// Note: PKCS#8 doesn't define how to generate the key required for encryption // so you're on your own. Just don't try to copy the big guys too much ;) // Netscape: http://www.cs.auckland.ac.nz/~pgut001/pubs/netscape.txt // Microsoft: http://www.cs.auckland.ac.nz/~pgut001/pubs/breakms.txt public byte[] GetBytes() { if (_algorithm == null) { throw new CryptographicException("No algorithm OID specified"); } ASN1 encryptionAlgorithm = new ASN1(0x30); encryptionAlgorithm.Add(ASN1Convert.FromOid(_algorithm)); // parameters ANY DEFINED BY algorithm OPTIONAL if ((_iterations > 0) || (_salt != null)) { ASN1 salt = new ASN1(0x04, _salt); ASN1 iterations = ASN1Convert.FromInt32(_iterations); ASN1 parameters = new ASN1(0x30); parameters.Add(salt); parameters.Add(iterations); encryptionAlgorithm.Add(parameters); } // encapsulates EncryptedData into an OCTET STRING ASN1 encryptedData = new ASN1(0x04, _data); ASN1 encryptedPrivateKeyInfo = new ASN1(0x30); encryptedPrivateKeyInfo.Add(encryptionAlgorithm); encryptedPrivateKeyInfo.Add(encryptedData); return(encryptedPrivateKeyInfo.GetBytes()); }
public byte[] GetBytes() { ASN1 privateKeyAlgorithm = new ASN1(0x30); privateKeyAlgorithm.Add(ASN1Convert.FromOid(_algorithm)); privateKeyAlgorithm.Add(new ASN1(0x05)); // ASN.1 NULL ASN1 pki = new ASN1(0x30); pki.Add(new ASN1(0x02, new byte[1] { (byte)_version })); pki.Add(privateKeyAlgorithm); pki.Add(new ASN1(0x04, _key)); if (_list.Count > 0) { ASN1 attributes = new ASN1(0xA0); foreach (ASN1 attribute in _list) { attributes.Add(attribute); } pki.Add(attributes); } return(pki.GetBytes()); }
/// <summary> /// Encodes the RSAParameters as an asn1-encoded RSAPublicKey or RSAPrivateKey struct, as defined by PKCS#1 / rfc3447. /// </summary> /// <param name="rsa">The RSA.</param> /// <returns></returns> /// <remarks>Adapted from Mono.Security</remarks> public static byte[] EncodeAsAsn1(RSAParameters param) { ASN1 asn1; // See: http://tools.ietf.org/html/rfc3447 // - A.1.1 RSA public key syntax // - A.1.2 RSA private key syntax if (param.D == null) { // Emit a RSAPublicKey ASN.1 type. asn1 = new ASN1(0x30); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Modulus)); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Exponent)); } else { // Emit a RSAPrivateKey ASN.1 type. asn1 = new ASN1(0x30); asn1.Add(new ASN1(0x02, new byte[1] { 0x00 })); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Modulus)); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Exponent)); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.D)); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.P)); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.Q)); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.DP)); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.DQ)); asn1.Add(ASN1Convert.FromUnsignedBigInteger(param.InverseQ)); } return(asn1.GetBytes()); }
private static ASN1 AlgorithmIdentifier(string oid, ASN1 parameters) { ASN1 ai = new ASN1(0x30); ai.Add(ASN1Convert.FromOid(oid)); ai.Add(parameters); return(ai); }
private static ASN1 AlgorithmIdentifier(string oid) { ASN1 ai = new ASN1(0x30); ai.Add(ASN1Convert.FromOid(oid)); ai.Add(new ASN1(0x05)); // NULL return(ai); }
// methods private void Decode(byte[] data) { ASN1 encryptedPrivateKeyInfo = new ASN1(data); if (encryptedPrivateKeyInfo.Tag != 0x30) { throw new CryptographicException("invalid EncryptedPrivateKeyInfo"); } ASN1 encryptionAlgorithm = encryptedPrivateKeyInfo[0]; if (encryptionAlgorithm.Tag != 0x30) { throw new CryptographicException("invalid encryptionAlgorithm"); } ASN1 algorithm = encryptionAlgorithm[0]; if (algorithm.Tag != 0x06) { throw new CryptographicException("invalid algorithm"); } _algorithm = ASN1Convert.ToOid(algorithm); // parameters ANY DEFINED BY algorithm OPTIONAL if (encryptionAlgorithm.Count > 1) { ASN1 parameters = encryptionAlgorithm[1]; if (parameters.Tag != 0x30) { throw new CryptographicException("invalid parameters"); } ASN1 salt = parameters[0]; if (salt.Tag != 0x04) { throw new CryptographicException("invalid salt"); } _salt = salt.Value; ASN1 iterationCount = parameters[1]; if (iterationCount.Tag != 0x02) { throw new CryptographicException("invalid iterationCount"); } _iterations = ASN1Convert.ToInt32(iterationCount); } ASN1 encryptedData = encryptedPrivateKeyInfo[1]; if (encryptedData.Tag != 0x04) { throw new CryptographicException("invalid EncryptedData"); } _data = encryptedData.Value; }
// methods private void Decode(byte[] data) { ASN1 privateKeyInfo = new ASN1(data); if (privateKeyInfo.Tag != 0x30) { throw new CryptographicException("invalid PrivateKeyInfo"); } ASN1 version = privateKeyInfo[0]; if (version.Tag != 0x02) { throw new CryptographicException("invalid version"); } _version = version.Value[0]; ASN1 privateKeyAlgorithm = privateKeyInfo[1]; if (privateKeyAlgorithm.Tag != 0x30) { throw new CryptographicException("invalid algorithm"); } ASN1 algorithm = privateKeyAlgorithm[0]; if (algorithm.Tag != 0x06) { throw new CryptographicException("missing algorithm OID"); } _algorithm = ASN1Convert.ToOid(algorithm); ASN1 privateKey = privateKeyInfo[2]; _key = privateKey.Value; // attributes [0] IMPLICIT Attributes OPTIONAL if (privateKeyInfo.Count > 3) { ASN1 attributes = privateKeyInfo[3]; for (int i = 0; i < attributes.Count; i++) { _list.Add(attributes[i]); } } }
public static RSAParameters DecodePkcs8PublicKey(byte[] pkcs8blob) { // See: http://tools.ietf.org/html/rfc5280 // http://www.cryptopp.com/wiki/Keys_and_Formats#Dumping_PKCS_.238_and_X.509_Keys // // SubjectPublicKeyInfo ::= SEQUENCE { // algorithm AlgorithmIdentifier, // subjectPublicKey BIT STRING } ASN1 publicKeyInfo = new ASN1(pkcs8blob); if (publicKeyInfo.Tag != 0x30) { throw new CryptographicException("invalid PublicKeyInfo"); } ASN1 keyAlgorithm = publicKeyInfo[0]; if (keyAlgorithm.Tag != 0x30) { throw new CryptographicException("invalid algorithm"); } ASN1 algorithm = keyAlgorithm[0]; if (algorithm.Tag != 0x06) { throw new CryptographicException("missing algorithm OID"); } if (ASN1Convert.ToOid(algorithm) != Oid.rsaEncryption) { throw new NotSupportedException("Only RSA keys are currently supported."); } var keyBits = publicKeyInfo[1]; if (keyBits.Tag != 0x03) { throw new CryptographicException("Invalid or corrupted key container, expecint a BIT STRING, found tag: " + keyBits.Tag); } var sanitizedKeyBits = RemoveLeadingZero(keyBits.Value); return(DecodeAsn1RsaPublicKey(new ASN1(sanitizedKeyBits))); }
/* * RSAPrivateKey ::= SEQUENCE { * version Version, * modulus INTEGER, -- n * publicExponent INTEGER, -- e * privateExponent INTEGER, -- d * prime1 INTEGER, -- p * prime2 INTEGER, -- q * exponent1 INTEGER, -- d mod (p-1) * exponent2 INTEGER, -- d mod (q-1) * coefficient INTEGER, -- (inverse of q) mod p * otherPrimeInfos OtherPrimeInfos OPTIONAL * } */ static public byte[] Encode(RSA rsa) { RSAParameters param = rsa.ExportParameters(true); ASN1 rsaPrivateKey = new ASN1(0x30); rsaPrivateKey.Add(new ASN1(0x02, new byte[1] { 0x00 })); rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Modulus)); rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Exponent)); rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.D)); rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.P)); rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Q)); rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.DP)); rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.DQ)); rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.InverseQ)); return(rsaPrivateKey.GetBytes()); }
static public byte[] Encode(DSA dsa) { DSAParameters param = dsa.ExportParameters(true); return(ASN1Convert.FromUnsignedBigInteger(param.X).GetBytes()); }