public IStreamCalculator CreateCalculator()
{
ISigner signer;
if (algID.Algorithm.Equals(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256))
{
signer = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest());
}
else if (algID.Algorithm.Equals(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512))
{
signer = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_512Digest());
}
else if (algID.Algorithm.Equals(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001))
{
signer = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest());
}
else if (algID.Algorithm.Equals(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94))
{
signer = new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest());
}
else
{
throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
}
signer.Init(true, ParameterUtilities.WithRandom(privateKey, random));
return(new DefaultSignatureCalculator(signer));
}
public IStreamCalculator CreateCalculator()
{
var param = new ParametersWithRandom(privateKey, new SecureRandom());
var gst = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest());
gst.Init(true, param);
return(new DefaultSignatureCalculator(gst));
}
private void SignatureGost12Test(String signatureAlg, int expectedSignLen, AsymmetricCipherKeyPair p)
{
byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
ECPrivateKeyParameters sKey = (ECPrivateKeyParameters)p.Private;
ECPublicKeyParameters vKey = (ECPublicKeyParameters)p.Public;
ECGOST3410_2012Signer s = new ECGOST3410_2012Signer();
s.Init(true, sKey);
BigInteger[] sig = s.GenerateSignature(data);
s = new ECGOST3410_2012Signer();
s.Init(false, vKey);
if (!s.VerifySignature(data, sig[0], sig[1]))
{
Fail("Signature " + signatureAlg + " did not verify");
}
//
// Test with Digest signer.
//
Gost3410DigestSigner digestSigner = new Gost3410DigestSigner(
new ECGOST3410_2012Signer(),
DigestUtilities.GetDigest(((ECGOST3410Parameters)vKey.Parameters).DigestParamSet));
digestSigner.Init(true, sKey);
digestSigner.BlockUpdate(data, 0, data.Length);
byte[] sigBytes = digestSigner.GenerateSignature();
if (sigBytes.Length != expectedSignLen)
{
Fail(signatureAlg + " signature failed at expected length");
}
digestSigner = new Gost3410DigestSigner(
new ECGOST3410_2012Signer(),
DigestUtilities.GetDigest(((ECGOST3410Parameters)vKey.Parameters).DigestParamSet));
digestSigner.Init(false, vKey);
digestSigner.BlockUpdate(data, 0, data.Length);
if (!digestSigner.VerifySignature(sigBytes))
{
Fail("Signature " + signatureAlg + " did not verify");
}
}
public static byte[] VerifySignature(CmsSignedData cms)
{
var store = cms.GetCertificates("COLLECTION");
var signers = cms.GetSignerInfos();
byte[] arr;
using (var stream = new MemoryStream())
{
cms.SignedContent.Write(stream);
arr = stream.ToArray();
}
foreach (var sig in signers.GetSigners())
{
var signer = (SignerInformation)sig;
foreach (var st in store.GetMatches(signer.SignerID))
{
var crt = (X509Certificate)st;
CheckCertificateValidity(crt);
var gst = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest());
gst.Init(false, crt.GetPublicKey());
gst.BlockUpdate(arr, 0, arr.Length);
var t = gst.VerifySignature(signer.GetSignature());
if (!t)
{
throw new CryptographicException("Cannot verify signature");
}
}
}
return(arr);
}
private static void CheckCertificateValidity(X509Certificate cert)
{
cert.CheckValidity();
var caCert = (X509Certificate)RootCertificates.GetRootCertGOST();
var gst = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest());
gst.Init(false, caCert.GetPublicKey());
var tbsCertificate = cert.GetTbsCertificate();
gst.BlockUpdate(tbsCertificate, 0, tbsCertificate.Length);
var t = gst.VerifySignature(cert.GetSignature());
if (!t)
{
throw new CryptographicException("Cannot verify signature");
}
}
