private void VerifyEnvelopedData(CmsEnvelopedDataParser envelopedParser, string symAlgorithmOID)
{
byte[] privKeyData = GetRfc4134Data("BobPrivRSAEncrypt.pri");
IAsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyData);
Assert.IsTrue(privKey.IsPrivate);
Assert.IsTrue(privKey is RsaKeyParameters);
RecipientInformationStore recipients = envelopedParser.GetRecipientInfos();
Assert.AreEqual(envelopedParser.EncryptionAlgOid, symAlgorithmOID);
ArrayList c = new ArrayList(recipients.GetRecipients());
Assert.LessOrEqual(1, c.Count);
Assert.GreaterOrEqual(2, c.Count);
VerifyRecipient((RecipientInformation)c[0], privKey);
if (c.Count == 2)
{
RecipientInformation recInfo = (RecipientInformation)c[1];
Assert.AreEqual(PkcsObjectIdentifiers.IdAlgCmsRC2Wrap.Id, recInfo.KeyEncryptionAlgOid);
}
}
public void TestRfc4134Ex5_1()
{
byte[] data = Hex.Decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
// KeyFactory kFact = KeyFactory.GetInstance("RSA");
// Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(bobPrivRsaEncrypt);
CmsEnvelopedData ed = new CmsEnvelopedData(rfc4134ex5_1);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual("1.2.840.113549.3.7", ed.EncryptionAlgOid);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
byte[] recData = recipient.GetContent(key);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
public void TestKeyTransSmallAesUsingAoepMixed()
{
byte[] data = new byte[] { 0, 1, 2, 3 };
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
edGen.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(ReciCert, new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1withSHA1Padding", ReciCert)));
CmsEnvelopedData ed = edGen.Generate(
new CmsProcessableByteArray(data),
CmsEnvelopedDataGenerator.Aes128Cbc);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(ed.EncryptionAlgOid,
CmsEnvelopedDataGenerator.Aes128Cbc);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
byte[] recData = recipient.GetContent(ReciKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
private void checkCertReqMsgWithArchiveControl(AsymmetricCipherKeyPair kp, CertificateRequestMessage certReqMessage)
{
var archiveControl =
(PkiArchiveControl)certReqMessage.GetControl(CrmfObjectIdentifiers.id_regCtrl_pkiArchiveOptions);
IsEquals("Archive type", PkiArchiveControl.encryptedPrivKey, archiveControl.ArchiveType);
IsTrue(archiveControl.EnvelopedData);
RecipientInformationStore recips = archiveControl.GetEnvelopedData().GetRecipientInfos();
ArrayList collection = (ArrayList)recips.GetRecipients();
IsTrue(collection.Count == 1);
KeyTransRecipientInformation info = (KeyTransRecipientInformation)collection[0];
EncKeyWithID encKeyWithId = EncKeyWithID.GetInstance(info.GetContent(kp.Private));
IsTrue(encKeyWithId.HasIdentifier);
IsTrue(!encKeyWithId.IsIdentifierUtf8String); // GeneralName at this point.
IsTrue("Name", X509Name.GetInstance(GeneralName.GetInstance(encKeyWithId.Identifier).Name).Equivalent(new X509Name("CN=Test")));
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(kp.Private);
IsTrue("Private Key", Arrays.AreEqual(privateKeyInfo.GetEncoded(), encKeyWithId.PrivateKey.GetEncoded()));
}
private void TryKekAlgorithm(
KeyParameter kek,
DerObjectIdentifier algOid)
{
byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
byte[] kekId = new byte[] { 1, 2, 3, 4, 5 };
string keyAlgorithm = ParameterUtilities.GetCanonicalAlgorithmName(algOid.Id);
edGen.AddKekRecipient(keyAlgorithm, kek, kekId);
CmsEnvelopedData ed = edGen.Generate(
new CmsProcessableByteArray(data),
CmsEnvelopedDataGenerator.DesEde3Cbc);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);
ArrayList c = new ArrayList(recipients.GetRecipients());
Assert.IsTrue(c.Count > 0);
foreach (RecipientInformation recipient in c)
{
Assert.AreEqual(algOid.Id, recipient.KeyEncryptionAlgOid);
byte[] recData = recipient.GetContent(kek);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
private void tryKekAlgorithm(KeyParameter kek, DerObjectIdentifier algOid)
{
byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna");
CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
byte[] kekId = new byte[] { 1, 2, 3, 4, 5 };
// FIXME Will this work for macs?
string keyAlgorithm = ParameterUtilities.GetCanonicalAlgorithmName(algOid.Id);
adGen.AddKekRecipient(keyAlgorithm, kek, kekId);
CmsAuthenticatedData ad = adGen.Generate(
new CmsProcessableByteArray(data),
CmsAuthenticatedDataGenerator.DesEde3Cbc);
RecipientInformationStore recipients = ad.GetRecipientInfos();
Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
Assert.AreEqual(recipient.KeyEncryptionAlgOid, algOid.Id);
byte[] recData = recipient.GetContent(kek);
Assert.IsTrue(Arrays.AreEqual(data, recData));
Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
}
}
private void TryKeyTrans(
string generatorOID,
DerObjectIdentifier checkOID,
Type asn1Params)
{
byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
edGen.AddKeyTransRecipient(ReciCert);
CmsEnvelopedData ed = edGen.Generate(new CmsProcessableByteArray(data), generatorOID);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(checkOID.Id, ed.EncryptionAlgOid);
if (asn1Params != null)
{
Assert.IsTrue(asn1Params.IsInstanceOfType(ed.EncryptionAlgorithmID.Parameters));
}
ArrayList c = new ArrayList(recipients.GetRecipients());
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
byte[] recData = recipient.GetContent(ReciKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
public void TestErroneousKek()
{
byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");
KeyParameter kek = ParameterUtilities.CreateKeyParameter(
"AES",
new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 });
CmsEnvelopedData ed = new CmsEnvelopedData(oldKEK);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
Assert.AreEqual(recipient.KeyEncryptionAlgOid, NistObjectIdentifiers.IdAes128Wrap.Id);
byte[] recData = recipient.GetContent(kek);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
public void TestKeyTransOdes()
{
byte[] data = Encoding.ASCII.GetBytes("WallaWallaBouncyCastle");
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
edGen.AddKeyTransRecipient(ReciCert);
CmsEnvelopedData ed = edGen.Generate(
new CmsProcessableByteArray(data),
OiwObjectIdentifiers.DesCbc.Id);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(ed.EncryptionAlgOid, OiwObjectIdentifiers.DesCbc.Id);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
byte[] recData = recipient.GetContent(ReciKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
public void TestKeyTransSmallAes()
{
byte[] data = new byte[] { 0, 1, 2, 3 };
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
edGen.AddKeyTransRecipient(ReciCert);
CmsEnvelopedData ed = edGen.Generate(
new CmsProcessableByteArray(data),
CmsEnvelopedDataGenerator.Aes128Cbc);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(ed.EncryptionAlgOid,
CmsEnvelopedDataGenerator.Aes128Cbc);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
byte[] recData = recipient.GetContent(ReciKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
public void TestKeyTrans128RC4()
{
byte[] data = Encoding.ASCII.GetBytes("WallaWallaBouncyCastle");
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
edGen.AddKeyTransRecipient(ReciCert);
CmsEnvelopedData ed = edGen.Generate(
new CmsProcessableByteArray(data),
"1.2.840.113549.3.4", 128); // RC4 OID
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(ed.EncryptionAlgOid, "1.2.840.113549.3.4");
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
byte[] recData = recipient.GetContent(ReciKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
public string Decrypt(string cipherText)
{
byte[] cipherBytes = Convert.FromBase64String(cipherText);
var envelopedData = new CmsEnvelopedData(cipherBytes);
RecipientInformationStore recipientsStore = envelopedData.GetRecipientInfos();
ICollection recipientsCollection = recipientsStore.GetRecipients();
IList recipients = recipientsCollection as IList;
byte[] plainBytes = new byte[] { };
int index = 0;
foreach (KeyTransRecipientInformation recipientInfo in recipients)
{
// todo: better approach than catching n exceptions.
RecipientInformation recipient = recipientsStore.GetFirstRecipient(recipientInfo.RecipientID);
try
{
plainBytes = recipient.GetContent(this.privateKey);
break;
}
catch (CmsException e) when(index != recipientsStore.Count - 1)
{
}
index++;
}
return(Encoding.UTF8.GetString(plainBytes));
}
private void tryKeyTrans(
string macAlg)
{
byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna");
CmsAuthenticatedDataStreamGenerator adGen = new CmsAuthenticatedDataStreamGenerator();
adGen.AddKeyTransRecipient(ReciCert);
MemoryStream bOut = new MemoryStream();
Stream aOut = adGen.Open(bOut, macAlg);
aOut.Write(data, 0, data.Length);
aOut.Close();
CmsAuthenticatedDataParser ad = new CmsAuthenticatedDataParser(bOut.ToArray());
RecipientInformationStore recipients = ad.GetRecipientInfos();
Assert.AreEqual(ad.MacAlgOid, macAlg);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
byte[] recData = recipient.GetContent(ReciKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
}
}
public void TestKeyTransSmallAesUsingAoepMixedParams()
{
byte[] data = new byte[] { 0, 1, 2, 3 };
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
edGen.AddRecipientInfoGenerator(
new KeyTransRecipientInfoGenerator(
ReciCert,
new Asn1KeyWrapper(
PkcsObjectIdentifiers.IdRsaesOaep,
new RsaesOaepParameters(
new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance))),
ReciCert)));
CmsEnvelopedData ed = edGen.Generate(
new CmsProcessableByteArray(data),
CmsEnvelopedDataGenerator.Aes128Cbc);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(ed.EncryptionAlgOid,
CmsEnvelopedDataGenerator.Aes128Cbc);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
byte[] recData = recipient.GetContent(ReciKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
public void TestECMqvKeyAgreeMultiple()
{
byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
ArrayList recipientCerts = new ArrayList();
recipientCerts.Add(ReciECCert);
recipientCerts.Add(ReciECCert2);
edGen.AddKeyAgreementRecipients(
CmsEnvelopedDataGenerator.ECMqvSha1Kdf,
OrigECKP.Private,
OrigECKP.Public,
recipientCerts,
CmsEnvelopedDataGenerator.Aes128Wrap);
CmsEnvelopedData ed = edGen.Generate(
new CmsProcessableByteArray(data),
CmsEnvelopedDataGenerator.Aes128Cbc);
Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
RecipientInformationStore recipients = ed.GetRecipientInfos();
ConfirmDataReceived(recipients, data, ReciECCert, ReciECKP.Private);
ConfirmDataReceived(recipients, data, ReciECCert2, ReciECKP2.Private);
ConfirmNumberRecipients(recipients, 2);
}
private void tryKeyTrans(string macAlg)
{
byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna");
CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
adGen.AddKeyTransRecipient(ReciCert);
CmsAuthenticatedData ad = adGen.Generate(
new CmsProcessableByteArray(data),
macAlg);
RecipientInformationStore recipients = ad.GetRecipientInfos();
Assert.AreEqual(ad.MacAlgOid, macAlg);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
byte[] recData = recipient.GetContent(ReciKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
}
}
public void TestECKeyAgree()
{
byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
adGen.AddKeyAgreementRecipient(CmsAuthenticatedDataGenerator.ECDHSha1Kdf, OrigECKP.Private, OrigECKP.Public, ReciECCert, CmsAuthenticatedDataGenerator.Aes128Wrap);
CmsAuthenticatedData ad = adGen.Generate(
new CmsProcessableByteArray(data),
CmsAuthenticatedDataGenerator.DesEde3Cbc);
RecipientInformationStore recipients = ad.GetRecipientInfos();
Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
byte[] recData = recipient.GetContent(ReciECKP.Private);
Assert.IsTrue(Arrays.AreEqual(data, recData));
Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
}
}
private void passwordTest(string algorithm)
{
byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
adGen.AddPasswordRecipient(new Pkcs5Scheme2PbeKey("password".ToCharArray(), new byte[20], 5), algorithm);
CmsAuthenticatedData ad = adGen.Generate(
new CmsProcessableByteArray(data),
CmsAuthenticatedDataGenerator.DesEde3Cbc);
RecipientInformationStore recipients = ad.GetRecipientInfos();
Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (PasswordRecipientInformation recipient in c)
{
CmsPbeKey key = new Pkcs5Scheme2PbeKey("password".ToCharArray(), recipient.KeyDerivationAlgorithm);
byte[] recData = recipient.GetContent(key);
Assert.IsTrue(Arrays.AreEqual(data, recData));
Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
}
}
private void VerifyECMqvKeyAgreeVectors(
AsymmetricKeyParameter privKey,
string wrapAlg,
byte[] message)
{
byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CmsEnvelopedData ed = new CmsEnvelopedData(message);
RecipientInformationStore recipients = ed.GetRecipientInfos();
ICollection c = recipients.GetRecipients();
Assert.AreEqual(wrapAlg, ed.EncryptionAlgOid);
Assert.AreEqual(1, c.Count);
foreach (RecipientInformation recipient in c)
{
Assert.AreEqual("1.3.133.16.840.63.0.16", recipient.KeyEncryptionAlgOid);
byte[] recData = recipient.GetContent(privKey);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
private void PasswordUtf8Test(
string algorithm)
{
byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
edGen.AddPasswordRecipient(
new Pkcs5Scheme2Utf8PbeKey("abc\u5639\u563b".ToCharArray(), new byte[20], 5),
algorithm);
CmsEnvelopedData ed = edGen.Generate(
new CmsProcessableByteArray(data),
CmsEnvelopedDataGenerator.Aes128Cbc);
RecipientInformationStore recipients = ed.GetRecipientInfos();
Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
ICollection c = recipients.GetRecipients();
Assert.AreEqual(1, c.Count);
foreach (PasswordRecipientInformation recipient in c)
{
CmsPbeKey key = new Pkcs5Scheme2Utf8PbeKey(
"abc\u5639\u563b".ToCharArray(), recipient.KeyDerivationAlgorithm);
byte[] recData = recipient.GetContent(key);
Assert.IsTrue(Arrays.AreEqual(data, recData));
}
}
public void TestOriginatorInfo()
{
CmsEnvelopedData env = new CmsEnvelopedData(CmsSampleMessages.originatorMessage);
RecipientInformationStore recipients = env.GetRecipientInfos();
Assert.AreEqual(CmsEnvelopedDataGenerator.DesEde3Cbc, env.EncryptionAlgOid);
}
public void TestWorkingData()
{
byte[] keyData = Base64.Decode(
"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKrAz/SQKrcQ" +
"nj9IxHIfKDbuXsMqUpI06s2gps6fp7RDNvtUDDMOciWGFhD45YSy8GO0mPx3" +
"Nkc7vKBqX4TLcqLUz7kXGOHGOwiPZoNF+9jBMPNROe/B0My0PkWg9tuq+nxN" +
"64oD47+JvDwrpNOS5wsYavXeAW8Anv9ZzHLU7KwZAgMBAAECgYA/fqdVt+5K" +
"WKGfwr1Z+oAHvSf7xtchiw/tGtosZ24DOCNP3fcTXUHQ9kVqVkNyzt9ZFCT3" +
"bJUAdBQ2SpfuV4DusVeQZVzcROKeA09nPkxBpTefWbSDQGhb+eZq9L8JDRSW" +
"HyYqs+MBoUpLw7GKtZiJkZyY6CsYkAnQ+uYVWq/TIQJBAP5zafO4HUV/w4KD" +
"VJi+ua+GYF1Sg1t/dYL1kXO9GP1p75YAmtm6LdnOCas7wj70/G1YlPGkOP0V" +
"GFzeG5KAmAUCQQCryvKU9nwWA+kypcQT9Yr1P4vGS0APYoBThnZq7jEPc5Cm" +
"ZI82yseSxSeea0+8KQbZ5mvh1p3qImDLEH/iNSQFAkAghS+tboKPN10NeSt+" +
"uiGRRWNbiggv0YJ7Uldcq3ZeLQPp7/naiekCRUsHD4Qr97OrZf7jQ1HlRqTu" +
"eZScjMLhAkBNUMZCQnhwFAyEzdPkQ7LpU1MdyEopYmRssuxijZao5JLqQAGw" +
"YCzXokGFa7hz72b09F4DQurJL/WuDlvvu4jdAkEAxwT9lylvfSfEQw4/qQgZ" +
"MFB26gqB6Gqs1pHIZCzdliKx5BO3VDeUGfXMI8yOkbXoWbYx5xPid/+N8R//" +
"+sxLBw==");
byte[] envData = Base64.Decode(
"MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1C" +
"b3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBHjANBgkqhkiG9w0BAQEFAASB" +
"gDmnaDZ0vDJNlaUSYyEXsgbaUH+itNTjCOgv77QTX2ImXj+kTctM19PQF2I1" +
"0/NL0fjakvCgBTHKmk13a7jqB6cX3bysenHNrglHsgNGgeXQ7ggAq5fV/JQQ" +
"T7rSxEtuwpbuHQnoVUZahOHVKy/a0uLr9iIh1A3y+yZTZaG505ZJMIAGCSqG" +
"SIb3DQEHATAdBglghkgBZQMEAQIEENmkYNbDXiZxJWtq82qIRZKggAQgkOGr" +
"1JcTsADStez1eY4+rO4DtyBIyUYQ3pilnbirfPkAAAAAAAAAAAAA");
CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(envData);
RecipientInformationStore recipients = ep.GetRecipientInfos();
Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
ICollection c = recipients.GetRecipients();
// PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyData);
// KeyFactory keyFact = KeyFactory.GetInstance("RSA");
// Key priKey = keyFact.generatePrivate(keySpec);
AsymmetricKeyParameter priKey = PrivateKeyFactory.CreateKey(keyData);
byte[] data = Hex.Decode("57616c6c6157616c6c6157617368696e67746f6e");
foreach (RecipientInformation recipient in c)
{
Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
CmsTypedStream recData = recipient.GetContentStream(priKey);
byte[] compare = CmsTestUtil.StreamToByteArray(recData.ContentStream);
Assert.IsTrue(Arrays.AreEqual(data, compare));
}
}
public static byte[] DekrypterData2(byte[] kryptertData, AsymmetricKeyParameter privateKey)
{
CmsEnvelopedDataParser cmsEnvelopedDataParser = new CmsEnvelopedDataParser(kryptertData);
RecipientInformationStore recipientInformationStore = cmsEnvelopedDataParser.GetRecipientInfos();
IEnumerator enumerator = recipientInformationStore.GetRecipients().GetEnumerator();
enumerator.MoveNext();
RecipientInformation recipientInformation = enumerator.Current as RecipientInformation;
return(recipientInformation.GetContent(privateKey));
}
public CmsEnvelopedDataParser(Stream envelopedData)
: base(envelopedData)
{
_attrNotRead = true;
this.envelopedData = new EnvelopedDataParser((Asn1SequenceParser)contentInfo.GetContent(16));
Asn1Set instance = Asn1Set.GetInstance(this.envelopedData.GetRecipientInfos().ToAsn1Object());
EncryptedContentInfoParser encryptedContentInfo = this.envelopedData.GetEncryptedContentInfo();
_encAlg = encryptedContentInfo.ContentEncryptionAlgorithm;
CmsReadable readable = new CmsProcessableInputStream(((Asn1OctetStringParser)encryptedContentInfo.GetEncryptedContent(4)).GetOctetStream());
CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsEnvelopedSecureReadable(_encAlg, readable);
recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(instance, secureReadable);
}
public CmsEnvelopedData(ContentInfo contentInfo)
{
this.contentInfo = contentInfo;
EnvelopedData instance = EnvelopedData.GetInstance(contentInfo.Content);
Asn1Set recipientInfos = instance.RecipientInfos;
EncryptedContentInfo encryptedContentInfo = instance.EncryptedContentInfo;
encAlg = encryptedContentInfo.ContentEncryptionAlgorithm;
CmsReadable readable = new CmsProcessableByteArray(encryptedContentInfo.EncryptedContent.GetOctets());
CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsEnvelopedSecureReadable(encAlg, readable);
recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(recipientInfos, secureReadable);
unprotectedAttributes = instance.UnprotectedAttrs;
}
public CmsAuthenticatedDataParser(Stream envelopedData)
: base(envelopedData)
{
authAttrNotRead = true;
authData = new AuthenticatedDataParser((Asn1SequenceParser)contentInfo.GetContent(16));
Asn1Set instance = Asn1Set.GetInstance(authData.GetRecipientInfos().ToAsn1Object());
macAlg = authData.GetMacAlgorithm();
ContentInfoParser enapsulatedContentInfo = authData.GetEnapsulatedContentInfo();
CmsReadable readable = new CmsProcessableInputStream(((Asn1OctetStringParser)enapsulatedContentInfo.GetContent(4)).GetOctetStream());
CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsAuthenticatedSecureReadable(macAlg, readable);
_recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(instance, secureReadable);
}
private static void ConfirmDataReceived(RecipientInformationStore recipients,
byte[] expectedData, X509Certificate reciCert, AsymmetricKeyParameter reciPrivKey)
{
RecipientID rid = new RecipientID();
rid.Issuer = PrincipalUtilities.GetIssuerX509Principal(reciCert);
rid.SerialNumber = reciCert.SerialNumber;
RecipientInformation recipient = recipients[rid];
Assert.IsNotNull(recipient);
byte[] actualData = recipient.GetContent(reciPrivKey);
Assert.IsTrue(Arrays.AreEqual(expectedData, actualData));
}
public CmsAuthenticatedData(ContentInfo contentInfo)
{
this.contentInfo = contentInfo;
AuthenticatedData instance = AuthenticatedData.GetInstance(contentInfo.Content);
Asn1Set recipientInfos = instance.RecipientInfos;
macAlg = instance.MacAlgorithm;
ContentInfo encapsulatedContentInfo = instance.EncapsulatedContentInfo;
CmsReadable readable = new CmsProcessableByteArray(Asn1OctetString.GetInstance(encapsulatedContentInfo.Content).GetOctets());
CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsAuthenticatedSecureReadable(macAlg, readable);
recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(recipientInfos, secureReadable);
authAttrs = instance.AuthAttrs;
mac = instance.Mac.GetOctets();
unauthAttrs = instance.UnauthAttrs;
}
public CmsAuthEnvelopedData(ContentInfo contentInfo)
{
this.contentInfo = contentInfo;
AuthEnvelopedData instance = AuthEnvelopedData.GetInstance(contentInfo.Content);
originator = instance.OriginatorInfo;
Asn1Set recipientInfos = instance.RecipientInfos;
EncryptedContentInfo authEncryptedContentInfo = instance.AuthEncryptedContentInfo;
authEncAlg = authEncryptedContentInfo.ContentEncryptionAlgorithm;
CmsSecureReadable secureReadable = new AuthEnvelopedSecureReadable(this);
recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(recipientInfos, secureReadable);
authAttrs = instance.AuthAttrs;
mac = instance.Mac.GetOctets();
unauthAttrs = instance.UnauthAttrs;
}
public void TestTwoAesKek()
{
byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");
KeyParameter kek1 = CmsTestUtil.MakeAes192Key();
KeyParameter kek2 = CmsTestUtil.MakeAes192Key();
CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
byte[] kekId1 = new byte[] { 1, 2, 3, 4, 5 };
byte[] kekId2 = new byte[] { 5, 4, 3, 2, 1 };
edGen.AddKekRecipient("AES192", kek1, kekId1);
edGen.AddKekRecipient("AES192", kek2, kekId2);
MemoryStream bOut = new MemoryStream();
Stream outStream = edGen.Open(
bOut,
CmsEnvelopedDataGenerator.DesEde3Cbc);
outStream.Write(data, 0, data.Length);
outStream.Close();
CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());
RecipientInformationStore recipients = ep.GetRecipientInfos();
Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);
RecipientID recSel = new RecipientID();
recSel.KeyIdentifier = kekId2;
RecipientInformation recipient = recipients.GetFirstRecipient(recSel);
Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25");
CmsTypedStream recData = recipient.GetContentStream(kek2);
Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));
ep.Close();
}
