public I2PSigningPublicKey(I2PSigningPrivateKey privkey) : base(privkey.Certificate) { switch (Certificate.SignatureType) { case SigningKeyTypes.DSA_SHA1: Key = new BufLen(I2PConstants.DsaG.ModPow(privkey.ToBigInteger(), I2PConstants.DsaP).ToByteArrayUnsigned()); break; case I2PSigningKey.SigningKeyTypes.ECDSA_SHA256_P256: { var param = NistNamedCurves.GetByName("P-256"); var domain = new ECDomainParameters(param.Curve, param.G, param.N, param.H); var q = domain.G.Multiply(privkey.ToBigInteger()); var publicparam = new ECPublicKeyParameters(q, domain); Key = new BufLen(publicparam.Q.GetEncoded(), 1); } break; case I2PSigningKey.SigningKeyTypes.ECDSA_SHA384_P384: { var param = NistNamedCurves.GetByName("P-384"); var domain = new ECDomainParameters(param.Curve, param.G, param.N, param.H); var q = domain.G.Multiply(privkey.ToBigInteger()); var publicparam = new ECPublicKeyParameters(q, domain); Key = new BufLen(publicparam.Q.GetEncoded(), 1); } break; case I2PSigningKey.SigningKeyTypes.ECDSA_SHA512_P521: { var param = NistNamedCurves.GetByName("P-521"); var domain = new ECDomainParameters(param.Curve, param.G, param.N, param.H); var q = domain.G.Multiply(privkey.ToBigInteger()); var publicparam = new ECPublicKeyParameters(q, domain); Key = new BufLen(publicparam.Q.GetEncoded(), 1); } break; case SigningKeyTypes.EdDSA_SHA512_Ed25519: Key = new BufLen(Chaos.NaCl.Ed25519.PublicKeyFromSeed(privkey.Key.ToByteArray())); break; default: throw new NotImplementedException(); } }
public static byte[] DoSignEcDsa( IEnumerable <BufLen> bufs, I2PSigningPrivateKey key, IDigest digest, X9ECParameters ecparam, int sigsize) { foreach (var buf in bufs) { digest.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length); } var hash = new byte[digest.GetDigestSize()]; digest.DoFinal(hash, 0); var param = new ECDomainParameters(ecparam.Curve, ecparam.G, ecparam.N, ecparam.H); var pk = new ECPrivateKeyParameters(key.ToBigInteger(), param); var s = new Org.BouncyCastle.Crypto.Signers.ECDsaSigner(); s.Init(true, new ParametersWithRandom(pk)); var sig = s.GenerateSignature(hash); var result = new byte[sigsize]; var b1 = sig[0].ToByteArrayUnsigned(); var b2 = sig[1].ToByteArrayUnsigned(); // https://geti2p.net/en/docs/spec/common-structures#type_Signature // When a signature is composed of two elements (for example values R,S), // it is serialized by padding each element to length/2 with leading zeros if necessary. // All types are Big Endian, except for EdDSA, which is stored and transmitted in a Little Endian format. // Pad msb. Big endian. Array.Copy(b1, 0, result, sigsize / 2 - b1.Length, b1.Length); Array.Copy(b2, 0, result, sigsize - b2.Length, b2.Length); DebugUtils.LogDebug("DoSignEcDsa: " + digest.ToString() + ": Used."); return(result); }
public static byte[] DoSignDsaSha1(IEnumerable <BufLen> bufs, I2PSigningPrivateKey key) { var sha = new Sha1Digest(); foreach (var buf in bufs) { sha.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length); } var hash = new byte[sha.GetDigestSize()]; sha.DoFinal(hash, 0); var s = new Org.BouncyCastle.Crypto.Signers.DsaSigner(); var dsaparams = new ParametersWithRandom( new DsaPrivateKeyParameters( key.ToBigInteger(), new DsaParameters( I2PConstants.DsaP, I2PConstants.DsaQ, I2PConstants.DsaG))); s.Init(true, dsaparams); var sig = s.GenerateSignature(hash); var result = new byte[40]; var b1 = sig[0].ToByteArrayUnsigned(); var b2 = sig[1].ToByteArrayUnsigned(); // https://geti2p.net/en/docs/spec/common-structures#type_Signature // When a signature is composed of two elements (for example values R,S), // it is serialized by padding each element to length/2 with leading zeros if necessary. // All types are Big Endian, except for EdDSA, which is stored and transmitted in a Little Endian format. // Pad msb. Big endian. Array.Copy(b1, 0, result, 0 + 20 - b1.Length, b1.Length); Array.Copy(b2, 0, result, 20 + 20 - b2.Length, b2.Length); return(result); }
public static byte[] DoSignEcDsaSha256P256_old(IEnumerable <BufLen> bufs, I2PSigningPrivateKey key) { var sha = new Sha256Digest(); foreach (var buf in bufs) { sha.BlockUpdate(buf.BaseArray, buf.BaseArrayOffset, buf.Length); } var hash = new byte[sha.GetDigestSize()]; sha.DoFinal(hash, 0); var p = Org.BouncyCastle.Asn1.Nist.NistNamedCurves.GetByName("P-256"); var param = new ECDomainParameters(p.Curve, p.G, p.N, p.H); var pk = new ECPrivateKeyParameters(key.ToBigInteger(), param); var s = new Org.BouncyCastle.Crypto.Signers.ECDsaSigner(); s.Init(true, new ParametersWithRandom(pk)); var sig = s.GenerateSignature(hash); var result = new byte[64]; var b1 = sig[0].ToByteArrayUnsigned(); var b2 = sig[1].ToByteArrayUnsigned(); // https://geti2p.net/en/docs/spec/common-structures#type_Signature // When a signature is composed of two elements (for example values R,S), // it is serialized by padding each element to length/2 with leading zeros if necessary. // All types are Big Endian, except for EdDSA, which is stored and transmitted in a Little Endian format. // Pad msb. Big endian. Array.Copy(b1, 0, result, 0 + 20 - b1.Length, b1.Length); Array.Copy(b2, 0, result, 20 + 20 - b2.Length, b2.Length); DebugUtils.LogDebug("DoSignEcDsaSha256P256: Used."); return(result); }