/// <summary> /// Gets the verifying stream. /// </summary> /// <returns></returns> public VerifyingStream GetVerifyingStream(KeyczarBase keyczar) { var hmac = new HMac(new Sha1Digest()); hmac.Init(new KeyParameter(HmacKeyBytes)); return(new HmacStream(hmac, HashLength)); }
/// <summary> /// Gets the verifying stream. /// </summary> /// <returns></returns> public VerifyingStream GetVerifyingStream(KeyczarBase keyczar) { IDigest digest; if (Digest == DigestAlg.Sha256) { digest = new Sha256Digest(); } else if (Digest == DigestAlg.Sha384) { digest = new Sha384Digest(); } else if (Digest == DigestAlg.Sha512) { digest = new Sha512Digest(); } else { throw new InvalidKeyTypeException($"Unsupported digest type :{Digest}"); } var hmac = new HMac(digest); hmac.Init(new KeyParameter(HmacKeyBytes)); return(new HmacStream(hmac, HashLength)); }
/// <summary> /// Gets the verifying stream. /// </summary> /// <returns></returns> public VerifyingStream GetVerifyingStream(KeyczarBase keyczar) { var signer = GetSigner(); signer.Init(forSigning: false, parameters: new RsaKeyParameters(false, Modulus.ToBouncyBigInteger(), PublicExponent.ToBouncyBigInteger())); return(new DigestStream(signer, Size / 8)); }
/// <summary> /// Gets the decrypting stream. /// </summary> /// <param name="output">The output.</param> /// <returns></returns> public FinishingStream GetDecryptingStream(Stream output, KeyczarBase keyczar) => new SymmetricAeadStream( GetMode(), output, new byte[IVLength], TagLength, (nonce, cipher, additionalData, encrypt) => cipher.Init(encrypt, new AeadParameters(GetKeyParameters(), TagLength * 8, nonce, additionalData)), encrypt: false );
/// <summary> /// Gets the decrypting stream. /// </summary> /// <param name="output">The output.</param> /// <returns></returns> public virtual FinishingStream GetDecryptingStream(Stream output, KeyczarBase keyczar) { return(new SymmetricStream( new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()), new Pkcs7Padding()), output, new byte[BlockLength], HmacKey.HashLength, (iv, cipher, encrypt) => cipher.Init(forEncryption: encrypt, parameters: new ParametersWithIV(new KeyParameter(AesKeyBytes), iv)), encrypt: false)); }
/// <summary> /// Gets the signing stream. /// </summary> /// <returns></returns> public HashingStream GetSigningStream(KeyczarBase keyczar) { var digest = PublicKey.GetDigest(); var signer = new DsaDigestSigner(new DsaSigner(), digest); var param = new DsaPrivateKeyParameters(X.ToBouncyBigInteger(), new DsaParameters(PublicKey.P.ToBouncyBigInteger(), PublicKey.Q.ToBouncyBigInteger(), PublicKey.G.ToBouncyBigInteger())); signer.Init(forSigning: true, parameters: new ParametersWithRandom(param, Secure.Random)); return(new DigestStream(signer)); }
/// <summary> /// Gets the encrypting stream. /// </summary> /// <param name="output">The output.</param> /// <returns></returns> public FinishingStream GetEncryptingStream(Stream output, KeyczarBase keyczar) { var rsa = new RsaEngine(); var oaep = UpdatePadding(rsa); return(new AsymmetricStream( oaep, output, (cipher, encrypt) => cipher.Init(encrypt, new RsaKeyParameters(false, Modulus.ToBouncyBigInteger(), PublicExponent.ToBouncyBigInteger())), encrypt: true)); }
/// <summary> /// Gets the encrypting stream. /// </summary> /// <param name="output">The output.</param> /// <returns></returns> public virtual FinishingStream GetEncryptingStream(Stream output, KeyczarBase keyczar) { var ivarr = new byte[BlockLength]; Secure.Random.NextBytes(ivarr); return(new SymmetricStream( new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()), new Pkcs7Padding()), output, ivarr, HmacKey.Maybe(it => it.HashLength, () => 0), (iv, cipher, encrypt) => cipher.Init(forEncryption: encrypt, parameters: new ParametersWithIV(new KeyParameter(AesKeyBytes), iv)), encrypt: true)); }
/// <summary> /// Gets the encrypting stream. /// </summary> /// <param name="output">The output.</param> /// <returns></returns> public FinishingStream GetEncryptingStream(Stream output, KeyczarBase keyczar) { var randomNonce = new byte[IVLength]; Secure.Random.NextBytes(randomNonce); return(new SymmetricAeadStream( GetMode(), output, randomNonce, TagLength, (nonce, cipher, authdata, encrypt) => cipher.Init(encrypt, new AeadParameters(GetKeyParameters(), TagLength * 8, nonce, authdata)), encrypt: true )); }
/// <summary> /// Gets the signing stream. /// </summary> /// <returns></returns> public HashingStream GetSigningStream(KeyczarBase keyczar) { var signer = PublicKey.GetSigner(); signer.Init(forSigning: true, parameters: new RsaPrivateCrtKeyParameters( Utility.ToBouncyBigInteger(PublicKey.Modulus), Utility.ToBouncyBigInteger(PublicKey.PublicExponent), PrivateExponent.ToBouncyBigInteger(), PrimeP.ToBouncyBigInteger(), PrimeQ.ToBouncyBigInteger(), PrimeExponentP.ToBouncyBigInteger(), PrimeExponentQ.ToBouncyBigInteger(), CrtCoefficient.ToBouncyBigInteger())); return(new DigestStream(signer, Size / 8)); }
/// <summary> /// Gets the verifying stream. /// </summary> /// <returns></returns> public VerifyingStream GetVerifyingStream(KeyczarBase keyczar) { var signer = new DsaSigner(); signer.Init(forSigning: false, parameters: new DsaPublicKeyParameters(Y.ToBouncyBigInteger(), new DsaParameters( P.ToBouncyBigInteger(), Q.ToBouncyBigInteger(), G.ToBouncyBigInteger()))); var digest = GetDigest(); var digestSigner = new DsaDigestSigner(signer, digest); return(new DigestStream(digestSigner, sigRepair: sig => { if (!keyczar.Config.StrictDsaVerification) { return Utility.RemoveJunkFronAnsiObj(sig); } return sig; })); }
internal static IEnumerable <IVerifierKey> VerifierKeys(KeyczarBase keyczar, byte[] token, out byte[] trimmedSignature) { var input = Encoding.UTF8.GetString(token); var pieces = input.Split('.'); var sig = (WebBase64)pieces.Last(); trimmedSignature = sig.ToBytes(); var header = JsonConvert.DeserializeObject <JwtHeader>( Jwt.DecodeToJsonString(pieces.First())); if (header.typ != "JWT") { return(Enumerable.Empty <IVerifierKey>()); } byte[] kid = null; try //try to interpret kid has key hash. { var kidB64 = (WebBase64)header.kid; kid = kidB64.ToBytes(); } catch { //Bad kid try all keys - lgtm [cs/empty-catch-block] } if (kid == null || kid.Length != KeyczarConst.KeyHashLength) { return(keyczar.GetAllKeys() .Where(it => Jwt.IsValidAlg(header.alg, it)) .OfType <IVerifierKey>()); } return(keyczar.GetKey(kid) .Where(it => Jwt.IsValidAlg(header.alg, it)) .OfType <IVerifierKey>()); }
/// <summary> /// Gets the verifying stream. /// </summary> /// <returns></returns> public VerifyingStream GetVerifyingStream(KeyczarBase keyczar) { return(PublicKey.GetVerifyingStream(keyczar)); }
/// <summary> /// Gets the authentication verifying stream. /// </summary> /// <returns></returns> public VerifyingStream GetAuthVerifyingStream(KeyczarBase keyczar) => HmacKey.Maybe(h => h.GetVerifyingStream(keyczar), () => null);
/// <summary> /// Gets the authentication signing stream. /// </summary> /// <returns></returns> public HashingStream GetAuthSigningStream(KeyczarBase keyczar) => HmacKey.Maybe(h => h.GetSigningStream(keyczar), () => null);
public HelperAttachedJTWVerifier(IKeySet keySet, KeyczarBase parent) : base(keySet) { _parent = parent; }
/// <summary> /// Gets the authentication signing stream. /// </summary> /// <returns></returns> public HashingStream GetAuthSigningStream(KeyczarBase keyczar) => HmacKey.GetSigningStream(keyczar);
/// <summary> /// Gets the authentication verifying stream. /// </summary> /// <returns></returns> public VerifyingStream GetAuthVerifyingStream(KeyczarBase keyczar) => HmacKey.GetVerifyingStream(keyczar);
/// <summary> /// Gets the authentication verifying stream. /// </summary> /// <returns>null as authentication is built in to the decryption</returns> public VerifyingStream GetAuthVerifyingStream(KeyczarBase keyczar) => null;
/// <summary> /// Gets the verifying stream. /// </summary> /// <returns></returns> public VerifyingStream GetVerifyingStream(KeyczarBase keyczar) => PublicKey.GetVerifyingStream(keyczar);
public FinishingStream GetEncryptingStream(Stream output, KeyczarBase keyczar) { throw new NotImplementedException(); }
/// <summary> /// Gets the signing stream. /// </summary> /// <returns></returns> public HashingStream GetSigningStream(KeyczarBase keyczar) => GetVerifyingStream(keyczar);
public HashingStream GetSigningStream(KeyczarBase keyczar) { throw new NotImplementedException(); }
public VerifyingStream GetVerifyingStream(KeyczarBase keyczar) { throw new NotImplementedException(); }
/// <summary> /// Gets the authentication signing stream. /// </summary> /// <returns>null</returns> public HashingStream GetAuthSigningStream(KeyczarBase keyczar) => null;
public JwtSignerHelper(IKeySet keySet, KeyczarBase parent) : base(keySet) { _parent = parent; }