public void TestECNR239bitPrime()
{
BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693");
BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143");
byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned();
SecureRandom k = FixedSecureRandom.From(kData);
X9ECParameters p = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v1);
ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECCurve curve = spec.Curve;
ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
spec);
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
spec);
ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR");
byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
checkSignature(239, priKey, pubKey, sgr, k, message, r, s);
}
public void TestECNR192bitPrime()
{
BigInteger r = new BigInteger("2474388605162950674935076940284692598330235697454145648371");
BigInteger s = new BigInteger("2997192822503471356158280167065034437828486078932532073836");
byte[] kData = new BigInteger("dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", 16).ToByteArrayUnsigned();
SecureRandom k = FixedSecureRandom.From(kData);
X9ECParameters p = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime192v1);
ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECCurve curve = spec.Curve;
ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
spec);
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
curve.DecodePoint(Hex.Decode("0262B12D60690CDCF330BABAB6E69763B471F994DD702D16A5")), // Q
spec);
ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR");
byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
checkSignature(192, priKey, pubKey, sgr, k, message, r, s);
}
public void Init(
KeyGenerationParameters parameters)
{
if (parameters is ECKeyGenerationParameters)
{
ECKeyGenerationParameters ecP = (ECKeyGenerationParameters)parameters;
if (ecP.PublicKeyParamSet != null)
{
if (algorithm != "ECGOST3410")
{
throw new ArgumentException("parameters invalid for algorithm: " + algorithm, "parameters");
}
this.publicKeyParamSet = ecP.PublicKeyParamSet;
}
this.parameters = ecP.DomainParameters;
}
else
{
DerObjectIdentifier oid;
switch (parameters.Strength)
{
case 192:
oid = X9ObjectIdentifiers.Prime192v1;
break;
case 224:
oid = SecObjectIdentifiers.SecP224r1;
break;
case 239:
oid = X9ObjectIdentifiers.Prime239v1;
break;
case 256:
oid = X9ObjectIdentifiers.Prime256v1;
break;
case 384:
oid = SecObjectIdentifiers.SecP384r1;
break;
case 521:
oid = SecObjectIdentifiers.SecP521r1;
break;
default:
throw new InvalidParameterException("unknown key size.");
}
X9ECParameters ecps = X962NamedCurves.GetByOid(oid);
this.parameters = new ECDomainParameters(
ecps.Curve, ecps.G, ecps.N, ecps.H, ecps.GetSeed());
}
this.random = parameters.Random;
}
internal static X9ECParameters FindECCurveByOid(DerObjectIdentifier oid)
{
// TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
return(X962NamedCurves.GetByOid(oid) ??
(SecNamedCurves.GetByOid(oid) ??
(NistNamedCurves.GetByOid(oid) ?? TeleTrusTNamedCurves.GetByOid(oid))));
}
private void EncodePrivateKey()
{
X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
//
// named curve
//
X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
X9ECPoint pPoint = new X9ECPoint(
new FPPoint(ecP.Curve, new FPFieldElement(BigInteger.Two, BigInteger.One),
new FPFieldElement(BigInteger.ValueOf(4), BigInteger.ValueOf(3)),
true));
Asn1OctetString p = (Asn1OctetString)pPoint.ToAsn1Object();
if (p == null)
{
Fail("failed to convert to ASN.1");
}
PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), new ECPrivateKeyStructure(BigInteger.Ten).ToAsn1Object());
if (!Arrays.AreEqual(info.GetEncoded(), namedPriv))
{
Fail("failed private named generation");
}
Asn1Object o = Asn1Object.FromByteArray(namedPriv);
if (!info.Equals(o))
{
Fail("failed private named equality");
}
//
// explicit curve parameters
//
_params = new X962Parameters(ecP);
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), new ECPrivateKeyStructure(BigInteger.ValueOf(20)).ToAsn1Object());
if (!Arrays.AreEqual(info.GetEncoded(), expPriv))
{
Fail("failed private explicit generation");
}
o = Asn1Object.FromByteArray(expPriv);
if (!info.Equals(o))
{
Fail("failed private explicit equality");
}
}
private void EncodePrivateKey()
{
X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime192v1);
//
// named curve
//
X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params),
new ECPrivateKeyStructure(ecP.N.BitLength, BigInteger.Ten).ToAsn1Object());
if (!Arrays.AreEqual(info.GetEncoded(), namedPriv))
{
Fail("failed private named generation");
}
Asn1Object o = Asn1Object.FromByteArray(namedPriv);
if (!info.Equals(o))
{
Fail("failed private named equality");
}
//
// explicit curve parameters
//
ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
_params = new X962Parameters(ecP);
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params),
new ECPrivateKeyStructure(ecP.N.BitLength, BigInteger.ValueOf(20)).ToAsn1Object());
if (!Arrays.AreEqual(info.GetEncoded(), expPriv))
{
Fail("failed private explicit generation");
}
o = Asn1Object.FromByteArray(expPriv);
if (!info.Equals(o))
{
Fail("failed private explicit equality");
}
}
public static X9ECParameters GetByOid(DerObjectIdentifier oid)
{
X9ECParameters byOid = X962NamedCurves.GetByOid(oid);
if (byOid == null)
{
byOid = SecNamedCurves.GetByOid(oid);
}
if (byOid == null)
{
byOid = TeleTrusTNamedCurves.GetByOid(oid);
}
if (byOid == null)
{
byOid = AnssiNamedCurves.GetByOid(oid);
}
return(byOid);
}
internal static X9ECParameters FindECCurveByOid(DerObjectIdentifier oid)
{
// TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
X9ECParameters ecP = X962NamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = SecNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = NistNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = TeleTrusTNamedCurves.GetByOid(oid);
}
}
}
return(ecP);
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
DerObjectIdentifier algOid = algID.ObjectID;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(
keyInfo.GetPublicKey());
return(new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent));
}
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement) ||
algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
DHParameter para = new DHParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
BigInteger lVal = para.L;
int l = lVal == null ? 0 : lVal.IntValue;
DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
return(new DHPublicKeyParameters(derY.Value, dhParams));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(
derY.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa) ||
algOid.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPublicKeyParameters(derY.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(
algID.Parameters.ToAsn1Object());
X9ECParameters ecP;
if (para.IsNamedCurve)
{
// TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
DerObjectIdentifier oid = (DerObjectIdentifier)para.Parameters;
ecP = X962NamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = SecNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = NistNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = TeleTrusTNamedCurves.GetByOid(oid);
}
}
}
}
else
{
ecP = new X9ECParameters((Asn1Sequence)para.Parameters);
}
ECDomainParameters dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
DerBitString bits = keyInfo.PublicKeyData;
byte[] data = bits.GetBytes();
Asn1OctetString key = new DerOctetString(data);
X9ECPoint derQ = new X9ECPoint(dParams.Curve, key);
return(new ECPublicKeyParameters(derQ.Point, dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = key.GetOctets();
byte[] x = new byte[32];
byte[] y = new byte[32];
for (int i = 0; i != y.Length; i++)
{
x[i] = keyEnc[32 - 1 - i];
}
for (int i = 0; i != x.Length; i++)
{
y[i] = keyEnc[64 - 1 - i];
}
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
ECPoint q = ecP.Curve.CreatePoint(new BigInteger(1, x), new BigInteger(1, y), false);
return(new ECPublicKeyParameters(q, gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
DerOctetString derY;
try
{
derY = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = derY.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger y = new BigInteger(1, keyBytes);
return(new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet));
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algOid);
}
}
private void EncodePublicKey()
{
X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
if (X9IntegerConverter.GetByteLength(ecP.Curve) != 30)
{
Fail("wrong byte length reported for curve");
}
if (ecP.Curve.FieldSize != 239)
{
Fail("wrong field size reported for curve");
}
//
// named curve
//
X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
ECPoint point = ecP.G.Multiply(BigInteger.ValueOf(100));
DerOctetString p = new DerOctetString(point.GetEncoded(true));
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
if (!Arrays.AreEqual(info.GetEncoded(), namedPub))
{
Fail("failed public named generation");
}
X9ECPoint x9P = new X9ECPoint(ecP.Curve, p);
if (!Arrays.AreEqual(p.GetOctets(), x9P.Point.GetEncoded()))
{
Fail("point encoding not preserved");
}
Asn1Object o = Asn1Object.FromByteArray(namedPub);
if (!info.Equals(o))
{
Fail("failed public named equality");
}
//
// explicit curve parameters
//
_params = new X962Parameters(ecP);
info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
if (!Arrays.AreEqual(info.GetEncoded(), expPub))
{
Fail("failed public explicit generation");
}
o = Asn1Object.FromByteArray(expPub);
if (!info.Equals(o))
{
Fail("failed public explicit equality");
}
}
public static AsymmetricKeyParameter CreateKey(
PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
DerObjectIdentifier algOid = algID.ObjectID;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algOid.Equals(X509ObjectIdentifiers.IdEARsa) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) ||
algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
{
RsaPrivateKeyStructure keyStructure = new RsaPrivateKeyStructure(
Asn1Sequence.GetInstance(keyInfo.PrivateKey));
return(new RsaPrivateCrtKeyParameters(
keyStructure.Modulus,
keyStructure.PublicExponent,
keyStructure.PrivateExponent,
keyStructure.Prime1,
keyStructure.Prime2,
keyStructure.Exponent1,
keyStructure.Exponent2,
keyStructure.Coefficient));
}
else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
DHParameter para = new DHParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.PrivateKey;
BigInteger lVal = para.L;
int l = lVal == null ? 0 : lVal.IntValue;
DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
return(new DHPrivateKeyParameters(derX.Value, dhParams));
}
else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerInteger derX = (DerInteger)keyInfo.PrivateKey;
return(new ElGamalPrivateKeyParameters(
derX.Value,
new ElGamalParameters(para.P, para.G)));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdDsa))
{
DerInteger derX = (DerInteger)keyInfo.PrivateKey;
Asn1Encodable ae = algID.Parameters;
DsaParameters parameters = null;
if (ae != null)
{
DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
parameters = new DsaParameters(para.P, para.Q, para.G);
}
return(new DsaPrivateKeyParameters(derX.Value, parameters));
}
else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object());
X9ECParameters ecP;
if (para.IsNamedCurve)
{
// TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
DerObjectIdentifier oid = (DerObjectIdentifier)para.Parameters;
ecP = X962NamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = SecNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = NistNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = TeleTrusTNamedCurves.GetByOid(oid);
}
}
}
}
else
{
ecP = new X9ECParameters((Asn1Sequence)para.Parameters);
}
ECDomainParameters dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
ECPrivateKeyStructure ec = new ECPrivateKeyStructure(
Asn1Sequence.GetInstance(keyInfo.PrivateKey));
return(new ECPrivateKeyParameters(ec.GetKey(), dParams));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
ECPrivateKeyStructure ec = new ECPrivateKeyStructure(
Asn1Sequence.GetInstance(keyInfo.PrivateKey));
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
return(new ECPrivateKeyParameters(ec.GetKey(), gostParams.PublicKeyParamSet));
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
DerOctetString derX = (DerOctetString)keyInfo.PrivateKey;
byte[] keyEnc = derX.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger x = new BigInteger(1, keyBytes);
return(new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet));
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised");
}
}
public static AsymmetricKeyParameter CreateKey(
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
if (algID.ObjectID.Equals(PkcsObjectIdentifiers.RsaEncryption) ||
algID.ObjectID.Equals(X509ObjectIdentifiers.IdEARsa))
{
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(keyInfo.GetPublicKey());
return(new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent));
}
else if (algID.ObjectID.Equals(PkcsObjectIdentifiers.DhKeyAgreement) ||
algID.ObjectID.Equals(X9ObjectIdentifiers.DHPublicNumber))
{
DHParameter para = new DHParameter((Asn1Sequence)keyInfo.AlgorithmID.Parameters);
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new DHPublicKeyParameters(derY.Value, new DHParameters(para.P, para.G)));
}
else if (algID.ObjectID.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter((Asn1Sequence)keyInfo.AlgorithmID.Parameters);
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new ElGamalPublicKeyParameters(derY.Value, new ElGamalParameters(para.P, para.G)));
}
else if (algID.ObjectID.Equals(X9ObjectIdentifiers.IdDsa) ||
algID.ObjectID.Equals(OiwObjectIdentifiers.DsaWithSha1))
{
DsaParameter para = DsaParameter.GetInstance(keyInfo.AlgorithmID.Parameters);
DerInteger derY = (DerInteger)keyInfo.GetPublicKey();
return(new DsaPublicKeyParameters(derY.Value, new DsaParameters(para.P, para.Q, para.G)));
}
else if (algID.ObjectID.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters((Asn1Object)keyInfo.AlgorithmID.Parameters);
ECDomainParameters dParams = null;
if (para.IsNamedCurve)
{
DerObjectIdentifier oid = (DerObjectIdentifier)para.Parameters;
X9ECParameters ecP = X962NamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = SecNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = NistNamedCurves.GetByOid(oid);
}
}
dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
}
else
{
X9ECParameters ecP = new X9ECParameters((Asn1Sequence)para.Parameters.ToAsn1Object());
dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
}
DerBitString bits = keyInfo.PublicKeyData;
byte[] data = bits.GetBytes();
Asn1OctetString key = new DerOctetString(data);
X9ECPoint derQ = new X9ECPoint(dParams.Curve, key);
return(new ECPublicKeyParameters(derQ.Point, dParams));
}
else if (algID.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
Asn1OctetString key;
try
{
key = (Asn1OctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = key.GetOctets();
byte[] x = new byte[32];
byte[] y = new byte[32];
for (int i = 0; i != y.Length; i++)
{
x[i] = keyEnc[32 - 1 - i];
}
for (int i = 0; i != x.Length; i++)
{
y[i] = keyEnc[64 - 1 - i];
}
ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
if (ecP == null)
{
return(null);
}
ECCurve curve = ecP.Curve;
ECPoint q;
if (curve is FpCurve)
{
FpCurve curveFp = (FpCurve)curve;
q = new FpPoint(
curveFp,
new FpFieldElement(curveFp.Q, new BigInteger(1, x)),
new FpFieldElement(curveFp.Q, new BigInteger(1, y)));
}
else
{
F2mCurve curveF2m = (F2mCurve)curve;
q = new F2mPoint(
curveF2m,
new F2mFieldElement(curveF2m.M, curveF2m.K1, curveF2m.K2, curveF2m.K3, new BigInteger(1, x)),
new F2mFieldElement(curveF2m.M, curveF2m.K1, curveF2m.K2, curveF2m.K3, new BigInteger(1, y)),
false);
}
return(new ECPublicKeyParameters(q, gostParams.PublicKeyParamSet));
}
else if (algID.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
DerOctetString derY;
try
{
derY = (DerOctetString)keyInfo.GetPublicKey();
}
catch (IOException)
{
throw new ArgumentException("invalid info structure in GOST3410 public key");
}
byte[] keyEnc = derY.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger y = new BigInteger(1, keyBytes);
return(new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet));
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algID.ObjectID);
}
}
private void EncodePublicKey()
{
X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
if (X9IntegerConverter.GetByteLength(ecP.Curve) != 30)
{
Fail("wrong byte length reported for curve");
}
if (ecP.Curve.FieldSize != 239)
{
Fail("wrong field size reported for curve");
}
//
// named curve
//
X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
X9ECPoint pPoint = new X9ECPoint(
new FPPoint(ecP.Curve, new FPFieldElement(BigInteger.Two, BigInteger.One),
new FPFieldElement(BigInteger.ValueOf(4), BigInteger.ValueOf(3)),
true));
Asn1OctetString p = (Asn1OctetString)pPoint.ToAsn1Object();
if (p == null)
{
Fail("failed to convert to ASN.1");
}
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
if (!Arrays.AreEqual(info.GetEncoded(), namedPub))
{
Fail("failed public named generation");
}
Asn1Object o = Asn1Object.FromByteArray(namedPub);
if (!info.Equals(o))
{
Fail("failed public named equality");
}
//
// explicit curve parameters
//
_params = new X962Parameters(ecP);
info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
if (!Arrays.AreEqual(info.GetEncoded(), expPub))
{
Fail("failed public explicit generation");
}
o = Asn1Object.FromByteArray(expPub);
if (!info.Equals(o))
{
Fail("failed public explicit equality");
}
}
public static AsymmetricKeyParameter CreateKey(
PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
if (algID.ObjectID.Equals(PkcsObjectIdentifiers.RsaEncryption))
{
RsaPrivateKeyStructure keyStructure = new RsaPrivateKeyStructure(
(Asn1Sequence)keyInfo.PrivateKey);
return(new RsaPrivateCrtKeyParameters(
keyStructure.Modulus,
keyStructure.PublicExponent,
keyStructure.PrivateExponent,
keyStructure.Prime1,
keyStructure.Prime2,
keyStructure.Exponent1,
keyStructure.Exponent2,
keyStructure.Coefficient));
}
else if (algID.ObjectID.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
{
DHParameter para = new DHParameter((Asn1Sequence)algID.Parameters);
DerInteger derX = (DerInteger)keyInfo.PrivateKey;
return(new DHPrivateKeyParameters(derX.Value, new DHParameters(para.P, para.G)));
}
else if (algID.ObjectID.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter((Asn1Sequence)algID.Parameters);
DerInteger derX = (DerInteger)keyInfo.PrivateKey;
return(new ElGamalPrivateKeyParameters(derX.Value, new ElGamalParameters(para.P, para.G)));
}
else if (algID.ObjectID.Equals(X9ObjectIdentifiers.IdDsa))
{
DsaParameter para = DsaParameter.GetInstance(algID.Parameters);
DerInteger derX = (DerInteger)keyInfo.PrivateKey;
return(new DsaPrivateKeyParameters(derX.Value, new DsaParameters(para.P, para.Q, para.G)));
}
else if (algID.ObjectID.Equals(X9ObjectIdentifiers.IdECPublicKey))
{
X962Parameters para = new X962Parameters((Asn1Object)algID.Parameters);
ECDomainParameters dParams = null;
if (para.IsNamedCurve)
{
DerObjectIdentifier oid = (DerObjectIdentifier)para.Parameters;
X9ECParameters ecP = X962NamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = SecNamedCurves.GetByOid(oid);
if (ecP == null)
{
ecP = NistNamedCurves.GetByOid(oid);
}
}
dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
}
else
{
X9ECParameters ecP = new X9ECParameters(
(Asn1Sequence)para.Parameters);
dParams = new ECDomainParameters(
ecP.Curve,
ecP.G,
ecP.N,
ecP.H,
ecP.GetSeed());
}
ECPrivateKeyStructure ec = new ECPrivateKeyStructure((Asn1Sequence)keyInfo.PrivateKey);
return(new ECPrivateKeyParameters(ec.GetKey(), dParams));
}
else if (algID.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
{
throw new NotImplementedException();
}
else if (algID.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
(Asn1Sequence)algID.Parameters);
DerOctetString derX = (DerOctetString)keyInfo.PrivateKey;
byte[] keyEnc = derX.GetOctets();
byte[] keyBytes = new byte[keyEnc.Length];
for (int i = 0; i != keyEnc.Length; i++)
{
keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
}
BigInteger x = new BigInteger(1, keyBytes);
return(new Gost3410PrivateKeyParameters(x, algParams.PublicKeyParamSet));
}
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised");
}
}