Ejemplo n.º 1
0
        public void NewTsViaEHealth()
        {
            //Read this to enable TLS1.2 on old .Net Framework:
            //https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls#configuring-security-via-the-windows-registry

            var certs = new EHealthP12(@"EHealthP12/eHealth.acc-p12", File.ReadAllText(@"EHealthP12/eHealth.acc-p12.pwd"));

            var tsa = new TimeStampAuthorityClient(new StsBinding(), new EndpointAddress(new Uri("https://services-acpt.ehealth.fgov.be/TimestampAuthority/v2")));

            tsa.ClientCredentials.ClientCertificate.Certificate = certs["authentication"];

            var provider = new EHealthTimestampProvider(tsa);

            byte[] tsBytes = provider.GetTimestampFromDocumentHash(hash, "http://www.w3.org/2001/04/xmlenc#sha256");
            File.WriteAllBytes(@"files/eHTs2.ts", tsBytes);

            TimeStampToken tst = tsBytes.ToTimeStampToken();

            Assert.True(tst.IsMatch(new MemoryStream(msg)));

            IList <CertificateList>   crls = new List <CertificateList>();
            IList <BasicOcspResponse> ocps = new List <BasicOcspResponse>();

            tst.Validate(crls, ocps);
            tst.Validate(crls, ocps, null);
        }
Ejemplo n.º 2
0
        public void NewTsViaEHealth()
        {
            //Read this to enable TLS1.2 on old .Net Framework:
            //https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls#configuring-security-via-the-windows-registry

            var tsa = new TimeStampAuthorityClient(
                new StsBinding(),
                new EndpointAddress(new Uri("https://services-acpt.ehealth.fgov.be/TimestampAuthority/v2")));

            //tsa.Endpoint.Behaviors.Remove<ClientCredentials>();
            //tsa.Endpoint.Behaviors.Add(new OptClientCredentials());
            //tsa.ClientCredentials.ServiceCertificate.DefaultCertificate = ehSsl; //not really used, but better then the workaround
            tsa.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "f794b1966a1bd1a1760bbe3a1e72f9cae1fa118c");

            var provider = new EHealthTimestampProvider(tsa);

            byte[] tsBytes = provider.GetTimestampFromDocumentHash(hash, "http://www.w3.org/2001/04/xmlenc#sha256");

            TimeStampToken tst = tsBytes.ToTimeStampToken();

            Assert.IsTrue(tst.IsMatch(new MemoryStream(msg)));

            IList <CertificateList>   crls = new List <CertificateList>();
            IList <BasicOcspResponse> ocps = new List <BasicOcspResponse>();

            tst.Validate(crls, ocps);
            tst.Validate(crls, ocps, null);
        }
Ejemplo n.º 3
0
        public void NewTsViaEHealth()
        {
            var tsa = new TimeStampAuthorityClient(
                new StsBinding(),
                new EndpointAddress(
                    new Uri("https://services-acpt.ehealth.fgov.be/TimestampAuthority/v2")
                    , EndpointIdentity.CreateDnsIdentity("*.int.pub.ehealth.fgov.be")
                    )
                );

            //tsa.Endpoint.Behaviors.Remove<ClientCredentials>();
            //tsa.Endpoint.Behaviors.Add(new OptClientCredentials());
            tsa.ClientCredentials.ServiceCertificate.DefaultCertificate = ehSsl; //not really used, but better then the workaround
            tsa.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "684d0c3a2243cc2f59285be5234b89fc2bd33f6b");

            var provider = new EHealthTimestampProvider(tsa);

            byte[] tsBytes = provider.GetTimestampFromDocumentHash(hash, "http://www.w3.org/2001/04/xmlenc#sha256");

            TimeStampToken tst = tsBytes.ToTimeStampToken();

            Assert.IsTrue(tst.IsMatch(new MemoryStream(msg)));

            IList <CertificateList>   crls = new List <CertificateList>();
            IList <BasicOcspResponse> ocps = new List <BasicOcspResponse>();

            tst.Validate(crls, ocps);
            tst.Validate(crls, ocps, null);
        }
Ejemplo n.º 4
0
        public void Java2NetAddressedLTALevel()
        {
            RunJava("etee.crypto.test.Seal NONE");

            File.Copy(GetAbsoluteTestFilePath("message_to_bob.msg"), GetAbsoluteTestFilePath("message_to_store.msg"), true);

            String output = RunJava("etee.crypto.test.Verify OPTIONAL");

            SHA256 sha = SHA256.Create();

            byte[] hash = sha.ComputeHash(Convert.FromBase64String(output.Trim()));

            var tsa = new TimeStampAuthorityClient(new StsBinding(), new EndpointAddress("https://services-acpt.ehealth.fgov.be/TimestampAuthority/v2"));

            tsa.Endpoint.Behaviors.Remove <ClientCredentials>();
            tsa.Endpoint.Behaviors.Add(new OptClientCredentials());
            tsa.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "566fd3fe13e3ab185a7224bcec8ad9cffbf9e9c2");

            var tsProvider = new EHealthTimestampProvider(tsa);

            byte[] tst = tsProvider.GetTimestampFromDocumentHash(hash, "http://www.w3.org/2001/04/xmlenc#sha256");

            File.Copy(GetAbsoluteTestFilePath("message_to_bob.msg"), GetAbsoluteTestFilePath("message_to_store.msg"), true);

            RunJava("etee.crypto.test.Stamp " + Convert.ToBase64String(tst));

            UnsealResult result;
            FileStream   file = new FileStream(GetAbsoluteTestFilePath("message_to_bob.msg"), FileMode.Open);

            using (file)
            {
                IDataUnsealer unsealer = DataUnsealerFactory.Create(Level.LTA_Level, bob);
                result = unsealer.Unseal(file);
            }
            System.Console.WriteLine(result.SecurityInformation);

            Assert.AreEqual(Egelke.EHealth.Etee.Crypto.Status.TrustStatus.Full, result.SecurityInformation.TrustStatus);
            Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);

            Assert.AreEqual("SERIALNUMBER=79021802145, G=Bryan Eduard, SN=Brouckaert, CN=Bryan Brouckaert (Authentication), C=BE", result.AuthenticationCertificate.Subject);

            byte[] bytes = new byte[result.UnsealedData.Length];
            result.UnsealedData.Read(bytes, 0, bytes.Length);
            String msg = Encoding.UTF8.GetString(bytes);

            Assert.IsTrue(msg.StartsWith("This is a message to bob"));
        }