private void Compare (KeyPairPersistence saved, KeyPairPersistence loaded)
{
// Note: there is an additional Environement.NewLine
// at the end of the loaded string - that's why we do
// not use AssertEquals (for strings)
Assert.IsTrue (loaded.Filename.StartsWith (saved.Filename), "Filename");
Assert.IsTrue (loaded.KeyValue.StartsWith (saved.KeyValue), "KeyValue");
Assert.IsTrue (loaded.Parameters.KeyContainerName.StartsWith (saved.Parameters.KeyContainerName), "Parameters.KeyContainerName");
Assert.AreEqual (saved.Parameters.KeyNumber, loaded.Parameters.KeyNumber, "Parameters.KeyNumber");
Assert.IsTrue (loaded.Parameters.ProviderName.StartsWith (saved.Parameters.ProviderName), "Parameters.ProviderName");
Assert.AreEqual (saved.Parameters.ProviderType, loaded.Parameters.ProviderType, "Parameters.ProviderType");
}
private static bool CanSecure(string path)
{
switch (Environment.OSVersion.Platform)
{
case PlatformID.Unix:
case PlatformID.MacOSX:
case (PlatformID)128:
return(true);
default:
return(KeyPairPersistence._CanSecure(Path.GetPathRoot(path)));
}
}
public void CspTypeProvider ()
{
try {
CspParameters cp = new CspParameters (-2, "Provider");
KeyPairPersistence kpp = new KeyPairPersistence (cp, "<keypair/>");
kpp.Save ();
Assert.IsTrue (File.Exists (kpp.Filename), "Save-Exists");
// we didn't supply a name so we can't load it back
kpp.Remove ();
Assert.IsFalse (File.Exists (kpp.Filename), "Remove-!Exists");
}
catch (UnauthorizedAccessException) {
Assert.Ignore ("Access denied to key containers files.");
}
}
public void Save()
{
using (FileStream fileStream = File.Open(this.Filename, FileMode.Create))
{
StreamWriter streamWriter = new StreamWriter((Stream)fileStream, Encoding.UTF8);
streamWriter.Write(this.ToXml());
streamWriter.Close();
}
if (this.UseMachineKeyStore)
{
KeyPairPersistence.ProtectMachine(this.Filename);
}
else
{
KeyPairPersistence.ProtectUser(this.Filename);
}
}
public void Save()
{
if (Environment.SocketSecurityEnabled)
{
return;
}
using (FileStream fileStream = File.Open(this.Filename, FileMode.Create))
{
StreamWriter streamWriter = new StreamWriter(fileStream, Encoding.UTF8);
streamWriter.Write(this.ToXml());
streamWriter.Close();
}
if (this.UseMachineKeyStore)
{
KeyPairPersistence.ProtectMachine(this.Filename);
}
else
{
KeyPairPersistence.ProtectUser(this.Filename);
}
}
private static bool ProtectMachine(string path)
{
return(!KeyPairPersistence.CanSecure(path) || KeyPairPersistence._ProtectMachine(path));
}
public DSACryptoServiceProvider (int dwKeySize, CspParameters parameters)
{
LegalKeySizesValue = new KeySizes [1];
LegalKeySizesValue [0] = new KeySizes (512, 1024, 64);
// will throw an exception is key size isn't supported
KeySize = dwKeySize;
dsa = new DSAManaged (dwKeySize);
dsa.KeyGenerated += new DSAManaged.KeyGeneratedEventHandler (OnKeyGenerated);
persistKey = (parameters != null);
if (parameters == null) {
parameters = new CspParameters (PROV_DSS_DH);
if (useMachineKeyStore)
parameters.Flags |= CspProviderFlags.UseMachineKeyStore;
store = new KeyPairPersistence (parameters);
// no need to load - it cannot exists
}
else {
store = new KeyPairPersistence (parameters);
store.Load ();
if (store.KeyValue != null) {
persisted = true;
this.FromXmlString (store.KeyValue);
}
}
}
public void CspNoChangesPermitted ()
{
try {
CspParameters cp = new CspParameters (-8, "Provider", "Container");
cp.KeyNumber = 0;
cp.Flags = CspProviderFlags.UseMachineKeyStore;
KeyPairPersistence kpp = new KeyPairPersistence (cp);
CspParameters copy = kpp.Parameters;
copy.Flags = CspProviderFlags.UseDefaultKeyContainer;
copy.KeyContainerName = "NewContainerName";
copy.KeyNumber = 1;
copy.ProviderName = "NewProviderName";
copy.ProviderType = -9;
Assert.IsTrue (cp.Flags != copy.Flags, "Flags");
Assert.IsTrue (cp.KeyContainerName != copy.KeyContainerName, "KeyContainerName");
Assert.IsTrue (cp.KeyNumber != copy.KeyNumber, "KeyNumber");
Assert.IsTrue (cp.ProviderName != copy.ProviderName, "ProviderName");
Assert.IsTrue (cp.ProviderType != copy.ProviderType, "ProviderType");
}
catch (UnauthorizedAccessException) {
Assert.Ignore ("Access denied to key containers files.");
}
}
void Common (int dwKeySize, bool parameters)
{
// Microsoft RSA CSP can do between 384 and 16384 bits keypair
LegalKeySizesValue = new KeySizes [1];
LegalKeySizesValue [0] = new KeySizes (384, 16384, 8);
base.KeySize = dwKeySize;
rsa = new RSAManaged (KeySize);
rsa.KeyGenerated += new RSAManaged.KeyGeneratedEventHandler (OnKeyGenerated);
persistKey = parameters;
if (parameters)
return;
// no need to load - it cannot exists
var p = new CspParameters (PROV_RSA_FULL);
if (useMachineKeyStore)
p.Flags |= CspProviderFlags.UseMachineKeyStore;
store = new KeyPairPersistence (p);
}
private X509Certificate LoadCertificate (string filename)
{
byte[] data = Load (filename);
X509Certificate cert = new X509Certificate (data);
#if !NET_2_1
// If privateKey it's available, load it too..
CspParameters cspParams = new CspParameters ();
cspParams.KeyContainerName = CryptoConvert.ToHex (cert.Hash);
if (_storePath.StartsWith (X509StoreManager.LocalMachinePath))
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
KeyPairPersistence kpp = new KeyPairPersistence (cspParams);
try {
if (!kpp.Load ())
return cert;
}
catch {
return cert;
}
if (cert.RSA != null)
cert.RSA = new RSACryptoServiceProvider (cspParams);
else if (cert.DSA != null)
cert.DSA = new DSACryptoServiceProvider (cspParams);
#endif
return cert;
}
public void CspTypeProviderContainer ()
{
try {
CspParameters cp = new CspParameters (-3, "Provider", "Container");
KeyPairPersistence kpp = new KeyPairPersistence (cp, "<keypair/>");
kpp.Save ();
Assert.IsTrue (File.Exists (kpp.Filename), "Save-Exists");
KeyPairPersistence kpp2 = new KeyPairPersistence (cp);
Assert.IsTrue (kpp2.Load (), "Load");
Compare (kpp, kpp2);
kpp.Remove ();
Assert.IsFalse (File.Exists (kpp.Filename), "Remove-!Exists");
}
catch (UnauthorizedAccessException) {
Assert.Ignore ("Access denied to key containers files.");
}
}
public void ImportCspBlob (byte[] keyBlob)
{
if (keyBlob == null)
throw new ArgumentNullException ("keyBlob");
RSA rsa = CryptoConvert.FromCapiKeyBlob (keyBlob);
if (rsa is RSACryptoServiceProvider) {
// default (if no change are present in machine.config)
RSAParameters rsap = rsa.ExportParameters (!(rsa as RSACryptoServiceProvider).PublicOnly);
ImportParameters (rsap);
} else {
// we can't know from RSA if the private key is available
try {
// so we try it...
RSAParameters rsap = rsa.ExportParameters (true);
ImportParameters (rsap);
}
catch {
// and fall back
RSAParameters rsap = rsa.ExportParameters (false);
ImportParameters (rsap);
}
}
var p = new CspParameters (PROV_RSA_FULL);
p.KeyNumber = keyBlob [5] == 0x24 ? AT_SIGNATURE : AT_KEYEXCHANGE;
if (useMachineKeyStore)
p.Flags |= CspProviderFlags.UseMachineKeyStore;
store = new KeyPairPersistence (p);
}
void Common (int dwKeySize, bool parameters)
{
LegalKeySizesValue = new KeySizes [1];
LegalKeySizesValue [0] = new KeySizes (512, 1024, 64);
// will throw an exception is key size isn't supported
KeySize = dwKeySize;
dsa = new DSAManaged (dwKeySize);
dsa.KeyGenerated += new DSAManaged.KeyGeneratedEventHandler (OnKeyGenerated);
persistKey = parameters;
if (parameters)
return;
var p = new CspParameters (PROV_DSS_DH);
if (useMachineKeyStore)
p.Flags |= CspProviderFlags.UseMachineKeyStore;
store = new KeyPairPersistence (p);
// no need to load - it cannot exists
}
private static bool CanSecure(string path)
{
int platform = (int)Environment.OSVersion.Platform;
return(platform == 4 || platform == 128 || platform == 6 || KeyPairPersistence._CanSecure(Path.GetPathRoot(path)));
}
public void Save ()
{
var csp = new CspParameters (1);
if (machineStore)
csp.Flags |= CspProviderFlags.UseMachineKeyStore;
csp.ProviderName = String.Empty;
csp.KeyContainerName = ContainerName;
var kpp = new KeyPairPersistence (csp, KeyValue);
kpp.Save ();
}
public void CspFlagsDefaultMachine ()
{
try {
CspParameters cp = new CspParameters (-7, "Provider", "Container");
cp.Flags = CspProviderFlags.UseDefaultKeyContainer | CspProviderFlags.UseMachineKeyStore;
KeyPairPersistence kpp = new KeyPairPersistence (cp, "<keypair/>");
kpp.Save ();
Assert.IsTrue (File.Exists (kpp.Filename), "Save-Exists");
KeyPairPersistence kpp2 = new KeyPairPersistence (cp);
Assert.IsTrue (kpp2.Load (), "Load");
Compare (kpp, kpp2);
kpp.Remove ();
Assert.IsFalse (File.Exists (kpp.Filename), "Remove-!Exists");
}
catch (CryptographicException ce) {
// not everyone can write to the machine store
if (!(ce.InnerException is UnauthorizedAccessException))
throw;
Assert.Ignore ("Access denied to key containers files.");
}
catch (UnauthorizedAccessException) {
Assert.Ignore ("Access denied to key containers files.");
}
}
private void Common (int dwKeySize, CspParameters p)
{
// Microsoft RSA CSP can do between 384 and 16384 bits keypair
LegalKeySizesValue = new KeySizes [1];
LegalKeySizesValue [0] = new KeySizes (384, 16384, 8);
base.KeySize = dwKeySize;
rsa = new RSAManaged (KeySize);
rsa.KeyGenerated += new RSAManaged.KeyGeneratedEventHandler (OnKeyGenerated);
persistKey = (p != null);
if (p == null) {
p = new CspParameters (PROV_RSA_FULL);
#if NET_1_1
if (useMachineKeyStore)
p.Flags |= CspProviderFlags.UseMachineKeyStore;
#endif
store = new KeyPairPersistence (p);
// no need to load - it cannot exists
}
else {
store = new KeyPairPersistence (p);
store.Load ();
if (store.KeyValue != null) {
persisted = true;
this.FromXmlString (store.KeyValue);
}
}
}
private void Common (int dwKeySize, CspParameters p)
{
// Microsoft RSA CSP can do between 384 and 16384 bits keypair
LegalKeySizesValue = new KeySizes [1];
LegalKeySizesValue [0] = new KeySizes (384, 16384, 8);
base.KeySize = dwKeySize;
rsa = new RSAManaged (KeySize);
rsa.KeyGenerated += new RSAManaged.KeyGeneratedEventHandler (OnKeyGenerated);
persistKey = (p != null);
if (p == null) {
p = new CspParameters (PROV_RSA_FULL);
if (useMachineKeyStore)
p.Flags |= CspProviderFlags.UseMachineKeyStore;
store = new KeyPairPersistence (p);
// no need to load - it cannot exists
}
else {
store = new KeyPairPersistence (p);
bool exists = store.Load ();
bool required = (p.Flags & CspProviderFlags.UseExistingKey) != 0;
if (required && !exists)
throw new CryptographicException ("Keyset does not exist");
if (store.KeyValue != null) {
persisted = true;
this.FromXmlString (store.KeyValue);
}
}
}
static void DisplayCertificate (X509Certificate x509, bool machine, bool verbose)
{
Console.WriteLine ("{0}X.509 v{1} Certificate", (x509.IsSelfSigned ? "Self-signed " : String.Empty), x509.Version);
Console.WriteLine (" Serial Number: {0}", CryptoConvert.ToHex (x509.SerialNumber));
Console.WriteLine (" Issuer Name: {0}", x509.IssuerName);
Console.WriteLine (" Subject Name: {0}", x509.SubjectName);
Console.WriteLine (" Valid From: {0}", x509.ValidFrom);
Console.WriteLine (" Valid Until: {0}", x509.ValidUntil);
Console.WriteLine (" Unique Hash: {0}", CryptoConvert.ToHex (x509.Hash));
if (verbose) {
Console.WriteLine (" Key Algorithm: {0}", x509.KeyAlgorithm);
Console.WriteLine (" Algorithm Parameters: {0}", (x509.KeyAlgorithmParameters == null) ? "None" :
CryptoConvert.ToHex (x509.KeyAlgorithmParameters));
Console.WriteLine (" Public Key: {0}", CryptoConvert.ToHex (x509.PublicKey));
Console.WriteLine (" Signature Algorithm: {0}", x509.SignatureAlgorithm);
Console.WriteLine (" Algorithm Parameters: {0}", (x509.SignatureAlgorithmParameters == null) ? "None" :
CryptoConvert.ToHex (x509.SignatureAlgorithmParameters));
Console.WriteLine (" Signature: {0}", CryptoConvert.ToHex (x509.Signature));
RSACryptoServiceProvider rsaCsp = x509.RSA as RSACryptoServiceProvider;
RSAManaged rsaManaged = x509.RSA as RSAManaged;
Console.WriteLine (" Private Key: {0}", ((rsaCsp != null && !rsaCsp.PublicOnly)
|| (rsaManaged != null && !rsaManaged.PublicOnly)));
CspParameters cspParams = new CspParameters ();
cspParams.KeyContainerName = CryptoConvert.ToHex (x509.Hash);
cspParams.Flags = machine ? CspProviderFlags.UseMachineKeyStore : 0;
KeyPairPersistence kpp = new KeyPairPersistence (cspParams);
Console.WriteLine (" KeyPair Key: {0}", kpp.Load ());
}
Console.WriteLine ();
}
private static bool IsMachineProtected(string path)
{
return(!KeyPairPersistence.CanSecure(path) || KeyPairPersistence._IsMachineProtected(path));
}
void Common (CspParameters p)
{
store = new KeyPairPersistence (p);
bool exists = store.Load ();
bool required = (p.Flags & CspProviderFlags.UseExistingKey) != 0;
if (required && !exists)
throw new CryptographicException ("Keyset does not exist");
if (store.KeyValue != null) {
persisted = true;
FromXmlString (store.KeyValue);
}
}
void Common (CspParameters parameters)
{
store = new KeyPairPersistence (parameters);
store.Load ();
if (store.KeyValue != null) {
persisted = true;
this.FromXmlString (store.KeyValue);
}
}
public void Constructor_Null ()
{
KeyPairPersistence kpp = new KeyPairPersistence (null);
}
