public static SignatureAlgorithmDataRecordV2 FromSignatureAlgorithm(ISignatureAlgorithm signatureAlgorithm, SharedSecretEncryptionKey encryptionKey) { if (signatureAlgorithm == null) { throw new ArgumentNullException(nameof(signatureAlgorithm)); } switch (signatureAlgorithm) { case RSASignatureAlgorithm rsa: return(new SignatureAlgorithmDataRecordV2 { Type = rsa.Name, HashAlgorithm = rsa.HashAlgorithm.Name, Parameter = rsa.GetPublicKey().ToXml(), IsParameterEncrypted = false }); case ECDsaSignatureAlgorithm ecdsa: return(new SignatureAlgorithmDataRecordV2 { Type = ecdsa.Name, HashAlgorithm = ecdsa.HashAlgorithm.Name, Parameter = ecdsa.GetPublicKey().ToXml(), IsParameterEncrypted = false }); case HMACSignatureAlgorithm hmac: return(new SignatureAlgorithmDataRecordV2 { Type = hmac.Name, HashAlgorithm = hmac.HashAlgorithm.Name, Parameter = GetParameterWithEncryption(hmac, encryptionKey, out var isEncrypted), IsParameterEncrypted = isEncrypted });
public static SignatureAlgorithmDataRecord FromSignatureAlgorithm(ISignatureAlgorithm signatureAlgorithm) { if (signatureAlgorithm == null) { throw new ArgumentNullException(nameof(signatureAlgorithm)); } switch (signatureAlgorithm) { case RSASignatureAlgorithm rsa: return(new SignatureAlgorithmDataRecord { Type = rsa.Name, HashAlgorithm = rsa.HashAlgorithm.Name, Parameter = rsa.GetPublicKey().ToXml() }); case ECDsaSignatureAlgorithm ecdsa: return(new SignatureAlgorithmDataRecord { Type = ecdsa.Name, HashAlgorithm = ecdsa.HashAlgorithm.Name, Parameter = ecdsa.GetPublicKey().ToXml() }); case HMACSignatureAlgorithm hmac: return(new SignatureAlgorithmDataRecord { Type = hmac.Name, HashAlgorithm = hmac.HashAlgorithm.Name, Parameter = Encoding.UTF8.GetString(hmac.Key) }); default: throw new NotSupportedException($"The specified signature algorithm of type {signatureAlgorithm.GetType().Name} cannot be serialized."); } }
/// <summary> /// Create a new instance of the <see cref="Client"/> class. /// </summary> /// <param name="id">The identity of the client that can be looked up by the server.</param> /// <param name="name">The descriptive name of the client</param> /// <param name="signatureAlgorithm">The <see cref="Dalion.HttpMessageSigning.ISignatureAlgorithm"/> that is used to verify the signature.</param> /// <param name="nonceLifetime">The time span after which repeated nonce values are allowed again.</param> /// <param name="clockSkew">The clock skew to apply when validation a time.</param> /// <param name="claims">The additional claims that the validated principal will have upon successful signature verification.</param> public Client(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, TimeSpan nonceLifetime, TimeSpan clockSkew, params Claim[] claims) { if (id == KeyId.Empty) { throw new ArgumentException("Value cannot be null or empty.", nameof(id)); } if (string.IsNullOrEmpty(name)) { throw new ArgumentException("Value cannot be null or empty.", nameof(name)); } if (nonceLifetime <= TimeSpan.Zero) { throw new ArgumentOutOfRangeException(nameof(nonceLifetime), nonceLifetime, "The specified nonce expiration time span is invalid"); } if (clockSkew <= TimeSpan.Zero) { throw new ArgumentOutOfRangeException(nameof(clockSkew), clockSkew, "The specified clock skew time span is invalid"); } NonceLifetime = nonceLifetime; ClockSkew = clockSkew; Claims = claims ?? Array.Empty <Claim>(); Id = id; Name = name; SignatureAlgorithm = signatureAlgorithm ?? throw new ArgumentNullException(nameof(signatureAlgorithm)); }
/// <summary> /// Create a new instance of the <see cref="Client" /> class, with the specified options. /// </summary> /// <param name="id">The identity of the client that can be looked up by the server.</param> /// <param name="name">The descriptive name of the client.</param> /// <param name="signatureAlgorithm">The <see cref="Dalion.HttpMessageSigning.ISignatureAlgorithm" /> that is used to verify the signature.</param> /// <param name="configure">A delegate that allows configuring additional options for the new instance. Pass <see langword="null" /> to use the default options.</param> /// <returns>The newly created <see cref="Client" /> instance.</returns> public static Client Create(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, Action <ClientOptions> configure = null) { var options = new ClientOptions(); configure?.Invoke(options); return(new Client(id, name, signatureAlgorithm, options)); }
public RegisteredSigningSettingsTests() { _keyId = new KeyId("abc123"); _signatureAlgorithm = A.Fake <ISignatureAlgorithm>(); _signingSettings = new SigningSettings { KeyId = _keyId, SignatureAlgorithm = _signatureAlgorithm }; _sut = new RegisteredSigningSettings(_keyId, _signingSettings); }
private void LoadKey() { if (_keyStore == KeyStorage.Nomad) { _signatureAlgorithm = new RsaSignatureAlgorithm(File.ReadAllText(_issuerXmlPath)); } else if (_keyStore == KeyStorage.PKI) { _signatureAlgorithm = new PkiSignatureAlgorithm(File.ReadAllBytes(_issuerXmlPath), _keyPassword); } }
/// <summary> /// Generate certificate signing request. /// </summary> /// <param name="signatureAlgorithm">Signature algorithm.</param> /// <param name="keyPair">Asymmetric key pair.</param> /// <param name="dn">Distinct name.</param> /// <param name="extensions">Extensions.</param> /// <returns></returns> /// <exception cref="Exception"/> public static Pkcs10CertificationRequest GenerateCsr(ISignatureAlgorithm signatureAlgorithm, AsymmetricCipherKeyPair keyPair, X509Name dn, X509Extensions extensions) { if (signatureAlgorithm is null) { throw new ArgumentNullException(nameof(signatureAlgorithm)); } string id = signatureAlgorithm.X509 is null ? signatureAlgorithm.Mechanism : signatureAlgorithm.X509.Id; return(GenerateCsr(id, keyPair, dn, extensions)); }
internal static bool ShouldIncludeDateHeader(this ISignatureAlgorithm signatureAlgorithm) { if (signatureAlgorithm == null) { throw new ArgumentNullException(nameof(signatureAlgorithm)); } var signatureAlgorithmString = signatureAlgorithm.Name.ToLowerInvariant(); return(signatureAlgorithmString.StartsWith("rsa", StringComparison.Ordinal) || signatureAlgorithmString.StartsWith("hmac", StringComparison.Ordinal) || signatureAlgorithmString.StartsWith("ecdsa", StringComparison.Ordinal)); }
public SignatureService( ISignatureWriteRepository signatureWriteRepository, ISignatureReadRepository signatureReadRepository, IArticleReadRepository articleReadRepository, IArticleWriteRepository articleWriteRepository, ISignatureAlgorithm signatureAlgorithm ) { this.signatureWriteRepository = signatureWriteRepository; this.articleReadRepository = articleReadRepository; this.signatureReadRepository = signatureReadRepository; this.articleWriteRepository = articleWriteRepository; this.signatureAlgorithm = signatureAlgorithm; }
/// <summary> /// Generate issuer self signed certificate. /// </summary> /// <param name="signatureAlgorithm">Signature algorithm.</param> /// <param name="keyPair">The asymmetric key pair of issuer.</param> /// <param name="dn">The distinct name of issuer.</param> /// <param name="extensions">Extensions of issuer.</param> /// <param name="start">Start time.</param> /// <param name="days">The valid days from the start time.</param> /// <returns></returns> /// <exception cref="Exception"/> public static X509Certificate GenerateIssuerCert(ISignatureAlgorithm signatureAlgorithm, AsymmetricCipherKeyPair keyPair, X509Name dn, X509Extensions extensions, DateTime start, int days) { if (signatureAlgorithm is null) { throw new ArgumentNullException(nameof(signatureAlgorithm)); } string id = signatureAlgorithm.X509 is null ? signatureAlgorithm.Mechanism : signatureAlgorithm.X509.Id; return(GenerateIssuerCert(id, keyPair, dn, extensions, start, days)); }
/// <summary> /// Create a new instance of the <see cref="Client" /> class. /// </summary> /// <param name="id">The identity of the client that can be looked up by the server.</param> /// <param name="name">The descriptive name of the client</param> /// <param name="signatureAlgorithm">The <see cref="Dalion.HttpMessageSigning.ISignatureAlgorithm" /> that is used to verify the signature.</param> /// <param name="options">The options to apply during creation of the new <see cref="Client" /> instance.</param> public Client(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, ClientOptions options) { if (id == KeyId.Empty) { throw new ArgumentException("Value cannot be null or empty.", nameof(id)); } if (string.IsNullOrEmpty(name)) { throw new ArgumentException("Value cannot be null or empty.", nameof(name)); } _options = options ?? throw new ArgumentNullException(nameof(options)); _options.Validate(); Id = id; Name = name; SignatureAlgorithm = signatureAlgorithm ?? throw new ArgumentNullException(nameof(signatureAlgorithm)); }
/// <summary> /// Create a new instance of the <see cref="Client" /> class. /// </summary> /// <param name="id">The identity of the client that can be looked up by the server.</param> /// <param name="name">The descriptive name of the client</param> /// <param name="signatureAlgorithm">The <see cref="Dalion.HttpMessageSigning.ISignatureAlgorithm" /> that is used to verify the signature.</param> /// <param name="nonceLifetime">The time span after which repeated nonce values are allowed again.</param> /// <param name="clockSkew">The clock skew to allow when validation a time.</param> /// <param name="claims">The additional claims that the validated principal will have upon successful signature verification.</param> /// <param name="requestTargetEscaping">The method of escaping the value of the (request-target) pseudo-header.</param> public Client( KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, TimeSpan nonceLifetime, TimeSpan clockSkew, RequestTargetEscaping requestTargetEscaping, params Claim[] claims) : this(id, name, signatureAlgorithm, new ClientOptions { RequestTargetEscaping = requestTargetEscaping, NonceLifetime = nonceLifetime, ClockSkew = clockSkew, Claims = claims }) { }
/// <summary> /// Generate subject certificate. /// </summary> /// <param name="signatureAlgorithm">Signature algorithm.</param> /// <param name="issuerPrivateKey">The asymmetric private key of issuer.</param> /// <param name="issuerCert">The certificate of issuer.</param> /// <param name="subjectPublicKey">The asymmetric public key of subject.</param> /// <param name="subjectDN">The distinct name of subject.</param> /// <param name="subjectExtensions">Extensions of subject.</param> /// <param name="start">Start time.</param> /// <param name="days">The valid days from the start time.</param> /// <returns></returns> /// <exception cref="Exception"/> public static X509Certificate GenerateSubjectCert(ISignatureAlgorithm signatureAlgorithm, AsymmetricKeyParameter issuerPrivateKey, X509Certificate issuerCert, AsymmetricKeyParameter subjectPublicKey, X509Name subjectDN, X509Extensions subjectExtensions, DateTime start, int days) { if (signatureAlgorithm is null) { throw new ArgumentNullException(nameof(signatureAlgorithm)); } string id = signatureAlgorithm.X509 is null ? signatureAlgorithm.Mechanism : signatureAlgorithm.X509.Id; return(GenerateSubjectCert(id, issuerPrivateKey, issuerCert, subjectPublicKey, subjectDN, subjectExtensions, start, days)); }
public HeaderName[] ProvideDefaultHeaders(ISignatureAlgorithm signatureAlgorithm) { var list = new List <HeaderName> { HeaderName.PredefinedHeaderNames.RequestTarget }; if (signatureAlgorithm.ShouldIncludeDateHeader()) { list.Add(HeaderName.PredefinedHeaderNames.Date); } if (signatureAlgorithm.ShouldIncludeCreatedHeader()) { list.Add(HeaderName.PredefinedHeaderNames.Created); } if (signatureAlgorithm.ShouldIncludeExpiresHeader()) { list.Add(HeaderName.PredefinedHeaderNames.Expires); } return(list.ToArray()); }
public IEnumerable<SignedFile> GetSignedFiles(string directory, ISignatureAlgorithm signatureAlgorithm) { string[] files = Directory.GetFiles(directory, "*", SearchOption.AllDirectories); IEnumerable<SignedFile> signedFiles = from file in files select new SignedFile { FilePath = file.Substring( directory. Length), Signature = signatureAlgorithm.Sign( File.ReadAllBytes(file)) }; return signedFiles; }
private static void BuildClientUnit(out Pkcs10CertificationRequest clientCsr) { ISignatureAlgorithm algorithm = SignatureAlgorithmHelper.GOST3411withECGOST3410; AsymmetricCipherKeyPair keyPair = algorithm.GenerateKeyPair(); Tuple <X509NameLabel, string>[] names = new Tuple <X509NameLabel, string>[] { new Tuple <X509NameLabel, string>(X509NameLabel.C, "CN"), new Tuple <X509NameLabel, string>(X509NameLabel.CN, "LH.Net.Sockets TEST TCP Client") }; X509Name dn = X509Helper.GenerateX509Name(names); Tuple <X509ExtensionLabel, bool, Asn1Encodable>[] exts = new Tuple <X509ExtensionLabel, bool, Asn1Encodable>[] { new Tuple <X509ExtensionLabel, bool, Asn1Encodable>(X509ExtensionLabel.BasicConstraints, true, new BasicConstraints(false)), new Tuple <X509ExtensionLabel, bool, Asn1Encodable>(X509ExtensionLabel.KeyUsage, true, new KeyUsage(KeyUsage.KeyCertSign | KeyUsage.CrlSign)) }; X509Extensions extensions = X509Helper.GenerateX509Extensions(exts); clientCsr = X509Helper.GenerateCsr(algorithm, keyPair, dn, extensions); }
public IEnumerable <SignedFile> GetSignedFiles(string directory, ISignatureAlgorithm signatureAlgorithm) { string[] files = Directory.GetFiles(directory, "*", SearchOption.AllDirectories); IEnumerable <SignedFile> signedFiles = from file in files select new SignedFile { FilePath = file.Substring( directory. Length), Signature = signatureAlgorithm.Sign( File.ReadAllBytes(file)) }; return(signedFiles); }
public SignatureAlgorithmDataRecord FromSignatureAlgorithm(ISignatureAlgorithm signatureAlgorithm, SharedSecretEncryptionKey encryptionKey) { if (signatureAlgorithm == null) { throw new ArgumentNullException(nameof(signatureAlgorithm)); } switch (signatureAlgorithm) { case RSASignatureAlgorithm rsa: return(new SignatureAlgorithmDataRecord { Type = rsa.Name, Hash = rsa.HashAlgorithm.Name, Param = rsa.GetPublicKey().ToXml(), Encrypted = false }); case ECDsaSignatureAlgorithm ecdsa: return(new SignatureAlgorithmDataRecord { Type = ecdsa.Name, Hash = ecdsa.HashAlgorithm.Name, Param = ecdsa.GetPublicKey().ToXml(), Encrypted = false }); case HMACSignatureAlgorithm hmac: var paramValue = GetParameterWithEncryption(hmac, encryptionKey, out var isEncrypted); var xmlString = new XElement("Secret", paramValue).ToString(); return(new SignatureAlgorithmDataRecord { Type = hmac.Name, Hash = hmac.HashAlgorithm.Name, Param = xmlString, Encrypted = isEncrypted }); default: throw new NotSupportedException($"The specified signature algorithm of type {signatureAlgorithm.GetType().Name} cannot be serialized."); } }
private static void XTest(ISignatureAlgorithm algorithm, ISigner signer, ISigner verifier, byte[] test) { signer.BlockUpdate(test, 0, test.Length); byte[] signature = signer.GenerateSignature(); verifier.BlockUpdate(test, 0, test.Length); bool diff = !verifier.VerifySignature(signature); // string id = algorithm.X509 is null ? string.Empty : algorithm.X509.Id; Console.Write("{0}{1}{2} ", algorithm.Mechanism.PadRight(32), signer.AlgorithmName.PadRight(32), id.PadRight(32)); if (diff) { Console.ForegroundColor = ConsoleColor.Cyan; Console.WriteLine("diff"); _diff++; Console.ResetColor(); } else { Console.WriteLine("same"); } }
public void SetSignatureAlgorithm(ClientDataRecord dataRecord, ISignatureAlgorithm signatureAlgorithm, SharedSecretEncryptionKey encryptionKey) { if (dataRecord == null) { throw new ArgumentNullException(nameof(dataRecord)); } if (signatureAlgorithm == null) { throw new ArgumentNullException(nameof(signatureAlgorithm)); } switch (signatureAlgorithm) { case RSASignatureAlgorithm rsa: dataRecord.SigType = rsa.Name; dataRecord.SigHashAlgorithm = rsa.HashAlgorithm.Name; dataRecord.SigParameter = rsa.GetPublicKey().ToXml(); dataRecord.IsSigParameterEncrypted = false; break; case ECDsaSignatureAlgorithm ecdsa: dataRecord.SigType = ecdsa.Name; dataRecord.SigHashAlgorithm = ecdsa.HashAlgorithm.Name; dataRecord.SigParameter = ecdsa.GetPublicKey().ToXml(); dataRecord.IsSigParameterEncrypted = false; break; case HMACSignatureAlgorithm hmac: dataRecord.SigType = hmac.Name; dataRecord.SigHashAlgorithm = hmac.HashAlgorithm.Name; dataRecord.SigParameter = GetParameterWithEncryption(hmac, encryptionKey, out var isEncrypted); dataRecord.IsSigParameterEncrypted = isEncrypted; break; default: throw new NotSupportedException($"The specified signature algorithm of type {signatureAlgorithm.GetType().Name} cannot be serialized."); } }
public Client(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, params Claim[] claims) : this(id, name, signatureAlgorithm, new ClientOptions { Claims = claims }) { }
public InheritedClient(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, TimeSpan nonceLifetime) : base(id, name, signatureAlgorithm, TimeSpan.FromMinutes(1)) { }
/// <summary> /// Try get algorithm from mechanism. /// </summary> /// <param name="mechanism">Algorithm mechanism.</param> /// <param name="algorithm">Algorithm.</param> /// <returns></returns> public static bool TryGetAlgorithm(string mechanism, out ISignatureAlgorithm algorithm) { mechanism = mechanism.Replace('_', '-').ToUpperInvariant(); switch (mechanism) { case "SHA1WITHCVC-ECDSA": case "SHA-1WITHCVC-ECDSA": algorithm = SHA1withCVC_ECDSA; return(true); case "SHA224WITHCVC-ECDSA": case "SHA-224WITHCVC-ECDSA": algorithm = SHA224withCVC_ECDSA; return(true); case "SHA256WITHCVC-ECDSA": case "SHA-256WITHCVC-ECDSA": algorithm = SHA256withCVC_ECDSA; return(true); case "SHA384WITHCVC-ECDSA": case "SHA-384WITHCVC-ECDSA": algorithm = SHA384withCVC_ECDSA; return(true); case "SHA512WITHCVC-ECDSA": case "SHA-512WITHCVC-ECDSA": algorithm = SHA512withCVC_ECDSA; return(true); case "ED25519": algorithm = new Ed25519(); return(true); case "ED25519CTX": algorithm = new Ed25519ctx(); return(true); case "ED25519PH": algorithm = new Ed25519ph(); return(true); case "ED448": algorithm = new Ed448(); return(true); case "ED448PH": algorithm = new Ed448ph(); return(true); case "GOST3411WITHECGOST3410": case "ECGOST3410": case "ECGOST3410-2001": case "ECGOST-3410": case "ECGOST-3410-2001": algorithm = GOST3411withECGOST3410; return(true); case "GOST3411WITHGOST3410": case "GOST3410": case "GOST3410-94": case "GOST-3410": case "GOST-3410-94": algorithm = GOST3411withGOST3410; return(true); case "RIPEMD160WITHPLAIN-ECDSA": case "RIPEMD-160WITHPLAIN-ECDSA": algorithm = RIPEMD160withPLAIN_ECDSA; return(true); case "SHA1WITHPLAIN-ECDSA": case "SHA-1WITHPLAIN-ECDSA": algorithm = SHA1withPLAIN_ECDSA; return(true); case "SHA224WITHPLAIN-ECDSA": case "SHA-224WITHPLAIN-ECDSA": algorithm = SHA224withPLAIN_ECDSA; return(true); case "SHA256WITHPLAIN-ECDSA": case "SHA-256WITHPLAIN-ECDSA": algorithm = SHA256withPLAIN_ECDSA; return(true); case "SHA384WITHPLAIN-ECDSA": case "SHA-384WITHPLAIN-ECDSA": algorithm = SHA384withPLAIN_ECDSA; return(true); case "SHA512WITHPLAIN-ECDSA": case "SHA-512WITHPLAIN-ECDSA": algorithm = SHA512withPLAIN_ECDSA; return(true); case "PSSWITHRSA": algorithm = PSSwithRSA; return(true); case "SHA1WITHDSA": case "SHA-1WITHDSA": algorithm = SHA1withDSA; return(true); case "SHA224WITHDSA": case "SHA-224WITHDSA": algorithm = SHA224withDSA; return(true); case "SHA256WITHDSA": case "SHA-256WITHDSA": algorithm = SHA256withDSA; return(true); case "SHA384WITHDSA": case "SHA-384WITHDSA": algorithm = SHA384withDSA; return(true); case "SHA512WITHDSA": case "SHA-512WITHDSA": algorithm = SHA512withDSA; return(true); case "SHA3-224WITHDSA": case "SHA-3-224WITHDSA": algorithm = SHA3_224withDSA; return(true); case "SHA3-256WITHDSA": case "SHA-3-256WITHDSA": algorithm = SHA3_256withDSA; return(true); case "SHA3-384WITHDSA": case "SHA-3-384WITHDSA": algorithm = SHA3_384withDSA; return(true); case "SHA3-512WITHDSA": case "SHA-3-512WITHDSA": algorithm = SHA3_512withDSA; return(true); case "SHA1WITHECDSA": case "SHA-1WITHECDSA": algorithm = SHA1withECDSA; return(true); case "SHA224WITHECDSA": case "SHA-224WITHECDSA": algorithm = SHA224withECDSA; return(true); case "SHA256WITHECDSA": case "SHA-256WITHECDSA": algorithm = SHA256withECDSA; return(true); case "SHA384WITHECDSA": case "SHA-384WITHECDSA": algorithm = SHA384withECDSA; return(true); case "SHA512WITHECDSA": case "SHA-512WITHECDSA": algorithm = SHA512withECDSA; return(true); case "SHA3-224WITHECDSA": case "SHA-3-224WITHECDSA": algorithm = SHA3_224withECDSA; return(true); case "SHA3-256WITHECDSA": case "SHA-3-256WITHECDSA": algorithm = SHA3_256withECDSA; return(true); case "SHA3-384WITHECDSA": case "SHA-3-384WITHECDSA": algorithm = SHA3_384withECDSA; return(true); case "SHA3-512WITHECDSA": case "SHA-3-512WITHECDSA": algorithm = SHA3_512withECDSA; return(true); case "MD2WITHRSA": algorithm = MD2withRSA; return(true); case "MD5WITHRSA": algorithm = MD5withRSA; return(true); case "RIPEMD128WITHRSA": case "RIPEMD-128WITHRSA": algorithm = RIPEMD128withRSA; return(true); case "RIPEMD160WITHRSA": case "RIPEMD-160WITHRSA": algorithm = RIPEMD160withRSA; return(true); case "RIPEMD256WITHRSA": case "RIPEMD-256WITHRSA": algorithm = RIPEMD256withRSA; return(true); case "SHA1WITHRSA": case "SHA-1WITHRSA": algorithm = SHA1withRSA; return(true); case "SHA224WITHRSA": case "SHA-224WITHRSA": algorithm = SHA224withRSA; return(true); case "SHA256WITHRSA": case "SHA-256WITHRSA": algorithm = SHA256withRSA; return(true); case "SHA384WITHRSA": case "SHA-384WITHRSA": algorithm = SHA384withRSA; return(true); case "SHA512WITHRSA": case "SHA-512WITHRSA": algorithm = SHA512withRSA; return(true); case "SHA3-224WITHRSA": case "SHA-3-224WITHRSA": algorithm = SHA3_224withRSA; return(true); case "SHA3-256WITHRSA": case "SHA-3-256WITHRSA": algorithm = SHA3_256withRSA; return(true); case "SHA3-384WITHRSA": case "SHA-3-384WITHRSA": algorithm = SHA3_384withRSA; return(true); case "SHA3-512WITHRSA": case "SHA-3-512WITHRSA": algorithm = SHA3_512withRSA; return(true); case "SHA1WITHRSAANDMGF1": case "SHA-1WITHRSAANDMGF1": algorithm = PSSwithRSA; return(true); case "SHA256WITHSM2": case "SHA-256WITHSM2": algorithm = SHA256withSM2; return(true); case "SM3WITHSM2": algorithm = SM3withSM2; return(true); default: break; } string prefix; string suffix; int index = mechanism.IndexOf("WITH"); if (index >= 0) { prefix = mechanism.Substring(0, index); suffix = mechanism.Substring(index + 4, mechanism.Length - index - 4); } else { prefix = string.Empty; suffix = mechanism; } if (suffix == "ELGAMAL") { algorithm = null; return(false); } if (HashAlgorithmHelper.TryGetAlgorithm(prefix, out IHashAlgorithm hashAlgorithm)) { switch (suffix) { case "CVC-ECDSA": algorithm = new CVC_ECDSA(hashAlgorithm); return(true); case "DSA": algorithm = new DSA(hashAlgorithm); return(true); case "ECDSA": algorithm = new ECDSA(hashAlgorithm); return(true); case "ECGOST3410": case "ECGOST3410-2001": case "ECGOST-3410": case "ECGOST-3410-2001": algorithm = new ECGOST3410(hashAlgorithm); return(true); case "ECNR": algorithm = new ECNR(hashAlgorithm); return(true); case "GOST3410": case "GOST3410-94": case "GOST-3410": case "GOST-3410-94": algorithm = new GOST3410(hashAlgorithm); return(true); case "PLAIN-ECDSA": algorithm = new PLAIN_ECDSA(hashAlgorithm); return(true); case "RSA": algorithm = new RSA(hashAlgorithm); return(true); case "ISO9796-2": case "RSA/ISO9796-2": case "RSAANDISO9796-2": algorithm = new RSAandISO9796_2(hashAlgorithm); return(true); case "RSAANDMGF1": algorithm = new RSAandMGF1(hashAlgorithm); return(true); case "RSA/X9.31": case "RSA/X931": case "RSAANDX931": case "RSAANDX9.31": algorithm = new RSAandX931(hashAlgorithm); return(true); case "SM2": algorithm = new SM2(hashAlgorithm); return(true); default: break; } } algorithm = null; return(false); }
public Client(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, TimeSpan nonceLifetime, params Claim[] claims) : this(id, name, signatureAlgorithm, nonceLifetime, DefaultClockSkew, claims) { }
public void SetUp() { _signer = new RsaSignatureAlgorithm(_keys); _verifier = new RsaSignatureAlgorithm(_publicKey); }
/// <summary> /// Creates instance of IssuerInformation using specified <see cref="ISignatureAlgorithm"/> and Issuername /// </summary> /// <param name="issuerName">Name of issuer. Suggested FQDN.</param> /// <param name="issuerAlgorithm">Algorithm issuer use to sign files</param> public IssuerInformation(string issuerName, ISignatureAlgorithm issuerAlgorithm) { IssuerName = issuerName; IssuerAlgorithm = issuerAlgorithm; }
/// <summary> /// Initializes <see cref="SignatureProvider"/> with default algorithm /// </summary> /// <param name="defaultSignatureAlgorithm">When no algorithm for issuer specified, check with provided one</param> public SignatureProvider(ISignatureAlgorithm defaultSignatureAlgorithm) { _defaultSignatureAlgorithm = defaultSignatureAlgorithm; }
public Dispose() { _signatureAlgorithm = A.Fake <ISignatureAlgorithm>(); _signingSettings.SignatureAlgorithm = _signatureAlgorithm; }
public Client(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, TimeSpan nonceLifetime, params Claim[] claims) : this(id, name, signatureAlgorithm, new ClientOptions { NonceLifetime = nonceLifetime, Claims = claims }) { }
/// <summary> /// Creates instance of IssuerInformation using specified <see cref="ISignatureAlgorithm"/> and Issuername /// </summary> /// <param name="issuerName">Name of issuer. Suggested FQDN.</param> /// <param name="issuerAlgorithm">Algorithm issuer use to sign files</param> public IssuerInformation(string issuerName, ISignatureAlgorithm issuerAlgorithm) { IssuerName = issuerName; IssuerAlgorithm = issuerAlgorithm; }
public Client(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, params Claim[] claims) : this(id, name, signatureAlgorithm, DefaultNonceLifetime, claims) { }
public IHttpMessageSigningBuilder UseSignatureAlgorithm(ISignatureAlgorithm signatureAlgorithm) { _signingSettings.SignatureAlgorithm = signatureAlgorithm ?? throw new ArgumentNullException(nameof(signatureAlgorithm)); return(this); }
/// <summary> /// Initializes <see cref="SignatureProvider"/> with default algorithm /// </summary> /// <param name="defaultSignatureAlgorithm">When no algorithm for issuer specified, check with provided one</param> public SignatureProvider(ISignatureAlgorithm defaultSignatureAlgorithm) { _defaultSignatureAlgorithm = defaultSignatureAlgorithm; }
public InheritedClient(KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, TimeSpan nonceLifetime, TimeSpan clockSkew) : base(id, name, signatureAlgorithm, nonceLifetime, clockSkew) { }