public void VerifyDataByteArraySpan_OffsetGreaterThanCount_ThrowsArgumentOutOfRangeException(ECDsa ecdsa)
{
AssertExtensions.Throws <ArgumentOutOfRangeException>("offset",
() => ecdsa.VerifyData(new byte[0], 2, 1, null, default(HashAlgorithmName)));
}
private static void CSCbchallengeResult([MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 1)] byte[] signature, int signaturelen, eid_vwr_result result)
{
try
{
theData.WriteLog("CSCbchallengeResult called, result = " + result.ToString() + "\n", eid_vwr_loglevel.EID_VWR_LOG_NORMAL);
switch (result)
{
//in case the function failed, we should not generate an error
case eid_vwr_result.EID_VWR_RES_SUCCESS:
//verify the response
/* Offset ENCODING ASN.1 Syntax
*
* 00 30 76 -- SEQUENCE LENGTH
* 02 30 10 -- SEQUENCE LENGTH
* Label
* 04 06 07 -- OBJECT_ID LENGTH
* 2A 86 48 CE 3D 02 01 EcPublicKey (1 2 840 10045 2 1)
*
* 0D 06 05 -- OBJECT_ID LENGTH
* 0F 2B 81 04 00 22 Secp384r1 (1 3 132 0 34)
*
* 14 03 62 -- BIT_STRING (98 bytes) LENGTH
* 16 00 -- no bits unused in the final byte
* 17 04 compression byte
* 18 {48 bytes} -- X coordinate
* 48 {48 bytes} -- Y coordinate
* */
//For now: No real parsing here, only accepting the above fixed format
//Will add the parsing in pkcs#11, or here, later
if (theData.basicKeyFile.Length != 0x78)
{
//File for supported format is incorrect, cannot verify, exit
theData.WriteLog("CSCbchallengeResult encountered an error (basicKeyFile.Length != 0x78)\n , key verification could not start \n", eid_vwr_loglevel.EID_VWR_LOG_ERROR);
return;
}
byte[] KeyParams = new byte[5];
byte[] Secp384r1 = { 0x2B, 0x81, 0x04, 0x00, 0x22 };
byte[] KeyValue_X = new byte[48];
byte[] KeyValue_Y = new byte[48];
Array.Copy(theData.basicKeyFile, 0x0F, KeyParams, 0, 5);
ECParameters parameters = new ECParameters();
if (System.Collections.StructuralComparisons.StructuralEqualityComparer.Equals(KeyParams, Secp384r1))
{
//Fill in parameters named curve:
//Create a named curve using the specified Oid object.
System.Security.Cryptography.Oid cardP384oid = new Oid("ECDSA_P384");
parameters.Curve = ECCurve.CreateFromOid(cardP384oid);
Array.Copy(theData.basicKeyFile, 0x18, KeyValue_X, 0, 48);
Array.Copy(theData.basicKeyFile, 0x48, KeyValue_Y, 0, 48);
//Fill in parameters public key (Q)
System.Security.Cryptography.ECPoint Q;
Q.X = KeyValue_X;
Q.Y = KeyValue_Y;
parameters.Q = Q;
}
else
{
//not supported, cannot verify, exit
}
ECDsa dsa = ECDsa.Create(parameters);
if (dsa.VerifyData(theData.challenge, signature, HashAlgorithmName.SHA384))
{
theData.WriteLog("CSCbchallengeResult: verified the challenge response successfully \n", eid_vwr_loglevel.EID_VWR_LOG_NORMAL);
}
else
{
theData.WriteLog("CSCbchallengeResult: the challenge response was incorrect \n", eid_vwr_loglevel.EID_VWR_LOG_ERROR);
}
break;
case eid_vwr_result.EID_VWR_RES_FAILED:
//mark the verification as not happened
theData.WriteLog("CSCbchallengeResult encountered an error, key verification could not start \n", eid_vwr_loglevel.EID_VWR_LOG_ERROR);
break;
}
}
catch (Exception e)
{
theData.WriteLog("CSCbchallengeResult encountered an error " + e.ToString() + "\n", eid_vwr_loglevel.EID_VWR_LOG_ERROR);
}
}
public void VerifyDataStream_UnsupportedHashAlgorithm_ThrowsCryptographicException(ECDsa ecdsa)
{
Assert.Throws <CryptographicException>(
() => ecdsa.VerifyData(new MemoryStream(), new byte[0], new HashAlgorithmName("NOT_A_REAL_HASH_ALGORITHM")));
}
private bool Verify(ECDsa publicKey, byte[] signature, byte[] securedInput)
{
Ensure.BitSize(publicKey.KeySize, keySize, string.Format("EcdsaUsingSha algorithm expected key of size {0} bits, but was given {1} bits", keySize, publicKey.KeySize));
return(publicKey.VerifyData(securedInput, signature, Hash));
}
public void VerifyDataByteArraySpan_NullSignature_ThrowsArgumentNullException(ECDsa ecdsa)
{
Assert.Throws <ArgumentNullException>("signature",
() => ecdsa.VerifyData(new byte[0], 0, 0, null, default(HashAlgorithmName)));
}
public void VerifyDataStream_NullSignature_ThrowsArgumentNullException(ECDsa ecdsa)
{
Assert.Throws <ArgumentNullException>("signature",
() => ecdsa.VerifyData(new MemoryStream(), null, default(HashAlgorithmName)));
}
/// <inheritdoc /> public bool Verify(byte[] bytesToSign, byte[] signature) => _publicKey.VerifyData(bytesToSign, signature, HashAlgorithmInternal);
public void VerifyDataByteArraySpan_NegativeCount_ThrowsArgumentOutOfRangeException(ECDsa ecdsa)
{
Assert.Throws <ArgumentOutOfRangeException>("count",
() => ecdsa.VerifyData(new byte[0], 0, -1, null, default(HashAlgorithmName)));
}
public bool Verify(byte[] data, byte[] sign)
{
return(dsa.VerifyData(data, sign, HashAlgorithmName.SHA256));
}
/// <inheritdoc/>
public bool Verify(byte[] data, byte[] signature)
{
return(_dsa.VerifyData(data, signature, _algorithmName));
}
/// <summary>
/// Checks if a signature is valid.
/// </summary>
/// <returns><see langword="true"/> if the signature is valid, else <see langword="false"/>.</returns>
public bool Verify(byte[] data, byte[] signature)
{
return(publicKey.VerifyData(data, signature, HashAlgorithmName.SHA256));
}
public override bool Verify(byte[] input, byte[] signature)
{
return(_ecdsa.VerifyData(input, signature, _hashes[Algorithm]));
}
public void VerifyDataStream_NullData_ThrowsArgumentNullException(ECDsa ecdsa)
{
AssertExtensions.Throws <ArgumentNullException>("data",
() => ecdsa.VerifyData((Stream)null, null, default(HashAlgorithmName)));
}
public void VerifyData_InvalidArguments_Throws(ECDsa ecdsa)
{
AssertExtensions.Throws <ArgumentNullException>("data", () => ecdsa.VerifyData((byte[])null, null, default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentNullException>("data", () => ecdsa.VerifyData(null, -1, -1, null, default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentNullException>("signature", () => ecdsa.VerifyData(new byte[0], null, default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentNullException>("signature", () => ecdsa.VerifyData(new byte[0], 0, 0, null, default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentOutOfRangeException>("offset", () => ecdsa.VerifyData(new byte[0], -1, -1, null, default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentOutOfRangeException>("offset", () => ecdsa.VerifyData(new byte[0], 2, 1, null, default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentOutOfRangeException>("count", () => ecdsa.VerifyData(new byte[0], 0, -1, null, default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentOutOfRangeException>("count", () => ecdsa.VerifyData(new byte[0], 0, 1, null, default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.VerifyData(new byte[0], new byte[0], default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.VerifyData(new byte[0], 0, 0, new byte[0], default(HashAlgorithmName)));
AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.VerifyData(new byte[10], new byte[0], new HashAlgorithmName("")));
AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.VerifyData(new byte[10], 0, 10, new byte[0], new HashAlgorithmName("")));
Assert.ThrowsAny <CryptographicException>(() => ecdsa.VerifyData(new byte[0], new byte[0], new HashAlgorithmName(Guid.NewGuid().ToString("N"))));
Assert.ThrowsAny <CryptographicException>(() => ecdsa.VerifyData(new byte[0], 0, 0, new byte[0], new HashAlgorithmName(Guid.NewGuid().ToString("N"))));
}
/// <summary>
/// Verify a card challenge against the card's public key. It is assumed that
/// the signature is an EC signature (curve Secp384r1) from a SHA384 hash of the data.
/// </summary>
/// <param name="data">challenge</param>
/// <param name="signature">Signature of the challenge</param>
/// <param name="eCPublicKey">ECPublicKey object to verify the signed challenge</param>
/// <returns>True if the verification succeeds</returns>
public bool VerifyChallenge(byte[] data, byte[] signature, ECPublicKey eCPublicKey)
{
try
{
// Offset(dec) ENCODING ASN.1 Syntax
// 00 06 05 -- OBJECT_ID LENGTH
// 02 2B 81 04 00 22 Secp384r1(1 3 132 0 34)
byte[] EncodedParamsCurve = eCPublicKey.ECParams.Value;
// Offset(dec) ENCODING ASN.1 Syntax
// 00 04 compression byte
// 01 { 48 bytes} --X coordinate
// 49: { 48 bytes} --Y coordinate
byte[] EncodedParamsPoint = eCPublicKey.ECPoint.Value;
byte[] KeyParams = new byte[5];
byte[] Secp384r1 = { 0x2B, 0x81, 0x04, 0x00, 0x22 };
byte[] KeyValue_X = new byte[48];
byte[] KeyValue_Y = new byte[48];
Array.Copy(EncodedParamsCurve, 0x02, KeyParams, 0, 5);
ECParameters parameters = new ECParameters();
//check if the curve is Secp384r1(1 3 132 0 34)
if (System.Collections.StructuralComparisons.StructuralEqualityComparer.Equals(KeyParams, Secp384r1))
{
//Fill in parameters named curve:
//Create a named curve using the specified Oid object.
System.Security.Cryptography.Oid cardP384oid = new Oid("ECDSA_P384");
parameters.Curve = ECCurve.CreateFromOid(cardP384oid);
//skip the encoding byte
Array.Copy(EncodedParamsPoint, 0x01, KeyValue_X, 0, 48);
Array.Copy(EncodedParamsPoint, 0x31, KeyValue_Y, 0, 48);
//Fill in parameters public key (Q)
System.Security.Cryptography.ECPoint Q;
Q.X = KeyValue_X;
Q.Y = KeyValue_Y;
parameters.Q = Q;
}
else
{
//not supported, cannot verify, exit
return(false);
}
ECDsa dsa = ECDsa.Create(parameters);
// verify signature. assume that the data was SHA384 hashed.
return(dsa.VerifyData(data, signature, HashAlgorithmName.SHA384));
}
catch (Exception e)
{
Console.WriteLine("Error: " + e.Message);
return(false);
}
}
protected override bool VerifyData(ECDsa ecdsa, byte[] data, int offset, int count, byte[] signature, HashAlgorithmName hashAlgorithm) => ecdsa.VerifyData(new ReadOnlySpan <byte>(data, offset, count), signature, hashAlgorithm);
/// <summary>
/// Verify a signature with a given certificate. It is assumed that
/// the signature is made from a SHA1 hash of the data.
/// </summary>
/// <param name="data">Signed data</param>
/// <param name="signature">Signature to be verified</param>
/// <param name="certificate">Certificate containing the public key used to verify the code</param>
/// <returns>True if the verification succeeds</returns>
public bool Verify(byte[] data, byte[] signature, byte[] certificate)
{
try
{
X509Certificate2 x509Certificate;
// create certificate object from byte 'file'
x509Certificate = new X509Certificate2(certificate);
String algo = x509Certificate.GetKeyAlgorithm();
if (String.Compare(algo, "1.2.840.113549.1.1.1") == 0) //rsaEncryption
{
// use public key from certificate during verification
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509Certificate.PublicKey.Key;
// verify signature. assume that the data was SHA1 hashed.
return(rsa.VerifyData(data, "SHA1", signature));
}
else if (String.Compare(algo, "1.2.840.10045.2.1") == 0) //EC Public Key
{
// use public key from certificate during verification
PublicKey publicKey = x509Certificate.PublicKey;
// Offset(dec) ENCODING ASN.1 Syntax
// 00 06 05 -- OBJECT_ID LENGTH
// 02 2B 81 04 00 22 Secp384r1(1 3 132 0 34)
byte[] EncodedParamsCurve = publicKey.EncodedParameters.RawData;
// Offset(dec) ENCODING ASN.1 Syntax
// 00 04 compression byte
// 01 { 48 bytes} --X coordinate
// 49: { 48 bytes} --Y coordinate
byte[] EncodedParamsPoint = publicKey.EncodedKeyValue.RawData;
byte[] KeyParams = new byte[5];
byte[] Secp384r1 = { 0x2B, 0x81, 0x04, 0x00, 0x22 };
byte[] KeyValue_X = new byte[48];
byte[] KeyValue_Y = new byte[48];
Array.Copy(EncodedParamsCurve, 0x02, KeyParams, 0, 5);
ECParameters parameters = new ECParameters();
//check if the curve is Secp384r1(1 3 132 0 34)
if (System.Collections.StructuralComparisons.StructuralEqualityComparer.Equals(KeyParams, Secp384r1))
{
//Fill in parameters named curve:
//Create a named curve using the specified Oid object.
System.Security.Cryptography.Oid cardP384oid = new Oid("ECDSA_P384");
parameters.Curve = ECCurve.CreateFromOid(cardP384oid);
Array.Copy(EncodedParamsPoint, 0x01, KeyValue_X, 0, 48);
Array.Copy(EncodedParamsPoint, 0x31, KeyValue_Y, 0, 48);
//Fill in parameters public key (Q)
System.Security.Cryptography.ECPoint Q;
Q.X = KeyValue_X;
Q.Y = KeyValue_Y;
parameters.Q = Q;
}
else
{
//not supported, cannot verify, exit
return(false);
}
ECDsa dsa = ECDsa.Create(parameters);
// verify signature. assume that the data was SHA384 hashed.
return(dsa.VerifyData(data, signature, HashAlgorithmName.SHA384));
}
else
{
return(true);
}
}
catch (Exception e)
{
Console.WriteLine("Error: " + e.Message);
return(false);
}
}
public void VerifyDataByteArraySpan_CountGreaterThanLengthMinusOffset_ThrowsArgumentOutOfRangeException(ECDsa ecdsa)
{
Assert.Throws <ArgumentOutOfRangeException>("count",
() => ecdsa.VerifyData(new byte[0], 0, 1, null, default(HashAlgorithmName)));
}
/// <summary>
/// Simplified method that validates signed bytes against the signature using a EC public key.
/// </summary>
private bool VerifySignedBytesAgainstSignature(ECDsa publicKey, byte[] signedBytes, byte[] signature)
{
bool result = publicKey.VerifyData(signedBytes, signature.FromAsn1Signature(), HashAlgorithmName.SHA256);
return(result);
}
public void VerifyDataByteArraySpan_EmptyHashAlgorithm_ThrowsArgumentException(ECDsa ecdsa)
{
Assert.Throws <ArgumentException>("hashAlgorithm",
() => ecdsa.VerifyData(new byte[10], 0, 10, new byte[0], new HashAlgorithmName("")));
}
/// <summary>
/// Verifies that a digital signature is valid by calculating the hash value of the specified data
/// using the specified hash algorithm and padding, and comparing it to the provided signature.
/// </summary>
/// <param name="data">The data to sign.</param>
/// <param name="signature">The signature data to be verified.</param>
/// <returns>true if the signature is valid; otherwise, false.</returns>
public bool Verify(byte[] data, byte[] signature)
{
return(ecdsa.VerifyData(data, signature, hashName));
}
public void VerifyDataStream_DefaultHashAlgorithm_ThrowsArgumentException(ECDsa ecdsa)
{
Assert.Throws <ArgumentException>("hashAlgorithm",
() => ecdsa.VerifyData(new MemoryStream(), new byte[0], default(HashAlgorithmName)));
}
/// <summary>デジタル署名を検証する</summary>
/// <param name="data">デジタル署名を行なった対象データ</param>
/// <param name="sign">対象データに対してデジタル署名したデジタル署名部分のデータ</param>
/// <returns>検証結果( true:検証成功, false:検証失敗 )</returns>
public override bool Verify(byte[] data, byte[] sign)
{
ECDsa aa2 = this.X509Certificate.GetECDsaPublicKey();
return(aa2.VerifyData(data, sign, this.HashAlgorithmName));
}
public void SignVerify_InteroperableSameKeys_RoundTripsUnlessTampered(ECDsa ecdsa, HashAlgorithmName hashAlgorithm)
{
byte[] data = Encoding.UTF8.GetBytes("something to repeat and sign");
// large enough to make hashing work though multiple iterations and not a multiple of 4KB it uses.
byte[] dataArray = new byte[33333];
MemoryStream dataStream = new MemoryStream(dataArray, true);
while (dataStream.Position < dataArray.Length - data.Length)
{
dataStream.Write(data, 0, data.Length);
}
dataStream.Position = 0;
byte[] dataArray2 = new byte[dataArray.Length + 2];
dataArray.CopyTo(dataArray2, 1);
ArraySegment <byte> dataSpan = new ArraySegment <byte>(dataArray2, 1, dataArray.Length);
HashAlgorithm halg;
if (hashAlgorithm == HashAlgorithmName.MD5)
{
halg = MD5.Create();
}
else if (hashAlgorithm == HashAlgorithmName.SHA1)
{
halg = SHA1.Create();
}
else if (hashAlgorithm == HashAlgorithmName.SHA256)
{
halg = SHA256.Create();
}
else if (hashAlgorithm == HashAlgorithmName.SHA384)
{
halg = SHA384.Create();
}
else if (hashAlgorithm == HashAlgorithmName.SHA512)
{
halg = SHA512.Create();
}
else
{
throw new Exception("Hash algorithm not supported.");
}
List <byte[]> signatures = new List <byte[]>(6);
// Compute a signature using each of the SignData overloads. Then, verify it using each
// of the VerifyData overloads, and VerifyHash overloads.
//
// Then, verify that VerifyHash fails if the data is tampered with.
signatures.Add(ecdsa.SignData(dataArray, hashAlgorithm));
signatures.Add(ecdsa.SignData(dataSpan.Array, dataSpan.Offset, dataSpan.Count, hashAlgorithm));
signatures.Add(ecdsa.SignData(dataStream, hashAlgorithm));
dataStream.Position = 0;
signatures.Add(ecdsa.SignHash(halg.ComputeHash(dataArray)));
signatures.Add(ecdsa.SignHash(halg.ComputeHash(dataSpan.Array, dataSpan.Offset, dataSpan.Count)));
signatures.Add(ecdsa.SignHash(halg.ComputeHash(dataStream)));
dataStream.Position = 0;
foreach (byte[] signature in signatures)
{
Assert.True(ecdsa.VerifyData(dataArray, signature, hashAlgorithm), "Verify 1");
Assert.True(ecdsa.VerifyData(dataSpan.Array, dataSpan.Offset, dataSpan.Count, signature, hashAlgorithm), "Verify 2");
Assert.True(ecdsa.VerifyData(dataStream, signature, hashAlgorithm), "Verify 3");
Assert.True(dataStream.Position == dataArray.Length, "Check stream read 3A");
dataStream.Position = 0;
Assert.True(ecdsa.VerifyHash(halg.ComputeHash(dataArray), signature), "Verify 4");
Assert.True(ecdsa.VerifyHash(halg.ComputeHash(dataSpan.Array, dataSpan.Offset, dataSpan.Count), signature), "Verify 5");
Assert.True(ecdsa.VerifyHash(halg.ComputeHash(dataStream), signature), "Verify 6");
Assert.True(dataStream.Position == dataArray.Length, "Check stream read 6A");
dataStream.Position = 0;
}
int distinctSignatures = signatures.Distinct(new ByteArrayComparer()).Count();
Assert.True(distinctSignatures == signatures.Count, "Signing should be randomized");
foreach (byte[] signature in signatures)
{
signature[signature.Length - 1] ^= 0xFF; // flip some bits
Assert.False(ecdsa.VerifyData(dataArray, signature, hashAlgorithm), "Verify Tampered 1");
Assert.False(ecdsa.VerifyData(dataSpan.Array, dataSpan.Offset, dataSpan.Count, signature, hashAlgorithm), "Verify Tampered 2");
Assert.False(ecdsa.VerifyData(dataStream, signature, hashAlgorithm), "Verify Tampered 3");
Assert.True(dataStream.Position == dataArray.Length, "Check stream read 3B");
dataStream.Position = 0;
Assert.False(ecdsa.VerifyHash(halg.ComputeHash(dataArray), signature), "Verify Tampered 4");
Assert.False(ecdsa.VerifyHash(halg.ComputeHash(dataSpan.Array, dataSpan.Offset, dataSpan.Count), signature), "Verify Tampered 5");
Assert.False(ecdsa.VerifyHash(halg.ComputeHash(dataStream), signature), "Verify Tampered 6");
Assert.True(dataStream.Position == dataArray.Length, "Check stream read 6B");
dataStream.Position = 0;
}
}
/// <inheritdoc /> public bool Verify(byte[] bytesToSign, byte[] signature) => _publicKey.VerifyData(bytesToSign, signature, this.HashAlgorithmName);
public void VerifyDataByteArray_NullData_ThrowsArgumentNullException(ECDsa ecdsa)
{
Assert.Throws <ArgumentNullException>("data",
() => ecdsa.VerifyData((byte[])null, null, default(HashAlgorithmName)));
}
public void VerifyDataByteArray_DefaultHashAlgorithm_ThrowsArgumentException(ECDsa ecdsa)
{
AssertExtensions.Throws <ArgumentException>("hashAlgorithm",
() => ecdsa.VerifyData(new byte[0], new byte[0], default(HashAlgorithmName)));
}
