public void Init( IKeyGenerationParameters parameters) { if (parameters == null) throw new ArgumentNullException("parameters"); // Note: If we start accepting instances of KeyGenerationParameters, // must apply constraint checking on strength (see DsaParametersGenerator.Init) this.param = (DsaKeyGenerationParameters) parameters; }
public static IAsymmetricCipherKeyPairGenerator CreateGenerator(SecureRandom random, TypeWrapper kpGen, int keystrength) { var keypairGen = kpGen.Instance<IAsymmetricCipherKeyPairGenerator>(); //var random = SecureRandomUtils.GetInstance(Model.RandomGenerator, Model.RandomGeneratorArgument); if (keypairGen is DsaKeyPairGenerator) { DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(keystrength, 80, random); //TODO: DsaParameters parameters = pGen.GenerateParameters(); DsaKeyGenerationParameters genParam = new DsaKeyGenerationParameters(random, parameters); keypairGen.Init(genParam); return keypairGen; } if (keypairGen is ECKeyPairGenerator) { keypairGen.Init(new KeyGenerationParameters(random, keystrength)); return keypairGen; } keypairGen.Init(new KeyGenerationParameters(random, keystrength)); return keypairGen; }
public override void PerformTest() { byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3"); byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded"); SecureRandom random = FixedSecureRandom.From(k1, k2); byte[] keyData = Hex.Decode("b5014e4b60ef2ba8b6211b4062ba3224e0427dd3"); SecureRandom keyRandom = FixedSecureRandom.From(keyData, keyData); IBigInteger r = new BigInteger("68076202252361894315274692543577577550894681403"); IBigInteger s = new BigInteger("1089214853334067536215539335472893651470583479365"); DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(512, 80, random); DsaParameters parameters = pGen.GenerateParameters(); DsaValidationParameters pValid = parameters.ValidationParameters; if (pValid.Counter != 105) { Fail("Counter wrong"); } if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) { Fail("p or q wrong"); } DsaKeyPairGenerator dsaKeyGen = new DsaKeyPairGenerator(); DsaKeyGenerationParameters genParam = new DsaKeyGenerationParameters(keyRandom, parameters); dsaKeyGen.Init(genParam); IAsymmetricCipherKeyPair pair = dsaKeyGen.GenerateKeyPair(); ParametersWithRandom param = new ParametersWithRandom(pair.Private, keyRandom); DsaSigner dsa = new DsaSigner(); dsa.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArrayUnsigned(); IBigInteger[] sig = dsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } dsa.Init(false, pair.Public); if (!dsa.VerifySignature(message, sig[0], sig[1])) { Fail("verification fails"); } }
public void GenerateTest() { char[] passPhrase = "hello".ToCharArray(); DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(512, 80, new SecureRandom()); DsaParameters dsaParams = pGen.GenerateParameters(); DsaKeyGenerationParameters dsaKgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams); IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); dsaKpg.Init(dsaKgp); // // this takes a while as the key generator has to Generate some DSA parameters // before it Generates the key. // AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair(); IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL"); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameters elParams = new ElGamalParameters(p, g); ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams); elgKpg.Init(elKgp); // // this is quicker because we are using preGenerated parameters. // AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair(); PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow); PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow); PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair, "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, null, null, new SecureRandom()); keyRingGen.AddSubKey(elgKeyPair); PgpSecretKeyRing keyRing = keyRingGen.GenerateSecretKeyRing(); keyRing.GetSecretKey().ExtractPrivateKey(passPhrase); PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); PgpPublicKey vKey = null; PgpPublicKey sKey = null; foreach (PgpPublicKey pk in pubRing.GetPublicKeys()) { if (pk.IsMasterKey) { vKey = pk; } else { sKey = pk; } } foreach (PgpSignature sig in sKey.GetSignatures()) { if (sig.KeyId == vKey.KeyId && sig.SignatureType == PgpSignature.SubkeyBinding) { sig.InitVerify(vKey); if (!sig.VerifyCertification(vKey, sKey)) { Fail("failed to verify sub-key signature."); } } } }
public static int Main( string[] args) { if (args.Length < 2) { Console.WriteLine("DsaElGamalKeyRingGenerator [-a] identity passPhrase"); return 0; } IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(1024, 80, new SecureRandom()); DsaParameters dsaParams = pGen.GenerateParameters(); DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams); dsaKpg.Init(kgp); // // this takes a while as the key generator has to Generate some DSA parameters // before it Generates the key. // AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair(); IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL"); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameters elParams = new ElGamalParameters(p, g); ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams); elgKpg.Init(elKgp); // // this is quicker because we are using preGenerated parameters. // AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair(); Stream out1, out2; if (args[0].Equals("-a")) { if (args.Length < 3) { Console.WriteLine("DSAElGamalKeyRingGenerator [-a] identity passPhrase"); return 0; } out1 = File.Create("secret.asc"); out2 = File.Create("pub.asc"); ExportKeyPair(out1, out2, dsaKp, elgKp, args[1], args[2].ToCharArray(), true); } else { out1 = File.Create("secret.bpg"); out2 = File.Create("pub.bpg"); ExportKeyPair(out1, out2, dsaKp, elgKp, args[0], args[1].ToCharArray(), false); } out1.Close(); out2.Close(); return 0; }
private void GenerateDSA() { //DSA Key Parameter Generator DsaParametersGenerator paramgen = new DsaParametersGenerator(); //Initialize Key Parameter Generator paramgen.Init(512, 100, new SecureRandom()); //DSA KeyGeneration Parameters DsaKeyGenerationParameters param = new DsaKeyGenerationParameters(new SecureRandom(), paramgen.GenerateParameters()); //DSA Key Pair Generator DsaKeyPairGenerator dsakpgen = new DsaKeyPairGenerator(); //Initialize the Key Pair Generator dsakpgen.Init(param); //The DSA Keys! this.DSAKeys = dsakpgen.GenerateKeyPair(); //Generate PEM format byte[] prvencoding = DSAHelper.EncodePrivateKey(this.DSAKeys.Private); this.PEMPrivateKey = Convert.ToBase64String(prvencoding); this.DERPrivateKey = new ArraySegment<byte>(prvencoding); byte[] pubencoding = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(this.DSAKeys.Public).GetDerEncoded(); this.PEMPublicKey = Convert.ToBase64String(pubencoding); this.DERPublicKey = new ArraySegment<byte>(pubencoding); }
public override void PerformTest() { // // Read the public key // PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(testPubKey); var pubKey = pgpPub.GetPublicKey(); // // Read the private key // PgpSecretKeyRing sKey = new PgpSecretKeyRing(testPrivKey); IPgpSecretKey secretKey = sKey.GetSecretKey(); IPgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(pass); // // test signature message // PgpObjectFactory pgpFact = new PgpObjectFactory(sig1); PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject(); pgpFact = new PgpObjectFactory(c1.GetDataStream()); PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); PgpOnePassSignature ops = p1[0]; PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); Stream dIn = p2.GetInputStream(); ops.InitVerify(pubKey); int ch; while ((ch = dIn.ReadByte()) >= 0) { ops.Update((byte) ch); } PgpSignatureList p3 = (PgpSignatureList) pgpFact.NextPgpObject(); if (!ops.Verify(p3[0])) { Fail("Failed signature check"); } // // signature generation // GenerateTest(sKey, pubKey, pgpPrivKey); // // signature generation - canonical text // const string data = "hello world!"; byte[] dataBytes = Encoding.ASCII.GetBytes(data); MemoryStream bOut = new MemoryStream(); MemoryStream testIn = new MemoryStream(dataBytes, false); PgpSignatureGenerator sGen = new PgpSignatureGenerator( PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1); sGen.InitSign(PgpSignature.CanonicalTextDocument, pgpPrivKey); PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator( CompressionAlgorithmTag.Zip); BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut))); sGen.GenerateOnePassVersion(false).Encode(bcOut); PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); DateTime testDateTime = new DateTime(1973, 7, 27); Stream lOut = lGen.Open( new UncloseableStream(bcOut), PgpLiteralData.Text, "_CONSOLE", dataBytes.Length, testDateTime); while ((ch = testIn.ReadByte()) >= 0) { lOut.WriteByte((byte) ch); sGen.Update((byte)ch); } lGen.Close(); sGen.Generate().Encode(bcOut); cGen.Close(); // // verify Generated signature - canconical text // pgpFact = new PgpObjectFactory(bOut.ToArray()); c1 = (PgpCompressedData) pgpFact.NextPgpObject(); pgpFact = new PgpObjectFactory(c1.GetDataStream()); p1 = (PgpOnePassSignatureList) pgpFact.NextPgpObject(); ops = p1[0]; p2 = (PgpLiteralData) pgpFact.NextPgpObject(); if (!p2.ModificationTime.Equals(testDateTime)) { Fail("Modification time not preserved"); } dIn = p2.GetInputStream(); ops.InitVerify(pubKey); while ((ch = dIn.ReadByte()) >= 0) { ops.Update((byte)ch); } p3 = (PgpSignatureList) pgpFact.NextPgpObject(); if (!ops.Verify(p3[0])) { Fail("Failed generated signature check"); } // // Read the public key with user attributes // pgpPub = new PgpPublicKeyRing(testPubWithUserAttr); pubKey = pgpPub.GetPublicKey(); int count = 0; foreach (PgpUserAttributeSubpacketVector attributes in pubKey.GetUserAttributes()) { int sigCount = 0; foreach (object sigs in pubKey.GetSignaturesForUserAttribute(attributes)) { if (sigs == null) Fail("null signature found"); sigCount++; } if (sigCount != 1) { Fail("Failed user attributes signature check"); } count++; } if (count != 1) { Fail("Failed user attributes check"); } byte[] pgpPubBytes = pgpPub.GetEncoded(); pgpPub = new PgpPublicKeyRing(pgpPubBytes); pubKey = pgpPub.GetPublicKey(); count = 0; foreach (object ua in pubKey.GetUserAttributes()) { if (ua == null) Fail("null user attribute found"); count++; } if (count != 1) { Fail("Failed user attributes reread"); } // // reading test extra data - key with edge condition for DSA key password. // char[] passPhrase = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' }; sKey = new PgpSecretKeyRing(testPrivKey2); pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(passPhrase); // // reading test - aes256 encrypted passphrase. // sKey = new PgpSecretKeyRing(aesSecretKey); pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(pass); // // reading test - twofish encrypted passphrase. // sKey = new PgpSecretKeyRing(twofishSecretKey); pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(pass); // // use of PgpKeyPair // DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(512, 80, new SecureRandom()); // TODO Is the certainty okay? DsaParameters dsaParams = pGen.GenerateParameters(); DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams); IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); kpg.Init(kgp); IAsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, kp.Public, kp.Private, DateTime.UtcNow); PgpPublicKey k1 = pgpKp.PublicKey; PgpPrivateKey k2 = pgpKp.PrivateKey; }
private void InitKey() { _secure_random = new SecureRandom(); DsaParametersGenerator _dsa_param_gen = new DsaParametersGenerator(); DsaKeyPairGenerator _dsa_key_pair_gen = new DsaKeyPairGenerator(); _dsa_param_gen.Init(1024, 80, _secure_random); DsaKeyGenerationParameters _dsa_key_gen_params = new DsaKeyGenerationParameters(_secure_random, _dsa_param_gen.GenerateParameters()); _dsa_key_pair_gen.Init(_dsa_key_gen_params); _key_pair = _dsa_key_pair_gen.GenerateKeyPair(); _private_key_param = (DsaPrivateKeyParameters)_key_pair.Private; _public_key_param = (DsaPublicKeyParameters)_key_pair.Public; }
public static SshKey CreateKey(SshVersion version, PublicKeyAlgorithm algorithm, string comment = "") { if (version == SshVersion.SSH1 && algorithm != PublicKeyAlgorithm.SSH_RSA) { throw new Exception("unsupported version/algorithm combination"); } switch (algorithm) { case PublicKeyAlgorithm.SSH_RSA: KeyGenerationParameters keyGenParam = new KeyGenerationParameters(secureRandom, 512); RsaKeyPairGenerator rsaKeyPairGen = new RsaKeyPairGenerator(); rsaKeyPairGen.Init(keyGenParam); AsymmetricCipherKeyPair keyPair = rsaKeyPairGen.GenerateKeyPair(); var rsaKey = new SshKey(version, keyPair); rsaKey.Comment = comment; return rsaKey; case PublicKeyAlgorithm.SSH_DSS: DsaParametersGenerator dsaParamGen = new DsaParametersGenerator(); dsaParamGen.Init(512, 10, secureRandom); DsaParameters dsaParam = dsaParamGen.GenerateParameters(); DsaKeyGenerationParameters dsaKeyGenParam = new DsaKeyGenerationParameters(secureRandom, dsaParam); DsaKeyPairGenerator dsaKeyPairGen = new DsaKeyPairGenerator(); dsaKeyPairGen.Init(dsaKeyGenParam); keyPair = dsaKeyPairGen.GenerateKeyPair(); var dsaKey = new SshKey(SshVersion.SSH2, keyPair); dsaKey.Comment = comment; return dsaKey; case PublicKeyAlgorithm.ECDSA_SHA2_NISTP256: X9ECParameters ecdsa256X9Params = SecNamedCurves.GetByName("secp256r1"); ECDomainParameters ecdsa256DomainParams = new ECDomainParameters(ecdsa256X9Params.Curve, ecdsa256X9Params.G, ecdsa256X9Params.N, ecdsa256X9Params.H); ECKeyGenerationParameters ecdsa256GenParams = new ECKeyGenerationParameters(ecdsa256DomainParams, secureRandom); ECKeyPairGenerator ecdsa256Gen = new ECKeyPairGenerator(); ecdsa256Gen.Init(ecdsa256GenParams); keyPair = ecdsa256Gen.GenerateKeyPair(); var ecdsa256Key = new SshKey(SshVersion.SSH2, keyPair); ecdsa256Key.Comment = comment; return ecdsa256Key; case PublicKeyAlgorithm.ECDSA_SHA2_NISTP384: X9ECParameters ecdsa384X9Params = SecNamedCurves.GetByName("secp384r1"); ECDomainParameters ecdsa384DomainParams = new ECDomainParameters(ecdsa384X9Params.Curve, ecdsa384X9Params.G, ecdsa384X9Params.N, ecdsa384X9Params.H); ECKeyGenerationParameters ecdsa384GenParams = new ECKeyGenerationParameters(ecdsa384DomainParams, secureRandom); ECKeyPairGenerator ecdsa384Gen = new ECKeyPairGenerator(); ecdsa384Gen.Init(ecdsa384GenParams); keyPair = ecdsa384Gen.GenerateKeyPair(); var ecdsa384Key = new SshKey(SshVersion.SSH2, keyPair); ecdsa384Key.Comment = comment; return ecdsa384Key; case PublicKeyAlgorithm.ECDSA_SHA2_NISTP521: X9ECParameters ecdsa521X9Params = SecNamedCurves.GetByName("secp521r1"); ECDomainParameters ecdsa521DomainParams = new ECDomainParameters(ecdsa521X9Params.Curve, ecdsa521X9Params.G, ecdsa521X9Params.N, ecdsa521X9Params.H); ECKeyGenerationParameters ecdsa521GenParams = new ECKeyGenerationParameters(ecdsa521DomainParams, secureRandom); ECKeyPairGenerator ecdsa521Gen = new ECKeyPairGenerator(); ecdsa521Gen.Init(ecdsa521GenParams); keyPair = ecdsa521Gen.GenerateKeyPair(); var ecdsa521Key = new SshKey(SshVersion.SSH2, keyPair); ecdsa521Key.Comment = comment; return ecdsa521Key; case PublicKeyAlgorithm.ED25519: var privateKeySeed = secureRandom.GenerateSeed(Ed25519.PrivateKeySeedSizeInBytes); var publicKeyBytes = new byte[Ed25519.PublicKeySizeInBytes]; var privateKeyBytes = new byte[Ed25519.ExpandedPrivateKeySizeInBytes]; Ed25519.KeyPairFromSeed(out publicKeyBytes, out privateKeyBytes, privateKeySeed); var publicKey = new Ed25519PublicKeyParameter(publicKeyBytes); var privateKey = new Ed25519PrivateKeyParameter(privateKeyBytes); var ed25519Key = new SshKey(SshVersion.SSH2, publicKey, privateKey, comment); return ed25519Key; default: throw new Exception("unsupported algorithm"); } }