private void Init(byte[] data)
{
GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data);
if (seq.Count < 3)
{
throw new System.ArgumentException("Wrong number of elements in sequence.");
}
/////////////////////////////
// CertificationRequestInfo ::= SEQUENCE {
// version INTEGER { v1(0) } (v1,...),
// subject Name,
// subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
// attributes [0] Attributes{{ CRIAttributes }}
// }
GXAsn1Sequence reqInfo = (GXAsn1Sequence)seq[0];
Version = (CertificateVersion)(sbyte)reqInfo[0];
Subject = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[1]);
// subject Public key info.
GXAsn1Sequence subjectPKInfo = (GXAsn1Sequence)reqInfo[2];
if (reqInfo.Count > 3)
{
Attributes = reqInfo[3];
}
GXAsn1Sequence tmp = (GXAsn1Sequence)subjectPKInfo[0];
Algorithm = PkcsObjectIdentifierConverter.FromString(tmp[0].ToString());
if ((PkcsObjectIdentifier)Algorithm == PkcsObjectIdentifier.None)
{
Algorithm = X9ObjectIdentifierConverter.FromString(tmp[0].ToString());
}
byte[] encodedKey = GXAsn1Converter.ToByteArray(subjectPKInfo);
PublicKey = GXPublicKey.FromRawBytes(encodedKey);
/////////////////////////////
// signatureAlgorithm
GXAsn1Sequence sign = (GXAsn1Sequence)seq[1];
SignatureAlgorithm = HashAlgorithmConverter.FromString(sign[0].ToString());
if (sign.Count != 1)
{
SignatureParameters = sign[1];
}
/////////////////////////////
// signature
Signature = ((GXAsn1BitString)seq[2]).Value;
GXEcdsa e = new GXEcdsa(PublicKey);
if (!e.Verify(GXAsn1Converter.ToByteArray(reqInfo), data))
{
throw new ArgumentException("Invalid Signature.");
}
}
/// <summary>
/// Validate ephemeral public key signature.
/// </summary>
/// <param name="data">Data to validate.</param>
/// <param name="sign">Sign</param>
/// <param name="publicSigningKey">Public Signing key from other party.</param>
/// <returns>Is verify succeeded.</returns>
public static bool ValidateEphemeralPublicKeySignature(
byte[] data,
byte[] sign,
GXPublicKey publicSigningKey)
{
GXAsn1Integer a = new GXAsn1Integer(sign, 0, 32);
GXAsn1Integer b = new GXAsn1Integer(sign, 32, 32);
GXAsn1Sequence s = new GXAsn1Sequence();
s.Add(a);
s.Add(b);
byte[] tmp = GXAsn1Converter.ToByteArray(s);
GXEcdsa c = new GXEcdsa(publicSigningKey);
bool ret = c.Verify(sign, data);
if (!ret)
{
System.Diagnostics.Debug.WriteLine("Data:" + GXCommon.ToHex(data, true));
System.Diagnostics.Debug.WriteLine("Sign:" + GXCommon.ToHex(sign, true));
}
return(ret);
}
private void VerifyBtn_Click(object sender, EventArgs e)
{
try
{
OpenFileDialog dlg = new OpenFileDialog();
dlg.Multiselect = false;
if (SigningKeyTb.Text == "" || Path.GetFileName(SigningKeyTb.Text) == "")
{
dlg.InitialDirectory = Directory.GetCurrentDirectory();
dlg.Filter = Properties.Resources.PemFilterTxt;
dlg.DefaultExt = ".pem";
dlg.ValidateNames = true;
if (dlg.ShowDialog(this) == DialogResult.OK)
{
SigningKeyTb.Text = dlg.FileName;
}
else
{
return;
}
}
GXPkcs8 key = GXPkcs8.Load(SigningKeyTb.Text);
GXEcdsa ecdsa = new GXEcdsa(key.PublicKey);
if (ecdsa.Verify(GXDLMSTranslator.HexToBytes(SignatureTb.Text), File.ReadAllBytes(FileNameTb.Text)))
{
MessageBox.Show(this, "Verification succeeded.", "Signature verification", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show(this, "Verification failed.", "Signature verification", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
}
catch (Exception ex)
{
MessageBox.Show(this, ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
/// <summary>
/// Test is x509 file certified by the certifier.
/// </summary>
/// <param name="certifier">Public key of the certifier.</param>
/// <returns>True, if certifier has certified the certificate.</returns>
public bool IsCertified(GXPublicKey certifier)
{
if (certifier == null)
{
throw new ArgumentNullException(nameof(certifier));
}
//Get raw data
GXByteBuffer tmp2 = new GXByteBuffer();
tmp2.Set(Encoded);
GXAsn1Converter.GetNext(tmp2);
tmp2.Size = tmp2.Position;
tmp2.Position = 1;
GXCommon.GetObjectCount(tmp2);
GXEcdsa e = new GXEcdsa(certifier);
GXAsn1Sequence tmp3 = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(Signature);
GXByteBuffer bb = new GXByteBuffer();
int size = SignatureAlgorithm == HashAlgorithm.Sha256WithEcdsa ? 32 : 48;
//Some implementations might add extra byte. It must removed.
bb.Set(((GXAsn1Integer)tmp3[0]).Value, ((GXAsn1Integer)tmp3[0]).Value.Length == size ? 0 : 1, size);
bb.Set(((GXAsn1Integer)tmp3[1]).Value, ((GXAsn1Integer)tmp3[1]).Value.Length == size ? 0 : 1, size);
return(e.Verify(bb.Array(), tmp2.SubArray(tmp2.Position, tmp2.Available)));
}
private void Init(byte[] data)
{
Attributes = new List <KeyValuePair <PkcsObjectIdentifier, object[]> >();
GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data);
if (seq.Count < 3)
{
throw new System.ArgumentException("Wrong number of elements in sequence.");
}
/////////////////////////////
// CertificationRequestInfo ::= SEQUENCE {
// version INTEGER { v1(0) } (v1,...),
// subject Name,
// subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
// attributes [0] Attributes{{ CRIAttributes }}
// }
GXAsn1Sequence reqInfo = (GXAsn1Sequence)seq[0];
Version = (CertificateVersion)(sbyte)reqInfo[0];
Subject = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[1]);
// subject Public key info.
GXAsn1Sequence subjectPKInfo = (GXAsn1Sequence)reqInfo[2];
if (reqInfo.Count > 3)
{
//PkcsObjectIdentifier
foreach (GXAsn1Sequence it in (GXAsn1Context)reqInfo[3])
{
List <object> values = new List <object>();
foreach (object v in (List <object>)((KeyValuePair <object, object>)it[1]).Key)
{
values.Add(v);
}
Attributes.Add(new KeyValuePair <PkcsObjectIdentifier, object[]>(PkcsObjectIdentifierConverter.FromString(it[0].ToString()), values.ToArray()));
}
}
GXAsn1Sequence tmp = (GXAsn1Sequence)subjectPKInfo[0];
Algorithm = X9ObjectIdentifierConverter.FromString(tmp[0].ToString());
if (Algorithm != X9ObjectIdentifier.IdECPublicKey)
{
object algorithm = Algorithm;
if (Algorithm == X9ObjectIdentifier.None)
{
algorithm = PkcsObjectIdentifierConverter.FromString(tmp[0].ToString());
if ((PkcsObjectIdentifier)algorithm == PkcsObjectIdentifier.None)
{
algorithm = tmp[0].ToString();
}
}
throw new Exception("Invalid PKCS #10 certificate algorithm. " + algorithm);
}
PublicKey = GXPublicKey.FromRawBytes(((GXAsn1BitString)subjectPKInfo[1]).Value);
GXEcdsa.Validate(PublicKey);
/////////////////////////////
// signatureAlgorithm
GXAsn1Sequence sign = (GXAsn1Sequence)seq[1];
SignatureAlgorithm = HashAlgorithmConverter.FromString(sign[0].ToString());
if (SignatureAlgorithm != HashAlgorithm.Sha256WithEcdsa && SignatureAlgorithm != HashAlgorithm.Sha384WithEcdsa)
{
throw new GXDLMSCertificateException("Invalid signature algorithm. " + sign[0].ToString());
}
if (sign.Count != 1)
{
SignatureParameters = sign[1];
}
/////////////////////////////
// signature
Signature = ((GXAsn1BitString)seq[2]).Value;
GXEcdsa e = new GXEcdsa(PublicKey);
GXAsn1Sequence tmp2 = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(Signature);
GXByteBuffer bb = new GXByteBuffer();
int size = SignatureAlgorithm == HashAlgorithm.Sha256WithEcdsa ? 32 : 48;
//Some implementations might add extra byte. It must removed.
bb.Set(((GXAsn1Integer)tmp2[0]).Value, ((GXAsn1Integer)tmp2[0]).Value.Length == size ? 0 : 1, size);
bb.Set(((GXAsn1Integer)tmp2[1]).Value, ((GXAsn1Integer)tmp2[1]).Value.Length == size ? 0 : 1, size);
if (!e.Verify(bb.Array(), GXAsn1Converter.ToByteArray(reqInfo)))
{
throw new ArgumentException("Invalid Signature.");
}
}