From 1bbbb73690caa670a5dd4ea55de3fcd2ae2fd1cf Mon Sep 17 00:00:00 2001
From: Ghufran Zahidi <18732053+Ghufz@users.noreply.github.com>
Date: Tue, 10 Oct 2023 16:06:41 +0530
Subject: [PATCH] fix ecdsa signing issue. (#16772)
---
.../resources/csharp/HttpSigningConfiguration.mustache | 8 ++++++--
.../Org.OpenAPITools/Client/HttpSigningConfiguration.cs | 5 +++++
.../Org.OpenAPITools/Client/HttpSigningConfiguration.cs | 5 +++++
.../Org.OpenAPITools/Client/HttpSigningConfiguration.cs | 5 +++++
.../Org.OpenAPITools/Client/HttpSigningConfiguration.cs | 5 +++++
.../Org.OpenAPITools/Client/HttpSigningConfiguration.cs | 8 ++++++--
.../Org.OpenAPITools/Client/HttpSigningConfiguration.cs | 5 +++++
.../Org.OpenAPITools/Client/HttpSigningConfiguration.cs | 5 +++++
.../Org.OpenAPITools/Client/HttpSigningConfiguration.cs | 8 ++++++--
9 files changed, 48 insertions(+), 6 deletions(-)
diff --git a/modules/openapi-generator/src/main/resources/csharp/HttpSigningConfiguration.mustache b/modules/openapi-generator/src/main/resources/csharp/HttpSigningConfiguration.mustache
index 913a483a967..4bc8b396e09 100644
--- a/modules/openapi-generator/src/main/resources/csharp/HttpSigningConfiguration.mustache
+++ b/modules/openapi-generator/src/main/resources/csharp/HttpSigningConfiguration.mustache
@@ -373,8 +373,7 @@ namespace {{packageName}}.Client
else
ecdsa.ImportPkcs8PrivateKey(keyBytes, out byteCount);
- var signedBytes = ecdsa.SignHash(dataToSign);
- var derBytes = ConvertToECDSAANS1Format(signedBytes);
+ var derBytes = ecdsa.SignHash(dataToSign, DSASignatureFormat.Rfc3279DerSequence);
var signedString = System.Convert.ToBase64String(derBytes);
return signedString;
@@ -384,6 +383,11 @@ namespace {{packageName}}.Client
{{/net60OrLater}}
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();
diff --git a/samples/client/petstore/csharp/OpenAPIClient-ConditionalSerialization/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs b/samples/client/petstore/csharp/OpenAPIClient-ConditionalSerialization/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
index 329284ff41d..7c8668488ee 100644
--- a/samples/client/petstore/csharp/OpenAPIClient-ConditionalSerialization/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+++ b/samples/client/petstore/csharp/OpenAPIClient-ConditionalSerialization/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
@@ -352,6 +352,11 @@ namespace Org.OpenAPITools.Client
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();
diff --git a/samples/client/petstore/csharp/OpenAPIClient-httpclient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs b/samples/client/petstore/csharp/OpenAPIClient-httpclient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
index 329284ff41d..7c8668488ee 100644
--- a/samples/client/petstore/csharp/OpenAPIClient-httpclient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+++ b/samples/client/petstore/csharp/OpenAPIClient-httpclient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
@@ -352,6 +352,11 @@ namespace Org.OpenAPITools.Client
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();
diff --git a/samples/client/petstore/csharp/OpenAPIClient-net47/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs b/samples/client/petstore/csharp/OpenAPIClient-net47/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
index 329284ff41d..7c8668488ee 100644
--- a/samples/client/petstore/csharp/OpenAPIClient-net47/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+++ b/samples/client/petstore/csharp/OpenAPIClient-net47/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
@@ -352,6 +352,11 @@ namespace Org.OpenAPITools.Client
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();
diff --git a/samples/client/petstore/csharp/OpenAPIClient-net48/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs b/samples/client/petstore/csharp/OpenAPIClient-net48/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
index 329284ff41d..7c8668488ee 100644
--- a/samples/client/petstore/csharp/OpenAPIClient-net48/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+++ b/samples/client/petstore/csharp/OpenAPIClient-net48/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
@@ -352,6 +352,11 @@ namespace Org.OpenAPITools.Client
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();
diff --git a/samples/client/petstore/csharp/OpenAPIClient-net5.0/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs b/samples/client/petstore/csharp/OpenAPIClient-net5.0/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
index f8c8de85aba..d98d2815297 100644
--- a/samples/client/petstore/csharp/OpenAPIClient-net5.0/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+++ b/samples/client/petstore/csharp/OpenAPIClient-net5.0/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
@@ -380,13 +380,17 @@ namespace Org.OpenAPITools.Client
else
ecdsa.ImportPkcs8PrivateKey(keyBytes, out byteCount);
- var signedBytes = ecdsa.SignHash(dataToSign);
- var derBytes = ConvertToECDSAANS1Format(signedBytes);
+ var derBytes = ecdsa.SignHash(dataToSign, DSASignatureFormat.Rfc3279DerSequence);
var signedString = System.Convert.ToBase64String(derBytes);
return signedString;
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();
diff --git a/samples/client/petstore/csharp/OpenAPIClient-unityWebRequest/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs b/samples/client/petstore/csharp/OpenAPIClient-unityWebRequest/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
index 329284ff41d..7c8668488ee 100644
--- a/samples/client/petstore/csharp/OpenAPIClient-unityWebRequest/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+++ b/samples/client/petstore/csharp/OpenAPIClient-unityWebRequest/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
@@ -352,6 +352,11 @@ namespace Org.OpenAPITools.Client
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();
diff --git a/samples/client/petstore/csharp/OpenAPIClient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs b/samples/client/petstore/csharp/OpenAPIClient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
index 329284ff41d..7c8668488ee 100644
--- a/samples/client/petstore/csharp/OpenAPIClient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+++ b/samples/client/petstore/csharp/OpenAPIClient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
@@ -352,6 +352,11 @@ namespace Org.OpenAPITools.Client
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();
diff --git a/samples/client/petstore/csharp/OpenAPIClientCore/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs b/samples/client/petstore/csharp/OpenAPIClientCore/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
index f8c8de85aba..d98d2815297 100644
--- a/samples/client/petstore/csharp/OpenAPIClientCore/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+++ b/samples/client/petstore/csharp/OpenAPIClientCore/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
@@ -380,13 +380,17 @@ namespace Org.OpenAPITools.Client
else
ecdsa.ImportPkcs8PrivateKey(keyBytes, out byteCount);
- var signedBytes = ecdsa.SignHash(dataToSign);
- var derBytes = ConvertToECDSAANS1Format(signedBytes);
+ var derBytes = ecdsa.SignHash(dataToSign, DSASignatureFormat.Rfc3279DerSequence);
var signedString = System.Convert.ToBase64String(derBytes);
return signedString;
}
+ ///
+ /// Convert ANS1 format to DER format. Not recommended to use because it generate inavlid signature occationally.
+ ///
+ ///
+ ///
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List();