示例#1
0
        public string GetHashDigestToHexString()
        {
            byte[]            bMessage  = this.Message;
            HashFunctionIdent hashIdent = this.HashFunctionIdent;

            return(Encoding.ASCII.GetString(Hex.Encode(Hashfunction.generateHashDigest(ref bMessage, ref hashIdent))));
        }
示例#2
0
        public static byte[] generateHashDigest(ref byte[] input, ref HashFunctionIdent hashIdent)
        {
            hashFunctionDigest = DigestUtilities.GetDigest(hashIdent.diplayName);
            byte[] hashDigest = new byte[hashFunctionDigest.GetDigestSize()];
            hashFunctionDigest.BlockUpdate(input, 0, input.Length);
            hashFunctionDigest.DoFinal(hashDigest, 0);

            return(hashDigest);
        }
示例#3
0
文件: RsaSig.cs 项目: xgalv/Cryptool2
        private byte[] getCompleteHw()
        {
            byte[]            bDerHashIdent = Hex.Decode(Datablock.getInstance().HashFunctionIdent.DERIdent);
            byte[]            bMessage      = Datablock.getInstance().Message;
            HashFunctionIdent hashIdent     = Datablock.getInstance().HashFunctionIdent;

            byte[] hashDigest  = Hashfunction.generateHashDigest(ref bMessage, ref hashIdent);
            byte[] returnArray = new byte[bDerHashIdent.Length + Hashfunction.getDigestSize()];
            Array.Copy(bDerHashIdent, 0, returnArray, 0, bDerHashIdent.Length);
            Array.Copy(hashDigest, 0, returnArray, returnArray.Length - hashDigest.Length, hashDigest.Length);

            return(returnArray);
        }
示例#4
0
        public bool verifyRsaSignatureWithFlaw(byte[] message, byte[] signature)
        {
            BigInteger       signatureBigInt = new BigInteger(1, signature);
            RsaKeyParameters pubkeyParam     = (RsaKeyParameters)RsaKey.Instance.getPubKey();

            byte[] sigDecrypted = (signatureBigInt.ModPow(pubkeyParam.Exponent, pubkeyParam.Modulus)).ToByteArray();
            byte[] block        = this.DerEncode(sigDecrypted); // hiernach steht DERIdent und hash am anfang des arrays, danach garbage

            funcIdent = this.extractHashFunction(Encoding.ASCII.GetString(Hex.Encode(block)));

            // SHA1, Digest length: 160 Bit
            if (funcIdent == HashFuncIdentHandler.SHA1)
            {
                return(this.verifySigWithoutPad(block, message, HashFuncIdentHandler.SHA1, 20));
            }

            // SHA-256, Digest length: 256 Bit
            if (funcIdent == HashFuncIdentHandler.SHA256)
            {
                return(this.verifySigWithoutPad(block, message, HashFuncIdentHandler.SHA256, 32));
            }

            // SHA-384, Digest length: 384 Bit
            if (funcIdent == HashFuncIdentHandler.SHA384)
            {
                return(this.verifySigWithoutPad(block, message, HashFuncIdentHandler.SHA384, 48));
            }

            // SHA-512, Digest length: 512 Bit
            if (funcIdent == HashFuncIdentHandler.SHA512)
            {
                return(this.verifySigWithoutPad(block, message, HashFuncIdentHandler.SHA512, 64));
            }

            // MD2, Digest length: 128 Bit
            if (funcIdent == HashFuncIdentHandler.MD2)
            {
                return(this.verifySigWithoutPad(block, message, HashFuncIdentHandler.MD2, 16));
            }

            // MD5, Digest length: 128 Bit
            if (funcIdent == HashFuncIdentHandler.MD5)
            {
                return(this.verifySigWithoutPad(block, message, HashFuncIdentHandler.MD5, 16));
            }

            return(false);
        }
示例#5
0
        private bool verifySigWithoutPad(byte[] sigWithoutPad, byte[] message, HashFunctionIdent hashFuncIdent, int digestLength)
        {
            //TODO Längen überprüfen!
            string blockString = Encoding.ASCII.GetString(Hex.Encode(sigWithoutPad)).ToLower();

            byte[] hashDigestFromSig = new byte[digestLength];
            int    endOfIdent        = hashFuncIdent.DERIdent.Length / 2;

            Array.Copy(sigWithoutPad, endOfIdent, hashDigestFromSig, 0, digestLength);

            IDigest hashFunctionDigest = DigestUtilities.GetDigest(hashFuncIdent.diplayName);

            byte[] hashDigestMessage = Hashfunction.generateHashDigest(ref message, ref hashFuncIdent);

            return(this.compareByteArrays(hashDigestFromSig, hashDigestMessage));
        }
示例#6
0
        public bool verifyRsaSignature(byte[] message, byte[] signature)
        {
            IAsymmetricBlockCipher eng = new Pkcs1Encoding(new RsaEngine());

            eng.Init(false, RsaKey.Instance.getPubKey());

            try
            {
                byte[] data = eng.ProcessBlock(signature, 0, signature.Length);
                funcIdent = this.extractHashFunction(Encoding.ASCII.GetString(Hex.Encode(data)));

                if (null != funcIdent)
                {
                    ISigner verifier = SignerUtilities.GetSigner(funcIdent.diplayName + "withRSA");
                    return(this.verifySig(verifier, message, signature));
                }
            }
            catch (Exception)
            {
                return(false);
            }
            return(false);
        }
示例#7
0
        private static IDigest hashFunctionDigest = DigestUtilities.GetDigest(HashFuncIdentHandler.SHA1.diplayName); // default SHA1

        public static byte[] generateHashDigest(string input, HashFunctionIdent hashIdent)
        {
            byte[] bInput = Encoding.ASCII.GetBytes(input);
            return(generateHashDigest(ref bInput, ref hashIdent));
        }
示例#8
0
        public override bool GenerateSignature()
        {
            this.SendGuiLogMsg("Message Generation started", NotificationLevel.Info);

            this.m_KeyLength = RsaKey.Instance.RsaKeySize;

            int        hashDigestLength = Hashfunction.getDigestSize() * 8;                              // weil Size in Byte zurückgegeben wird
            int        hashIdentLength  = Datablock.getInstance().HashFunctionIdent.DERIdent.Length * 4; // weil ein zeichen im string = 4 bit
            int        keyLength        = this.m_KeyLength;
            BigInteger derIdent         = new BigInteger(Datablock.getInstance().HashFunctionIdent.DERIdent, 16);
            BigInteger datablockLength  = BigInteger.ValueOf(hashDigestLength + hashIdentLength + 8); // Länge Datenblock inkl 0-Byte (=8Bit)

            bool       isDivByThree = false;
            BigInteger N            = null;
            BigInteger datablock    = null;

            while (false == isDivByThree)
            {
                byte[]            bMessage   = Datablock.getInstance().Message;
                HashFunctionIdent hashIdent  = Datablock.getInstance().HashFunctionIdent;
                BigInteger        hashDigest = new BigInteger(1, Hashfunction.generateHashDigest(ref bMessage, ref hashIdent));
                // T*2^160 + H
                datablock = derIdent.Multiply(BigInteger.Two.Pow(hashDigestLength)).Add(hashDigest); // Datablock erstellen; T=HashFuncIdent; H=HashDigest
                N         = (BigInteger.Two.Pow(datablockLength.IntValue)).Subtract(datablock);      // N muss vielfaches von 3 sein

                if (0 == (N.Mod(BigInteger.Three)).IntValue)
                {
                    isDivByThree = true;
                }
                else
                {
                    byte[] extSign = Encoding.ASCII.GetBytes(ChangeSign);
                    byte[] tmp     = new byte[Datablock.getInstance().Message.Length + extSign.Length];
                    Array.Copy(Datablock.getInstance().Message, tmp, Datablock.getInstance().Message.Length);
                    Array.Copy(extSign, 0, tmp, Datablock.getInstance().Message.Length, extSign.Length);
                    Datablock.getInstance().Message = tmp;
                }
            }

            BigInteger sigLengthWithoutZeros = BigInteger.ValueOf(this.m_KeyLength - 15); // 15 weil die ersten 15 bit 0 sind
            BigInteger startPos          = BigInteger.ValueOf(this.m_dataBlockStartPos);
            BigInteger endPos            = startPos.Add(datablockLength);
            BigInteger sigLengthDivThree = sigLengthWithoutZeros.Divide(BigInteger.Three);

            BigInteger testbeta = endPos.Subtract(BigInteger.Two.Multiply(sigLengthDivThree)).Subtract(datablockLength); // sollte 34 seinbei keylength 3072

            //2^3057 - 2^ (2038 + 288 + 34) == 2^3057 - 2^2360
            BigInteger fakeSig = (BigInteger.Two.Pow(sigLengthWithoutZeros.IntValue)).Subtract(BigInteger.Two.Pow(2 * sigLengthDivThree.IntValue + datablockLength.IntValue + testbeta.IntValue));

            // 2^3057 - 2^2360 + 2^2072 * N
            fakeSig = fakeSig.Add((BigInteger.Two.Pow(startPos.IntValue)).Multiply(datablock));
            fakeSig = fakeSig.Add(BigInteger.Two.Pow(startPos.IntValue - 8).Multiply(BigInteger.ValueOf(125))); // add garbage

            BigInteger fakeSigResult = MathFunctions.cuberoot(fakeSig);

            byte[] returnByteArray = new byte[this.m_KeyLength / 8]; // KeyLength is in bit
            Array.Copy(fakeSigResult.ToByteArray(), 0, returnByteArray, returnByteArray.Length - fakeSigResult.ToByteArray().Length, fakeSigResult.ToByteArray().Length);

            this.m_Signature     = returnByteArray;
            this.m_bSigGenerated = true;
            this.OnRaiseSigGenEvent(SignatureType.Bleichenbacher);
            return(true);
        }
示例#9
0
        public override bool GenerateSignature()
        {
            this.m_KeyLength = RsaKey.Instance.RsaKeySize; // Länge des RSA Modulus

            // drei Leerzeichen an Msg anhängen
            string sMsgModifier = "   ";

            byte[] bMsgModifier = Encoding.ASCII.GetBytes(sMsgModifier);
            byte[] bMessage     = new byte[Datablock.getInstance().Message.Length + bMsgModifier.Length];
            Array.Copy(Datablock.getInstance().Message, bMessage, Datablock.getInstance().Message.Length);
            Array.Copy(bMsgModifier, 0, bMessage, Datablock.getInstance().Message.Length, bMsgModifier.Length);

            HashFunctionIdent hashFuncIdent = Datablock.getInstance().HashFunctionIdent;                // Die vom User gewählte Hashfunktion

            byte[] hashIdent             = Hex.Decode(Encoding.ASCII.GetBytes(hashFuncIdent.DERIdent)); // ASN.1 codierter Ident-string
            int    significantByteLength = 11 + hashIdent.Length + hashFuncIdent.digestLength / 8;

            // Datenblock wird konstruiert
            byte[] A = new byte[significantByteLength];
            A[0] = 0x00;
            A[1] = 0x01;
            for (int i = 2; i < 10; i++)
            {
                A[i] = 0xFF;
            }
            A[10] = 0x00;
            Array.Copy(hashIdent, 0, A, 11, hashIdent.Length);
            // Datenblock noch ohne Hashwert, wird in while Schleife unten hinzugefügt

            // byte array der kompletten Signatur, wird zuerst mit 'FF' gefüllt und dann nachher Datenblock an den Anfang kopiert
            byte[] S = new byte[this.m_KeyLength / 8];
            for (int i = A.Length; i < S.Length; i++)
            {
                S[i] = 0xFF;
            }

            BigInteger finalSignature = null;
            int        iMsgLength     = bMessage.Length;
            bool       isEqual        = false;
            int        countLoops     = 0;

            this.SendGuiLogMsg("Signature Generation started", NotificationLevel.Info);
            byte[]     hashDigest = new byte[0];         // Hashwert wird in dieser var gespeichert
            BigInteger T          = new BigInteger("0"); // hilfsvar

            byte[] resultArray = new byte[this.m_KeyLength / 8];

            while (!isEqual && (countLoops < this.m_Iterations))
            {
                hashDigest = Hashfunction.generateHashDigest(ref bMessage, ref hashFuncIdent); // Hashwert wird erzeugt
                Array.Copy(hashDigest, 0, A, 11 + hashIdent.Length, hashDigest.Length);        // erzeugter Hashwert wird in den Datenblock kopiert
                Array.Copy(A, 0, S, 0, A.Length);                                              // erzeugter Datenblock wird in erzeugte Signatur S kopiert

                finalSignature = MathFunctions.cuberoot4(new BigInteger(S), this.m_KeyLength); // Kubikwurzel ziehen
                byte[] test2 = finalSignature.ToByteArray();
                T = finalSignature.Pow(3);                                                     // mit 3 potenzieren
                byte[] test = T.ToByteArray();
                resultArray[0] = 0x00;                                                         // erstes byte is 0
                // durch Konvertierung in BigInteger werden führende Nullen abgeschnitten, daher wird an Stelle 1 in byte array kopiert.
                Array.Copy(T.ToByteArray(), 0, resultArray, 1, T.ToByteArray().Length);

                isEqual = MathFunctions.compareByteArray(ref resultArray, ref S, significantByteLength); // byte arrays vergleichen, wird in meinen Tests nicht erreicht
                if (!isEqual)
                {
                    int value1 = bMessage[iMsgLength - 1];
                    if (++value1 >= 256)
                    {
                        value1 = 0;
                        int value2 = bMessage[iMsgLength - 2];
                        if (++value2 >= 256)
                        {
                            value2 = 0;
                            int value3 = bMessage[iMsgLength - 3];
                            ++value3;
                            bMessage[iMsgLength - 3] = (byte)value3;
                        }
                        bMessage[iMsgLength - 2] = (byte)value2;
                    }
                    bMessage[iMsgLength - 1] = (byte)value1;

                    countLoops++;
                }
            }
            if (countLoops != this.m_Iterations)
            {
                Datablock.getInstance().Message = bMessage;
                byte[] returnByteArray          = new byte[this.m_KeyLength / 8];
                Array.Copy(finalSignature.ToByteArray(), 0, returnByteArray, returnByteArray.Length - finalSignature.ToByteArray().Length, finalSignature.ToByteArray().Length);

                this.m_Signature     = returnByteArray;
                this.m_bSigGenerated = true;
                this.OnRaiseSigGenEvent(SignatureType.Kuehn);
                return(true);
            }
            else
            {
                this.m_bSigGenerated = false;
            }
            return(false);
        }