/// <summary>
/// Map HashAlgorithm type to string; .NET Framework uses CryptoConfig functionality.
/// </summary>
public static string?ToAlgorithmName(this HashAlgorithm hashAlgorithm)
{
if (hashAlgorithm is SHA1)
{
return(HashAlgorithmNames.SHA1);
}
if (hashAlgorithm is SHA256)
{
return(HashAlgorithmNames.SHA256);
}
if (hashAlgorithm is SHA384)
{
return(HashAlgorithmNames.SHA384);
}
if (hashAlgorithm is SHA512)
{
return(HashAlgorithmNames.SHA512);
}
if (hashAlgorithm is MD5)
{
return(HashAlgorithmNames.MD5);
}
// Fallback to ToString() which can be extended by derived classes
return(hashAlgorithm.ToString());
}
public virtual byte[] CreateSignature (HashAlgorithm hash)
{
if (hash == null)
throw new ArgumentNullException ("hash");
SetHashAlgorithm (hash.ToString ());
return CreateSignature (hash.Hash);
}
/// <include file='doc\AsymmetricSignatureDeformatter.uex' path='docs/doc[@for="AsymmetricSignatureDeformatter.VerifySignature"]/*' />
public virtual bool VerifySignature(HashAlgorithm hash, byte[] rgbSignature)
{
if (hash == null)
{
throw new ArgumentNullException("hash");
}
SetHashAlgorithm(hash.ToString());
return(VerifySignature(hash.Hash, rgbSignature));
}
public virtual bool VerifySignature(HashAlgorithm hash, byte[] rgbSignature)
{
if (hash == null)
{
throw new ArgumentNullException("hash");
}
this.SetHashAlgorithm(hash.ToString());
return this.VerifySignature(hash.Hash, rgbSignature);
}
public virtual byte[] CreateSignature(HashAlgorithm hash)
{
if (hash == null)
{
throw new ArgumentNullException("hash");
}
this.SetHashAlgorithm(hash.ToString());
return(this.CreateSignature(hash.Hash));
}
public virtual byte[] CreateSignature(HashAlgorithm hash)
{
if (hash == null)
{
throw new ArgumentNullException("hash");
}
Contract.EndContractBlock();
SetHashAlgorithm(hash.ToString());
return(CreateSignature(hash.Hash));
}
public virtual void Create ()
{
// try the default hash algorithm (created in SetUp)
Assert.AreEqual (defaultHash, hash.ToString (), "HashAlgorithm.Create()");
// try to build all hash algorithms
hash = HashAlgorithm.Create ("SHA");
Assert.AreEqual (defaultSHA1, hash.ToString (), "HashAlgorithm.Create('SHA')");
hash = HashAlgorithm.Create ("SHA1");
Assert.AreEqual (defaultSHA1, hash.ToString (), "HashAlgorithm.Create('SHA1')");
hash = HashAlgorithm.Create ("System.Security.Cryptography.SHA1");
Assert.AreEqual (defaultSHA1, hash.ToString (), "HashAlgorithm.Create('System.Security.Cryptography.SHA1')");
hash = HashAlgorithm.Create ("System.Security.Cryptography.HashAlgorithm" );
Assert.AreEqual (defaultHash, hash.ToString (), "HashAlgorithm.Create('System.Security.Cryptography.HashAlgorithm')");
hash = HashAlgorithm.Create ("MD5");
Assert.AreEqual (defaultMD5, hash.ToString (), "HashAlgorithm.Create('MD5')");
hash = HashAlgorithm.Create ("System.Security.Cryptography.MD5");
Assert.AreEqual (defaultMD5, hash.ToString (), "HashAlgorithm.Create('System.Security.Cryptography.MD5')");
hash = HashAlgorithm.Create ("SHA256");
Assert.AreEqual (defaultSHA256, hash.ToString (), "HashAlgorithm.Create('SHA256')");
hash = HashAlgorithm.Create ("SHA-256");
Assert.AreEqual (defaultSHA256, hash.ToString (), "HashAlgorithm.Create('SHA-256')");
hash = HashAlgorithm.Create ("System.Security.Cryptography.SHA256");
Assert.AreEqual (defaultSHA256, hash.ToString (), "HashAlgorithm.Create('System.Security.Cryptography.SHA256')");
hash = HashAlgorithm.Create ("SHA384");
Assert.AreEqual (defaultSHA384, hash.ToString (), "HashAlgorithm.Create('SHA384')");
hash = HashAlgorithm.Create ("SHA-384");
Assert.AreEqual (defaultSHA384, hash.ToString (), "HashAlgorithm.Create('SHA-384')");
hash = HashAlgorithm.Create ("System.Security.Cryptography.SHA384");
Assert.AreEqual (defaultSHA384, hash.ToString (), "HashAlgorithm.Create('System.Security.Cryptography.SHA384')");
hash = HashAlgorithm.Create ("SHA512");
Assert.AreEqual (defaultSHA512, hash.ToString (), "HashAlgorithm.Create('SHA512')");
hash = HashAlgorithm.Create ("SHA-512");
Assert.AreEqual (defaultSHA512, hash.ToString (), "HashAlgorithm.Create('SHA-512')");
hash = HashAlgorithm.Create ("System.Security.Cryptography.SHA512");
Assert.AreEqual (defaultSHA512, hash.ToString (), "HashAlgorithm.Create('System.Security.Cryptography.SHA512')");
// try to build invalid implementation
hash = HashAlgorithm.Create ("InvalidHash");
Assert.IsNull (hash, "HashAlgorithm.Create('InvalidHash')");
}
public virtual bool VerifySignature(HashAlgorithm hash, byte[] rgbSignature) {
if (hash == null) throw new ArgumentNullException("hash");
Contract.EndContractBlock();
SetHashAlgorithm(hash.ToString());
return VerifySignature(hash.Hash, rgbSignature);
}
public static bool CompareHashes(HashAlgorithm algorithm1, HashAlgorithm algorithm2, byte[] data)
{
algorithm1.Initialize();
algorithm2.Initialize();
byte[] hash1 = algorithm1.ComputeHash(data);
byte[] hash2 = algorithm2.ComputeHash(data);
if (!CompareBytes(hash1, hash2))
{
Log.Comment("ERROR - HASH VALUE MISCOMPARISON!\n");
Log.Comment("Algorithm 1 : " + algorithm1.ToString());
Log.Comment("Algorithm 2 : " + algorithm2.ToString());
Log.Comment("Data: " + ByteArrayToString(data));
return false;
}
return true;
}
// PKCS #1 v.2.1, Section 9.2
// EMSA-PKCS1-v1_5-Encode
public static byte[] Encode_v15 (HashAlgorithm hash, byte[] hashValue, int emLength)
{
if (hashValue.Length != (hash.HashSize >> 3))
throw new CryptographicException ("bad hash length for " + hash.ToString ());
// DigestInfo ::= SEQUENCE {
// digestAlgorithm AlgorithmIdentifier,
// digest OCTET STRING
// }
byte[] t = null;
string oid = CryptoConfig.MapNameToOID (hash.ToString ());
if (oid != null)
{
ASN1 digestAlgorithm = new ASN1 (0x30);
digestAlgorithm.Add (new ASN1 (CryptoConfig.EncodeOID (oid)));
digestAlgorithm.Add (new ASN1 (0x05)); // NULL
ASN1 digest = new ASN1 (0x04, hashValue);
ASN1 digestInfo = new ASN1 (0x30);
digestInfo.Add (digestAlgorithm);
digestInfo.Add (digest);
t = digestInfo.GetBytes ();
}
else
{
// There are no valid OID, in this case t = hashValue
// This is the case of the MD5SHA hash algorithm
t = hashValue;
}
Buffer.BlockCopy (hashValue, 0, t, t.Length - hashValue.Length, hashValue.Length);
int PSLength = System.Math.Max (8, emLength - t.Length - 3);
// PS = PSLength of 0xff
// EM = 0x00 | 0x01 | PS | 0x00 | T
byte[] EM = new byte [PSLength + t.Length + 3];
EM [1] = 0x01;
for (int i=2; i < PSLength + 2; i++)
EM[i] = 0xff;
Buffer.BlockCopy (t, 0, EM, PSLength + 3, t.Length);
return EM;
}
//private bool VerifySignature (ASN1 cs, byte[] calculatedMessageDigest, string hashName)
private bool VerifySignature (PKCS7.SignedData sd, byte[] calculatedMessageDigest, HashAlgorithm ha)
{
string contentType = null;
ASN1 messageDigest = null;
// string spcStatementType = null;
// string spcSpOpusInfo = null;
for (int i=0; i < sd.SignerInfo.AuthenticatedAttributes.Count; i++) {
ASN1 attr = (ASN1) sd.SignerInfo.AuthenticatedAttributes [i];
string oid = ASN1Convert.ToOid (attr[0]);
switch (oid) {
case "1.2.840.113549.1.9.3":
// contentType
contentType = ASN1Convert.ToOid (attr[1][0]);
break;
case "1.2.840.113549.1.9.4":
// messageDigest
messageDigest = attr[1][0];
break;
case "1.3.6.1.4.1.311.2.1.11":
// spcStatementType (Microsoft code signing)
// possible values
// - individualCodeSigning (1 3 6 1 4 1 311 2 1 21)
// - commercialCodeSigning (1 3 6 1 4 1 311 2 1 22)
// spcStatementType = ASN1Convert.ToOid (attr[1][0][0]);
break;
case "1.3.6.1.4.1.311.2.1.12":
// spcSpOpusInfo (Microsoft code signing)
/* try {
spcSpOpusInfo = System.Text.Encoding.UTF8.GetString (attr[1][0][0][0].Value);
}
catch (NullReferenceException) {
spcSpOpusInfo = null;
}*/
break;
default:
break;
}
}
if (contentType != spcIndirectDataContext)
return false;
// verify message digest
if (messageDigest == null)
return false;
if (!messageDigest.CompareValue (calculatedMessageDigest))
return false;
// verify signature
string hashOID = CryptoConfig.MapNameToOID (ha.ToString ());
// change to SET OF (not [0]) as per PKCS #7 1.5
ASN1 aa = new ASN1 (0x31);
foreach (ASN1 a in sd.SignerInfo.AuthenticatedAttributes)
aa.Add (a);
ha.Initialize ();
byte[] p7hash = ha.ComputeHash (aa.GetBytes ());
byte[] signature = sd.SignerInfo.Signature;
// we need to find the specified certificate
string issuer = sd.SignerInfo.IssuerName;
byte[] serial = sd.SignerInfo.SerialNumber;
foreach (X509Certificate x509 in coll) {
if (CompareIssuerSerial (issuer, serial, x509)) {
// don't verify is key size don't match
if (x509.PublicKey.Length > (signature.Length >> 3)) {
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider) x509.RSA;
if (rsa.VerifyHash (p7hash, hashOID, signature)) {
signerChain.LoadCertificates (coll);
trustedRoot = signerChain.Build (x509);
signingCertificate = x509;
break;
}
}
}
}
for (int i=0; i < sd.SignerInfo.UnauthenticatedAttributes.Count; i++) {
ASN1 attr = (ASN1) sd.SignerInfo.UnauthenticatedAttributes [i];
string oid = ASN1Convert.ToOid (attr [0]);
switch (oid) {
case PKCS7.Oid.countersignature:
// SEQUENCE {
// OBJECT IDENTIFIER
// countersignature (1 2 840 113549 1 9 6)
// SET {
PKCS7.SignerInfo cs = new PKCS7.SignerInfo (attr [1]);
trustedTimestampRoot = VerifyCounterSignature (cs, signature);
break;
default:
// we don't support other unauthenticated attributes
break;
}
}
return (trustedRoot && trustedTimestampRoot);
}