Exemplo n.º 1
1
        public static void TestNegativeVerify384()
        {
            CngKey key = TestData.s_ECDsa384Key;
            ECDsaCng e = new ECDsaCng(key);

            byte[] tamperedSig = ("7805c494b17bba8cba09d3e5cdd16d69ce785e56c4f2d9d9061d549fce0a6860cca1cb9326bd534da21ad4ff326a1e0810d8"
                                + "f366eb6afc66ede0d1ffe345f6b37ac622ed77838b42825ceb96cd3996d3d77fd6a248357ae1ae6cb85f048b1b04").HexToByteArray();
            bool verified = e.VerifyHash(TestData.s_hashSha512, tamperedSig);
            Assert.False(verified);
        }
Exemplo n.º 2
1
 public static byte[] CreateSignature(byte[] data, CngKey key)
 {
     // 创建签名
     byte[] signature;
     using(var signingAlg = new ECDsaCng(key))
     {
         signature = signingAlg.SignData(data);
         signingAlg.Clear();
     }
     return signature;
 }
Exemplo n.º 3
1
        public MtbContainer Sign(MtbContainer mtb)
        {
            mtb.IssuerSignedTicketBundle.Header = new IssuerSignatureHeader(SignatureAlgorithm.ES256, _keyRepository.SigningIssuerId, _keyRepository.SigningKeyId);
            var signingInput = CreateCoseSigningInput(mtb.IssuerSignedTicketBundle.Header.GetBytes(), mtb.IssuerSignedTicketBundle.TicketBundle.GetBytes());
            var privateKey = _keyRepository.GetPrivateKey();
            using (var dsa = new ECDsaCng(privateKey))
            {
                mtb.IssuerSignedTicketBundle.Signature = dsa.SignData(signingInput);
            }

            return mtb;
        }
Exemplo n.º 4
0
        private static byte[] Sign(byte[] message, byte[] prikey)
        {
            var Secp256r1_G = HexString2Bytes("04" + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296" + "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5");

            var PublicKey = Neo.Cryptography.ECC.ECCurve.Secp256r1.G * prikey;
            var pubkey    = PublicKey.EncodePoint(false).Skip(1).ToArray();
            //#if NET461
            const int ECDSA_PRIVATE_P256_MAGIC = 0x32534345;

            prikey = BitConverter.GetBytes(ECDSA_PRIVATE_P256_MAGIC).Concat(BitConverter.GetBytes(32)).Concat(pubkey).Concat(prikey).ToArray();
            using (System.Security.Cryptography.CngKey key = System.Security.Cryptography.CngKey.Import(prikey, System.Security.Cryptography.CngKeyBlobFormat.EccPrivateBlob))
                using (System.Security.Cryptography.ECDsaCng ecdsa = new System.Security.Cryptography.ECDsaCng(key))
                //#else
                //            using (var ecdsa = System.Security.Cryptography.ECDsa.Create(new System.Security.Cryptography.ECParameters
                //            {
                //                Curve = System.Security.Cryptography.ECCurve.NamedCurves.nistP256,
                //                D = prikey,
                //                Q = new System.Security.Cryptography.ECPoint
                //                {
                //                    X = pubkey.Take(32).ToArray(),
                //                    Y = pubkey.Skip(32).ToArray()
                //                }
                //            }))
                //#endif
                {
                    return(ecdsa.SignData(message, System.Security.Cryptography.HashAlgorithmName.SHA256));
                }
        }
Exemplo n.º 5
0
 static void Main(string[] args)
 {
     if (args.Length == 1)
     {
         // Got Signature (License)? Then Verify it
         byte[] signature = Convert.FromBase64String(args[0]);
         // Public key must be hard-coded!
         const string publicKeyString = "RUNTMSAAAACOUGMbADUgo3dDq42gwv+uCPsI8jjQm61r0CUPVioibLfzskpsGmUAJD29rt3FzS5qb28gS5Ed85jDPwQoesBJ";
         byte[] publicKey = Convert.FromBase64String(publicKeyString);
         CngKey cngKey = CngKey.Import(publicKey, CngKeyBlobFormat.EccPublicBlob);
         ECDsaCng dsa = new ECDsaCng(cngKey);
         dsa.HashAlgorithm = CngAlgorithm.MD5;
         if (dsa.VerifyData(MachineID.ComputeEasyMachineID(), signature))
         {
             Console.WriteLine("License is valid. Thank you!");
         }
         else
         {
             Console.WriteLine("License is invalid!");
         }
         dsa.Clear();
     }
     else
     {
         // No Signature (License). Display InstallationID
         Console.WriteLine("No license found. Contact your software vendor and provide the following code:");
         foreach (byte b in MachineID.ComputeEasyMachineID())
         {
             Console.Write(b);
         }
     }
     Console.WriteLine("Press any key to continue ...");
     Console.ReadKey();
 }
Exemplo n.º 6
0
 public ECDSASigner(string privateKey) //konstruktor do importowania klucza
 {
     this.privateKey = Base58CheckEncoding.DecodePlain(privateKey);
     CngPrivateKey = CngKey.Import(this.privateKey, CngKeyBlobFormat.EccPrivateBlob);
     ECDSA = new ECDsaCng(CngPrivateKey);
     ECDSA.HashAlgorithm = CngAlgorithm.Sha256;
 }
		private ECDsaCng BuildEcDsaCng() {
			byte[] publicBlob = ECCPublicKeyBlobFormatter.Instance.BuildECCPublicBlob( this );
			using( var cng = CngKey.Import( publicBlob, CngKeyBlobFormat.EccPublicBlob ) ) {
				// ECDsaCng copies the CngKey, hence the using
				var ecDsa = new ECDsaCng( cng );
				return ecDsa;
			}
		}
Exemplo n.º 8
0
 internal static byte[] Sign(this ISignable signable, byte[] prikey, byte[] pubkey)
 {
     const int ECDSA_PRIVATE_P256_MAGIC = 0x32534345;
     prikey = BitConverter.GetBytes(ECDSA_PRIVATE_P256_MAGIC).Concat(BitConverter.GetBytes(32)).Concat(pubkey).Concat(prikey).ToArray();
     using (CngKey key = CngKey.Import(prikey, CngKeyBlobFormat.EccPrivateBlob))
     using (ECDsaCng ecdsa = new ECDsaCng(key))
     {
         return ecdsa.SignHash(signable.GetHashForSigning());
     }
 }
Exemplo n.º 9
0
 public void Receive(byte[] data, byte[] signature)
 {
     using (ECDsaCng ecsdKey = new ECDsaCng(CngKey.Import(key, CngKeyBlobFormat.EccPublicBlob)))
     {
         if (ecsdKey.VerifyData(data, signature))
             Console.WriteLine("Data is good");
         else
             Console.WriteLine("Data is bad");
     }
 }
Exemplo n.º 10
0
        public static void TestNegativeVerify256()
        {
            CngKey key = TestData.s_ECDsa256Key;
            ECDsaCng e = new ECDsaCng(key);

            byte[] tamperedSig = ("998791331eb2e1f4259297f5d9cb82fa20dec98e1cb0900e6b8f014a406c3d02cbdbf5238bde471c3155fc25565524301429"
                                + "e8713dad9a67eb0a5c355e9e23dc").HexToByteArray();
            bool verified = e.VerifyHash(TestData.s_hashSha512, tamperedSig);
            Assert.False(verified);
        }
Exemplo n.º 11
0
        public static void TestNegativeVerify521()
        {
            CngKey key = TestData.s_ECDsa521Key;
            ECDsaCng e = new ECDsaCng(key);

            byte[] tamperedSig = ("0084461450745672df85735fbf89f2dccef804d6b56e86ca45ea5c366a05a5de96327eddb75582821c6315c8bb823c875845"
                                + "a6f25963ddab70461b786261507f971401fdc300697824129e0a84e0ba1ab4820ac7b29e7f8248bc2e29d152a9190eb3fcb7"
                                + "6e8ebf1aa5dd28ffd582a24cbfebb3426a5f933ce1d995b31c951103d24f6256").HexToByteArray();
            bool verified = e.VerifyHash(TestData.s_hashSha512, tamperedSig);
            Assert.False(verified);
        }
Exemplo n.º 12
0
        public byte[] GetSignature(string claimString)
        {
            CngKey key = _keyProvider.GetKey();

            using (_keyProvider.GetKey())
            using(var dsa = new ECDsaCng(key))
            {
                var bytes = Encoding.UTF8.GetBytes(claimString);
                return dsa.SignData(bytes);
            }
        }
Exemplo n.º 13
0
 public ECDSASigner() //konstruktor do generowania klucza
 {
     keyCreationParameters = new CngKeyCreationParameters();
     keyCreationParameters.ExportPolicy = CngExportPolicies.AllowExport;
     keyCreationParameters.KeyUsage = CngKeyUsages.Signing;
     keyCreationParameters.ExportPolicy = CngExportPolicies.AllowPlaintextExport;
     CngPrivateKey = CngKey.Create(CngAlgorithm.ECDsaP256, null, keyCreationParameters);
     ECDSA = new ECDsaCng(CngPrivateKey);
     this.privateKey = ECDSA.Key.Export(CngKeyBlobFormat.EccPrivateBlob);
     ECDSA.HashAlgorithm = CngAlgorithm.Sha256;
 }
Exemplo n.º 14
0
 public byte[] Sign(ISignable signable)
 {
     byte[] signature;
     ProtectedMemory.Unprotect(key_exported, MemoryProtectionScope.SameProcess);
     using (CngKey key = CngKey.Import(key_exported, CngKeyBlobFormat.EccPrivateBlob))
     using (ECDsaCng ecdsa = new ECDsaCng(key))
     {
         signature = ecdsa.SignHash(signable.GetHashForSigning());
     }
     ProtectedMemory.Protect(key_exported, MemoryProtectionScope.SameProcess);
     return signature;
 }
Exemplo n.º 15
0
        private Boolean isValidSignedMsg(byte[] hash)
        {
            Boolean bReturn;

            using (var dsa = new ECDsaCng(CngKey.Import(PublicKey, CngKeyBlobFormat.EccPublicBlob)))
            {
                dsa.HashAlgorithm = Global.HashAlgorithm;
                bReturn = dsa.VerifyData(hash, SignedMsg);
            }

            return bReturn;
        }
Exemplo n.º 16
0
 public bool Check(string source)
 {
     using (ECDsaCng ecsdKey = new ECDsaCng(CngKey.Import(key, CngKeyBlobFormat.EccPublicBlob)))
     {
         byte[] destData = new byte[source.Length / 2];
         for(int i = 0; i < source.Length / 2; ++i)
         {
             destData[i] = Convert.ToByte(source.Substring(i * 2, 2), 16);
         }
         return ecsdKey.VerifyData(TestDataBytes, destData);
     }
 }
Exemplo n.º 17
0
        internal void ExtractValues(string appParam, byte[] originalChallenge)
        {
            DataContractJsonSerializer jsonSerializerResponse = new DataContractJsonSerializer(typeof(ClientData));
            object objResponse = jsonSerializerResponse.ReadObject(new MemoryStream(Helpers.Base64UrlDecode(clientData)));
            ClientData clientDataObject = objResponse as ClientData;

            if (clientDataObject == null
                || !clientDataObject.origin.Equals(appParam)
                || !clientDataObject.typ.Equals("navigator.id.finishEnrollment")
                || !clientDataObject.challenge.Equals(Helpers.Base64UrlEncode(originalChallenge))
                )
                throw new Exception("clientData does not contain necessary fields");

            byte[] data = Helpers.Base64UrlDecode(registrationData);
            if (data[0] != 0x05)
                throw new Exception("Invalid registration data");

            var keyLen = 65;
            byte[] keyBytes = new byte[keyLen];
            Array.Copy(data, 1, keyBytes, 0, keyLen);
            publicKey = Helpers.Base64UrlEncode(keyBytes);

            int keyHandleLen = data[66];
            byte[] keyHandleBytes = new byte[keyHandleLen];
            Array.Copy(data, 1 + 1 + keyLen, keyHandleBytes, 0, keyHandleLen);
            keyHandle = Helpers.Base64UrlEncode(keyHandleBytes);

            int certLen = data.Length - 1 - 1 - keyLen - keyHandleLen; // temporary!
            byte[] certBytes = new byte[certLen];
            Array.Copy(data, 1 + 1 + keyLen + keyHandleLen, certBytes, 0, certLen);
            X509Certificate certObject = new X509Certificate(certBytes);
            certBytes = certObject.Export(X509ContentType.Cert);
            certLen = certBytes.Length;

            int sigLen = data.Length - 1 - 1 - keyLen - keyHandleLen - certLen;
            byte[] signatureBytes = new byte[sigLen];
            Array.Copy(data, data.Length - sigLen, signatureBytes, 0, sigLen);

            var bytesToVerify = new byte[] { 0x00 }
                .Concat(SHA256.Create().ComputeHash(new UTF8Encoding().GetBytes(appParam)))
                .Concat(SHA256.Create().ComputeHash(Helpers.Base64UrlDecode(clientData)))
                .Concat(keyHandleBytes)
                .Concat(keyBytes)
                .ToArray();

            var ecdsa = new ECDsaCng(CngKey.Import(FixKeyBytes(certObject.GetPublicKey()), CngKeyBlobFormat.EccPublicBlob))
            {
                HashAlgorithm = CngAlgorithm.Sha256
            };
            if (!ecdsa.VerifyData(bytesToVerify, FixSignatureBytes(signatureBytes)))
                throw new Exception("Signature is not valid");
        }
Exemplo n.º 18
0
        public override CertificatePrivateKey ImportPrivateKey(byte[] keyData)
        {
            try {
                string magic = Encoding.ASCII.GetString(keyData, 0, 4);
                if (magic.Equals("ECS2") || magic.Equals("ECS4") || magic.Equals("ECS6")) {
                    CngKey cngKey = CngKey.Import(keyData, CngKeyBlobFormat.EccPrivateBlob);
                    ECDsaCng ecdsa = new ECDsaCng(cngKey);
                    return new CertificatePrivateKey(ecdsa);
                }
            } catch (Exception) {}

            return null;
        }
Exemplo n.º 19
0
        public static bool Verify(string publicKey, string message, string signature)
        {
            bool isValid = false;

            using (CngKey k = CngKey.Import(Convert.FromBase64String(publicKey), CngKeyBlobFormat.EccPublicBlob))
            using (ECDsaCng dsa = new ECDsaCng(k))
            {
                byte[] sigData = Convert.FromBase64String(signature);
                isValid = dsa.VerifyData(Encoding.Unicode.GetBytes(message), sigData);
            }

            return isValid;
        }
Exemplo n.º 20
0
        /// <summary>
        /// Weryfikacja na podstawie klucza publicznego, podpisu i podpisanych danych
        /// </summary>
        /// <param name="publicKey"></param>
        /// <param name="signature"></param>
        /// <param name="data"></param>
        /// <returns></returns>
 
        public static bool verifyData(byte[] publicKey, byte[] signature, byte[] data)
        {
            try
            {
                ECDsaCng ECDSA = new ECDsaCng(CngKey.Import(publicKey, CngKeyBlobFormat.EccPublicBlob));
                ECDSA.HashAlgorithm = CngAlgorithm.Sha256;
                return ECDSA.VerifyData(data, signature);
            }
            catch(Exception)
            {
                return false;
            }
        }
Exemplo n.º 21
0
 public static byte[] Sign(byte[] privateKey, Stream stream)
 {
     #if Mono
     throw new NotSupportedException();
     #else
     using (CngKey ck = CngKey.Import(privateKey, CngKeyBlobFormat.Pkcs8PrivateBlob))
     using (ECDsaCng ecdsa = new ECDsaCng(ck))
     {
         ecdsa.HashAlgorithm = CngAlgorithm.Sha256;
         return ecdsa.SignData(stream);
     }
     #endif
 }
 /// <summary>
 /// 使用私钥签名
 /// </summary>
 public static byte[] SignData(byte[] data, byte[] privateKey)
 {
     ///是否能够完全的释放using,在return以后
     // 打开密钥
     using (CngKey cngKey = CngKey.Import(privateKey, CngKeyBlobFormat.EccPrivateBlob))
     {
         // 签名
         using (ECDsaCng ecdsa = new ECDsaCng(cngKey))
         {
             byte[] signature = ecdsa.SignData(data);
             return signature;
         }
     }
 }
Exemplo n.º 23
0
 public static bool VerifySignature(byte[] data, byte[] signature, byte[] pubKey)
 {
     // 验证签名
     bool result = false;
     using (CngKey key = CngKey.Import(pubKey, CngKeyBlobFormat.GenericPublicBlob))
     {
         using(var signingAlg = new ECDsaCng(key))
         {
             result = signingAlg.VerifyData(data, signature);
             signingAlg.Clear();
         }
     }
     return result;
 }
        private static ECDsa DecodeECDsaPublicKey(CertificatePal certificatePal)
        {
            ECDsa ecdsa;
            using (SafeBCryptKeyHandle bCryptKeyHandle = ImportPublicKeyInfo(certificatePal.CertContext))
            {
                CngKeyBlobFormat blobFormat;
                byte[] keyBlob;
#if NETNATIVE
                blobFormat = CngKeyBlobFormat.EccPublicBlob;
                keyBlob = ExportKeyBlob(bCryptKeyHandle, blobFormat);
                using (CngKey cngKey = CngKey.Import(keyBlob, blobFormat))
                {
                    ecdsa = new ECDsaCng(cngKey);
                }
#else
                string curveName = GetCurveName(bCryptKeyHandle);

                if (curveName == null)
                {
                    if (HasExplicitParameters(bCryptKeyHandle))
                    {
                        blobFormat = CngKeyBlobFormat.EccFullPublicBlob;
                    }
                    else
                    {
                        blobFormat = CngKeyBlobFormat.EccPublicBlob;
                    }

                    keyBlob = ExportKeyBlob(bCryptKeyHandle, blobFormat);
                    using (CngKey cngKey = CngKey.Import(keyBlob, blobFormat))
                    {
                        ecdsa = new ECDsaCng(cngKey);
                    }
                }
                else
                {
                    blobFormat = CngKeyBlobFormat.EccPublicBlob;
                    keyBlob = ExportKeyBlob(bCryptKeyHandle, blobFormat);
                    ECParameters ecparams = new ECParameters();
                    ExportNamedCurveParameters(ref ecparams, keyBlob, false);
                    ecparams.Curve = ECCurve.CreateFromFriendlyName(curveName);
                    ecdsa = new ECDsaCng();
                    ecdsa.ImportParameters(ecparams);
                }
#endif
            }

            return ecdsa;
        }
 /// <summary>
 /// 使用公钥验证签名
 /// </summary>
 public static bool VerifyData(byte[] data, byte[] signature, byte[] publicKey)
 {
     //验证是否签名匹配
     bool verified = false;
     // 导入公钥
     using (CngKey cngKey = CngKey.Import(publicKey, CngKeyBlobFormat.EccPublicBlob))
     {
         // 验证签名
         using (ECDsaCng ecdsa = new ECDsaCng(cngKey))
         {
             verified = ecdsa.VerifyData(data, signature);
             return verified;
         }
     }
 }
        private bool VerifySignature(byte[] data, byte[] signature, byte[] pubKey)
        {
            bool retValue = false;
            using (CngKey key = CngKey.Import(pubKey, CngKeyBlobFormat.GenericPublicBlob))
            using (var signingAlg = new ECDsaCng(key))
            {
#if NET46
                retValue = signingAlg.VerifyData(data, signature);
                signingAlg.Clear();
#else
                retValue = signingAlg.VerifyData(data, signature, HashAlgorithmName.SHA512);
#endif
            }
            return retValue;
        }
        private byte[] CreateSignature(byte[] data, CngKey key)
        {

            byte[] signature;
            using (var signingAlg = new ECDsaCng(key))
            {
#if NET46
                signature = signingAlg.SignData(data);
                signingAlg.Clear();
#else
                signature = signingAlg.SignData(data, HashAlgorithmName.SHA512);

#endif
            }
            return signature;
        }
Exemplo n.º 28
0
        static void Main(string[] args)
        {
            if (args.Length != 1 && args[0].Length != 8)
            {
                Console.WriteLine("Use a valid MachineID as the argument.");
                return;
            }
            else
            {
                Console.WriteLine("MachineID: " + args[0]);
            }

            // The data to sign.
            byte[] data = new byte[8];

            // Convert MachineID to byte array
            for (int i = 0; i < 8; i++)
            {
                data[i] = Byte.Parse(args[0][i].ToString());
            }

            // Load the key from system store
            // This key was created by key gen
            CngKey cngKey = CngKey.Open("PA ECDSA Key");
            using (ECDsaCng dsa = new ECDsaCng(cngKey))
            {
                dsa.HashAlgorithm = CngAlgorithm.MD5;
                byte[] signature = dsa.SignData(data);
                dsa.Clear();

                // Print signature
                Console.WriteLine("\nSignature:\n" + Debugger.BytesToString(signature));
                // Base64
                Console.WriteLine("\nSignature in Base64:\n" + CodeConverter.ToBase64(signature));

                // Big numbers
                Console.WriteLine("\nSignature in Codes:");
                ulong[] a = CodeConverter.ToInt64Array(signature);
                foreach (ulong i in a) Console.WriteLine(i.ToString());

                // Formated Base32
                Console.WriteLine("\nSignature in Formated Base32:\n" + CodeConverter.ToFormatedBase32Code(signature));

                Console.WriteLine("\nPress any key to continue");
                Console.ReadKey();
            }
        }
Exemplo n.º 29
0
        /// <summary>
        /// 公開鍵と秘密鍵を作成して返す
        /// </summary>
        /// <param name="publicKey">作成された公開鍵</param>
        /// <param name="privateKey">作成された秘密鍵</param>
        public static void CreateKeys(out byte[] publicKey, out byte[] privateKey)
        {
            #if Mono
            throw new NotSupportedException();
            #else
            CngKeyCreationParameters ckcp = new CngKeyCreationParameters();
            ckcp.ExportPolicy = CngExportPolicies.AllowPlaintextExport;
            ckcp.KeyUsage = CngKeyUsages.Signing;

            using (CngKey ck = CngKey.Create(CngAlgorithm.ECDsaP521, null, ckcp))
            using (ECDsaCng ecdsa = new ECDsaCng(ck))
            {
                publicKey = Encoding.ASCII.GetBytes(ecdsa.ToXmlString(ECKeyXmlFormat.Rfc4050));
                privateKey = ecdsa.Key.Export(CngKeyBlobFormat.Pkcs8PrivateBlob);
            }
            #endif
        }
Exemplo n.º 30
0
        public void TestMethod1()
        {
            string stringSignature;
            Bob bob = new Bob();
            using (ECDsaCng dsa = new ECDsaCng(100))
            {
                dsa.HashAlgorithm = CngAlgorithm.MD5;
                bob.key = dsa.Key.Export(CngKeyBlobFormat.EccPublicBlob);

                byte[] data = new byte[] { 21, 5, 8, 12, 207 };

                byte[] signature = dsa.SignData(data);
                stringSignature = Convert.ToBase64String(signature);

                bob.Receive(data, signature);
            }
        }
Exemplo n.º 31
0
        public static byte[] SignData(byte[] prikey, byte[] data)
        {
            var PublicKey = ThinNeo.Cryptography.ECC.ECCurve.Secp256r1.G * prikey;

            byte[] pubkey = PublicKey.EncodePoint(false).Skip(1).ToArray();


            //签名的私钥
            byte[] first      = { 0x45, 0x43, 0x53, 0x32, 0x20, 0x00, 0x00, 0x00 };
            byte[] signprikey = first.Concat(pubkey).Concat(prikey).ToArray();

            using (System.Security.Cryptography.CngKey key = System.Security.Cryptography.CngKey.Import(signprikey, System.Security.Cryptography.CngKeyBlobFormat.EccPrivateBlob))
            {
                using (System.Security.Cryptography.ECDsaCng ecdsa = new System.Security.Cryptography.ECDsaCng(key))
                {
                    var hashsrc  = sha256.ComputeHash(data);
                    var signdata = ecdsa.SignHash(hashsrc);
                    return(signdata);
                }
            }
        }
Exemplo n.º 32
-1
        public static string Sign(string privateKey, string message)
        {
            string signature = null;
            using (CngKey k = CngKey.Import(Convert.FromBase64String(privateKey), CngKeyBlobFormat.EccPrivateBlob))
            using (ECDsaCng dsa = new ECDsaCng(k))
            {
                byte[] sigData = dsa.SignData(Encoding.Unicode.GetBytes(message));
                signature = Convert.ToBase64String(sigData);
            }

            return signature;
        }