public Keypair GetPrivateKey(string password)
{
var kp = new Keypair {
Exponent = Exponent, Modulus = Modulus
};
if (PrivateExponent == null)
{
throw new InvalidOperationException();
}
kp.SetPrivateExponentAsync(PrivateExponent.Value.ToByteArray(), password).Wait();
return(kp);
}
public void SetKeyPair(Keypair kp, string password = null)
{
Exponent = kp.Exponent;
Modulus = kp.Modulus;
if (kp.IsPrivate && password == null)
{
throw new ArgumentException("Je potřeba heslo");
}
if (kp.IsPrivate)
{
PrivateExponent = new BigInteger(kp.GetPrivateExponentAsync(password).Result);
}
}
public static Signature Sign(byte[] data, string password, Keypair kp)
{
IAsymmetricEncryptionProvider provider = GetRsaProvider(kp.RsaProvider);
provider.SetKeyPair(kp, password);
var signature = new Signature {
Data = new byte[data.Length]
};
Array.Copy(data, signature.Data, data.Length);
// todo include salt
signature.SignatureData = provider.SignData(signature.Data);
signature.AuthorId = kp.ShortId;
return(signature);
}
public static byte[] Decrypt(Message m, string password, Keypair kp)
{
if (m.RecipientId != kp.ShortId)
{
throw new InvalidOperationException("Keypair does not match the recipient");
}
IAsymmetricEncryptionProvider provider = GetRsaProvider(kp.RsaProvider);
provider.SetKeyPair(kp, password);
byte[] key = provider.Decrypt(m.EncryptedKey);
var aes = new AesSymmetricEncryptionProvider {
Key = key, Iv = m.Iv
};
return(aes.TransformAsync(m.Content, false).Result);
}
public void SetKeyPair(Keypair kp, string password = null)
{
if (kp.IsPrivate && password == null)
{
throw new ArgumentException("Missing password");
}
_rsa.ImportParameters(new RSAParameters {
D = password == null ? null : kp.GetPrivateExponentAsync(password).Result,
Exponent = kp.Exponent.ToByteArray(),
Modulus = kp.Modulus.ToByteArray(),
// TODO: find a better way, see Keypair#SystemAsymmetricEncryptionParameters
P = kp.P,
Q = kp.Q,
DP = kp.DP,
DQ = kp.DQ,
InverseQ = kp.InverseQ
});
}
/// <summary>
/// Encrypts <paramref name="data" /> for <paramref name="recipient" />. <paramref name="recipient" /> can be a public
/// key.
/// </summary>
/// <param name="recipient"></param>
/// <param name="data"></param>
/// <returns></returns>
public static Message Encrypt(Keypair recipient, byte[] data)
{
IAsymmetricEncryptionProvider provider = GetRsaProvider(recipient.RsaProvider);
provider.SetKeyPair(recipient.ToPublic());
var aes = new AesSymmetricEncryptionProvider();
byte[] cipher = aes.TransformAsync(data).Result;
byte[] encryptedKey = provider.Encrypt(aes.Key);
var m = new Message {
Content = cipher,
EncryptedKey = encryptedKey,
Iv = aes.Iv,
RecipientId = recipient.ShortId
};
return(m);
}
private async Task <Keypair> RsaParametersToKeyPairAsync(RSAParameters parameters,
string password = null)
{
var kp = new Keypair {
Modulus = new BigInteger(parameters.Modulus),
Exponent = new BigInteger(parameters.Exponent)
};
if (parameters.D != null && password == null)
{
throw new ArgumentException("Missing password");
}
if (parameters.D != null)
{
await kp.SetPrivateExponentAsync(parameters.D, password);
}
// TODO: find a better way, see Keypair#SystemAsymmetricEncryptionParameters
kp.P = parameters.P;
kp.Q = parameters.Q;
kp.DP = parameters.DP;
kp.DQ = parameters.DQ;
kp.InverseQ = parameters.InverseQ;
return(kp);
}
public bool Equals(Keypair other)
{
return(other.Modulus.Equals(Modulus));
}
public static Signature Sign(Message m, string password, Keypair kp)
{
return(Sign(LZ4MessagePackSerializer.Serialize(m), password, kp));
}
