public jwkKeyPair getEcKeyPair(string curveName)
{
EllipticCurveFp e = selectCamelotCurve(curveName);
camelot.ECKeyPair ecKeyPair = new camelot.ECKeyPair(e, rng);
jwkKeyPair keyPair = new jwkKeyPair(ecKeyPair, curveName);
return(keyPair);
}
private EllipticCurveFp selectCamelotCurve(string curveName)
{
// Encrypt using Camelot OAEP + SHA256
switch (curveName.ToLower())
{
case "p-256":
return(EllipticCurveFp.CreateP256());
case "p-384":
return(EllipticCurveFp.CreateP384());
default:
throw new InvalidOperationException("Unsupported curve");
}
}
public Object verify(String mode, jwkPublicKey publicKey, byte[] plainBytes, string hashAlgorithm, string curveName, byte[] signatureBytes)
{
bool verified = false;
if (mode == "ecdsa")
{
EllipticCurveFp curve = selectCamelotCurve(curveName);
ecPublicKey ecPublicKey = new ecPublicKey(publicKey);
EllipticCurvePointFp point =
new EllipticCurvePointFp(curve, false, ecPublicKey.X, ecPublicKey.Y);
camelot.ECKeyPair ecKeyPair =
new camelot.ECKeyPair(curve, SEC1EncodingFp.EncodePoint(point));
camelot.HashAlgorithm h = selectCamelotHashAlgorithm(hashAlgorithm);
byte[] digest = h.ComputeHash(plainBytes);
verified = verifyCamelotEcdsa(ecKeyPair, digest, signatureBytes);
}
else
{
rsaPublicKey rsaKey = new rsaPublicKey(publicKey);
RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider();
RSAParameters rsaParams = rsaKey.toRSAParameters();
rsaCsp.ImportParameters(rsaParams);
if (mode == "rsa-pss")
{
verified = verifyCamelotPSS(rsaParams, hashAlgorithm, plainBytes, signatureBytes);
}
else if (mode == "rsassa-pkcs1-v1_5")
{
verified = rsaCsp.VerifyData(plainBytes, selectCSPHashAlgorithm(hashAlgorithm), signatureBytes);
}
else
{
throw new InvalidOperationException("Unsupported mode");
}
}
return(verified);
}
public Object sign(string mode, jwkPrivateKey privateKey, byte[] plainBytes, string hashAlgorithm, string curveName)
{
byte[] signature;
if (mode == "ecdsa")
{
EllipticCurveFp curve = selectCamelotCurve(curveName);
ecPrivateKey ecPrivateKey = new ecPrivateKey(privateKey);
camelot.ECKeyPair ecKeyPairPrivate = new camelot.ECKeyPair(curve, ecPrivateKey.D, null);
camelot.HashAlgorithm h = selectCamelotHashAlgorithm(hashAlgorithm);
byte[] digest = h.ComputeHash(plainBytes);
signature = signCamelotEcdsa(ecKeyPairPrivate, digest);
}
else
{
rsaPrivateKey rsaKey = new rsaPrivateKey(privateKey);
RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider();
RSAParameters rsaParams = rsaKey.toRSAParameters();
rsaCsp.ImportParameters(rsaParams);
if (mode == "rsa-pss")
{
signature = signCamelotPSS(rsaParams, hashAlgorithm, plainBytes);
}
else if (mode == "rsassa-pkcs1-v1_5")
{
signature = rsaCsp.SignData(plainBytes, selectCSPHashAlgorithm(hashAlgorithm));
}
else
{
throw new InvalidOperationException("Unsupported mode");
}
}
return(signature);
}