/// <summary> /// To the bouncy castle big integer. /// </summary> /// <param name="value">The value.</param> /// <returns></returns> public static Org.BouncyCastle.Math.BigInteger ToBouncyBigInteger(this BigInteger value) { var bytes = Utility.GetBytes(value); var bigint = new Org.BouncyCastle.Math.BigInteger(bytes); return(bigint); }
public void DecodeWifTest() { //https://en.bitcoin.it/wiki/Wallet_import_format Org.BouncyCastle.Math.BigInteger actual = BitcoinHelper.DecodeWif("5HueCGU8rMjxEXxiPuD5BDku4MkFqeZyd4dZ1jvhTVqvbTLvyTJ"); //Assert.IsTrue(actual.ToString() == "0C28FCA386C7A227600B2FE50B7CAE11EC86D3BF1FBE471BE89827E19D72AA1D"); Assert.IsTrue(actual.ToString() == "5500171714335001507730457227127633683517613019341760098818554179534751705629"); }
private string ByteArrayToBase58(byte[] ba) { Org.BouncyCastle.Math.BigInteger addrremain = new Org.BouncyCastle.Math.BigInteger(1, ba); Org.BouncyCastle.Math.BigInteger big0 = new Org.BouncyCastle.Math.BigInteger("0"); Org.BouncyCastle.Math.BigInteger big58 = new Org.BouncyCastle.Math.BigInteger("58"); string b58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; string rv = ""; while (addrremain.CompareTo(big0) > 0) { int d = System.Convert.ToInt32(addrremain.Mod(big58).ToString()); addrremain = addrremain.Divide(big58); rv = b58.Substring(d, 1) + rv; } // handle leading zeroes foreach (byte b in ba) { if (b != 0) { break; } rv = "1" + rv; } return(rv); }
public AuthenticationHeaderValue GetLiveSessionHeaders(string token, string url, string verificationCode) { DiffieBytes ??= File.ReadAllBytes(@"dhparam.pem"); Prime ??= new Org.BouncyCastle.Math.BigInteger(1, DiffieBytes); var g = new Org.BouncyCastle.Math.BigInteger("2", 10); var dh = new DHParameters(Prime, g); //var dhPrivateKeyParameters = keyPair.Private as DHPrivateKeyParameters; var challenge = dh.G.ModPow(DhRandom, dh.P); var diffie_hellman_challenge = BitConverter.ToString(challenge.ToByteArray()).Replace("-", "").ToLower(); var nonce = ClientHelpers.GetNonce(); var timestamp = ClientHelpers.GetTimestamp(); var data = new Dictionary <string, string> { { "diffie_hellman_challenge", diffie_hellman_challenge }, { "oauth_consumer_key", s_clientId }, { "oauth_timestamp", timestamp.ToString() }, { "oauth_nonce", nonce }, { "oauth_signature_method", "RSA-SHA256" }, { "oauth_token", token }, }; data.Add("oauth_signature", ClientHelpers.GetSignatureBaseString(_httpClient.BaseAddress.AbsoluteUri + url, data, verificationCode)); return(ClientHelpers.GetDefaultAuthHeader(data, false)); }
public static bool ValidateSignature(Hash data, ECSignature signature, ECKeyPair keyPair) { #if NATIVE_ECDSA using (var ecdsa = ECDsa.Create(keyPair)) { return(ecdsa.VerifyHash(data, signature.Signature)); } #else var derSignature = new DerSequence( new DerInteger(new Org.BouncyCastle.Math.BigInteger(1, signature.Signature.Take(32).ToArray())), new DerInteger(new Org.BouncyCastle.Math.BigInteger(1, signature.Signature.Skip(32).ToArray()))) .GetDerEncoded(); ISigner signer = SignerUtilities.GetSigner("NONEwithECDSA"); X9ECParameters curve = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName(keyPair.CurveType.ToString().ToLower()); ECDomainParameters domain = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H); Org.BouncyCastle.Math.BigInteger bn = new Org.BouncyCastle.Math.BigInteger(keyPair.D); ECPrivateKeyParameters parameters = new ECPrivateKeyParameters(bn, domain); FpCurve c = (FpCurve)curve.Curve; var publicKey = new FpPoint(c, new FpFieldElement(c.Q, new Org.BouncyCastle.Math.BigInteger(+1, keyPair.PublicKey.X)), new FpFieldElement(c.Q, new Org.BouncyCastle.Math.BigInteger(+1, keyPair.PublicKey.Y))); ECPublicKeyParameters publicKeyParameters = new ECPublicKeyParameters(publicKey, domain); signer.Init(false, publicKeyParameters); signer.BlockUpdate(data, 0, data.Length); bool ok = signer.VerifySignature(derSignature); return(ok); #endif }
private void btnCreateRecepients_Click(object sender, RoutedEventArgs e) { RSA RSA_Encryptor = new RSA(); Org.BouncyCastle.Math.BigInteger secretPrimeNumber = PrimeNumberGenerator.genpr2(128, DateTime.Now.ToBinary()); Dictionary <string, UserData> tempDictionary = new Dictionary <string, UserData>(); UserData tempUserData; foreach (KeyValuePair <string, UserData> u in dataForEnc.UsersCollection) { u.Value.PlainSesKey = secretPrimeNumber.ToByteArray(); tempUserData = RSA_Encryptor.EncryptSessionKey(u.Value); tempDictionary.Add(u.Key, tempUserData); // zapis kluczy do plików i szyfrowanie klucz sesyjnego RSA_Encryptor.writeRSAParametersToFile(tempUserData.PrivKey, RSA_Configuration.keyDirectory + "\\private\\" + u.Key + "_priv.key", tempUserData.PasswdHash); RSA_Encryptor.writeRSAParametersToFile(tempUserData.PubKey, RSA_Configuration.keyDirectory + "\\public\\" + u.Key + "_pub.key"); } dataForEnc.UsersCollection = tempDictionary; }
private RsaKeyParameters MakeKey(String modulusHexString, String exponentHexString, bool isPrivateKey) { var modulus = new Org.BouncyCastle.Math.BigInteger(modulusHexString, 16); var exponent = new Org.BouncyCastle.Math.BigInteger(exponentHexString, 16); return(new RsaKeyParameters(isPrivateKey, modulus, exponent)); }
/// <summary> /// Calculates an ECDSA signature in DER format for the given input hash. Note that the input is expected to be /// 32 bytes long. /// </summary> public byte[] Sign(byte[] input, Org.BouncyCastle.Math.BigInteger privateKey) { const string BITCOIN_CURVE = "secp256k1"; ECDsaSigner signer = new ECDsaSigner(); Org.BouncyCastle.Asn1.X9.X9ECParameters ecp = SecNamedCurves.GetByName(BITCOIN_CURVE); ECDomainParameters EcParameters = new ECDomainParameters(ecp.Curve, ecp.G, ecp.N, ecp.H); var privateKeyParameters = new ECPrivateKeyParameters(privateKey, EcParameters); signer.Init(true, privateKeyParameters); var signatures = signer.GenerateSignature(input); // What we get back from the signer are the two components of a signature, r and s. To get a flat byte stream // of the type used by BitCoin we have to encode them using DER encoding, which is just a way to pack the two // components into a structure. using (var byteOutputStream = new MemoryStream()) { var derSequenceGenerator = new DerSequenceGenerator(byteOutputStream); derSequenceGenerator.AddObject(new DerInteger(signatures[0])); derSequenceGenerator.AddObject(new DerInteger(signatures[1])); derSequenceGenerator.Close(); return(byteOutputStream.ToArray()); } }
public static string FromByteArray(byte[] ba) { Org.BouncyCastle.Math.BigInteger addrremain = new Org.BouncyCastle.Math.BigInteger(1, ba); Org.BouncyCastle.Math.BigInteger big0 = new Org.BouncyCastle.Math.BigInteger("0"); Org.BouncyCastle.Math.BigInteger big58 = new Org.BouncyCastle.Math.BigInteger("58"); string b58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; string rv = ""; while (addrremain.CompareTo(big0) > 0) { int d = Convert.ToInt32(addrremain.Mod(big58).ToString()); addrremain = addrremain.Divide(big58); rv = b58.Substring(d, 1) + rv; } // handle leading zeroes foreach (byte b in ba) { if (b != 0) break; rv = "1" + rv; } return rv; }
public RSA(int bits) { p = Helper.GenerateBigIntegerPrimes(bits); q = Helper.GenerateBigIntegerPrimes(bits); Console.WriteLine("p generated " + p); Console.WriteLine("q generated " + q); n = p.Multiply(q); Console.WriteLine("n = " + n); BigInteger p1 = p.Subtract(new BigInteger("1")); BigInteger q1 = q.Subtract(new BigInteger("1")); fn = p1.Multiply(q1); Console.WriteLine("Функция Эйлера = " + fn); int[] er = new[] { 17, 257, 65537 }; Random rand = new Random((int)System.DateTime.Now.Ticks); e = new BigInteger(er[rand.Next(0, er.Length)].ToString()); Console.WriteLine("e = " + e); d = e.ModInverse(fn); Console.WriteLine("d = " + d); Console.WriteLine("Public Key: " + e + ", " + n); Console.WriteLine("Private Key: " + d + ", " + n); }
/// <summary> /// Converts a base-58 string to a byte array, returning null if it wasn't valid. /// </summary> public static byte[] ToByteArray(string base58) { Org.BouncyCastle.Math.BigInteger bi2 = new Org.BouncyCastle.Math.BigInteger("0"); string b58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; foreach (char c in base58) { if (b58.IndexOf(c) != -1) { bi2 = bi2.Multiply(new Org.BouncyCastle.Math.BigInteger("58")); bi2 = bi2.Add(new Org.BouncyCastle.Math.BigInteger(b58.IndexOf(c).ToString())); } else { return null; } } byte[] bb = bi2.ToByteArrayUnsigned(); // interpret leading '1's as leading zero bytes foreach (char c in base58) { if (c != '1') break; byte[] bbb = new byte[bb.Length + 1]; Array.Copy(bb, 0, bbb, 1, bb.Length); bb = bbb; } return bb; }
public static byte[] FromBase58String(string base58) { Org.BouncyCastle.Math.BigInteger bi2 = new Org.BouncyCastle.Math.BigInteger("0"); foreach (char c in base58) { if (b58.IndexOf(c) != -1) { bi2 = bi2.Multiply(new Org.BouncyCastle.Math.BigInteger("58")); bi2 = bi2.Add(new Org.BouncyCastle.Math.BigInteger(b58.IndexOf(c).ToString())); } else { return(null); } } byte[] bb = bi2.ToByteArrayUnsigned(); // interpret leading '1's as leading zero bytes foreach (char c in base58) { if (c != leadingZeroCharacter[0]) { break; } byte[] bbb = new byte[bb.Length + 1]; Array.Copy(bb, 0, bbb, 1, bb.Length); bb = bbb; } return(bb); }
public static string ToBase58String(byte[] data) { Org.BouncyCastle.Math.BigInteger toConvertToBase58 = new Org.BouncyCastle.Math.BigInteger(1, data); Org.BouncyCastle.Math.BigInteger big0 = new Org.BouncyCastle.Math.BigInteger("0"); Org.BouncyCastle.Math.BigInteger big58 = new Org.BouncyCastle.Math.BigInteger("58"); StringBuilder base58Builder = new StringBuilder(); while (toConvertToBase58.CompareTo(big0) > 0) { int d = Convert.ToInt32(toConvertToBase58.Mod(big58).ToString()); toConvertToBase58 = toConvertToBase58.Divide(big58); base58Builder.Insert(0, b58.Substring(d, 1)); } // handle leading zeroes foreach (byte b in data) { if (b != 0) { break; } base58Builder.Insert(0, leadingZeroCharacter); } return(base58Builder.ToString()); }
/// <summary> /// Create a BouncyCastle AsymmetricCipherKeyPair and associated /// X509Certificate /// <remarks> /// Based on: /// http://stackoverflow.com/questions/3770233/is-it-possible-to-programmatically-generate-an-x509-certificate-using-only-c /// http://web.archive.org/web/20100504192226/http://www.fkollmann.de/v2/post/Creating-certificates-using-BouncyCastle.aspx /// requires http://www.bouncycastle.org/csharp/ /// </remarks> /// <param name="subjectName"> /// value assigned to CN field of the X.500 Distinguished Name /// assigned to the certificate. /// <remarks> /// see http://msdn.microsoft.com/en-us/library/windows/desktop/aa366101(v=vs.85).aspx /// for Distinguished Name format /// See http://stackoverflow.com/questions/5136198/what-strings-are-allowed-in-the-common-name-attribute-in-an-x-509-certificate /// answer 2 for encoding details /// Input is appended to "CN=". /// </remarks> /// </param> /// <remarks> /// Default is EmailProtection /// </remarks> /// </summary> public static (X509Certificate Certificate, AsymmetricCipherKeyPair KeyPair) GenerateSelfSignedCertificate(string subjectName) { var kpGenerator = new RsaKeyPairGenerator(); // certificate strength 2048 bits kpGenerator.Init(new KeyGenerationParameters( new SecureRandom(new CryptoApiRandomGenerator()), 2048)); var kp = kpGenerator.GenerateKeyPair(); var gen = new X509V3CertificateGenerator(); var certName = new X509Name("CN=" + subjectName); var serialNo = BigInteger.ProbablePrime(120, new Random()); gen.SetSerialNumber(serialNo); gen.SetSubjectDN(certName); gen.SetIssuerDN(certName); gen.SetNotAfter(DateTime.Now.AddYears(30)); gen.SetNotBefore(DateTime.Now.Subtract(new TimeSpan(7, 0, 0, 0))); gen.SetPublicKey(kp.Public); gen.AddExtension( X509Extensions.AuthorityKeyIdentifier.Id, false, new AuthorityKeyIdentifier( SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public), new GeneralNames(new GeneralName(certName)), serialNo)); return(gen.Generate(new Asn1SignatureFactory("SHA256withRSA", kp.Private)), kp); }
/// <summary> /// Converts a base-58 string to a byte array, returning null if it wasn't valid. /// </summary> public static byte[] ToByteArray(string base58) { Org.BouncyCastle.Math.BigInteger bi2 = new Org.BouncyCastle.Math.BigInteger("0"); string b58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; foreach (char c in base58) { if (b58.IndexOf(c) != -1) { bi2 = bi2.Multiply(new Org.BouncyCastle.Math.BigInteger("58")); bi2 = bi2.Add(new Org.BouncyCastle.Math.BigInteger(b58.IndexOf(c).ToString())); } else { return(null); } } byte[] bb = bi2.ToByteArrayUnsigned(); // interpret leading '1's as leading zero bytes foreach (char c in base58) { if (c != '1') { break; } byte[] bbb = new byte[bb.Length + 1]; Array.Copy(bb, 0, bbb, 1, bb.Length); bb = bbb; } return(bb); }
public EthereumEcdsaBouncyCastle(Memory <byte> key, EthereumEcdsaKeyType keyType) { // Set the key type KeyType = keyType; // Instantiate our key depending on what type of key it is. if (KeyType == EthereumEcdsaKeyType.Public) { // If it's only 64 bytes, we need to add our prefix. (Source: https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm) if (key.Length == PUBLIC_KEY_SIZE) { key = new byte[] { 0x4 }.Concat(key.ToArray()); } // Obtain our public key parameters by using the provided quotient. ECPoint q = Secp256k1Curve.Parameters.Curve.DecodePoint(key.ToArray()); PublicKey = new ECPublicKeyParameters(ALGORITHM, q, Secp256k1Curve.DomainParameters); } else { // Obtain our private key parameters Org.BouncyCastle.Math.BigInteger keyInt = new Org.BouncyCastle.Math.BigInteger(1, key.ToArray()); PrivateKey = new ECPrivateKeyParameters(ALGORITHM, keyInt, Secp256k1Curve.DomainParameters); // Obtain Q from our private key. ECPoint q = Secp256k1Curve.Parameters.G.Multiply(PrivateKey.D); PublicKey = new ECPublicKeyParameters(ALGORITHM, q, Secp256k1Curve.DomainParameters); } }
/* * // https://csharp.hotexamples.com/examples/Org.BouncyCastle.Crypto.Parameters/ECPrivateKeyParameters/-/php-ecprivatekeyparameters-class-examples.html * public ECDiffieHellmanBc(Int32 keySize) * { * Org.BouncyCastle.Asn1.X9.X9ECParameters ecParams; * switch (keySize) { * case 256: * ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256r1"); * break; * case 384: * ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp384r1"); * break; * case 521: * ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp521r1"); * break; * default: */ // https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml // https://tools.ietf.org/html/rfc5933 private static PublicKey toECGOSTPublicKey(byte[] keyBytes, ECKeyInfo keyinfo) // throws IOException, GeneralSecurityException { DNSInput @in = new DNSInput(keyBytes); Org.BouncyCastle.Math.BigInteger x = Helpers.readBigIntegerLittleEndian(@in, keyinfo.length); Org.BouncyCastle.Math.BigInteger y = Helpers.readBigIntegerLittleEndian(@in, keyinfo.length); // OID to be found in Org.BouncyCastle.Security.GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); // Org.BouncyCastle.Crypto.Parameters.ECDomainParameters domain = Org.BouncyCastle.Asn1.CryptoPro.ECGost3410NamedCurves.GetByOid(Org.BouncyCastle.Asn1.CryptoPro.CryptoProObjectIdentifiers.GostR3410x94CryptoProA); // Org.BouncyCastle.Math.EC.ECCurve c = domain.Curve; // Org.BouncyCastle.Math.EC.ECPoint q = new Org.BouncyCastle.Math.EC.FpPoint(c, c.FromBigInteger(x), c.FromBigInteger(y)); // Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters publicParams = new Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters(q, domain); Org.BouncyCastle.Math.EC.ECPoint q = keyinfo.curve.CreatePoint(x, y); Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters publicParams = new Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters(q, keyinfo.spec); // Org.BouncyCastle.Crypto.Signers.ECGost3410Signer // Org.BouncyCastle.Security.PublicKeyFactory.CreateKey(new Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo()) /* * ECPoint q = new ECPoint(x, y); * * KeyFactory factory = KeyFactory.getInstance("ECGOST3410"); * return factory.generatePublic(new ECPublicKeySpec(q, keyinfo.spec)); */ return(PublicKey.CreateInstance(publicParams)); }
public static byte[] fromDSAPublicKey(DSAPublicKey key) { DNSOutput @out = new DNSOutput(); Org.BouncyCastle.Crypto.Parameters.DsaPublicKeyParameters dp = key.PublicKey; // BigInteger q = key.getParams().getQ(); Org.BouncyCastle.Math.BigInteger q = dp.Parameters.Q; // BigInteger p = key.getParams().getP(); Org.BouncyCastle.Math.BigInteger p = dp.Parameters.P; // BigInteger g = key.getParams().getG(); Org.BouncyCastle.Math.BigInteger g = dp.Parameters.G; // BigInteger y = key.getY(); Org.BouncyCastle.Math.BigInteger y = dp.Y; int t = (p.ToByteArray().Length - 64) / 8; @out.writeU8(t); Helpers.writeBigInteger(@out, q); Helpers.writeBigInteger(@out, p); Helpers.writePaddedBigInteger(@out, g, 8 * t + 64); Helpers.writePaddedBigInteger(@out, y, 8 * t + 64); return(@out.toByteArray()); }
private static PublicKey toDSAPublicKey(byte[] keyBytes) // throws IOException, GeneralSecurityException, MalformedKeyException { DNSInput @in = new DNSInput(keyBytes); int t = @in.readU8(); if (t > 8) { throw new MalformedKeyException(keyBytes, ARSoft.Tools.Net.Dns.DnsSecAlgorithm.Dsa); } Org.BouncyCastle.Math.BigInteger q = Helpers.readBigInteger(@in, 20); Org.BouncyCastle.Math.BigInteger p = Helpers.readBigInteger(@in, 64 + t * 8); Org.BouncyCastle.Math.BigInteger g = Helpers.readBigInteger(@in, 64 + t * 8); Org.BouncyCastle.Math.BigInteger y = Helpers.readBigInteger(@in, 64 + t * 8); /* * KeyFactory factory = KeyFactory.getInstance("DSA"); * return factory.generatePublic(new DSAPublicKeySpec(y, p, q, g)); */ Org.BouncyCastle.Crypto.Parameters.DsaParameters para = new Org.BouncyCastle.Crypto.Parameters.DsaParameters(p, q, g); Org.BouncyCastle.Crypto.Parameters.DsaPublicKeyParameters dp = new Org.BouncyCastle.Crypto.Parameters.DsaPublicKeyParameters(y, para); return(PublicKey.CreateInstance(dp)); }
public ECKeyInfo( int length, string p_str, string a_str, string b_str, string gx_str, string gy_str, string n_str) { this.length = length; p = new Org.BouncyCastle.Math.BigInteger(p_str, 16); a = new Org.BouncyCastle.Math.BigInteger(a_str, 16); b = new Org.BouncyCastle.Math.BigInteger(b_str, 16); gx = new Org.BouncyCastle.Math.BigInteger(gx_str, 16); gy = new Org.BouncyCastle.Math.BigInteger(gy_str, 16); n = new Org.BouncyCastle.Math.BigInteger(n_str, 16); Org.BouncyCastle.Math.BigInteger h = Org.BouncyCastle.Math.BigInteger.One; this.curve = new Org.BouncyCastle.Math.EC.FpCurve(p, a, b, n, h); //spec = new ECParameterSpec(curve, new ECPoint(gx, gy), n, 1); this.spec = new Org.BouncyCastle.Crypto.Parameters.ECDomainParameters( curve , curve.CreatePoint(gx, gy) // G , n , h ); }
private static byte[] fromRSAPublicKey(RSAPublicKey key) { DNSOutput @out = new DNSOutput(); Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters kp = key.PublicKey; // BigInteger exponent = key.getPublicExponent(); Org.BouncyCastle.Math.BigInteger exponent = kp.Exponent; // BigInteger modulus = key.getModulus(); Org.BouncyCastle.Math.BigInteger modulus = kp.Modulus; int exponentLength = Helpers.BigIntegerLength(exponent); if (exponentLength < 256) { @out.writeU8(exponentLength); } else { @out.writeU8(0); @out.writeU16(exponentLength); } Helpers.writeBigInteger(@out, exponent); Helpers.writeBigInteger(@out, modulus); return(@out.toByteArray()); }
private static byte[] BigIntToFixexLengthBytes(Org.BouncyCastle.Math.BigInteger rOrS) { // for sm2p256v1, n is 00fffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123, // r and s are the result of mod n, so they should be less than n and have length<=32 byte[] rs = rOrS.ToByteArray(); if (rs.Length == RS_LEN) { return(rs); } else if (rs.Length == RS_LEN + 1 && rs[0] == 0) { return(Org.BouncyCastle.Utilities.Arrays.CopyOfRange(rs, 1, RS_LEN + 1)); } else if (rs.Length < RS_LEN) { byte[] result = new byte[RS_LEN]; Org.BouncyCastle.Utilities.Arrays.Fill(result, (byte)0); Buffer.BlockCopy(rs, 0, result, RS_LEN - rs.Length, rs.Length); return(result); } else { throw new ArgumentException("err rs: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(rs)); } }
/// <summary> /// Creates an ECDSA instance by recovering a public key given a hash, recovery ID, and r and s components of the resulting signature of the hash. Throws an exception if recovery is not possible. /// </summary> /// <param name="hash">The hash of the data which was signed.</param> /// <param name="recoveryId">The recovery ID of ECDSA during signing.</param> /// <param name="ecdsa_r">The r component of the ECDSA signature for the provided hash.</param> /// <param name="ecdsa_s">The s component of the ECDSA signature for the provided hash.</param> /// <returns>Returns the quotient/public key which was used to sign this hash.</returns> public static new EthereumEcdsaBouncyCastle Recover(Span <byte> hash, byte recoveryId, BigInteger ecdsa_r, BigInteger ecdsa_s) { // Source: http://www.secg.org/sec1-v2.pdf (Section 4.1.6 - Public Key Recovery Operation) // Recovery ID must be between 0 and 4 (0 and 1 is all that should be used, but we support multiple cases in case) if (recoveryId < 0 || recoveryId > 3) { throw new ArgumentException($"ECDSA public key recovery must have a v parameter between [0, 3]. Value provided is {recoveryId.ToString(CultureInfo.InvariantCulture)}"); } // NOTES: // First bit of recoveryID being set means y is odd, otherwise it is even. // The second bit indicates which item of the two to choose. // If the hash is null, we'll assume it's a zero length byte array if (hash == null) { hash = Array.Empty <byte>(); } // Obtain our elliptic curve parameters Org.BouncyCastle.Math.BigInteger r = ecdsa_r.ToBouncyCastleBigInteger(); Org.BouncyCastle.Math.BigInteger s = ecdsa_s.ToBouncyCastleBigInteger(); Org.BouncyCastle.Math.BigInteger j = Org.BouncyCastle.Math.BigInteger.ValueOf((long)recoveryId >> 1); Org.BouncyCastle.Math.BigInteger x = j.Multiply(Secp256k1Curve.Parameters.N).Add(r); // To obtain our curve point R, we decode it with an extra byte for Y descriptor which mentions if Y is even or odd. int curveLength = X9IntegerConverter.GetByteLength(Secp256k1Curve.Parameters.Curve); byte[] xdata = X9IntegerConverter.IntegerToBytes(x, curveLength + 1); xdata[0] = (byte)(0x2 | (recoveryId & 1)); ECPoint r1 = Secp256k1Curve.Parameters.Curve.DecodePoint(xdata); // nR should be infinity. if (!r1.Multiply(Secp256k1Curve.Parameters.N).IsInfinity) { throw new ArgumentException("ECDSA's nR should be the point at infinity."); } // We obtain an integer representation of our hash. Org.BouncyCastle.Math.BigInteger e = new Org.BouncyCastle.Math.BigInteger(1, hash.ToArray()); // Next we'll want the multiplicative inverse of r (~r) Org.BouncyCastle.Math.BigInteger rInverse = r.ModInverse(Secp256k1Curve.Parameters.N); // Next we get the additive inverse of our hash, subtracting it from zero, and bounding it accordingly. Org.BouncyCastle.Math.BigInteger eAddInverse = Org.BouncyCastle.Math.BigInteger.Zero.Subtract(e).Mod(Secp256k1Curve.Parameters.N); // Using the inverse of r we have, we can multiply it by s to get our ~r * s. Org.BouncyCastle.Math.BigInteger rsInverse = rInverse.Multiply(s).Mod(Secp256k1Curve.Parameters.N); // Using the inverse of r we have, and the inverse of e, we can have ~r * -e Org.BouncyCastle.Math.BigInteger reInverse = rInverse.Multiply(eAddInverse).Mod(Secp256k1Curve.Parameters.N); // Q = ((~r * s) * R) + ((~r * -e) * G) => (~r * sR) + (~r * -eG) => ~r (sR - eG) ECPoint q = ECAlgorithms.SumOfTwoMultiplies(Secp256k1Curve.Parameters.G, reInverse, r1, rsInverse).Normalize(); // Obtain our public key from this return(new EthereumEcdsaBouncyCastle(Secp256k1Curve.Parameters.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()).GetEncoded(false), EthereumEcdsaKeyType.Public)); }
static void test() { RsaKeyPairGenerator rsaKeyPairGnr_s = new RsaKeyPairGenerator(); rsaKeyPairGnr_s.Init(new Org.BouncyCastle.Crypto.KeyGenerationParameters(new SecureRandom(), 32)); Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair_s = rsaKeyPairGnr_s.GenerateKeyPair(); RsaKeyParameters pubKey = (RsaKeyParameters)keyPair_s.Public; RsaKeyParameters prKey = (RsaKeyParameters)keyPair_s.Private; IAsymmetricBlockCipher cipher = new RsaEngine(); cipher.Init(true, prKey); byte[] plain_byte = BitConverter.GetBytes(10); byte[] enc = cipher.ProcessBlock(plain_byte, 0, plain_byte.Length); Org.BouncyCastle.Math.BigInteger test = new Org.BouncyCastle.Math.BigInteger(enc); Console.WriteLine(test); test = test.Multiply(new Org.BouncyCastle.Math.BigInteger(BitConverter.GetBytes(2))); test = test.Mod(prKey.Modulus); Console.WriteLine(test); byte[] new_enc = test.ToByteArray(); cipher.Init(false, pubKey); byte[] dec = cipher.ProcessBlock(new_enc, 0, new_enc.Length); Console.WriteLine(BitConverter.ToInt32(dec)); }
public static byte[] GeneratePublicKey(byte[] privateKey) { Org.BouncyCastle.Math.BigInteger privateKeyInt = new Org.BouncyCastle.Math.BigInteger(+1, privateKey); var parameters = SecNamedCurves.GetByName("secp256k1"); Org.BouncyCastle.Math.EC.ECPoint point = parameters.G.Multiply(privateKeyInt); byte[] pubKeyX = point.X.ToBigInteger().ToByteArrayUnsigned(); byte[] pubKeyY = point.Y.ToBigInteger().ToByteArrayUnsigned(); Console.WriteLine("Your X point on the Elliptic Curve is: " + Encoding.Unicode.GetString(pubKeyX)); Console.WriteLine("Your Y point on the Elliptic Curve is: " + Encoding.Unicode.GetString(pubKeyY)); byte[] pubKey = new byte[pubKeyX.Length + 1]; // Copy pub key X over to pubKey pubKeyX.CopyTo(pubKey, 1); // Setup the parity byte if (point.Y.ToBigInteger().Mod(new Org.BouncyCastle.Math.BigInteger("2")) == new Org.BouncyCastle.Math.BigInteger("1")) { pubKey[0] = 0x03; } else { pubKey[0] = 0x02; } // Return the public key //return Tuple.Create(pubKeyX, pubKeyY); return(pubKey); }
public static string GetPublicKey(string privateKey) { var hexPrivateKey = ReferenceLib.ValidateAndGetHexPrivateKey(privateKey, 0x00); if (hexPrivateKey == null) { throw new Exception("error"); } var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); Org.BouncyCastle.Math.BigInteger Db = new Org.BouncyCastle.Math.BigInteger(hexPrivateKey); ECPoint dd = ps.G.Multiply(Db); byte[] pubaddr = new byte[65]; byte[] Y = dd.Y.ToBigInteger().ToByteArray(); Array.Copy(Y, 0, pubaddr, 64 - Y.Length + 1, Y.Length); byte[] X = dd.X.ToBigInteger().ToByteArray(); Array.Copy(X, 0, pubaddr, 32 - X.Length + 1, X.Length); pubaddr[0] = 4; var publicKey = ByteArrayToString(pubaddr); return(publicKey); }
public void WriteBigInteger(Org.BouncyCastle.Math.BigInteger big) { var data = big.ToByteArray(); WriteInt(data.Length); writer.Write(data, 0, data.Length); }
/// <summary> /// Our default static constructor, sets static read only variables. /// </summary> static Secp256k1Curve() { Parameters = Org.BouncyCastle.Crypto.EC.CustomNamedCurves.GetByName("secp256k1"); DomainParameters = new ECDomainParameters(Parameters.Curve, Parameters.G, Parameters.N, Parameters.H); N = Parameters.N.ToNumericsBigInteger(); _b_halfN = Parameters.N.Divide(Org.BouncyCastle.Math.BigInteger.Two); _halfN = _b_halfN.ToNumericsBigInteger(); }
static void gen_keys() { Random random = new Random(); a_p = 2; A_p = g.Pow(a_p).Mod(q); }
public static byte[] ToByteArray(Org.BouncyCastle.Math.BigInteger bigint, int expectedLength) { byte[] data = bigint.ToByteArray(); if (data.Length == expectedLength + 1) { return(data.Skip(1).Take(expectedLength).ToArray()); } return(data); }
public Org.BouncyCastle.Math.BigInteger readBCBigInteger() { var size = ReadInt(); var i = new Org.BouncyCastle.Math.BigInteger(data, offset + totalSize, size); totalSize += size; return(i); }
public static byte[] getPublicKeyByteArray(byte[] privateKey) { Org.BouncyCastle.Math.BigInteger d = new Org.BouncyCastle.Math.BigInteger(1, privateKey); Org.BouncyCastle.Math.EC.ECPoint q = domain.G.Multiply(d); var publicParams = new ECPublicKeyParameters(q, domain); return(publicParams.Q.GetEncoded(true)); }
private void InitializeRSA() { string[] keyComponents = publicKey.Split('|'); var modulus = new Org.BouncyCastle.Math.BigInteger(keyComponents[1].ToLower(), 16); var exponent = new Org.BouncyCastle.Math.BigInteger(keyComponents[0].ToLower(), 16); RsaKeyParameters keyParams = new RsaKeyParameters(false, modulus, exponent); rsaCipher = CipherUtilities.GetCipher("RSA/None/PKCS1Padding"); rsaCipher.Init(true, keyParams); }
public static byte[] Base58ToByteArray(string base58) { Org.BouncyCastle.Math.BigInteger bi2 = new Org.BouncyCastle.Math.BigInteger("0"); string b58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; bool IgnoreChecksum = false; foreach (char c in base58) { if (b58.IndexOf(c) != -1) { bi2 = bi2.Multiply(new Org.BouncyCastle.Math.BigInteger("58")); bi2 = bi2.Add(new Org.BouncyCastle.Math.BigInteger(b58.IndexOf(c).ToString())); } else if (c == '?') { IgnoreChecksum = true; } else { return null; } } byte[] bb = bi2.ToByteArrayUnsigned(); // interpret leading '1's as leading zero bytes foreach (char c in base58) { if (c != '1') break; byte[] bbb = new byte[bb.Length + 1]; Array.Copy(bb, 0, bbb, 1, bb.Length); bb = bbb; } if (bb.Length < 4) return null; if (IgnoreChecksum == false) { SHA256CryptoServiceProvider sha256 = new SHA256CryptoServiceProvider(); byte[] checksum = sha256.ComputeHash(bb, 0, bb.Length - 4); checksum = sha256.ComputeHash(checksum); for (int i = 0; i < 4; i++) { if (checksum[i] != bb[bb.Length - 4 + i]) return null; } } byte[] rv = new byte[bb.Length - 4]; Array.Copy(bb, 0, rv, 0, bb.Length - 4); return rv; }
public static ECPoint PrivKeyToPubKey(byte[] PrivKey) { if (PrivKey == null || PrivKey.Length > 32) throw new ApplicationException("Invalid private hex key"); Org.BouncyCastle.Math.BigInteger Db = new Org.BouncyCastle.Math.BigInteger(1, PrivKey); var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); return ps.G.Multiply(Db); }
public static ECPoint PrivHexToPubKey(string PrivHex) { byte[] hex = ValidateAndGetHexPrivateKey(0x00, PrivHex, 33); if (hex == null) throw new ApplicationException("Invalid private hex key"); Org.BouncyCastle.Math.BigInteger Db = new Org.BouncyCastle.Math.BigInteger(1, hex); var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); return ps.G.Multiply(Db); }
public static string PrivHexToPubHex(string PrivHex, ECPoint point) { byte[] hex = ValidateAndGetHexPrivateKey(0x00, PrivHex, 33); if (hex == null) throw new ApplicationException("Invalid private hex key"); Org.BouncyCastle.Math.BigInteger Db = new Org.BouncyCastle.Math.BigInteger(hex); ECPoint dd = point.Multiply(Db); byte[] pubaddr = PubKeyToByteArray(dd); return ByteArrayToString(pubaddr); }
public bool VerifySignature(ImmutableArray<byte> scriptPubKey, Transaction tx, byte[] sig, byte[] pubKey, int inputIndex, out byte hashType, out byte[] txSignature, out byte[] txSignatureHash, out BigIntegerBouncy x, out BigIntegerBouncy y, out BigIntegerBouncy r, out BigIntegerBouncy s) { // get the 1-byte hashType off the end of sig hashType = sig[sig.Length - 1]; // get the DER encoded portion of sig, which is everything except the last byte (the last byte being hashType) var sigDER = sig.Take(sig.Length - 1).ToArray(); // get the simplified/signing version of the transaction txSignature = TxSignature(scriptPubKey, tx, inputIndex, hashType); // get the hash of the simplified/signing version of the transaction txSignatureHash = Crypto.DoubleSHA256(txSignature); // load pubKey ReadPubKey(pubKey, out x, out y); var publicKeyPoint = curve.Curve.CreatePoint(x, y, withCompression: false); var publicKeyParameters = new ECPublicKeyParameters(publicKeyPoint, domainParameters); // load sig ReadSigKey(sigDER, out r, out s); // init signer var signer = new ECDsaSigner(); signer.Init(forSigning: false, parameters: publicKeyParameters); // verify that sig is a valid signature from pubKey for the simplified/signing transaction's hash var txSignatureHash2 = txSignatureHash; var r2 = r; var s2 = s; //TODO var result = BypassVerifySignature || new MethodTimer(false).Time("ECDsa Verify", () => signer.VerifySignature(txSignatureHash2.ToArray(), r2, s2)); return result; }
private void ReadPubKey(byte[] pubKey, out BigIntegerBouncy x, out BigIntegerBouncy y) { // public key is encoded as 0x04<x><y> // where <x> and <y> are 32-byte unsigned, positive, big-endian integers // for a total length of 65 bytes if (pubKey.Length != 65 || pubKey[0] != 0x04) throw new Exception("TODO wrong public key type"); x = new BigIntegerBouncy(1, pubKey.ToArray(), 1, 32); y = new BigIntegerBouncy(1, pubKey.ToArray(), 33, 32); }
private void ReadSigKey(byte[] sig, out BigIntegerBouncy r, out BigIntegerBouncy s) { // sig is two DER encoded integers: r and s // total length is variable using (var stream = new Asn1InputStream(sig.ToArray())) { var sequence = (DerSequence)stream.ReadObject(); r = ((DerInteger)sequence[0]).Value; s = ((DerInteger)sequence[1]).Value; Debug.Assert(sequence.Count == 2); //TODO Debug.Assert(sig.SequenceEqual(sequence.GetDerEncoded())); } }
/// <summary> /// Check is the key is valid see RFC 2631, Section 2.1.5, http://www.ietf.org/rfc/rfc2631.txt /// </summary> public static bool IsValidPublicKey(Org.BouncyCastle.Math.BigInteger y, Org.BouncyCastle.Math.BigInteger p, Org.BouncyCastle.Math.BigInteger q) { Org.BouncyCastle.Math.BigInteger bn; // y must lie in [2,p-1] // check y < 2 then failed bn = new Org.BouncyCastle.Math.BigInteger("2"); if (y.CompareTo(bn) < 0) { LibRTMPLogger.Log(LibRTMPLogLevel.Warning, "[CDR.LibRTMP.RTMPHelper.IsValidPublicKey] DH public key must be at least 2"); return false; } // y must lie in [2,p-1] bn = new Org.BouncyCastle.Math.BigInteger(p.ToString()); bn = bn.Subtract(new Org.BouncyCastle.Math.BigInteger("1")); if (y.CompareTo(bn) > 0) { LibRTMPLogger.Log(LibRTMPLogLevel.Warning, "[CDR.LibRTMP.RTMPHelper.IsValidPublicKey] DH public key must be at most p-2"); return false; } // Verify with Sophie-Germain prime // // This is a nice test to make sure the public key position is calculated // correctly. This test will fail in about 50% of the cases if applied to // random data. bn = y.ModPow(q, p); if (bn.CompareTo(new Org.BouncyCastle.Math.BigInteger("1")) != 0) { LibRTMPLogger.Log(LibRTMPLogLevel.Warning, "[CDR.LibRTMP.RTMPHelper.IsValidPublicKey] DH public key does not fulfill y^q mod p = 1"); return false; } return true; }
public static int DecodeMpiFromBytes(byte[] mpi_byte_array, int start_index, ref Org.BouncyCastle.Math.BigInteger out_big_int) { byte[] _out_byte_array = null; int _next_start_index = DecodeMpiFromBytesBE(mpi_byte_array, start_index, ref _out_byte_array); out_big_int = new Org.BouncyCastle.Math.BigInteger(1, _out_byte_array); return _next_start_index; }
public static string PrivHexToPubHex(string PrivHex) { byte[] hex = Bitcoin.ValidateAndGetHexPrivateKey(0x00, PrivHex); if (hex == null) throw new ApplicationException("Invalid private hex key"); var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); Org.BouncyCastle.Math.BigInteger Db = new Org.BouncyCastle.Math.BigInteger(hex); ECPoint dd = ps.G.Multiply(Db); byte[] pubaddr = new byte[65]; byte[] Y = dd.Y.ToBigInteger().ToByteArray(); Array.Copy(Y, 0, pubaddr, 64 - Y.Length + 1, Y.Length); byte[] X = dd.X.ToBigInteger().ToByteArray(); Array.Copy(X, 0, pubaddr, 32 - X.Length + 1, X.Length); pubaddr[0] = 4; return Bitcoin.ByteArrayToString(pubaddr); }
public static string GetPublicKey(string privateKey) { var hexPrivateKey = ReferenceLib.ValidateAndGetHexPrivateKey(privateKey, 0x00); if (hexPrivateKey == null) throw new Exception("error"); var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); Org.BouncyCastle.Math.BigInteger Db = new Org.BouncyCastle.Math.BigInteger(hexPrivateKey); ECPoint dd = ps.G.Multiply(Db); byte[] pubaddr = new byte[65]; byte[] Y = dd.Y.ToBigInteger().ToByteArray(); Array.Copy(Y, 0, pubaddr, 64 - Y.Length + 1, Y.Length); byte[] X = dd.X.ToBigInteger().ToByteArray(); Array.Copy(X, 0, pubaddr, 32 - X.Length + 1, X.Length); pubaddr[0] = 4; var publicKey = ByteArrayToString(pubaddr); return publicKey; }
/// <summary> /// To the bouncy castle big integer. /// </summary> /// <param name="value">The value.</param> /// <returns></returns> public static Org.BouncyCastle.Math.BigInteger ToBouncyBigInteger(this BigInteger value) { var bytes = Utility.GetBytes(value); var bigint = new Org.BouncyCastle.Math.BigInteger(bytes); return bigint; }