/// <summary>
/// Check if the currently contained seed is unique. If it is not, clone it so that we have a unique seed.
/// Necessary to avoid modifying global seeds.
/// </summary>
public void EnsureUniqueSeed()
{
if (Seed != null && !Seed.Unique)
{
Seed = Seed.Clone();
}
}
private CellNode CreateChild(int value)
{
var seed = Seed.Clone();
seed.Remove(this.Current.Index.Row, this.Current.Index.Column, value);
return(new CellNode()
{
Current = new Cell(GetNextIndex()),
Size = this.Size,
Seed = seed,
RowConstraints = this.RowConstraints,
ColumnConstraints = this.ColumnConstraints,
Previous = this.Previous.Concat(new[] { new Cell(Current.Index, value) })
});
}
public void Test_Seed()
{
foreach (var a in new DigitalSignatureAlgorithm[] { DigitalSignatureAlgorithm.Rsa2048_Sha256, DigitalSignatureAlgorithm.EcDsaP521_Sha256 })
{
var seed = new Seed();
seed.Name = "aaaa.zip";
seed.Keywords.AddRange(new KeywordCollection
{
"bbbb",
"cccc",
"dddd",
});
seed.CreationTime = DateTime.Now;
seed.Length = 10000;
seed.Comment = "eeee";
seed.Rank = 1;
seed.Key = new Key(new byte[32], HashAlgorithm.Sha256);
seed.CompressionAlgorithm = CompressionAlgorithm.Xz;
seed.CryptoAlgorithm = CryptoAlgorithm.Aes256;
seed.CryptoKey = new byte[32 + 32];
DigitalSignature digitalSignature = new DigitalSignature("123", a);
seed.CreateCertificate(digitalSignature);
var seed2 = seed.Clone();
Assert.AreEqual(seed, seed2, "Seed #1");
Seed seed3;
using (var seedStream = seed.Export(_bufferManager))
{
seed3 = Seed.Import(seedStream, _bufferManager);
}
Assert.AreEqual(seed, seed3, "Seed #2");
Assert.IsTrue(seed3.VerifyCertificate(), "Seed #3");
}
}
public void Test_Seed()
{
foreach (var a in new DigitalSignatureAlgorithm[] { DigitalSignatureAlgorithm.Rsa2048_Sha256, DigitalSignatureAlgorithm.EcDsaP521_Sha256 })
{
var seed = new Seed();
seed.Name = "aaaa.zip";
seed.Keywords.AddRange(new KeywordCollection
{
"bbbb",
"cccc",
"dddd",
});
seed.CreationTime = DateTime.Now;
seed.Length = 10000;
seed.Comment = "eeee";
seed.Rank = 1;
seed.Key = new Key(new byte[32], HashAlgorithm.Sha256);
seed.CompressionAlgorithm = CompressionAlgorithm.Xz;
seed.CryptoAlgorithm = CryptoAlgorithm.Aes256;
seed.CryptoKey = new byte[32 + 32];
DigitalSignature digitalSignature = new DigitalSignature("123", a);
seed.CreateCertificate(digitalSignature);
var seed2 = seed.Clone();
Assert.AreEqual(seed, seed2, "Seed #1");
Seed seed3;
using (var seedStream = seed.Export(_bufferManager))
{
seed3 = Seed.Import(seedStream, _bufferManager);
}
Assert.AreEqual(seed, seed3, "Seed #2");
Assert.IsTrue(seed3.VerifyCertificate(), "Seed #3");
}
}
public byte[] DeriveKeyMaterial(CngKey otherPartyPublicKey)
{
Contract.Ensures(Contract.Result <byte[]>() != null);
Contract.Assert(m_kdf >= ECDiffieHellmanKeyDerivationFunction.Hash &&
m_kdf <= ECDiffieHellmanKeyDerivationFunction.Tls);
if (otherPartyPublicKey == null)
{
throw new ArgumentNullException("otherPartyPublicKey");
}
if (otherPartyPublicKey.AlgorithmGroup != CngAlgorithmGroup.ECDiffieHellman)
{
throw new ArgumentException(SR.GetString(SR.Cryptography_ArgECDHRequiresECDHKey), "otherPartyPublicKey");
}
if (otherPartyPublicKey.KeySize != KeySize)
{
throw new ArgumentException(SR.GetString(SR.Cryptography_ArgECDHKeySizeMismatch), "otherPartyPublicKey");
}
NCryptNative.SecretAgreementFlags flags =
UseSecretAgreementAsHmacKey ? NCryptNative.SecretAgreementFlags.UseSecretAsHmacKey : NCryptNative.SecretAgreementFlags.None;
// We require access to the handles for generating key material. This is safe since we will never
// expose these handles to user code
new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert();
// This looks horribly wrong - but accessing the handle property actually returns a duplicate handle, which
// we need to dispose of - otherwise, we're stuck keepign the resource alive until the GC runs. This explicitly
// is not disposing of the handle underlying the key dispite what the syntax looks like.
using (SafeNCryptKeyHandle localKey = Key.Handle)
using (SafeNCryptKeyHandle otherKey = otherPartyPublicKey.Handle) {
CodeAccessPermission.RevertAssert();
//
// Generating key material is a two phase process.
// 1. Generate the secret agreement
// 2. Pass the secret agreement through a KDF to get key material
//
using (SafeNCryptSecretHandle secretAgreement = NCryptNative.DeriveSecretAgreement(localKey, otherKey)) {
if (KeyDerivationFunction == ECDiffieHellmanKeyDerivationFunction.Hash)
{
byte[] secretAppend = SecretAppend == null ? null : SecretAppend.Clone() as byte[];
byte[] secretPrepend = SecretPrepend == null ? null : SecretPrepend.Clone() as byte[];
return(NCryptNative.DeriveKeyMaterialHash(secretAgreement,
HashAlgorithm.Algorithm,
secretPrepend,
secretAppend,
flags));
}
else if (KeyDerivationFunction == ECDiffieHellmanKeyDerivationFunction.Hmac)
{
byte[] hmacKey = HmacKey == null ? null : HmacKey.Clone() as byte[];
byte[] secretAppend = SecretAppend == null ? null : SecretAppend.Clone() as byte[];
byte[] secretPrepend = SecretPrepend == null ? null : SecretPrepend.Clone() as byte[];
return(NCryptNative.DeriveKeyMaterialHmac(secretAgreement,
HashAlgorithm.Algorithm,
hmacKey,
secretPrepend,
secretAppend,
flags));
}
else
{
Debug.Assert(KeyDerivationFunction == ECDiffieHellmanKeyDerivationFunction.Tls, "Unknown KDF");
byte[] label = Label == null ? null : Label.Clone() as byte[];
byte[] seed = Seed == null ? null : Seed.Clone() as byte[];
if (label == null || seed == null)
{
throw new InvalidOperationException(SR.GetString(SR.Cryptography_TlsRequiresLabelAndSeed));
}
return(NCryptNative.DeriveKeyMaterialTls(secretAgreement, label, seed, flags));
}
}
}
}
/// <summary>
/// rips apart rawKey into public byte [] for DsaParameters class
/// </summary>
public Dsa(byte [] rawKey)
{
this.rawKey = rawKey; //336 //444
pks = new PUBLICKEYSTRUC();
pks.bType = rawKey[0]; //7 //6
pks.bVersion = rawKey[1]; //2
pks.reserved = BitConverter.ToUInt16(rawKey, 2); //0
pks.aiKeyAlg = BitConverter.ToUInt32(rawKey, 4); //8704
kb = (KeyBlob)pks.bType; //private //public
c = (Calg)pks.aiKeyAlg; //DSS_SIGN
if (kb != KeyBlob.PUBLICKEYBLOB && kb != KeyBlob.PRIVATEKEYBLOB)
{
throw new Exception("unsupported blob type");
}
dpk = new DSSPUBKEY();
//PRIV This must always be set to 0x32535344. the ASCII encoding of DSS2.
//PUB This must always be set to 0x31535344, the ASCII encoding of DSS1.
dpk.magic = BitConverter.ToUInt32(rawKey, 8); //844321604 //827544388
//Number of bits in the DSS key BLOB's prime, P.
dpk.bitlen = BitConverter.ToUInt32(rawKey, 12); //1024
uint byteLen = dpk.bitlen / 8; //128
this.SetSizeAndPosition(dpk.bitlen);
bool revBytes = true;
P = Format.GetBytes(this.rawKey, pPos, pLen, revBytes);
Q = Format.GetBytes(this.rawKey, qPos, qLen, revBytes);
G = Format.GetBytes(this.rawKey, gPos, gLen, revBytes);
if (kb == KeyBlob.PRIVATEKEYBLOB)
{
X = Format.GetBytes(this.rawKey, xyPos, xLen, revBytes);
PgenCounter = Format.GetBytes(this.rawKey, xPgenCounterPos, pgenCounterLen, revBytes);
Seed = Format.GetBytes(this.rawKey, xSeedPos, seedLen, revBytes);
}
if (kb == KeyBlob.PUBLICKEYBLOB)
{
Y = Format.GetBytes(this.rawKey, xyPos, yLen, revBytes);
PgenCounter = Format.GetBytes(this.rawKey, yPgenCounterPos, pgenCounterLen, revBytes);
Seed = Format.GetBytes(this.rawKey, ySeedPos, seedLen, revBytes);
}
ds = new DSSSEED();
byte [] baPcTemp = new byte[4];
Buffer.BlockCopy(PgenCounter, 0, baPcTemp, 0, PgenCounter.Length);
ds.counter = (uint)BitConverter.ToInt32(baPcTemp, 0);
ds.seed = (byte[])Seed.Clone();
Int64 bij = 0;
Int64 bip = BitConverter.ToInt64(P, 0);
Int64 biq = BitConverter.ToInt64(Q, 0);
bij = (bip - 1) / biq;
byte [] baJ = BitConverter.GetBytes(bij);
int len = baJ.Length;
int rem = (len % 4); //seems to be 4 byte blocks for J?
int pad = 0;
if (rem != 0)
{
pad = 4 - rem;
len = len + pad;
}
this.J = new byte[len];
Array.Copy(baJ, 0, this.J, pad, baJ.Length);
}
public void BuildRawKey(bool privateKey)
{
//build up rawKey byte[]
uint dsaMagic = 0;
uint caSize = 0;
uint bitLen = (uint)this.P.Length * 8;
this.SetSizeAndPosition(bitLen);
if (privateKey == true)
{
kb = KeyBlob.PRIVATEKEYBLOB;
caSize = privByteLen; //336
dsaMagic = 0x32535344; //ASCII encoding of "DSS2"
}
else //public
{
kb = KeyBlob.PUBLICKEYBLOB;
caSize = pubByteLen; //444
dsaMagic = 0x31535344; //ASCII encoding of "DSS1"
}
rawKey = new byte[caSize];
//PUBLICKEYSTRUC
rawKey[0] = (byte)kb; //bType
rawKey[1] = (byte)2; //bVersion
//reserved 2,3
c = Calg.DSS_SIGN;
byte [] baKeyAlg = BitConverter.GetBytes((uint)c); //aiKeyAlg
Buffer.BlockCopy(baKeyAlg, 0, rawKey, 4, 4);
pks = new PUBLICKEYSTRUC();
pks.bType = rawKey[0];
pks.bVersion = rawKey[1];
pks.reserved = BitConverter.ToUInt16(rawKey, 2);
pks.aiKeyAlg = BitConverter.ToUInt32(rawKey, 4);
//DSSPUBKEY
byte [] baMagic = BitConverter.GetBytes(dsaMagic); //magic
Buffer.BlockCopy(baMagic, 0, rawKey, 8, 4);
byte [] baBitlen = BitConverter.GetBytes(bitLen); //bitlen
Buffer.BlockCopy(baBitlen, 0, rawKey, 12, 4);
dpk = new DSSPUBKEY();
dpk.magic = BitConverter.ToUInt32(rawKey, 8);
dpk.bitlen = BitConverter.ToUInt32(rawKey, 12);
uint byteLen = dpk.bitlen / 8;
bool revBytes = true;
Format.SetBytes(this.rawKey, pPos, pLen, this.P, revBytes);
Format.SetBytes(this.rawKey, qPos, qLen, this.Q, revBytes);
Format.SetBytes(this.rawKey, gPos, gLen, this.G, revBytes);
if (privateKey == true)
{
Format.SetBytes(this.rawKey, xyPos, xLen, this.X, revBytes);
Format.SetBytes(this.rawKey, xPgenCounterPos, pgenCounterLen, this.PgenCounter, revBytes);
Format.SetBytes(this.rawKey, xSeedPos, seedLen, this.Seed, revBytes);
//this.Y = null;
}
else //public
{
Format.SetBytes(this.rawKey, xyPos, yLen, this.Y, revBytes);
Format.SetBytes(this.rawKey, yPgenCounterPos, pgenCounterLen, this.PgenCounter, revBytes);
Format.SetBytes(this.rawKey, ySeedPos, seedLen, this.Seed, revBytes);
this.X = null;
}
ds = new DSSSEED();
byte [] baPcTemp = new byte[4];
Buffer.BlockCopy(PgenCounter, 0, baPcTemp, 0, PgenCounter.Length);
//Array.Reverse(baPcTemp, 0, baPcTemp.Length);
ds.counter = (uint)BitConverter.ToInt32(baPcTemp, 0);
ds.seed = (byte[])Seed.Clone();
//nowhere to put J
//this.J = null;
}