public Signer(OneKey key, CBORObject algorithm = null) { if (algorithm != null) { AddAttribute(HeaderKeys.Algorithm, algorithm, UNPROTECTED); } if (key.ContainsName(CoseKeyKeys.KeyIdentifier)) { AddAttribute(HeaderKeys.KeyId, key[CoseKeyKeys.KeyIdentifier], UNPROTECTED); } if (key.ContainsName("use")) { string usage = key.AsString("use"); if (usage != "sig") { throw new Exception("Key cannot be used for encryption"); } } if (key.ContainsName(CoseKeyKeys.Key_Operations)) { CBORObject usageObject = key[CoseKeyKeys.Key_Operations]; bool validUsage = false; if (usageObject.Type != CBORType.Array) { throw new Exception("key_ops is incorrectly formed"); } for (int i = 0; i < usageObject.Count; i++) { switch (usageObject[i].AsString()) { case "encrypt": case "keywrap": validUsage = true; break; } } if (!validUsage) { throw new Exception("Key cannot be used for encryption"); } } _keyToSign = key; }
private byte[] Sign(byte[] bytesToBeSigned) { CBORObject alg; // Get the set algorithm or infer one alg = FindAttribute(HeaderKeys.Algorithm); if (alg == null) { if (_keyToSign[CoseKeyKeys.KeyType].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyKeys.KeyType].AsInt32()) { case GeneralValuesInt.KeyType_RSA: alg = AlgorithmValues.RSA_PSS_256; break; case GeneralValuesInt.KeyType_EC2: if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyParameterKeys.EC_Curve].AsInt32()) { case GeneralValuesInt.P256: alg = AlgorithmValues.ECDSA_256; break; case GeneralValuesInt.P384: alg = AlgorithmValues.ECDSA_384; break; case GeneralValuesInt.P521: alg = AlgorithmValues.ECDSA_512; break; default: throw new CoseException("Unknown curve"); } } else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.TextString) { switch (_keyToSign[CoseKeyParameterKeys.EC_Curve].AsString()) { default: throw new CoseException("Unknown curve"); } } else { throw new CoseException("Curve is incorrectly encoded"); } break; case GeneralValuesInt.KeyType_OKP: if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyParameterKeys.EC_Curve].AsInt32()) { case GeneralValuesInt.Ed25519: alg = AlgorithmValues.EdDSA; break; case GeneralValuesInt.Ed448: alg = AlgorithmValues.EdDSA; break; default: throw new CoseException("Unknown curve"); } } else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.TextString) { switch (_keyToSign[CoseKeyParameterKeys.EC_Curve].AsString()) { default: throw new CoseException("Unknown curve"); } } else { throw new CoseException("Curve is incorrectly encoded"); } break; default: throw new Exception("Unknown or unsupported key type " + _keyToSign.AsString("kty")); } } else if (_keyToSign[CoseKeyKeys.KeyType].Type == CBORType.TextString) { throw new CoseException("Unknown or unsupported key type " + _keyToSign[CoseKeyKeys.KeyType].AsString()); } else { throw new CoseException("Key type is not correctly encoded"); } UnprotectedMap.Add(HeaderKeys.Algorithm, alg); } return(Sign(bytesToBeSigned, alg, _keyToSign)); }
private byte[] _Sign(byte[] bytesToBeSigned) { CBORObject alg; // Get the set algorithm or infer one if (rgbContent == null) { throw new CoseException("No Content Specified"); } alg = FindAttribute(HeaderKeys.Algorithm); if (alg == null) { if (_keyToSign[CoseKeyKeys.KeyType].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyKeys.KeyType].AsInt32()) { case GeneralValuesInt.KeyType_RSA: alg = AlgorithmValues.RSA_PSS_256; break; case GeneralValuesInt.KeyType_EC2: if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyParameterKeys.EC_Curve].AsInt32()) { case GeneralValuesInt.P256: alg = AlgorithmValues.ECDSA_256; break; case GeneralValuesInt.P521: alg = AlgorithmValues.ECDSA_512; break; default: throw new CoseException("Unknown curve"); } } else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.TextString) { switch (_keyToSign[CoseKeyParameterKeys.EC_Curve].AsString()) { case "P-384": alg = CBORObject.FromObject("ES384"); break; default: throw new CoseException("Unknown curve"); } } else { throw new CoseException("Curve is incorrectly encoded"); } break; case GeneralValuesInt.KeyType_OKP: if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyParameterKeys.EC_Curve].AsInt32()) { case GeneralValuesInt.Ed25519: alg = AlgorithmValues.EdDSA; break; case GeneralValuesInt.Ed448: alg = AlgorithmValues.EdDSA; break; default: throw new CoseException("Unknown curve"); } } else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.TextString) { switch (_keyToSign[CoseKeyParameterKeys.EC_Curve].AsString()) { default: throw new CoseException("Unknown curve"); } } else { throw new CoseException("Curve is incorrectly encoded"); } break; default: throw new CoseException("Unknown or unsupported key type " + _keyToSign.AsString("kty")); } } else if (_keyToSign[CoseKeyKeys.KeyType].Type == CBORType.TextString) { throw new CoseException("Unknown or unsupported key type " + _keyToSign[CoseKeyKeys.KeyType].AsString()); } else { throw new CoseException("Key type is not correctly encoded"); } UnprotectedMap.Add(HeaderKeys.Algorithm, alg); } IDigest digest = null; IDigest digest2 = null; if (alg.Type == CBORType.TextString) { switch (alg.AsString()) { case "ES384": case "PS384": digest = new Sha384Digest(); digest2 = new Sha384Digest(); break; case "HSS-LMS": break; default: throw new CoseException("Unknown Algorithm Specified"); } } else if (alg.Type == CBORType.Integer) { switch ((AlgorithmValuesInt)alg.AsInt32()) { case AlgorithmValuesInt.ECDSA_256: case AlgorithmValuesInt.RSA_PSS_256: digest = new Sha256Digest(); digest2 = new Sha256Digest(); break; case AlgorithmValuesInt.ECDSA_384: case AlgorithmValuesInt.RSA_PSS_384: digest = new Sha384Digest(); digest2 = new Sha384Digest(); break; case AlgorithmValuesInt.ECDSA_512: case AlgorithmValuesInt.RSA_PSS_512: digest = new Sha512Digest(); digest2 = new Sha512Digest(); break; case AlgorithmValuesInt.EdDSA: break; default: throw new CoseException("Unknown Algorithm Specified"); } } else { throw new CoseException("Algorithm incorrectly encoded"); } if (alg.Type == CBORType.TextString) { switch (alg.AsString()) { case "HSS-LMS": HashSig sig = new HashSig(_keyToSign[CoseKeyParameterKeys.Lms_Private].AsString()); byte[] signBytes = sig.Sign(bytesToBeSigned); _keyToSign.Replace(CoseKeyParameterKeys.Lms_Private, CBORObject.FromObject(sig.PrivateKey)); return(signBytes); default: throw new CoseException("Unknown Algorithm Specified"); } } else if (alg.Type == CBORType.Integer) { switch ((AlgorithmValuesInt)alg.AsInt32()) { case AlgorithmValuesInt.RSA_PSS_256: case AlgorithmValuesInt.RSA_PSS_384: case AlgorithmValuesInt.RSA_PSS_512: { PssSigner signer = new PssSigner(new RsaEngine(), digest, digest2, digest.GetByteLength()); RsaKeyParameters prv = new RsaPrivateCrtKeyParameters( _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_n), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_e), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_d), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_p), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_q), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dP), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dQ), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_qInv)); ParametersWithRandom param = new ParametersWithRandom(prv, GetPRNG()); signer.Init(true, param); signer.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); return(signer.GenerateSignature()); } case AlgorithmValuesInt.ECDSA_256: case AlgorithmValuesInt.ECDSA_384: case AlgorithmValuesInt.ECDSA_512: { CBORObject privateKeyD = _keyToSign[CoseKeyParameterKeys.EC_D]; if (privateKeyD == null) { throw new CoseException("Private key required to sign"); } SecureRandom random = GetPRNG(); digest.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); byte[] digestedMessage = new byte[digest.GetDigestSize()]; digest.DoFinal(digestedMessage, 0); X9ECParameters p = _keyToSign.GetCurve(); ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); ECPrivateKeyParameters privKey = new ECPrivateKeyParameters("ECDSA", ConvertBigNum(privateKeyD), parameters); ParametersWithRandom param = new ParametersWithRandom(privKey, random); ECDsaSigner ecdsa = new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest())); ecdsa.Init(true, param); BigInteger[] sig = ecdsa.GenerateSignature(digestedMessage); byte[] r = sig[0].ToByteArrayUnsigned(); byte[] s = sig[1].ToByteArrayUnsigned(); int cbR = (p.Curve.FieldSize + 7) / 8; byte[] sigs = new byte[cbR * 2]; Array.Copy(r, 0, sigs, cbR - r.Length, r.Length); Array.Copy(s, 0, sigs, cbR + cbR - s.Length, s.Length); return(sigs); } #if true case AlgorithmValuesInt.EdDSA: { ISigner eddsa; if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed25519)) { Ed25519PrivateKeyParameters privKey = new Ed25519PrivateKeyParameters(_keyToSign[CoseKeyParameterKeys.OKP_D].GetByteString(), 0); eddsa = new Ed25519Signer(); eddsa.Init(true, privKey); } else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed448)) { Ed448PrivateKeyParameters privKey = new Ed448PrivateKeyParameters(_keyToSign[CoseKeyParameterKeys.OKP_D].GetByteString(), 0); eddsa = new Ed448Signer(new byte[0]); eddsa.Init(true, privKey); } else { throw new CoseException("Unrecognized curve"); } eddsa.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); return(eddsa.GenerateSignature()); } #endif default: throw new CoseException("Unknown Algorithm Specified"); } } else { throw new CoseException("Algorithm incorrectly encoded"); } }