public override void GenerateClient (TlsContext ctx) { // Compute pre master secret using (var preMasterSecret = ctx.Session.GetSecureRandomBytes (48)) { preMasterSecret.Buffer [0] = (byte)((short)ctx.Configuration.RequestedProtocol >> 8); preMasterSecret.Buffer [1] = (byte)ctx.Configuration.RequestedProtocol; RSA rsa = null; // Create a new RSA key var serverCertificates = ctx.Session.PendingCrypto.ServerCertificates; if (serverCertificates == null || serverCertificates.Count == 0) { // FIXME: Should have received ServerKeyExchange message. throw new TlsException (AlertDescription.IlegalParameter); } else { rsa = new RSAManaged (serverCertificates [0].RSA.KeySize); rsa.ImportParameters (serverCertificates [0].RSA.ExportParameters (false)); } ComputeMasterSecret (ctx, preMasterSecret); // Encrypt premaster_sercret var formatter = new RSAPKCS1KeyExchangeFormatter (rsa); encryptedPreMasterSecret = formatter.CreateKeyExchange (preMasterSecret.Buffer); rsa.Clear (); } }
protected override void ProcessAsSsl3() { // Compute pre master secret byte[] preMasterSecret = this.Context.Cipher.CreatePremasterSecret(); // Create a new RSA key RSA rsa = null; if (this.Context.ServerSettings.ServerKeyExchange) { // this is the case for "exportable" ciphers rsa = new RSAManaged (); rsa.ImportParameters (this.Context.ServerSettings.RsaParameters); } else { rsa = this.Context.ServerSettings.CertificateRSA; } // Encrypt premaster_sercret RSAPKCS1KeyExchangeFormatter formatter = new RSAPKCS1KeyExchangeFormatter(rsa); // Write the preMasterSecret encrypted byte[] buffer = formatter.CreateKeyExchange(preMasterSecret); this.Write(buffer); // Create master secret this.Context.Cipher.ComputeMasterSecret(preMasterSecret); // Create keys this.Context.Cipher.ComputeKeys(); // Clear resources rsa.Clear(); }
private bool VerifyCounterSignature (PKCS7.SignerInfo cs, byte[] signature) { // SEQUENCE { // INTEGER 1 if (cs.Version != 1) return false; // SEQUENCE { // SEQUENCE { string contentType = null; ASN1 messageDigest = null; for (int i=0; i < cs.AuthenticatedAttributes.Count; i++) { // SEQUENCE { // OBJECT IDENTIFIER ASN1 attr = (ASN1) cs.AuthenticatedAttributes [i]; string oid = ASN1Convert.ToOid (attr[0]); switch (oid) { case "1.2.840.113549.1.9.3": // contentType contentType = ASN1Convert.ToOid (attr[1][0]); break; case "1.2.840.113549.1.9.4": // messageDigest messageDigest = attr[1][0]; break; case "1.2.840.113549.1.9.5": // SEQUENCE { // OBJECT IDENTIFIER // signingTime (1 2 840 113549 1 9 5) // SET { // UTCTime '030124013651Z' // } // } timestamp = ASN1Convert.ToDateTime (attr[1][0]); break; default: break; } } if (contentType != PKCS7.Oid.data) return false; // verify message digest if (messageDigest == null) return false; // TODO: must be read from the ASN.1 structure string hashName = null; switch (messageDigest.Length) { case 16: hashName = "MD5"; break; case 20: hashName = "SHA1"; break; } HashAlgorithm ha = HashAlgorithm.Create (hashName); if (!messageDigest.CompareValue (ha.ComputeHash (signature))) return false; // verify signature byte[] counterSignature = cs.Signature; // change to SET OF (not [0]) as per PKCS #7 1.5 ASN1 aa = new ASN1 (0x31); foreach (ASN1 a in cs.AuthenticatedAttributes) aa.Add (a); byte[] p7hash = ha.ComputeHash (aa.GetBytes ()); // we need to try all certificates string issuer = cs.IssuerName; byte[] serial = cs.SerialNumber; foreach (X509Certificate x509 in coll) { if (CompareIssuerSerial (issuer, serial, x509)) { if (x509.PublicKey.Length > counterSignature.Length) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider) x509.RSA; // we need to HACK around bad (PKCS#1 1.5) signatures made by Verisign Timestamp Service // and this means copying stuff into our own RSAManaged to get the required flexibility RSAManaged rsam = new RSAManaged (); rsam.ImportParameters (rsa.ExportParameters (false)); if (PKCS1.Verify_v15 (rsam, ha, p7hash, counterSignature, true)) { timestampChain.LoadCertificates (coll); return (timestampChain.Build (x509)); } } } } // no certificate can verify this signature! return false; }
private RSA getClientCertRSA(RSA privKey) { RSAParameters rsaParams = new RSAParameters(); RSAParameters privateParams = privKey.ExportParameters(true); // for RSA m_publickey contains 2 ASN.1 integers // the modulus and the public exponent ASN1 pubkey = new ASN1 (this.Context.ClientSettings.Certificates[0].GetPublicKey()); ASN1 modulus = pubkey [0]; if ((modulus == null) || (modulus.Tag != 0x02)) { return null; } ASN1 exponent = pubkey [1]; if (exponent.Tag != 0x02) { return null; } rsaParams.Modulus = this.getUnsignedBigInteger(modulus.Value); rsaParams.Exponent = exponent.Value; // Set private key parameters rsaParams.D = privateParams.D; rsaParams.DP = privateParams.DP; rsaParams.DQ = privateParams.DQ; rsaParams.InverseQ = privateParams.InverseQ; rsaParams.P = privateParams.P; rsaParams.Q = privateParams.Q; // BUG: MS BCL 1.0 can't import a key which // isn't the same size as the one present in // the container. int keySize = (rsaParams.Modulus.Length << 3); RSAManaged rsa = new RSAManaged(keySize); rsa.ImportParameters (rsaParams); return (RSA)rsa; }
public void Bug18482 () { RSAManaged privateRsa = new RSAManaged (); privateRsa.FromXmlString (MonoXml384); var rsaParameters = privateRsa.ExportParameters (false); RSAManaged publicRsa = new RSAManaged (); //Generates a key pair with private key values publicRsa.ExportParameters (false); //Sets public key values and should reset private key values publicRsa.ImportParameters (rsaParameters); //Should export valid parameters without throwing an exception. publicRsa.ExportParameters (false); }
private void EncryptDecrypt (string msg, RSAManaged rsa) { RSAParameters param = rsa.ExportParameters (false); byte[] data = { 0xFF, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 }; // we don't need the private key to encrypt RSAManaged pubkey = new RSAManaged (); pubkey.ImportParameters (param); byte[] enc = pubkey.EncryptValue (data); byte[] dec = rsa.DecryptValue (enc); // note: the decrypted value is now right padded with zeros Assert.IsTrue (BitConverter.ToString (dec).EndsWith (BitConverter.ToString (data)), msg); }
private void EncryptDecrypt (string msg, RSAManaged rsa) { RSAParameters param = rsa.ExportParameters (false); byte[] data = { 0xFF, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 }; // we don't need the private key to encrypt RSAManaged pubkey = new RSAManaged (); pubkey.ImportParameters (param); byte[] enc = pubkey.EncryptValue (data); byte[] dec = rsa.DecryptValue (enc); Assert.AreEqual (BitConverter.ToString (data), BitConverter.ToString (dec), msg); }