomainParameters parameters = DHDomainParameters.GetInstance(instance);
BigInteger p = parameters.P.Value;
BigInteger g = parameters.G.Value;
BigInteger q = parameters.Q.Value;
BigInteger j = null;
if (parameters.J != null)
{
j = parameters.J.Value;
}
DHValidationParameters validation = null;
DHValidationParms validationParms = parameters.ValidationParms;
if (validationParms != null)
{
byte[] seed = validationParms.Seed.GetBytes();
BigInteger integer6 = validationParms.PgenCounter.Value;
validation = new DHValidationParameters(seed, integer6.IntValue);
}
return(new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation)));
}
if (algorithm.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
Asn1Sequence instance = Asn1Sequence.GetInstance(algorithmID.Parameters.ToAsn1Object());
DerInteger publicKey = (DerInteger)keyInfo.GetPublicKey();
return(ReadPkcsDHParam(algorithm, publicKey.Value, instance));
}
if (algorithm.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter parameter = new ElGamalParameter(Asn1Sequence.GetInstance(algorithmID.Parameters.ToAsn1Object()));
DerInteger publicKey = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(publicKey.Value, new ElGamalParameters(parameter.P, parameter.G)));
}
if (algorithm.Equals(X9ObjectIdentifiers.IdDsa) || algorithm.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DerInteger publicKey = (DerInteger)keyInfo.GetPublicKey();
Asn1Encodable parameters = algorithmID.Parameters;
DsaParameters parameters3 = null;
if (parameters != null)
{
DsaParameter instance = DsaParameter.GetInstance(parameters.ToAsn1Object());
parameters3 = new DsaParameters(instance.P, instance.Q, instance.G);
}
return(new DsaPublicKeyParameters(publicKey.Value, parameters3));
}
if (algorithm.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X9ECParameters parameters5;
X962Parameters parameters4 = new X962Parameters(algorithmID.Parameters.ToAsn1Object());
if (parameters4.IsNamedCurve)
{
parameters5 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)parameters4.Parameters);
}
else
{
parameters5 = new X9ECParameters((Asn1Sequence)parameters4.Parameters);
}
Asn1OctetString s = new DerOctetString(keyInfo.PublicKeyData.GetBytes());
X9ECPoint point = new X9ECPoint(parameters5.Curve, s);
ECPoint q = point.Point;
if (parameters4.IsNamedCurve)
{
return(new ECPublicKeyParameters("EC", q, (DerObjectIdentifier)parameters4.Parameters));
}
return(new ECPublicKeyParameters(q, new ECDomainParameters(parameters5.Curve, parameters5.G, parameters5.N, parameters5.H, parameters5.GetSeed())));
}
if (algorithm.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Asn1OctetString publicKey;
Gost3410PublicKeyAlgParameters parameters7 = new Gost3410PublicKeyAlgParameters((Asn1Sequence)algorithmID.Parameters);
try
{
publicKey = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] buffer2 = publicKey.GetOctets();
byte[] buffer3 = new byte[0x20];
byte[] buffer4 = new byte[0x20];
for (int j = 0; j != buffer4.Length; j++)
{
buffer3[j] = buffer2[0x1f - j];
}
for (int k = 0; k != buffer3.Length; k++)
{
buffer4[k] = buffer2[0x3f - k];
}
ECDomainParameters byOid = ECGost3410NamedCurves.GetByOid(parameters7.PublicKeyParamSet);
if (byOid == null)
{
return(null);
}
return(new ECPublicKeyParameters("ECGOST3410", byOid.Curve.CreatePoint(new BigInteger(1, buffer3), new BigInteger(1, buffer4)), parameters7.PublicKeyParamSet));
}
if (!algorithm.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algorithm);
}
Gost3410PublicKeyAlgParameters parameters9 = new Gost3410PublicKeyAlgParameters((Asn1Sequence)algorithmID.Parameters);
try
{
publicKey = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] octets = publicKey.GetOctets();
byte[] bytes = new byte[octets.Length];
for (int i = 0; i != octets.Length; i++)
{
bytes[i] = octets[(octets.Length - 1) - i];
}
return(new Gost3410PublicKeyParameters(new BigInteger(1, bytes), parameters9.PublicKeyParamSet));
}
public static AsymmetricKeyParameter CreateKey(SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algId = keyInfo.getAlgorithmId();
if (algId.getObjectId().Equals(PKCSObjectIdentifiers.rsaEncryption) ||
algId.getObjectId().Equals(X509ObjectIdentifiers.id_ea_rsa))
{
RSAPublicKeyStructure pubKey = new RSAPublicKeyStructure((ASN1Sequence)keyInfo.getPublicKey());
return(new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent()));
}
else if (algId.getObjectId().Equals(PKCSObjectIdentifiers.dhKeyAgreement) ||
algId.getObjectId().Equals(X9ObjectIdentifiers.dhpublicnumber))
{
DHParameter para = new DHParameter((ASN1Sequence)keyInfo.getAlgorithmId().getParameters());
DERInteger derY = (DERInteger)keyInfo.getPublicKey();
return(new DHPublicKeyParameters(derY.getValue(), new DHParameters(para.getP(), para.getG())));
}
else if (algId.getObjectId().Equals(OIWObjectIdentifiers.elGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter((ASN1Sequence)keyInfo.getAlgorithmId().getParameters());
DERInteger derY = (DERInteger)keyInfo.getPublicKey();
return(new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(para.getP(), para.getG())));
}
else if (algId.getObjectId().Equals(X9ObjectIdentifiers.id_dsa) ||
algId.getObjectId().Equals(OIWObjectIdentifiers.dsaWithSHA1))
{
DSAParameter para = new DSAParameter((ASN1Sequence)keyInfo.getAlgorithmId().getParameters());
DERInteger derY = (DERInteger)keyInfo.getPublicKey();
return(new DSAPublicKeyParameters(derY.getValue(), new DSAParameters(para.getP(), para.getQ(), para.getG())));
}
else if (algId.getObjectId().Equals(X9ObjectIdentifiers.id_ecPublicKey))
{
X962Parameters para = new X962Parameters((ASN1Object)keyInfo.getAlgorithmId().getParameters());
ECDomainParameters dParams = null;
if (para.isNamedCurve())
{
DERObjectIdentifier oid = (DERObjectIdentifier)para.getParameters();
X9ECParameters ecP = X962NamedCurves.getByOID(oid);
dParams = new ECDomainParameters(
ecP.getCurve(),
ecP.getG(),
ecP.getN(),
ecP.getH(),
ecP.getSeed());
}
else
{
X9ECParameters ecP = new X9ECParameters((ASN1Sequence)para.getParameters().toASN1Object());
dParams = new ECDomainParameters(
ecP.getCurve(),
ecP.getG(),
ecP.getN(),
ecP.getH(),
ecP.getSeed());
}
DERBitString bits = keyInfo.getPublicKeyData();
byte[] data = bits.getBytes();
ASN1OctetString key = new DEROctetString(data);
X9ECPoint derQ = new X9ECPoint(dParams.getCurve(), key);
return(new ECPublicKeyParameters(derQ.getPoint(), dParams));
}
else
{
throw new Exception("algorithm identifier in key not recognised");
}
}
private void EncodePublicKey()
{
X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
if (X9IntegerConverter.GetByteLength(ecP.Curve) != 30)
{
Fail("wrong byte length reported for curve");
}
if (ecP.Curve.FieldSize != 239)
{
Fail("wrong field size reported for curve");
}
//
// named curve
//
X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
ECPoint point = ecP.G.Multiply(BigInteger.ValueOf(100));
DerOctetString p = new DerOctetString(point.GetEncoded(true));
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
if (!Arrays.AreEqual(info.GetEncoded(), namedPub))
{
Fail("failed public named generation");
}
X9ECPoint x9P = new X9ECPoint(ecP.Curve, p);
if (!Arrays.AreEqual(p.GetOctets(), x9P.Point.GetEncoded()))
{
Fail("point encoding not preserved");
}
Asn1Object o = Asn1Object.FromByteArray(namedPub);
if (!info.Equals(o))
{
Fail("failed public named equality");
}
//
// explicit curve parameters
//
_params = new X962Parameters(ecP);
info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
if (!Arrays.AreEqual(info.GetEncoded(), expPub))
{
Fail("failed public explicit generation");
}
o = Asn1Object.FromByteArray(expPub);
if (!info.Equals(o))
{
Fail("failed public explicit equality");
}
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
var algID = keyInfo.AlgorithmID;
var algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
var pubKey = RsaPublicKeyStructure.GetInstance(
keyInfo.GetPublicKey());
return(new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent));
}
if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
var seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
var dhPublicKey = DHPublicKey.GetInstance(keyInfo.GetPublicKey());
var y = dhPublicKey.Y.Value;
if (IsPkcsDHParam(seq))
{
return(ReadPkcsDHParam(algOid, y, seq));
}
var dhParams = DHDomainParameters.GetInstance(seq);
var p = dhParams.P.Value;
var g = dhParams.G.Value;
var q = dhParams.Q.Value;
BigInteger j = null;
if (dhParams.J != null)
{
j = dhParams.J.Value;
}
DHValidationParameters validation = null;
var dhValidationParms = dhParams.ValidationParms;
if (dhValidationParms != null)
{
var seed = dhValidationParms.Seed.GetBytes();
var pgenCounter = dhValidationParms.PgenCounter.Value;
// TODO Check pgenCounter size?
validation = new DHValidationParameters(seed, pgenCounter.IntValue);
}
return(new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation)));
}
if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
var seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
var derY = (DerInteger)keyInfo.GetPublicKey();
return(ReadPkcsDHParam(algOid, derY.Value, seq));
}
if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
var para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
var derY = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(
derY.Value,
new ElGamalParameters(para.P, para.G)));
}
if (algOid.Equals(X9ObjectIdentifiers.IdDsa) ||
algOid.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
var derY = (DerInteger)keyInfo.GetPublicKey();
var ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
var para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPublicKeyParameters(derY.Value, parameters));
}
if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
var para = new X962Parameters(algID.Parameters.ToAsn1Object());
X9ECParameters x9;
if (para.IsNamedCurve)
{
x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
}
else
{
x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
}
Asn1OctetString key = new DerOctetString(keyInfo.PublicKeyData.GetBytes());
var derQ = new X9ECPoint(x9.Curve, key);
var q = derQ.Point;
if (para.IsNamedCurve)
{
return(new ECPublicKeyParameters("EC", q, (DerObjectIdentifier)para.Parameters));
}
var dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
return(new ECPublicKeyParameters(q, dParams));
}
if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
var gostParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
var keyEnc = key.GetOctets();
var x = new byte[32];
var y = new byte[32];
for (var i = 0; i != y.Length; i++)
{
x[i] = keyEnc[32 - 1 - i];
}
for (var i = 0; i != x.Length; i++)
{
y[i] = keyEnc[64 - 1 - i];
}
var ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
var q = ecP.Curve.CreatePoint(new BigInteger(1, x), new BigInteger(1, y));
return(new ECPublicKeyParameters("ECGOST3410", q, gostParams.PublicKeyParamSet));
}
if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
var algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
DerOctetString derY;
try
{
derY = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
var keyEnc = derY.GetOctets();
var keyBytes = new byte[keyEnc.Length];
for (var i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
var y = new BigInteger(1, keyBytes);
return(new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet));
}
if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256) ||
algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
{
var algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410-2012 public key");
}
var keyEnc = key.GetOctets();
var fieldSize = 32;
if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
{
fieldSize = 64;
}
var keySize = 2 * fieldSize;
var x9Encoding = new byte[1 + keySize];
x9Encoding[0] = 0x04;
for (var i = 1; i <= fieldSize; ++i)
{
x9Encoding[i] = keyEnc[fieldSize - i];
x9Encoding[i + fieldSize] = keyEnc[keySize - i];
}
var ecP = ECGost3410NamedCurves.GetByOid(algParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
return(new ECPublicKeyParameters(ecP.Curve.DecodePoint(x9Encoding), ecP));
}
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algOid);
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(
keyInfo.ParsePublicKey());
return(new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent));
}
else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
DHPublicKey dhPublicKey = DHPublicKey.GetInstance(keyInfo.ParsePublicKey());
BigInteger y = dhPublicKey.Y.Value;
if (IsPkcsDHParam(seq))
{
return(ReadPkcsDHParam(algOid, y, seq));
}
DHDomainParameters dhParams = DHDomainParameters.GetInstance(seq);
BigInteger p = dhParams.P.Value;
BigInteger g = dhParams.G.Value;
BigInteger q = dhParams.Q.Value;
BigInteger j = null;
if (dhParams.J != null)
{
j = dhParams.J.Value;
}
DHValidationParameters validation = null;
DHValidationParms dhValidationParms = dhParams.ValidationParms;
if (dhValidationParms != null)
{
byte[] seed = dhValidationParms.Seed.GetBytes();
BigInteger pgenCounter = dhValidationParms.PgenCounter.Value;
// TODO Check pgenCounter size?
validation = new DHValidationParameters(seed, pgenCounter.IntValue);
}
return(new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation)));
}
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
DerInteger derY = (DerInteger)keyInfo.ParsePublicKey();
return(ReadPkcsDHParam(algOid, derY.Value, seq));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derY = (DerInteger)keyInfo.ParsePublicKey();
return(new ElGamalPublicKeyParameters(
derY.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa) ||
algOid.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DerInteger derY = (DerInteger)keyInfo.ParsePublicKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPublicKeyParameters(derY.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = X962Parameters.GetInstance(algID.Parameters.ToAsn1Object());
X9ECParameters x9;
if (para.IsNamedCurve)
{
x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
}
else
{
x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
}
Asn1OctetString key = new DerOctetString(keyInfo.PublicKeyData.GetBytes());
X9ECPoint derQ = new X9ECPoint(x9.Curve, key);
ECPoint q = derQ.Point;
if (para.IsNamedCurve)
{
return(new ECPublicKeyParameters("EC", q, (DerObjectIdentifier)para.Parameters));
}
ECDomainParameters dParams = new ECDomainParameters(x9);
return(new ECPublicKeyParameters(q, dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters);
DerObjectIdentifier publicKeyParamSet = gostParams.PublicKeyParamSet;
X9ECParameters ecP = ECGost3410NamedCurves.GetByOidX9(publicKeyParamSet);
if (ecP == null)
{
return(null);
}
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.ParsePublicKey();
}
catch (IOException e)
{
throw new ArgumentException("error recovering GOST3410_2001 public key", e);
}
int fieldSize = 32;
int keySize = 2 * fieldSize;
byte[] keyEnc = key.GetOctets();
if (keyEnc.Length != keySize)
{
throw new ArgumentException("invalid length for GOST3410_2001 public key");
}
byte[] x9Encoding = new byte[1 + keySize];
x9Encoding[0] = 0x04;
for (int i = 1; i <= fieldSize; ++i)
{
x9Encoding[i] = keyEnc[fieldSize - i];
x9Encoding[i + fieldSize] = keyEnc[keySize - i];
}
ECPoint q = ecP.Curve.DecodePoint(x9Encoding);
return(new ECPublicKeyParameters("ECGOST3410", q, publicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.ParsePublicKey();
}
catch (IOException e)
{
throw new ArgumentException("error recovering GOST3410_94 public key", e);
}
byte[] keyBytes = Arrays.Reverse(key.GetOctets()); // was little endian
BigInteger y = new BigInteger(1, keyBytes);
return(new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X25519))
{
return(new X25519PublicKeyParameters(GetRawKey(keyInfo)));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_X448))
{
return(new X448PublicKeyParameters(GetRawKey(keyInfo)));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519))
{
return(new Ed25519PublicKeyParameters(GetRawKey(keyInfo)));
}
else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448))
{
return(new Ed448PublicKeyParameters(GetRawKey(keyInfo)));
}
else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256) ||
algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
{
Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters);
DerObjectIdentifier publicKeyParamSet = gostParams.PublicKeyParamSet;
ECGost3410Parameters ecDomainParameters = new ECGost3410Parameters(
new ECNamedDomainParameters(publicKeyParamSet, ECGost3410NamedCurves.GetByOidX9(publicKeyParamSet)),
publicKeyParamSet,
gostParams.DigestParamSet,
gostParams.EncryptionParamSet);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.ParsePublicKey();
}
catch (IOException e)
{
throw new ArgumentException("error recovering GOST3410_2012 public key", e);
}
int fieldSize = 32;
if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
{
fieldSize = 64;
}
int keySize = 2 * fieldSize;
byte[] keyEnc = key.GetOctets();
if (keyEnc.Length != keySize)
{
throw new ArgumentException("invalid length for GOST3410_2012 public key");
}
byte[] x9Encoding = new byte[1 + keySize];
x9Encoding[0] = 0x04;
for (int i = 1; i <= fieldSize; ++i)
{
x9Encoding[i] = keyEnc[fieldSize - i];
x9Encoding[i + fieldSize] = keyEnc[keySize - i];
}
ECPoint q = ecDomainParameters.Curve.DecodePoint(x9Encoding);
return(new ECPublicKeyParameters(q, ecDomainParameters));
}
else
{
throw new SecurityUtilityException("algorithm identifier in public key not recognised: " + algOid);
}
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
if (algID.ObjectID.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algID.ObjectID.Equals(X509ObjectIdentifiers.IdEARsa))
{
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(keyInfo.GetPublicKey());
return(new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent));
}
else if (algID.ObjectID.Equals(PkcsObjectIdentifiers.DhKeyAgreement) ||
algID.ObjectID.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
DHParameter para = new DHParameter((Asn1Sequence)keyInfo.AlgorithmID.Parameters);
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new DHPublicKeyParameters(derY.Value, new DHParameters(para.P, para.G)));
}
else if (algID.ObjectID.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter((Asn1Sequence)keyInfo.AlgorithmID.Parameters);
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(derY.Value, new ElGamalParameters(para.P, para.G)));
}
else if (algID.ObjectID.Equals(X9ObjectIdentifiers.IdDsa) ||
algID.ObjectID.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DsaParameter para = DsaParameter.GetInstance(keyInfo.AlgorithmID.Parameters);
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new DsaPublicKeyParameters(derY.Value, new DsaParameters(para.P, para.Q, para.G)));
}
else if (algID.ObjectID.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters((Asn1Object)keyInfo.AlgorithmID.Parameters);
ECDomainParameters dParams = null;
if (para.IsNamedCurve)
{
DerObjectIdentifier oid = (DerObjectIdentifier)para.Parameters;
X9ECParameters ecP = X962NamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = SecNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = NistNamedCurves.GetByOid(oid);
}
}
dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
}
else
{
X9ECParameters ecP = new X9ECParameters((Asn1Sequence)para.Parameters.ToAsn1Object());
dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
}
DerBitString bits = keyInfo.PublicKeyData;
byte[] data = bits.GetBytes();
Asn1OctetString key = new DerOctetString(data);
X9ECPoint derQ = new X9ECPoint(dParams.Curve, key);
return(new ECPublicKeyParameters(derQ.Point, dParams));
}
else if (algID.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = key.GetOctets();
byte[] x = new byte[32];
byte[] y = new byte[32];
for (int i = 0; i != y.Length; i++)
{
x[i] = keyEnc[32 - 1 - i];
}
for (int i = 0; i != x.Length; i++)
{
y[i] = keyEnc[64 - 1 - i];
}
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
ECCurve curve = ecP.Curve;
ECPoint q;
if (curve is FpCurve)
{
FpCurve curveFp = (FpCurve)curve;
q = new FpPoint(
curveFp,
new FpFieldElement(curveFp.Q, new BigInteger(1, x)),
new FpFieldElement(curveFp.Q, new BigInteger(1, y)));
}
else
{
F2mCurve curveF2m = (F2mCurve)curve;
q = new F2mPoint(
curveF2m,
new F2mFieldElement(curveF2m.M, curveF2m.K1, curveF2m.K2, curveF2m.K3, new BigInteger(1, x)),
new F2mFieldElement(curveF2m.M, curveF2m.K1, curveF2m.K2, curveF2m.K3, new BigInteger(1, y)),
false);
}
return(new ECPublicKeyParameters(q, gostParams.PublicKeyParamSet));
}
else if (algID.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
DerOctetString derY;
try
{
derY = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = derY.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger y = new BigInteger(1, keyBytes);
return(new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet));
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algID.ObjectID);
}
}
private void EncodePublicKey()
{
X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
if (X9IntegerConverter.GetByteLength(ecP.Curve) != 30)
{
Fail("wrong byte length reported for curve");
}
if (ecP.Curve.FieldSize != 239)
{
Fail("wrong field size reported for curve");
}
//
// named curve
//
X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
X9ECPoint pPoint = new X9ECPoint(
new FPPoint(ecP.Curve, new FPFieldElement(BigInteger.Two, BigInteger.One),
new FPFieldElement(BigInteger.ValueOf(4), BigInteger.ValueOf(3)),
true));
Asn1OctetString p = (Asn1OctetString)pPoint.ToAsn1Object();
if (p == null)
{
Fail("failed to convert to ASN.1");
}
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
if (!Arrays.AreEqual(info.GetEncoded(), namedPub))
{
Fail("failed public named generation");
}
Asn1Object o = Asn1Object.FromByteArray(namedPub);
if (!info.Equals(o))
{
Fail("failed public named equality");
}
//
// explicit curve parameters
//
_params = new X962Parameters(ecP);
info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
if (!Arrays.AreEqual(info.GetEncoded(), expPub))
{
Fail("failed public explicit generation");
}
o = Asn1Object.FromByteArray(expPub);
if (!info.Equals(o))
{
Fail("failed public explicit equality");
}
}
public X9ECParameters(ECCurve curve, X9ECPoint g, BigInteger n, BigInteger h)
: this(curve, g, n, h, null)
{
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
DerObjectIdentifier algOid = algID.ObjectID;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(
keyInfo.GetPublicKey());
return(new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent));
}
else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
DHPublicKey dhPublicKey = DHPublicKey.GetInstance(keyInfo.GetPublicKey());
BigInteger y = dhPublicKey.Y.Value;
if (IsPkcsDHParam(seq))
{
return(ReadPkcsDHParam(algOid, y, seq));
}
DHDomainParameters dhParams = DHDomainParameters.GetInstance(seq);
BigInteger p = dhParams.P.Value;
BigInteger g = dhParams.G.Value;
BigInteger q = dhParams.Q.Value;
BigInteger j = null;
if (dhParams.J != null)
{
j = dhParams.J.Value;
}
DHValidationParameters validation = null;
DHValidationParms dhValidationParms = dhParams.ValidationParms;
if (dhValidationParms != null)
{
byte[] seed = dhValidationParms.Seed.GetBytes();
BigInteger pgenCounter = dhValidationParms.PgenCounter.Value;
// TODO Check pgenCounter size?
validation = new DHValidationParameters(seed, pgenCounter.IntValue);
}
return(new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation)));
}
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(ReadPkcsDHParam(algOid, derY.Value, seq));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(
derY.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa) ||
algOid.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPublicKeyParameters(derY.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(
algID.Parameters.ToAsn1Object());
X9ECParameters ecP;
if (para.IsNamedCurve)
{
ecP = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
}
else
{
ecP = new X9ECParameters((Asn1Sequence)para.Parameters);
}
ECDomainParameters dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
DerBitString bits = keyInfo.PublicKeyData;
byte[] data = bits.GetBytes();
Asn1OctetString key = new DerOctetString(data);
X9ECPoint derQ = new X9ECPoint(dParams.Curve, key);
return(new ECPublicKeyParameters(derQ.Point, dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = key.GetOctets();
byte[] x = new byte[32];
byte[] y = new byte[32];
for (int i = 0; i != y.Length; i++)
{
x[i] = keyEnc[32 - 1 - i];
}
for (int i = 0; i != x.Length; i++)
{
y[i] = keyEnc[64 - 1 - i];
}
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
ECPoint q = ecP.Curve.CreatePoint(new BigInteger(1, x), new BigInteger(1, y), false);
return(new ECPublicKeyParameters("ECGOST3410", q, gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
DerOctetString derY;
try
{
derY = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = derY.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger y = new BigInteger(1, keyBytes);
return(new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet));
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algOid);
}
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
DerObjectIdentifier algOid = algID.ObjectID;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
|| algOid.Equals(X509ObjectIdentifiers.IdEARsa)
|| algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss)
|| algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(
keyInfo.GetPublicKey());
return new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent);
}
else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
DHPublicKey dhPublicKey = DHPublicKey.GetInstance(keyInfo.GetPublicKey());
BigInteger y = dhPublicKey.Y.Value;
if (IsPkcsDHParam(seq))
return ReadPkcsDHParam(algOid, y, seq);
DHDomainParameters dhParams = DHDomainParameters.GetInstance(seq);
BigInteger p = dhParams.P.Value;
BigInteger g = dhParams.G.Value;
BigInteger q = dhParams.Q.Value;
BigInteger j = null;
if (dhParams.J != null)
{
j = dhParams.J.Value;
}
DHValidationParameters validation = null;
DHValidationParms dhValidationParms = dhParams.ValidationParms;
if (dhValidationParms != null)
{
byte[] seed = dhValidationParms.Seed.GetBytes();
BigInteger pgenCounter = dhValidationParms.PgenCounter.Value;
// TODO Check pgenCounter size?
validation = new DHValidationParameters(seed, pgenCounter.IntValue);
}
return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation));
}
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
DerInteger derY = (DerInteger) keyInfo.GetPublicKey();
return ReadPkcsDHParam(algOid, derY.Value, seq);
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derY = (DerInteger) keyInfo.GetPublicKey();
return new ElGamalPublicKeyParameters(
derY.Value,
new ElGamalParameters(para.P, para.G));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa)
|| algOid.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DerInteger derY = (DerInteger) keyInfo.GetPublicKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return new DsaPublicKeyParameters(derY.Value, parameters);
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object());
X9ECParameters x9;
if (para.IsNamedCurve)
{
x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
}
else
{
x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
}
Asn1OctetString key = new DerOctetString(keyInfo.PublicKeyData.GetBytes());
X9ECPoint derQ = new X9ECPoint(x9.Curve, key);
ECPoint q = derQ.Point;
if (para.IsNamedCurve)
{
return new ECPublicKeyParameters("EC", q, (DerObjectIdentifier)para.Parameters);
}
ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
return new ECPublicKeyParameters(q, dParams);
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence) algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString) keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = key.GetOctets();
byte[] x = new byte[32];
byte[] y = new byte[32];
for (int i = 0; i != y.Length; i++)
{
x[i] = keyEnc[32 - 1 - i];
}
for (int i = 0; i != x.Length; i++)
{
y[i] = keyEnc[64 - 1 - i];
}
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
return null;
ECPoint q = ecP.Curve.CreatePoint(new BigInteger(1, x), new BigInteger(1, y));
return new ECPublicKeyParameters("ECGOST3410", q, gostParams.PublicKeyParamSet);
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence) algID.Parameters);
DerOctetString derY;
try
{
derY = (DerOctetString) keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = derY.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger y = new BigInteger(1, keyBytes);
return new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet);
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algOid);
}
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
DerObjectIdentifier algOid = algID.ObjectID;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(
keyInfo.GetPublicKey());
return(new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent));
}
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement) ||
algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
DHParameter para = new DHParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
BigInteger lVal = para.L;
int l = lVal == null ? 0 : lVal.IntValue;
DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
return(new DHPublicKeyParameters(derY.Value, dhParams));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(
derY.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa) ||
algOid.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPublicKeyParameters(derY.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(
algID.Parameters.ToAsn1Object());
X9ECParameters ecP;
if (para.IsNamedCurve)
{
// TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
DerObjectIdentifier oid = (DerObjectIdentifier)para.Parameters;
ecP = X962NamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = SecNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = NistNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = TeleTrusTNamedCurves.GetByOid(oid);
}
}
}
}
else
{
ecP = new X9ECParameters((Asn1Sequence)para.Parameters);
}
ECDomainParameters dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
DerBitString bits = keyInfo.PublicKeyData;
byte[] data = bits.GetBytes();
Asn1OctetString key = new DerOctetString(data);
X9ECPoint derQ = new X9ECPoint(dParams.Curve, key);
return(new ECPublicKeyParameters(derQ.Point, dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = key.GetOctets();
byte[] x = new byte[32];
byte[] y = new byte[32];
for (int i = 0; i != y.Length; i++)
{
x[i] = keyEnc[32 - 1 - i];
}
for (int i = 0; i != x.Length; i++)
{
y[i] = keyEnc[64 - 1 - i];
}
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
ECPoint q = ecP.Curve.CreatePoint(new BigInteger(1, x), new BigInteger(1, y), false);
return(new ECPublicKeyParameters(q, gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
DerOctetString derY;
try
{
derY = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = derY.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger y = new BigInteger(1, keyBytes);
return(new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet));
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algOid);
}
}
public static AsymmetricKeyParameter CreateKey(SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algorithmID = keyInfo.AlgorithmID;
DerObjectIdentifier algorithm = algorithmID.Algorithm;
if (algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption) || algorithm.Equals(X509ObjectIdentifiers.IdEARsa) || algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss) || algorithm.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPublicKeyStructure instance = RsaPublicKeyStructure.GetInstance(keyInfo.GetPublicKey());
return(new RsaKeyParameters(isPrivate: false, instance.Modulus, instance.PublicExponent));
}
if (algorithm.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
Asn1Sequence instance2 = Asn1Sequence.GetInstance(algorithmID.Parameters.ToAsn1Object());
DHPublicKey instance3 = DHPublicKey.GetInstance(keyInfo.GetPublicKey());
BigInteger value = instance3.Y.Value;
if (IsPkcsDHParam(instance2))
{
return(ReadPkcsDHParam(algorithm, value, instance2));
}
DHDomainParameters instance4 = DHDomainParameters.GetInstance(instance2);
BigInteger value2 = instance4.P.Value;
BigInteger value3 = instance4.G.Value;
BigInteger value4 = instance4.Q.Value;
BigInteger j = null;
if (instance4.J != null)
{
j = instance4.J.Value;
}
DHValidationParameters validation = null;
DHValidationParms validationParms = instance4.ValidationParms;
if (validationParms != null)
{
byte[] bytes = validationParms.Seed.GetBytes();
BigInteger value5 = validationParms.PgenCounter.Value;
validation = new DHValidationParameters(bytes, value5.IntValue);
}
return(new DHPublicKeyParameters(value, new DHParameters(value2, value3, value4, j, validation)));
}
if (algorithm.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
Asn1Sequence instance5 = Asn1Sequence.GetInstance(algorithmID.Parameters.ToAsn1Object());
DerInteger derInteger = (DerInteger)keyInfo.GetPublicKey();
return(ReadPkcsDHParam(algorithm, derInteger.Value, instance5));
}
if (algorithm.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter elGamalParameter = new ElGamalParameter(Asn1Sequence.GetInstance(algorithmID.Parameters.ToAsn1Object()));
DerInteger derInteger2 = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(derInteger2.Value, new ElGamalParameters(elGamalParameter.P, elGamalParameter.G)));
}
if (algorithm.Equals(X9ObjectIdentifiers.IdDsa) || algorithm.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DerInteger derInteger3 = (DerInteger)keyInfo.GetPublicKey();
Asn1Encodable parameters = algorithmID.Parameters;
DsaParameters parameters2 = null;
if (parameters != null)
{
DsaParameter instance6 = DsaParameter.GetInstance(parameters.ToAsn1Object());
parameters2 = new DsaParameters(instance6.P, instance6.Q, instance6.G);
}
return(new DsaPublicKeyParameters(derInteger3.Value, parameters2));
}
if (algorithm.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters x962Parameters = new X962Parameters(algorithmID.Parameters.ToAsn1Object());
X9ECParameters x9ECParameters = (!x962Parameters.IsNamedCurve) ? new X9ECParameters((Asn1Sequence)x962Parameters.Parameters) : ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)x962Parameters.Parameters);
Asn1OctetString s = new DerOctetString(keyInfo.PublicKeyData.GetBytes());
X9ECPoint x9ECPoint = new X9ECPoint(x9ECParameters.Curve, s);
ECPoint point = x9ECPoint.Point;
if (x962Parameters.IsNamedCurve)
{
return(new ECPublicKeyParameters("EC", point, (DerObjectIdentifier)x962Parameters.Parameters));
}
ECDomainParameters parameters3 = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N, x9ECParameters.H, x9ECParameters.GetSeed());
return(new ECPublicKeyParameters(point, parameters3));
}
if (algorithm.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gost3410PublicKeyAlgParameters = new Gost3410PublicKeyAlgParameters((Asn1Sequence)algorithmID.Parameters);
Asn1OctetString asn1OctetString;
try
{
asn1OctetString = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] octets = asn1OctetString.GetOctets();
byte[] array = new byte[32];
byte[] array2 = new byte[32];
for (int i = 0; i != array2.Length; i++)
{
array[i] = octets[31 - i];
}
for (int k = 0; k != array.Length; k++)
{
array2[k] = octets[63 - k];
}
ECDomainParameters byOid = ECGost3410NamedCurves.GetByOid(gost3410PublicKeyAlgParameters.PublicKeyParamSet);
if (byOid == null)
{
return(null);
}
ECPoint q = byOid.Curve.CreatePoint(new BigInteger(1, array), new BigInteger(1, array2));
return(new ECPublicKeyParameters("ECGOST3410", q, gost3410PublicKeyAlgParameters.PublicKeyParamSet));
}
if (algorithm.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters gost3410PublicKeyAlgParameters2 = new Gost3410PublicKeyAlgParameters((Asn1Sequence)algorithmID.Parameters);
DerOctetString derOctetString;
try
{
derOctetString = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] octets2 = derOctetString.GetOctets();
byte[] array3 = new byte[octets2.Length];
for (int l = 0; l != octets2.Length; l++)
{
array3[l] = octets2[octets2.Length - 1 - l];
}
BigInteger y = new BigInteger(1, array3);
return(new Gost3410PublicKeyParameters(y, gost3410PublicKeyAlgParameters2.PublicKeyParamSet));
}
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algorithm);
}
