private static unsafe byte[] ExtractBignum(SafeBignumHandle bignum, int targetSize) { if (bignum == null || bignum.IsInvalid) { return null; } int compactSize = GetBigNumBytes(bignum); if (targetSize < compactSize) { targetSize = compactSize; } // OpenSSL BIGNUM values do not record leading zeroes. // Windows Crypt32 does. // // Since RSACryptoServiceProvider already checks that RSAParameters.DP.Length is // exactly half of RSAParameters.Modulus.Length, we need to left-pad (big-endian) // the array with zeroes. int offset = targetSize - compactSize; byte[] buf = new byte[targetSize]; fixed (byte* to = buf) { byte* start = to + offset; BigNumToBinary(bignum, start); } return buf; }
internal static byte[] ExtractBignum(IntPtr bignum, int targetSize) { // Given that the only reference held to bignum is an IntPtr, create an unowned SafeHandle // to ensure that we don't destroy the key after extraction. using (SafeBignumHandle handle = new SafeBignumHandle(bignum, ownsHandle: false)) { return ExtractBignum(handle, targetSize); } }
internal static extern int RSA_generate_key_ex(SafeRsaHandle rsa, int bits, SafeBignumHandle e, IntPtr zero);
internal static extern int RsaGenerateKeyEx(SafeRsaHandle rsa, int bits, SafeBignumHandle e);
private static extern unsafe int BigNumToBinary(SafeBignumHandle a, byte* to);
private static extern int GetBigNumBytes(SafeBignumHandle a);
internal static ECParameters GetECCurveParameters( SafeEcKeyHandle key, bool includePrivate) { ECCurve.ECCurveType curveType; SafeBignumHandle qx_bn, qy_bn, p_bn, a_bn, b_bn, gx_bn, gy_bn, order_bn, cofactor_bn, seed_bn; IntPtr d_bn_not_owned; int qx_cb, qy_cb, p_cb, a_cb, b_cb, gx_cb, gy_cb, order_cb, cofactor_cb, seed_cb, d_cb; bool refAdded = false; try { key.DangerousAddRef(ref refAdded); // Protect access to d_bn_not_owned if (!CryptoNative_GetECCurveParameters( key, includePrivate, out curveType, out qx_bn, out qx_cb, out qy_bn, out qy_cb, out d_bn_not_owned, out d_cb, out p_bn, out p_cb, out a_bn, out a_cb, out b_bn, out b_cb, out gx_bn, out gx_cb, out gy_bn, out gy_cb, out order_bn, out order_cb, out cofactor_bn, out cofactor_cb, out seed_bn, out seed_cb)) { throw Interop.Crypto.CreateOpenSslCryptographicException(); } using (qx_bn) using (qy_bn) using (p_bn) using (a_bn) using (b_bn) using (gx_bn) using (gy_bn) using (order_bn) using (cofactor_bn) using (seed_bn) using (var d_h = new SafeBignumHandle(d_bn_not_owned, false)) { int cbFieldLength; int pFieldLength; if (curveType == ECCurve.ECCurveType.Characteristic2) { // Match Windows semantics where a,b,gx,gy,qx,qy have same length // Treat length of m separately as it is not tied to other fields for Char2 (Char2 not supported by Windows) cbFieldLength = GetMax(new[] { a_cb, b_cb, gx_cb, gy_cb, qx_cb, qy_cb }); pFieldLength = p_cb; } else { // Match Windows semantics where p,a,b,gx,gy,qx,qy have same length cbFieldLength = GetMax(new[] { p_cb, a_cb, b_cb, gx_cb, gy_cb, qx_cb, qy_cb }); pFieldLength = cbFieldLength; } // Match Windows semantics where order and d have same length int cbSubgroupOrder = GetMax(order_cb, d_cb); // Copy values to ECParameters ECParameters parameters = new ECParameters(); parameters.Q = new ECPoint { X = Crypto.ExtractBignum(qx_bn, cbFieldLength), Y = Crypto.ExtractBignum(qy_bn, cbFieldLength) }; parameters.D = d_cb == 0 ? null : Crypto.ExtractBignum(d_h, cbSubgroupOrder); var curve = parameters.Curve; curve.CurveType = curveType; curve.A = Crypto.ExtractBignum(a_bn, cbFieldLength); curve.B = Crypto.ExtractBignum(b_bn, cbFieldLength); curve.G = new ECPoint { X = Crypto.ExtractBignum(gx_bn, cbFieldLength), Y = Crypto.ExtractBignum(gy_bn, cbFieldLength) }; curve.Order = Crypto.ExtractBignum(order_bn, cbSubgroupOrder); if (curveType == ECCurve.ECCurveType.Characteristic2) { curve.Polynomial = Crypto.ExtractBignum(p_bn, pFieldLength); } else { curve.Prime = Crypto.ExtractBignum(p_bn, pFieldLength); } // Optional parameters curve.Cofactor = cofactor_cb == 0 ? null : Crypto.ExtractBignum(cofactor_bn, cofactor_cb); curve.Seed = seed_cb == 0 ? null : Crypto.ExtractBignum(seed_bn, seed_cb); parameters.Curve = curve; return parameters; } } finally { if (refAdded) key.DangerousRelease(); } }
private static extern bool CryptoNative_GetECKeyParameters( SafeEcKeyHandle key, bool includePrivate, out SafeBignumHandle qx_bn, out int x_cb, out SafeBignumHandle qy_bn, out int y_cb, out IntPtr d_bn_not_owned, out int d_cb);
private static extern bool CryptoNative_GetECCurveParameters( SafeEcKeyHandle key, bool includePrivate, out ECCurve.ECCurveType curveType, out SafeBignumHandle qx, out int x_cb, out SafeBignumHandle qy, out int y_cb, out IntPtr d_bn_not_owned, out int d_cb, out SafeBignumHandle p, out int P_cb, out SafeBignumHandle a, out int A_cb, out SafeBignumHandle b, out int B_cb, out SafeBignumHandle gx, out int Gx_cb, out SafeBignumHandle gy, out int Gy_cb, out SafeBignumHandle order, out int order_cb, out SafeBignumHandle cofactor, out int cofactor_cb, out SafeBignumHandle seed, out int seed_cb);
internal static ECParameters GetECKeyParameters( SafeEcKeyHandle key, bool includePrivate) { SafeBignumHandle qx_bn, qy_bn, d_bn; IntPtr d_bn_not_owned; int qx_cb, qy_cb, d_cb; ECParameters parameters = new ECParameters(); bool refAdded = false; try { key.DangerousAddRef(ref refAdded); // Protect access to d_bn_not_owned if (!CryptoNative_GetECKeyParameters( key, includePrivate, out qx_bn, out qx_cb, out qy_bn, out qy_cb, out d_bn_not_owned, out d_cb)) { throw Interop.Crypto.CreateOpenSslCryptographicException(); } using (qx_bn) using (qy_bn) using (d_bn = new SafeBignumHandle(d_bn_not_owned, false)) { // Match Windows semantics where qx, qy, and d have same length int cbKey = GetMax(qx_cb, qy_cb, d_cb); parameters.Q = new ECPoint { X = Crypto.ExtractBignum(qx_bn, cbKey), Y = Crypto.ExtractBignum(qy_bn, cbKey) }; parameters.D = d_cb == 0 ? null : Crypto.ExtractBignum(d_bn, cbKey); } } finally { if (refAdded) key.DangerousRelease(); } return parameters; }
/// <summary> /// Returns the number of bytes needed to export a BIGNUM. /// </summary> /// <remarks>This is a macro in bn.h, expanded here.</remarks> private static int BN_num_bytes(SafeBignumHandle a) { return (BN_num_bits(a) + 7) / 8; }
private static extern int BN_num_bits(SafeBignumHandle a);
private static extern unsafe int BN_bn2bin(SafeBignumHandle a, byte* to);