Как правильно настроить CryptoConfig.AddAlgorithm для ECDsa в C# .NET? ⇐ C#

[Гость]

У меня есть

Код: Выделить всё

XMLDocument

that was signed with edcsa-sha384, out of the box .NET

Код: Выделить всё

SignedXml

does not support that algorithm, so I followed this article (https://www.scottbrady91.com/c-sharp/ecdsa-xml-dotnet) and called

Код: Выделить всё

AddAlgorithm

at the beginning of the program:

Код: Выделить всё

CryptoConfig.AddAlgorithm(typeof(Ecdsa384SignatureDescription),
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384");

Before

Код: Выделить всё

AddAlgorithm

,

Код: Выделить всё

SignedXml

was able to

Код: Выделить всё

CheckSignature

just fine for

Код: Выделить всё

rsa-sha256

, it was able to go through the XMLDocument and perform the signature check without throwing any errors...
After

Код: Выделить всё

AddAlgorithm

, it throws an error on the very second line of the xml file... Does anyone know what else I am missing to get ECDsa-RSA-384 to work?

Код: Выделить всё

InvalidOperationException
> There is an error in the XML document.
>  was not expected.

at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String encodingStyle, XmlDeserializationEvents events)
at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader)

The XML starts with something like this:

Код: Выделить всё

...

If you know an article on how to register custom algorithm, please share it. Thanks!
This is the

Код: Выделить всё

Ecdsa384SignatureDescription

which seems to be loading up just fine, I put some breakpoints and traced it within the

Код: Выделить всё

SignatureDescription.cs

in .NET and it seems to be able to grab the added algorithm just fine.

Код: Выделить всё

using System.Security.Cryptography;

public class ECDsaCngSignatureFormatter : AsymmetricSignatureFormatter
{
private ECDsaCng? key;

public ECDsaCngSignatureFormatter(ECDsaCng key)
{
this.key = key;
}

public override void SetKey(AsymmetricAlgorithm key) => this.key = key as ECDsaCng;

public override void SetHashAlgorithm(string strName) { }

public override byte[] CreateSignature(byte[] rgbHash) => key!.SignHash(rgbHash);
}

public class ECDsaCngSignatureDeformatter : AsymmetricSignatureDeformatter
{
private ECDsaCng? key;

public ECDsaCngSignatureDeformatter(ECDsaCng key)
{
this.key = key;
}

public override void SetKey(AsymmetricAlgorithm key) => this.key = key as ECDsaCng;

public override void SetHashAlgorithm(string strName) { }

public override bool VerifySignature(byte[] rgbHash, byte[] rgbSignature) => key!.VerifyHash(rgbHash, rgbSignature);
}

public class Ecdsa384SignatureDescription : SignatureDescription
{
public Ecdsa384SignatureDescription()
{
KeyAlgorithm = typeof(ECDsaCng).AssemblyQualifiedName;
}
public override HashAlgorithm CreateDigest() => SHA384.Create();

public override AsymmetricSignatureFormatter CreateFormatter(AsymmetricAlgorithm key)
{
if (!(key is ECDsaCng ecdsa) || ecdsa.KeySize != 384)
throw new InvalidOperationException("Requires EC key using P-256");
return new ECDsaCngSignatureFormatter(ecdsa);
}

public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key)
{
if (!(key is ECDsaCng ecdsa) || ecdsa.KeySize != 384)
throw new InvalidOperationException("Requires EC key using P-256");
return new ECDsaCngSignatureDeformatter(ecdsa);
}
}

Источник: https://stackoverflow.com/questions/781 ... -sharp-net