示例#1
0
        public static Tuple <string, string> CreateKeyPair()
        {
            var algorithm = SignatureAlgorithm.Ed25519;

            var kp = new KeyCreationParameters
            {
                ExportPolicy = KeyExportPolicies.AllowPlaintextExport
            };

            using (var key = Key.Create(algorithm, kp))
            {
                var publicKeyBytes = key.Export(KeyBlobFormat.PkixPublicKeyText);
                var publicKey      = Encoding.UTF8.GetString(publicKeyBytes);
                publicKey = publicKey.Replace("-----BEGIN PUBLIC KEY-----", "");
                publicKey = publicKey.Replace("-----END PUBLIC KEY-----", "");
                publicKey = publicKey.Replace(Environment.NewLine, "");

                var privateKeyBytes = key.Export(KeyBlobFormat.PkixPrivateKeyText);
                var privateKey      = Encoding.UTF8.GetString(privateKeyBytes);
                privateKey = privateKey.Replace("-----BEGIN PRIVATE KEY-----", "");
                privateKey = privateKey.Replace("-----END PRIVATE KEY-----", "");
                privateKey = privateKey.Replace(Environment.NewLine, "");

                return(new Tuple <string, string>(publicKey, privateKey));
            }
        }
        public static Key getAgreeKeyFromPrivate(string agreePrivateKey)
        {
            var signAlgorithm = KeyAgreementAlgorithm.X25519;
            var parameters    = new KeyCreationParameters();

            parameters.ExportPolicy = KeyExportPolicies.AllowPlaintextExport;
            return(Key.Import(signAlgorithm, Convert.FromBase64String(agreePrivateKey), KeyBlobFormat.NSecPrivateKey, parameters));
        }
        public static string getSignPublicKeyStringFromPrivate(string signPrivateKey)
        {
            var signAlgorithm = SignatureAlgorithm.Ed25519;
            var parameters    = new KeyCreationParameters();

            parameters.ExportPolicy = KeyExportPolicies.AllowPlaintextExport;
            var signPrivKey = Key.Import(signAlgorithm, Convert.FromBase64String(signPrivateKey), KeyBlobFormat.NSecPrivateKey, parameters);

            return(Convert.ToBase64String(signPrivKey.PublicKey.Export(KeyBlobFormat.NSecPublicKey)));
        }
        /// <summary>
        /// Outputs hash and salt as <see cref="string"/> based on user password in <see cref="HMACSHA512"/> format to store in DB.
        /// </summary>
        private void CreatePasswordHash(ReadOnlySpan <byte> data, out string salt, out string hashedPassword)
        {
            var algorithm             = MacAlgorithm.HmacSha512;
            var keyCreationParameters = new KeyCreationParameters()
            {
                ExportPolicy = KeyExportPolicies.AllowPlaintextArchiving
            };

            using var key  = Key.Create(algorithm, keyCreationParameters);
            salt           = Convert.ToBase64String(key.Export(KeyBlobFormat.NSecSymmetricKey));
            hashedPassword = Convert.ToBase64String(algorithm.Mac(key, data));
        }
        public static void getNewBlockchainUser(out string signPrivateKey, out string signPublicKey,
                                                out string agreePrivateKey, out string agreePublicKey)
        {
            var signAlgorithm  = SignatureAlgorithm.Ed25519;
            var agreeAlgorithm = KeyAgreementAlgorithm.X25519;
            var parameters     = new KeyCreationParameters();

            parameters.ExportPolicy = KeyExportPolicies.AllowPlaintextExport;
            var signKey  = Key.Create(signAlgorithm, parameters);
            var agreeKey = Key.Create(agreeAlgorithm, parameters);

            signPrivateKey  = Convert.ToBase64String(signKey.Export(KeyBlobFormat.NSecPrivateKey));
            signPublicKey   = Convert.ToBase64String(signKey.PublicKey.Export(KeyBlobFormat.NSecPublicKey));
            agreePrivateKey = Convert.ToBase64String(agreeKey.Export(KeyBlobFormat.NSecPrivateKey));
            agreePublicKey  = Convert.ToBase64String(agreeKey.PublicKey.Export(KeyBlobFormat.NSecPublicKey));
        }
示例#6
0
        public static byte[] Sign(string privateKey, byte[] data)
        {
            var algorithm = SignatureAlgorithm.Ed25519;

            var kp = new KeyCreationParameters
            {
                ExportPolicy = KeyExportPolicies.AllowPlaintextExport
            };

            var privateKeyBytes = Encoding.UTF8.GetBytes(privateKey);

            using (Key key = Key.Import(algorithm, new ReadOnlySpan <byte>(privateKeyBytes), KeyBlobFormat.PkixPrivateKeyText, kp))
            {
                var signature = algorithm.Sign(key, data);
                return(signature);
            }
        }
        public static string getEncryptedEncryptionKey(string encryptionKey, string senderAgreePrivateKey, string recieverAgreePublicKey)
        {
            var algorithm  = KeyAgreementAlgorithm.X25519;
            var parameters = new KeyCreationParameters();
            var byteData   = Convert.FromBase64String(encryptionKey);

            parameters.ExportPolicy = KeyExportPolicies.AllowPlaintextExport;
            Key       senderKey         = getAgreeKeyFromPrivate(senderAgreePrivateKey);
            PublicKey recieverKey       = getAgreePublicKeyFromString(recieverAgreePublicKey);
            var       secret            = algorithm.Agree(senderKey, recieverKey);
            var       derivedKey        = KeyDerivationAlgorithm.HkdfSha256.DeriveKey(secret, null, null, AeadAlgorithm.Aes256Gcm, parameters);
            var       nonce             = new Nonce(0, 12);
            var       encryptedByteData = AeadAlgorithm.Aes256Gcm.Encrypt(derivedKey, nonce, null, byteData);
            var       encryptedData     = Convert.ToBase64String(encryptedByteData);

            return(encryptedData + "|" + getAgreePublicKeyStringFromPrivate(senderAgreePrivateKey));
        }
示例#8
0
        public static void ExportImportNSecPrivateKey()
        {
            // fake System.IO.File
            var File = new Dictionary <string, byte[]>();

            {
                #region ExportImport: Export

                var algorithm = SignatureAlgorithm.Ed25519;

                var creationParameters = new KeyCreationParameters
                {
                    ExportPolicy = KeyExportPolicies.AllowPlaintextArchiving
                };

                // create a new key
                using (var key = new Key(algorithm, creationParameters))
                {
                    // export it
                    var blob = key.Export(KeyBlobFormat.NSecPrivateKey);

                    File.WriteAllBytes("myprivatekey.nsec", blob);
                }

                #endregion
            }

            {
                #region ExportImport: Import

                var algorithm = SignatureAlgorithm.Ed25519;

                var blob = File.ReadAllBytes("myprivatekey.nsec");

                // re-import it
                using (var key = Key.Import(algorithm, blob, KeyBlobFormat.NSecPrivateKey))
                {
                    var signature = algorithm.Sign(key, /*{*/ new byte[0] /*}*/);
                }

                #endregion
            }
        }
        public static string getDecryptedEncryptionKey(string hashedData, string recieverAgreePrivateKey)
        {
            var origHashedParts   = hashedData.Split('|');
            var encryptedByteData = Convert.FromBase64String(origHashedParts[0]);
            var senderPublicKey   = origHashedParts[1];

            var algorithm  = KeyAgreementAlgorithm.X25519;
            var parameters = new KeyCreationParameters();

            parameters.ExportPolicy = KeyExportPolicies.AllowPlaintextExport;
            Key       recieverKey = getAgreeKeyFromPrivate(recieverAgreePrivateKey);
            PublicKey senderKey   = getAgreePublicKeyFromString(senderPublicKey);
            var       secret      = algorithm.Agree(recieverKey, senderKey);
            var       derivedKey  = KeyDerivationAlgorithm.HkdfSha256.DeriveKey(secret, null, null, AeadAlgorithm.Aes256Gcm, parameters);
            var       nonce       = new Nonce(0, 12);

            byte[] decryptedByteData = new byte[encryptedByteData.Length - AeadAlgorithm.Aes256Gcm.TagSize];
            AeadAlgorithm.Aes256Gcm.Decrypt(derivedKey, nonce, null, encryptedByteData, decryptedByteData);
            var decryptedData = Convert.ToBase64String(decryptedByteData);

            return(decryptedData);
        }
示例#10
0
        public static byte[] Sign(string privateKey, byte[] data)
        {
            var algorithm = SignatureAlgorithm.Ed25519;

            var kp = new KeyCreationParameters
            {
                ExportPolicy = KeyExportPolicies.AllowPlaintextExport
            };

            var pk = privateKey;

            if (!privateKey.StartsWith("-----"))
            {
                pk = String.Format("{0}\n{1}\n{2}", "-----BEGIN PRIVATE KEY-----", privateKey, "-----END PRIVATE KEY-----");
            }

            var privateKeyBytes = Encoding.UTF8.GetBytes(pk);

            using (Key key = Key.Import(algorithm, new ReadOnlySpan <byte>(privateKeyBytes), KeyBlobFormat.PkixPrivateKeyText, kp))
            {
                var signature = algorithm.Sign(key, data);
                return(signature);
            }
        }