public jwkKeyPair getEcKeyPair(string curveName)
{
EllipticCurveFp e = selectCamelotCurve(curveName);
camelot.ECKeyPair ecKeyPair = new camelot.ECKeyPair(e, rng);
jwkKeyPair keyPair = new jwkKeyPair(ecKeyPair, curveName);
return(keyPair);
}
private Boolean verifyCamelotEcdsa(camelot.ECKeyPair keyPair, byte[] digest, byte[] signature)
{
try
{
bool verified = camelot.ECDSA.ECDSAVerify(keyPair, digest, signature);
return(verified);
}
catch (Exception ex)
{
throw ex;
}
}
private byte[] signCamelotEcdsa(camelot.ECKeyPair keyPair, byte[] plain)
{
try
{
byte[] signature = camelot.ECDSA.ECDSASign(keyPair, plain, rng);
return(signature);
}
catch (Exception ex)
{
return(ByteConverter.GetBytes(ex.Message));
}
}
public Object verify(String mode, jwkPublicKey publicKey, byte[] plainBytes, string hashAlgorithm, string curveName, byte[] signatureBytes)
{
bool verified = false;
if (mode == "ecdsa")
{
EllipticCurveFp curve = selectCamelotCurve(curveName);
ecPublicKey ecPublicKey = new ecPublicKey(publicKey);
EllipticCurvePointFp point =
new EllipticCurvePointFp(curve, false, ecPublicKey.X, ecPublicKey.Y);
camelot.ECKeyPair ecKeyPair =
new camelot.ECKeyPair(curve, SEC1EncodingFp.EncodePoint(point));
camelot.HashAlgorithm h = selectCamelotHashAlgorithm(hashAlgorithm);
byte[] digest = h.ComputeHash(plainBytes);
verified = verifyCamelotEcdsa(ecKeyPair, digest, signatureBytes);
}
else
{
rsaPublicKey rsaKey = new rsaPublicKey(publicKey);
RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider();
RSAParameters rsaParams = rsaKey.toRSAParameters();
rsaCsp.ImportParameters(rsaParams);
if (mode == "rsa-pss")
{
verified = verifyCamelotPSS(rsaParams, hashAlgorithm, plainBytes, signatureBytes);
}
else if (mode == "rsassa-pkcs1-v1_5")
{
verified = rsaCsp.VerifyData(plainBytes, selectCSPHashAlgorithm(hashAlgorithm), signatureBytes);
}
else
{
throw new InvalidOperationException("Unsupported mode");
}
}
return(verified);
}
public jwkPublicKey(camelot.ECKeyPair ecKeyPair, string curveName)
{
EllipticCurvePointFp point =
SEC1EncodingFp.DecodePoint(ecKeyPair.ExportPublicKey(), ecKeyPair.Curve);
this.crv = curveName;
this.kty = "EC";
this.extractable = true;
byte[] xBytes = point.X.ToByteArrayUnsigned();
Array.Reverse(xBytes);
byte[] yBytes = point.Y.ToByteArrayUnsigned();
Array.Reverse(yBytes);
this.x = Base64Url.to(xBytes);
this.y = Base64Url.to(yBytes);
}
public Object sign(string mode, jwkPrivateKey privateKey, byte[] plainBytes, string hashAlgorithm, string curveName)
{
byte[] signature;
if (mode == "ecdsa")
{
EllipticCurveFp curve = selectCamelotCurve(curveName);
ecPrivateKey ecPrivateKey = new ecPrivateKey(privateKey);
camelot.ECKeyPair ecKeyPairPrivate = new camelot.ECKeyPair(curve, ecPrivateKey.D, null);
camelot.HashAlgorithm h = selectCamelotHashAlgorithm(hashAlgorithm);
byte[] digest = h.ComputeHash(plainBytes);
signature = signCamelotEcdsa(ecKeyPairPrivate, digest);
}
else
{
rsaPrivateKey rsaKey = new rsaPrivateKey(privateKey);
RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider();
RSAParameters rsaParams = rsaKey.toRSAParameters();
rsaCsp.ImportParameters(rsaParams);
if (mode == "rsa-pss")
{
signature = signCamelotPSS(rsaParams, hashAlgorithm, plainBytes);
}
else if (mode == "rsassa-pkcs1-v1_5")
{
signature = rsaCsp.SignData(plainBytes, selectCSPHashAlgorithm(hashAlgorithm));
}
else
{
throw new InvalidOperationException("Unsupported mode");
}
}
return(signature);
}
public jwkKeyPair(camelot.ECKeyPair ecKeyPair, string curveName)
{
this.publicKey = serializer.Serialize(new jwkPublicKey(ecKeyPair, curveName));
this.privateKey = serializer.Serialize(new jwkPrivateKey(ecKeyPair, curveName));
}
public jwkPrivateKey(camelot.ECKeyPair ecKeyPair, string curveName)
: base(ecKeyPair, curveName)
{
this.d = Base64Url.to(ecKeyPair.ExportPrivateKey());
}
