/// <summary>
/// Imports the specified RSAParameters.
/// </summary>
/// <param name="parameters">The parameters for RSA.</param>
public void ImportParameters(RSAParameters parameters)
{
bool fIncludePrivate = parameters.D != null;
int cntAttribs = fIncludePrivate ? 10 : 4;
CryptokiAttribute[] attribs = new CryptokiAttribute[cntAttribs];
attribs[0] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class,
Utility.ConvertToBytes((int)(fIncludePrivate ? CryptokiClass.PRIVATE_KEY : CryptokiClass.PUBLIC_KEY)));
attribs[1] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType,
Utility.ConvertToBytes((int)CryptoKey.KeyType.RSA));
attribs[2] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Modulus, parameters.Modulus);
attribs[3] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PublicExponent, parameters.Exponent);
if (fIncludePrivate)
{
attribs[4] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PrivateExponent, parameters.D);
attribs[5] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Exponent1, parameters.DP);
attribs[6] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Exponent2, parameters.DQ);
attribs[7] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Coefficent, parameters.InverseQ);
attribs[8] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime1, parameters.P);
attribs[9] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime2, parameters.Q);
}
KeyPair = CryptoKey.LoadKey(m_session, attribs);
OwnsKeyPair = true;
}
protected override void GenerateKeyPair()
{
CryptokiAttribute[] attribs = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueLen, Utility.ConvertToBytes(KeySizeValue))
};
KeyPairValue = CryptoKey.GenerateKeyPair(m_session, m_keyGenMech, attribs, null);
OwnsKeyPair = true;
}
protected override void GenerateKeyPair()
{
CryptokiAttribute[] attribs = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueLen, Utility.ConvertToBytes(KeySizeValue))
};
KeyPairValue = CryptoKey.GenerateKeyPair(m_session, new Mechanism(MechanismType.EC_KEY_PAIR_GEN), attribs, null);
OwnsKeyPair = true;
}
/// <summary>
/// Generates a random symmetric key for use in the signing process.
/// </summary>
/// <param name="keySize">Size of the symmetric key in bits</param>
private void GenerateKey(int keySize)
{
CryptokiAttribute[] attribs = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueLen, Utility.ConvertToBytes(keySize))
};
KeyValue = CryptoKey.GenerateKey(m_session, new Mechanism(MechanismType.GENERIC_SECRET_KEY_GEN), attribs);
OwnsKey = true;
m_mechanism.Parameter = KeyValue.Handle;
Initialize();
}
private void GetKeyAttribs()
{
byte[] keyType = new byte[4];
byte[] length = new byte[4];
CryptokiAttribute[] keyTypeAttr = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType, keyType),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueBits, length),
};
GetAttributeValues(ref keyTypeAttr);
m_keyType = (KeyType)Utility.ConvertToInt32(keyType);
m_length = Utility.ConvertToInt32(length);
}
/// <summary>
/// Imports a key of specifed type given the raw key bytes and key class.
/// </summary>
/// <param name="session">The Cryptoki session context.</param>
/// <param name="keyData">The raw key data bytes.</param>
/// <param name="keyClass">The class of key represented by the raw bytes.</param>
/// <param name="keyType">The type of key represented by the raw bytes.</param>
/// <param name="canBeExported">true if the key can be exported, false other wise.</param>
/// <returns>The key created from the specified bytes.</returns>
public static CryptoKey ImportKey(Session session, byte[] keyData, KeyClass keyClass, KeyType keyType, bool canBeExported)
{
CryptokiAttribute[] keyImport = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class, Utility.ConvertToBytes((int)keyClass)),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType, Utility.ConvertToBytes((int)keyType)),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Value, keyData),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Extractable, Utility.ConvertToBytes(canBeExported ? 1 : 0)),
};
CryptoKey ret = LoadKey(session, keyImport);
session.AddSessionObject(ret);
return(ret);
}
/// <summary>
/// Exports the key in standard Windows KeyBlob format.
/// </summary>
/// <param name="fIncludePrivate"></param>
/// <returns></returns>
public byte[] ExportKey(bool fIncludePrivate)
{
byte[] keyData = new byte[(Size + 7) / 8];
CryptokiAttribute[] keyImport = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Private, Utility.ConvertToBytes((int)(fIncludePrivate? 1 : 0))),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Value, keyData),
};
if (GetAttributeValues(ref keyImport))
{
return(keyData);
}
return(null);
}
/// <summary>
/// Exports the RSAParameters.
/// </summary>
/// <param name="includePrivateParameters">true to include private parameters; otherwise, false.</param>
/// <returns>The parameters for RSA.</returns>
public RSAParameters ExportParameters(bool includePrivateParameters)
{
RSAParameters parms = new RSAParameters();
int keySizeBytes = KeySizeValue / 8;
int cntAttribs = includePrivateParameters ? 8 : 2;
parms.Modulus = new byte[keySizeBytes];
parms.Exponent = new byte[3];
if (includePrivateParameters)
{
int halfKeyBytes = keySizeBytes / 2;
parms.D = new byte[keySizeBytes];
parms.DP = new byte[halfKeyBytes];
parms.DQ = new byte[halfKeyBytes];
parms.InverseQ = new byte[halfKeyBytes];
parms.P = new byte[halfKeyBytes];
parms.Q = new byte[halfKeyBytes];
}
CryptokiAttribute[] attribs = new CryptokiAttribute[cntAttribs];
attribs[0] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Modulus, parms.Modulus);
attribs[1] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PublicExponent, parms.Exponent);
if (includePrivateParameters)
{
attribs[2] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PrivateExponent, parms.D);
attribs[3] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Exponent1, parms.DP);
attribs[4] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Exponent2, parms.DQ);
attribs[5] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Coefficent, parms.InverseQ);
attribs[6] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime1, parms.P);
attribs[7] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime2, parms.Q);
}
if (!KeyPair.GetAttributeValues(ref attribs))
{
throw new CryptographicException();
}
return(parms);
}
/// <summary>
/// Generates a random key to use for the algorithm.
/// </summary>
public override void GenerateKey()
{
CryptoKey key;
Mechanism mech = new Mechanism(Microsoft.SPOT.Cryptoki.MechanismType.AES_KEY_GEN);
CryptokiAttribute[] attribs = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueLen, Utility.ConvertToBytes(KeySizeValue))
};
key = CryptoKey.GenerateKey(m_session, mech, attribs);
if (KeyValue != null && OwnsKey)
{
KeyValue.Dispose();
}
KeyValue = key;
OwnsKey = true;
}
/// <summary>
/// Opens a CryptoKey with the specified key name from the underlying key store.
/// </summary>
/// <param name="session">The Cryptoki session context.</param>
/// <param name="keyName">The name of the key to be opened.</param>
/// <returns>The CryptoKey for the specifed key name.</returns>
public static CryptoKey OpenKey(Session session, string keyName, string keyStore = "")
{
CryptokiAttribute[] template = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class, Utility.ConvertToBytes((int)CryptokiClass.OTP_KEY)),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Label, System.Text.UTF8Encoding.UTF8.GetBytes(keyStore)),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.ObjectID, System.Text.UTF8Encoding.UTF8.GetBytes(keyName))
};
using (FindObjectEnum objects = new FindObjectEnum(session, template))
{
CryptokiObject[] objs = objects.GetNext(1);
if (objs != null && objs.Length == 1 && objs[0] is CryptoKey)
{
return((CryptoKey)objs[0]);
}
}
return(null);
}
/// <summary>
/// Exports the DSAParameters.
/// </summary>
/// <param name="includePrivateParameters">true to include the private key; otherwise, false.</param>
/// <returns>The parameters for DSA.</returns>
public DSAParameters ExportParameters(bool includePrivateParameters)
{
DSAParameters parms = new DSAParameters();
int keySizeBytes = KeySizeValue / 8;
int cntAttribs = includePrivateParameters ? 5 : 4;
parms.P = new byte[keySizeBytes];
parms.Q = new byte[160 / 8];
parms.G = new byte[keySizeBytes];
parms.Y = new byte[keySizeBytes];
if (includePrivateParameters)
{
parms.X = new byte[160 / 8];
}
CryptokiAttribute[] attribs = new CryptokiAttribute[cntAttribs];
attribs[0] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime, parms.P);
attribs[1] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Subprime, parms.Q);
attribs[2] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Base, parms.G);
attribs[3] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PublicExponent, parms.Y);
if (includePrivateParameters)
{
attribs[4] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PrivateExponent, parms.X);
}
if (!KeyPair.GetAttributeValues(ref attribs))
{
throw new CryptographicException();
}
return(parms);
}
//
// public methods
//
/// <summary>
/// Imports the specified DSAParameters.
/// </summary>
/// <param name="parameters">The parameters for DSA.</param>
public void ImportParameters(DSAParameters parameters)
{
bool fIncludePrivate = parameters.X != null;
int cntAttribs = fIncludePrivate ? 7 : 6;
CryptokiAttribute[] attribs = new CryptokiAttribute[cntAttribs];
attribs[0] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class,
Utility.ConvertToBytes((int)(fIncludePrivate ? CryptokiClass.PRIVATE_KEY : CryptokiClass.PUBLIC_KEY)));
attribs[1] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType,
Utility.ConvertToBytes((int)CryptoKey.KeyType.DSA));
attribs[2] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime, parameters.P);
attribs[3] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Subprime, parameters.Q);
attribs[4] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Base, parameters.G);
attribs[5] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PublicExponent, parameters.Y);
if (fIncludePrivate)
{
attribs[6] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PrivateExponent, parameters.X);
}
KeyPair = CryptoKey.LoadKey(m_session, attribs);
OwnsKeyPair = true;
}
public bool GetAttributeValue(int session, int hObject, IntPtr pTemplate, int ulCount)
{
try
{
SessionData ctx = ((SessionDriver)this.Hal.Session).GetSessionCtx(session);
CryptokiObject obj = ctx.ObjectCtx.GetObject(hObject);
if (obj == null)
{
return(false);
}
DSAParameters dsaParms = new DSAParameters();
bool hasDsaParms = false;
int valueLen = 0;
RSAParameters rsaParms = new RSAParameters();
while (ulCount-- > 0)
{
CryptokiAttribute attrib = new CryptokiAttribute();
Marshal.PtrToStructure(pTemplate, attrib);
if (obj.Type == CryptokiObjectType.Cert)
{
X509Certificate2 cert = (X509Certificate2)obj.Data;
switch ((CryptokiAttribType)attrib.type)
{
case CryptokiAttribType.Class:
Marshal.WriteInt32(attrib.pValue, (int)CryptokiClass.CERTIFICATE);
valueLen = 4;
break;
case CryptokiAttribType.Private:
Marshal.WriteInt32(attrib.pValue, cert.HasPrivateKey ? 1 : 0);
valueLen = 4;
break;
case CryptokiAttribType.KeyType:
switch (cert.GetKeyAlgorithm())
{
case "1.2.840.113549.1.1.1":
Marshal.WriteInt32(attrib.pValue, (int)KeyType.RSA);
break;
default:
Marshal.WriteInt32(attrib.pValue, -1);
break;
}
valueLen = 4;
break;
case CryptokiAttribType.Issuer:
{
byte [] data = UTF8Encoding.UTF8.GetBytes(cert.Issuer);
Marshal.Copy(data, 0, attrib.pValue, data.Length);
valueLen = data.Length;
}
break;
case CryptokiAttribType.Subject:
{
byte [] data = UTF8Encoding.UTF8.GetBytes(cert.Subject);
Marshal.Copy(data, 0, attrib.pValue, data.Length);
valueLen = data.Length;
}
break;
case CryptokiAttribType.SerialNumber:
{
byte[] data = cert.GetSerialNumber();
Marshal.Copy(data, 0, attrib.pValue, data.Length);
valueLen = data.Length;
}
break;
case CryptokiAttribType.PublicExponent:
{
}
break;
case CryptokiAttribType.StartDate:
case CryptokiAttribType.EndDate:
{
DATE_TIME_INFO dti = new DATE_TIME_INFO();
DateTime dt = (CryptokiAttribType)attrib.type == CryptokiAttribType.StartDate ? cert.NotBefore : cert.NotAfter;
dti.year = dt.Year;
dti.month = dt.Month;
dti.day = dt.Day;
dti.hour = dt.Hour;
dti.minute = dt.Minute;
dti.second = dt.Second;
dti.msec = dt.Millisecond;
dti.tzOffset = TimeZoneInfo.Local.BaseUtcOffset.Hours;
Marshal.StructureToPtr(dti, attrib.pValue, true);
valueLen = Marshal.SizeOf(dti);
}
break;
case CryptokiAttribType.MechanismType:
{
switch (cert.SignatureAlgorithm.Value)
{
case "1.2.840.113549.1.1.5":
Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.SHA1_RSA_PKCS);
break;
case "1.2.840.113549.1.1.4":
Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.MD5_RSA_PKCS);
break;
case "1.2.840.113549.1.1.11":
Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.SHA256_RSA_PKCS);
break;
case "1.2.840.113549.1.1.12":
Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.SHA384_RSA_PKCS);
break;
case "1.2.840.113549.1.1.13":
Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.SHA512_RSA_PKCS);
break;
}
valueLen = 4;
}
break;
case CryptokiAttribType.Value:
valueLen = cert.RawData.Length;
Marshal.Copy(cert.RawData, 0, attrib.pValue, valueLen);
break;
case CryptokiAttribType.ValueLen:
Marshal.WriteInt32(attrib.pValue, valueLen);
break;
}
}
else if (obj.Type == CryptokiObjectType.Key)
{
object key = ((KeyData)obj.Data).KeyCsp;
switch ((CryptokiAttribType)attrib.type)
{
case CryptokiAttribType.Class:
Marshal.WriteInt32(attrib.pValue, (int)CryptokiClass.OTP_KEY);
valueLen = 4;
break;
case CryptokiAttribType.PrivateExponent:
if (key is DSACryptoServiceProvider)
{
if (!hasDsaParms)
{
dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.X.Length);
Marshal.Copy(dsaParms.X, 0, attrib.pValue, valueLen);
}
else if (key is AesCryptoServiceProvider)
{
AesCryptoServiceProvider aes = (AesCryptoServiceProvider)key;
valueLen = Math.Min((int)attrib.ulValueLen, aes.Key.Length);
Marshal.Copy(aes.Key, 0, attrib.pValue, valueLen);
}
else if (key is KeyManagementDriver.SecretKey)
{
KeyManagementDriver.SecretKey sk = (KeyManagementDriver.SecretKey)key;
valueLen = Math.Min((int)attrib.ulValueLen, sk.Data.Length);
Marshal.Copy(sk.Data, 0, attrib.pValue, valueLen);
}
else if (key is RSACryptoServiceProvider)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key;
if (rsaParms.Modulus == null)
{
rsaParms = rsa.ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.D.Length);
Marshal.Copy(rsaParms.D, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.PublicExponent:
if (key is DSACryptoServiceProvider)
{
if (!hasDsaParms)
{
dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.Y.Length);
Marshal.Copy(dsaParms.Y, 0, attrib.pValue, valueLen);
}
else if (key is ECDiffieHellman)
{
ECDiffieHellman ecdh = (ECDiffieHellman)key;
byte[] pubKey = ecdh.PublicKey.ToByteArray();
valueLen = Math.Min((int)attrib.ulValueLen, pubKey.Length - 8);
Marshal.Copy(pubKey, 8, attrib.pValue, valueLen);
}
else if (key is RSACryptoServiceProvider)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key;
if (rsaParms.Modulus == null)
{
rsaParms = rsa.ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.Exponent.Length);
Marshal.Copy(rsaParms.Exponent, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Prime:
if (key is DSACryptoServiceProvider)
{
if (!hasDsaParms)
{
dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.P.Length);
Marshal.Copy(dsaParms.P, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Subprime:
if (key is DSACryptoServiceProvider)
{
if (!hasDsaParms)
{
dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.Q.Length);
Marshal.Copy(dsaParms.Q, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Base:
if (key is DSACryptoServiceProvider)
{
if (!hasDsaParms)
{
dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.G.Length);
Marshal.Copy(dsaParms.G, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.ValueLen:
Marshal.WriteInt32(attrib.pValue, valueLen);
break;
case CryptokiAttribType.KeyType:
if (key is DSACryptoServiceProvider)
{
Marshal.WriteInt32(attrib.pValue, (int)KeyType.DSA);
}
else if (key is RSACryptoServiceProvider)
{
Marshal.WriteInt32(attrib.pValue, (int)KeyType.RSA);
}
else if (key is ECDsaCng)
{
Marshal.WriteInt32(attrib.pValue, (int)KeyType.ECDSA);
}
else if (key is ECDiffieHellman)
{
Marshal.WriteInt32(attrib.pValue, (int)KeyType.EC);
}
else if (key is AesCryptoServiceProvider)
{
Marshal.WriteInt32(attrib.pValue, (int)KeyType.AES);
}
else if (key is TripleDESCryptoServiceProvider)
{
Marshal.WriteInt32(attrib.pValue, (int)KeyType.DES3);
}
else if (key is KeyManagementDriver.SecretKey)
{
Marshal.WriteInt32(attrib.pValue, (int)KeyType.GENERIC_SECRET);
}
break;
case CryptokiAttribType.ValueBits:
if (key is DSACryptoServiceProvider)
{
Marshal.WriteInt32(attrib.pValue, ((DSACryptoServiceProvider)key).KeySize);
}
else if (key is RSACryptoServiceProvider)
{
Marshal.WriteInt32(attrib.pValue, ((RSACryptoServiceProvider)key).KeySize);
}
else if (key is ECDsaCng)
{
Marshal.WriteInt32(attrib.pValue, ((ECDsaCng)key).KeySize);
}
else if (key is ECDiffieHellman)
{
Marshal.WriteInt32(attrib.pValue, ((ECDiffieHellman)key).KeySize);
}
else if (key is AesCryptoServiceProvider)
{
Marshal.WriteInt32(attrib.pValue, ((AesCryptoServiceProvider)key).KeySize);
}
else if (key is TripleDESCryptoServiceProvider)
{
Marshal.WriteInt32(attrib.pValue, ((TripleDESCryptoServiceProvider)key).KeySize);
}
else if (key is KeyManagementDriver.SecretKey)
{
Marshal.WriteInt32(attrib.pValue, ((KeyManagementDriver.SecretKey)key).Size);
}
break;
case CryptokiAttribType.Value:
if (key is AesCryptoServiceProvider)
{
AesCryptoServiceProvider aes = (AesCryptoServiceProvider)key;
valueLen = Math.Min((int)attrib.ulValueLen, aes.Key.Length);
Marshal.Copy(aes.Key, 0, attrib.pValue, valueLen);
}
else if (key is KeyManagementDriver.SecretKey)
{
KeyManagementDriver.SecretKey sk = (KeyManagementDriver.SecretKey)key;
valueLen = Math.Min((int)attrib.ulValueLen, sk.Data.Length);
Marshal.Copy(sk.Data, 0, attrib.pValue, valueLen);
}
else if (key is ECDiffieHellman)
{
ECDiffieHellman ecdh = (ECDiffieHellman)key;
byte[] pubKey = ecdh.PublicKey.ToByteArray();
valueLen = Math.Min((int)attrib.ulValueLen, pubKey.Length);
Marshal.Copy(pubKey, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Modulus:
if (key is RSACryptoServiceProvider)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key;
if (rsaParms.Modulus == null)
{
rsaParms = rsa.ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.Modulus.Length);
Marshal.Copy(rsaParms.Modulus, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Prime1:
if (key is RSACryptoServiceProvider)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key;
if (rsaParms.Modulus == null)
{
rsaParms = rsa.ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.P.Length);
Marshal.Copy(rsaParms.P, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Prime2:
if (key is RSACryptoServiceProvider)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key;
if (rsaParms.Modulus == null)
{
rsaParms = rsa.ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.Q.Length);
Marshal.Copy(rsaParms.Q, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Exponent1:
if (key is RSACryptoServiceProvider)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key;
if (rsaParms.Modulus == null)
{
rsaParms = rsa.ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.DP.Length);
Marshal.Copy(rsaParms.DP, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Exponent2:
if (key is RSACryptoServiceProvider)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key;
if (rsaParms.Modulus == null)
{
rsaParms = rsa.ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.DQ.Length);
Marshal.Copy(rsaParms.DQ, 0, attrib.pValue, valueLen);
}
break;
case CryptokiAttribType.Coefficent:
if (key is RSACryptoServiceProvider)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key;
if (rsaParms.Modulus == null)
{
rsaParms = rsa.ExportParameters(true);
}
valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.InverseQ.Length);
Marshal.Copy(rsaParms.InverseQ, 0, attrib.pValue, valueLen);
}
break;
}
}
pTemplate += Marshal.SizeOf(attrib);
}
}
catch
{
return(false);
}
return(true);
}
public MFTestResults HmacTest_Compare()
{
bool testResult = false;
if (!m_isEmulator)
{
return(MFTestResults.Skip);
}
try
{
CryptokiAttribute[] secretKey = new CryptokiAttribute[]
{
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class, new byte[] { 4, 0, 0, 0 }),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType, new byte[] { 0x10, 0, 0, 0 }),
new CryptokiAttribute(CryptokiAttribute.CryptokiType.Value, new byte[20])
};
Mechanism mech = new Mechanism(MechanismType.SHA_1_HMAC);
using (Session openSession = new Session("", mech.Type))
{
using (RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(openSession))
{
rng.GetBytes(secretKey[2].Value);
}
using (CryptoKey keyOpen = CryptoKey.LoadKey(openSession, secretKey))
{
string dataToSign = "This is a simple message to be encrypted";
byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign);
using (KeyedHashAlgorithm hmacOpenSSL = new KeyedHashAlgorithm(KeyedHashAlgorithmType.HMACSHA1, keyOpen))
{
byte[] hmac1 = hmacOpenSSL.ComputeHash(data);
using (Session emuSession = new Session("Emulator_Crypto", mech.Type))
{
using (CryptoKey keyEmu = CryptoKey.LoadKey(emuSession, secretKey))
{
using (KeyedHashAlgorithm hmacEmu = new KeyedHashAlgorithm(KeyedHashAlgorithmType.HMACSHA1, keyEmu))
{
byte[] hmac2 = hmacEmu.ComputeHash(data);
testResult = true;
for (int i = 0; i < hmac1.Length; i++)
{
if (hmac1[i] != hmac2[i])
{
testResult = false;
break;
}
}
}
}
}
}
}
}
}
catch (Exception ex)
{
Log.Exception("Unexpected Exception", ex);
}
return(testResult ? MFTestResults.Pass : MFTestResults.Fail);
}
public bool SetAttributeValue(int session, int hObject, IntPtr pTemplate, int ulCount)
{
try
{
SessionData ctx = ((SessionDriver)this.Hal.Session).GetSessionCtx(session);
CryptokiObject obj = ctx.ObjectCtx.GetObject(hObject);
if (obj == null)
{
return(false);
}
if (obj.Type == CryptokiObjectType.Cert)
{
X509Certificate2 cert = obj.Data as X509Certificate2;
bool fSave = false;
bool fDelete = false;
string group = "", fileName = "";
uint len = 0;
byte[] data;
for (int i = 0; i < (int)ulCount; i++)
{
CryptokiAttribute attrib = new CryptokiAttribute();
Marshal.PtrToStructure(pTemplate, attrib);
switch ((CryptokiAttribType)attrib.type)
{
case CryptokiAttribType.Persist:
fSave = Marshal.ReadInt32(attrib.pValue) == 1;
fDelete = !fSave;
break;
case CryptokiAttribType.Label:
len = attrib.ulValueLen;
data = new byte[len];
Marshal.Copy(attrib.pValue, data, 0, (int)len);
group = UTF8Encoding.UTF8.GetString(data);
break;
case CryptokiAttribType.ObjectID:
len = attrib.ulValueLen;
data = new byte[len];
Marshal.Copy(attrib.pValue, data, 0, (int)len);
fileName = UTF8Encoding.UTF8.GetString(data);
break;
default:
return(false);
}
pTemplate += Marshal.SizeOf(attrib);
}
if (fDelete)
{
ctx.ObjectCtx.DestroyObject(hObject);
}
else if (fSave)
{
// TODO: Store in persistant storage for emulator
obj.Properties["FileName"] = fileName;
obj.Properties["Group"] = group;
}
else
{
return(false);
}
}
return(true);
}
catch
{
return(false);
}
}
public bool CreateObject(int session, IntPtr pTemplate, int ulCount, out int phObject)
{
phObject = -1;
if (ulCount == 0)
{
return(false);
}
try
{
SessionData ctx = ((SessionDriver)this.Hal.Session).GetSessionCtx(session);
CryptokiAttribute attrib = new CryptokiAttribute();
Marshal.PtrToStructure(pTemplate, attrib);
if ((CryptokiAttribType)attrib.type == CryptokiAttribType.Class)
{
CryptokiClass type = (CryptokiClass)Marshal.ReadInt32(attrib.pValue);
if (type == CryptokiClass.CERTIFICATE)
{
string password = "";
while (0 < --ulCount)
{
pTemplate += Marshal.SizeOf(attrib);
Marshal.PtrToStructure(pTemplate, attrib);
switch ((CryptokiAttribType)attrib.type)
{
case CryptokiAttribType.Password:
{
byte[] data = new byte[attrib.ulValueLen];
Marshal.Copy(attrib.pValue, data, 0, data.Length);
password = UTF8Encoding.UTF8.GetString(data);
}
break;
case CryptokiAttribType.Value:
{
byte[] data = new byte[attrib.ulValueLen];
Marshal.Copy(attrib.pValue, data, 0, data.Length);
X509Certificate2 x509 = new X509Certificate2(data, password);
phObject = ctx.ObjectCtx.AddObject(CryptokiObjectType.Cert, x509);
return(true);
}
default:
break;
}
}
}
}
}
catch
{
}
return(false);
}
MFTestResults Test_ImportKey(Session session)
{
bool testResult = false;
try
{
using (CryptoKey pubkey = CryptoKey.LoadKey(session, m_publicDsaKey))
{
// replace publickey with private
CryptokiAttribute[] privateKey = new CryptokiAttribute[m_publicDsaKey.Length];
for (int x = 0; x < m_publicDsaKey.Length; x++)
{
privateKey[x] = new CryptokiAttribute(m_publicDsaKey[x].Type, new byte[m_publicDsaKey[x].Value.Length]);
Array.Copy(m_publicDsaKey[x].Value, privateKey[x].Value, m_publicDsaKey[x].Value.Length);
}
privateKey[0].Value = Utility.ConvertToBytes((int)CryptokiClass.PRIVATE_KEY);
privateKey[5].Value = new byte[]
{
0x45, 0xB3, 0x34, 0x77, 0x54, 0x3E, 0x7E, 0xBC, 0x82, 0xA8, 0x4E, 0x8E, 0x91, 0x55, 0x86, 0xC1,
0xDA, 0x22, 0xDE, 0x09,
};
using (CryptoKey privkey = CryptoKey.LoadKey(session, privateKey))
{
string dataToSign = "This is a simple message to be encrypted";
byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign);
using (DSACryptoServiceProvider dsaEncr = new DSACryptoServiceProvider(privkey))
using (DSACryptoServiceProvider dsaDecr = new DSACryptoServiceProvider(pubkey))
{
byte[] signature = dsaEncr.SignData(data);
testResult = dsaDecr.VerifyData(data, signature);
}
}
using (CryptoKey privkey = CryptoKey.LoadKey(session, m_privateDsaKey))
{
string dataToSign = "This is a simple message to be encrypted";
byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign);
using (DSACryptoServiceProvider dsaEncr = new DSACryptoServiceProvider(privkey))
using (DSACryptoServiceProvider dsaDecr = new DSACryptoServiceProvider(privkey))
{
byte[] signature = dsaEncr.SignData(data);
testResult &= dsaDecr.VerifyData(data, signature);
}
}
}
}
catch (Exception ex)
{
Log.Exception("Unexpected Exception", ex);
testResult = false;
}
return(testResult ? MFTestResults.Pass : MFTestResults.Fail);
}
public bool FindObjectsInit(int session, IntPtr pTemplate, int ulCount)
{
try
{
SessionData ctx = ((SessionDriver)this.Hal.Session).GetSessionCtx(session);
if (ctx.FindObjCtx != null)
{
return(false);
}
ctx.FindObjCtx = new FindObjectsContext();
string fileName = "";
string group = "";
CryptokiObjectType type = CryptokiObjectType.Data;
byte[] data;
while (ulCount-- > 0)
{
CryptokiAttribute attrib = new CryptokiAttribute();
Marshal.PtrToStructure(pTemplate, attrib);
switch ((CryptokiAttribType)attrib.type)
{
case CryptokiAttribType.Class:
switch ((CryptokiClass)Marshal.ReadInt32(attrib.pValue))
{
case CryptokiClass.CERTIFICATE:
type = CryptokiObjectType.Cert;
break;
case CryptokiClass.OTP_KEY:
type = CryptokiObjectType.Key;
break;
}
break;
case CryptokiAttribType.ObjectID:
data = new byte[attrib.ulValueLen];
Marshal.Copy(attrib.pValue, data, 0, data.Length);
fileName = UTF8Encoding.UTF8.GetString(data);
break;
case CryptokiAttribType.Label:
data = new byte[attrib.ulValueLen];
Marshal.Copy(attrib.pValue, data, 0, data.Length);
group = UTF8Encoding.UTF8.GetString(data);
break;
}
pTemplate += Marshal.SizeOf(attrib);
}
ctx.FindObjCtx.FileName = fileName;
ctx.FindObjCtx.Group = group;
ctx.FindObjCtx.Type = type;
return(true);
}
catch
{
return(false);
}
}
