AsymmetricKeyParameter DecryptAsymmetricKeyParameter(byte[] buffer, int length)
{
using (var memory = new MemoryStream(buffer, 0, length, false)) {
using (var asn1 = new Asn1InputStream(memory)) {
var sequence = asn1.ReadObject() as Asn1Sequence;
if (sequence == null)
{
return(null);
}
var encrypted = EncryptedPrivateKeyInfo.GetInstance(sequence);
var algorithm = encrypted.EncryptionAlgorithm;
var encoded = encrypted.GetEncryptedData();
var cipher = PbeUtilities.CreateEngine(algorithm) as IBufferedCipher;
if (cipher == null)
{
return(null);
}
var cipherParameters = PbeUtilities.GenerateCipherParameters(algorithm, passwd);
cipher.Init(false, cipherParameters);
var decrypted = cipher.DoFinal(encoded);
var keyInfo = PrivateKeyInfo.GetInstance(decrypted);
return(PrivateKeyFactory.CreateKey(keyInfo));
}
}
}
public override void PerformTest()
{
IAsymmetricCipherKeyPairGenerator pGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25);
pGen.Init(genParam);
AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
//
// set up the parameters
//
byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
int iterationCount = 100;
//
// set up the key
//
char[] password1 = { 'h', 'e', 'l', 'l', 'o' };
EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(alg, password1, salt, iterationCount, PrivateKeyInfoFactory.CreatePrivateKeyInfo(pair.Private));
PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password1, encInfo);
AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(info);
if (!key.Equals(pair.Private))
{
Fail("Key corrupted");
}
doOpensslTestKeys();
}
public PemObject Generate()
{
if (this.algorithm == null)
{
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(this.privKey);
return(new PemObject("PRIVATE KEY", privateKeyInfo.GetEncoded()));
}
byte[] array = new byte[20];
if (this.random == null)
{
this.random = new SecureRandom();
}
this.random.NextBytes(array);
PemObject result;
try
{
EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(this.algorithm, this.password, array, this.iterationCount, this.privKey);
result = new PemObject("ENCRYPTED PRIVATE KEY", encryptedPrivateKeyInfo.GetEncoded());
}
catch (Exception exception)
{
throw new PemGenerationException("Couldn't encrypt private key", exception);
}
return(result);
}
byte[] EncryptAsymmetricKeyParameter(AsymmetricKeyParameter key)
{
var cipher = PbeUtilities.CreateEngine(EncryptionAlgorithm.Id) as IBufferedCipher;
var keyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(key);
var random = new SecureRandom();
var salt = new byte[SaltSize];
if (cipher == null)
{
throw new Exception("Unknown encryption algorithm: " + EncryptionAlgorithm.Id);
}
random.NextBytes(salt);
var pbeParameters = PbeUtilities.GenerateAlgorithmParameters(EncryptionAlgorithm.Id, salt, MinIterations);
var algorithm = new AlgorithmIdentifier(EncryptionAlgorithm, pbeParameters);
var cipherParameters = PbeUtilities.GenerateCipherParameters(algorithm, passwd);
if (cipherParameters == null)
{
throw new Exception("BouncyCastle bug detected: Failed to generate cipher parameters.");
}
cipher.Init(true, cipherParameters);
var encoded = cipher.DoFinal(keyInfo.GetEncoded());
var encrypted = new EncryptedPrivateKeyInfo(algorithm, encoded);
return(encrypted.GetEncoded());
}
public IAsymmetricKey GetEncryptedPrivateKey(byte[] keyContent)
{
var encrpytedPrivateKeyInfo = EncryptedPrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(keyContent));
var cipherType = cipherTypeMapper.MapOidToCipherType(encrpytedPrivateKeyInfo.EncryptionAlgorithm.Algorithm.Id);
return(new EncryptedKey(keyContent, cipherType));
}
internal static RSA DecryptPrivateKey(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo, string password)
{
var parameters = (DerSequence)encryptedPrivateKeyInfo.EncryptionAlgorithm.Parameters;
var salt = ((DerOctetString)parameters[0]).GetOctets();
var iterations = ((DerInteger)parameters[1]).Value.IntValue;
var pbkdf1 = new PasswordDeriveBytes(password, salt, "SHA1", iterations);
var keyBytes = pbkdf1.GetBytes(16);
var ivBytes = SHA1.Create().ComputeHash(pbkdf1.GetBytes(4));
var engine = new SeedEngine();
var blockCipher = new CbcBlockCipher(engine);
var cipher = new PaddedBufferedBlockCipher(blockCipher);
var cipherParams = new ParametersWithIV(new KeyParameter(keyBytes), ivBytes, 0, 16);
try
{
cipher.Init(false, cipherParams);
var decoded = cipher.DoFinal(encryptedPrivateKeyInfo.GetEncryptedData());
var rsaParams = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(decoded);
return(DotNetUtilities.ToRSA(rsaParams));
}
catch (InvalidCipherTextException)
{
return(null);
}
}
public PemObject Generate()
{
if (algorithm == null)
{
PrivateKeyInfo pki = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey);
return(new PemObject("PRIVATE KEY", pki.GetEncoded()));
}
// TODO Theoretically, the amount of salt needed depends on the algorithm
byte[] salt = new byte[20];
if (random == null)
{
random = new SecureRandom();
}
random.NextBytes(salt);
try
{
EncryptedPrivateKeyInfo epki = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
algorithm, password, salt, iterationCount, privKey);
return(new PemObject("ENCRYPTED PRIVATE KEY", epki.GetEncoded()));
}
catch (Exception e)
{
throw new PemGenerationException("Couldn't encrypt private key", e);
}
}
public object GetBagValue()
{
if (Type.Equals(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag))
{
return(new Pkcs8EncryptedPrivateKeyInfo(EncryptedPrivateKeyInfo.GetInstance(safeBag.BagValue)));
}
if (Type.Equals(PkcsObjectIdentifiers.CertBag))
{
CertBag certBag = CertBag.GetInstance(safeBag.BagValue);
return(new X509Certificate(X509CertificateStructure.GetInstance(Asn1OctetString.GetInstance(certBag.CertValue).GetOctets())));
}
if (Type.Equals(PkcsObjectIdentifiers.KeyBag))
{
return(PrivateKeyInfo.GetInstance(safeBag.BagValue));
}
if (Type.Equals(PkcsObjectIdentifiers.CrlBag))
{
CrlBag crlBag = CrlBag.GetInstance(safeBag.BagValue);
return(new X509Crl(CertificateList.GetInstance(Asn1OctetString.GetInstance(crlBag.CrlValue).GetOctets())));
}
return(safeBag.BagValue);
}
protected virtual void LoadPkcs8ShroudedKeyBag(EncryptedPrivateKeyInfo encPrivKeyInfo, Asn1Set bagAttributes, char[] password, bool wrongPkcs12Zero)
{
if (password != null)
{
PrivateKeyInfo privKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password, wrongPkcs12Zero, encPrivKeyInfo);
this.LoadKeyBag(privKeyInfo, bagAttributes);
}
}
/// <summary>
/// 获取一个密钥对,其中私钥是DES加密后的
/// </summary>
/// <param name="userPassword"></param>
/// <returns></returns>
public static bool CreateRSAKeypair(string pwd, ref KeyPair resultKeypair)
{
_error = "";
try
{
resultKeypair = new KeyPair {
publicKey = "", privateKey = ""
};
//RSA密钥对的构造器
RsaKeyPairGenerator keyGenerator = new RsaKeyPairGenerator();
//RSA密钥构造器的参数
RsaKeyGenerationParameters param = new RsaKeyGenerationParameters(
Org.BouncyCastle.Math.BigInteger.ValueOf(3),
new Org.BouncyCastle.Security.SecureRandom(),
1024, //密钥长度
25);
//用参数初始化密钥构造器
keyGenerator.Init(param);
//产生密钥对
AsymmetricCipherKeyPair keyPair = keyGenerator.GenerateKeyPair();
if (((RsaKeyParameters)keyPair.Public).Modulus.BitLength < 1024)
{
_error = "密钥生成失败,长度不足1024字节。";
return(false);
}
//获取公钥和密钥
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public);
Asn1Object asn1ObjectPublic = subjectPublicKeyInfo.ToAsn1Object();
byte[] pbkByte = asn1ObjectPublic.GetEncoded();
resultKeypair.publicKey = Convert.ToBase64String(pbkByte);
string alg = "1.2.840.113549.1.12.1.3"; // 3 key triple DES with SHA-1
byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
int count = 1000;
char[] password = pwd.ToCharArray();
EncryptedPrivateKeyInfo enPrivateKeyInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
alg,
password,
salt,
count,
keyPair.Private);
byte[] prkByte = enPrivateKeyInfo.ToAsn1Object().GetEncoded();
resultKeypair.privateKey = Convert.ToBase64String(prkByte);
return(true);
}
catch (Exception ex)
{
_error = ex.Message;
return(false);
}
}
/**
* Reads in an EncryptedPrivateKeyInfo
*
* @return the X509Certificate
*/
public Object ParseObject(PemObject obj)
{
try
{
return(new Pkcs8EncryptedPrivateKeyInfo(EncryptedPrivateKeyInfo.GetInstance(obj.GetContent())));
}
catch (Exception e)
{
throw new OpenSslPemParsingException("problem parsing ENCRYPTED PRIVATE KEY: " + e.ToString(), e);
}
}
/// <summary>
/// 获取私钥对象
/// </summary>
/// <param name="s">待解密字符串</param>
/// <param name="key">密钥</param>
/// <returns></returns>
public static AsymmetricKeyParameter GetPrivateKeyParameter(string encryptKey, string pwd)
{
byte[] privateKeyByte = Convert.FromBase64String(encryptKey);
Asn1Object aobj = Asn1Object.FromByteArray(privateKeyByte);
EncryptedPrivateKeyInfo enpri = EncryptedPrivateKeyInfo.GetInstance(aobj);
char[] password = pwd.ToCharArray();
PrivateKeyInfo priKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password, enpri);
AsymmetricKeyParameter result = PrivateKeyFactory.CreateKey(priKey);
return(result);
}
private PKCS8.PrivateKeyInfo GetPrivateKey(byte[] raw_data, string password)
{
EncryptedPrivateKeyInfo _keyinfo = new EncryptedPrivateKeyInfo(raw_data);
byte[] _byteKey = new byte[16]; // SEED로 암호화된 개인키를 복호화 하기 위한 Key
byte[] _byteIVt = new byte[16]; // SEED로 암호화된 개인키를 복호화 하기 위한 초기 벡터
//------------------------------------------------------------------------------------------------------------------------/
// seedCBCWithSHA1: signPri.key 파일을 ReadBytes() 한 경우
// Key Generation with SHA1 and Encryption with SEED CBC mode
//------------------------------------------------------------------------------------------------------------------------/
if (_keyinfo.Algorithm == "1.2.410.200004.1.15")
{
PasswordDeriveBytes _pbkdf1 = new PasswordDeriveBytes(password, _keyinfo.Salt, "SHA1", _keyinfo.IterationCount);
byte[] _byteDKey = ((DeriveBytes)_pbkdf1).GetBytes(20);
HashAlgorithm _sha1 = SHA1.Create();
byte[] _byteTmp = new byte[4]; // 초기 벡터를 구하기 위한 DK 값의 끝 4 바이트
Array.Copy(_byteDKey, 16, _byteTmp, 0, 4); // 초기 벡터는 DK 값의 뒷 4자리를 SHA1으로 해쉬했을 때 구할 수 있다.
byte[] _byteDiv = _sha1.ComputeHash(_byteTmp); // 초기 벡터를 구하기 위한 중간 값 --> DK의 끝 4바이트를 "SHA1"으로 해쉬한 값
Array.Copy(_byteDiv, 0, _byteIVt, 0, 16); // SHA1으로 해쉬한 값의 앞 16자리가 초기 벡터가 된다.
Array.Copy(_byteDKey, 0, _byteKey, 0, 16); // DK 값의 앞 16자리는 SEED를 복호화하기 위한 Key 값이다.
}
//------------------------------------------------------------------------------------------------------------------------/
// seedCBC: PBES2 encryption scheme
// SEED Encryption (CBC mode)
//------------------------------------------------------------------------------------------------------------------------/
else if (_keyinfo.Algorithm == "1.2.410.200004.1.4")
{
Rfc2898DeriveBytes _pbkdf2 = new Rfc2898DeriveBytes(Encoding.UTF8.GetBytes(password), _keyinfo.Salt, _keyinfo.IterationCount);
byte[] _byteDKey = _pbkdf2.GetBytes(20);
Array.Copy(SeedCs.SNG.IV, 0, _byteIVt, 0, 16); // IV 문자열 값은 "0123456789012345"
Array.Copy(_byteDKey, 0, _byteKey, 0, 16); // DK 값의 앞 16자리는 SEED를 복호화하기 위한 Key 값이다.
}
else
{
throw new ProxyException("undefined private data");
}
// SEED로 암호화 된 개인키를 복호화 한다. SEED는 국내표준, http://cnscenter.future.co.kr/std-algorithm/block.html 참조
byte[] _decryptedKey = SeedCs.SNG.Decrypt(_keyinfo.EncryptedData, _byteKey, true, _byteIVt);
// 복호화 된 개인키 바이트 배열을 이용하여 PKCS8.PrivateKeyInfo 객체를 생성한다.
// 그리고, 이를 C#에서 전자서명 또는 암호화 할 수 있는 RSA 객체로 변환한다.
return(new PKCS8.PrivateKeyInfo(_decryptedKey));
}
private static EncryptedPrivateKeyInfo parseBytes(byte[] pkcs8Encoding)
{
try
{
return(EncryptedPrivateKeyInfo.GetInstance(pkcs8Encoding));
}
catch (ArgumentException e)
{
throw new PkcsIOException("malformed data: " + e.Message, e);
}
catch (Exception e)
{
throw new PkcsIOException("malformed data: " + e.Message, e);
}
}
private ITestResult DoTest(
int id,
byte[] sample)
{
EncryptedPrivateKeyInfo info;
try
{
info = EncryptedPrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(sample));
}
catch (Exception e)
{
return(new SimpleTestResult(false, Name + ": test " + id + " failed construction - exception "
+ e.ToString()));
}
byte[] bytes;
try
{
bytes = info.GetDerEncoded();
}
catch (Exception e)
{
return(new SimpleTestResult(false,
Name + ": test " + id + " failed writing - exception " + e.ToString()));
}
if (!Arrays.AreEqual(bytes, sample))
{
try
{
Asn1Object obj = Asn1Object.FromByteArray(bytes);
return(new SimpleTestResult(false, Name + ": test " + id
+ " length mismatch - expected " + sample.Length + SimpleTest.NewLine
+ Asn1Dump.DumpAsString(info) + " got " + bytes.Length + SimpleTest.NewLine
+ Asn1Dump.DumpAsString(obj)));
}
catch (Exception e)
{
return(new SimpleTestResult(false, Name + ": test " + id + " data mismatch - exception " + e.ToString()));
}
}
return(new SimpleTestResult(true, Name + ": test " + id + " Okay"));
}
private static void savetheKey(AsymmetricKeyParameter publicKey, AsymmetricKeyParameter privateKey)
{
//保存公钥到文件
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
Asn1Object aobject = publicKeyInfo.ToAsn1Object();
byte[] pubInfoByte = aobject.GetEncoded();
FileStream fs = new FileStream(pubKeyFile, FileMode.Create, FileAccess.Write);
fs.Write(pubInfoByte, 0, pubInfoByte.Length);
fs.Close();
//保存私钥到文件
/*
* PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey);
* aobject = privateKeyInfo.ToAsn1Object();
* byte[] priInfoByte = aobject.GetEncoded();
* fs = new FileStream(@"E:/Desktop/a.pri", FileMode.Create, FileAccess.Write);
* fs.Write(priInfoByte, 0, priInfoByte.Length);
* fs.Close();
*/
string alg = "1.2.840.113549.1.12.1.3"; // 3 key triple DES with SHA-1
byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
int count = 1000;
char[] password = "******".ToCharArray();
EncryptedPrivateKeyInfo enPrivateKeyInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
alg,
password,
salt,
count,
privateKey);
byte[] priInfoByte = enPrivateKeyInfo.ToAsn1Object().GetEncoded();
fs = new FileStream(priKeyFile, FileMode.Create, FileAccess.Write);
fs.Write(priInfoByte, 0, priInfoByte.Length);
fs.Close();
//还原
//PrivateKeyInfo priInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password, enPrivateKeyInfo);
//AsymmetricKeyParameter privateKey = PrivateKeyFactory.CreateKey(priInfoByte);
}
public static PrivateKeyInfo createPrivateKeyInfo(
char[] passPhrase,
EncryptedPrivateKeyInfo encInfo)
{
CipherParameters keyParameters = PBEUtil.generateCipherParameters(encInfo.getEncryptionAlgorithm().getObjectId(), passPhrase, encInfo.getEncryptionAlgorithm().getParameters());
Object engine = PBEUtil.createEngine(encInfo.getEncryptionAlgorithm().getObjectId());
byte[] encoding = null;
if (engine is BufferedBlockCipher)
{
BufferedBlockCipher cipher = (BufferedBlockCipher)engine;
cipher.init(false, keyParameters);
byte[] keyBytes = encInfo.getEncryptedData();
int encLen = cipher.getOutputSize(keyBytes.Length);
encoding = new byte[encLen];
int off = cipher.processBytes(keyBytes, 0, keyBytes.Length, encoding, 0);
cipher.doFinal(encoding, off);
}
else if (engine is StreamCipher)
{
StreamCipher cipher = (StreamCipher)engine;
cipher.init(false, keyParameters);
byte[] keyBytes = encInfo.getEncryptedData();
encoding = new byte[keyBytes.Length];
cipher.processBytes(keyBytes, 0, keyBytes.Length, encoding, 0);
}
ASN1InputStream aIn = new ASN1InputStream(new MemoryStream(encoding));
return(PrivateKeyInfo.getInstance(aIn.readObject()));
}
public void RsaKeysGenerate(string PrivateKeyFilename, string PublicKeyFilename, string passw)
{
RsaKeyPairGenerator keyGenerator = new RsaKeyPairGenerator();
RsaKeyGenerationParameters param = new RsaKeyGenerationParameters(BigInteger.ValueOf(3L), new SecureRandom(), 1024, 25);
keyGenerator.Init(param);
AsymmetricCipherKeyPair keyPair = keyGenerator.GenerateKeyPair();
AsymmetricKeyParameter publicKey = keyPair.Public;
AsymmetricKeyParameter privateKey = keyPair.Private;
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
Asn1Object aobject = publicKeyInfo.ToAsn1Object();
byte[] pubInfoByte = aobject.GetEncoded();
System.IO.FileStream fs = new System.IO.FileStream(PublicKeyFilename, System.IO.FileMode.Create, System.IO.FileAccess.Write);
fs.Write(pubInfoByte, 0, pubInfoByte.Length);
fs.Close();
string alg = "1.2.840.113549.1.12.1.3";
byte[] salt = new byte[]
{
1,
2,
3,
4,
5,
6,
7,
8,
9,
10
};
int count = 1000;
char[] password = passw.ToCharArray();
EncryptedPrivateKeyInfo enPrivateKeyInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(alg, password, salt, count, privateKey);
byte[] priInfoByte = enPrivateKeyInfo.ToAsn1Object().GetEncoded();
fs = new System.IO.FileStream(PrivateKeyFilename, System.IO.FileMode.Create, System.IO.FileAccess.Write);
fs.Write(priInfoByte, 0, priInfoByte.Length);
fs.Close();
}
private static string EncryptPrivateKey(AsymmetricKeyParameter privateKey, string password)
{
// Create salts
byte[] aesIv = new byte[16];
byte[] keySalt = new byte[20];
SecureRandom randomGen = new SecureRandom();
randomGen.NextBytes(aesIv);
randomGen.NextBytes(keySalt);
try {
PrivateKeyInfo decryptedPrivateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey);
// Prepare encryption
Pkcs5S2ParametersGenerator pkcs5S2Gen = new Pkcs5S2ParametersGenerator();
pkcs5S2Gen.Init(PKCS5PasswordToBytes(password.ToCharArray()), keySalt, hashIterationCount);
ICipherParameters cipherParams = pkcs5S2Gen.GenerateDerivedParameters(NistObjectIdentifiers.IdAes256Cbc.Id, 256);
IBufferedCipher cipher = CipherUtilities.GetCipher(NistObjectIdentifiers.IdAes256Cbc);
cipher.Init(true, new ParametersWithIV(cipherParams, aesIv));
// Generate encrypted private key info
Asn1OctetString aesIvOctetString = new DerOctetString(aesIv);
KeyDerivationFunc keyFunction = new KeyDerivationFunc(PkcsObjectIdentifiers.IdPbkdf2, new Pbkdf2Params(keySalt, hashIterationCount));
EncryptionScheme encScheme = new EncryptionScheme(NistObjectIdentifiers.IdAes256Cbc, aesIvOctetString);
Asn1EncodableVector encryptionInfo = new Asn1EncodableVector {
keyFunction, encScheme
};
AlgorithmIdentifier algIdentifier = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, new DerSequence(encryptionInfo));
EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(algIdentifier, cipher.DoFinal(decryptedPrivateKeyInfo.GetEncoded()));
Org.BouncyCastle.Utilities.IO.Pem.PemObject pkPemObject = new Org.BouncyCastle.Utilities.IO.Pem.PemObject("ENCRYPTED PRIVATE KEY", encryptedPrivateKeyInfo.GetEncoded());
// Write the PEM object to a string
StringWriter txtWriter = new StringWriter();
PemWriter pemWriter = new PemWriter(txtWriter);
pemWriter.WriteObject(pkPemObject);
pemWriter.Writer.Close();
return(txtWriter.ToString());
} catch (Exception e) {
throw new CryptoException("Could not encrypt private key.", e);
}
}
public static PrivateKeyInfo CreatePrivateKeyInfo(
char[] passPhrase,
bool wrongPkcs12Zero,
EncryptedPrivateKeyInfo encInfo)
{
AlgorithmIdentifier algID = encInfo.EncryptionAlgorithm;
IBufferedCipher cipher = PbeUtilities.CreateEngine(algID) as IBufferedCipher;
if (cipher == null)
{
throw new Exception("Unknown encryption algorithm: " + algID.Algorithm);
}
ICipherParameters cipherParameters = PbeUtilities.GenerateCipherParameters(
algID, passPhrase, wrongPkcs12Zero);
cipher.Init(false, cipherParameters);
byte[] keyBytes = cipher.DoFinal(encInfo.GetEncryptedData());
return(PrivateKeyInfo.GetInstance(keyBytes));
}
public PemObject Generate()
{
if (algorithm == null)
{
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey);
return(new PemObject("PRIVATE KEY", privateKeyInfo.GetEncoded()));
}
byte[] array = new byte[20];
if (random == null)
{
random = new SecureRandom();
}
((Random)random).NextBytes(array);
try
{
EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(algorithm, password, array, iterationCount, privKey);
return(new PemObject("ENCRYPTED PRIVATE KEY", encryptedPrivateKeyInfo.GetEncoded()));
}
catch (global::System.Exception exception)
{
throw new PemGenerationException("Couldn't encrypt private key", exception);
}
}
public static string SavePrivateKey(AsymmetricKeyParameter privateKey)
{
//保存公钥到文件
string alg = "1.2.840.113549.1.12.1.3"; // 3 key triple DES with SHA-1
byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
int count = 1000;
char[] password = "******".ToCharArray();
EncryptedPrivateKeyInfo enPrivateKeyInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
alg,
password,
salt,
count,
privateKey);
byte[] priInfoByte = enPrivateKeyInfo.ToAsn1Object().GetEncoded();
return(Convert.ToBase64String(priInfoByte));
////还原
//PrivateKeyInfo priInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password, enPrivateKeyInfo);
//AsymmetricKeyParameter privateKey = PrivateKeyFactory.CreateKey(priInfoByte);
}
public static PrivateKeyInfo CreatePrivateKeyInfo(
char[] passPhrase,
bool wrongPkcs12Zero,
EncryptedPrivateKeyInfo encInfo)
{
AlgorithmIdentifier algID = encInfo.EncryptionAlgorithm;
IBufferedCipher cipher = PbeUtilities.CreateEngine(algID) as IBufferedCipher;
if (cipher == null)
{
// TODO Throw exception?
}
ICipherParameters keyParameters = PbeUtilities.GenerateCipherParameters(
algID, passPhrase, wrongPkcs12Zero);
cipher.Init(false, keyParameters);
byte[] keyBytes = encInfo.GetEncryptedData();
byte[] encoding = cipher.DoFinal(keyBytes);
Asn1Object asn1Data = Asn1Object.FromByteArray(encoding);
return(PrivateKeyInfo.GetInstance(asn1Data));
}
public static PrivateKeyInfo CreatePrivateKeyInfo(
char[] passPhrase,
EncryptedPrivateKeyInfo encInfo)
{
return(CreatePrivateKeyInfo(passPhrase, false, encInfo));
}
public void Save(
Stream stream,
char[] password,
SecureRandom random)
{
if (stream == null)
{
throw new ArgumentNullException("stream");
}
if (password == null)
{
throw new ArgumentNullException("password");
}
if (random == null)
{
throw new ArgumentNullException("random");
}
//
// handle the key
//
Asn1EncodableVector keyS = new Asn1EncodableVector();
foreach (string name in keys.Keys)
{
byte[] kSalt = new byte[SaltSize];
random.NextBytes(kSalt);
AsymmetricKeyEntry privKey = (AsymmetricKeyEntry)keys[name];
EncryptedPrivateKeyInfo kInfo =
EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
keyAlgorithm, password, kSalt, MinIterations, privKey.Key);
Asn1EncodableVector kName = new Asn1EncodableVector();
foreach (string oid in privKey.BagAttributeKeys)
{
Asn1Encodable entry = privKey[oid];
// NB: Ignore any existing FriendlyName
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
{
continue;
}
kName.Add(
new DerSequence(
new DerObjectIdentifier(oid),
new DerSet(entry)));
}
//
// make sure we are using the local alias on store
//
// NB: We always set the FriendlyName based on 'name'
//if (privKey[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
{
kName.Add(
new DerSequence(
PkcsObjectIdentifiers.Pkcs9AtFriendlyName,
new DerSet(new DerBmpString(name))));
}
//
// make sure we have a local key-id
//
if (privKey[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null)
{
X509CertificateEntry ct = GetCertificate(name);
IAsymmetricKeyParameter pubKey = ct.Certificate.GetPublicKey();
SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey);
kName.Add(
new DerSequence(
PkcsObjectIdentifiers.Pkcs9AtLocalKeyID,
new DerSet(subjectKeyID)));
}
SafeBag kBag = new SafeBag(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag, kInfo.ToAsn1Object(), new DerSet(kName));
keyS.Add(kBag);
}
byte[] derEncodedBytes = new DerSequence(keyS).GetDerEncoded();
BerOctetString keyString = new BerOctetString(derEncodedBytes);
//
// certificate processing
//
byte[] cSalt = new byte[SaltSize];
random.NextBytes(cSalt);
Asn1EncodableVector certSeq = new Asn1EncodableVector();
Pkcs12PbeParams cParams = new Pkcs12PbeParams(cSalt, MinIterations);
AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.ToAsn1Object());
ISet doneCerts = new HashSet();
foreach (string name in keys.Keys)
{
X509CertificateEntry certEntry = GetCertificate(name);
CertBag cBag = new CertBag(
PkcsObjectIdentifiers.X509Certificate,
new DerOctetString(certEntry.Certificate.GetEncoded()));
Asn1EncodableVector fName = new Asn1EncodableVector();
foreach (string oid in certEntry.BagAttributeKeys)
{
Asn1Encodable entry = certEntry[oid];
// NB: Ignore any existing FriendlyName
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
{
continue;
}
fName.Add(
new DerSequence(
new DerObjectIdentifier(oid),
new DerSet(entry)));
}
//
// make sure we are using the local alias on store
//
// NB: We always set the FriendlyName based on 'name'
//if (certEntry[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
{
fName.Add(
new DerSequence(
PkcsObjectIdentifiers.Pkcs9AtFriendlyName,
new DerSet(new DerBmpString(name))));
}
//
// make sure we have a local key-id
//
if (certEntry[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null)
{
IAsymmetricKeyParameter pubKey = certEntry.Certificate.GetPublicKey();
SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey);
fName.Add(
new DerSequence(
PkcsObjectIdentifiers.Pkcs9AtLocalKeyID,
new DerSet(subjectKeyID)));
}
SafeBag sBag = new SafeBag(
PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName));
certSeq.Add(sBag);
doneCerts.Add(certEntry.Certificate);
}
foreach (string certId in certs.Keys)
{
X509CertificateEntry cert = (X509CertificateEntry)certs[certId];
if (keys[certId] != null)
{
continue;
}
CertBag cBag = new CertBag(
PkcsObjectIdentifiers.X509Certificate,
new DerOctetString(cert.Certificate.GetEncoded()));
Asn1EncodableVector fName = new Asn1EncodableVector();
foreach (string oid in cert.BagAttributeKeys)
{
// a certificate not immediately linked to a key doesn't require
// a localKeyID and will confuse some PKCS12 implementations.
//
// If we find one, we'll prune it out.
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
{
continue;
}
Asn1Encodable entry = cert[oid];
// NB: Ignore any existing FriendlyName
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
{
continue;
}
fName.Add(
new DerSequence(
new DerObjectIdentifier(oid),
new DerSet(entry)));
}
//
// make sure we are using the local alias on store
//
// NB: We always set the FriendlyName based on 'certId'
//if (cert[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
{
fName.Add(
new DerSequence(
PkcsObjectIdentifiers.Pkcs9AtFriendlyName,
new DerSet(new DerBmpString(certId))));
}
SafeBag sBag = new SafeBag(PkcsObjectIdentifiers.CertBag,
cBag.ToAsn1Object(), new DerSet(fName));
certSeq.Add(sBag);
doneCerts.Add(cert.Certificate);
}
foreach (CertId certId in chainCerts.Keys)
{
X509CertificateEntry cert = (X509CertificateEntry)chainCerts[certId];
if (doneCerts.Contains(cert.Certificate))
{
continue;
}
CertBag cBag = new CertBag(
PkcsObjectIdentifiers.X509Certificate,
new DerOctetString(cert.Certificate.GetEncoded()));
Asn1EncodableVector fName = new Asn1EncodableVector();
foreach (string oid in cert.BagAttributeKeys)
{
// a certificate not immediately linked to a key doesn't require
// a localKeyID and will confuse some PKCS12 implementations.
//
// If we find one, we'll prune it out.
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
{
continue;
}
fName.Add(
new DerSequence(
new DerObjectIdentifier(oid),
new DerSet(cert[oid])));
}
SafeBag sBag = new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName));
certSeq.Add(sBag);
}
derEncodedBytes = new DerSequence(certSeq).GetDerEncoded();
byte[] certBytes = CryptPbeData(true, cAlgId, password, false, derEncodedBytes);
EncryptedData cInfo = new EncryptedData(PkcsObjectIdentifiers.Data, cAlgId, new BerOctetString(certBytes));
ContentInfo[] info = new ContentInfo[]
{
new ContentInfo(PkcsObjectIdentifiers.Data, keyString),
new ContentInfo(PkcsObjectIdentifiers.EncryptedData, cInfo.ToAsn1Object())
};
byte[] data = new AuthenticatedSafe(info).GetEncoded(
useDerEncoding ? Asn1Encodable.Der : Asn1Encodable.Ber);
ContentInfo mainInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(data));
//
// create the mac
//
byte[] mSalt = new byte[20];
random.NextBytes(mSalt);
byte[] mac = CalculatePbeMac(OiwObjectIdentifiers.IdSha1,
mSalt, MinIterations, password, false, data);
AlgorithmIdentifier algId = new AlgorithmIdentifier(
OiwObjectIdentifiers.IdSha1, DerNull.Instance);
DigestInfo dInfo = new DigestInfo(algId, mac);
MacData mData = new MacData(dInfo, mSalt, MinIterations);
//
// output the Pfx
//
Pfx pfx = new Pfx(mainInfo, mData);
DerOutputStream derOut;
if (useDerEncoding)
{
derOut = new DerOutputStream(stream);
}
else
{
derOut = new BerOutputStream(stream);
}
derOut.WriteObject(pfx);
}
public void Load(
Stream input,
char[] password)
{
if (input == null)
{
throw new ArgumentNullException("input");
}
if (password == null)
{
throw new ArgumentNullException("password");
}
Asn1Sequence obj = (Asn1Sequence)Asn1Object.FromStream(input);
Pfx bag = new Pfx(obj);
ContentInfo info = bag.AuthSafe;
bool unmarkedKey = false;
bool wrongPkcs12Zero = false;
if (bag.MacData != null) // check the mac code
{
MacData mData = bag.MacData;
DigestInfo dInfo = mData.Mac;
AlgorithmIdentifier algId = dInfo.AlgorithmID;
byte[] salt = mData.GetSalt();
int itCount = mData.IterationCount.IntValue;
byte[] data = ((Asn1OctetString)info.Content).GetOctets();
byte[] mac = CalculatePbeMac(algId.ObjectID, salt, itCount, password, false, data);
byte[] dig = dInfo.GetDigest();
if (!Arrays.ConstantTimeAreEqual(mac, dig))
{
if (password.Length > 0)
{
throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file.");
}
// Try with incorrect zero length password
mac = CalculatePbeMac(algId.ObjectID, salt, itCount, password, true, data);
if (!Arrays.ConstantTimeAreEqual(mac, dig))
{
throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file.");
}
wrongPkcs12Zero = true;
}
}
keys.Clear();
localIds.Clear();
IList chain = Platform.CreateArrayList();
if (info.ContentType.Equals(PkcsObjectIdentifiers.Data))
{
byte[] octs = ((Asn1OctetString)info.Content).GetOctets();
AuthenticatedSafe authSafe = new AuthenticatedSafe(
(Asn1Sequence)Asn1OctetString.FromByteArray(octs));
ContentInfo[] cis = authSafe.GetContentInfo();
foreach (ContentInfo ci in cis)
{
DerObjectIdentifier oid = ci.ContentType;
if (oid.Equals(PkcsObjectIdentifiers.Data))
{
byte[] octets = ((Asn1OctetString)ci.Content).GetOctets();
Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(octets);
foreach (Asn1Sequence subSeq in seq)
{
SafeBag b = new SafeBag(subSeq);
if (b.BagID.Equals(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag))
{
EncryptedPrivateKeyInfo eIn = EncryptedPrivateKeyInfo.GetInstance(b.BagValue);
PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(
password, wrongPkcs12Zero, eIn);
IAsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privInfo);
//
// set the attributes on the key
//
IDictionary attributes = Platform.CreateHashtable();
AsymmetricKeyEntry pkcs12Key = new AsymmetricKeyEntry(privKey, attributes);
string alias = null;
Asn1OctetString localId = null;
if (b.BagAttributes != null)
{
foreach (Asn1Sequence sq in b.BagAttributes)
{
DerObjectIdentifier aOid = (DerObjectIdentifier)sq[0];
Asn1Set attrSet = (Asn1Set)sq[1];
Asn1Encodable attr = null;
if (attrSet.Count > 0)
{
// TODO We should be adding all attributes in the set
attr = attrSet[0];
// TODO We might want to "merge" attribute sets with
// the same OID - currently, differing values give an error
if (attributes.Contains(aOid.Id))
{
// OK, but the value has to be the same
if (!attributes[aOid.Id].Equals(attr))
{
throw new IOException("attempt to add existing attribute with different value");
}
}
else
{
attributes.Add(aOid.Id, attr);
}
if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
{
alias = ((DerBmpString)attr).GetString();
// TODO Do these in a separate loop, just collect aliases here
keys[alias] = pkcs12Key;
}
else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
{
localId = (Asn1OctetString)attr;
}
}
}
}
if (localId != null)
{
string name = Hex.ToHexString(localId.GetOctets());
if (alias == null)
{
keys[name] = pkcs12Key;
}
else
{
// TODO There may have been more than one alias
localIds[alias] = name;
}
}
else
{
unmarkedKey = true;
keys["unmarked"] = pkcs12Key;
}
}
else if (b.BagID.Equals(PkcsObjectIdentifiers.CertBag))
{
chain.Add(b);
}
else
{
#if !NETFX_CORE
Console.WriteLine("extra " + b.BagID);
Console.WriteLine("extra " + Asn1Dump.DumpAsString(b));
#endif
}
}
}
else if (oid.Equals(PkcsObjectIdentifiers.EncryptedData))
{
EncryptedData d = EncryptedData.GetInstance(ci.Content);
byte[] octets = CryptPbeData(false, d.EncryptionAlgorithm,
password, wrongPkcs12Zero, d.Content.GetOctets());
Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(octets);
foreach (Asn1Sequence subSeq in seq)
{
SafeBag b = new SafeBag(subSeq);
if (b.BagID.Equals(PkcsObjectIdentifiers.CertBag))
{
chain.Add(b);
}
else if (b.BagID.Equals(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag))
{
EncryptedPrivateKeyInfo eIn = EncryptedPrivateKeyInfo.GetInstance(b.BagValue);
PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(
password, wrongPkcs12Zero, eIn);
IAsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privInfo);
//
// set the attributes on the key
//
IDictionary attributes = Platform.CreateHashtable();
AsymmetricKeyEntry pkcs12Key = new AsymmetricKeyEntry(privKey, attributes);
string alias = null;
Asn1OctetString localId = null;
foreach (Asn1Sequence sq in b.BagAttributes)
{
DerObjectIdentifier aOid = (DerObjectIdentifier)sq[0];
Asn1Set attrSet = (Asn1Set)sq[1];
Asn1Encodable attr = null;
if (attrSet.Count > 0)
{
// TODO We should be adding all attributes in the set
attr = attrSet[0];
// TODO We might want to "merge" attribute sets with
// the same OID - currently, differing values give an error
if (attributes.Contains(aOid.Id))
{
// OK, but the value has to be the same
if (!attributes[aOid.Id].Equals(attr))
{
throw new IOException("attempt to add existing attribute with different value");
}
}
else
{
attributes.Add(aOid.Id, attr);
}
if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
{
alias = ((DerBmpString)attr).GetString();
// TODO Do these in a separate loop, just collect aliases here
keys[alias] = pkcs12Key;
}
else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
{
localId = (Asn1OctetString)attr;
}
}
}
// TODO Should we be checking localIds != null here
// as for PkcsObjectIdentifiers.Data version above?
string name = Hex.ToHexString(localId.GetOctets());
if (alias == null)
{
keys[name] = pkcs12Key;
}
else
{
// TODO There may have been more than one alias
localIds[alias] = name;
}
}
else if (b.BagID.Equals(PkcsObjectIdentifiers.KeyBag))
{
PrivateKeyInfo privKeyInfo = PrivateKeyInfo.GetInstance(b.BagValue);
IAsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyInfo);
//
// set the attributes on the key
//
string alias = null;
Asn1OctetString localId = null;
IDictionary attributes = Platform.CreateHashtable();
AsymmetricKeyEntry pkcs12Key = new AsymmetricKeyEntry(privKey, attributes);
foreach (Asn1Sequence sq in b.BagAttributes)
{
DerObjectIdentifier aOid = (DerObjectIdentifier)sq[0];
Asn1Set attrSet = (Asn1Set)sq[1];
Asn1Encodable attr = null;
if (attrSet.Count > 0)
{
// TODO We should be adding all attributes in the set
attr = attrSet[0];
// TODO We might want to "merge" attribute sets with
// the same OID - currently, differing values give an error
if (attributes.Contains(aOid.Id))
{
// OK, but the value has to be the same
if (!attributes[aOid.Id].Equals(attr))
{
throw new IOException("attempt to add existing attribute with different value");
}
}
else
{
attributes.Add(aOid.Id, attr);
}
if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
{
alias = ((DerBmpString)attr).GetString();
// TODO Do these in a separate loop, just collect aliases here
keys[alias] = pkcs12Key;
}
else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
{
localId = (Asn1OctetString)attr;
}
}
}
// TODO Should we be checking localIds != null here
// as for PkcsObjectIdentifiers.Data version above?
string name = Hex.ToHexString(localId.GetOctets());
if (alias == null)
{
keys[name] = pkcs12Key;
}
else
{
// TODO There may have been more than one alias
localIds[alias] = name;
}
}
else
{
#if !NETFX_CORE
Console.WriteLine("extra " + b.BagID);
Console.WriteLine("extra " + Asn1Dump.DumpAsString(b));
#endif
}
}
}
else
{
#if !NETFX_CORE
Console.WriteLine("extra " + oid);
Console.WriteLine("extra " + Asn1Dump.DumpAsString(ci.Content));
#endif
}
}
}
certs.Clear();
chainCerts.Clear();
keyCerts.Clear();
foreach (SafeBag b in chain)
{
CertBag cb = new CertBag((Asn1Sequence)b.BagValue);
byte[] octets = ((Asn1OctetString)cb.CertValue).GetOctets();
X509Certificate cert = new X509CertificateParser().ReadCertificate(octets);
//
// set the attributes
//
IDictionary attributes = Platform.CreateHashtable();
Asn1OctetString localId = null;
string alias = null;
if (b.BagAttributes != null)
{
foreach (Asn1Sequence sq in b.BagAttributes)
{
DerObjectIdentifier aOid = (DerObjectIdentifier)sq[0];
Asn1Set attrSet = (Asn1Set)sq[1];
if (attrSet.Count > 0)
{
// TODO We should be adding all attributes in the set
Asn1Encodable attr = attrSet[0];
// TODO We might want to "merge" attribute sets with
// the same OID - currently, differing values give an error
if (attributes.Contains(aOid.Id))
{
// OK, but the value has to be the same
if (!attributes[aOid.Id].Equals(attr))
{
throw new IOException("attempt to add existing attribute with different value");
}
}
else
{
attributes.Add(aOid.Id, attr);
}
if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
{
alias = ((DerBmpString)attr).GetString();
}
else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
{
localId = (Asn1OctetString)attr;
}
}
}
}
CertId certId = new CertId(cert.GetPublicKey());
X509CertificateEntry pkcs12Cert = new X509CertificateEntry(cert, attributes);
chainCerts[certId] = pkcs12Cert;
if (unmarkedKey)
{
if (keyCerts.Count == 0)
{
string name = Hex.ToHexString(certId.Id);
keyCerts[name] = pkcs12Cert;
object temp = keys["unmarked"];
keys.Remove("unmarked");
keys[name] = temp;
}
}
else
{
if (localId != null)
{
string name = Hex.ToHexString(localId.GetOctets());
keyCerts[name] = pkcs12Cert;
}
if (alias != null)
{
// TODO There may have been more than one alias
certs[alias] = pkcs12Cert;
}
}
}
}
public void Load(
Stream input,
char[] password)
{
if (input == null)
{
throw new ArgumentNullException("input");
}
Asn1Sequence obj = (Asn1Sequence)Asn1Object.FromStream(input);
Pfx bag = new Pfx(obj);
ContentInfo info = bag.AuthSafe;
bool wrongPkcs12Zero = false;
if (password != null && bag.MacData != null) // check the mac code
{
MacData mData = bag.MacData;
DigestInfo dInfo = mData.Mac;
AlgorithmIdentifier algId = dInfo.AlgorithmID;
byte[] salt = mData.GetSalt();
int itCount = mData.IterationCount.IntValue;
byte[] data = ((Asn1OctetString)info.Content).GetOctets();
byte[] mac = CalculatePbeMac(algId.Algorithm, salt, itCount, password, false, data);
byte[] dig = dInfo.GetDigest();
if (!Arrays.ConstantTimeAreEqual(mac, dig))
{
if (password.Length > 0)
{
throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file.");
}
// Try with incorrect zero length password
mac = CalculatePbeMac(algId.Algorithm, salt, itCount, password, true, data);
if (!Arrays.ConstantTimeAreEqual(mac, dig))
{
throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file.");
}
wrongPkcs12Zero = true;
}
}
keys.Clear();
localIds.Clear();
unmarkedKeyEntry = null;
IList certBags = Platform.CreateArrayList();
if (info.ContentType.Equals(PkcsObjectIdentifiers.Data))
{
byte[] octs = ((Asn1OctetString)info.Content).GetOctets();
AuthenticatedSafe authSafe = new AuthenticatedSafe(
(Asn1Sequence)Asn1OctetString.FromByteArray(octs));
ContentInfo[] cis = authSafe.GetContentInfo();
foreach (ContentInfo ci in cis)
{
DerObjectIdentifier oid = ci.ContentType;
byte[] octets = null;
if (oid.Equals(PkcsObjectIdentifiers.Data))
{
octets = ((Asn1OctetString)ci.Content).GetOctets();
}
else if (oid.Equals(PkcsObjectIdentifiers.EncryptedData))
{
if (password != null)
{
EncryptedData d = EncryptedData.GetInstance(ci.Content);
octets = CryptPbeData(false, d.EncryptionAlgorithm,
password, wrongPkcs12Zero, d.Content.GetOctets());
}
}
else
{
// TODO Other data types
}
if (octets != null)
{
Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(octets);
foreach (Asn1Sequence subSeq in seq)
{
SafeBag b = new SafeBag(subSeq);
if (b.BagID.Equals(PkcsObjectIdentifiers.CertBag))
{
certBags.Add(b);
}
else if (b.BagID.Equals(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag))
{
LoadPkcs8ShroudedKeyBag(EncryptedPrivateKeyInfo.GetInstance(b.BagValue),
b.BagAttributes, password, wrongPkcs12Zero);
}
else if (b.BagID.Equals(PkcsObjectIdentifiers.KeyBag))
{
LoadKeyBag(PrivateKeyInfo.GetInstance(b.BagValue), b.BagAttributes);
}
else
{
// TODO Other bag types
}
}
}
}
}
certs.Clear();
chainCerts.Clear();
keyCerts.Clear();
foreach (SafeBag b in certBags)
{
CertBag certBag = new CertBag((Asn1Sequence)b.BagValue);
byte[] octets = ((Asn1OctetString)certBag.CertValue).GetOctets();
X509Certificate cert = new X509CertificateParser().ReadCertificate(octets);
//
// set the attributes
//
IDictionary attributes = Platform.CreateHashtable();
Asn1OctetString localId = null;
string alias = null;
if (b.BagAttributes != null)
{
foreach (Asn1Sequence sq in b.BagAttributes)
{
DerObjectIdentifier aOid = DerObjectIdentifier.GetInstance(sq[0]);
Asn1Set attrSet = Asn1Set.GetInstance(sq[1]);
if (attrSet.Count > 0)
{
// TODO We should be adding all attributes in the set
Asn1Encodable attr = attrSet[0];
// TODO We might want to "merge" attribute sets with
// the same OID - currently, differing values give an error
if (attributes.Contains(aOid.Id))
{
// OK, but the value has to be the same
if (!attributes[aOid.Id].Equals(attr))
{
throw new IOException("attempt to add existing attribute with different value");
}
}
else
{
attributes.Add(aOid.Id, attr);
}
if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
{
alias = ((DerBmpString)attr).GetString();
}
else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
{
localId = (Asn1OctetString)attr;
}
}
}
}
CertId certId = new CertId(cert.GetPublicKey());
X509CertificateEntry certEntry = new X509CertificateEntry(cert, attributes);
chainCerts[certId] = certEntry;
if (unmarkedKeyEntry != null)
{
if (keyCerts.Count == 0)
{
string name = Hex.ToHexString(certId.Id);
keyCerts[name] = certEntry;
keys[name] = unmarkedKeyEntry;
}
}
else
{
if (localId != null)
{
string name = Hex.ToHexString(localId.GetOctets());
keyCerts[name] = certEntry;
}
if (alias != null)
{
// TODO There may have been more than one alias
certs[alias] = certEntry;
}
}
}
}
private void basicStoreTest(AsymmetricKeyEntry privKey, X509CertificateEntry[] chain,
DerObjectIdentifier keyAlgorithm, DerObjectIdentifier certAlgorithm)
{
Pkcs12Store store = new Pkcs12StoreBuilder()
.SetKeyAlgorithm(keyAlgorithm)
.SetCertAlgorithm(certAlgorithm)
.Build();
store.SetKeyEntry("key", privKey, chain);
MemoryStream bOut = new MemoryStream();
store.Save(bOut, passwd, new SecureRandom());
store.Load(new MemoryStream(bOut.ToArray(), false), passwd);
AsymmetricKeyEntry k = store.GetKey("key");
if (!k.Equals(privKey))
{
Fail("private key didn't match");
}
X509CertificateEntry[] c = store.GetCertificateChain("key");
if (c.Length != chain.Length || !c[0].Equals(chain[0]))
{
Fail("certificates didn't match");
}
// check attributes
Pkcs12Entry b1 = k;
Pkcs12Entry b2 = chain[0];
if (b1[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] != null)
{
DerBmpString name = (DerBmpString)b1[PkcsObjectIdentifiers.Pkcs9AtFriendlyName];
if (!name.Equals(new DerBmpString("key")))
{
Fail("friendly name wrong");
}
}
else
{
Fail("no friendly name found on key");
}
if (b1[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] != null)
{
Asn1OctetString id = (Asn1OctetString)b1[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID];
if (!id.Equals(b2[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID]))
{
Fail("local key id mismatch");
}
}
else
{
Fail("no local key id found");
}
//
// check algorithm types.
//
Asn1InputStream aIn = new Asn1InputStream(bOut.ToArray());
Pfx pfx = new Pfx((Asn1Sequence)aIn.ReadObject());
ContentInfo cInfo = pfx.AuthSafe;
Asn1OctetString auth = (Asn1OctetString)cInfo.Content;
aIn = new Asn1InputStream(auth.GetOctets());
Asn1Sequence s1 = (Asn1Sequence)aIn.ReadObject();
ContentInfo c1 = ContentInfo.GetInstance(s1[0]);
ContentInfo c2 = ContentInfo.GetInstance(s1[1]);
aIn = new Asn1InputStream(((Asn1OctetString)c1.Content).GetOctets());
SafeBag sb = new SafeBag((Asn1Sequence)(((Asn1Sequence)aIn.ReadObject())[0]));
EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.GetInstance(sb.BagValue);
// check the key encryption
if (!encInfo.EncryptionAlgorithm.Algorithm.Equals(keyAlgorithm))
{
Fail("key encryption algorithm wrong");
}
// check the certificate encryption
EncryptedData cb = EncryptedData.GetInstance(c2.Content);
if (!cb.EncryptionAlgorithm.Algorithm.Equals(certAlgorithm))
{
Fail("cert encryption algorithm wrong");
}
}
private object ReadPrivateKey(PemObject pemObject)
{
string text = pemObject.Type.Substring(0, pemObject.Type.Length - "PRIVATE KEY".Length).Trim();
byte[] array = pemObject.Content;
IDictionary dictionary = Platform.CreateHashtable();
foreach (PemHeader pemHeader in pemObject.Headers)
{
dictionary[pemHeader.Name] = pemHeader.Value;
}
string a = (string)dictionary["Proc-Type"];
if (a == "4,ENCRYPTED")
{
if (this.pFinder == null)
{
throw new PasswordException("No password finder specified, but a password is required");
}
char[] password = this.pFinder.GetPassword();
if (password == null)
{
throw new PasswordException("Password is null, but a password is required");
}
string text2 = (string)dictionary["DEK-Info"];
string[] array2 = text2.Split(new char[]
{
','
});
string dekAlgName = array2[0].Trim();
byte[] iv = Hex.Decode(array2[1].Trim());
array = PemUtilities.Crypt(false, array, password, dekAlgName, iv);
}
object result;
try
{
Asn1Sequence instance = Asn1Sequence.GetInstance(array);
string a2;
if ((a2 = text) != null)
{
AsymmetricKeyParameter asymmetricKeyParameter;
AsymmetricKeyParameter publicParameter;
if (!(a2 == "RSA"))
{
if (!(a2 == "DSA"))
{
if (!(a2 == "EC"))
{
if (!(a2 == "ENCRYPTED"))
{
if (!(a2 == ""))
{
goto IL_356;
}
result = PrivateKeyFactory.CreateKey(PrivateKeyInfo.GetInstance(instance));
return(result);
}
else
{
char[] password2 = this.pFinder.GetPassword();
if (password2 == null)
{
throw new PasswordException("Password is null, but a password is required");
}
result = PrivateKeyFactory.DecryptKey(password2, EncryptedPrivateKeyInfo.GetInstance(instance));
return(result);
}
}
else
{
ECPrivateKeyStructure eCPrivateKeyStructure = new ECPrivateKeyStructure(instance);
AlgorithmIdentifier algID = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, eCPrivateKeyStructure.GetParameters());
PrivateKeyInfo keyInfo = new PrivateKeyInfo(algID, eCPrivateKeyStructure.ToAsn1Object());
asymmetricKeyParameter = PrivateKeyFactory.CreateKey(keyInfo);
DerBitString publicKey = eCPrivateKeyStructure.GetPublicKey();
if (publicKey != null)
{
SubjectPublicKeyInfo keyInfo2 = new SubjectPublicKeyInfo(algID, publicKey.GetBytes());
publicParameter = PublicKeyFactory.CreateKey(keyInfo2);
}
else
{
publicParameter = ECKeyPairGenerator.GetCorrespondingPublicKey((ECPrivateKeyParameters)asymmetricKeyParameter);
}
}
}
else
{
if (instance.Count != 6)
{
throw new PemException("malformed sequence in DSA private key");
}
DerInteger derInteger = (DerInteger)instance[1];
DerInteger derInteger2 = (DerInteger)instance[2];
DerInteger derInteger3 = (DerInteger)instance[3];
DerInteger derInteger4 = (DerInteger)instance[4];
DerInteger derInteger5 = (DerInteger)instance[5];
DsaParameters parameters = new DsaParameters(derInteger.Value, derInteger2.Value, derInteger3.Value);
asymmetricKeyParameter = new DsaPrivateKeyParameters(derInteger5.Value, parameters);
publicParameter = new DsaPublicKeyParameters(derInteger4.Value, parameters);
}
}
else
{
if (instance.Count != 9)
{
throw new PemException("malformed sequence in RSA private key");
}
RsaPrivateKeyStructure instance2 = RsaPrivateKeyStructure.GetInstance(instance);
publicParameter = new RsaKeyParameters(false, instance2.Modulus, instance2.PublicExponent);
asymmetricKeyParameter = new RsaPrivateCrtKeyParameters(instance2.Modulus, instance2.PublicExponent, instance2.PrivateExponent, instance2.Prime1, instance2.Prime2, instance2.Exponent1, instance2.Exponent2, instance2.Coefficient);
}
result = new AsymmetricCipherKeyPair(publicParameter, asymmetricKeyParameter);
return(result);
}
IL_356:
throw new ArgumentException("Unknown key type: " + text, "type");
}
catch (IOException ex)
{
throw ex;
}
catch (Exception ex2)
{
throw new PemException("problem creating " + text + " private key: " + ex2.ToString());
}
return(result);
}
private const string alg = "1.2.840.113549.1.12.1.3"; // 3 key triple DES with SHA-1
public override void PerformTest()
{
IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA");
fact.Init(new KeyGenerationParameters(new SecureRandom(), 512));
AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair();
AsymmetricKeyParameter priKey = keyPair.Private;
AsymmetricKeyParameter pubKey = keyPair.Public;
//
// set up the parameters
//
byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
int iterationCount = 100;
Asn1Encodable defParams = PbeUtilities.GenerateAlgorithmParameters(alg, salt, iterationCount);
char[] password1 = { 'h', 'e', 'l', 'l', 'o' };
// AlgorithmParameters parameters = AlgorithmParameters.getInstance(alg);
//
// parameters.init(defParams);
//
// set up the key
//
// PBEKeySpec pbeSpec = new PBEKeySpec(password1);
// SecretKeyFactory keyFact = SecretKeyFactory.getInstance(alg);
// IBufferedCipher cipher = CipherUtilities.GetCipher(alg);
IWrapper wrapper = WrapperUtilities.GetWrapper(alg);
ICipherParameters parameters = PbeUtilities.GenerateCipherParameters(
alg, password1, defParams);
// cipher.Init(IBufferedCipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), parameters);
wrapper.Init(true, parameters);
// byte[] wrappedKey = cipher.Wrap(priKey);
byte[] pkb = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey).GetDerEncoded();
byte[] wrappedKey = wrapper.Wrap(pkb, 0, pkb.Length);
//
// create encrypted object
//
// TODO Figure out what this was supposed to do
// EncryptedPrivateKeyInfo pInfo = new EncryptedPrivateKeyInfo(parameters, wrappedKey);
PrivateKeyInfo plain = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey);
EncryptedPrivateKeyInfo pInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
alg, password1, salt, iterationCount, plain);
//
// decryption step
//
char[] password2 = { 'h', 'e', 'l', 'l', 'o' };
// pbeSpec = new PBEKeySpec(password2);
//
// cipher = CipherUtilities.GetCipher(pInfo.EncryptionAlgorithm);
//
// cipher.Init(false, keyFact.generateSecret(pbeSpec), pInfo.getAlgParameters());
//
// PKCS8EncodedKeySpec keySpec = pInfo.getKeySpec(cipher);
PrivateKeyInfo decrypted = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password2, pInfo);
// if (!MessageDigest.isEqual(priKey.GetEncoded(), keySpec.GetEncoded()))
if (!decrypted.Equals(plain))
{
Fail("Private key does not match");
}
//
// using ICipherParameters test
//
// pbeSpec = new PBEKeySpec(password1);
// keyFact = SecretKeyFactory.getInstance(alg);
// cipher = CipherUtilities.GetCipher(alg);
wrapper = WrapperUtilities.GetWrapper(alg);
// cipher.init(IBufferedCipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), parameters);
wrapper.Init(true, parameters);
// wrappedKey = cipher.wrap(priKey);
wrappedKey = wrapper.Wrap(pkb, 0, pkb.Length);
//
// create encrypted object
//
// TODO Figure out what this was supposed to do
// pInfo = new EncryptedPrivateKeyInfo(cipher.getParameters(), wrappedKey);
plain = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey);
pInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
alg, password1, salt, iterationCount, plain);
//
// decryption step
//
// pbeSpec = new PBEKeySpec(password2);
//
// cipher = CipherUtilities.GetCipher(pInfo.getAlgName());
//
// cipher.init(IBufferedCipher.DECRYPT_MODE, keyFact.generateSecret(pbeSpec), pInfo.getAlgParameters());
//
// keySpec = pInfo.getKeySpec(cipher);
decrypted = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password2, pInfo);
// if (!MessageDigest.isEqual(priKey.GetEncoded(), keySpec.GetEncoded()))
if (!decrypted.Equals(plain))
{
Fail("Private key does not match");
}
}
