Showing posts with label Crypto. Show all posts
Showing posts with label Crypto. Show all posts

Thursday, March 21, 2024

Create an ECDSA signature with C# that can be verified using OpenSSL

 .net framework includes a handy library that can be used for generating digital signatures. However, the default output format is not DER and it cannot be verified using OpenSSL. There are many solutions in the Internet but they are super complex. The real solution is really simple, literaly half line of additional code. So here is some C# code that outputs DER encoded ECDSA signature that can be verified using OpenSSL:



  //assume data is a byte array that includes the data to be signed
  var ecdsa = ECDsa.Create(); // generates asymmetric key pair
  byte[] signature = ecdsa.SignData(data, HashAlgorithmName.SHA256, 
				DSASignatureFormat.Rfc3279DerSequence);

The last parameted of SignData does all the job :) You can find the official documentation of this method overload here

Posted by at
Labels: , , ,

Monday, August 10, 2020

Create a JWT singed with RSA private key in .net core

The following example is a snippet of a C# code that generates an RSA private key out of a .pem file and uses it to sign a JWT. The privateKey variable, stores the contents of the .pem file minus the "-----BEGIN RSA PRIVATE KEY----" and "-----END RSA PRIVATE KEY-----" lines.

 
string privateKey = @"
MIIEpAIBAA
  ...
y53DdfYA==";
byte[] RSAprivateKey = Convert.FromBase64String(privateKey);
RSA rsa = RSA.Create();
rsa.ImportRSAPrivateKey(RSAprivateKey, out _);
var jwt = tokenHandler.CreateEncodedJwt(
   issuer: "...",
   audience: ...,
   ...
   signingCredentials: new SigningCredentials(
     key: new RsaSecurityKey(rsa),
     algorithm: SecurityAlgorithms.RsaSha256)
);
Posted by at
Labels: ,

Wednesday, August 1, 2012

A proxy re-encryption implementation

Proxy re-encryption is scheme that allows a proxy to re-encrypt a ciphertext, encrypted with the public key of a user A, into a ciphertext that can be decrypted with a private key of a user B, without having access to the private key of A or B, as well as to the plaintext.

Green and Ateniese describe an Identity-based proxy re-encryption scheme in their paper and prove its security. An implementation of their solution can be found in my github repository. This is a python implementation using the Charm Crypto tool
Posted by at
Labels: , ,
Subscribe to: Posts ( Atom )