public void GetHashCode_ShouldReturn_HashCodeOfHashWithSignatureProperty()
{
// Arrange
var rsa = new RsaCertificate(ScenarioRsa1.RsaParameters);
// Act
// Assert
rsa.GetHashCode().Should().Be(rsa.HashWithSignature.GetHashCode());
}
public void RsaSignTest()
{
byte[] buffer = Encoding.UTF8.GetBytes("my name is Jason");
string pfx = @"G:\Jason\certs\apiclient_cert.pfx";
var rsa = RsaCertificate.ReadFromPfx(pfx, "1548699391");
string signature = rsa.SignData(buffer);
Assert.IsTrue(rsa.VerifyData(buffer, Convert.FromBase64String(signature)));
}
public void SameParameters_ShouldReturn_True()
{
// Arrange
var certificate1 = new RsaCertificate(parameters: ScenarioRsa1.RsaParameters);
var certificate2 = new RsaCertificate(parameters: ScenarioRsa1.RsaParameters);
// Act
// Assert
certificate1.Equals(certificate2).Should().BeTrue();
}
public void DifferentParameters_ShouldReturn_False()
{
// Arrange
var certificate1 = new RsaCertificate(parameters: ScenarioRsa1.RsaParameters);
var certificate2 = new RsaCertificate(parameters: ScenarioRsa2.RsaParameters);
// Act
// Assert
certificate1.Equals(certificate2).Should().BeFalse();
}
public void Constructor_Should_SetProperties()
{
// Arrange
// Act
var obj = new RsaCertificate(parameters: ScenarioRsa.DefaultRsaParameters);
var rsa = obj.CreateRsa();
var rsaParameters = rsa.ExportParameters(false);
// Assert
rsaParameters.Exponent.SequenceEqual(ScenarioRsa.DefaultRsaParameters.Exponent).Should().BeTrue();
rsaParameters.Modulus.SequenceEqual(ScenarioRsa.DefaultRsaParameters.Modulus).Should().BeTrue();
}
private void btnExportCer_Click(object sender, EventArgs e)
{
string name = txt_cert_name.Text.Trim();
if (!name.Contains("."))
{
name += ".cer";
}
string subject = Path.GetFileNameWithoutExtension(name);
bool res = RsaCertificate.ExportCertFile(subject, Path.Combine(txt_cert_folder.Text.Trim(), name));
MessageBox.Show(res ? "导出证书成功" : "导出证书失败");
}
public void Create_ShouldReturn_InitializedRsaCryptoServiceProvider()
{
// Arrange
var certificate = new RsaCertificate(ScenarioRsa1.RsaParameters);
// Act
var rsa = certificate.CreateRsa();
// Assert
var parameters = rsa.ExportParameters(false);
parameters.Exponent.SequenceEqual(ScenarioRsa1.Exponent).Should().BeTrue();
parameters.Modulus.SequenceEqual(ScenarioRsa1.Modulus).Should().BeTrue();
}
public void DifferentParametersAndSameSignature_ShouldReturn_False()
{
// Arrange
var signature = createRsaSignature();
var certificate1 = new RsaCertificate(
parameters: ScenarioRsa1.RsaParameters,
signature: signature);
var certificate2 = new RsaCertificate(
parameters: ScenarioRsa2.RsaParameters,
signature: signature);
// Act
// Assert
certificate1.Equals(certificate2).Should().BeFalse();
}
public void SameParametersAndSignature_ShouldReturn_True()
{
// Arrange
var signature = new RsaSignature(Sha512Hash.Compute(new byte[] { 0x00 }), new byte[] { 0x01 });
var certificate1 = new RsaCertificate(
parameters: ScenarioRsa1.RsaParameters,
signature: signature);
var certificate2 = new RsaCertificate(
parameters: ScenarioRsa1.RsaParameters,
signature: signature);
// Act
// Assert
certificate1.Equals(certificate2).Should().BeTrue();
}
static ScenarioRsa()
{
DefaultData = new byte[] { 0x00, 0x01, 0x02, 0x03 };
DefaultDataHash = Sha512Hash.Compute(DefaultData);
DefaultEmbeddedData = new byte[] { 0xff, 0xee, 0xdd, 0xcc };
DefaultKey = RsaKey.Generate();
DefaultRsa = DefaultKey.CreateRsa();
DefaultRsaParameters = DefaultRsa.ExportParameters(true);
DefaultCertificateSignature = new RsaSignature(Sha512Hash.Compute(new byte[] { 0x12, 0x34, 0xaa, 0xbb }), new byte[] { 0xa1, 0xb2, 0xc3, 0xd4 });
DefaultCertificate = new RsaCertificate(DefaultRsaParameters, DefaultCertificateSignature);
DefaultSignerKey = RsaKey.Generate();
DefaultSignerCertificate = (RsaCertificate)DefaultSignerKey.DeriveCertificate();
DefaultSignatureData = new byte[] { 0x1f, 0x2f, 0x3f, 0x4f };
DefaultSignature = new RsaSignature(DefaultSignerCertificate.Hash, DefaultSignatureData);
DefaultChain = new ChainOfTrust(DefaultSignerCertificate);
}
public void CertificateSignedByTrustedSignerWhileSignerCertificateHashExistsTwice_ShouldThrow_TrustException()
{
// Arrange
var certificate = RsaKey.Generate().DeriveCertificate();
var signedCertificate = ScenarioRsa.DefaultSignerKey.Sign((RsaCertificate)certificate);
var signerCertificateParameters = ScenarioRsa.DefaultSignerCertificate.CreateRsa().ExportParameters(false);
var signerCertificateDuplicate = new RsaCertificate(
parameters: signerCertificateParameters,
embeddedData: ScenarioRsa.DefaultSignerCertificate.EmbeddedData);
var chainOfTrust = new ChainOfTrust(
ScenarioRsa.DefaultSignerCertificate,
signerCertificateDuplicate);
// Act & Assert
Assert.Throws <TrustException>(() => chainOfTrust.Verify(signedCertificate));
}
private void btnBuildCert_Click(object sender, EventArgs e)
{
if (!File.Exists(txt_makecertpath.Text.Trim()))
{
MessageBox.Show($"无法创建证书,未能找到证书创建工具[{txt_makecertpath.Text}]");
return;
}
if (string.IsNullOrEmpty(txt_cert_name.Text.Trim()) || string.IsNullOrEmpty(txt_cert_folder.Text.Trim()))
{
MessageBox.Show("请设置证书保存信息先");
return;
}
bool res = RsaCertificate.CreateCertificate(txt_makecertpath.Text.Trim(), Path.GetFileNameWithoutExtension(txt_cert_name.Text.Trim()));
MessageBox.Show(res ? "创建证书成功" : "创建证书失败");
}
public void Constructor_Should_SetProperties()
{
// Arrange
var signature = createRsaSignature();
// Act
var obj = new RsaCertificate(
parameters: ScenarioRsa.DefaultRsaParameters,
signCertificateCallback: (_hash) => signature);
var rsa = obj.CreateRsa();
var rsaParameters = rsa.ExportParameters(false);
// Assert
rsaParameters.Exponent.SequenceEqual(ScenarioRsa.DefaultRsaParameters.Exponent).Should().BeTrue();
rsaParameters.Modulus.SequenceEqual(ScenarioRsa.DefaultRsaParameters.Modulus).Should().BeTrue();
obj.Signature.Should().BeSameAs(signature);
}
public void SameParametersAndDifferentSignature_ShouldReturn_False()
{
// Arrange
var signature1 = createRsaSignature();
var certificate1 = new RsaCertificate(
parameters: ScenarioRsa1.RsaParameters,
signature: signature1);
var signature2 = createRsaSignature(
signerCertificateHash: Sha512Hash.Compute(new byte[] { 0x00 }),
signature: new byte[] { 0x01 });
var certificate2 = new RsaCertificate(
parameters: ScenarioRsa1.RsaParameters,
signature: signature2);
// Act
// Assert
certificate1.Equals(certificate2).Should().BeFalse();
}
/// <summary>
/// Serializes a <paramref name="certificate"/> to a <paramref name="stream"/>.
/// </summary>
/// <param name="certificate">The certificate.</param>
/// <param name="stream">The destination stream.</param>
/// <exception cref="ArgumentNullException">Thrown, if
/// <paramref name="certificate"/> or <paramref name="stream"/>
/// is null.</exception>
/// <exception cref="Exception">Thrown, if any error
/// occurred serializing or writing the data.</exception>
public static void Serialize(RsaCertificate certificate, Stream stream)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
if (stream == null)
{
throw new ArgumentNullException(nameof(stream));
}
var model = SerializationModelConverter.Convert(certificate: certificate);
var serializer = new XmlSerializer(typeof(SerializationModel));
serializer.Serialize(stream, model);
stream.Flush();
}
public void CertificatesWithDifferentSignatures_Should_HaveSameHashesButDifferentHashWithSignatures()
{
// Arrange
var signature1 = createRsaSignature();
var certificate1 = new RsaCertificate(
parameters: ScenarioRsa1.RsaParameters,
signature: signature1);
var signature2 = createRsaSignature(
signerCertificateHash: Sha512Hash.Compute(new byte[] { 0x00 }),
signature: new byte[] { 0x01 });
var certificate2 = new RsaCertificate(
parameters: ScenarioRsa1.RsaParameters,
signature: signature2);
// Act
// Assert
certificate1.Hash.Equals(certificate2.Hash).Should().BeTrue();
certificate1.HashWithSignature.Equals(certificate2.HashWithSignature).Should().BeFalse();
}
/// <summary>
/// Converts a cryptographic RSA certificate to a serialization model instance.
/// </summary>
/// <param name="certificate">The cryptographic RSA certificate.</param>
/// <returns>The serialization model.</returns>
/// <exception cref="ArgumentNullException">Thrown, if
/// <paramref name="certificate"/> is null.</exception>
public static SerializationModel Convert(RsaCertificate certificate)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
var rsaParameters = certificate.CreateRsa().ExportParameters(false);
return(new SerializationModel
{
Hash = System.Convert.ToBase64String(certificate.Hash.Hash.ToArray()),
Parameters = new RsaSerializationModel
{
Exponent = System.Convert.ToBase64String(rsaParameters.Exponent),
Modulus = System.Convert.ToBase64String(rsaParameters.Modulus),
},
EmbeddedData = certificate.EmbeddedData == null ? null : System.Convert.ToBase64String(certificate.EmbeddedData.ToArray()),
SignerCertificateHash = certificate.Signature == null ? null : System.Convert.ToBase64String(certificate.Signature.SignerCertificateHash.Hash.ToArray()),
Signature = certificate.Signature == null ? null : System.Convert.ToBase64String(certificate.Signature.Signature.ToArray()),
});
}
private void btnReadX509_Click(object sender, EventArgs e)
{
try
{
string fullpath = Path.Combine(txt_cert_folder.Text.Trim(), txt_cert_name.Text.Trim());
IRsa rsa;
if (fullpath.ToLower().EndsWith(".pfx"))
{
rsa = RsaCertificate.ReadFromPfx(fullpath, txt_cert_pwd.Text.Trim());
}
else
{
rsa = RsaCertificate.ReadFromCert(fullpath);
}
txt_private_key.Text = rsa.HasPrivateKey ? rsa.PrivateKey : "";
txt_public_key.Text = rsa.PublicKey;
DisplayKeyPair();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "错误", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
