示例#1
0
        public virtual IAsymmetricKey EncryptPrivateKey(IAsymmetricKey key, string password, EncryptionType encryptionType)
        {
            if (key.IsEncrypted)
            {
                throw new InvalidOperationException("Key is already encrypted");
            }

            if (encryptionType == EncryptionType.None)
            {
                throw new InvalidOperationException("Key encryption type must be specified.");
            }

            var saltLength = configuration.Get <int>("SaltLengthInBytes");

            byte[] salt = secureRandomGenerator.NextBytes(saltLength);

            var iterationCount = configuration.Get <int>("KeyDerivationIterationCount");

            byte[] privateKeyContent;
            if (encryptionType == EncryptionType.Pkcs)
            {
                privateKeyContent = pkcsEncryptionGenerator.Encrypt(password, salt, iterationCount, key.Content);
            }
            else
            {
                privateKeyContent = aesEncryptionGenerator.Encrypt(password, salt, iterationCount, key.Content);
            }

            return(keyProvider.GetEncryptedPrivateKey(privateKeyContent));
        }
示例#2
0
        public void GenerateRandom(int amount, int randomLenght)
        {
            var results = new List <byte[]>();

            for (var i = 0; i < amount; i++)
            {
                var result = randomGenerator.NextBytes(randomLenght);
                results.Add(result);
            }

            CollectionAssert.AllItemsAreUnique(results);
        }
示例#3
0
            public void ShouldReturnValidKey()
            {
                var algorithmMapper   = new SignatureAlgorithmIdentifierMapper();
                var secureRandom      = new SecureRandomGenerator();
                var signatureProvider = new SignatureProvider(algorithmMapper, secureRandom, new SignerUtilitiesWrapper());

                byte[] data = secureRandom.NextBytes(100);

                IAsymmetricKey result    = keyProvider.GetPrivateKey(rsaKeyPair.PrivateKey.Content);
                Signature      signature = signatureProvider.CreateSignature(result, data);

                Assert.IsTrue(signatureProvider.VerifySignature(rsaKeyPair.PublicKey, signature));
            }
示例#4
0
        public void SetupSignatureProviderTest()
        {
            algorithmIdentifierMapper = new SignatureAlgorithmIdentifierMapper();
            secureRandomGenerator     = new SecureRandomGenerator();
            signatureProvider         = new SignatureProvider(algorithmIdentifierMapper, secureRandomGenerator, new SignerUtilitiesWrapper());

            content = secureRandomGenerator.NextBytes(2000);

            keys = new Dictionary <CipherType, IAsymmetricKeyPair>();

            var rsaGenerator   = new AsymmetricKeyPairGenerator(secureRandomGenerator);
            var rsaKeyProvider = new RsaKeyProvider(rsaGenerator);

            IAsymmetricKeyPair keyPair = rsaKeyProvider.CreateKeyPair(2048);

            keys.Add(keyPair.PrivateKey.CipherType, keyPair);
        }
示例#5
0
        public void SetupCreateSignatureTest()
        {
            encoding = new EncodingWrapper();
            var random = new SecureRandomGenerator();

            fileContent = random.NextBytes(10000);

            file       = new Mock <FileWrapper>();
            fileOutput = new Dictionary <string, byte[]>();
            file.Setup(f => f.WriteAllBytes(It.IsAny <string>(), It.IsAny <byte[]>()))
            .Callback <string, byte[]>((path, content) =>
            {
                fileOutput.Add(path, content);
            });

            file.Setup(f => f.ReadAllBytes("foo.file"))
            .Returns(fileContent);

            console       = new Mock <ConsoleWrapper>();
            consoleOutput = new List <string>();

            console.Setup(c => c.WriteLine(It.IsAny <string>()))
            .Callback <string>(input => consoleOutput.Add(input));

            Container container = ContainerProvider.GetContainer();

            container.Register <FileWrapper>(() => file.Object);
            container.Register <ConsoleWrapper>(() => console.Object);

            var asymmetricKeyPairGenerator = new AsymmetricKeyPairGenerator(new SecureRandomGenerator());

            rsaKeyProvider = new RsaKeyProvider(asymmetricKeyPairGenerator);
            dsaKeyProvider = new DsaKeyProvider(asymmetricKeyPairGenerator);
            ecKeyProvider  = new EcKeyProvider(asymmetricKeyPairGenerator, new FieldToCurveNameMapper());

            var asymmetricKeyProvider = new AsymmetricKeyProvider(new OidToCipherTypeMapper(), new KeyInfoWrapper(), rsaKeyProvider, dsaKeyProvider, null, null);

            pkcs8PemFormatter = new Pkcs8PemFormattingProvider(asymmetricKeyProvider);
        }
示例#6
0
        //Based on https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key
        public string GetOpenSshEd25519PrivateKey(IAsymmetricKeyPair keyPair, string comment)
        {
            var privateKey = (IEcKey)keyPair.PrivateKey;

            if (keyPair.PrivateKey.IsEncrypted || !privateKey.IsCurve25519)
            {
                throw new InvalidOperationException("Only non-encrypted ed25519 keys are supported.");
            }

            byte[] openSshVersionHeader = encoding.GetBytes("openssh-key-v1\0");
            byte[] cipherName           = encoding.GetBytes("none");
            byte[] kdf        = encoding.GetBytes("none");
            byte[] kdfOptions = encoding.GetBytes("");

            byte[] numberOfKeys = BitConverter.GetBytes(1);
            if (BitConverter.IsLittleEndian)
            {
                numberOfKeys = numberOfKeys.Reverse().ToArray();
            }

            byte[] publicKeyWithHeader = base64.FromBase64String(GetEd25519PublicKeyContent((keyPair.PrivateKey)));
            byte[] publicKeyContent    = ecKeyProvider.GetEd25519PublicKeyFromCurve25519(privateKey);

            byte[] checkSumContent = randomGenerator.NextBytes(4);
            byte[] identifier      = encoding.GetBytes(sshCurveHeaders[privateKey.Curve]);

            var privateKeyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privateKey.Content);

            byte[] privateKeyContent = privateKeyParameters.D.ToByteArray();
            byte[] commentContent    = encoding.GetBytes(comment);

            using (var keyStream = new MemoryStream())
            {
                //Header ('encoded' buffer in https://github.com/openssh/openssh-portable/blob/master/sshkey.c :2957)
                using (var header = new MemoryStream())
                {
                    header.Write(openSshVersionHeader, 0, openSshVersionHeader.Length);
                    header.Write(LengthAsBytes(cipherName.Length), 0, 4);
                    header.Write(cipherName, 0, cipherName.Length);
                    header.Write(LengthAsBytes(kdf.Length), 0, 4);
                    header.Write(kdf, 0, kdf.Length);
                    header.Write(LengthAsBytes(kdfOptions.Length), 0, 4);
                    header.Write(kdfOptions, 0, kdfOptions.Length);
                    header.Write(numberOfKeys, 0, numberOfKeys.Length);
                    header.Write(LengthAsBytes(publicKeyWithHeader.Length), 0, 4);
                    header.Write(publicKeyWithHeader, 0, publicKeyWithHeader.Length);

                    header.WriteTo(keyStream);
                }

                //KeyContent ('encrypted' buffer in https://github.com/openssh/openssh-portable/blob/master/sshkey.c :2957)
                using (var content = new MemoryStream())
                {
                    content.Write(checkSumContent, 0, checkSumContent.Length);
                    content.Write(checkSumContent, 0, checkSumContent.Length);
                    content.Write(LengthAsBytes(identifier.Length), 0, 4);
                    content.Write(identifier, 0, identifier.Length);
                    content.Write(LengthAsBytes(publicKeyContent.Length), 0, 4);
                    content.Write(publicKeyContent, 0, publicKeyContent.Length);
                    content.Write(LengthAsBytes(privateKeyContent.Length + publicKeyContent.Length), 0, 4);
                    content.Write(privateKeyContent, 0, privateKeyContent.Length);
                    content.Write(publicKeyContent, 0, publicKeyContent.Length);
                    content.Write(LengthAsBytes(commentContent.Length), 0, 4);
                    content.Write(commentContent, 0, commentContent.Length);

                    //Block size for cipher "none" defined in https://github.com/openssh/openssh-portable/blob/master/cipher.c
                    byte iterator = 1;
                    while ((content.Length % 8) != 0)
                    {
                        content.WriteByte(iterator++);
                    }

                    byte[] contentLength = BitConverter.GetBytes((int)content.Length);
                    if (BitConverter.IsLittleEndian)
                    {
                        contentLength = contentLength.Reverse().ToArray();
                    }

                    keyStream.Write(contentLength, 0, 4);
                    content.WriteTo(keyStream);
                }

                return(base64.ToBase64String(keyStream.ToArray()));
            }
        }