public PrivateKey ReadPrivateKey(X509AlgorithmIdentifier algorithm, byte[] input)
{
var parameters = CreateParameters(algorithm);
using (var ms = new MemoryStream(input))
{
var asn1 = new DERReader(ms).Read();
var seq = asn1 as ASN1Sequence;
SecurityAssert.NotNull(seq);
SecurityAssert.Assert(seq !.Count >= 2);
var version = seq !.Elements[0] as ASN1Integer;
SecurityAssert.NotNull(version);
SecurityAssert.Assert(version !.Value == 1);
var dString = seq !.Elements[1] as ASN1OctetString;
SecurityAssert.NotNull(dString);
var d = parameters.Field.Value(dString !.Value.ToBigInteger(Endianness.BigEndian));
var q = Point.Multiply(
parameters.Curve,
d,
parameters.Generator
);
var pub = new ECPublicKey(parameters, q);
return(new ECPrivateKey(pub, d));
}
}
public PrivateKey ReadKey(byte[] input)
{
// PKCS#8 only
var asn1 = GetASN1(input);
SecurityAssert.Assert(asn1.HasValue);
var seq = asn1.Value as ASN1Sequence;
SecurityAssert.NotNull(seq);
SecurityAssert.Assert(seq !.Count == 3);
var version = seq !.Elements[0] as ASN1Integer;
SecurityAssert.NotNull(version);
SecurityAssert.Assert(version !.Value == 0);
var algorithm = X509AlgorithmIdentifier.FromObject(seq.Elements[1]);
var keyOctetString = seq !.Elements[2] as ASN1OctetString;
SecurityAssert.NotNull(keyOctetString);
var reader = _keyReaderRegistry.Resolve(algorithm.Algorithm);
return(reader.ReadPrivateKey(algorithm, keyOctetString !.Value));
}
public void ReadPublicKey_CorrectlyReads()
{
var sha256WithRSA = new ASN1ObjectIdentifier("1.2.840.113549.1.1.11");
var keyAlgorithm = new X509AlgorithmIdentifier(sha256WithRSA, new ASN1Object[] { new ASN1Null() });
BitArray keyData;
using (var ms = new MemoryStream())
{
var writer = new DERWriter(ms);
writer.Write(new ASN1Sequence(new ASN1Object[]
{
new ASN1Integer(123),
new ASN1Integer(456)
}));
keyData = new BitArray(ms.ToArray());
}
var key = new RSAKeyReader().ReadPublicKey(keyAlgorithm, keyData);
var rsaKey = Assert.IsType <RSAPublicKey>(key);
Assert.Equal(123, rsaKey.Modulus);
Assert.Equal(456, rsaKey.Exponent);
}
public PublicKey ReadPublicKey(X509AlgorithmIdentifier algorithm, BitArray bits)
{
SecurityAssert.Assert(IsRSAIdentifier(algorithm.Algorithm));
SecurityAssert.Assert(algorithm.Parameters.Count == 1 && algorithm.Parameters[0] is ASN1Null);
var data = bits.ToArray();
ASN1Object asn1;
using (var ms = new MemoryStream(data))
{
asn1 = new DERReader(ms).Read();
}
var keySeq = asn1 as ASN1Sequence;
SecurityAssert.Assert(keySeq != null && keySeq.Count == 2);
var modulusInt = keySeq !.Elements[0] as ASN1Integer;
SecurityAssert.NotNull(modulusInt);
var exponentInt = keySeq !.Elements[1] as ASN1Integer;
SecurityAssert.NotNull(exponentInt);
return(new RSAPublicKey(modulusInt !.Value, exponentInt !.Value));
}
public PublicKey ReadPublicKey(X509AlgorithmIdentifier algorithm, BitArray bits)
{
var parameters = CreateParameters(algorithm);
var data = bits.ToArray();
var point = parameters.Curve.PointFromBinary(data);
return(new ECPublicKey(parameters, point));
}
public PrivateKey ReadPrivateKey(X509AlgorithmIdentifier algorithm, byte[] input)
{
var parameters = CreateParameters(algorithm);
using (var ms = new MemoryStream(input))
{
var asn1 = new DERReader(ms);
return(new DHPrivateKey(parameters, asn1.Read()));
}
}
private DomainParameters CreateParameters(X509AlgorithmIdentifier algorithm)
{
// TODO support other formats
SecurityAssert.Assert(algorithm.Parameters.Count == 1);
var curve = algorithm.Parameters[0] as ASN1ObjectIdentifier;
SecurityAssert.NotNull(curve);
return(_namedCurvesRegistry.Resolve(curve !));
}
private static DHParameterConfig CreateParameters(X509AlgorithmIdentifier algorithm)
{
SecurityAssert.Assert(algorithm.Algorithm == DHIdentifiers.DHKeyAgreement);
SecurityAssert.Assert(algorithm.Parameters.Count == 1);
var keySeq = algorithm.Parameters[0] as ASN1Sequence;
SecurityAssert.Assert(keySeq != null && keySeq.Count == 2);
var p = keySeq !.Elements[0] as ASN1Integer;
SecurityAssert.NotNull(p);
var g = keySeq !.Elements[1] as ASN1Integer;
SecurityAssert.NotNull(g);
return(new DHParameterConfig(p !.Value, g !.Value));
}
public PublicKey ReadPublicKey(X509AlgorithmIdentifier algorithm, BitArray bits)
{
var parameters = CreateParameters(algorithm);
var data = bits.ToArray();
ASN1Object asn1;
using (var ms = new MemoryStream(data))
{
asn1 = new DERReader(ms).Read();
}
var y = asn1 as ASN1Integer;
SecurityAssert.NotNull(y);
return(new DHPublicKey(parameters, y !.Value));
}
public void ReadPrivateKey_CorrectlyReads()
{
var keyData = Convert.FromBase64String(@"MGMCAQACEQC22aTrdWZfC+U35KxlhaNrAgMBAAECEAjmcyaa4k7B+mPPmFvm3QECCQDhYc7boBK6wQIJAM+wsIZ/2oUrAgkAxCFASQFAq0ECCQCDdjjWedlMzwIIT7KUwpmsGjE=");
var modulus = BigInteger.Parse("243049568621283441616897908737715839851");
var privateExponent = BigInteger.Parse("11830387779451213492505862747361565953");
var publicExponent = BigInteger.Parse("65537");
var sha256WithRSA = new ASN1ObjectIdentifier("1.2.840.113549.1.1.11");
var keyAlgorithm = new X509AlgorithmIdentifier(sha256WithRSA, new ASN1Object[] { new ASN1Null() });
var key = new RSAKeyReader().ReadPrivateKey(keyAlgorithm, keyData);
var rsaKey = Assert.IsType <RSAPrivateKey>(key);
Assert.Equal(modulus, rsaKey.Modulus);
Assert.Equal(privateExponent, rsaKey.Exponent);
var rsaPublicKey = Assert.IsType <RSAPublicKey>(key.PublicKey);
Assert.Equal(modulus, rsaPublicKey.Modulus);
Assert.Equal(publicExponent, rsaPublicKey.Exponent);
}
