internal static void ReadSubjectPublicKeyInfo(this DerSequenceReader keyInfo, ref ECParameters parameters) { // SubjectPublicKeyInfo::= SEQUENCE { // algorithm AlgorithmIdentifier, // subjectPublicKey BIT STRING } DerSequenceReader algorithm = keyInfo.ReadSequence(); string algorithmOid = algorithm.ReadOidAsString(); // EC Public Key if (algorithmOid != s_idEcPublicKey.Value) { throw new CryptographicException(); } if (algorithm.PeekTag() != (int)DerSequenceReader.DerTag.ObjectIdentifier) { throw new PlatformNotSupportedException(SR.Cryptography_ECC_NamedCurvesOnly); } parameters.Curve = ECCurve.CreateFromValue(algorithm.ReadOidAsString()); byte[] encodedPoint = keyInfo.ReadBitString(); ReadEncodedPoint(encodedPoint, ref parameters); // We don't care about the rest of the blob here, but it's expected to not exist. }
internal static void ReadSubjectPublicKeyInfo(this DerSequenceReader keyInfo, ref DSAParameters parameters) { // SubjectPublicKeyInfo::= SEQUENCE { // algorithm AlgorithmIdentifier, // subjectPublicKey BIT STRING } DerSequenceReader algorithm = keyInfo.ReadSequence(); string algorithmOid = algorithm.ReadOidAsString(); // EC Public Key if (algorithmOid != s_idDsa.Value) { throw new CryptographicException(); } // Dss-Parms ::= SEQUENCE { // p INTEGER, // q INTEGER, // g INTEGER // } DerSequenceReader algParameters = algorithm.ReadSequence(); byte[] publicKeyBlob = keyInfo.ReadBitString(); // We don't care about the rest of the blob here, but it's expected to not exist. ReadSubjectPublicKeyInfo(algParameters, publicKeyBlob, ref parameters); }
internal static void ReadPkcs8Blob(this DerSequenceReader reader, ref DSAParameters parameters) { // Since the PKCS#8 blob for DSS/DSA does not include the public key (Y) this // structure is only read after filling the public half. Debug.Assert(parameters.P != null); Debug.Assert(parameters.Q != null); Debug.Assert(parameters.G != null); Debug.Assert(parameters.Y != null); // OneAsymmetricKey ::= SEQUENCE { // version Version, // privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, // privateKey PrivateKey, // attributes [0] Attributes OPTIONAL, // ..., // [[2: publicKey [1] PublicKey OPTIONAL ]], // ... // } // // PrivateKeyInfo ::= OneAsymmetricKey // // PrivateKey ::= OCTET STRING int version = reader.ReadInteger(); // We understand both version 0 and 1 formats, // which are now known as v1 and v2, respectively. if (version > 1) { throw new CryptographicException(); } { // Ensure we're reading DSA, extract the parameters DerSequenceReader algorithm = reader.ReadSequence(); string algorithmOid = algorithm.ReadOidAsString(); if (algorithmOid != s_idDsa.Value) { throw new CryptographicException(); } // The Dss-Params SEQUENCE is present here, but not needed since // we got it from the public key already. } byte[] privateKeyBlob = reader.ReadOctetString(); DerSequenceReader privateKeyReader = DerSequenceReader.CreateForPayload(privateKeyBlob); parameters.X = privateKeyReader.ReadIntegerBytes(); }
internal static void ReadSubjectPublicKeyInfo(this DerSequenceReader keyInfo, ref RSAParameters parameters) { // SubjectPublicKeyInfo::= SEQUENCE { // algorithm AlgorithmIdentifier, // subjectPublicKey BIT STRING } DerSequenceReader algorithm = keyInfo.ReadSequence(); string algorithmOid = algorithm.ReadOidAsString(); if (algorithmOid != RsaOid) { throw new CryptographicException(); } byte[] subjectPublicKeyBytes = keyInfo.ReadBitString(); DerSequenceReader subjectPublicKey = new DerSequenceReader(subjectPublicKeyBytes); subjectPublicKey.ReadPkcs1PublicBlob(ref parameters); }
internal static void ReadPkcs8Blob(this DerSequenceReader reader, ref RSAParameters parameters) { // OneAsymmetricKey ::= SEQUENCE { // version Version, // privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, // privateKey PrivateKey, // attributes [0] Attributes OPTIONAL, // ..., // [[2: publicKey [1] PublicKey OPTIONAL ]], // ... // } // // PrivateKeyInfo ::= OneAsymmetricKey // // PrivateKey ::= OCTET STRING int version = reader.ReadInteger(); // We understand both version 0 and 1 formats, // which are now known as v1 and v2, respectively. if (version > 1) { throw new CryptographicException(); } { // Ensure we're reading RSA DerSequenceReader algorithm = reader.ReadSequence(); string algorithmOid = algorithm.ReadOidAsString(); if (algorithmOid != RsaOid) { throw new CryptographicException(); } } byte[] privateKeyBytes = reader.ReadOctetString(); // Because this was an RSA private key, the key format is PKCS#1. ReadPkcs1PrivateBlob(privateKeyBytes, ref parameters); // We don't care about the rest of the blob here, but it's expected to not exist. }
internal static void ReadPkcs8Blob(this DerSequenceReader reader, ref ECParameters parameters) { // OneAsymmetricKey ::= SEQUENCE { // version Version, // privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, // privateKey PrivateKey, // attributes [0] Attributes OPTIONAL, // ..., // [[2: publicKey [1] PublicKey OPTIONAL ]], // ... // } // // PrivateKeyInfo ::= OneAsymmetricKey // // PrivateKey ::= OCTET STRING int version = reader.ReadInteger(); // We understand both version 0 and 1 formats, // which are now known as v1 and v2, respectively. if (version > 1) { throw new CryptographicException(); } { // Ensure we're reading EC Public Key (well, Private, but the OID says Public) DerSequenceReader algorithm = reader.ReadSequence(); string algorithmOid = algorithm.ReadOidAsString(); if (algorithmOid != s_idEcPublicKey.Value) { throw new CryptographicException(); } } byte[] privateKeyBlob = reader.ReadOctetString(); try { // ECPrivateKey{CURVES:IOSet} ::= SEQUENCE { // version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), // privateKey OCTET STRING, // parameters [0] Parameters{{IOSet}} OPTIONAL, // publicKey [1] BIT STRING OPTIONAL // } DerSequenceReader keyReader = new DerSequenceReader(privateKeyBlob); version = keyReader.ReadInteger(); // We understand the version 1 format if (version > 1) { throw new CryptographicException(); } parameters.D = keyReader.ReadOctetString(); // Check for context specific 0 const byte ConstructedContextSpecific = DerSequenceReader.ContextSpecificTagFlag | DerSequenceReader.ConstructedFlag; const byte ConstructedContextSpecific0 = (ConstructedContextSpecific | 0); const byte ConstructedContextSpecific1 = (ConstructedContextSpecific | 1); if (keyReader.PeekTag() != ConstructedContextSpecific0) { throw new CryptographicException(); } // Parameters ::= CHOICE { // ecParameters ECParameters, // namedCurve CURVES.&id({ CurveNames}), // implicitlyCA NULL // } DerSequenceReader parametersReader = keyReader.ReadSequence(); if (parametersReader.PeekTag() != (int)DerSequenceReader.DerTag.ObjectIdentifier) { throw new PlatformNotSupportedException(SR.Cryptography_ECC_NamedCurvesOnly); } parameters.Curve = ECCurve.CreateFromValue(parametersReader.ReadOidAsString()); // Check for context specific 1 if (keyReader.PeekTag() != ConstructedContextSpecific1) { throw new CryptographicException(); } keyReader = keyReader.ReadSequence(); byte[] encodedPoint = keyReader.ReadBitString(); ReadEncodedPoint(encodedPoint, ref parameters); // We don't care about the rest of the blob here, but it's expected to not exist. } finally { Array.Clear(privateKeyBlob, 0, privateKeyBlob.Length); } }