misc: consistency

consistent naming and public key hierarchy

Author: DennisDyallo

Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPrivateKeyReader.cs renamed to Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPrivateKeyDecoder.cs

@@ -20,7 +20,7 @@
 
 namespace Yubico.YubiKey.Cryptography;
 
-internal class AsnPrivateKeyReader
+internal class AsnPrivateKeyDecoder
 {
     public static IPrivateKey CreatePrivateKey(ReadOnlyMemory<byte> pkcs8EncodedKey)
     {
@@ -102,12 +102,13 @@ public static (byte[], KeyType) GetCurve25519PrivateKeyData(ReadOnlyMemory<byte>
         {
             throw new CryptographicException("Invalid Curve25519 private key: incorrect length");
         }
-        seqPrivateKeyInfo.ThrowIfNotEmpty();
 
+        seqPrivateKeyInfo.ThrowIfNotEmpty();
 
         var keyDefinition = KeyDefinitions.GetByOid(algorithmOid);
         return (privateKey, keyDefinition.KeyType);
     }
+
     public static ECParameters CreateECParameters(ReadOnlyMemory<byte> pkcs8EncodedKey)
     {
         var reader = new AsnReader(pkcs8EncodedKey, AsnEncodingRules.DER);
@@ -261,7 +262,7 @@ public static RSAParameters CreateRSAParameters(ReadOnlyMemory<byte> pkcs8Encode
             DQ = exponent2.ToArray(),
             InverseQ = coefficient.ToArray()
         };
-        
+
         return rsaParameters.NormalizeParameters();
     }
 }

Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPrivateKeyWriter.cs renamed to Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPrivateKeyEncoder.cs

@@ -21,7 +21,7 @@ namespace Yubico.YubiKey.Cryptography;
 /// <summary>
 /// A class that converts private key parameters to ASN.1 DER encoding.
 /// </summary>
-internal static class AsnPrivateKeyWriter
+internal static class AsnPrivateKeyEncoder
 {
     /// <summary>
     /// Converts a private key and its corresponding public point to ASN.1 DER encoded format.

Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPublicKeyReader.cs renamed to Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPublicKeyDecoder.cs

@@ -19,7 +19,7 @@
 
 namespace Yubico.YubiKey.Cryptography;
 
-internal class AsnPublicKeyReader
+internal class AsnPublicKeyDecoder
 {
     public static IPublicKey CreatePublicKey(ReadOnlyMemory<byte> pkcs8EncodedKey)
     {

Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPublicKeyWriter.cs renamed to Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPublicKeyEncoder.cs

@@ -21,7 +21,7 @@ namespace Yubico.YubiKey.Cryptography;
 /// <summary>
 /// A class that converts public key parameters to ASN.1 DER encoding.
 /// </summary>
-internal static class AsnPublicKeyWriter
+internal static class AsnPublicKeyEncoder
 {
     /// <summary>
     /// Converts a public point and key type to ASN.1 DER encoded format.

Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/Curve25519PrivateKey.cs

@@ -58,7 +58,7 @@ private Curve25519PrivateKey(
     public override byte[] ExportPkcs8PrivateKey() 
     {
         ThrowIfDisposed();
-        return AsnPrivateKeyWriter.EncodeToPkcs8(_privateKey, KeyType);
+        return AsnPrivateKeyEncoder.EncodeToPkcs8(_privateKey, KeyType);
     }
     /// <summary>
     /// Clears the private key.
@@ -86,7 +86,7 @@ public override byte[] ExportPkcs8PrivateKey()
     /// <exception cref="CryptographicException">Thrown if privateKey does not match expected format.</exception>
     public static Curve25519PrivateKey CreateFromPkcs8(ReadOnlyMemory<byte> pkcs8EncodedKey)
     {
-        (byte[] privateKey, var keyType) = AsnPrivateKeyReader.GetCurve25519PrivateKeyData(pkcs8EncodedKey);
+        (byte[] privateKey, var keyType) = AsnPrivateKeyDecoder.GetCurve25519PrivateKeyData(pkcs8EncodedKey);
         using var privateKeyHandle = new ZeroingMemoryHandle(privateKey);
         return new Curve25519PrivateKey(privateKeyHandle.Data, keyType);
     }

Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/Curve25519PublicKey.cs

@@ -19,7 +19,7 @@
 
 namespace Yubico.YubiKey.Cryptography;
 
-public sealed class Curve25519PublicKey : IPublicKey
+public sealed class Curve25519PublicKey : PublicKey
 {
     private readonly Memory<byte> _publicPoint;
 
@@ -32,7 +32,7 @@ public sealed class Curve25519PublicKey : IPublicKey
     public KeyDefinition KeyDefinition { get; }
 
     /// <inheritdoc />
-    public KeyType KeyType => KeyDefinition.KeyType;
+    public override KeyType KeyType => KeyDefinition.KeyType;
 
     /// <summary>
     /// Gets the bytes representing the public key coordinates as a compressed point.
@@ -59,8 +59,8 @@ private Curve25519PublicKey(
     /// <returns>
     /// A byte array containing the ASN.1 DER encoded public key.
     /// </returns>
-    public byte[] ExportSubjectPublicKeyInfo() =>
-        AsnPublicKeyWriter.EncodeToSubjectPublicKeyInfo(_publicPoint, KeyDefinition.KeyType);
+    public override byte[] ExportSubjectPublicKeyInfo() =>
+        AsnPublicKeyEncoder.EncodeToSubjectPublicKeyInfo(_publicPoint, KeyDefinition.KeyType);
 
     /// <summary>
     /// Creates a new instance of <see cref="Curve25519PublicKey"/> from a DER-encoded public key.

Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/ECPrivateKey.cs

@@ -91,7 +91,7 @@ public ECPrivateKey(ECDsa ecdsaObject)
         public override byte[] ExportPkcs8PrivateKey()
         {
             ThrowIfDisposed();
-            return AsnPrivateKeyWriter.EncodeToPkcs8(Parameters);
+            return AsnPrivateKeyEncoder.EncodeToPkcs8(Parameters);
         }
 
         /// <inheritdoc/>
@@ -116,7 +116,7 @@ public override void Clear()
         /// </exception>
         public static ECPrivateKey CreateFromPkcs8(ReadOnlyMemory<byte> encodedKey)
         {
-            var parameters = AsnPrivateKeyReader.CreateECParameters(encodedKey);
+            var parameters = AsnPrivateKeyDecoder.CreateECParameters(encodedKey);
             return CreateFromParameters(parameters);
         }
 

Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/ECPublicKey.cs

@@ -0,0 +1,161 @@
+// Copyright 2024 Yubico AB
+// 
+// Licensed under the Apache License, Version 2.0 (the "License").
+// You may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
+using System.Security.Cryptography;
+
+namespace Yubico.YubiKey.Cryptography;
+
+/// <summary>
+/// Represents the parameters for an Elliptic Curve (EC) public key.
+/// </summary>
+/// <remarks>
+/// This class encapsulates the parameters specific to EC public keys,
+/// ensuring that the key only contains necessary public key components.
+/// </remarks>
+public class ECPublicKey : PublicKey
+{
+    private readonly byte[] _publicPointBytes;
+
+    /// <summary>
+    /// Gets the key definition associated with this RSA private key.
+    /// </summary>
+    /// <value>
+    /// A <see cref="KeyDefinition"/> object that describes the key's properties, including its type and length.
+    /// </value>
+    public KeyDefinition KeyDefinition { get; }
+
+    /// <summary>
+    /// Gets the Elliptic Curve parameters associated with this instance.
+    /// </summary>
+    /// <value>
+    /// An <see cref="ECParameters"/> structure containing the curve parameters, key, and other
+    /// cryptographic elements needed for EC operations.
+    /// </value>
+    public ECParameters Parameters { get; }
+
+    /// <summary>
+    /// Gets the bytes representing the public key coordinates.
+    /// </summary>
+    /// <returns>A <see cref="ReadOnlyMemory{T}"/> containing the public key bytes with the format 0x04 || X || Y.</returns>
+    public ReadOnlyMemory<byte> PublicPoint => _publicPointBytes;
+
+    /// <inheritdoc />
+    public override KeyType KeyType => KeyDefinition.KeyType;
+
+    /// <summary>
+    /// Initializes a new instance of the <see cref="ECPublicKey"/> class.
+    /// It is a wrapper for the <see cref="ECParameters"/> class.
+    /// </summary>
+    /// <remarks>
+    /// This constructor is used to create an instance from a <see cref="ECParameters"/> object.
+    /// It will deep copy the parameters from the <see cref="ECParameters"/> object.
+    /// </remarks>
+    /// <param name="parameters"></param>
+    /// <exception cref="ArgumentException">Thrown when the parameters contain private key data (D value).</exception>
+    protected ECPublicKey(ECParameters parameters)
+    {
+        if (parameters.D != null)
+        {
+            throw new ArgumentException(
+                "Parameters must not contain private key data (D value)", nameof(parameters));
+        }
+
+        Parameters = parameters.DeepCopy();
+        KeyDefinition = KeyDefinitions.GetByOid(Parameters.Curve.Oid);
+
+        // Format identifier (uncompressed point): 0x04
+        _publicPointBytes = [0x4, .. Parameters.Q.X, .. Parameters.Q.Y];
+    }
+
+    /// <summary>
+    /// Initializes a new instance of the <see cref="ECPublicKey"/> class.
+    /// </summary>
+    /// <param name="ecdsa"></param>
+    protected ECPublicKey(ECDsa ecdsa)
+    {
+        if (ecdsa == null)
+        {
+            throw new ArgumentNullException(nameof(ecdsa));
+        }
+
+        Parameters = ecdsa.ExportParameters(false);
+        KeyDefinition = KeyDefinitions.GetByOid(Parameters.Curve.Oid);
+
+        // Format identifier (uncompressed point): 0x04
+        _publicPointBytes = [0x4, .. Parameters.Q.X, .. Parameters.Q.Y];
+    }
+
+    /// <inheritdoc />
+    public override byte[] ExportSubjectPublicKeyInfo() => AsnPublicKeyEncoder.EncodeToSubjectPublicKeyInfo(Parameters);
+
+    
+    /// <summary>
+    /// Creates an instance of <see cref="ECPublicKey"/> from the given <paramref name="parameters"/>.
+    /// </summary>
+    /// <param name="parameters">The parameters to create the key from.</param>
+    /// <returns>An instance of <see cref="ECPublicKey"/>.</returns>
+    public static ECPublicKey CreateFromParameters(ECParameters parameters) => new(parameters);
+
+    /// <summary>
+    /// Creates an instance of <see cref="ECPublicKey"/> from the given
+    /// <paramref name="publicPoint"/> and <paramref name="keyType"/>.
+    /// </summary>
+    /// <param name="publicPoint">The raw public key data, formatted as an compressed point.</param>
+    /// <param name="keyType">The type of key this is.</param>
+    /// <returns>An instance of <see cref="ECPublicKey"/>.</returns>
+    /// <exception cref="ArgumentException">
+    /// Thrown if the key type is not a valid EC key.
+    /// </exception>
+    public static IPublicKey CreateFromValue(ReadOnlyMemory<byte> publicPoint, KeyType keyType)
+    {
+        var keyDefinition = KeyDefinitions.GetByKeyType(keyType);
+        if (keyDefinition.AlgorithmOid is not Oids.ECDSA)
+        {
+            throw new ArgumentException("Only P-256, P-384 and P-521 are supported.", nameof(keyType));
+        }
+
+        int coordinateLength = keyDefinition.LengthInBytes;
+        var curve = ECCurve.CreateFromValue(keyDefinition.CurveOid);
+        var ecParameters = new ECParameters
+        {
+            Curve = curve,
+            Q = new ECPoint
+            {
+                X = publicPoint.Slice(1, coordinateLength).ToArray(),
+                Y = publicPoint.Slice(coordinateLength + 1, coordinateLength).ToArray()
+            }
+        };
+
+        return CreateFromParameters(ecParameters);
+    }
+
+    /// <summary>
+    /// Creates an instance of <see cref="IPublicKey"/> from a DER-encoded public key.
+    /// </summary>
+    /// <param name="encodedKey">The DER-encoded public key.</param>
+    /// <returns>An instance of <see cref="IPublicKey"/>.</returns>
+    /// <exception cref="CryptographicException">
+    /// Thrown if the public key is invalid.
+    /// </exception>
+    public static IPublicKey CreateFromPkcs8(ReadOnlyMemory<byte> encodedKey) =>
+        AsnPublicKeyDecoder.CreatePublicKey(encodedKey);
+
+    /// <summary>
+    /// Gets the bytes representing the public key coordinates.
+    /// </summary>
+    /// <returns>A <see cref="ReadOnlyMemory{T}"/> containing the public key bytes with the format 0x04 || X || Y.</returns>
+    [Obsolete("Use PublicPoint instead")]
+    public ReadOnlyMemory<byte> GetBytes() => _publicPointBytes;
+}