public static EncryptedEntity Decode(byte[] encoded, EncryptedVerifier verifier) { try { var bsnkType = Asn1Parser.GetBsnkType(encoded); byte[] signedPayload; Signature signature; switch (bsnkType) { case Constants.EncryptedIdentityName: var encryptedIdentity = Asn1Parser.GetEncryptedEntity <EncryptedIdentity>(encoded, false); return(encryptedIdentity); case Constants.EncryptedPseudonymName: var encryptedPseudonym = Asn1Parser.GetEncryptedEntity <EncryptedPseudonym>(encoded, true); return(encryptedPseudonym); case Constants.SignedEncryptedIdentityName: if (verifier == null) { throw new ParsingException("No verifier for identity found"); } signedPayload = Asn1Parser.GetSignedPayload(encoded); var signedEncryptedIdentity = Asn1Parser.GetEncryptedEntity <EncryptedIdentity>(signedPayload, false); signature = Asn1Parser.GetSignature(encoded); verifier.Verify(signedPayload, signature); return(signedEncryptedIdentity); case Constants.SignedEncryptedPseudonymName: if (verifier == null) { throw new ParsingException("No verifier for pseudonym found"); } signedPayload = Asn1Parser.GetSignedPayload(encoded); var signedEncryptedPseudonym = Asn1Parser.GetEncryptedEntity <EncryptedPseudonym>(signedPayload, true); signature = Asn1Parser.GetSignature(encoded); verifier.Verify(signedPayload, signature); return(signedEncryptedPseudonym); default: throw new ParsingException($"Cannot handle type {bsnkType}"); } } catch (IOException e) { throw new ParsingException("Could not read ASN1", e); } }
public EncryptedEntityParser(byte[] encoded) { parser = new Asn1Parser(encoded); validBsnkTypes = new Dictionary <string, Func <EncryptedEntity> > { { EncryptedIdentityName, Create <EncryptedIdentity> }, { SignedEncryptedIdentityName, Create <EncryptedIdentity> }, { EncryptedPseudonymName, Create <EncryptedPseudonym> }, { SignedEncryptedPseudonymName, Create <EncryptedPseudonym> } }; }
private void DecodeContent(byte[] encoded) { var parser = new Asn1Parser(encoded); parser.ReadObject <DerSequenceParser>(); var version = parser.ReadObject <DerInteger>().Value.IntValue; if (1 != version) { throw new ParsingException($"Expected version 1, got {version}"); } var octetString = (DerOctetString)parser.ReadObject <DerOctetStringParser>().ToAsn1Object(); privateKey = new BigInteger(1, octetString.GetOctets()); parser.ReadObject <BerTaggedObjectParser>(); var oid = parser.ReadObject <DerObjectIdentifier>(); if (!BrainpoolP320R1.ObjectIdentifier.Equals(oid)) { throw new ParsingException($"Expected BrainpoolP320r1 ({BrainpoolP320R1.ObjectIdentifier}), got {oid}"); } var obj = parser.ReadObject(); if (obj == null) { return; } Asn1Parser.CheckObject <BerTaggedObjectParser>(obj); try { publicKey = BrainpoolP320R1.Curve.DecodePoint(parser.ReadObject <DerBitString>().GetBytes()).Normalize(); } catch (ArgumentException e) { throw new ParsingException("Could not decode point on curve", e); } BrainpoolP320R1.G.Multiply(privateKey).Normalize(); if (!BrainpoolP320R1.G.Multiply(privateKey).Equals(publicKey)) { throw new ParsingException("Public key does not belong to private key"); } }
private void DecodeSigned(bool isPseudonym, EncryptedVerifier verifier) { try { var payload = parser.ReadObject <DerSequenceParser>().ToAsn1Object().GetDerEncoded(); var payloadParser = new Asn1Parser(payload); payloadParser.ReadObject <DerSequenceParser>(); bsnkType = payloadParser.GetBsnkType(); switch (bsnkType) { case EncryptedIdentityName: if (isPseudonym) { throw new ParsingException("Encrypted identity inside signed encrypted pseudonym"); } DecodePayload(payloadParser, false); break; case EncryptedPseudonymName: if (!isPseudonym) { throw new ParsingException("Encrypted pseudonym inside signed encrypted identity"); } DecodePayload(payloadParser, true); break; default: throw new ParsingException($"Cannot handle type {bsnkType}"); } var signature = DecodeSignature(); verifier.Verify(payload, signature); } catch (IOException e) { throw new ParsingException("ASN1 decode error", e); } }
public DecryptKey Decode(string pemContents) { try { var pemObject = ReadPemObject(pemContents); var decryptKey = DecodeHeaders(pemObject.Headers); if (!validDecryptTypes.Contains(decryptKey.Type)) { throw new PolymorphicPseudonymisationException($"Unknown type {decryptKey.Type}"); } decryptKey.KeyPair = Asn1Parser.GetKeyPair(pemObject.Content); return(decryptKey); } catch (IOException e) { throw new ParsingException("Could not read PEM", e); } }
private void DecodePayload(Asn1Parser payloadParser, bool isPseudonym) { schemeVersion = payloadParser.ReadObject <DerInteger>().Value.IntValue; schemeKeyVersion = payloadParser.ReadObject <DerInteger>().Value.IntValue; payloadParser.ReadObject <DerIA5String>(); //Creator, not used recipient = payloadParser.ReadObject <DerIA5String>().GetString(); recipientKeySetVersion = payloadParser.ReadObject <DerInteger>().Value.IntValue; if (isPseudonym) { var obj = payloadParser.ReadObject(); if (obj is DerIA5String derIa5String) { derIa5String.GetString(); payloadParser.ReadObject <DerInteger>(); //Type, not used } else { Asn1Parser.CheckObject <DerInteger>(obj); //Type, not used } } payloadParser.ReadObject <DerSequenceParser>(); points = new ECPoint[3]; for (var i = 0; i < points.Length; i++) { var octet = (DerOctetString)payloadParser.ReadObject <DerOctetStringParser>().ToAsn1Object(); try { points[i] = BrainpoolP320R1.Curve.DecodePoint(octet.GetOctets()); } catch (ArgumentException e) { throw new ParsingException("Could not decode point on curve", e); } } }
public EncryptedEntityParser(byte[] encoded) { parser = new Asn1Parser(encoded); }