public override bool Equals( Object obj) { if (!(obj is DsaDomainParameters)) { return(false); } DsaDomainParameters pm = (DsaDomainParameters)obj; return(pm.P.Equals(p) && pm.Q.Equals(q) && pm.G.Equals(g)); }
/// <summary> /// Return an ASN.1 encoded representation of the implementing key in a SubjectPublicKeyInfo structure. /// </summary> /// <returns>An encoded representation of the key.</returns> public override byte[] GetEncoded() { DsaDomainParameters domainParameters = this.DomainParameters; if (DomainParameters == null) { return(KeyUtils.GetEncodedSubjectPublicKeyInfo( new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa), new DerInteger(y))); } return(KeyUtils.GetEncodedSubjectPublicKeyInfo( new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, new DsaParameter(domainParameters.P, domainParameters.Q, domainParameters.G).ToAsn1Object()), new DerInteger(y))); }
internal static BigInteger Validated(DsaDomainParameters dsaParams, BigInteger y) { if (dsaParams != null) { // FSM_STATE:5.8, "FIPS 186-3/SP 800-89 ASSURANCES", "The module is performing FIPS 186-3/SP 800-89 Assurances self-test" // FSM_TRANS:5.9, "CONDITIONAL TEST", "FIPS 186-3/SP 800-89 ASSURANCES CHECK", "Invoke FIPS 186-3/SP 800-89 Assurances test" if (BigInteger.Two.CompareTo(y) <= 0 && dsaParams.P.Subtract(BigInteger.Two).CompareTo(y) >= 0 && BigInteger.One.Equals(y.ModPow(dsaParams.Q, dsaParams.P))) { // FSM_TRANS:5.10, "FIPS 186-3/SP 800-89 ASSURANCES CHECK", "CONDITIONAL TEST", "FIPS 186-3/SP 800-89 Assurances test successful" return(y); } throw new ArgumentException("Y value does not appear to be in correct group"); } else { return(y); // we can't validate without params, fortunately we can't use the key either... } }
/// <summary> /// Return an ASN.1 encoded representation of the implementing key in a PrivateKeyInfo structure. /// </summary> /// <returns>An encoded representation of the key.</returns> public override byte[] GetEncoded() { DsaDomainParameters dsaDomainParameters = this.DomainParameters; return(KeyUtils.GetEncodedPrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, new DsaParameter(dsaDomainParameters.P, dsaDomainParameters.Q, dsaDomainParameters.G)), new DerInteger(X))); }
/// <summary> /// Base constructor for a DSA private key. /// </summary> /// <param name="algorithm">The algorithm marker for this key.</param> /// <param name="parameters">The domain parameters for this key.</param> /// <param name="x">The private X value for this key.</param> public AsymmetricDsaPrivateKey(Algorithm algorithm, DsaDomainParameters parameters, BigInteger x) : base(algorithm, parameters) { this.x = x; this.hashCode = CalculateHashCode(); }
public AsymmetricDsaPublicKey(Algorithm algorithm, DsaDomainParameters parameters, BigInteger y) : base(algorithm, parameters) { this.y = KeyUtils.Validated(parameters, y); }
internal AsymmetricDsaKey(Algorithm algorithm, AlgorithmIdentifier algorithmIdentifier) { this.approvedModeOnly = CryptoServicesRegistrar.IsInApprovedOnlyMode(); this.algorithm = algorithm; this.domainParameters = DecodeDomainParameters(algorithmIdentifier); }
internal AsymmetricDsaKey(Algorithm algorithm, DsaDomainParameters domainParameters) { this.approvedModeOnly = CryptoServicesRegistrar.IsInApprovedOnlyMode(); this.algorithm = algorithm; this.domainParameters = domainParameters; }
private void checkKeyPairForConsistency(TPub publicKey, TPriv privateKey) { if (publicKey is AsymmetricECKey && privateKey is AsymmetricECKey) { AsymmetricECPrivateKey priv = privateKey as AsymmetricECPrivateKey; AsymmetricECPublicKey pub = publicKey as AsymmetricECPublicKey; if (!priv.DomainParameters.Equals(pub.DomainParameters)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("EC keys do not have the same domain parameters"); } if (!priv.DomainParameters.G.Multiply(priv.S).Normalize().Equals(pub.W)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("EC public key not consistent with EC private key"); } } else if (publicKey is AsymmetricDsaKey && privateKey is AsymmetricDsaKey) { AsymmetricDsaPrivateKey priv = privateKey as AsymmetricDsaPrivateKey; AsymmetricDsaPublicKey pub = publicKey as AsymmetricDsaPublicKey; DsaDomainParameters dsaParameters = priv.DomainParameters; if (!dsaParameters.Equals(pub.DomainParameters)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("DSA keys do not have the same domain parameters"); } if (!dsaParameters.G.ModPow(priv.X, dsaParameters.P).Equals(pub.Y)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("DSA public key not consistent with DSA private key"); } } else if (publicKey is AsymmetricRsaKey && privateKey is AsymmetricRsaKey) { AsymmetricRsaPrivateKey priv = privateKey as AsymmetricRsaPrivateKey; AsymmetricRsaPublicKey pub = publicKey as AsymmetricRsaPublicKey; if (!priv.Modulus.Equals(pub.Modulus)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("RSA keys do not have the same modulus"); } BigInteger val = BigInteger.Two; if (!val.ModPow(priv.PrivateExponent, priv.Modulus).ModPow(pub.PublicExponent, priv.Modulus).Equals(val)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("RSA public key not consistent with RSA private key"); } } else if (publicKey is AsymmetricDHKey && privateKey is AsymmetricDHKey) { AsymmetricDHPrivateKey priv = privateKey as AsymmetricDHPrivateKey; AsymmetricDHPublicKey pub = publicKey as AsymmetricDHPublicKey; DHDomainParameters dhParameters = priv.DomainParameters; if (!dhParameters.Equals(pub.DomainParameters)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("DH keys do not have the same domain parameters"); } if (!dhParameters.G.ModPow(priv.X, dhParameters.P).Equals(pub.Y)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("DH public key not consistent with DH private key"); } } else if (publicKey is AsymmetricSphincsKey && privateKey is AsymmetricSphincsKey) { AsymmetricSphincsPrivateKey priv = privateKey as AsymmetricSphincsPrivateKey; AsymmetricSphincsPublicKey pub = publicKey as AsymmetricSphincsPublicKey; if (priv.TreeDigestAlgorithm != pub.TreeDigestAlgorithm) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("Sphincs256 public key not consistent with Sphincs256 private key"); } if (!IsRangeSame(priv.GetKeyData(), SPHINCS256Config.SEED_BYTES, pub.GetKeyData(), 0, Horst.N_MASKS * SPHINCS256Config.HASH_BYTES)) { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("Sphincs256 public key not consistent with Sphincs256 private key"); } } else if (publicKey is AsymmetricNHKey && privateKey is AsymmetricNHKey) { AsymmetricNHPrivateKey priv = privateKey as AsymmetricNHPrivateKey; AsymmetricNHPublicKey pub = publicKey as AsymmetricNHPublicKey; // currently there doesn't either a good approach or much point to this one as the keys should be ephemeral and always generated locally. } else { // FSM_TRANS:5.IKP.2, "IMPORTED KEY PAIR CONSISTENCY TEST", "USER COMMAND REJECTED", "Consistency test on imported key pair failed" throw new ArgumentException("Key pair inconsistent"); } }