esiur/esiur-dotnet
2
0
Fork 0
mirror of https://github.com/esiur/esiur-dotnet.git synced 2025-06-27 05:23:13 +00:00
Code Issues Projects Releases Wiki Activity

Add project files.

Browse Source
This commit is contained in:
Ahmed Zamil
2017-09-15 23:40:03 +03:00
parent 4c95cb1cc6
commit 7ae722ab51
99 changed files with 14687 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
Esiur/Security/Authority/AlienAuthentication.cs Normal file
View File

@ -0,0 +1,17 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class AlienAuthentication : Authentication
{
public AlienAuthentication(Certificate certificate, AuthenticationState state) :
base(certificate, state, AuthenticationType.Alien)
{
}
}
}

35
Esiur/Security/Authority/Authentication.cs Normal file
View File

@ -0,0 +1,35 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class Authentication
{
Certificate certificate;
AuthenticationState state;
AuthenticationType type;
public Certificate Certificate
{
get { return certificate; }
}
public AuthenticationState State
{
get { return state; }
}
public AuthenticationType Type
{
get { return type; }
}
public Authentication(Certificate certificate, AuthenticationState state, AuthenticationType type)
{
}
}
}

18
Esiur/Security/Authority/AuthenticationState.cs Normal file
View File

@ -0,0 +1,18 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public enum AuthenticationState : int
{
Denied = 0x1,
Succeeded = 0x2,
Blocked = 0x4,
Rejected = 0x8,
NeedsUpdate = 0x10,
NotFound = 0x20
}
}

16
Esiur/Security/Authority/AuthenticationType.cs Normal file
View File

@ -0,0 +1,16 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public enum AuthenticationType
{
Host,
CoHost,
Client,
Alien
}
}

163
Esiur/Security/Authority/CACertificate.cs Normal file
View File

@ -0,0 +1,163 @@
using Esiur.Data;
using Esiur.Engine;
using Esiur.Misc;
using Esiur.Security.Cryptography;
using Esiur.Security.Integrity;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class CACertificate : Certificate
{
string name;
public string Name
{
get { return name; }
}
public CACertificate(byte[] data, uint offset, uint length, bool privateKeyIncluded = false)
:base(0, DateTime.MinValue, DateTime.MinValue, HashFunctionType.MD5)
{
uint oOffset = offset;
this.id = DC.GetUInt64(data, offset);
offset += 8;
this.issueDate = DC.GetDateTime(data, offset);
offset += 8;
this.expireDate = DC.GetDateTime(data, offset);
offset += 8;
this.hashFunction = (HashFunctionType)(data[offset++] >> 4);
this.name = (Encoding.ASCII.GetString(data, (int)offset + 1, data[offset]));
offset += (uint)data[offset] + 1;
var aea = (AsymetricEncryptionAlgorithmType)(data[offset] >> 5);
if (aea == AsymetricEncryptionAlgorithmType.RSA)
{
var key = new RSAParameters();
uint exponentLength = (uint)data[offset++] & 0x1F;
key.Exponent = DC.Clip(data, offset, exponentLength);
offset += exponentLength;
uint keySize = DC.GetUInt16(data, offset);
offset += 2;
key.Modulus = DC.Clip(data, offset, keySize);
offset += keySize;
// copy cert data
this.publicRawData = new byte[offset - oOffset];
Buffer.BlockCopy(data, (int)oOffset, publicRawData, 0, publicRawData.Length);
if (privateKeyIncluded)
{
uint privateKeyLength = (keySize * 3) + (keySize / 2);
uint halfKeySize = keySize / 2;
privateRawData = DC.Clip(data, offset, privateKeyLength);
key.D = DC.Clip(data, offset, keySize);
offset += keySize;
key.DP = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.DQ = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.InverseQ = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.P = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.Q = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
}
// setup rsa
this.rsa = RSA.Create();// new RSACryptoServiceProvider();
this.rsa.ImportParameters(key);
}
}
public CACertificate(ulong id, string authorityName, DateTime issueDate, DateTime expireDate,
HashFunctionType hashFunction = HashFunctionType.SHA1, uint ip = 0, byte[] ip6 = null)
: base(id, issueDate, expireDate, hashFunction)
{
// assign type
BinaryList cr = new BinaryList();
// make header
cr.Append(id, issueDate, expireDate);
// hash function
cr.Append((byte)((byte)hashFunction << 4));
this.hashFunction = hashFunction;
// CA Name
this.name = authorityName;
cr.Append((byte)(authorityName.Length), Encoding.ASCII.GetBytes(authorityName));
// public key
rsa = RSA.Create();// new RSACryptoServiceProvider(2048);
rsa.KeySize = 2048;
RSAParameters dRSAKey = rsa.ExportParameters(true);
cr.Append((byte)dRSAKey.Exponent.Length, dRSAKey.Exponent, (ushort)dRSAKey.Modulus.Length, dRSAKey.Modulus);
publicRawData = cr.ToArray();
privateRawData = DC.Merge(dRSAKey.D, dRSAKey.DP, dRSAKey.DQ, dRSAKey.InverseQ, dRSAKey.P, dRSAKey.Q);
}
public override bool Save(string filename, bool includePrivate = false)
{
try
{
if (includePrivate)
File.WriteAllBytes(filename, BinaryList.ToBytes((byte)CertificateType.CAPrivate, publicRawData, privateRawData));
else
File.WriteAllBytes(filename, BinaryList.ToBytes((byte)CertificateType.CAPublic, publicRawData));
return true;
}
catch
{
return false;
}
}
public override byte[] Serialize(bool includePrivate = false)
{
if (includePrivate)
return BinaryList.ToBytes(publicRawData, privateRawData);
else
return publicRawData;
}
}
}

198
Esiur/Security/Authority/Certificate.cs Normal file
View File

@ -0,0 +1,198 @@
using Esiur.Data;
using Esiur.Engine;
using Esiur.Misc;
using Esiur.Security.Cryptography;
using Esiur.Security.Integrity;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public abstract class Certificate
{
protected DateTime issueDate, expireDate;
protected RSA rsa;
protected Aes aes;
protected byte[] publicRawData;
protected byte[] privateRawData;
protected ulong id;
protected HashFunctionType hashFunction;
public Certificate(ulong id, DateTime issueDate, DateTime expireDate, HashFunctionType hashFunction)
{
this.id = id;
this.issueDate = issueDate;
this.expireDate = expireDate;
this.hashFunction = hashFunction;
}
public ulong Id
{
get { return id; }
}
public AsymetricEncryptionAlgorithmType AsymetricEncryptionAlgorithm
{
get { return AsymetricEncryptionAlgorithmType.RSA; }
}
public byte[] AsymetricEncrypt(byte[] message)
{
return rsa.Encrypt(message, RSAEncryptionPadding.OaepSHA512);
}
public byte[] AsymetricEncrypt(byte[] message, uint offset, uint length)
{
if (message.Length != length)
return rsa.Encrypt(DC.Clip(message, offset, length), RSAEncryptionPadding.OaepSHA512);
else
return rsa.Encrypt(message, RSAEncryptionPadding.OaepSHA512);
}
public byte[] AsymetricDecrypt(byte[] message)
{
try
{
return rsa.Decrypt(message, RSAEncryptionPadding.OaepSHA512);
}
catch (Exception ex)
{
Global.Log("Certificate", LogType.Error, ex.ToString());
return null;
}
}
public byte[] AsymetricDecrypt(byte[] message, uint offset, uint length)
{
try
{
if (message.Length != length)
return rsa.Decrypt(DC.Clip(message, offset, length), RSAEncryptionPadding.OaepSHA512);
else
return rsa.Decrypt(message, RSAEncryptionPadding.OaepSHA512);
}
catch (Exception ex)
{
Global.Log("Certificate", LogType.Error, ex.ToString());
return null;
}
}
public byte[] SymetricEncrypt(byte[] message, uint offset, uint length)
{
byte[] rt = null;
using (var ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
cs.Write(message, (int)offset, (int)length);
rt = ms.ToArray();
}
return rt;
}
public byte[] SymetricEncrypt(byte[] message)
{
return SymetricEncrypt(message, 0, (uint)message.Length);
}
public byte[] SymetricDecrypt(byte[] message, uint offset, uint length)
{
byte[] rt = null;
using (var ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Write))
cs.Write(message, (int)offset, (int)length);
rt = ms.ToArray();
}
return rt;
}
public byte[] SymetricDecrypt(byte[] message)
{
return SymetricDecrypt(message, 0, (uint)message.Length);
}
public byte[] Sign(byte[] message)
{
return Sign(message, 0, (uint)message.Length);
}
public byte[] Sign(byte[] message, uint offset, uint length)
{
if (hashFunction == HashFunctionType.SHA1)
return rsa.SignData(message, (int)offset, (int)length, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
else if (hashFunction == HashFunctionType.MD5)
return rsa.SignData(message, (int)offset, (int)length, HashAlgorithmName.MD5, RSASignaturePadding.Pkcs1);
else if (hashFunction == HashFunctionType.SHA256)
return rsa.SignData(message, (int)offset, (int)length, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
else if (hashFunction == HashFunctionType.SHA384)
return rsa.SignData(message, (int)offset, (int)length, HashAlgorithmName.SHA384, RSASignaturePadding.Pkcs1);
else if (hashFunction == HashFunctionType.SHA512)
return rsa.SignData(message, (int)offset, (int)length, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1);
return null;
}
public bool InitializeSymetricCipher(SymetricEncryptionAlgorithmType algorithm, int keyLength, byte[] key, byte[] iv)
{
if (algorithm == SymetricEncryptionAlgorithmType.AES)
{
if (keyLength == 0) // 128 bit
{
aes = Aes.Create();
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
aes.Key = key;
aes.IV = iv;
return true;
}
}
return false;
}
public abstract bool Save(string filename, bool includePrivate = false);
public abstract byte[] Serialize(bool includePrivate = false);
public static Certificate Load(string filename)
{
byte[] ar = File.ReadAllBytes(filename);
var t = (CertificateType)ar[0];
switch (t)
{
case CertificateType.CAPublic:
return new CACertificate(ar, 1, (uint)ar.Length - 1);
case CertificateType.CAPrivate:
return new CACertificate(ar, 1, (uint)ar.Length - 1, true);
case CertificateType.DomainPublic:
return new DomainCertificate(ar, 1, (uint)ar.Length - 1);
case CertificateType.DomainPrivate:
return new DomainCertificate(ar, 1, (uint)ar.Length - 1, true);
case CertificateType.UserPublic:
return new UserCertificate(ar, 1, (uint)ar.Length - 1);
case CertificateType.UserPrivate:
return new UserCertificate(ar, 1, (uint)ar.Length - 1, true);
}
return null;
}
}
}

18
Esiur/Security/Authority/CertificateType.cs Normal file
View File

@ -0,0 +1,18 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public enum CertificateType
{
CAPublic = 0,
CAPrivate,
DomainPublic,
DomainPrivate,
UserPublic,
UserPrivate
}
}

17
Esiur/Security/Authority/ClientAuthentication.cs Normal file
View File

@ -0,0 +1,17 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class ClientAuthentication : Authentication
{
public ClientAuthentication(byte[] credentials, UserCertificate certificate, AuthenticationState state)
: base(certificate, state, AuthenticationType.Client)
{
}
}
}

17
Esiur/Security/Authority/CoHostAuthentication.cs Normal file
View File

@ -0,0 +1,17 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class CoHostAuthentication : Authentication
{
public CoHostAuthentication(DomainCertificate certificate, AuthenticationState state)
: base(certificate, state, AuthenticationType.CoHost)
{
}
}
}

220
Esiur/Security/Authority/DomainCertificate.cs Normal file
View File

@ -0,0 +1,220 @@
using Esiur.Data;
using Esiur.Misc;
using Esiur.Security.Cryptography;
using Esiur.Security.Integrity;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class DomainCertificate : Certificate
{
uint ip;
byte[] ip6;
string domain;
//CACertificate ca;
string caName;
ulong caId;
byte[] signature;
string authorityName;
public string AuthorityName
{
get { return authorityName; }
}
public string Domain
{
get { return domain; }
}
public byte[] Signature
{
get { return signature; }
}
public uint IPAddress
{
get { return ip; }
}
public byte[] IPv6Address
{
get { return ip6; }
}
public DomainCertificate(byte[] data, uint offset, uint length, bool privateKeyIncluded = false)
:base(0, DateTime.MinValue, DateTime.MinValue, HashFunctionType.MD5)
{
var oOffset = offset;
this.id = DC.GetUInt64(data, offset);
offset += 8;
// load IPs
this.ip = DC.GetUInt32(data, offset);
offset += 4;
this.ip6 = DC.Clip(data, offset, 16);
offset += 16;
this.issueDate = DC.GetDateTime(data, offset);
offset += 8;
this.expireDate = DC.GetDateTime(data, offset);
offset += 8;
this.domain = Encoding.ASCII.GetString(data, (int)offset + 1, data[offset]);
offset += (uint)data[offset] + 1;
this.authorityName = (Encoding.ASCII.GetString(data, (int)offset + 1, data[offset]));
offset += (uint)data[offset] + 1;
caId = DC.GetUInt64(data, offset);
offset += 8;
var aea = (AsymetricEncryptionAlgorithmType)(data[offset] >> 5);
if (aea == AsymetricEncryptionAlgorithmType.RSA)
{
var key = new RSAParameters();
uint exponentLength = (uint)data[offset++] & 0x1F;
key.Exponent = DC.Clip(data, offset, exponentLength);
offset += exponentLength;
uint keySize = DC.GetUInt16(data, offset);
offset += 2;
key.Modulus = DC.Clip(data, offset, keySize);
offset += keySize;
// copy cert data
publicRawData = new byte[offset - oOffset];
Buffer.BlockCopy(data, (int)oOffset, publicRawData, 0, publicRawData.Length);
if (privateKeyIncluded)
{
uint privateKeyLength = (keySize * 3) + (keySize / 2);
privateRawData = DC.Clip(data, offset, privateKeyLength);
uint halfKeySize = keySize / 2;
key.D = DC.Clip(data, offset, keySize);
offset += keySize;
key.DP = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.DQ = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.InverseQ = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.P = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.Q = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
}
// setup rsa
rsa = RSA.Create();// new RSACryptoServiceProvider();
rsa.ImportParameters(key);
this.signature = DC.Clip(data, offset, length - (offset - oOffset));
}
}
public DomainCertificate(ulong id, string domain, CACertificate authority, DateTime issueDate,
DateTime expireDate, HashFunctionType hashFunction = HashFunctionType.SHA1, uint ip = 0, byte[] ip6 = null)
: base (id, issueDate, expireDate, hashFunction)
{
// assign type
var cr = new BinaryList();
// id
cr.Append(id);
// ip
this.ip = ip;
this.ip6 = ip6;
cr.Append(ip);
if (ip6?.Length == 16)
cr.Append(ip6);
else
cr.Append(new byte[16]);
cr.Append(issueDate, expireDate);
// domain
this.domain = domain;
cr.Append((byte)(domain.Length), Encoding.ASCII.GetBytes(domain));
// CA
this.caName = authority.Name;
cr.Append((byte)(authority.Name.Length), Encoding.ASCII.GetBytes(authority.Name));
this.authorityName = authority.Name;
// CA Index
//co.KeyIndex = authority.KeyIndex;
this.caId = authority.Id;
cr.Append(caId);
// public key
rsa = RSA.Create();// new RSACryptoServiceProvider(2048);
rsa.KeySize = 2048;
RSAParameters dRSAKey = rsa.ExportParameters(true);
cr.Append((byte)dRSAKey.Exponent.Length, dRSAKey.Exponent, (ushort)dRSAKey.Modulus.Length, dRSAKey.Modulus, AsymetricEncryptionAlgorithmType.RSA);
publicRawData = cr.ToArray();
// private key
this.privateRawData = DC.Merge(dRSAKey.D, dRSAKey.DP, dRSAKey.DQ, dRSAKey.InverseQ, dRSAKey.P, dRSAKey.Q);
this.signature = authority.Sign(publicRawData);
}
public override bool Save(string filename, bool includePrivate = false)
{
try
{
if (includePrivate)
File.WriteAllBytes(filename, BinaryList.ToBytes((byte)CertificateType.DomainPrivate, publicRawData, signature, privateRawData));
else
File.WriteAllBytes(filename, BinaryList.ToBytes((byte)CertificateType.DomainPublic, publicRawData, signature));
return true;
}
catch
{
return false;
}
}
public override byte[] Serialize(bool includePrivate = false)
{
if (includePrivate)
return BinaryList.ToBytes(publicRawData, signature, privateRawData);
else
return BinaryList.ToBytes(publicRawData, signature);
}
}
}

17
Esiur/Security/Authority/HostAuthentication.cs Normal file
View File

@ -0,0 +1,17 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class HostAuthentication : Authentication
{
public HostAuthentication(DomainCertificate certificate, AuthenticationState state)
: base(certificate, state, AuthenticationType.Host)
{
}
}
}

23
Esiur/Security/Authority/Session.cs Normal file
View File

@ -0,0 +1,23 @@
using Esiur.Data;
using Esiur.Engine;
using Esiur.Net;
using Esiur.Resource;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class Session
{
Authentication Authentication { get; }
Source Source { get; }
string Id { get; }
DateTime Creation { get; }
DateTime Modification { get; }
//KeyList<string, object> Variables { get; }
//IStore Store { get; }
}
}

30
Esiur/Security/Authority/Source.cs Normal file
View File

@ -0,0 +1,30 @@
using Esiur.Data;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class Source
{
string id;
KeyList<SourceAttributeType, Structure> attributes;
string Id { get { return id; } }
KeyList<SourceAttributeType, Structure> Attributes
{
get { return attributes; }
}
public Source(string id, KeyList<SourceAttributeType, Structure> attributes)
{
this.id = id;
this.attributes = attributes;
}
}
}

53
Esiur/Security/Authority/SourceAttributeType.cs Normal file
View File

@ -0,0 +1,53 @@
using Esiur.Data;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public enum SourceAttributeType
{
Mobility, // Stationary/Mobile
CPU, // Arc, Speed, Cores
IP, // IPv4, IPv6 Address
Route, // Trace Root
Location, // Lon, Lat, Alt, Accuracy
OS, // OS name, version, distro, kernel
Application, // lib version, app version
Network, // Bandwidth, MAC, IP, Route
Display, // Screen WxH
Media, // AudioIn, AudioOut, VideoIn,
Identity, // IMEI, IMSI, Manufacture
}
/*
public class SourceAttribute
{
SourceAttributeType type;
Structure value;
public SourceAttributeType Type
{
get
{
return type;
}
}
public Structure Value
{
get
{
return value;
}
}
public SourceAttribute(SourceAttributeType type, Structure value)
{
this.type = type;
this.value = value;
}
}
*/
}

230
Esiur/Security/Authority/UserCertificate.cs Normal file
View File

@ -0,0 +1,230 @@
using Esiur.Data;
using Esiur.Security.Cryptography;
using Esiur.Security.Integrity;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace Esiur.Security.Authority
{
public class UserCertificate : Certificate
{
uint ip;
byte[] ip6;
byte[] signature;
string domain;
string username;
ulong domainId;
public ulong DomainId
{
get { return domainId; }
}
public string Username
{
get { return username; }
}
public string Domain
{
get { return domain; }
}
public byte[] Signature
{
get { return signature; }
}
public uint IPAddress
{
get { return ip; }
}
public byte[] IPv6Address
{
get { return ip6; }
}
public UserCertificate(byte[] data, uint offset, uint length, bool privateKeyIncluded = false)
: base(0, DateTime.MinValue, DateTime.MinValue, HashFunctionType.MD5)
{
var oOffset = offset;
this.id = DC.GetUInt64(data, offset);
offset += 8;
// load IPs
this.ip = DC.GetUInt32(data, offset);
offset += 4;
ip6 = DC.Clip(data, offset, 16);
offset += 16;
this.issueDate = DC.GetDateTime(data, offset);
offset += 8;
this.expireDate = DC.GetDateTime(data, offset);
offset += 8;
this.domainId = DC.GetUInt64(data, offset);
offset += 8;
this.domain = Encoding.ASCII.GetString(data, (int)offset + 1, data[offset]);
offset += (uint)data[offset] + 1;
this.username = Encoding.ASCII.GetString(data, (int)offset + 1, data[offset]);
offset += (uint)data[offset] + 1;
// Hash Function
this.hashFunction = (HashFunctionType)(data[offset++] >> 4);
// Public Key Encryption Algorithm
var aea = (AsymetricEncryptionAlgorithmType)(data[offset] >> 5);
if (aea == AsymetricEncryptionAlgorithmType.RSA)
{
var key = new RSAParameters();
uint exponentLength = (uint)data[offset++] & 0x1F;
key.Exponent = DC.Clip(data, offset, exponentLength);
offset += exponentLength;
uint keySize = DC.GetUInt16(data, offset);
offset += 2;
key.Modulus = DC.Clip(data, offset, keySize);
offset += keySize;
// copy cert data
this.publicRawData = new byte[offset - oOffset];
Buffer.BlockCopy(data, (int)oOffset, publicRawData, 0, publicRawData.Length);
if (privateKeyIncluded)
{
uint privateKeyLength = (keySize * 3) + (keySize / 2);
uint halfKeySize = keySize / 2;
this.privateRawData = DC.Clip(data, offset, privateKeyLength);
key.D = DC.Clip(data, offset, keySize);
offset += keySize;
key.DP = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.DQ = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.InverseQ = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.P = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
key.Q = DC.Clip(data, offset, halfKeySize);
offset += halfKeySize;
}
// setup rsa
this.rsa = RSA.Create();// new RSACryptoServiceProvider();
this.rsa.ImportParameters(key);
this.signature = DC.Clip(data, offset, length - (offset - oOffset));
}
}
public UserCertificate(ulong id, string username, DomainCertificate domainCertificate, DateTime issueDate,
DateTime expireDate, HashFunctionType hashFunction = HashFunctionType.SHA1, uint ip = 0, byte[] ip6 = null)
: base(id, issueDate, expireDate, hashFunction)
{
// assign type
var cr = new BinaryList();
//id
cr.Append(id);
// ip
this.ip = ip;
this.ip6 = ip6;
cr.Append(ip);
if (ip6?.Length == 16)
cr.Append(ip6);
else
cr.Append(new byte[16]);
// dates
this.issueDate = DateTime.UtcNow;
this.expireDate = expireDate;
cr.Append(issueDate, expireDate);
// domain
this.domainId = domainCertificate.Id;
cr.Append(domainCertificate.Id);
this.domain = domainCertificate.Domain;
cr.Append((byte)domainCertificate.Domain.Length, Encoding.ASCII.GetBytes(domainCertificate.Domain));
// username
this.username = username;
cr.Append((byte)(username.Length), Encoding.ASCII.GetBytes(username));
// hash function (SHA1)
cr.Append((byte)((byte)hashFunction << 4));// (byte)0x10);
// public key
rsa = RSA.Create();// new RSACryptoServiceProvider(2048);
rsa.KeySize = 2048;
// write public certificate file
var key = rsa.ExportParameters(true);
publicRawData = BinaryList.ToBytes((byte)key.Exponent.Length, key.Exponent, (ushort)key.Modulus.Length, key.Modulus);
// sign it
this.signature = domainCertificate.Sign(publicRawData);
// store private info
privateRawData = DC.Merge(key.D, key.DP, key.DQ, key.InverseQ, key.P, key.Q, signature);
}
public override bool Save(string filename, bool includePrivate = false)
{
try
{
if (includePrivate)
File.WriteAllBytes(filename, BinaryList.ToBytes((byte)CertificateType.DomainPrivate, publicRawData, signature, privateRawData));
else
File.WriteAllBytes(filename, BinaryList.ToBytes((byte)CertificateType.DomainPublic, publicRawData, signature));
return true;
}
catch
{
return false;
}
}
public override byte[] Serialize(bool includePrivate = false)
{
if (includePrivate)
return BinaryList.ToBytes(publicRawData, signature, privateRawData);
else
return BinaryList.ToBytes(publicRawData, signature);
}
}
}