| public VerifyData ( byte rgbData, byte rgbSignature ) : bool | ||
| rgbData | byte | The data that was signed. |
| rgbSignature | byte | The signature data to be verified. |
| Результат | bool | |
public bool ChangeNick(string oldnick, string newnick, byte[] newnickhashed)
{
bool result = false;
Chat instance = new Chat();
instance.Deserialiser();
User user = instance.SearchNick(oldnick);
if (user != null) //si l'utilisateur actuel existe
{
if (instance.SearchNick(newnick) == null) //si le nouveau login choisi est bon
{
ASCIIEncoding encoding = new ASCIIEncoding();
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
mycrypto.ImportParameters(user.Publickey);
if (mycrypto.VerifyData(encoding.GetBytes(newnick), newnickhashed)) //verification de la provenance du message
{
instance.RemoveUser(user);
user.Login = newnick;
instance.AddUser(user);
instance.Serialiser();
result = true;
}
}
}
return result;
}
public static bool IsSignatureValid(byte[] data, byte[] signature, byte[] signPublicKey)
{
using (DSACryptoServiceProvider dsa = new DSACryptoServiceProvider())
{
dsa.ImportCspBlob(signPublicKey);
return dsa.VerifyData(data, signature);
}
}
public bool ReceiveKey(byte[] pseudo,byte[] hash, DSAParameters key )
{
bool ret = false;
ASCIIEncoding codage = new ASCIIEncoding();
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
mycrypto.ImportParameters(key);
if(mycrypto.VerifyData(pseudo,hash))
{
string nick = codage.GetString(pseudo);
_clients.Add(nick, key);
ret = true;
}
return ret;
}
public bool ReceiveMessage(byte[] mess, byte[] hashMess, string pseudo)
{
DSAParameters key;
ASCIIEncoding codage = new ASCIIEncoding();
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
bool ret = false;
if (_clients.TryGetValue(pseudo,out key))
{
mycrypto.ImportParameters(key);
if (mycrypto.VerifyData(mess, hashMess))
{
Console.WriteLine(pseudo + " a ecrit: " + codage.GetString(mess));
ret = true;
}
}
return ret;
}
public static bool VerifySignature(string inputData, string signature, string publicKey)
{
// create the crypto-service provider:
DSACryptoServiceProvider dsa = new DSACryptoServiceProvider();
// setup the provider from the public key:
dsa.FromXmlString(publicKey);
// get the license terms data:
//byte[] data = Convert.FromBase64String(inputData);
byte[] data = UTF8Encoding.ASCII.GetBytes(inputData);
// get the signature data:
byte[] signatureData = Convert.FromBase64String(signature);
// verify that the license-terms match the signature data
if (dsa.VerifyData(data, signatureData) == false)
throw new SecurityException("Signature Not Verified!");
return true;
}
/// <inheritdoc cref="Owasp.Esapi.Interfaces.IEncryptor.VerifySignature(string, string)" />
public bool VerifySignature(string signature, string data)
{
try
{
DSACryptoServiceProvider dsaCsp = new DSACryptoServiceProvider(asymmetricKeyPair);
Encoding textConverter = Encoding.GetEncoding(encoding);
byte[] signatureBytes = Convert.FromBase64String(signature);
byte[] dataBytes = textConverter.GetBytes(data);
return dsaCsp.VerifyData(dataBytes, signatureBytes);
}
catch (Exception)
{
return false;
}
}
private static bool DSAVerifyHash(byte[] HashValue, byte[] SignedHashValue, DSAParameters publickeyinfo, string HashAlg)
{
bool verified = false;
try
{
//Create a new instance of DSACryptoServiceProvider
using(DSACryptoServiceProvider dsa = new DSACryptoServiceProvider())
{
//Import the key information
dsa.ImportParameters(publickeyinfo);
// Create an DSASignatureDeformatter object and pass it the DSACryptoServiceProvider to transfer the private key.
//DSASignatureDeformatter dsaDeformatter = new DSASignatureDeformatter(dsa);
//Set the hash algorithm to the passed value.
//dsaDeformatter.SetHashAlgorithm(HashAlg);
//Verify signature and return the result
//Verify hashed files //Verify hashed data
verified = dsa.VerifyData(HashValue, SignedHashValue); //dsaDeformatter.VerifySignature(HashValue, SignedHashValue);
}
}
catch(Exception e)
{
Console.WriteLine(e.Message);
}
return verified;
}
MFTestResults Test_ImportKey(Session session)
{
bool testResult = false;
try
{
using (CryptoKey pubkey = CryptoKey.LoadKey(session, m_publicDsaKey))
{
// replace publickey with private
CryptokiAttribute[] privateKey = new CryptokiAttribute[m_publicDsaKey.Length];
for (int x = 0; x < m_publicDsaKey.Length; x++)
{
privateKey[x] = new CryptokiAttribute(m_publicDsaKey[x].Type, new byte[m_publicDsaKey[x].Value.Length]);
Array.Copy(m_publicDsaKey[x].Value, privateKey[x].Value, m_publicDsaKey[x].Value.Length);
}
privateKey[0].Value = Utility.ConvertToBytes((int)CryptokiClass.PRIVATE_KEY);
privateKey[5].Value = new byte[]
{
0x45, 0xB3, 0x34, 0x77, 0x54, 0x3E, 0x7E, 0xBC, 0x82, 0xA8, 0x4E, 0x8E, 0x91, 0x55, 0x86, 0xC1,
0xDA, 0x22, 0xDE, 0x09,
};
using (CryptoKey privkey = CryptoKey.LoadKey(session, privateKey))
{
string dataToSign = "This is a simple message to be encrypted";
byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign);
using (DSACryptoServiceProvider dsaEncr = new DSACryptoServiceProvider(privkey))
using(DSACryptoServiceProvider dsaDecr = new DSACryptoServiceProvider(pubkey))
{
byte[] signature = dsaEncr.SignData(data);
testResult = dsaDecr.VerifyData(data, signature);
}
}
using (CryptoKey privkey = CryptoKey.LoadKey(session, m_privateDsaKey))
{
string dataToSign = "This is a simple message to be encrypted";
byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign);
using (DSACryptoServiceProvider dsaEncr = new DSACryptoServiceProvider(privkey))
using(DSACryptoServiceProvider dsaDecr = new DSACryptoServiceProvider(privkey))
{
byte[] signature = dsaEncr.SignData(data);
testResult &= dsaDecr.VerifyData(data, signature);
}
}
}
}
catch (Exception ex)
{
Log.Exception("Unexpected Exception", ex);
testResult = false;
}
return (testResult ? MFTestResults.Pass : MFTestResults.Fail);
}
MFTestResults TestSignature(DSACryptoServiceProvider csp, HashAlgorithm hashAlg)
{
bool testResult = false;
try
{
string dataToSign = "This is a simple message to be encrypted";
byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign);
byte[] signature = csp.SignData(data);
testResult = csp.VerifyData(data, signature);
byte[] hash = hashAlg.ComputeHash(data);
signature = csp.SignHash(hash, hashAlg.HashType);
testResult &= csp.VerifyHash(hash, hashAlg.HashType, signature);
}
catch (Exception ex)
{
Log.Exception("Unexpected Exception", ex);
testResult = false;
}
return (testResult ? MFTestResults.Pass : MFTestResults.Fail);
}
public MFTestResults DsaTest_ImportRsaKeyAndUseWithDsaShouldFail()
{
bool testResult = false;
try
{
using (Session session = new Session("", MechanismType.DSA))
using (CryptoKey obj = CryptokiObject.CreateObject(session, m_privateRsaKey) as CryptoKey)
{
string dataToSign = "This is a simple message to be encrypted";
byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign);
using (DSACryptoServiceProvider dsa = new DSACryptoServiceProvider(obj))
{
byte[] signature = dsa.SignData(data);
dsa.VerifyData(data, signature);
}
}
}
catch (ArgumentException)
{
testResult = true;
}
catch
{
testResult = false;
}
return (testResult ? MFTestResults.Pass : MFTestResults.Fail);
}
public static Boolean Test(int keySize)
{
Boolean bRes = true;
Byte[] abData = new Byte[65536];
Byte[] abSignature = null;
Byte[] abSignature1 = null;
int ks = keySize;
for (int i = 0; i < 65536; i++) abData[i] = (Byte)(i % 256);
try
{
using (DSACryptoServiceProvider dsa = new DSACryptoServiceProvider(ks))
{
abSignature = dsa.SignData(abData);
abSignature1 = dsa.SignData(abData);
/* if(!Compare(abSignature, abSignature1)) {
Log.Comment("WRONG : two signing passes gave different signatures!");
bRes = false;
} */
Log.Comment("Signature is : ");
PrintByteArray(abSignature);
if (dsa.VerifyData(abData, abSignature))
{
Log.Comment("CORRECT : Signature OK");
}
else
{
Log.Comment("WRONG : Signature is BAD");
bRes = false;
}
if (dsa.VerifyData(abData, abSignature1))
{
Log.Comment("CORRECT : Signature1 OK");
}
else
{
Log.Comment("WRONG : Signature1 is BAD");
bRes = false;
}
abData[2]++;
if (dsa.VerifyData(abData, abSignature))
{
Log.Comment("WRONG : Signature OK");
bRes = false;
}
else
{
Log.Comment("CORRECT : Signature is BAD");
}
abData[2]--;
abSignature[1]++;
if (dsa.VerifyData(abData, abSignature))
{
Log.Comment("WRONG : Signature OK");
bRes = false;
}
else
{
Log.Comment("CORRECT : Signature is BAD");
}
abData[2]++;
if (dsa.VerifyData(abData, abSignature1))
{
Log.Comment("WRONG : Signature1 OK");
bRes = false;
}
else
{
Log.Comment("CORRECT : Signature1 is BAD");
}
abData[2]--;
abSignature1[1]++;
if (dsa.VerifyData(abData, abSignature1))
{
Log.Comment("WRONG : Signature1 OK");
bRes = false;
}
else
{
Log.Comment("CORRECT : Signature1 is BAD");
}
}
}
catch (Exception e)
{
Log.Comment("Exception ocured :\n" + e.ToString());
bRes = false;
}
return bRes;
}
public bool Register(string nick, string password,byte[] nickhashed, int counter, byte[] G, byte[] J, byte[] P, byte[] Q, byte[] Seed, byte[] X, byte[] Y)
{
bool result = false;
Chat instance = new Chat();
instance.Deserialiser();
User user = instance.SearchNick(nick);
if (user == null) //si l'utilisateur n'existe deja pas
{
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
DSAParameters key = Security.RecreateKey(counter, G, J, P, Q, Seed, X, Y);
mycrypto.ImportParameters(key);
ASCIIEncoding encoding = new ASCIIEncoding();
if (mycrypto.VerifyData(encoding.GetBytes(nick), nickhashed)) //verifie la cle publique recue
{
User newcommer = new User(nick, password, key);
instance.AddUser(newcommer);
instance.Serialiser();
result = true;
}
}
return result;
}
///// <summary>
///// FromXml null
///// </summary>
//private static void FromXmlNull()
//{
// DSA alg = DSA.Create();
// alg.FromXmlString(null);
// return;
//}
///// <summary>
///// FromXml no P
///// </summary>
//private static void FromXmlNoP()
//{
// XmlDocument doc = new XmlDocument();
// DSA alg = DSA.Create();
// doc.LoadXml(alg.ToXmlString(true));
// XmlElement remElem = doc.SelectSingleNode("/DSAKeyValue/P") as XmlElement;
// remElem.ParentNode.RemoveChild(remElem);
// alg.FromXmlString(doc.DocumentElement.OuterXml);
// return;
//}
///// <summary>
///// FromXml no Q
///// </summary>
//private static void FromXmlNoQ()
//{
// XmlDocument doc = new XmlDocument();
// DSA alg = DSA.Create();
// doc.LoadXml(alg.ToXmlString(true));
// XmlElement remElem = doc.SelectSingleNode("/DSAKeyValue/Q") as XmlElement;
// remElem.ParentNode.RemoveChild(remElem);
// alg.FromXmlString(doc.DocumentElement.OuterXml);
// return;
//}
///// <summary>
///// FromXml no G
///// </summary>
//private static void FromXmlNoG()
//{
// XmlDocument doc = new XmlDocument();
// DSA alg = DSA.Create();
// doc.LoadXml(alg.ToXmlString(true));
// XmlElement remElem = doc.SelectSingleNode("/DSAKeyValue/G") as XmlElement;
// remElem.ParentNode.RemoveChild(remElem);
// alg.FromXmlString(doc.DocumentElement.OuterXml);
// return;
//}
///// <summary>
///// FromXml no Y
///// </summary>
//private static void FromXmlNoY()
//{
// XmlDocument doc = new XmlDocument();
// DSA alg = DSA.Create();
// doc.LoadXml(alg.ToXmlString(true));
// XmlElement remElem = doc.SelectSingleNode("/DSAKeyValue/Y") as XmlElement;
// remElem.ParentNode.RemoveChild(remElem);
// alg.FromXmlString(doc.DocumentElement.OuterXml);
// return;
//}
///// <summary>
///// FromXml seed, no pgencounter
///// </summary>
//private static void FromXmlSeedNoPgenCounter()
//{
// XmlDocument doc = new XmlDocument();
// DSA alg = DSA.Create();
// doc.LoadXml(alg.ToXmlString(true));
// XmlElement remElem = doc.SelectSingleNode("/DSAKeyValue/PgenCounter") as XmlElement;
// remElem.ParentNode.RemoveChild(remElem);
// alg.FromXmlString(doc.DocumentElement.OuterXml);
// return;
//}
///// <summary>
///// FromXml pgencounter, no seed
///// </summary>
//private static void FromXmlNoSeedPgenCounter()
//{
// XmlDocument doc = new XmlDocument();
// DSA alg = DSA.Create();
// doc.LoadXml(alg.ToXmlString(true));
// XmlElement remElem = doc.SelectSingleNode("/DSAKeyValue/Seed") as XmlElement;
// remElem.ParentNode.RemoveChild(remElem);
// alg.FromXmlString(doc.DocumentElement.OuterXml);
// return;
//}
#endregion
#region DSA CSP API Tests
/// <summary>
/// Create with CspParameters
/// </summary>
//private static bool CSPParameters()
//{
// byte[] data = new byte[] { 0, 1, 2, 3, 4, 5 };
// CspParameters csp = new CspParameters(13);
// csp.KeyContainerName = "Custom Key Container";
// csp.KeyNumber = 2;
// DSACryptoServiceProvider dsaCsp = new DSACryptoServiceProvider(csp);
// byte[] signed = dsaCsp.SignData(data);
// bool passed = dsaCsp.VerifyData(data, signed);
// dsaCsp.Clear();
// return passed;
//}
///// <summary>
///// Check KeyExchangeAlgorithm
///// </summary>
//private static bool CSPCheckKeyExchangeAlg()
//{
// return new DSACryptoServiceProvider().KeyExchangeAlgorithm == null;
//}
///// <summary>
///// Check SignatureAlgorithm
///// </summary>
//private static bool CSPCheckSignatureAlg()
//{
// return new DSACryptoServiceProvider().SignatureAlgorithm == "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
//}
///// <summary>
///// Check MachineStore
///// </summary>
//private static bool CSPCheckMachineStore()
//{
// bool init = DSACryptoServiceProvider.UseMachineKeyStore;
// DSACryptoServiceProvider.UseMachineKeyStore = true;
// bool ok = DSACryptoServiceProvider.UseMachineKeyStore;
// DSACryptoServiceProvider.UseMachineKeyStore = false;
// ok = ok && !DSACryptoServiceProvider.UseMachineKeyStore;
// DSACryptoServiceProvider.UseMachineKeyStore = init;
// return ok;
//}
/// <summary>
/// Sign stream
/// </summary>
private static bool CSPSignStream()
{
byte[] data = new byte[1025];
for (int i = 2; i < data.Length; i++)
data[i] = (byte)((data[i - 1] + data[i - 2]) % Byte.MaxValue);
using (DSACryptoServiceProvider dsa = new DSACryptoServiceProvider())
using (MemoryStream ms = new MemoryStream(data))
{
byte[] streamSig = dsa.SignData(ms);
return dsa.VerifyData(data, streamSig);
}
}
/// <summary> Verifies a digital signature (created with the sign method) and returns
/// the boolean result.
/// </summary>
/// <param name="signature">The signature to verify.
/// </param>
/// <param name="data">The data to verify the signature against.
/// </param>
/// <returns> true, if successful
/// </returns>
/// <seealso cref="Owasp.Esapi.Interfaces.IEncryptor.VerifySignature(string, string)">
/// </seealso>
public bool VerifySignature(string signature, string data)
{
try
{
DSACryptoServiceProvider dsaCsp = new DSACryptoServiceProvider(asymmetricKeyPair);
Encoding textConverter = Encoding.GetEncoding(encoding);
byte[] signatureBytes = Esapi.Encoder().DecodeFromBase64(signature);
byte[] dataBytes = textConverter.GetBytes(data);
return dsaCsp.VerifyData(dataBytes, signatureBytes);
}
catch (System.Exception e)
{
new EncryptionException("Invalid signature", "Problem verifying signature: " + e.Message, e);
return false;
}
}
public Message[] ReceiveAllMessage(string nick, byte[] nickhashed)
{
Chat instance = new Chat();
instance.Deserialiser();
Message[] message = null;
User user = instance.SearchNick(nick);
if (user != null) //on verifie si le demandeur existe
{
ASCIIEncoding encoding = new ASCIIEncoding();
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
mycrypto.ImportParameters(user.Publickey);
if (mycrypto.VerifyData(encoding.GetBytes(nick), nickhashed)) //on verifie la provenance de la demande
{
message = instance.Messages.ToArray<Message>();
}
}
return message;
}
public Message[] ReceiveMessageNonRead(string nick, byte[] nickhashed)
{
Chat instance = new Chat();
instance.Deserialiser();
User user = instance.SearchNick(nick);
Message[] unread = null;
if (user != null) //on verifie si l'utilisateur existe
{
ASCIIEncoding encoding = new ASCIIEncoding();
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
mycrypto.ImportParameters(user.Publickey);
if (mycrypto.VerifyData(encoding.GetBytes(nick), nickhashed)) //on verifie la provenance de la demande
{
//requete LINQ pour recuperer les messages a lire
unread = (from Message m in instance.Messages
where m.Creation > user.LastRead
select m).ToArray<Message>();
instance.RemoveUser(user);
user.LastRead = DateTime.Now; //on modifie la date de derniere lecture
instance.AddUser(user);
instance.Serialiser();
}
}
return unread;
}
public bool SendPrivateMessage(string nick, string recipient, string message, byte[] messagehashed)
{
bool result = false;
Chat instance = new Chat();
instance.Deserialiser();
User user = instance.SearchNick(nick); //on verifie que l'auteur existe
if (user != null)
{
ASCIIEncoding encoding = new ASCIIEncoding();
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
mycrypto.ImportParameters(user.Publickey);
if (mycrypto.VerifyData(encoding.GetBytes(message), messagehashed)) //on verifie la provenance du message
{
Message news = new Message(nick, message);
User todeliver = instance.SearchNick(recipient); //on verifie la presence du destinataire
if (todeliver != null)
{
Message privatemessage = new Message(nick, message);
instance.RemoveUser(todeliver);
todeliver.AddPrivateMessage(privatemessage);
instance.AddUser(todeliver);
instance.Serialiser();
result = true;
}
}
}
return result;
}
public bool SendMessage(string nick, string message, byte[] messagehashed)
{
bool result = false;
Chat instance = new Chat();
instance.Deserialiser();
User user = instance.SearchNick(nick); //verification de l'utilisateur
if (user != null)
{
ASCIIEncoding encoding = new ASCIIEncoding();
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
mycrypto.ImportParameters(user.Publickey);
if(mycrypto.VerifyData(encoding.GetBytes(message), messagehashed)) //on verifie que le message provient bien de l'utilisateur
{
Message news = new Message(nick, message);
instance.AddMessage(news);
instance.Serialiser();
result = true;
}
}
return result;
}
public bool VerifyData(byte[] buffer, DSACryptoServiceProvider dsaKey, byte[] signature)
{
return dsaKey.VerifyData(buffer, DERDecodeSignature(signature));
}
/// <summary>
/// Sign buffer
/// </summary>
private static bool CSPSignBuffer()
{
byte[] data = new byte[1025];
for (int i = 2; i < data.Length; i++)
data[i] = (byte)((data[i - 1] + data[i - 2]) % Byte.MaxValue);
using (DSACryptoServiceProvider dsa = new DSACryptoServiceProvider())
{
byte[] sig = dsa.SignData(data, 25, 150);
byte[] bufferPortion = new byte[150];
Array.Copy(data, 25, bufferPortion, 0, 150);
return dsa.VerifyData(bufferPortion, sig);
}
}
/// <summary> Create a digital signature for the provided data and return it in a
/// string.
/// </summary>
/// <param name="data">The data to sign.
/// </param>
/// <returns> The signature.
/// </returns>
/// <seealso cref="Owasp.Esapi.Interfaces.IEncryptor.Sign(string)">
/// </seealso>
public string Sign(string data)
{
try
{
asymmetricKeyPair.Flags = CspProviderFlags.UseMachineKeyStore;
DSACryptoServiceProvider dsaCsp = new DSACryptoServiceProvider(asymmetricKeyPair);
Encoding textConverter = Encoding.GetEncoding(encoding);
byte[] dataBytes = textConverter.GetBytes(data);
byte[] signatureBytes = dsaCsp.SignData(dataBytes);
bool valid = dsaCsp.VerifyData(dataBytes, signatureBytes);
return Esapi.Encoder().EncodeForBase64(signatureBytes, true);
}
catch (Exception e)
{
throw new EncryptionException("Signature failure" + e.StackTrace, "Can't find signature algorithm " + signatureAlgorithm, e);
}
}
public Message[] ReceivePrivateMessage(string nick, byte[] nickhashed)
{
Chat instance = new Chat();
instance.Deserialiser();
User user = instance.SearchNick(nick);
Message[] privatemessage = null;
if (user != null) //si l'utilisateur existe
{
ASCIIEncoding encoding = new ASCIIEncoding();
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
mycrypto.ImportParameters(user.Publickey);
if (mycrypto.VerifyData(encoding.GetBytes(nick), nickhashed)) //verification de la provenance du message
{
privatemessage = user.PrivateMessage.ToArray<Message>();
}
}
return privatemessage;
}
public bool LogIn(string nick, string password,byte[] nickhashed, int counter, byte[] G, byte[] J, byte[] P, byte[] Q, byte[] Seed, byte[] X, byte[] Y)
{
bool result = false;
Chat instance = new Chat();
instance.Deserialiser();
User user = instance.SearchNick(nick);
if (user != null) //si l'utilisateur existe
{
if (user.CheckPassword(password)) //si le mot de passe de l'utilisateur est bon
{
DSACryptoServiceProvider mycrypto = new DSACryptoServiceProvider();
DSAParameters key = Security.RecreateKey(counter, G, J, P, Q, Seed, X, Y);
mycrypto.ImportParameters(key);
ASCIIEncoding encoding = new ASCIIEncoding();
if (mycrypto.VerifyData(encoding.GetBytes(nick), nickhashed)) //verification de la cle publique recue
{
result = true;
instance.RemoveUser(user);
user.Publickey = key; //on stocke la cle publique pour la reception prochaine de message
instance.AddUser(user);
instance.Serialiser();
}
}
}
return result;
}
