summary refs log tree commit diff
path: root/crypto/src/crypto/tls/TlsRsaSigner.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/crypto/tls/TlsRsaSigner.cs')
-rw-r--r--crypto/src/crypto/tls/TlsRsaSigner.cs60
1 files changed, 60 insertions, 0 deletions
diff --git a/crypto/src/crypto/tls/TlsRsaSigner.cs b/crypto/src/crypto/tls/TlsRsaSigner.cs
new file mode 100644
index 000000000..ce18ef5e1
--- /dev/null
+++ b/crypto/src/crypto/tls/TlsRsaSigner.cs
@@ -0,0 +1,60 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class TlsRsaSigner
+        : TlsSigner
+    {
+        public virtual byte[] GenerateRawSignature(SecureRandom random,
+            AsymmetricKeyParameter privateKey, byte[] md5AndSha1)
+        {
+            IAsymmetricBlockCipher engine = CreateRsaImpl();
+            engine.Init(true, new ParametersWithRandom(privateKey, random));
+            return engine.ProcessBlock(md5AndSha1, 0, md5AndSha1.Length);
+        }
+
+        public virtual bool VerifyRawSignature(byte[] sigBytes, AsymmetricKeyParameter publicKey,
+            byte[] md5AndSha1)
+        {
+            IAsymmetricBlockCipher engine = CreateRsaImpl();
+            engine.Init(false, publicKey);
+            byte[] signed = engine.ProcessBlock(sigBytes, 0, sigBytes.Length);
+            return Arrays.ConstantTimeAreEqual(signed, md5AndSha1);
+        }
+
+        public virtual ISigner CreateSigner(SecureRandom random, AsymmetricKeyParameter privateKey)
+        {
+            return MakeSigner(new CombinedHash(), true, new ParametersWithRandom(privateKey, random));
+        }
+
+        public virtual ISigner CreateVerifyer(AsymmetricKeyParameter publicKey)
+        {
+            return MakeSigner(new CombinedHash(), false, publicKey);
+        }
+
+        public virtual bool IsValidPublicKey(AsymmetricKeyParameter publicKey)
+        {
+            return publicKey is RsaKeyParameters && !publicKey.IsPrivate;
+        }
+
+        protected virtual ISigner MakeSigner(IDigest d, bool forSigning, ICipherParameters cp)
+        {
+            ISigner s = new GenericSigner(CreateRsaImpl(), d);
+            s.Init(forSigning, cp);
+            return s;
+        }
+
+        protected virtual IAsymmetricBlockCipher CreateRsaImpl()
+        {
+            return new Pkcs1Encoding(new RsaBlindedEngine());
+        }
+    }
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-21 05:30:25 +0000