internal bool Login(int in_SlotIndex, string in_PIN) { bool result = false; try { if (m_Module == null) { m_Module = Module.GetInstance(m_FileName); } if (m_Slots == null) { // GetSlotList. m_Slots = m_Module.GetSlotList(true); } if (m_Slots.Length > in_SlotIndex) { Slot slot = m_Slots[in_SlotIndex]; Session session = slot.Token.OpenSession(false); m_CurrentIndex = in_SlotIndex; session.Login(UserType.USER, in_PIN); try { ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); //ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); //keyLabelAttribute.Value = System.Text.Encoding.UTF8.GetBytes(m_SignLabel); session.FindObjectsInit(new P11Attribute[] { classAttribute // keyLabelAttribute } ); P11Object[] certificates = session.FindObjects(2) as P11Object[]; if (certificates.Length == 2) { SetAutenticacionLabel(new string(((X509PublicKeyCertificate)certificates[0]).Label.Value)); SetSignatureLabel(new string(((X509PublicKeyCertificate)certificates[1]).Label.Value)); } session.FindObjectsFinal(); /////////////////// result = true; } finally { // Log out. session.Logout(); } } } catch (Exception e) { Console.WriteLine(e.ToString()); } return(result); }
internal bool Firmar(int in_SlotIndex, string in_PIN, byte[] in_Data, out byte[] out_encryptedData) { bool result = false; out_encryptedData = null; try { if (m_Module == null) { m_Module = Module.GetInstance(m_FileName); } if (m_Slots == null) { // GetSlotList. m_Slots = m_Module.GetSlotList(true); } if (m_Slots.Length > in_SlotIndex) { Slot slot = m_Slots[in_SlotIndex]; Session session = slot.Token.OpenSession(false); m_CurrentIndex = in_SlotIndex; session.Login(UserType.USER, in_PIN); try { ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.PRIVATE_KEY); ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); keyLabelAttribute.Value = System.Text.Encoding.UTF8.GetBytes(m_SignLabel); session.FindObjectsInit(new P11Attribute[] { classAttribute, keyLabelAttribute } ); P11Object[] privatekeys = session.FindObjects(1) as P11Object[]; session.FindObjectsFinal(); if (privatekeys.Length >= 1) { session.SignInit(new Mechanism(CKM.SHA1_RSA_PKCS), (PrivateKey)privatekeys[0]); out_encryptedData = session.Sign(in_Data); } result = true; } finally { // Log out. session.Logout(); } } } catch (Exception e) { Console.WriteLine(e.ToString()); } return(result); }
// Sign data with a named private key // param name="data": Data to be signed // param name="privatekeylabel": Label for private key. (Can be "Signature" or "Authentication") // returns Signed data public byte[] DoSign(byte[] data, string privatekeylabel) { byte[] encryptedData = null; Session session = null; if (m == null) { m = Module.GetInstance(moduleFileName); } try { // Get the first slot (cardreader) with a token (eid) Slot slot = m.GetSlotList(true)[0]; session = slot.Token.OpenSession(true); ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.PRIVATE_KEY); ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); keyLabelAttribute.Value = Encoding.UTF8.GetBytes(privatekeylabel); session.FindObjectsInit(new P11Attribute[] { classAttribute, keyLabelAttribute } ); P11Object[] privatekeys = session.FindObjects(1); session.FindObjectsFinal(); if (privatekeys.Length >= 1) { session.SignInit(new Mechanism(CKM.SHA1_RSA_PKCS), (PrivateKey)privatekeys[0]); encryptedData = session.Sign(data); } } catch (TokenException) { if (session == null) { throw new EIDNotFoundException(); } else if (encryptedData == null) { throw new SignatureCanceledException(); } } finally { m.Dispose(); m = null; } return(encryptedData); }
// returns Root Certificate on the eid. private byte[] GetCertificateFile(string certificateName) { byte[] value = null; if (m == null) { m = Module.GetInstance(moduleFileName); } try { // Get the first slot (cardreader) with a token Slot[] slotlist = m.GetSlotList(true); if (slotlist.Length > 0) { Slot slot = slotlist[0]; Session session = slot.Token.OpenSession(true); // Search for objects // First, define a search template // "The label attribute of the objects should equal ..." ByteArrayAttribute fileLabel = new ByteArrayAttribute(CKA.LABEL); ObjectClassAttribute certificateAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); fileLabel.Value = Encoding.UTF8.GetBytes(certificateName); session.FindObjectsInit(new P11Attribute[] { certificateAttribute, fileLabel }); P11Object[] foundObjects = session.FindObjects(1); if (foundObjects.Length != 0) { X509PublicKeyCertificate cert = foundObjects[0] as X509PublicKeyCertificate; value = cert.Value.Value; } session.FindObjectsFinal(); } else { throw new EIDNotFoundException(); } } finally { m.Dispose(); m = null; } return(value); }
/// <summary> /// Sign data with a named private key /// </summary> /// <param name="data">Data to be signed</param> /// <param name="privatekeylabel">Label for private key. Can be "Signature" or "Authentication"</param> /// <returns>Signed data.</returns> public byte[] DoSign(byte[] data, string privatekeylabel) { if (m == null) { // link with the pkcs11 DLL m = Module.GetInstance(mFileName); } //m.Initialize(); byte[] encryptedData = null; try { Slot slot = m.GetSlotList(true)[0]; Session session = slot.Token.OpenSession(true); ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.PRIVATE_KEY); ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); keyLabelAttribute.Value = System.Text.Encoding.UTF8.GetBytes(privatekeylabel); session.FindObjectsInit(new P11Attribute[] { classAttribute, keyLabelAttribute } ); P11Object[] privatekeys = session.FindObjects(1) as P11Object[]; session.FindObjectsFinal(); if (privatekeys.Length >= 1) { if (privatekeys[0] != null) { PrivateKey key = (PrivateKey)privatekeys[0]; if (key.KeyType.KeyType == CKK.EC) { SHA384 sha = new SHA384CryptoServiceProvider(); byte[] HashValue = sha.ComputeHash(data); session.SignInit(new Mechanism(CKM.ECDSA), (PrivateKey)privatekeys[0]); encryptedData = session.Sign(HashValue); } else if (key.KeyType.KeyType == CKK.RSA) { session.SignInit(new Mechanism(CKM.SHA1_RSA_PKCS), (PrivateKey)privatekeys[0]); encryptedData = session.Sign(data); } } } } finally { m.Dispose(); m = null; } return(encryptedData); }
/// <summary> /// Return raw byte data from objects of object class Public Key /// </summary> /// <param name="PubKeyName">Label value of the key object</param> /// <returns>ECPublicKey object of the public key found</returns> public ECPublicKey GetPublicKey(String PubKeyName) { ECPublicKey eCPublicKey = null; // pkcs11 module init if (m == null) { m = Module.GetInstance(mFileName); } try { // Get the first slot (cardreader) with a token Slot[] slotlist = m.GetSlotList(true); if (slotlist.Length > 0) { Slot slot = slotlist[0]; Session session = slot.Token.OpenSession(true); // Search for objects // First, define a search template // The label attribute of the objects should equal PubKeyName ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.PUBLIC_KEY); ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); keyLabelAttribute.Value = System.Text.Encoding.UTF8.GetBytes(PubKeyName); session.FindObjectsInit(new P11Attribute[] { classAttribute, keyLabelAttribute }); //P11Object[] pubkeys = session.FindObjects(1) as P11Object[]; P11Object[] pubkeys = session.FindObjects(1); session.FindObjectsFinal(); if ((pubkeys.Length == 0) || (pubkeys[0] == null)) { Console.WriteLine("Public Key Object not found"); return(eCPublicKey); } eCPublicKey = (ECPublicKey)pubkeys[0]; // session.FindObjectsFinal(); } else { Console.WriteLine("No card found\n"); } } finally { // pkcs11 finalize m.Dispose();//m.Finalize_(); m = null; } return(eCPublicKey); }
/// <summary> /// Return raw byte data from objects of object class Certificate /// </summary> /// <param name="Certificatename">Label value of the certificate object</param> /// <returns>byte array with certificate file</returns> private byte[] GetCertificateFile(String Certificatename) { // returns Root Certificate on the eid. byte[] value = null; // pkcs11 module init if (m == null) { m = Module.GetInstance(mFileName); } //m.Initialize(); try { // Get the first slot (cardreader) with a token Slot[] slotlist = m.GetSlotList(true); if (slotlist.Length > 0) { Slot slot = slotlist[0]; Session session = slot.Token.OpenSession(true); // Search for objects // First, define a search template // "The label attribute of the objects should equal ..." ByteArrayAttribute fileLabel = new ByteArrayAttribute(CKA.LABEL); ObjectClassAttribute certificateAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); fileLabel.Value = System.Text.Encoding.UTF8.GetBytes(Certificatename); session.FindObjectsInit(new P11Attribute[] { certificateAttribute, fileLabel }); P11Object[] foundObjects = session.FindObjects(1); if (foundObjects.Length != 0) { X509PublicKeyCertificate cert = foundObjects[0] as X509PublicKeyCertificate; value = cert.Value.Value; } session.FindObjectsFinal(); } else { Console.WriteLine("No card found\n"); } } finally { // pkcs11 finalize m.Dispose();//m.Finalize_(); m = null; } return(value); }
/// <summary> /// Returns a list of PKCS11 labels of the certificate on the card /// </summary> /// <returns>List of labels of certificate objects</returns> public List <string> GetCertificateLabels() { // pkcs11 module init if (m == null) { m = Module.GetInstance(mFileName); } //m.Initialize(); List <string> labels = new List <string>(); try { // Get the first slot (cardreader) with a token Slot[] slotlist = m.GetSlotList(true); if (slotlist.Length > 0) { Slot slot = slotlist[0]; Session session = slot.Token.OpenSession(true); // Search for objects // First, define a search template // "The object class of the objects should be "certificate"" ObjectClassAttribute certificateAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); session.FindObjectsInit(new P11Attribute[] { certificateAttribute } ); P11Object[] certificates = session.FindObjects(100) as P11Object[]; foreach (P11Object certificate in certificates) { labels.Add(new string(((X509PublicKeyCertificate)certificate).Label.Value)); } session.FindObjectsFinal(); } else { Console.WriteLine("No card found\n"); } } finally { // pkcs11 finalize m.Dispose();//m.Finalize_(); m = null; } return(labels); }
/// <summary> /// Challenge an applet 1.8 card /// </summary> /// <param name="data">Data to be signed</param> /// <returns>Signed challenge data.</returns> public byte[] DoChallenge(byte[] data) { if (m == null) { // link with the pkcs11 DLL m = Module.GetInstance(mFileName); } byte[] encryptedData = null; try { Slot slot = m.GetSlotList(true)[0]; if (slot == null) { Console.WriteLine("No card reader found"); } if (slot.Token == null) { Console.WriteLine("No card Found"); } Session session = slot.Token.OpenSession(true); ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.PRIVATE_KEY); ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); keyLabelAttribute.Value = System.Text.Encoding.UTF8.GetBytes("Card"); session.FindObjectsInit(new P11Attribute[] { classAttribute, keyLabelAttribute } ); P11Object[] privatekeys = session.FindObjects(1) as P11Object[]; session.FindObjectsFinal(); if (privatekeys.Length >= 1) { SHA384 sha = new SHA384CryptoServiceProvider(); byte[] HashValue = sha.ComputeHash(data); session.SignInit(new Mechanism(CKM.ECDSA), (PrivateKey)privatekeys[0]); encryptedData = session.Sign(HashValue); } } finally { m.Dispose(); m = null; } return(encryptedData); }
/// <summary> /// Sign data with a named private key /// </summary> /// <param name="data">Data to be signed</param> /// <param name="privatekeylabel">Label for private key. Can be "Signature" or "Authentication"</param> /// <returns>Signed data.</returns> public byte[] DoSign(byte[] data, string privatekeylabel) { if (m == null) { // link with the pkcs11 DLL m = Module.GetInstance(mFileName); } //m.Initialize(); byte[] encryptedData = null; try { Slot slot = m.GetSlotList(true)[0]; Session session = slot.Token.OpenSession(true); ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.PRIVATE_KEY); ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); keyLabelAttribute.Value = System.Text.Encoding.UTF8.GetBytes(privatekeylabel); session.FindObjectsInit(new P11Attribute[] { classAttribute, keyLabelAttribute } ); P11Object[] privatekeys = session.FindObjects(1) as P11Object[]; session.FindObjectsFinal(); if (privatekeys.Length >= 1) { session.SignInit(new Mechanism(CKM.SHA1_RSA_PKCS), (PrivateKey)privatekeys[0]); encryptedData = session.Sign(data); } } finally { m.Dispose(); } return encryptedData; }
internal bool Autenticar(int in_SlotIndex, string in_PIN, out string out_Error) { bool result = false; out_Error = "OK"; try { if (m_Module == null) { m_Module = Module.GetInstance(m_FileName); } if (m_Slots == null) { // GetSlotList. m_Slots = m_Module.GetSlotList(true); } if (m_Slots.Length > in_SlotIndex) { Slot slot = m_Slots[in_SlotIndex]; Session session = slot.Token.OpenSession(false); m_CurrentIndex = in_SlotIndex; session.Login(UserType.USER, in_PIN); try { ObjectClassAttribute certificateAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); ByteArrayAttribute fileLabel = new ByteArrayAttribute(CKA.LABEL); fileLabel.Value = System.Text.Encoding.UTF8.GetBytes(m_AutenticacionLabel); session.FindObjectsInit(new P11Attribute[] { certificateAttribute, fileLabel } ); P11Object[] foundObjects = session.FindObjects(1) as P11Object[]; if (foundObjects.Length == 1) { X509PublicKeyCertificate cert = foundObjects[0] as X509PublicKeyCertificate; OcspClient oscpClient = new OcspClient(cert.Value.Encode()); if (oscpClient.PublicKeyCertificate.IsValidNow) { CertificateStatus status = oscpClient.ConsultarEstadoDeCertificado(oscpClient.PublicKeyCertificate, oscpClient.LeerCertificado(m_IssuerCertificate)); if (status == CertificateStatus.Good) { result = true; } else if (status == CertificateStatus.Revoked) { out_Error = "Certificado Revocado"; } else { out_Error = "Certificado Desconocido"; } } else { out_Error = "Certificado Expirado"; } } else { out_Error = "No se encontraron objetos en la tarjeta."; } session.FindObjectsFinal(); } catch (System.Net.WebException wex) { Console.WriteLine(wex.ToString()); out_Error = wex.Message; } catch (Exception e) { Console.WriteLine(e.ToString()); out_Error = e.Message; } finally { // Log out. session.Logout(); } } } catch (Exception e) { Console.WriteLine(e.ToString()); } return(result); }
internal bool Firmar(int in_SlotIndex, string in_PIN, byte[] in_Data, out byte[] out_encryptedData) { bool result = false; out_encryptedData = null; try { if (m_Module == null) { m_Module = Module.GetInstance(m_FileName); } if (m_Slots == null) { // GetSlotList. m_Slots = m_Module.GetSlotList(true); } if (m_Slots.Length > in_SlotIndex) { Slot slot = m_Slots[in_SlotIndex]; Session session = slot.Token.OpenSession(false); m_CurrentIndex = in_SlotIndex; session.Login(UserType.USER, in_PIN); try { ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.PRIVATE_KEY); ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); keyLabelAttribute.Value = System.Text.Encoding.UTF8.GetBytes(m_SignLabel); session.FindObjectsInit(new P11Attribute[] { classAttribute, keyLabelAttribute } ); P11Object[] privatekeys = session.FindObjects(1) as P11Object[]; session.FindObjectsFinal(); if (privatekeys.Length >= 1) { session.SignInit(new Mechanism(CKM.SHA1_RSA_PKCS), (PrivateKey)privatekeys[0]); out_encryptedData = session.Sign(in_Data); } result = true; } finally { // Log out. session.Logout(); } } } catch (Exception e) { Console.WriteLine(e.ToString()); } return result; }
/// <summary> /// Return raw byte data from objects of object class Certificate /// </summary> /// <param name="Certificatename">Label value of the certificate object</param> /// <returns>byte array with certificate file</returns> private byte[] GetCertificateFile(String Certificatename) { // returns Root Certificate on the eid. byte[] value = null; // pkcs11 module init if (m == null) { m = Module.GetInstance(mFileName); } //m.Initialize(); try { // Get the first slot (cardreader) with a token Slot[] slotlist = m.GetSlotList(true); if (slotlist.Length > 0) { Slot slot = slotlist[0]; Session session = slot.Token.OpenSession(true); // Search for objects // First, define a search template // "The label attribute of the objects should equal ..." ByteArrayAttribute fileLabel = new ByteArrayAttribute(CKA.LABEL); ObjectClassAttribute certificateAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); fileLabel.Value = System.Text.Encoding.UTF8.GetBytes(Certificatename); session.FindObjectsInit(new P11Attribute[] { certificateAttribute, fileLabel }); P11Object[] foundObjects = session.FindObjects(1); if (foundObjects.Length != 0) { X509PublicKeyCertificate cert = foundObjects[0] as X509PublicKeyCertificate; value = cert.Value.Value; } session.FindObjectsFinal(); } else { Console.WriteLine("No card found\n"); } } finally { // pkcs11 finalize m.Dispose();//m.Finalize_(); } return value; }
/// <summary> /// Returns a list of PKCS11 labels of the certificate on the card /// </summary> /// <returns>List of labels of certificate objects</returns> public List<string> GetCertificateLabels() { // pkcs11 module init if (m == null) { m = Module.GetInstance(mFileName); } //m.Initialize(); List<string> labels = new List<string>(); try { // Get the first slot (cardreader) with a token Slot[] slotlist = m.GetSlotList(true); if (slotlist.Length > 0) { Slot slot = slotlist[0]; Session session = slot.Token.OpenSession(true); // Search for objects // First, define a search template // "The object class of the objects should be "certificate"" ObjectClassAttribute certificateAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); session.FindObjectsInit(new P11Attribute[] { certificateAttribute } ); P11Object[] certificates = session.FindObjects(100) as P11Object[]; foreach (P11Object certificate in certificates) { labels.Add(new string(((X509PublicKeyCertificate)certificate).Label.Value)); } session.FindObjectsFinal(); } else { Console.WriteLine("No card found\n"); } } finally { // pkcs11 finalize m.Dispose();//m.Finalize_(); } return labels; }
internal bool Login(int in_SlotIndex, string in_PIN) { bool result = false; try { if (m_Module == null) { m_Module = Module.GetInstance(m_FileName); } if (m_Slots == null) { // GetSlotList. m_Slots = m_Module.GetSlotList(true); } if (m_Slots.Length > in_SlotIndex) { Slot slot = m_Slots[in_SlotIndex]; Session session = slot.Token.OpenSession(false); m_CurrentIndex = in_SlotIndex; session.Login(UserType.USER, in_PIN); try { ObjectClassAttribute classAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); //ByteArrayAttribute keyLabelAttribute = new ByteArrayAttribute(CKA.LABEL); //keyLabelAttribute.Value = System.Text.Encoding.UTF8.GetBytes(m_SignLabel); session.FindObjectsInit(new P11Attribute[] { classAttribute // keyLabelAttribute } ); P11Object[] certificates = session.FindObjects(2) as P11Object[]; if (certificates.Length == 2) { SetAutenticacionLabel(new string(((X509PublicKeyCertificate)certificates[0]).Label.Value)); SetSignatureLabel(new string(((X509PublicKeyCertificate)certificates[1]).Label.Value)); } session.FindObjectsFinal(); /////////////////// result = true; } finally { // Log out. session.Logout(); } } } catch (Exception e) { Console.WriteLine(e.ToString()); } return result; }
internal bool Autenticar(int in_SlotIndex, string in_PIN, out string out_Error) { bool result = false; out_Error = "OK"; try { if (m_Module == null) { m_Module = Module.GetInstance(m_FileName); } if (m_Slots == null) { // GetSlotList. m_Slots = m_Module.GetSlotList(true); } if (m_Slots.Length > in_SlotIndex) { Slot slot = m_Slots[in_SlotIndex]; Session session = slot.Token.OpenSession(false); m_CurrentIndex = in_SlotIndex; session.Login(UserType.USER, in_PIN); try { ObjectClassAttribute certificateAttribute = new ObjectClassAttribute(CKO.CERTIFICATE); ByteArrayAttribute fileLabel = new ByteArrayAttribute(CKA.LABEL); fileLabel.Value = System.Text.Encoding.UTF8.GetBytes(m_AutenticacionLabel); session.FindObjectsInit(new P11Attribute[] { certificateAttribute, fileLabel } ); P11Object[] foundObjects = session.FindObjects(1) as P11Object[]; if (foundObjects.Length == 1) { X509PublicKeyCertificate cert = foundObjects[0] as X509PublicKeyCertificate; OcspClient oscpClient = new OcspClient(cert.Value.Encode()); if (oscpClient.PublicKeyCertificate.IsValidNow) { CertificateStatus status = oscpClient.ConsultarEstadoDeCertificado(oscpClient.PublicKeyCertificate, oscpClient.LeerCertificado(m_IssuerCertificate)); if (status == CertificateStatus.Good) { result = true; } else if (status == CertificateStatus.Revoked) { out_Error = "Certificado Revocado"; } else { out_Error = "Certificado Desconocido"; } } else { out_Error = "Certificado Expirado"; } } else { out_Error = "No se encontraron objetos en la tarjeta."; } session.FindObjectsFinal(); } catch( System.Net.WebException wex) { Console.WriteLine(wex.ToString()); out_Error = wex.Message; } catch (Exception e) { Console.WriteLine(e.ToString()); out_Error = e.Message; } finally { // Log out. session.Logout(); } } } catch (Exception e) { Console.WriteLine(e.ToString()); } return result; }
protected TopObjectClass() { ObjectClass = new ObjectClassAttribute(); ObjectClass.Entries.Add("top"); }