// TODO Add an equivalent class for ECNamedCurveParameterSpec?
//private ECNamedCurveParameterSpec ReadECParameters(
// private X9ECParameters ReadECParameters(PemObject pemObject)
// {
// DerObjectIdentifier oid = (DerObjectIdentifier)Asn1Object.FromByteArray(pemObject.Content);
//
// //return ECNamedCurveTable.getParameterSpec(oid.Id);
// return GetCurveParameters(oid.Id);
// }
//private static ECDomainParameters GetCurveParameters(
private static X9ECParameters GetCurveParameters(
string name)
{
// TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
X9ECParameters ecP = CustomNamedCurves.GetByName(name);
if (ecP == null)
{
ecP = ECNamedCurveTable.GetByName(name);
}
if (ecP == null)
{
throw new Exception("unknown curve name: " + name);
}
//return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
return(ecP);
}
public static bool VerifyHashed(byte[] signature, byte[] publicKey, byte[] data)
{
var(sigR, sigS, _) = GetRSV(signature);
try
{
X9ECParameters spec = ECNamedCurveTable.GetByName("secp256k1");
ECDomainParameters domain = new ECDomainParameters(spec.Curve, spec.G, spec.N);
ECPublicKeyParameters publicKeyParams =
new ECPublicKeyParameters(spec.Curve.DecodePoint(publicKey), domain);
ECDsaSigner signer = new ECDsaSigner();
signer.Init(false, publicKeyParams);
return(signer.VerifySignature(data, new BigInteger(1, sigR.ToByteArray()),
new BigInteger(1, sigS.ToByteArray())));
}
catch
{
return(false);
}
}
/// <summary>
/// Create a new ephermal key on the curve.
/// </summary>
/// <param name="curveName">
/// The name of the curve, for example "P-256".
/// </param>
/// <returns>
/// The new created emphermal key.
/// </returns>
public static EphermalKey Generate(string curveName)
{
X9ECParameters ecP = ECNamedCurveTable.GetByName(curveName);
if (ecP == null)
{
throw new Exception($"Unknown curve name '{curveName}'.");
}
var domain = new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
var g = GeneratorUtilities.GetKeyPairGenerator("EC");
g.Init(new ECKeyGenerationParameters(domain, new SecureRandom()));
var keyPair = g.GenerateKeyPair();
return(new EphermalKey
{
privateKey = (ECPrivateKeyParameters)keyPair.Private,
publicKey = (ECPublicKeyParameters)keyPair.Public
});
}
async void GetOrGenerateKey(IProgress <string> progress)
{
try {
var key = await SecureStorage.GetAsync("key");
if (key is null)
{
KeyPair = GenerateKeyPair();
var pubkeyBytes = ((ECPublicKeyParameters)KeyPair.Public).Q.GetEncoded();
var privkeyBytes = ((ECPrivateKeyParameters)KeyPair.Private).D.ToByteArray();
await SecureStorage.SetAsync("key",
$"{Convert.ToBase64String(pubkeyBytes)}:{Convert.ToBase64String(privkeyBytes)}");
}
else
{
var pubkeyBytes = Convert.FromBase64String(key.Split(':')[0]);
var privkeyBytes = Convert.FromBase64String(key.Split(':')[1]);
var curve = ECNamedCurveTable.GetByName("P-256");
var pubKey = new ECPublicKeyParameters(curve.Curve.DecodePoint(pubkeyBytes), DomainParams);
var privKey = new ECPrivateKeyParameters(new BigInteger(privkeyBytes), DomainParams);
KeyPair = new AsymmetricCipherKeyPair(pubKey, privKey);
}
var signer = SignerUtilities.GetSigner("SHA-256withECDSA");
var msg = Encoding.ASCII.GetBytes("Hello World");
signer.Init(true, KeyPair.Private);
signer.BlockUpdate(msg, 0, msg.Length);
var signature = signer.GenerateSignature();
signer.Init(false, KeyPair.Public);
signer.BlockUpdate(msg, 0, msg.Length);
var verified = signer.VerifySignature(signature);
var pubkey = Convert.ToBase64String(((ECPublicKeyParameters)KeyPair.Public).Q.GetEncoded());
progress.Report($"Public key: {pubkey}"
+ $"\nSignature: {Convert.ToBase64String(signature)}"
+ $"\nVerified: {verified}");
} catch (Exception e) {
System.Console.WriteLine("Failed: " + e.Message + "\n" + e.StackTrace);
}
}
public static AsymmetricCipherKeyPair GenerateKeys(string seed = "", int keySize = 256)
{
var curve = ECNamedCurveTable.GetByName("secp256k1");
var domainParams = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
var secureRandom = new SecureRandom();
if (!string.IsNullOrWhiteSpace(seed))
{
secureRandom.SetSeed(Encoding.UTF8.GetBytes(seed));
}
var keyParams = new ECKeyGenerationParameters(domainParams, secureRandom);
var generator = new ECKeyPairGenerator("ECDSA");
generator.Init(keyParams);
var keyPair = generator.GenerateKeyPair();
return(keyPair);
}
internal static AsymmetricCipherKeyPair GenerateAssymetricKeyPairs()
{
var curve = ECNamedCurveTable.GetByName("secp256k1");
var domainParams = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
var secureRandom = new SecureRandom();
var keyParams = new ECKeyGenerationParameters(domainParams, secureRandom);
var generator = new ECKeyPairGenerator("ECDSA");
generator.Init(keyParams);
var keyPair = generator.GenerateKeyPair();
var privateKey = keyPair.Private as ECPrivateKeyParameters;
var publicKey = keyPair.Public as ECPublicKeyParameters;
Console.WriteLine($"Private key: {ToHex(privateKey.D.ToByteArrayUnsigned())}");
Console.WriteLine($"Public key: {ToHex(publicKey.Q.GetEncoded())}");
return(keyPair);
}
public void NoncompliantGetByName()
{
X9ECParameters curve = null;
// Elliptic curves always have the key length as part of their names.Rule implementation looks for this
//key length pattern, so that all curves with a key length smaller than 224 will raise an issue
curve = SecNamedCurves.GetByName("secp192k1"); // Noncompliant {{Use a key length of at least 224 bits for EC cipher algorithm.}}
curve = SecNamedCurves.GetByName("secp192r1"); // Noncompliant
curve = SecNamedCurves.GetByName("sect163k1"); // Noncompliant
curve = SecNamedCurves.GetByName("sect163r1"); // Noncompliant
curve = SecNamedCurves.GetByName("sect163r2"); // Noncompliant
curve = SecNamedCurves.GetByName("sect193r1"); // Noncompliant
curve = SecNamedCurves.GetByName("sect193r2"); // Noncompliant
curve = X962NamedCurves.GetByName("prime192v1"); // Noncompliant
curve = X962NamedCurves.GetByName("prime192v2"); // Noncompliant
curve = X962NamedCurves.GetByName("prime192v3"); // Noncompliant
curve = X962NamedCurves.GetByName("c2pnb163v1"); // Noncompliant
curve = X962NamedCurves.GetByName("c2pnb163v2"); // Noncompliant
curve = X962NamedCurves.GetByName("c2pnb163v3"); // Noncompliant
curve = X962NamedCurves.GetByName("c2pnb176w1"); // Noncompliant
curve = X962NamedCurves.GetByName("c2tnb191v1"); // Noncompliant
curve = X962NamedCurves.GetByName("c2tnb191v2"); // Noncompliant
curve = X962NamedCurves.GetByName("c2tnb191v3"); // Noncompliant
curve = X962NamedCurves.GetByName("c2pnb208w1"); // Noncompliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp160r1"); // Noncompliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp160t1"); // Noncompliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp192r1"); // Noncompliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp192t1"); // Noncompliant
curve = NistNamedCurves.GetByName("B-163"); // Noncompliant
curve = NistNamedCurves.GetByName("K-163"); // Noncompliant
curve = NistNamedCurves.GetByName("P-192"); // Noncompliant
curve = ECNamedCurveTable.GetByName("secp192k1"); // Noncompliant
curve = ECNamedCurveTable.GetByName("c2pnb208w1"); // Noncompliant
curve = ECNamedCurveTable.GetByName("brainpoolp192t1"); // Noncompliant
curve = ECNamedCurveTable.GetByName("B-163"); // Noncompliant
}
public static EncryptionResult EncryptMessage(byte[] userKey, byte[] userSecret, byte[] data,
ushort padding = 0, bool randomisePadding = false)
{
SecureRandom Random = new SecureRandom();
byte[] Salt = new byte[16];
Random.NextBytes(Salt);
X9ECParameters Curve = ECNamedCurveTable.GetByName("prime256v1");
ECDomainParameters Spec = new ECDomainParameters(Curve.Curve, Curve.G, Curve.N, Curve.H, Curve.GetSeed());
ECKeyPairGenerator Generator = new ECKeyPairGenerator();
Generator.Init(new ECKeyGenerationParameters(Spec, new SecureRandom()));
AsymmetricCipherKeyPair KeyPair = Generator.GenerateKeyPair();
ECDHBasicAgreement AgreementGenerator = new ECDHBasicAgreement();
AgreementGenerator.Init(KeyPair.Private);
BigInteger IKM = AgreementGenerator.CalculateAgreement(new ECPublicKeyParameters(Spec.Curve.DecodePoint(userKey), Spec));
byte[] PRK = GenerateHKDF(userSecret, IKM.ToByteArrayUnsigned(), Encoding.UTF8.GetBytes("Content-Encoding: auth\0"), 32);
byte[] PublicKey = ((ECPublicKeyParameters)KeyPair.Public).Q.GetEncoded(false);
byte[] CEK = GenerateHKDF(Salt, PRK, CreateInfoChunk("aesgcm", userKey, PublicKey), 16);
byte[] Nonce = GenerateHKDF(Salt, PRK, CreateInfoChunk("nonce", userKey, PublicKey), 12);
if (randomisePadding && padding > 0)
{
padding = Convert.ToUInt16(Math.Abs(Random.NextInt()) % (padding + 1));
}
byte[] Input = new byte[padding + 2 + data.Length];
Buffer.BlockCopy(ConvertInt(padding), 0, Input, 0, 2);
Buffer.BlockCopy(data, 0, Input, padding + 2, data.Length);
IBufferedCipher Cipher = CipherUtilities.GetCipher("AES/GCM/NoPadding");
Cipher.Init(true, new AeadParameters(new KeyParameter(CEK), 128, Nonce));
byte[] Message = new byte[Cipher.GetOutputSize(Input.Length)];
Cipher.DoFinal(Input, 0, Input.Length, Message, 0);
return(new EncryptionResult()
{
Salt = Salt, Payload = Message, PublicKey = PublicKey
});
}
public void TestAddSubtractMultiplyTwiceEncoding()
{
ArrayList names = new ArrayList();
CollectionUtilities.AddRange(names, ECNamedCurveTable.Names);
CollectionUtilities.AddRange(names, CustomNamedCurves.Names);
foreach (string name in names)
{
X9ECParameters x9ECParameters = ECNamedCurveTable.GetByName(name);
if (x9ECParameters != null)
{
ImplAddSubtractMultiplyTwiceEncodingTestAllCoords(x9ECParameters);
}
x9ECParameters = CustomNamedCurves.GetByName(name);
if (x9ECParameters != null)
{
ImplAddSubtractMultiplyTwiceEncodingTestAllCoords(x9ECParameters);
}
}
}
static byte[] GetSharedKey(ECPrivateKeyParameters sigPrivKey, byte[] serverPubKey)
{
Console.WriteLine("Generating shared key!");
var ecP = ECNamedCurveTable.GetByName("secp256k1");
var domainParams = new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
Org.BouncyCastle.Math.EC.ECPoint point = domainParams.Curve.DecodePoint(serverPubKey);
ECPublicKeyParameters oEcPublicKeyParameters = new ECPublicKeyParameters(point, domainParams);
IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("ECDH");
aKeyAgree.Init(sigPrivKey);
var sharedKey = aKeyAgree.CalculateAgreement(oEcPublicKeyParameters).ToByteArray();
Console.WriteLine($"{sharedKey.Length} bytes Created shared key ({ToHex(sharedKey)})");
return(sharedKey);
}
private static EncryptionResult EncryptMessage(byte[] userKey, byte[] userSecret, byte[] data,
ushort padding = 0, bool randomisePadding = false)
{
SecureRandom random = new SecureRandom();
byte[] salt = new byte[16];
random.NextBytes(salt);
X9ECParameters curve = ECNamedCurveTable.GetByName("prime256v1");
ECDomainParameters spec = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
ECKeyPairGenerator generator = new ECKeyPairGenerator();
generator.Init(new ECKeyGenerationParameters(spec, new SecureRandom()));
AsymmetricCipherKeyPair keyPair = generator.GenerateKeyPair();
ECDHBasicAgreement agreementGenerator = new ECDHBasicAgreement();
agreementGenerator.Init(keyPair.Private);
BigInteger ikm = agreementGenerator.CalculateAgreement(new ECPublicKeyParameters(spec.Curve.DecodePoint(userKey), spec));
byte[] prk = GenerateHkdf(userSecret, ikm.ToByteArrayUnsigned(), Encoding.UTF8.GetBytes("Content-Encoding: auth\0"), 32);
byte[] publicKey = ((ECPublicKeyParameters)keyPair.Public).Q.GetEncoded(false);
byte[] cek = GenerateHkdf(salt, prk, CreateInfoChunk("aesgcm", userKey, publicKey), 16);
byte[] nonce = GenerateHkdf(salt, prk, CreateInfoChunk("nonce", userKey, publicKey), 12);
if (randomisePadding && padding > 0)
{
padding = Convert.ToUInt16(Math.Abs(random.NextInt()) % (padding + 1));
}
byte[] input = new byte[padding + 2 + data.Length];
Buffer.BlockCopy(ConvertInt(padding), 0, input, 0, 2);
Buffer.BlockCopy(data, 0, input, padding + 2, data.Length);
IBufferedCipher cipher = CipherUtilities.GetCipher("AES/GCM/NoPadding");
cipher.Init(true, new AeadParameters(new KeyParameter(cek), 128, nonce));
byte[] message = new byte[cipher.GetOutputSize(input.Length)];
cipher.DoFinal(input, 0, input.Length, message, 0);
return(new EncryptionResult()
{
Salt = salt, Payload = message, PublicKey = publicKey
});
}
private static ECPublicKeyParameters CompressedPublicKeyToEcPublicKey(this byte[] bPubC)
{
var pubKey = bPubC.Skip(1).ToArray();
var curve = ECNamedCurveTable.GetByName(CurveTableName);
var domainParams = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
var yParity = new BigInteger(bPubC.Take(1).ToArray()).Subtract(BigInteger.Two);
var x = new BigInteger(1, pubKey);
var p = ((FpCurve)curve.Curve).Q;
var a = x.ModPow(new BigInteger("3"), p).Add(new BigInteger("7")).Mod(p);
var y = a.ModPow(p.Add(BigInteger.One).FloorDivide(new BigInteger("4")), p);
if (!y.Mod(BigInteger.Two).Equals(yParity))
{
y = y.Negate().Mod(p);
}
var q = curve.Curve.CreatePoint(x, y);
return(new ECPublicKeyParameters(q, domainParams));
}
public void TestDecode()
{
X9ECParameters x9 = ECNamedCurveTable.GetByName("prime192v1");
ECPoint p = x9.G;
if (!p.AffineXCoord.ToBigInteger().Equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16)))
{
Fail("x uncompressed incorrectly");
}
if (!p.AffineYCoord.ToBigInteger().Equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16)))
{
Fail("y uncompressed incorrectly");
}
byte[] encoding = p.GetEncoded(true);
if (!AreEqual(encoding, Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")))
{
Fail("point compressed incorrectly");
}
}
public EcdhBC()
: base()
{
// setup.
X9ECParameters x9 = ECNamedCurveTable.GetByName("prime256v1");
ECDomainParameters ecSpec = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H);
IAsymmetricCipherKeyPairGenerator kpGen = new ECKeyPairGenerator("ECDH");
// generate and save the key pair.
kpGen.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
_keyPair = kpGen.GenerateKeyPair();
// generate and store the public key as a base64 string. The string must be in the
// basic X9.62 uncompressed format -- just a point on the curve -- which is expected
// server-side. Most of the Bouncy Castle methods (e.g., GetEncoded, GetDerEncoded)
// will give you a full ASN.1/DER encoded public key which won't work for us.
//
// the point Q represents the public key by convention, e.g., as per here:
// https://en.wikipedia.org/wiki/Elliptic-curve_Diffie%E2%80%93Hellman
byte[] value = ((ECPublicKeyParameters)_keyPair.Public).Q.GetEncoded();
PublicKey = Convert.ToBase64String(value);
}
private IList GetTestCurves()
{
ArrayList x9s = new ArrayList();
ArrayList names = new ArrayList();
CollectionUtilities.AddRange(names, ECNamedCurveTable.Names);
CollectionUtilities.AddRange(names, CustomNamedCurves.Names);
foreach (string name in names)
{
X9ECParameters x9 = ECNamedCurveTable.GetByName(name);
if (x9 != null)
{
AddTestCurves(x9s, x9);
}
x9 = CustomNamedCurves.GetByName(name);
if (x9 != null)
{
AddTestCurves(x9s, x9);
}
}
return(x9s);
}
private IList GetTestCurves()
{
ArrayList x9s = new ArrayList();
ISet names = new HashSet(ECNamedCurveTable.Names);
names.AddAll(CustomNamedCurves.Names);
foreach (string name in names)
{
X9ECParameters x9 = ECNamedCurveTable.GetByName(name);
if (x9 != null)
{
AddTestCurves(x9s, x9);
}
x9 = CustomNamedCurves.GetByName(name);
if (x9 != null)
{
AddTestCurves(x9s, x9);
}
}
return(x9s);
}
public void TestFixedPointMultiplier()
{
FixedPointCombMultiplier M = new FixedPointCombMultiplier();
ArrayList names = new ArrayList();
CollectionUtilities.AddRange(names, ECNamedCurveTable.Names);
CollectionUtilities.AddRange(names, CustomNamedCurves.Names);
ISet uniqNames = new HashSet(names);
foreach (string name in uniqNames)
{
X9ECParameters x9A = ECNamedCurveTable.GetByName(name);
X9ECParameters x9B = CustomNamedCurves.GetByName(name);
X9ECParameters x9 = x9B != null ? x9B : x9A;
for (int i = 0; i < TestsPerCurve; ++i)
{
BigInteger k = new BigInteger(x9.N.BitLength, Random);
ECPoint pRef = ECAlgorithms.ReferenceMultiply(x9.G, k);
if (x9A != null)
{
ECPoint pA = M.Multiply(x9A.G, k);
AssertPointsEqual("Standard curve fixed-point failure", pRef, pA);
}
if (x9B != null)
{
ECPoint pB = M.Multiply(x9B.G, k);
AssertPointsEqual("Custom curve fixed-point failure", pRef, pB);
}
}
}
}
/**
* Recover the public key that corresponds to the private key, which signed this message.
*/
public static byte[] RecoverPublicKey(byte[] sigR, byte[] sigS, byte[] sigV, byte[] message)
{
//ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("secp256k1");
X9ECParameters spec = ECNamedCurveTable.GetByName("secp256k1");
BigInteger pointN = spec.N;
try
{
BigInteger pointX = new BigInteger(1, sigR);
byte[] compEnc =
X9IntegerConverter.IntegerToBytes(pointX, 1 + X9IntegerConverter.GetByteLength(spec.Curve));
compEnc[0] = (byte)((sigV[0] & 1) == 1 ? 0x03 : 0x02);
ECPoint pointR = spec.Curve.DecodePoint(compEnc);
if (!pointR.Multiply(pointN).IsInfinity)
{
return(new byte[0]);
}
BigInteger pointE = new BigInteger(1, message);
BigInteger pointEInv = BigInteger.Zero.Subtract(pointE).Mod(pointN);
BigInteger pointRInv = new BigInteger(1, sigR).ModInverse(pointN);
BigInteger srInv = pointRInv.Multiply(new BigInteger(1, sigS)).Mod(pointN);
BigInteger pointEInvRInv = pointRInv.Multiply(pointEInv).Mod(pointN);
ECPoint pointQ = ECAlgorithms.SumOfTwoMultiplies(spec.G, pointEInvRInv, pointR, srInv);
byte[] pointQBytes = pointQ.GetEncoded(false);
return(pointQBytes);
}
catch (Exception e)
{
}
return(new byte[0]);
}
public List <AsymmetricKeyParameter> GetCertificates(string country, byte[] kid)
{
LoadCertificates();
List <AsymmetricKeyParameter> publicKeys = new List <AsymmetricKeyParameter>();
// No TrustList means no keys to match with
if (TrustList == null)
{
return(publicKeys);
}
List <DscTrust> trusts = new List <DscTrust>();
if (country != null)
{
DscTrust dscTrust = TrustList.DscTrustList.GetValueOrDefault(country);
if (dscTrust != null)
{
trusts.Add(dscTrust);
}
}
else
{
trusts.AddRange(TrustList.DscTrustList.Values);
}
foreach (DscTrust trust in trusts)
{
foreach (Key key in trust.Keys)
{
string kidStr = Convert.ToBase64String(kid)
.Replace('+', '-')
.Replace('/', '_')
.Replace("=", "");;
if (kid == null || key.Kid == null || key.Kid.Equals(kidStr))
{
if (key.Kty.Equals("EC"))
{
X9ECParameters x9 = ECNamedCurveTable.GetByName(key.Crv);
ECPoint point = x9.Curve.CreatePoint(Base64UrlDecodeToBigInt(key.X), Base64UrlDecodeToBigInt(key.Y));
ECDomainParameters dParams = new ECDomainParameters(x9);
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(point, dParams);
publicKeys.Add(pubKey);
}
else if (key.Kty.Equals("RSA"))
{
RsaKeyParameters pubKey = new RsaKeyParameters(false, Base64UrlDecodeToBigInt(key.N), Base64UrlDecodeToBigInt(key.E));
publicKeys.Add(pubKey);
}
}
}
}
ECPublicKeyParameters bpubKey = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(_publicKey));
publicKeys.Add(bpubKey);
AsymmetricKeyParameter dkKey = PublicKeyFactory.CreateKey(Convert.FromBase64String(_publicKey2));
publicKeys.Add(dkKey);
return(publicKeys);
}
public void TestGeneration()
{
ISigner s = SignerUtilities.GetSigner("DSA");
byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
SecureRandom rand = new SecureRandom();
// KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA");
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
// test exception
//
doTestBadStrength(513);
doTestBadStrength(510);
doTestBadStrength(1025);
//g.initialize(512, rand);
{
DsaParametersGenerator pGen = new DsaParametersGenerator();
pGen.Init(512, 80, rand);
g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters()));
}
AsymmetricCipherKeyPair p = g.GenerateKeyPair();
AsymmetricKeyParameter sKey = p.Private;
AsymmetricKeyParameter vKey = p.Public;
s.Init(true, sKey);
s.BlockUpdate(data, 0, data.Length);
byte[] sigBytes = s.GenerateSignature();
s = SignerUtilities.GetSigner("DSA");
s.Init(false, vKey);
s.BlockUpdate(data, 0, data.Length);
if (!s.VerifySignature(sigBytes))
{
Fail("DSA verification failed");
}
//
// ECDSA Fp generation test
//
s = SignerUtilities.GetSigner("ECDSA");
X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1");
ECCurve curve = x9.Curve;
ECDomainParameters ecSpec = new ECDomainParameters(curve, x9.G, x9.N, x9.H);
g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
g.Init(new ECKeyGenerationParameters(ecSpec, rand));
p = g.GenerateKeyPair();
sKey = p.Private;
vKey = p.Public;
s.Init(true, sKey);
s.BlockUpdate(data, 0, data.Length);
sigBytes = s.GenerateSignature();
s = SignerUtilities.GetSigner("ECDSA");
s.Init(false, vKey);
s.BlockUpdate(data, 0, data.Length);
if (!s.VerifySignature(sigBytes))
{
Fail("ECDSA verification failed");
}
//
// ECDSA F2m generation test
//
s = SignerUtilities.GetSigner("ECDSA");
x9 = ECNamedCurveTable.GetByName("c2tnb239v1");
curve = x9.Curve;
ecSpec = new ECDomainParameters(curve, x9.G, x9.N, x9.H);
g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
g.Init(new ECKeyGenerationParameters(ecSpec, rand));
p = g.GenerateKeyPair();
sKey = p.Private;
vKey = p.Public;
s.Init(true, sKey);
s.BlockUpdate(data, 0, data.Length);
sigBytes = s.GenerateSignature();
s = SignerUtilities.GetSigner("ECDSA");
s.Init(false, vKey);
s.BlockUpdate(data, 0, data.Length);
if (!s.VerifySignature(sigBytes))
{
Fail("ECDSA verification failed");
}
}
public void TestECDsa239BitPrime()
{
BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176");
BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783");
byte[] kData = BigIntegers.AsUnsignedByteArray(
new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
SecureRandom k = FixedSecureRandom.From(kData);
X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1");
ECCurve curve = x9.Curve;
ECDomainParameters spec = new ECDomainParameters(curve, x9.G, x9.N, x9.H);
ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
"ECDSA",
new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
spec);
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
"ECDSA",
curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
spec);
ISigner sgr = SignerUtilities.GetSigner("ECDSA");
// KeyFactory f = KeyFactory.GetInstance("ECDSA");
// PrivateKey sKey = f.generatePrivate(priKey);
// PublicKey vKey = f.generatePublic(pubKey);
AsymmetricKeyParameter sKey = priKey;
AsymmetricKeyParameter vKey = pubKey;
sgr.Init(true, new ParametersWithRandom(sKey, k));
byte[] message = Encoding.ASCII.GetBytes("abc");
sgr.BlockUpdate(message, 0, message.Length);
byte[] sigBytes = sgr.GenerateSignature();
sgr.Init(false, vKey);
sgr.BlockUpdate(message, 0, message.Length);
if (!sgr.VerifySignature(sigBytes))
{
Fail("239 Bit EC verification failed");
}
BigInteger[] sig = DerDecode(sigBytes);
if (!r.Equals(sig[0]))
{
Fail("r component wrong." + SimpleTest.NewLine
+ " expecting: " + r + SimpleTest.NewLine
+ " got : " + sig[0]);
}
if (!s.Equals(sig[1]))
{
Fail("s component wrong." + SimpleTest.NewLine
+ " expecting: " + s + SimpleTest.NewLine
+ " got : " + sig[1]);
}
}
public void TestCreationECDSA()
{
BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv"));
BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R"));
BigInteger ECParraH = new BigInteger(Base64.Decode("AQ=="));
BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L"));
BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l"));
BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx"));
BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo"));
X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1");
ECCurve curve = x9.Curve;
ECDomainParameters ecDomain = new ECDomainParameters(curve, curve.ValidatePoint(ECParraGX, ECParraGY), ECParraN, ECParraH);
ECPublicKeyParameters ecPub = new ECPublicKeyParameters("ECDSA",
curve.ValidatePoint(ECPubQX, ECPubQY), ecDomain);
ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters("ECDSA", ECPrivD, ecDomain);
IDictionary attrs = new Hashtable();
attrs[X509Name.C] = "AU";
attrs[X509Name.O] = "The Legion of the Bouncy Castle";
attrs[X509Name.L] = "Melbourne";
attrs[X509Name.ST] = "Victoria";
attrs[X509Name.E] = "*****@*****.**";
IList ord = new ArrayList();
ord.Add(X509Name.C);
ord.Add(X509Name.O);
ord.Add(X509Name.L);
ord.Add(X509Name.ST);
ord.Add(X509Name.E);
IList values = new ArrayList();
values.Add("AU");
values.Add("The Legion of the Bouncy Castle");
values.Add("Melbourne");
values.Add("Victoria");
values.Add("*****@*****.**");
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
certGen.SetSerialNumber(BigInteger.One);
certGen.SetIssuerDN(new X509Name(ord, attrs));
certGen.SetNotBefore(DateTime.Today.Subtract(new TimeSpan(1, 0, 0, 0)));
certGen.SetNotAfter(DateTime.Today.AddDays(1));
certGen.SetSubjectDN(new X509Name(ord, attrs));
certGen.SetPublicKey(ecPub);
certGen.SetSignatureAlgorithm("SHA1WITHECDSA");
certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
X509Certificate cert = certGen.Generate(ecPriv);
// Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)");
cert.CheckValidity();
cert.Verify(ecPub);
ISet extOidSet = cert.GetCriticalExtensionOids();
if (extOidSet.Count != 1)
{
Fail("wrong number of oids");
}
//if (dummySet != null)
//{
// foreach (string key in dummySet)
// {
// Console.WriteLine("\t{0}:\t{1}", key);
// }
//}
//Console.WriteLine();
//dummySet = cert.GetNonCriticalExtensionOids();
//if (dummySet != null)
//{
// foreach (string key in dummySet)
// {
// Console.WriteLine("\t{0}:\t{1}", key);
// }
//}
//Console.WriteLine();
}
/*
* we generate a self signed certificate for the sake of testing - SHA224withECDSA
*/
private void createECRequest(
string algorithm,
DerObjectIdentifier algOid)
{
X9ECParameters x9 = ECNamedCurveTable.GetByName("secp521r1");
ECCurve curve = x9.Curve;
ECDomainParameters spec = new ECDomainParameters(curve, x9.G, x9.N, x9.H);
ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(
new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
spec);
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
// curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
spec);
// //
// // set up the keys
// //
// AsymmetricKeyParameter privKey;
// AsymmetricKeyParameter pubKey;
//
// KeyFactory fact = KeyFactory.getInstance("ECDSA");
//
// privKey = fact.generatePrivate(privKeySpec);
// pubKey = fact.generatePublic(pubKeySpec);
Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(
algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
if (!req.Verify())
{
Fail("Failed Verify check EC.");
}
req = new Pkcs10CertificationRequest(req.GetEncoded());
if (!req.Verify())
{
Fail("Failed Verify check EC encoded.");
}
//
// try with point compression turned off
//
// ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
ECPoint q = pubKey.Q.Normalize();
pubKey = new ECPublicKeyParameters(
pubKey.AlgorithmName,
q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()),
pubKey.Parameters);
req = new Pkcs10CertificationRequest(
algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
if (!req.Verify())
{
Fail("Failed Verify check EC uncompressed.");
}
req = new Pkcs10CertificationRequest(req.GetEncoded());
if (!req.Verify())
{
Fail("Failed Verify check EC uncompressed encoded.");
}
if (!req.SignatureAlgorithm.Algorithm.Equals(algOid))
{
Fail("ECDSA oid incorrect.");
}
if (req.SignatureAlgorithm.Parameters != null)
{
Fail("ECDSA parameters incorrect.");
}
ISigner sig = SignerUtilities.GetSigner(algorithm);
sig.Init(false, pubKey);
byte[] b = req.GetCertificationRequestInfo().GetEncoded();
sig.BlockUpdate(b, 0, b.Length);
if (!sig.VerifySignature(req.GetSignatureOctets()))
{
Fail("signature not mapped correctly.");
}
}
/// <summary>
/// Constructor
/// </summary>
public AccountSynchronizer(IWebSocketProvider webSocketProvider)
{
WhisperService = new WhisperService(webSocketProvider);
X9 = ECNamedCurveTable.GetByName("prime239v1");
GenerateKeyPair();
}
static void Main(string[] args)
{
var privateKey = "pX/BvdXXUdpC79mW/jWi10Z6PJb5SBY2+aqkR/qYOjqgakKsqZFKnl0kz10Ve+BP";
var token = "BDiRKNnPiPUb5oala31nkmCaXMB0iyWy3Q93p6fN7vPxEQSUlFVsInkJzPBBqmW1FUIY1KBA3BQb3W3Qv4akZ8kblqbmvupE/EJzPKbROZFBNvxpvVOHHgO2qadmHAjHSmnxUuxrpKxopWnOgyhzUx+mBUTao0pcEgqZFw0Y/qZIJPf1KusCMlz5TAhpjsw=";
// #####
// ##### Step 1
// #####
var decodedToken = Convert.FromBase64String(token);
var decodedEphemeralPublicKey = decodedToken.Take(97).ToArray();
var encodedEphemeralPublicKeyCheck = Convert.ToBase64String(decodedEphemeralPublicKey);
if (encodedEphemeralPublicKeyCheck != "BDiRKNnPiPUb5oala31nkmCaXMB0iyWy3Q93p6fN7vPxEQSUlFVsInkJzPBBqmW1FUIY1KBA3BQb3W3Qv4akZ8kblqbmvupE/EJzPKbROZFBNvxpvVOHHgO2qadmHAjHSg==")
{
throw new Exception("Public key check failed");
}
X9ECParameters curveParams = ECNamedCurveTable.GetByName("secp384r1");
ECPoint decodePoint = curveParams.Curve.DecodePoint(decodedEphemeralPublicKey);
ECDomainParameters domainParams = new ECDomainParameters(curveParams.Curve, curveParams.G, curveParams.N, curveParams.H, curveParams.GetSeed());
ECPublicKeyParameters ecPublicKeyParameters = new ECPublicKeyParameters(decodePoint, domainParams);
var x = ecPublicKeyParameters.Q.AffineXCoord.ToBigInteger();
var y = ecPublicKeyParameters.Q.AffineYCoord.ToBigInteger();
if (!x.Equals(new BigInteger("8706462696031173094919866327685737145866436939551712382591956952075131891462487598200779332295613073905587629438229")))
{
throw new Exception("X coord check failed");
}
if (!y.Equals(new BigInteger("10173258529327482491525749925661342501140613951412040971418641469645769857676705559747557238888921287857458976966474")))
{
throw new Exception("Y coord check failed");
}
Console.WriteLine("Step 1 complete");
// #####
// ##### Step 2
// #####
var privateKeyBytes = Convert.FromBase64String(privateKey);
var ecPrivateKeyParameters = new ECPrivateKeyParameters("ECDHC", new BigInteger(1, privateKeyBytes), domainParams);
var privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecPrivateKeyParameters);
var ecPrivateKey = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privateKeyInfo);
IBasicAgreement agree = AgreementUtilities.GetBasicAgreement("ECDHC");
agree.Init(ecPrivateKey);
BigInteger sharedKey = agree.CalculateAgreement(ecPublicKeyParameters);
var sharedKeyBytes = sharedKey.ToByteArrayUnsigned();
var sharedKeyBase64 = Convert.ToBase64String(sharedKeyBytes);
if (sharedKeyBase64 != "2lvSJsBO2keUHRfvPG6C1RMUmGpuDbdgNrZ9YD7RYnvAcfgq/fjeYr1p0hWABeif")
{
throw new Exception("Shared key check failed");
}
Console.WriteLine("Step 2 complete");
// #####
// ##### Step 3
// #####
var kdf2Bytes = Kdf2(sharedKeyBytes, decodedEphemeralPublicKey);
var kdf2Base64 = Convert.ToBase64String(kdf2Bytes);
if (kdf2Base64 != "mAzkYatDlz4SzrCyM23NhgL/+mE3eGgfUz9h1CFPhZOtXequzN3Q8w+B5GE2eU5g")
{
throw new Exception("Kdf2 failed");
}
Console.WriteLine("Step 3 complete");
// #####
// ##### Step 4
// #####
var decryptionKeyBytes = kdf2Bytes.Take(32).ToArray();
var decryptionIvBytes = kdf2Bytes.Skip(32).ToArray();
var decryptionKeyBase64 = Convert.ToBase64String(decryptionKeyBytes);
var decryptionIvBase64 = Convert.ToBase64String(decryptionIvBytes);
if (decryptionKeyBase64 != "mAzkYatDlz4SzrCyM23NhgL/+mE3eGgfUz9h1CFPhZM=")
{
throw new Exception("Decryption key check failed");
}
if (decryptionIvBase64 != "rV3qrszd0PMPgeRhNnlOYA==")
{
throw new Exception("Decryption iv check failed");
}
var encryptedDataBytes = decodedToken.Skip(97).Take(decodedToken.Length - 113).ToArray();
var tagBytes = decodedToken.Skip(decodedToken.Length - 16).ToArray();
var encryptedDataBase64 = Convert.ToBase64String(encryptedDataBytes);
var tagBase64 = Convert.ToBase64String(tagBytes);
if (encryptedDataBase64 != "afFS7GukrGilac6DKHNTH6YFRNqjSlwSCpkXDRj+")
{
throw new Exception("Encrypted data check failed");
}
if (tagBase64 != "pkgk9/Uq6wIyXPlMCGmOzA==")
{
throw new Exception("Tag check failed");
}
KeyParameter keyParam = ParameterUtilities.CreateKeyParameter("AES", decryptionKeyBytes);
ParametersWithIV parameters = new ParametersWithIV(keyParam, decryptionIvBytes);
IBufferedCipher cipher = CipherUtilities.GetCipher("AES/GCM/NoPadding");
cipher.Init(false, parameters);
var resultBytes = cipher.DoFinal(encryptedDataBytes.Concat(tagBytes).ToArray());
var resultBase64 = Convert.ToBase64String(resultBytes);
var resultString = Strings.FromByteArray(resultBytes);
if (resultString != "xXTi32iZwrQ6O8Sy6r1isKwF6Ff1Py")
{
throw new Exception("Decryption failed");
}
Console.WriteLine("Step 4 complete");
Console.WriteLine(resultString);
Console.WriteLine();
Console.WriteLine("Done... press any key to finish");
Console.ReadLine();
}
public Secp256k1()
{
// set curve
_curve = ECNamedCurveTable.GetByName("secp256k1");
_curveSpec = new ECDomainParameters(_curve.Curve, _curve.G, _curve.N, _curve.H);
}
public override void PerformTest()
{
generationTest(512, "RSA", "SHA1withRSA");
generationTest(512, "GOST3410", "GOST3411withGOST3410");
// if (Security.getProvider("SunRsaSign") != null)
// {
// generationTest(512, "RSA", "SHA1withRSA", "SunRsaSign");
// }
// elliptic curve GOST A parameter set
Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(gost3410EC_A);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_A.");
}
// elliptic curve GOST B parameter set
req = new Pkcs10CertificationRequest(gost3410EC_B);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_B.");
}
// elliptic curve GOST C parameter set
req = new Pkcs10CertificationRequest(gost3410EC_C);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_C.");
}
// elliptic curve GOST ExA parameter set
req = new Pkcs10CertificationRequest(gost3410EC_ExA);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_ExA.");
}
// elliptic curve GOST ExB parameter set
req = new Pkcs10CertificationRequest(gost3410EC_ExB);
if (!req.Verify())
{
Fail("Failed Verify check gost3410EC_ExA.");
}
// elliptic curve openSSL
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1");
ECCurve curve = x9.Curve;
ECDomainParameters ecSpec = new ECDomainParameters(curve, x9.G, x9.N, x9.H);
// g.initialize(ecSpec, new SecureRandom());
g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
AsymmetricCipherKeyPair kp = g.GenerateKeyPair();
req = new Pkcs10CertificationRequest(
"ECDSAWITHSHA1", new X509Name("CN=XXX"), kp.Public, null, kp.Private);
if (!req.Verify())
{
Fail("Failed Verify check EC.");
}
createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
createECRequest("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
createECRequest("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
createECRequest("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
createECRequest("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
createECGostRequest();
// TODO The setting of parameters for MGF algorithms is not implemented
// createPssTest("SHA1withRSAandMGF1");
// createPssTest("SHA224withRSAandMGF1");
// createPssTest("SHA256withRSAandMGF1");
// createPssTest("SHA384withRSAandMGF1");
nullPointerTest();
}
public static Generator GenPki(string cn, string org, string orgun, string city, string state, string country,
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.SHA256,
RsaKeyLength rsaKeyLength = RsaKeyLength.Length2048Bits)
{
Generator generator = new Generator();
// Determines Signature Algorithm
string signatureAlgorithmStr;
switch (signatureAlgorithm)
{
case SignatureAlgorithm.SHA1:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id;
break;
case SignatureAlgorithm.SHA256:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id;
break;
case SignatureAlgorithm.SHA512:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id;
break;
default:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id;
break;
}
// Cert Info
IDictionary attrs = new Hashtable();
attrs.Add(X509Name.CN, cn);
attrs.Add(X509Name.O, org);
attrs.Add(X509Name.OU, orgun);
attrs.Add(X509Name.L, city);
attrs.Add(X509Name.ST, state);
attrs.Add(X509Name.C, country);
X509Name subject = new X509Name(new ArrayList(attrs.Keys), attrs);
//Key Generator
//ECKeyPairGenerator ecKeyPairGenerator = new ECKeyPairGenerator();
//ecKeyPairGenerator.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), (int)rsaKeyLength));
//AsymmetricCipherKeyPair pair = ecKeyPairGenerator.GenerateKeyPair();
X9ECParameters curve = ECNamedCurveTable.GetByName("secp256k1");
ECDomainParameters ecParam = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
ECKeyPairGenerator ecKeyPairGenerator = new ECKeyPairGenerator();
ecKeyPairGenerator.Init(new ECKeyGenerationParameters(ecParam, new SecureRandom()));
AsymmetricCipherKeyPair pair = ecKeyPairGenerator.GenerateKeyPair();
//RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
//rsaKeyPairGenerator.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), (int)rsaKeyLength));
//AsymmetricCipherKeyPair pair = rsaKeyPairGenerator.GenerateKeyPair();
//CSR Generator
//Asn1SignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithmStr, pair.Private);
Asn1SignatureFactory signatureFactory = new Asn1SignatureFactory("SHA256WITHECDSA", pair.Private);
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest(signatureFactory, subject, pair.Public, null, pair.Private);
/***************************
****************************
**Convert to PEM and Output*
****************************
***************************/
//Private Key
StringBuilder privateKeyStrBuilder = new StringBuilder();
PemWriter privateKeyPemWriter = new PemWriter(new StringWriter(privateKeyStrBuilder));
privateKeyPemWriter.WriteObject(pair.Private);
privateKeyPemWriter.Writer.Flush();
pkey = privateKeyStrBuilder.ToString();
//Public Key
StringBuilder publicKeyStrBuilder = new StringBuilder();
PemWriter publicKeyPemWriter = new PemWriter(new StringWriter(publicKeyStrBuilder));
publicKeyPemWriter.WriteObject(pair.Private);
publicKeyPemWriter.Writer.Flush();
generator.PublicKey = publicKeyStrBuilder.ToString();
//CSR
StringBuilder csrStrBuilder = new StringBuilder();
PemWriter csrPemWriter = new PemWriter(new StringWriter(csrStrBuilder));
csrPemWriter.WriteObject(csr);
csrPemWriter.Writer.Flush();
csR = csrStrBuilder.ToString();
return(generator);
}
public void CompliantGetByName()
{
X9ECParameters curve = null;
curve = SecNamedCurves.GetByName("secp224k1"); // Compliant
curve = SecNamedCurves.GetByName("secp224r1"); // Compliant
curve = SecNamedCurves.GetByName("secp256k1"); // Compliant
curve = SecNamedCurves.GetByName("secp256r1"); // Compliant
curve = SecNamedCurves.GetByName("secp384r1"); // Compliant
curve = SecNamedCurves.GetByName("secp521r1"); // Compliant
curve = SecNamedCurves.GetByName("sect233k1"); // Compliant
curve = SecNamedCurves.GetByName("sect233r1"); // Compliant
curve = SecNamedCurves.GetByName("sect239k1"); // Compliant
curve = SecNamedCurves.GetByName("sect283k1"); // Compliant
curve = SecNamedCurves.GetByName("sect283r1"); // Compliant
curve = SecNamedCurves.GetByName("sect409k1"); // Compliant
curve = SecNamedCurves.GetByName("sect409r1"); // Compliant
curve = SecNamedCurves.GetByName("sect571k1"); // Compliant
curve = SecNamedCurves.GetByName("sect571r1"); // Compliant
curve = X962NamedCurves.GetByName("prime239v1"); // Compliant
curve = X962NamedCurves.GetByName("prime239v2"); // Compliant
curve = X962NamedCurves.GetByName("prime239v3"); // Compliant
curve = X962NamedCurves.GetByName("prime256v1"); // Compliant
curve = X962NamedCurves.GetByName("c2tnb239v1"); // Compliant
curve = X962NamedCurves.GetByName("c2tnb239v2"); // Compliant
curve = X962NamedCurves.GetByName("c2tnb239v3"); // Compliant
curve = X962NamedCurves.GetByName("c2pnb272w1"); // Compliant
curve = X962NamedCurves.GetByName("c2pnb304w1"); // Compliant
curve = X962NamedCurves.GetByName("c2tnb359v1"); // Compliant
curve = X962NamedCurves.GetByName("c2pnb368w1"); // Compliant
curve = X962NamedCurves.GetByName("c2tnb431r1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp224r1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp224t1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp256r1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp256t1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp320r1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp320t1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp384r1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp384t1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp512r1"); // Compliant
curve = TeleTrusTNamedCurves.GetByName("brainpoolp512t1"); // Compliant
curve = SecNamedCurves.GetByName("GostR3410-2001-CryptoPro-A"); // Compliant
curve = SecNamedCurves.GetByName("GostR3410-2001-CryptoPro-XchB"); // Compliant
curve = SecNamedCurves.GetByName("GostR3410-2001-CryptoPro-XchA"); // Compliant
curve = SecNamedCurves.GetByName("GostR3410-2001-CryptoPro-C"); // Compliant
curve = SecNamedCurves.GetByName("GostR3410-2001-CryptoPro-B"); // Compliant
curve = NistNamedCurves.GetByName("B-233"); // Compliant
curve = NistNamedCurves.GetByName("B-283"); // Compliant
curve = NistNamedCurves.GetByName("B-409"); // Compliant
curve = NistNamedCurves.GetByName("B-571"); // Compliant
curve = NistNamedCurves.GetByName("K-233"); // Compliant
curve = NistNamedCurves.GetByName("K-283"); // Compliant
curve = NistNamedCurves.GetByName("K-409"); // Compliant
curve = NistNamedCurves.GetByName("K-571"); // Compliant
curve = NistNamedCurves.GetByName("P-224"); // Compliant
curve = NistNamedCurves.GetByName("P-256"); // Compliant
curve = NistNamedCurves.GetByName("P-384"); // Compliant
curve = NistNamedCurves.GetByName("P-521"); // Compliant
curve = ECNamedCurveTable.GetByName("prime239v1"); // Compliant
curve = ECNamedCurveTable.GetByName("secp224k1"); // Compliant
curve = ECNamedCurveTable.GetByName("c2tnb239v1"); // Compliant
curve = ECNamedCurveTable.GetByName("brainpoolp320t1"); // Compliant
curve = ECNamedCurveTable.GetByName("GostR3410-2001-CryptoPro-XchA"); // Compliant
curve = ECNamedCurveTable.GetByName("P-521"); // Compliant
curve = ECNamedCurveTable.GetByName("RandomString"); // Compliant
}
static CryptoUtils()
{
var curve = ECNamedCurveTable.GetByName("secp256r1");
EcParameters = new ECDomainParameters(curve.Curve, curve.G, curve.N);
}
