/**
* Create an X.509 Attribute with the type given by the passed in oid and
* the value represented by an ASN.1 Set containing value.
*
* @param oid type of the attribute
* @param value value object to go into the atribute's value set.
*/
public X509Attribute(
string oid,
Asn1Encodable value)
{
this.attr = new AttributeX509(new DerObjectIdentifier(oid), new DerSet(value));
}
public void CheckAttributeCertificate(
int id,
byte[] cert)
{
Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(cert);
string dump = Asn1Dump.DumpAsString(seq);
AttributeCertificate obj = AttributeCertificate.GetInstance(seq);
AttributeCertificateInfo acInfo = obj.ACInfo;
// Version
if (!(acInfo.Version.Equals(new DerInteger(1))) &&
(!(acInfo.Version.Equals(new DerInteger(2)))))
{
Fail("failed AC Version test for id " + id);
}
// Holder
Holder h = acInfo.Holder;
if (h == null)
{
Fail("failed AC Holder test, it's null, for id " + id);
}
// Issuer
AttCertIssuer aci = acInfo.Issuer;
if (aci == null)
{
Fail("failed AC Issuer test, it's null, for id " + id);
}
// Signature
AlgorithmIdentifier sig = acInfo.Signature;
if (sig == null)
{
Fail("failed AC Signature test for id " + id);
}
// Serial
DerInteger serial = acInfo.SerialNumber;
// Validity
AttCertValidityPeriod validity = acInfo.AttrCertValidityPeriod;
if (validity == null)
{
Fail("failed AC AttCertValidityPeriod test for id " + id);
}
// Attributes
Asn1Sequence attribSeq = acInfo.Attributes;
AttributeX509[] att = new AttributeX509[attribSeq.Count];
for (int i = 0; i < attribSeq.Count; i++)
{
att[i] = AttributeX509.GetInstance(attribSeq[i]);
}
// IssuerUniqueId
// TODO, how to best test?
// X509 Extensions
X509Extensions ext = acInfo.Extensions;
if (ext != null)
{
foreach (DerObjectIdentifier oid in ext.ExtensionOids)
{
X509Extension extVal = ext.GetExtension(oid);
}
}
}
/**
* @param at an object representing an attribute.
*/
internal X509Attribute(
Asn1Encodable at)
{
this.attr = AttributeX509.GetInstance(at);
}
/// <summary>
/// Creates an ASN.1 DER-encoded PKCS#10 CertificationRequest object representing
/// the current state of this CertificateRequest object.
/// </summary>
/// <returns>An ASN.1 DER-encoded certificate signing request.</returns>
public byte[] ExportSigningRequest(PkiEncodingFormat format)
{
// Based on:
// https://github.com/bcgit/bc-csharp/blob/master/crypto/test/src/pkcs/test/PKCS10Test.cs
// https://stackoverflow.com/questions/46182659/how-to-delay-sign-the-certificate-request-using-bouncy-castle-with-ecdsa-signatu
// http://www.bouncycastle.org/wiki/display/JA1/X.509+Public+Key+Certificate+and+Certification+Request+Generation:
// #X.509PublicKeyCertificateandCertificationRequestGeneration-EllipticCurve(ECDSA)
// #X.509PublicKeyCertificateandCertificationRequestGeneration-RSA
// #X.509PublicKeyCertificateandCertificationRequestGeneration-CreatingCertificationRequests
// https://stackoverflow.com/a/37563051/5428506
var x509name = new X509Name(SubjectName);
var pubKey = _keyPair.PublicKey.NativeKey;
var prvKey = _keyPair.PrivateKey.NativeKey;
// Asn1Set attrSet = null;
// if (CertificateExtensions.Count > 0)
// {
// var certExts = CertificateExtensions.ToDictionary(
// ext => ext.Identifier, ext => ext.Value);
// var csrAttrs = new[]
// {
// new Org.BouncyCastle.Asn1.Cms.Attribute(
// PkcsObjectIdentifiers.Pkcs9AtExtensionRequest,
// new DerSet(new X509Extensions(certExts))),
// };
// attrSet = new DerSet(csrAttrs);
// }
// Based on:
// http://forum.rebex.net/4284/pkcs10-certificate-request-example-provided-castle-working
var extGen = new X509ExtensionsGenerator();
foreach (var ext in CertificateExtensions)
{
extGen.AddExtension(ext.Identifier, ext.IsCritical, ext.Value);
}
var attr = new AttributeX509(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest,
new DerSet(extGen.Generate()));
var sigFactory = ComputeSignatureAlgorithm(prvKey);
var pkcs10 = new Pkcs10CertificationRequest(sigFactory, x509name,
pubKey, new DerSet(attr), prvKey);
switch (format)
{
case PkiEncodingFormat.Pem:
using (var sw = new StringWriter())
{
var pemWriter = new PemWriter(sw);
pemWriter.WriteObject(pkcs10);
return(Encoding.UTF8.GetBytes(sw.GetStringBuilder().ToString()));
}
case PkiEncodingFormat.Der:
return(pkcs10.GetDerEncoded());
default:
throw new NotSupportedException();
}
}
public void AddAttribute(AttributeX509 attribute)
{
attributes.Add(attribute);
}
/// <summary>Add an attribute.</summary>
public void AddAttribute(
X509Attribute attribute)
{
acInfoGen.AddAttribute(AttributeX509.GetInstance(attribute.ToAsn1Object()));
}
static void Main(string[] args)
{
Console.WriteLine("Please select option 1/2");
string option = Console.ReadLine();
if (option == "1")
{
Certificate cert = new Certificate(2048);
Console.WriteLine("---------------------------- AS2805.6.5.3 Option 1--------------------------------------------------------");
Console.WriteLine("---------------Manufacturer’s key pair (PKman, SKman)---------------");
Certificate man = new Certificate(2048);
byte[] PKman = man.GetPublicKey();
byte[] SKman = man.GetPrivateKey();
Console.WriteLine("------------------Terminal cryptographic unit’s key pair (PKtcu, SKtcu)-------------------");
Certificate tcu = new Certificate(2048);
byte[] PKtcu = tcu.GetPublicKey();
byte[] SKtcu = tcu.GetPrivateKey();
Console.WriteLine("----------------Sponsor’s key pair (PKsp, SKsp)------------------------");
Certificate sp = new Certificate(2048);
byte[] PKsp = sp.GetPublicKey();
byte[] SKsp = sp.GetPrivateKey();
Console.WriteLine("--------------Getting RNsp, tcuid and user data -------------- ");
Random rnd = new Random();
string RNsp = rnd.Next(222222, 999999).ToString();
byte[] RNsp_bytes = Encoding.ASCII.GetBytes(RNsp);
Console.WriteLine("RNsp: \t" + RNsp);
string user_data = "OPTIONAL USER DATA THAT CAN BE ANY LENGTH";
byte[] user_data_bytes = Encoding.ASCII.GetBytes(user_data);
Console.WriteLine("User Data: \t" + user_data);
string tcuid = "MN044712H";
byte[] tcuid_bytes = Encoding.ASCII.GetBytes(tcuid);
Console.WriteLine("TCUID: \t" + tcuid);
string AIIC = "0000045127823121";
byte[] AIIC_bytes = Encoding.ASCII.GetBytes(AIIC);
Console.WriteLine("AIIC: \t" + AIIC);
SecureRandom random = new SecureRandom();
DesEdeKeyGenerator keyGen = new DesEdeKeyGenerator();
keyGen.Init(new KeyGenerationParameters(random, 128));
byte[] KI_bytes = keyGen.GenerateKey();
string KI = BitConverter.ToString(KI_bytes).Replace("-", string.Empty);
Console.WriteLine("KI: \t" + KI);
byte[] KIA_bytes = keyGen.GenerateKey();
string KIA = BitConverter.ToString(KIA_bytes).Replace("-", string.Empty);
Console.WriteLine("KIA: \t" + KIA);
byte[] KCA_bytes = keyGen.GenerateKey();
string KCA = BitConverter.ToString(KCA_bytes).Replace("-", string.Empty);
Console.WriteLine("KCA: \t" + KCA);
DateTime today = DateTime.Now.Date;
byte[] today_bytes = Encoding.ASCII.GetBytes(today.ToString("yyyyMMdd HH:mm:ss"));
Console.WriteLine("DTS: \t" + today.ToString("yyyyMMdd HH:mm:ss"));
Console.WriteLine("-----------------------------------------------------------------------");
Console.WriteLine("--------------------------Sponsor Pre-Compute--------------------------");
HashMAC hash = new HashMAC(new Sha256Digest());
byte[] H_PKman_userdata = hash.Hash_Data(PKman.Concat(user_data_bytes).ToArray());
Console.WriteLine("SHA256 Hash of PKman + user data : \n" + Utils.HexDump(H_PKman_userdata));
byte[] H_PKsp_RNsp_userdata = hash.Hash_Data(PKsp.Concat(RNsp_bytes).Concat(user_data_bytes).ToArray());
//Console.WriteLine("SHA256 Hash of PKsp + user data : \n" + Utils.HexDump(H_PKman_userdata));
Console.WriteLine("----------------------------------------------------------------------------------");
Signature sign = new Signature();
byte[] sSKman_H_PKman_userdata = sign.SignData(H_PKman_userdata, man.get_Private_Params());
Console.WriteLine("Sponsor Verifies Manufacturer Signature of sSKman(H(PKman + user data)) : \n" + Utils.HexDump(sSKman_H_PKman_userdata));
byte[] sSKman_H_PKsp_RNsp_userdata = sign.SignData(H_PKsp_RNsp_userdata, man.get_Private_Params());
//Console.WriteLine("Signature of sSKman(H(PKsp + user data)) : \n" + Utils.HexDump(sSKman_H_PKsp_userdata));
byte[] H_PKsp = hash.Hash_Data(PKsp);
//Console.WriteLine("SHA256 Hash of PKsp : \n" + Utils.HexDump(H_PKsp));
byte[] sSKman_H_PKsp = sign.SignData(H_PKsp, man.get_Private_Params());
//Console.WriteLine("Signature of sSKman(H(PKsp))) : \n" + Utils.HexDump(sSKman_H_PKsp));
//Console.WriteLine("--------------------------TCU Pre-Compute--------------------------");
byte[] H_PKtcu = hash.Hash_Data(PKtcu);
//Console.WriteLine("SHA256 Hash of PKtcu : \n" + Utils.HexDump(H_PKtcu));
//Pad pad = new Pad();
//var padHash = pad.Pad_Data(H_PKtcu, 128);
//Console.WriteLine("SHA256 Hash of PKtcu and PKCS v1.5 padding : \n" + Utils.HexDump(padHash));
Console.WriteLine("----------------------------------------------------------------------------------");
byte[] sSKman_H_PKtcu_ = sign.SignData(H_PKtcu, man.get_Private_Params());
Console.WriteLine("Termninal Verifies Manufacturer Signature of PKtcu sSKman(H(PKtcu)) :\n" + Utils.HexDump(sSKman_H_PKtcu_));
Console.WriteLine("----------------------------------------------------------------------------------");
byte[] sSKman_H_PKtcu_TCUID_userdata = sign.SignData(H_PKtcu.Concat(tcuid_bytes).Concat(user_data_bytes).ToArray(), man.get_Private_Params());
//Console.WriteLine("Signature of sSKman(H(PKtcu)|TCUID|user data) : \n" + Utils.HexDump(sSKman_H_PKtcu));
//Console.ReadLine();
Console.WriteLine("-------------------------- OPTION 1 --------------------------");
Console.WriteLine("--------------------------SIGN ON REQUEST 1--------------------------\n\n");
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("TCU -> Sending:...");
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("User Data: " + user_data + "\n" + Utils.HexDump(user_data_bytes));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("TCUID: " + tcuid + " \n" + Utils.HexDump(tcuid_bytes));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("H(PKtcu) \n" + Utils.HexDump(H_PKtcu));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("sSKman(H(PKtcu)|TCUID|user data) \n" + Utils.HexDump(sSKman_H_PKtcu_TCUID_userdata));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("------------------------SIGN ON RESPONSE 1--------------------------------------");
Console.WriteLine("Veryfying Signature of sSKman(H(PKtcu)|TCUID|user data)");
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("User Data: " + user_data + "\n" + Utils.HexDump(user_data_bytes));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("RNsp: " + RNsp + "\n" + Utils.HexDump(RNsp_bytes));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("H(PKsp|RNsp|userdata) \n" + Utils.HexDump(H_PKsp_RNsp_userdata));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("Sign: sSKman(H(PKsp|RNsp|user data)):\n" + Utils.HexDump(sSKman_H_PKsp_RNsp_userdata));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("-------------------------- SIGN ON REQUEST 2--------------------------\n\n");
//Construct cryptogram encrypted by PKsp
Console.WriteLine("Constructing the KI KeyBlock cryptogram (KI, TCUID, RNsp, DTS, user dat)----------");
Asn1 asn = new Asn1();
byte[] KI_KeyBlock_bytes = asn.KI_KeyBlock(KI_bytes, tcuid_bytes, today_bytes, RNsp_bytes, user_data_bytes);
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine(Utils.HexDump(KI_KeyBlock_bytes));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("Encrypt: ePKsp(KI, TCUID, RNsp, DTS, user data): \n");
byte[] PKsp_KI_TCUID_RNsp_DTS_user_data = sp.Encrypt(KI_KeyBlock_bytes);
Console.WriteLine(Utils.HexDump(PKsp_KI_TCUID_RNsp_DTS_user_data));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("Hash: H(ePKsp(KI, TCUID, RNsp, DTS, user data)): \n");
byte[] H_PKsp_KI_TCUID_RNsp_DTS_user_data = hash.Hash_Data(PKsp_KI_TCUID_RNsp_DTS_user_data);
Console.WriteLine(Utils.HexDump(H_PKsp_KI_TCUID_RNsp_DTS_user_data));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("Sign: sSKtcu(H(ePKsp(KI, TCUID, RNsp, DTS, user data))): \n");
byte[] sSKtcu_H_PKsp_KI_TCUID_RNsp_DTS_user_data = sign.SignData(H_PKsp_KI_TCUID_RNsp_DTS_user_data, tcu.get_Private_Params());
Console.WriteLine(Utils.HexDump(sSKtcu_H_PKsp_KI_TCUID_RNsp_DTS_user_data));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("Send Signature and Encryption to Sponsor so that KI can be extracted \n");
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("Verify: sSKtcu(H(ePKsp(KI, TCUID, RNsp, DTS, user data))): \n");
bool sSKtcuV = sign.VerifySignature(tcu.get_Public_Params(), sSKtcu_H_PKsp_KI_TCUID_RNsp_DTS_user_data, H_PKsp_KI_TCUID_RNsp_DTS_user_data);
Console.WriteLine("Verified: " + sSKtcuV);
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("Decrypt: ePKsp(KI, TCUID, RNsp, DTS, user data): \n");
Console.WriteLine("Decrypted:\n" + Utils.HexDump(sp.Decrypt(PKsp_KI_TCUID_RNsp_DTS_user_data)));
Console.WriteLine("----------------------------------------------------------------------------------\n\n");
Console.WriteLine("-------------------------- SIGN ON RESPONSE 2-------------------------\n\n");
/*
* The KCA shall be used to derive a unique KIA_n per acquirer. The sponsor shall be responsible for providing the KIA_n to each acquirer through a secure channel.
* Each acquirer shall use its unique KIAn to download or derive the initial key(s) required for the appropriate key management scheme
*
*
* The AIIC is right justified and left zero filled in a 128-bit data field.
* KMACI_n = (OWF(KIA_n,D))
* KCA =
*/
DESAES desaes = new DESAES();
Console.WriteLine("-------------------------Calculate KMACI_n = HMAC(KIA_n,AIIC) -------------------------\n");
Console.WriteLine("-------------------------OWF = SHA256 HMAC -------------------------");
byte[] H_KIA_n_AIIC = hash.HMAC(AIIC_bytes, KIA_bytes);
Console.WriteLine("KMAC = \n" + Utils.HexDump(H_KIA_n_AIIC));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("KCA = \n" + Utils.HexDump(KCA_bytes));
Console.WriteLine("------------------------------ENCRYPT---------------------------------------------");
var E_KMAC = desaes.EncryptDES3(H_KIA_n_AIIC, KI_bytes);
Console.WriteLine("e(KMAC) = \n" + Utils.HexDump(E_KMAC));
Console.WriteLine("----------------------------------------------------------------------------------");
var E_KCA = desaes.EncryptDES3(KCA_bytes, KI_bytes);
Console.WriteLine("e(KCA) = \n" + Utils.HexDump(E_KCA));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("------------------------------DECRYPT---------------------------------------------");
var D_KCA = desaes.DecryptDES3(E_KCA, KI_bytes);
Console.WriteLine("d(KCA) = \n" + Utils.HexDump(D_KCA));
Console.WriteLine("----------------------------------------------------------------------------------");
var D_KMAC = desaes.DecryptDES3(E_KMAC, KI_bytes);
Console.WriteLine("d(KMAC) = \n" + Utils.HexDump(D_KMAC));
Console.WriteLine("----------------------------------------------------------------------------------");
Console.WriteLine("**------------------------------DONE--------------------------------------------**");
}
else
{
bool ForEncryption = true;
//Requested Certificate Name and things
X509Name name = new X509Name("C=Commonwealth Bank of Australia, O=CBA, OU=Cryptographical Services, CN=TID25124548");
//Key generation 2048bits
var rkpg = new RsaKeyPairGenerator();
rkpg.Init(new KeyGenerationParameters(new SecureRandom(), 2048));
AsymmetricCipherKeyPair ackp = rkpg.GenerateKeyPair(); //BAPI.EncryptionKey;
//if (!ForEncryption) ackp = BAPI.SignKey;
//Key Usage Extension
var ku = new KeyUsage(ForEncryption ? KeyUsage.KeyEncipherment : KeyUsage.DigitalSignature);
var extgen = new Org.BouncyCastle.Asn1.X509.X509ExtensionsGenerator();
extgen.AddExtension(X509Extensions.KeyUsage, true, ku);
var attribute = new AttributeX509(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(extgen.Generate()));
//PKCS #10 Certificate Signing Request
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest("SHA1WITHRSA", name, ackp.Public, new DerSet(attribute), ackp.Private); //new DerSet(new DerOctetString(ku))
var csrbytedata = csr.GetDerEncoded();
var asn1Csr = csr.ToAsn1Object();
//////
Console.WriteLine(asn1Csr.GetDerEncoded().ToString());
Console.WriteLine(Utils.HexDump(csrbytedata));
string pwd = "password";
var suppliers = new[] { "CN=*.cba.com.au" };
var CA_issuer = new X509(suppliers, "CN=CBA RootCA, OU=Cryptographical Services, O=Commonwealth Bank of Australia, L=SYDNEY, C=AU", CertStrength.bits_2048);
X509Certificate2 GeneratedCert = CA_issuer.MakeCertificate(pwd, "CN=TID25124548.cba.com.au, OU=Commonwealth Bank of Australia, OU=CBA Business System Hosting, O=Commonwealth Bank of Australia, C=AU", 2);
Console.WriteLine(GeneratedCert.ToString());
Console.WriteLine(Utils.HexDump(GeneratedCert.Export(X509ContentType.Pkcs12, pwd)));
Console.ReadLine();
}
}
public PkiCertificateSigningRequest(PkiEncodingFormat format, byte[] encoded,
PkiHashAlgorithm hashAlgorithm)
{
Pkcs10CertificationRequest pkcs10;
switch (format)
{
case PkiEncodingFormat.Pem:
var encodedString = Encoding.UTF8.GetString(encoded);
using (var sr = new StringReader(encodedString))
{
var pemReader = new PemReader(sr);
pkcs10 = pemReader.ReadObject() as Pkcs10CertificationRequest;
if (pkcs10 == null)
{
throw new Exception("invalid PEM object is not PKCS#10 archive");
}
}
break;
case PkiEncodingFormat.Der:
pkcs10 = new Pkcs10CertificationRequest(encoded);
break;
default:
throw new NotSupportedException();
}
var info = pkcs10.GetCertificationRequestInfo();
var nativePublicKey = pkcs10.GetPublicKey();
var rsaKey = nativePublicKey as RsaKeyParameters;
var ecdsaKey = nativePublicKey as ECPublicKeyParameters;
if (rsaKey != null)
{
PublicKey = new PkiKey(nativePublicKey, PkiAsymmetricAlgorithm.Rsa);
}
else if (ecdsaKey != null)
{
PublicKey = new PkiKey(nativePublicKey, PkiAsymmetricAlgorithm.Ecdsa);
}
else
{
throw new NotSupportedException("unsupported asymmetric algorithm key");
}
SubjectName = info.Subject.ToString();
HashAlgorithm = hashAlgorithm;
// // // Based on:
// // // http://forum.rebex.net/4284/pkcs10-certificate-request-example-provided-castle-working
// // var extGen = new X509ExtensionsGenerator();
// // foreach (var ext in CertificateExtensions)
// // {
// // extGen.AddExtension(ext.Identifier, ext.IsCritical, ext.Value);
// // }
// // var attr = new AttributeX509(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest,
// // new DerSet(extGen.Generate()));
// Based on:
// http://unitstep.net/blog/2008/10/27/extracting-x509-extensions-from-a-csr-using-the-bouncy-castle-apis/
// https://stackoverflow.com/q/24448909/5428506
foreach (var attr in info.Attributes.ToArray())
{
if (attr is DerSequence derSeq && derSeq.Count == 2)
{
var attrX509 = AttributeX509.GetInstance(attr);
if (object.Equals(attrX509.AttrType, PkcsObjectIdentifiers.Pkcs9AtExtensionRequest))
{
// The `Extension Request` attribute is present.
// The X509Extensions are contained as a value of the ASN.1 Set.
// Assume that it is the first value of the set.
if (attrX509.AttrValues.Count >= 1)
{
var csrExts = X509Extensions.GetInstance(attrX509.AttrValues[0]);
foreach (var extOid in csrExts.GetExtensionOids())
{
if (object.Equals(extOid, X509Extensions.SubjectAlternativeName))
{
var ext = csrExts.GetExtension(extOid);
var extVal = ext.Value;
var der = extVal.GetDerEncoded();
// The ext value, which is an ASN.1 Octet String, **MIGHT** be tagged with
// a leading indicator that it's an Octet String and its length, so we want
// to remove it if that's the case to extract the GeneralNames collection
if (der.Length > 2 && der[0] == 4 && der[1] == der.Length - 2)
{
der = der.Skip(2).ToArray();
}
var asn1obj = Asn1Object.FromByteArray(der);
var gnames = GeneralNames.GetInstance(asn1obj);
CertificateExtensions.Add(new PkiCertificateExtension
{
Identifier = extOid,
IsCritical = ext.IsCritical,
Value = gnames,
});
}
}
// No need to search any more.
break;
}
}
}
}
}
