BouncyCastle AlgorithmIdentifier - rsa

How can i create a new instance of org.bouncycastle.asn1.x509.AlgorithmIdentifier of RSA OAEP? in order to be able to use it here:
JceKeyTransRecipientInfoGenerator(java.security.cert.X509Certificate recipientCert, org.bouncycastle.asn1.x509.AlgorithmIdentifier algorithmIdentifier)

with current BouncyCastleVersions you can use a constant from org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP);

It is as simple as creating object from string representation of RSA with OAEP oid
AlgorithmIdentifier id = AlgorithmIdentifier.getInstance("1.2.840.113549.1.1.7");
in recent versions of BouncyCastle >1.50 this API has been removed and getInstance takes only ASN1Sequence and AlgorithmIdentifier. So there is no option, but to use constructor:
AlgorithmIdentifier id = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP);

Related

How to use AddDigitalSignatureOriginPart (DocumentFormat.OpenXml library) to secure an Excel file?

Need to create a digital signed excel file and then validate the signature when uploaded in C#.
On its own, the SpreadsheetDocument.AddDigitalSignatureOriginPart() method does not secure an Excel file. The same is true for the corresponding methods of the WordprocessingDocument and PresentationDocument classes. Those methods only add an empty DigitalSignatureOriginPart that serves as the origin of one or more XmlSignaturePart instances, each of which contains a ds:Signature element based on the W3C Recommendation XML Signature Syntax and Processing Version 1.1 (XMLDSIG).
To secure an Excel file, or any file based on the Open Packaging Conventions (OPC), the most straightforward approach is to use the PackageDigitalSignatureManager class, which is contained in the System.IO.Packaging namespace as provided by the WindowsBase.dll assembly. Thus, if you are targeting the full .NET Framework (e.g., net471), you can use it. However, if you are targeting .Net Core, you need to implement that functionality yourself.
The following code example shows how you can use the PackageDigitalSignatureManager class:
using System;
using System.Collections.Generic;
using System.IO.Packaging;
using System.Linq;
namespace CodeSnippets.Windows.IO.Packaging
{
public static class DigitalSignatureManager
{
public static void Sign(Package package)
{
var dsm = new PackageDigitalSignatureManager(package)
{
CertificateOption = CertificateEmbeddingOption.InSignaturePart
};
List<Uri> parts = package.GetParts()
.Select(part => part.Uri)
.Concat(new[]
{
// Include the DigitalSignatureOriginPart and corresponding
// relationship part, since those will only be added when
// signing.
dsm.SignatureOrigin,
PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin)
})
.ToList();
dsm.Sign(parts);
}
public static VerifyResult VerifySignature(Package package)
{
var dsm = new PackageDigitalSignatureManager(package);
return dsm.VerifySignatures(true);
}
}
}
In case you need to implement that functionality yourself, it helps to make yourself familiar with a number of sources:
The Digital Signing Framework of the Open Packaging Conventions
How to: Sign XML Documents with Digital Signatures
System.Security.Cryptography.Xml Namespace
Based on those sources, I created a partial sample implementation that works with .Net Core. The following snippet shows the void Sign(OpenXmlPackage, X509Certificate2) method that takes an OpenXmlPackage and an X509Certificate2 and creates a valid signature:
public static void Sign(OpenXmlPackage openXmlPackage, X509Certificate2 certificate)
{
if (openXmlPackage == null) throw new ArgumentNullException(nameof(openXmlPackage));
if (certificate == null) throw new ArgumentNullException(nameof(certificate));
RSA privateKey = certificate.GetRSAPrivateKey();
using SHA256 hashAlgorithm = SHA256.Create();
// Create KeyInfo.
var keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(certificate));
// Create a Signature XmlElement.
var signedXml = new SignedXml { SigningKey = privateKey, KeyInfo = keyInfo };
signedXml.Signature.Id = Constants.PackageSignatureId;
signedXml.SignedInfo.SignatureMethod = Constants.SignatureMethod;
signedXml.AddReference(CreatePackageObjectReference());
signedXml.AddObject(CreatePackageObject(openXmlPackage.Package, hashAlgorithm));
signedXml.ComputeSignature();
XmlElement signature = signedXml.GetXml();
// Get or create the DigitalSignatureOriginPart.
DigitalSignatureOriginPart dsOriginPart =
openXmlPackage.GetPartsOfType<DigitalSignatureOriginPart>().FirstOrDefault() ??
openXmlPackage.AddNewPart<DigitalSignatureOriginPart>();
var xmlSignaturePart = dsOriginPart.AddNewPart<XmlSignaturePart>();
// Write the Signature XmlElement to the XmlSignaturePart.
using Stream stream = xmlSignaturePart.GetStream(FileMode.Create, FileAccess.Write);
using XmlWriter writer = XmlWriter.Create(stream);
signature.WriteTo(writer);
}
The full source code of the above void Sign(OpenXmlPackage, X509Certificate2) method can be found in my CodeSnippets GitHub repository. Look for the DigitalSignatureManager class in the CodeSnippets project.

Public key encoding changes

I've generated a public key using elliptic curves, but whenever I get the encoding of the key, it changes. I would like to use the encoding for a public address of a blockchain I am implementing. See below
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.spec.ECGenParameterSpec;
class Scratch {
public static void main(String[] args) throws Exception {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec ecSpec = new ECGenParameterSpec("secp256k1");
keyGen.initialize(ecSpec);
KeyPair kp = keyGen.generateKeyPair();
PublicKey k = kp.getPublic();
byte[] one = k.getEncoded();
byte[] two = k.getEncoded();
System.out.println(one);
System.out.println(two);
}
}
With output
[B#4eec7777
[B#3b07d329
Does anyone know why this is happening? My guess is that it is the expected behavior and I am just misunderstanding something fundamental here.
You are printing the memory address of the byte[], not the key itself. You can't "print" a byte array because it is binary data, you need to encode it somehow first. Hex and base64 are both good encodings for displaying binary data. For memory, other blockchain implementations like to use base58.
Here is an example using base64:
String b64Str = Base64.getEncoder().encodeToString(one);
System.out.println(b64Str);

Is using default method in an interface a good pattern to avoid code duplications?

We have a lot of code duplication in data holder classes that can be serialized to a XML string:
public String toXml() throws JAXBException {
final JAXBContext context = JAXBContext.newInstance(this.getClass());
final Marshaller marshaller = context.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
final StringWriter stringWriter = new StringWriter();
marshaller.marshal(this, stringWriter);
return stringWriter.toString();
}
Why not move this code to a single interface with default implementation? So a simple implements ToXmlUtf8 would be enough to share the default implementation and avoid code duplicates:
public interface ToXml {
default String toXml() throws JAXBException {
final JAXBContext context = JAXBContext.newInstance(this.getClass());
final Marshaller marshaller = context.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
final StringWriter stringWriter = new StringWriter();
marshaller.marshal(this, stringWriter);
return stringWriter.toString();
}
}
Has anybody done this before successfully?
Other solutions?
I could also imagine using an annotation to generate this code.
Are there any ready to use solutions available?
Yes, default methods can be used in that way.
Although the intended use case of default methods is adding new functionality to existing interfaces without breaking old code, default methods have other uses as well. Default methods are also used in interfaces which were added in Java 8, such as in java.util.Predicate, so even the Java designers recognized that adding new functionality to existing interfaces is not the only valid use of default methods.
A disadvantage could be that the implemented interfaces are part of a class's public contract, but in your case this does not seem to be a problem.
If you're using the exact same method then an interface won't help, what you want to do is make a static method and put that in a util class

How to sign with Bouncy Castle using RSA with SHA1 and ISO9796-2 scheme 2?

I need to sign the SHA1 hash of a text with RSA and ISO9796-2 scheme 2 padding
Initially I was doing it only with SHA1 with RSA like this:
public static byte[] signer(byte[] data, PrivateKey key) throws Exception {
Signature signer = Signature.getInstance("SHA1WithRSA", "BC");
signer.initSign(key);
signer.update(data);
return signer.sign();
}
How should I modify the function? It would be easy to just replace "SHA1WithRSA" with another scheme that does what I need but I don't know if it's possible.
I solved this with this code:
public static byte[] signer(byte[] data, PrivateKey key) throws Exception {
Signature signer = Signature.getInstance("SHA1withRSA/ISO9796-2", "BC");
signer.initSign(key);
signer.update(data);
return signer.sign();
}
SHA1withRSA/ISO9796-2 does the trick.
I'm thankful to David from bouncy castle mailing list for this answer.

supply public key in CERTENROLL request

I want to request a cert (from AD cert server) using a template. I want to supply the public key in the request. Using msft's SDK sample
IX509CertificateRequest iRequest = objEnroll.Request;
// then get the inner PKCS10 request
IX509CertificateRequest iInnerRequest =
iRequest.GetInnerRequest(InnerRequestLevel.LevelInnermost);
IX509CertificateRequestPkcs10 iRequestPkcs10 =
iInnerRequest as IX509CertificateRequestPkcs10;
// create CX500DistinguishedName
CX500DistinguishedName objName = new CX500DistinguishedName();
objName.Encode(subjectName, X500NameFlags.XCN_CERT_NAME_STR_NONE);
// set up the subject name
iRequestPkcs10.Subject = objName;
I think I then need to do some thing like this
iRequestPkcs10.PublicKey.InitializeFromEncodedPublicKeyInfo(xx);
but I dont know what xx is. I have the public key (In a bouncy castle PKCS10 object), but what format must it be in to pass to this function?
You can specify the public key in a number of different formats.
According to MSDN, InitializeFromEncodedPublicKeyInfo takes two parameters: the first is the public key, and the second is an EncodingType enumeration value that specifies the format of the public key you are supplying.