// https://tools.ietf.org/html/rfc4357#section-5.2 // https://tools.ietf.org/html/rfc7836#section-4.3 public byte[] Vko(EncryptedPrivateKey encPk, ECPublicKeyParameters y) { var x = (ECPrivateKeyParameters)_keyPair.Private; var ukmBytes = (byte[])encPk.UKM.Clone(); Array.Reverse(ukmBytes); var ukm = new BigInteger(1, ukmBytes); var p = ukm.Multiply(x.D).Mod(y.Parameters.Curve.Order); var kekPoint = y.Q.Multiply(p).Normalize(); var kekPointX = kekPoint.AffineXCoord.ToBigInteger().ToByteArrayUnsigned(); var kekPointY = kekPoint.AffineYCoord.ToBigInteger().ToByteArrayUnsigned(); var kekBytes = new byte[kekPointX.Length + kekPointY.Length]; Array.Copy(kekPointY, 0, kekBytes, 0, kekPointY.Length); Array.Copy(kekPointX, 0, kekBytes, kekPointY.Length, kekPointX.Length); Array.Reverse(kekBytes); var dig = GetDigest(); var kek = new byte[dig.GetDigestSize()]; dig.BlockUpdate(kekBytes, 0, kekBytes.Length); dig.DoFinal(kek, 0); return(kek); }
// https://tools.ietf.org/html/rfc4357#section-5.2 public byte[] Vko(EncryptedPrivateKey encPk, ECPublicKeyParameters sessionKey) { var privKey = (ECPrivateKeyParameters)_keyPair.Private; var ukmBytes = (byte[])encPk.UKM.Clone(); Array.Reverse(ukmBytes); var ukm = new BigInteger(1, ukmBytes); var p = ukm.Multiply(privKey.D).Mod(sessionKey.Parameters.Curve.Order); var kekPoint = sessionKey.Q.Multiply(p).Normalize(); var x = kekPoint.XCoord.ToBigInteger().ToByteArrayUnsigned(); var y = kekPoint.YCoord.ToBigInteger().ToByteArrayUnsigned(); var kekBytes = new byte[64]; Array.Copy(y, 0, kekBytes, 0, 32); Array.Copy(x, 0, kekBytes, 32, 32); Array.Reverse(kekBytes); var kek = new byte[32]; var dig = new Gost3411Digest(); dig.BlockUpdate(kekBytes, 0, kekBytes.Length); dig.DoFinal(kek, 0); return(kek); }
public BigInteger ExportPrivateKey() { var context = GetHandle(_cert); var derive = new KeyDerivation(); derive.Init(); byte[] sessKey, privKeyBlob; ExportPrivateKey(context, derive.GetPublicKeyBytes(), out sessKey, out privKeyBlob); _encryptedPkey = new EncryptedPrivateKey(privKeyBlob); _sk = new SessionKey(sessKey); var kek = derive.Vko(_encryptedPkey, _sk.GetPublicKey()); var pkey = _encryptedPkey.UnwrapKey(kek); Array.Reverse(pkey); return(new BigInteger(1, pkey)); }
public BigInteger ExportPrivateKey() { var pkeyInfo = GetPrivateKeyInfo(_cert); CheckProvider(pkeyInfo); var provType = (ProviderType)pkeyInfo.ProviderType; var factory = KeyExportFactory.Create(provType); var derive = factory.CreateKeyDerivation(); var blob = factory.CreatePrivateKeyBlob(); var privKeyBlob = blob.GetPrivateKeyBlob(_cert.Handle, derive); _encryptedPkey = factory.CreateEncryptedPrivateKey(privKeyBlob); _sk = factory.CreateSessionKey(blob.SessionKey); var kek = derive.Vko(_encryptedPkey, _sk.GetPublicKey()); var pkey = _encryptedPkey.UnwrapKey(kek); Array.Reverse(pkey); return(new BigInteger(1, pkey)); }