private byte[] GetDecryptionKey(string pin, VipNetContainer defence)
        {
            var passwordData = Encoding.ASCII.GetBytes(pin ?? "");

            if (DefenceKeyInfo.KeyClass.Value.IntValue == 64 && DefenceKeyInfo.KeyType.Value.IntValue == 24622)
            {
                // Контейнер зашифрован ключом, лежащим в ещё одном контейнере
                if (defence == null)
                {
                    throw new CryptographicException("Закрытый ключ зашифрован секретным ключом, расположенным в отдельном вспомогательном контейнере. Используйте опцию --defence");
                }
                return(defence.Entries[0].GetProtectionKey(pin));
            }
            if (DefenceKeyInfo.Algorithm != null &&
                DefenceKeyInfo.Algorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdPbkdf2))
            {
                // PBKDF2 используется в контейнерах ViPNet Jcrypto SDK
                // Самое смешное, что сам десктопный ViPNet CSP не понимает такие контейнеры
                // А мы понимаем!
                var p = Pbkdf2Params.GetInstance(DefenceKeyInfo.Algorithm.Parameters);
                return(PBKDF2(
                           MacUtilities.GetMac(p.Prf.Algorithm),
                           passwordData,
                           p.GetSalt(),
                           p.IterationCount.IntValue,
                           p.KeyLength.IntValue
                           ));
            }
            var digest        = new Gost3411Digest();
            var keyData       = new byte[digest.GetDigestSize()];
            var unwrappingKey = new byte[digest.GetDigestSize()];

            digest.BlockUpdate(passwordData, 0, passwordData.Length);
            digest.DoFinal(keyData, 0);
            digest.Reset();

            var secodeData = passwordData.Concat(keyData).ToArray();

            digest.BlockUpdate(secodeData, 0, secodeData.Length);
            digest.DoFinal(unwrappingKey, 0);

            var tmp = new int[keyData.Length / 4];

            for (int i = 0; i < keyData.Length; i += 4)
            {
                tmp[i / 4] = BitConverter.ToInt32(keyData, i) - BitConverter.ToInt32(unwrappingKey, i);
            }

            return(tmp.SelectMany(x => BitConverter.GetBytes(x)).ToArray());
        }
예제 #2
0
파일: Form1.cs 프로젝트: Oboltys/ECP
        public BigInteger GetDigest(byte[] message)
        {
            Gost3411Digest gost3411Digest = new Gost3411Digest();

            gost3411Digest.BlockUpdate(message, 0, message.Length);
            byte[] hashmessage = new byte[gost3411Digest.GetDigestSize()];
            gost3411Digest.DoFinal(hashmessage, 0);
            return(new BigInteger(hashmessage));
        }
예제 #3
0
        /**
         * Test Sign and Verify with test parameters
         * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
         * gostR3410-2001-TestParamSet  P.46
         */
        private void ecGOST3410_TestParam()
        {
            SecureRandom random = new SecureRandom();

            BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
            BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619");

            FpCurve curve = new FpCurve(
                mod_p,                                                                                           // p
                new BigInteger("7"),                                                                             // a
                new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b
                mod_q, BigInteger.One);

            ECDomainParameters parameters = new ECDomainParameters(
                curve,
                curve.CreatePoint(
                    new BigInteger("2"),                                                                             // x
                    new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y
                mod_q);

            ECKeyPairGenerator        pGen     = new ECKeyPairGenerator();
            ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
                parameters,
                random);

            pGen.Init(genParam);

            AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();

            ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);

            ECGost3410Signer ecgost3410 = new ECGost3410Signer();

            ecgost3410.Init(true, param);

            //get hash message using the digest GOST3411.
            byte[]         message  = Encoding.ASCII.GetBytes("Message for sign");
            Gost3411Digest gost3411 = new Gost3411Digest();

            gost3411.BlockUpdate(message, 0, message.Length);
            byte[] hashmessage = new byte[gost3411.GetDigestSize()];
            gost3411.DoFinal(hashmessage, 0);

            BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage);

            ecgost3410.Init(false, pair.Public);

            if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1]))
            {
                Fail("signature fails");
            }
        }
예제 #4
0
        private bool VerifyGost(byte[] buffer, int length, byte[] signature)
        {
            ECDomainParameters dParams = ECGost3410NamedCurves.GetByOid(CryptoProObjectIdentifiers.GostR3410x2001CryptoProA);

            byte[]  reversedPublicKey = PublicKey.Reverse().ToArray();
            ECPoint q = dParams.Curve.CreatePoint(new BigInteger(1, reversedPublicKey, 32, 32), new BigInteger(1, reversedPublicKey, 0, 32), false);
            ECPublicKeyParameters parameters = new ECPublicKeyParameters(q, dParams);

            var signer = new ECGost3410Signer();

            signer.Init(false, parameters);

            var digest = new Gost3411Digest();

            digest.BlockUpdate(buffer, 0, length);
            byte[] hash = new byte[digest.GetDigestSize()];
            digest.DoFinal(hash, 0);

            return(signer.VerifySignature(hash, new BigInteger(1, signature, 32, 32), new BigInteger(1, signature, 0, 32)));
        }
예제 #5
0
        private byte[] SignGost(byte[] buffer, int length)
        {
            ECGost3410Signer signer = new ECGost3410Signer();

            signer.Init(true, new ParametersWithRandom(PrivateKeyFactory.CreateKey(PrivateKey), _secureRandom));

            var digest = new Gost3411Digest();

            digest.BlockUpdate(buffer, 0, length);
            byte[] hash = new byte[digest.GetDigestSize()];
            digest.DoFinal(hash, 0);

            var signature = signer.GenerateSignature(hash);

            byte[] res = new byte[64];

            signature[0].ToByteArrayUnsigned().CopyTo(res, 32);
            signature[1].ToByteArrayUnsigned().CopyTo(res, 0);

            return(res);
        }
예제 #6
0
 public int GetDigestSize()
 {
     return(digest.GetDigestSize());
 }