private byte[] ComputeHash(byte[] input) { var sha = new Sha1Digest(); sha.BlockUpdate(input, 0, input.Length); byte[] result = new byte[sha.GetDigestSize()]; sha.DoFinal(result, 0); return result; }
/// <summary> /// Compute the hash of the input byte array and return the hashed value as a byte array. /// </summary> /// <param name="inputData">Input data</param> /// <returns>SHA1 Hashed data.</returns> byte[] IHashProvider.ComputeHash( byte[] inputData ) { Sha1Digest digest = new Sha1Digest(); digest.BlockUpdate( inputData, 0, inputData.Length ); byte[] result = new byte[digest.GetDigestSize()]; digest.DoFinal( result, 0 ); return result; }
static Asn1OctetString CreateDigestFromBytes(byte[] bytes) { var digest = new Sha1Digest(); digest.BlockUpdate(bytes, 0, bytes.Length); var digestBytes = new byte[digest.GetDigestSize()]; digest.DoFinal(digestBytes, 0); return new DerOctetString(digestBytes); }
public static string Sha1(string input) { var data = System.Text.Encoding.UTF8.GetBytes(input); Sha1Digest hash = new Sha1Digest(); hash.BlockUpdate(data, 0, data.Length); byte[] result = new byte[hash.GetDigestSize()]; hash.DoFinal(result, 0); return Hex.ToHexString(result); }
/** * * Calulates the keyIdentifier using a SHA1 hash over the BIT STRING * from SubjectPublicKeyInfo as defined in RFC2459. * **/ public SubjectKeyIdentifier( SubjectPublicKeyInfo spki) { IDigest digest = new Sha1Digest(); byte[] resBuf = new byte[digest.GetDigestSize()]; byte[] bytes = spki.PublicKeyData.GetBytes(); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); this.keyIdentifier = resBuf; }
/** * * Calulates the keyidentifier using a SHA1 hash over the BIT STRING * from SubjectPublicKeyInfo as defined in RFC2459. * * Example of making a AuthorityKeyIdentifier: * <pre> * SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream( * publicKey.getEncoded()).readObject()); * AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(apki); * </pre> * **/ public AuthorityKeyIdentifier( SubjectPublicKeyInfo spki) { IDigest digest = new Sha1Digest(); byte[] resBuf = new byte[digest.GetDigestSize()]; byte[] bytes = spki.PublicKeyData.GetBytes(); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); this.keyidentifier = new DerOctetString(resBuf); }
/** * create an AuthorityKeyIdentifier with the GeneralNames tag and * the serial number provided as well. */ public AuthorityKeyIdentifier( SubjectPublicKeyInfo spki, GeneralNames name, BigInteger serialNumber) { IDigest digest = new Sha1Digest(); byte[] resBuf = new byte[digest.GetDigestSize()]; byte[] bytes = spki.PublicKeyData.GetBytes(); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); this.keyidentifier = new DerOctetString(resBuf); this.certissuer = name; this.certserno = new DerInteger(serialNumber); }
public static string CreateResponseKey(string requestKey) { var combined = requestKey + WebSocketResponseGuid; #if !PORTABLE var bytes = SHA1.Create().ComputeHash(Encoding.ASCII.GetBytes(combined)); #else var bytes = Encoding.GetEncoding("ISO-8859-1").GetBytes(combined); IDigest hash = new Sha1Digest(); byte[] result = new byte[hash.GetDigestSize()]; hash.BlockUpdate(bytes, 0, bytes.Length); hash.DoFinal(result, 0); bytes = result; //// Convert the message string to binary data. //IBuffer buffUtf8Msg = CryptographicBuffer.ConvertStringToBinary(combined, BinaryStringEncoding.Utf8); //// Create a HashAlgorithmProvider object. //HashAlgorithmProvider objAlgProv = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Md5); //// Demonstrate how to retrieve the name of the hashing algorithm. //String strAlgNameUsed = objAlgProv.AlgorithmName; //// Hash the message. //IBuffer buffHash = objAlgProv.HashData(buffUtf8Msg); //// Verify that the hash length equals the length specified for the algorithm. //if (buffHash.Length != objAlgProv.HashLength) //{ // throw new Exception("There was an error creating the hash"); //} //// Convert the hash to a string (for display). //String strHashBase64 = CryptographicBuffer.EncodeToBase64String(buffHash); //byte[] bytes = new byte[buffHash.Length]; //CryptographicBuffer.CopyToByteArray(buffHash, out bytes); #endif return Convert.ToBase64String(bytes); }
public virtual void DoTest10() { BigInteger mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16); BigInteger pubExp = new BigInteger("65537", 10); BigInteger priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16); RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp); RsaKeyParameters privParameters = new RsaKeyParameters(true, mod, priExp); RsaEngine rsa = new RsaEngine(); byte[] data; // // ISO 9796-2 - PSS Signing // IDigest dig = new Sha1Digest(); Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, dig, dig.GetDigestSize()); // // as the padding is random this test needs to repeat a few times to // make sure // for (int i = 0; i != 500; i++) { eng.Init(true, privParameters); eng.Update(msg9[0]); eng.BlockUpdate(msg9, 1, msg9.Length - 1); data = eng.GenerateSignature(); eng.Init(false, pubParameters); eng.Update(msg9[0]); eng.BlockUpdate(msg9, 1, msg9.Length - 1); if (!eng.VerifySignature(data)) { Fail("failed ISO9796-2 verify Test 10"); } } }
public override void PerformTest() { { // === A.1. Test Case 1 - Basic test case with SHA-256 === IDigest hash = new Sha256Digest(); byte[] ikm = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); byte[] salt = Hex.Decode("000102030405060708090a0b0c"); byte[] info = Hex.Decode("f0f1f2f3f4f5f6f7f8f9"); int l = 42; byte[] okm = new byte[l]; HkdfParameters parameters = new HkdfParameters(ikm, salt, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); CompareOkm(1, okm, Hex.Decode( "3cb25f25faacd57a90434f64d0362f2a" + "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" + "34007208d5b887185865")); } // === A.2. Test Case 2 - Test with SHA-256 and longer inputs/outputs // === { IDigest hash = new Sha256Digest(); byte[] ikm = Hex.Decode("000102030405060708090a0b0c0d0e0f" + "101112131415161718191a1b1c1d1e1f" + "202122232425262728292a2b2c2d2e2f" + "303132333435363738393a3b3c3d3e3f" + "404142434445464748494a4b4c4d4e4f"); byte[] salt = Hex.Decode("606162636465666768696a6b6c6d6e6f" + "707172737475767778797a7b7c7d7e7f" + "808182838485868788898a8b8c8d8e8f" + "909192939495969798999a9b9c9d9e9f" + "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf"); byte[] info = Hex.Decode("b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf" + "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf" + "e0e1e2e3e4e5e6e7e8e9eaebecedeeef" + "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff"); int l = 82; byte[] okm = new byte[l]; HkdfParameters parameters = new HkdfParameters(ikm, salt, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); CompareOkm(2, okm, Hex.Decode( "b11e398dc80327a1c8e7f78c596a4934" + "4f012eda2d4efad8a050cc4c19afa97c" + "59045a99cac7827271cb41c65e590e09" + "da3275600c2f09b8367793a9aca3db71" + "cc30c58179ec3e87c14c01d5c1f3434f" + "1d87")); } { // === A.3. Test Case 3 - Test with SHA-256 and zero-length // salt/info === // setting salt to an empty byte array means that the salt is set to // HashLen zero valued bytes // setting info to null generates an empty byte array as info // structure IDigest hash = new Sha256Digest(); byte[] ikm = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); byte[] salt = new byte[0]; byte[] info = null; int l = 42; byte[] okm = new byte[l]; HkdfParameters parameters = new HkdfParameters(ikm, salt, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); CompareOkm(3, okm, Hex.Decode( "8da4e775a563c18f715f802a063c5a31" + "b8a11f5c5ee1879ec3454e5f3c738d2d" + "9d201395faa4b61a96c8")); } { // === A.4. Test Case 4 - Basic test case with SHA-1 === IDigest hash = new Sha1Digest(); byte[] ikm = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b"); byte[] salt = Hex.Decode("000102030405060708090a0b0c"); byte[] info = Hex.Decode("f0f1f2f3f4f5f6f7f8f9"); int l = 42; byte[] okm = new byte[l]; HkdfParameters parameters = new HkdfParameters(ikm, salt, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); CompareOkm(4, okm, Hex.Decode( "085a01ea1b10f36933068b56efa5ad81" + "a4f14b822f5b091568a9cdd4f155fda2" + "c22e422478d305f3f896")); } // === A.5. Test Case 5 - Test with SHA-1 and longer inputs/outputs === { IDigest hash = new Sha1Digest(); byte[] ikm = Hex.Decode("000102030405060708090a0b0c0d0e0f" + "101112131415161718191a1b1c1d1e1f" + "202122232425262728292a2b2c2d2e2f" + "303132333435363738393a3b3c3d3e3f" + "404142434445464748494a4b4c4d4e4f"); byte[] salt = Hex.Decode("606162636465666768696a6b6c6d6e6f" + "707172737475767778797a7b7c7d7e7f" + "808182838485868788898a8b8c8d8e8f" + "909192939495969798999a9b9c9d9e9f" + "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf"); byte[] info = Hex.Decode("b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf" + "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf" + "e0e1e2e3e4e5e6e7e8e9eaebecedeeef" + "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff"); int l = 82; byte[] okm = new byte[l]; HkdfParameters parameters = new HkdfParameters(ikm, salt, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); CompareOkm(5, okm, Hex.Decode( "0bd770a74d1160f7c9f12cd5912a06eb" + "ff6adcae899d92191fe4305673ba2ffe" + "8fa3f1a4e5ad79f3f334b3b202b2173c" + "486ea37ce3d397ed034c7f9dfeb15c5e" + "927336d0441f4c4300e2cff0d0900b52" + "d3b4")); } { // === A.6. Test Case 6 - Test with SHA-1 and zero-length salt/info // === // setting salt to null should generate a new salt of HashLen zero // valued bytes IDigest hash = new Sha1Digest(); byte[] ikm = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); byte[] salt = null; byte[] info = new byte[0]; int l = 42; byte[] okm = new byte[l]; HkdfParameters parameters = new HkdfParameters(ikm, salt, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); CompareOkm(6, okm, Hex.Decode( "0ac1af7002b3d761d1e55298da9d0506" + "b9ae52057220a306e07b6b87e8df21d0" + "ea00033de03984d34918")); } { // === A.7. Test Case 7 - Test with SHA-1, salt not provided, // zero-length info === // (salt defaults to HashLen zero octets) // this test is identical to test 6 in all ways bar the IKM value IDigest hash = new Sha1Digest(); byte[] ikm = Hex.Decode("0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c"); byte[] salt = null; byte[] info = new byte[0]; int l = 42; byte[] okm = new byte[l]; HkdfParameters parameters = new HkdfParameters(ikm, salt, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); CompareOkm(7, okm, Hex.Decode( "2c91117204d745f3500d636a62f64f0a" + "b3bae548aa53d423b0d1f27ebba6f5e5" + "673a081d70cce7acfc48")); } { // === A.101. Additional Test Case - Test with SHA-1, skipping extract // zero-length info === // (salt defaults to HashLen zero octets) // this test is identical to test 7 in all ways bar the IKM value // which is set to the PRK value IDigest hash = new Sha1Digest(); byte[] ikm = Hex.Decode("2adccada18779e7c2077ad2eb19d3f3e731385dd"); byte[] info = new byte[0]; int l = 42; byte[] okm = new byte[l]; HkdfParameters parameters = HkdfParameters.SkipExtractParameters(ikm, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); CompareOkm(101, okm, Hex.Decode( "2c91117204d745f3500d636a62f64f0a" + "b3bae548aa53d423b0d1f27ebba6f5e5" + "673a081d70cce7acfc48")); } { // === A.102. Additional Test Case - Test with SHA-1, maximum output === // (salt defaults to HashLen zero octets) // this test is identical to test 7 in all ways bar the IKM value IDigest hash = new Sha1Digest(); byte[] ikm = Hex.Decode("2adccada18779e7c2077ad2eb19d3f3e731385dd"); byte[] info = new byte[0]; int l = 255 * hash.GetDigestSize(); byte[] okm = new byte[l]; HkdfParameters parameters = HkdfParameters.SkipExtractParameters(ikm, info); HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); hkdf.Init(parameters); hkdf.GenerateBytes(okm, 0, l); int zeros = 0; for (int i = 0; i < hash.GetDigestSize(); i++) { if (okm[i] == 0) { zeros++; } } if (zeros == hash.GetDigestSize()) { Fail("HKDF failed generator test " + 102); } } }
private static byte[] GetDigest( SubjectPublicKeyInfo spki) { IDigest digest = new Sha1Digest(); byte[] resBuf = new byte[digest.GetDigestSize()]; byte[] bytes = spki.PublicKeyData.GetBytes(); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); return resBuf; }
public override void PerformTest() { IDigest digest = new Sha1Digest(); byte[] resBuf = new byte[digest.GetDigestSize()]; string resStr; // // test 1 // digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec1.Equals(resStr)) { Fail("failing standard vector test 1" + SimpleTest.NewLine + " expected: " + resVec1 + SimpleTest.NewLine + " got : " + resStr); } // // test 2 // byte[] bytes = Hex.Decode(testVec2); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec2.Equals(resStr)) { Fail("failing standard vector test 2" + SimpleTest.NewLine + " expected: " + resVec2 + SimpleTest.NewLine + " got : " + resStr); } // // test 3 // bytes = Hex.Decode(testVec3); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec3.Equals(resStr)) { Fail("failing standard vector test 3" + SimpleTest.NewLine + " expected: " + resVec3 + SimpleTest.NewLine + " got : " + resStr); } // // test 4 // bytes = Hex.Decode(testVec4); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec4.Equals(resStr)) { Fail("failing standard vector test 4" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr); } // // test 5 // bytes = Hex.Decode(testVec4); digest.BlockUpdate(bytes, 0, bytes.Length / 2); // clone the IDigest IDigest d = new Sha1Digest((Sha1Digest)digest); digest.BlockUpdate(bytes, bytes.Length / 2, bytes.Length - bytes.Length / 2); digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec4.Equals(resStr)) { Fail("failing standard vector test 5" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr); } d.BlockUpdate(bytes, bytes.Length / 2, bytes.Length - bytes.Length / 2); d.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec4.Equals(resStr)) { Fail("failing standard vector test 5" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr); } }
/// <summary> /// Calculate the restore code for an authenticator. This is taken from the last 10 bytes of a digest of the serial and secret key, /// which is then specially encoded to alphanumerics. /// </summary> /// <returns>restore code for authenticator (always 10 chars)</returns> private string BuildRestoreCode() { // return if not set if (string.IsNullOrEmpty(Serial) == true || SecretKey == null) { return string.Empty; } // get byte array of serial byte[] serialdata = Encoding.UTF8.GetBytes(Serial.ToUpper().Replace("-", string.Empty)); byte[] secretdata = SecretKey; // combine serial data and secret data byte[] combined = new byte[serialdata.Length + secretdata.Length]; Array.Copy(serialdata, 0, combined, 0, serialdata.Length); Array.Copy(secretdata, 0, combined, serialdata.Length, secretdata.Length); // create digest of combined data IDigest digest = new Sha1Digest(); digest.BlockUpdate(combined, 0, combined.Length); byte[] digestdata = new byte[digest.GetDigestSize()]; digest.DoFinal(digestdata, 0); // take last 10 chars of hash and convert each byte to our encoded string that doesn't use I,L,O,S StringBuilder code = new StringBuilder(); int startpos = digestdata.Length - 10; for (int i = 0; i < 10; i++) { code.Append(ConvertRestoreCodeByteToChar(digestdata[startpos + i])); } return code.ToString(); }
private byte[] SignDsa(byte[] buffer, int length) { var signer = new DsaSigner(); signer.Init(true, new ParametersWithRandom(PrivateKeyFactory.CreateKey(PrivateKey), _secureRandom)); var sha1 = new Sha1Digest(); sha1.BlockUpdate(buffer, 0, length); byte[] hash = new byte[sha1.GetDigestSize()]; sha1.DoFinal(hash, 0); var signature = signer.GenerateSignature(hash); byte[] res = new byte[41]; res[0] = PublicKey[0]; signature[0].ToByteArrayUnsigned().CopyTo(res, 1); signature[1].ToByteArrayUnsigned().CopyTo(res, 21); return res; }
public override string hash(string pw) { Sha1Digest digest = new Sha1Digest(); // 8 byte random salt byte[] salt = randomSalt(8); // Generate the hash of the password + salt byte[] password = Encoding.UTF8.GetBytes(pw); digest.BlockUpdate(password, 0, password.Length); digest.BlockUpdate(salt, 0, salt.Length); int digestSize = digest.GetDigestSize(); byte[] hashData = new byte[digestSize]; digest.DoFinal(hashData, 0); // Put the salt on the end of the hashed password + salt byte[] result = new byte[hashData.Length + salt.Length]; hashData.CopyTo(result, 0); salt.CopyTo(result, hashData.Length); // Return in base 64 return "{SSHA}" + Convert.ToBase64String(result); }
public override string hash(string pw) { Sha1Digest digest = new Sha1Digest(); byte[] password = Encoding.UTF8.GetBytes(pw); digest.BlockUpdate(password, 0, password.Length); int digestSize = digest.GetDigestSize(); byte[] hashData = new byte[digestSize]; digest.DoFinal(hashData, 0); return "{SHA}" + Convert.ToBase64String(hashData); }
public virtual void DoTest11() { BigInteger mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16); BigInteger pubExp = new BigInteger("65537", 10); BigInteger priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16); RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp); RsaKeyParameters privParameters = new RsaKeyParameters(true, mod, priExp); RsaEngine rsa = new RsaEngine(); byte[] data; byte[] m1 = { 1, 2, 3, 4, 5, 6, 7, 8, 9 }; byte[] m2 = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; byte[] m3 = { 1, 2, 3, 4, 5, 6, 7, 8 }; // // ISO 9796-2 - PSS Signing // IDigest dig = new Sha1Digest(); Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, dig, dig.GetDigestSize()); // // check message bounds // eng.Init(true, privParameters); eng.BlockUpdate(m1, 0, m1.Length); data = eng.GenerateSignature(); eng.Init(false, pubParameters); eng.BlockUpdate(m2, 0, m2.Length); if (eng.VerifySignature(data)) { Fail("failed ISO9796-2 m2 verify Test 11"); } eng.Init(false, pubParameters); eng.BlockUpdate(m3, 0, m3.Length); if (eng.VerifySignature(data)) { Fail("failed ISO9796-2 m3 verify Test 11"); } eng.Init(false, pubParameters); eng.BlockUpdate(m1, 0, m1.Length); if (!eng.VerifySignature(data)) { Fail("failed ISO9796-2 verify Test 11"); } }
private bool VerifyDsa(byte[] buffer, int length, byte[] signature) { int numberSize = 64 + PublicKey[0] * 8; DsaPublicKeyParameters parameters = new DsaPublicKeyParameters( new BigInteger(1, PublicKey, 21 + 2 * numberSize, numberSize), new DsaParameters( new BigInteger(1, PublicKey, 21, numberSize), new BigInteger(1, PublicKey, 1, 20), new BigInteger(1, PublicKey, 21 + numberSize, numberSize)) ); var dsa = new DsaSigner(); dsa.Init(false, parameters); var sha1 = new Sha1Digest(); sha1.BlockUpdate(buffer, 0, length); byte[] hash = new byte[sha1.GetDigestSize()]; sha1.DoFinal(hash, 0); return dsa.VerifySignature(hash, new BigInteger(1, signature, 1, 20), new BigInteger(1, signature, 21, 20)); }
static void Main(string[] args) { var assembly = Assembly.GetExecutingAssembly(); var title = (AssemblyTitleAttribute)Attribute.GetCustomAttribute(assembly, typeof(AssemblyTitleAttribute)); Console.WriteLine("{0} version {1}", title.Title, assembly.GetName().Version); var copyright = (AssemblyCopyrightAttribute)Attribute.GetCustomAttribute(assembly, typeof(AssemblyCopyrightAttribute)); Console.WriteLine(copyright.Copyright); Console.WriteLine("More information can be found at https://Jexus.codeplex.com"); Console.WriteLine(); var baseAddress = args.Length > 0 ? args[0] : "https://*****:*****@"Remote services must be run as root on Linux."); return; } if (!File.Exists("jws")) { Console.WriteLine(@"Remote services must be running in Jexus installation folder."); return; } var loc = baseAddress.LastIndexOf(':'); var port = "443"; if (loc != -1) { port = baseAddress.Substring(loc + 1); } string dirname = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData); string path = Path.Combine(dirname, ".mono", "httplistener"); if (false == Directory.Exists(path)) { Directory.CreateDirectory(path); } string target_cert = Path.Combine(path, string.Format("{0}.cer", port)); if (File.Exists(target_cert)) { Console.WriteLine("Use {0}", target_cert); } else { Console.WriteLine("Generating a self-signed certificate for Jexus Manager"); // Generate certificate string defaultIssuer = "CN=jexus.lextudio.com"; string defaultSubject = "CN=jexus.lextudio.com"; byte[] sn = Guid.NewGuid().ToByteArray(); string subject = defaultSubject; string issuer = defaultIssuer; DateTime notBefore = DateTime.Now; DateTime notAfter = new DateTime(643445675990000000); // 12/31/2039 23:59:59Z RSA issuerKey = new RSACryptoServiceProvider(2048); RSA subjectKey = null; bool selfSigned = true; string hashName = "SHA1"; CspParameters subjectParams = new CspParameters(); CspParameters issuerParams = new CspParameters(); BasicConstraintsExtension bce = new BasicConstraintsExtension { PathLenConstraint = BasicConstraintsExtension.NoPathLengthConstraint, CertificateAuthority = true }; ExtendedKeyUsageExtension eku = new ExtendedKeyUsageExtension(); eku.KeyPurpose.Add("1.3.6.1.5.5.7.3.1"); SubjectAltNameExtension alt = null; string p12file = Path.Combine(path, "temp.pfx"); string p12pwd = "test"; // serial number MUST be positive if ((sn[0] & 0x80) == 0x80) sn[0] -= 0x80; if (selfSigned) { if (subject != defaultSubject) { issuer = subject; issuerKey = subjectKey; } else { subject = issuer; subjectKey = issuerKey; } } if (subject == null) throw new Exception("Missing Subject Name"); X509CertificateBuilder cb = new X509CertificateBuilder(3); cb.SerialNumber = sn; cb.IssuerName = issuer; cb.NotBefore = notBefore; cb.NotAfter = notAfter; cb.SubjectName = subject; cb.SubjectPublicKey = subjectKey; // extensions if (bce != null) cb.Extensions.Add(bce); if (eku != null) cb.Extensions.Add(eku); if (alt != null) cb.Extensions.Add(alt); IDigest digest = new Sha1Digest(); byte[] resBuf = new byte[digest.GetDigestSize()]; var spki = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(DotNetUtilities.GetRsaPublicKey(issuerKey)); byte[] bytes = spki.PublicKeyData.GetBytes(); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); cb.Extensions.Add(new SubjectKeyIdentifierExtension { Identifier = resBuf }); cb.Extensions.Add(new AuthorityKeyIdentifierExtension { Identifier = resBuf }); // signature cb.Hash = hashName; byte[] rawcert = cb.Sign(issuerKey); PKCS12 p12 = new PKCS12(); p12.Password = p12pwd; ArrayList list = new ArrayList(); // we use a fixed array to avoid endianess issues // (in case some tools requires the ID to be 1). list.Add(new byte[4] { 1, 0, 0, 0 }); Hashtable attributes = new Hashtable(1); attributes.Add(PKCS9.localKeyId, list); p12.AddCertificate(new Mono.Security.X509.X509Certificate(rawcert), attributes); p12.AddPkcs8ShroudedKeyBag(subjectKey, attributes); p12.SaveToFile(p12file); var x509 = new System.Security.Cryptography.X509Certificates.X509Certificate2(p12file, p12pwd, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable); // Install certificate string target_pvk = Path.Combine(path, string.Format("{0}.pvk", port)); using (Stream cer = File.OpenWrite(target_cert)) { byte[] raw = x509.RawData; cer.Write(raw, 0, raw.Length); } PrivateKey pvk = new PrivateKey(); pvk.RSA = subjectKey; pvk.Save(target_pvk); } } JexusServer.Credentials = args.Length > 2 ? args[1] + "|" + args[2] : "jexus|lextudio.com"; JexusServer.Timeout = args.Length > 3 ? double.Parse(args[3]) : 30D; using (WebApp.Start<Startup>(url: baseAddress)) { Console.WriteLine("Remote services have started at {0}.", baseAddress); Console.WriteLine("Credentials is {0}", JexusServer.Credentials); Console.WriteLine("Press Enter to quit."); Console.ReadLine(); } }
public static ISigner GetSigner( string algorithm) { if (algorithm == null) throw new ArgumentNullException("algorithm"); algorithm = algorithm.ToUpper(CultureInfo.InvariantCulture); string mechanism = (string) algorithms[algorithm]; if (mechanism == null) mechanism = algorithm; if (mechanism.Equals("RSA")) { return (new RsaDigestSigner(new NullDigest())); } if (mechanism.Equals("MD2withRSA")) { return (new RsaDigestSigner(new MD2Digest())); } if (mechanism.Equals("MD4withRSA")) { return (new RsaDigestSigner(new MD4Digest())); } if (mechanism.Equals("MD5withRSA")) { return (new RsaDigestSigner(new MD5Digest())); } if (mechanism.Equals("SHA-1withRSA")) { return (new RsaDigestSigner(new Sha1Digest())); } if (mechanism.Equals("SHA-224withRSA")) { return (new RsaDigestSigner(new Sha224Digest())); } if (mechanism.Equals("SHA-256withRSA")) { return (new RsaDigestSigner(new Sha256Digest())); } if (mechanism.Equals("SHA-384withRSA")) { return (new RsaDigestSigner(new Sha384Digest())); } if (mechanism.Equals("SHA-512withRSA")) { return (new RsaDigestSigner(new Sha512Digest())); } if (mechanism.Equals("RIPEMD128withRSA")) { return (new RsaDigestSigner(new RipeMD128Digest())); } if (mechanism.Equals("RIPEMD160withRSA")) { return (new RsaDigestSigner(new RipeMD160Digest())); } if (mechanism.Equals("RIPEMD256withRSA")) { return (new RsaDigestSigner(new RipeMD256Digest())); } if (mechanism.Equals("RAWRSASSA-PSS")) { // TODO Add support for other parameter settings IDigest contentDigest = new NullDigest(); IDigest mgfDigest = new Sha1Digest(); int saltLen = mgfDigest.GetDigestSize(); return (new PssSigner(new RsaBlindedEngine(), contentDigest, mgfDigest, saltLen, PssSigner.TrailerImplicit)); } if (mechanism.Equals("PSSwithRSA")) { // TODO The Sha1Digest here is a default. In JCE version, the actual digest // to be used can be overridden by subsequent parameter settings. return (new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("SHA-1withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha512Digest())); } if (mechanism.Equals("NONEwithDSA")) { return (new DsaDigestSigner(new DsaSigner(), new NullDigest())); } if (mechanism.Equals("SHA-1withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha512Digest())); } if (mechanism.Equals("NONEwithECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new NullDigest())); } if (mechanism.Equals("SHA-1withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest())); } if (mechanism.Equals("RIPEMD160withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest())); } if (mechanism.Equals("SHA1WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA224WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA256WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA384WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA512WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha512Digest())); } if (mechanism.Equals("GOST3410")) { return new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()); } if (mechanism.Equals("ECGOST3410")) { return new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()); } if (mechanism.Equals("SHA1WITHRSA/ISO9796-2")) { return new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true); } if (mechanism.Equals("MD5WITHRSA/ISO9796-2")) { return new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true); } if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2")) { return new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true); } throw new SecurityUtilityException("Signer " + algorithm + " not recognised."); }
public static byte[] Digest(byte[] data, String algo) { if (algo == null) { throw new ArgumentNullException("El algoritmo de huella digital no puede ser nulo"); } if (data == null) { throw new ArgumentNullException("Los datos no pueden ser nulos"); } switch (algo) { /** * ALGORITMOS DE HASING */ case AOSignConstants.SIGN_ALGORITHM_SHA1: { Sha1Digest dig = new Sha1Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_SHA256: { Sha256Digest dig = new Sha256Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_SHA384: { Sha384Digest dig = new Sha384Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_SHA512: { Sha512Digest dig = new Sha512Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_RIPEMD160: { RipeMD160Digest dig = new RipeMD160Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_MD5: { MD5Digest dig = new MD5Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_MD2: { MD2Digest dig = new MD2Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } default: // You can use the default case. throw new ArgumentNullException("El algoritmo no es reconocido"); } throw new ArgumentNullException("Algoritmo de hash no soportado: " + algo); }
/// <summary> /// Hashes each component of the key hash with it's length first. /// </summary> /// <param name="size">The size.</param> /// <param name="components">The components.</param> /// <returns></returns> public static byte[] HashKeyLengthPrefix(int size, params byte[][] components) { var sha1 = new Sha1Digest(); foreach (var data in components) { byte[] length = GetBytes(data.Length); sha1.BlockUpdate(length, 0, length.Length); sha1.BlockUpdate(data, 0, data.Length); } var hash = new byte[sha1.GetDigestSize()]; sha1.DoFinal(hash, 0); sha1.Reset(); var outBytes = new byte[size]; Array.Copy(hash, 0, outBytes, 0, outBytes.Length); return outBytes; }