public X509Reader(PublicKeyReaderRegistry keyReaderRegistry, byte[] input) { SecurityAssert.NotNull(input); _keyReaderRegistry = keyReaderRegistry; _input = input; }
public RSAPrivateKey(ASN1Object asn1Key) { // NOTE: currently only supporting PKCS#1 without optional OtherPrimeInfos var keySeq = asn1Key as ASN1Sequence; SecurityAssert.NotNull(keySeq); SecurityAssert.Assert(keySeq !.Count == 9); Modulus = GetInteger(keySeq, 1); var publicExponent = GetInteger(keySeq, 2); Exponent = GetInteger(keySeq, 3); var prime1 = GetInteger(keySeq, 4); var prime2 = GetInteger(keySeq, 5); var exponent1 = GetInteger(keySeq, 6); var exponent2 = GetInteger(keySeq, 7); // TODO var coefficent = GetInteger(keySeq, 8); SecurityAssert.Assert(Modulus == prime1 * prime2); SecurityAssert.Assert(exponent1 == Exponent % (prime1 - 1)); SecurityAssert.Assert(exponent2 == Exponent % (prime2 - 1)); // TODO assert Coefficent == ((inverse of q) mod p) PublicKey = new RSAPublicKey(Modulus, publicExponent); }
public void Decrypt(byte[] input, int inputOffset, byte[] output, int outputOffset, int length) { SecurityAssert.AssertBuffer(input, inputOffset, length); SecurityAssert.NotNull(PrivateKey); var k = PrivateKey !.Modulus.GetByteLength(); SecurityAssert.Assert(k >= 11); SecurityAssert.Assert(length == k); var c = OS2IP(input, inputOffset, length); var m = DecryptPrimative(c, PrivateKey !); var em = I2OSP(m, k); SecurityAssert.Assert(em[0] == 0 && em[1] == 2); var mIdx = 2; while (mIdx < k && em[mIdx] != 0) { mIdx++; } SecurityAssert.Assert(mIdx - 2 > 8); // advance past zero mIdx++; SecurityAssert.AssertBuffer(output, outputOffset, k - mIdx); Array.Copy(em, mIdx, output, outputOffset, k - mIdx); }
public PrivateKey ReadPrivateKey(X509AlgorithmIdentifier algorithm, byte[] input) { var parameters = CreateParameters(algorithm); using (var ms = new MemoryStream(input)) { var asn1 = new DERReader(ms).Read(); var seq = asn1 as ASN1Sequence; SecurityAssert.NotNull(seq); SecurityAssert.Assert(seq !.Count >= 2); var version = seq !.Elements[0] as ASN1Integer; SecurityAssert.NotNull(version); SecurityAssert.Assert(version !.Value == 1); var dString = seq !.Elements[1] as ASN1OctetString; SecurityAssert.NotNull(dString); var d = parameters.Field.Value(dString !.Value.ToBigInteger(Endianness.BigEndian)); var q = Point.Multiply( parameters.Curve, d, parameters.Generator ); var pub = new ECPublicKey(parameters, q); return(new ECPrivateKey(pub, d)); } }
public void Encrypt(byte[] input, int inputOffset, byte[] output, int outputOffset, int length) { SecurityAssert.AssertBuffer(input, inputOffset, length); SecurityAssert.NotNull(PublicKey); var k = PublicKey !.Modulus.GetByteLength(); SecurityAssert.Assert(length <= k - 11); var ps = _random.RandomNonZeroBytes(k - length - 3); SecurityAssert.Assert(ps.Length >= 8); var em = new byte[k]; em[0] = 0; em[1] = 2; Array.Copy(ps, 0, em, 2, ps.Length); em[ps.Length + 2] = 0; Array.Copy(input, inputOffset, em, ps.Length + 3, length); var m = OS2IP(em, 0, em.Length); var c = EncryptPrimative(m, PublicKey !); var result = I2OSP(c, k); SecurityAssert.AssertBuffer(output, outputOffset, result.Length); Array.Copy(result, 0, output, outputOffset, result.Length); }
public CertificateMessage(IReadOnlyCollection <X509Certificate> certificates) : base(HandshakeType.Certificate) { SecurityAssert.NotNull(certificates); SecurityAssert.Assert(certificates.Count <= 0xFFFFFF); Certificates = certificates; }
public PrivateKey ReadKey(byte[] input) { // PKCS#8 only var asn1 = GetASN1(input); SecurityAssert.Assert(asn1.HasValue); var seq = asn1.Value as ASN1Sequence; SecurityAssert.NotNull(seq); SecurityAssert.Assert(seq !.Count == 3); var version = seq !.Elements[0] as ASN1Integer; SecurityAssert.NotNull(version); SecurityAssert.Assert(version !.Value == 0); var algorithm = X509AlgorithmIdentifier.FromObject(seq.Elements[1]); var keyOctetString = seq !.Elements[2] as ASN1OctetString; SecurityAssert.NotNull(keyOctetString); var reader = _keyReaderRegistry.Resolve(algorithm.Algorithm); return(reader.ReadPrivateKey(algorithm, keyOctetString !.Value)); }
public RC4KeyParameter(byte[] key) { SecurityAssert.NotNull(key); Key = new byte[key.Length]; Array.Copy(key, Key, key.Length); }
public static byte[] GetBytes(string oid) { SecurityAssert.NotNull(oid); SecurityAssert.Assert(oid.Length > 0); var parts = oid.Split('.').Select(BigInteger.Parse).ToArray(); SecurityAssert.Assert(parts.Length >= 2); var bytes = new List <byte>(); SecurityAssert.Assert(parts[0] >= 0 && parts[0] <= 6); SecurityAssert.Assert(parts[1] >= 0 && parts[1] < 40); var firstByte = parts[0] * 40 + parts[1]; bytes.Add((byte)firstByte); for (var i = 2; i < parts.Length; i++) { SecurityAssert.Assert(parts[i] >= 0); bytes.AddRange(EncodeBase128(parts[i]).Reverse()); } return(bytes.ToArray()); }
public static string Format(byte[] bytes) { SecurityAssert.NotNull(bytes); SecurityAssert.Assert(bytes.Length > 0); var oid = new StringBuilder(); var firstOctet = bytes[0]; var index = 1; oid.AppendFormat("{0}.{1}", firstOctet / 40, firstOctet % 40); while (index < bytes.Length) { var value = new BigInteger(); while (true) { var b = bytes[index++]; if ((b & 0x80) == 0) { value = value << 7 | b; break; } SecurityAssert.Assert(index < bytes.Length); value = value << 7 | (b & 0x7F); } oid.AppendFormat(".{0}", value); } return(oid.ToString()); }
public PublicKey ReadPublicKey(X509AlgorithmIdentifier algorithm, BitArray bits) { SecurityAssert.Assert(IsRSAIdentifier(algorithm.Algorithm)); SecurityAssert.Assert(algorithm.Parameters.Count == 1 && algorithm.Parameters[0] is ASN1Null); var data = bits.ToArray(); ASN1Object asn1; using (var ms = new MemoryStream(data)) { asn1 = new DERReader(ms).Read(); } var keySeq = asn1 as ASN1Sequence; SecurityAssert.Assert(keySeq != null && keySeq.Count == 2); var modulusInt = keySeq !.Elements[0] as ASN1Integer; SecurityAssert.NotNull(modulusInt); var exponentInt = keySeq !.Elements[1] as ASN1Integer; SecurityAssert.NotNull(exponentInt); return(new RSAPublicKey(modulusInt !.Value, exponentInt !.Value)); }
public HelloExtension(ExtensionType type, byte[] data) { Type = type; SecurityAssert.NotNull(data); SecurityAssert.Assert(data.Length >= 0 && data.Length <= 0xFFFF); Data = data; }
public FinishedMessage(byte[] verifyActual, byte[] verifyExpectedHash) : base(HandshakeType.Finished) { SecurityAssert.NotNull(verifyActual); SecurityAssert.Assert(verifyActual.Length == VerifyDataLength); VerifyActual = verifyActual; VerifyExpectedHash = verifyExpectedHash; }
public Record(RecordType type, TLSVersion version, byte[] data) { Type = type; Version = version; SecurityAssert.NotNull(data); Data = data; }
public bool Verify(byte[] input, byte[] signature, IDigest hash) { if (_publicKey is null || _domain is null || _nField is null) { throw new InvalidOperationException("ECDSA not initialised"); } FieldValue r, s; using (var buffer = new MemoryStream(signature)) { var reader = new DERReader(buffer); var seq = reader.Read() as ASN1Sequence; SecurityAssert.NotNull(seq); SecurityAssert.Assert(seq !.Count == 2); var ri = seq.Elements[0] as ASN1Integer; SecurityAssert.NotNull(ri); r = _nField.Value(ri !.Value); SecurityAssert.Assert(r.Value == ri !.Value); var si = seq.Elements[1] as ASN1Integer; SecurityAssert.NotNull(si); s = _nField.Value(si !.Value); SecurityAssert.Assert(s.Value == si !.Value); } // check QA != O // check QA is on curve SecurityAssert.Assert(_domain.Curve.IsPointOnCurve(_publicKey)); // check n*QA = O // check r and s are in [1, n-1] // e = HASH(input) hash.Update(input); var e = hash.DigestBuffer(); // z = the Ln leftmost bits of e, where Ln is the bit length of the group order n. var z = ToZ(e, _ln); // w = 1/s (mod n) var w = _nField.Divide(_nField.Value(1), s); // u1 = zw (mod n) var u1 = _nField.Multiply(w, z); // u2 = rw (mod n) var u2 = _nField.Multiply(w, r); // (x1, y2) = u1 * G + u2 * QA var point = Point.Add(_domain.Curve, a: Point.Multiply(_domain.Curve, u1, _domain.Generator), b: Point.Multiply(_domain.Curve, u2, _publicKey)) !; // return r == x1 (mod n) return(r == point.X); }
private static T GetElement <T>(ASN1Object asn1, int index) where T : ASN1Object { var obj = GetElement(asn1, index) as T; SecurityAssert.NotNull(obj); return(obj !); }
private static ASN1Set ToSet(ASN1Object asn1, int minLength = 0, int maxLength = int.MaxValue) { var seq = asn1 as ASN1Set; SecurityAssert.NotNull(seq); SecurityAssert.Assert(seq !.Count >= minLength && seq !.Count <= maxLength); return(seq); }
public ICipherParameters Create(ConnectionEnd end, ConnectionDirection direction) { var key = GetKey(end, direction); SecurityAssert.NotNull(key); SecurityAssert.Assert(key.Length > 0); return(new AESKeyParameter(key)); }
public TLSStream(Stream inner, IServiceProvider services) { SecurityAssert.NotNull(inner); SecurityAssert.NotNull(services); _inner = inner; _servicesScope = services.CreateScope(); Services.GetRequiredService <IStreamAccessor>().Stream = _inner; }
public void Put(byte[] data) { _write.Wait(); SecurityAssert.NotNull(data); SecurityAssert.Assert(data.Length > 0); _data.Enqueue(data); _read.Release(); }
private BigInteger GetInteger(ASN1Sequence obj, int index) { SecurityAssert.Assert(index >= 0 && index < obj.Elements.Count); var elem = obj.Elements[index]; var intElem = elem as ASN1Integer; SecurityAssert.NotNull(intElem); return(intElem !.Value); }
private IDigest GetMAC(ConnectionDirection direction) { var digest = _cipherSuitesProvider.ResolveHashAlgorithm(_cipherSuiteConfig.CipherSuite); var key = GetMACKey(direction); SecurityAssert.NotNull(key); SecurityAssert.Assert(key.Length > 0); return(new HMAC(digest, key)); }
private DomainParameters CreateParameters(X509AlgorithmIdentifier algorithm) { // TODO support other formats SecurityAssert.Assert(algorithm.Parameters.Count == 1); var curve = algorithm.Parameters[0] as ASN1ObjectIdentifier; SecurityAssert.NotNull(curve); return(_namedCurvesRegistry.Resolve(curve !)); }
public ClientHelloMessage(TLSVersion version, byte[] randomBytes, byte[] sessionId, HelloExtension[] extensions, CipherSuite[] cipherSuites, CompressionMethod[] compressionMethods) : base(HandshakeType.ClientHello, version, randomBytes, sessionId, extensions) { SecurityAssert.NotNull(cipherSuites); SecurityAssert.Assert(cipherSuites.Length >= 2 && cipherSuites.Length <= 0xFFFE); CipherSuites = cipherSuites; SecurityAssert.NotNull(compressionMethods); SecurityAssert.Assert(compressionMethods.Length >= 1 && cipherSuites.Length <= 0xFF); CompressionMethods = compressionMethods; }
protected Curve(IField field, FieldValue a, FieldValue b) { SecurityAssert.NotNull(field); SecurityAssert.NotNull(a); SecurityAssert.NotNull(b); Field = field; A = a; B = b; }
public GHash(byte[] key) { SecurityAssert.NotNull(key); SecurityAssert.Assert(key.Length == 16); _key = new byte[16]; Array.Copy(key, 0, _key, 0, 16); _y = new byte[16]; Reset(); }
public DHPrivateKey(DHParameterConfig parameters, ASN1Object input) { var param = input as ASN1Integer; SecurityAssert.NotNull(param); X = param !.Value; var y = BigInteger.ModPow(parameters.G, X, parameters.P); DHPublicKey = new DHPublicKey(parameters, y); }
public SignedStream(Stream inner, ISignatureCipher signAlgo, IDigest hashAlgo) { SecurityAssert.NotNull(inner); SecurityAssert.Assert(inner.CanWrite); InnerStream = inner; SecurityAssert.NotNull(signAlgo); SecurityAssert.NotNull(hashAlgo); SignatureAlgorithm = signAlgo; HashAlgorithm = hashAlgo; }
public static X509AlgorithmIdentifier FromObject(ASN1Object asn1) { var seq = asn1 as ASN1Sequence; SecurityAssert.NotNull(seq); SecurityAssert.Assert(seq !.Count >= 1); var algorithmOid = seq.Elements[0] as ASN1ObjectIdentifier; SecurityAssert.NotNull(algorithmOid); var parameters = seq.Elements.Skip(1).ToList(); return(new X509AlgorithmIdentifier(algorithmOid !, parameters)); }
public HMAC(IDigest digest, byte[] key) { SecurityAssert.NotNull(digest); SecurityAssert.NotNull(key); _digest = digest; _key = new byte[digest.BlockSize / 8]; _state = HMACState.Uninitialised; ProcessInputKey(key); _state = HMACState.ProcessedKey; Reset(); }