public void CreateRandomKeyTest()
{
TestRuntime.AssertXcodeVersion(8, 0);
var keyGenerationParameters = new SecKeyGenerationParameters();
keyGenerationParameters.KeyType = SecKeyType.EC;
keyGenerationParameters.KeySizeInBits = 256;
keyGenerationParameters.IsPermanent = false;
var privateKeyAttributes = new SecKeyParameters();
privateKeyAttributes.AccessControl = new SecAccessControl(SecAccessible.WhenUnlockedThisDeviceOnly, SecAccessControlCreateFlags.PrivateKeyUsage | SecAccessControlCreateFlags.UserPresence);
privateKeyAttributes.Label = $"{CFBundle.GetMain ().Identifier}-{GetType ().FullName}-{Process.GetCurrentProcess ().Id}";
keyGenerationParameters.PrivateKeyAttrs = privateKeyAttributes;
NSError error;
var privateKey = SecKey.CreateRandomKey(keyGenerationParameters, out error);
var publicKey = privateKey.GetPublicKey();
Assert.That(error, Is.EqualTo(null), "CreateRandomKey - no error");
Assert.That(privateKey, Is.Not.EqualTo(null), "CreateRandomKey - private key is not null");
Assert.That(publicKey, Is.Not.EqualTo(null), "CreateRandomKey - public key is not null");
Assert.Throws <ArgumentNullException> (() => { SecKey.CreateRandomKey((SecKeyGenerationParameters)null, out _); }, "CreateRandomKey - null argument");
Assert.Throws <ArgumentException> (() => { SecKey.CreateRandomKey(new SecKeyGenerationParameters(), out _); }, "CreateRandomKey - invalid 'SecKeyType', empty 'SecKeyGenerationParameters'");
}
public bool CreateKeyPair()
{
Delete();
var keyParams = CreateRsaParams();
SecKey.CreateRandomKey(keyParams, out var keyCreationError);
if (keyCreationError != null)
{
Debug.WriteLine($"{keyCreationError.LocalizedFailureReason}\n{keyCreationError.LocalizedDescription}");
}
return(keyCreationError == null);
}
public void RSA()
{
TestRuntime.AssertXcodeVersion(8, 0);
NSError error;
#if MONOMAC
using (var key = SecKey.CreateRandomKey(SecKeyType.RSA, 1024, null, out error)) {
#else
using (var key = SecKey.CreateRandomKey(SecKeyType.RSA, 512, null, out error)) {
#endif
Assert.Null(error, "RSA/error");
using (var data = NSData.FromArray(new byte [] { 1, 2, 3 })) {
using (var sig = key.CreateSignature(SecKeyAlgorithm.RsaSignatureRaw, data, out error)) {
Assert.Null(error, "Sign/error");
using (var pub = key.GetPublicKey()) {
var result = pub.VerifySignature(SecKeyAlgorithm.RsaSignatureRaw, data, sig, out error);
Assert.Null(error, "Verify/no-error");
Assert.True(result, "Verify/true");
result = pub.VerifySignature(SecKeyAlgorithm.RsaSignatureRaw, data, data, out error);
Assert.NotNull(error, "Verify/error");
Assert.False(result, "Verify/false");
using (var cipher = pub.CreateEncryptedData(SecKeyAlgorithm.RsaEncryptionPkcs1, data, out error)) {
Assert.Null(error, "Encrypt/error");
using (var plain = key.CreateDecryptedData(SecKeyAlgorithm.RsaEncryptionPkcs1, cipher, out error)) {
Assert.Null(error, "Decrypt/error");
Assert.That(data.ToArray(), Is.EqualTo(plain.ToArray()), "roundtrip");
}
Assert.Null(key.CreateDecryptedData(SecKeyAlgorithm.RsaEncryptionPkcs1, data, out error), "bad data");
Assert.NotNull(error, "bad decrypt");
}
}
}
using (var sig = key.CreateSignature(SecKeyAlgorithm.EcdsaSignatureRfc4754, data, out error)) {
Assert.NotNull(error, "wrong key type");
}
}
}
}
public void ECSecPrimeRandom()
{
TestRuntime.AssertXcodeVersion(8, 0);
NSError error;
using (var key = SecKey.CreateRandomKey(SecKeyType.ECSecPrimeRandom, 384, null, out error)) {
Assert.Null(error, "ECSecPrimeRandom/error");
SecKeyKeyExchangeParameter p = new SecKeyKeyExchangeParameter()
{
RequestedSize = 16,
SharedInfo = NSData.FromArray(new byte [] { 4, 5, 6 })
};
using (var pub = key.GetPublicKey())
using (var ex = key.GetKeyExchangeResult(SecKeyAlgorithm.EcdhKeyExchangeStandardX963Sha512, pub, p.Dictionary, out error)) {
Assert.Null(error, "GetKeyExchangeResult/error");
Assert.That(ex.Length, Is.EqualTo(p.RequestedSize), "GetKeyExchangeResult/result");
}
}
}
private SecKey GetDataEncryptionKey()
{
var query = new SecRecord(SecKind.Key)
{
ApplicationTag = APPLICATION_TAG,
};
var keys = SecKeyChain.QueryAsReference(query, 2, out var code);
if (code == SecStatusCode.Success)
{
return(keys[0] as SecKey);
}
SecKeyChain.Remove(query);
var key = SecKey.CreateRandomKey(SecKeyType.RSA, 2048, null, out var e);
if (e != null)
{
return(null);
}
var rec = new SecRecord(key)
{
ApplicationTag = APPLICATION_TAG,
KeyType = SecKeyType.RSA,
KeyClass = SecKeyClass.Private,
Accessible = SecAccessible.AfterFirstUnlock
};
var r = SecKeyChain.Add(rec);
if (r != SecStatusCode.Success)
{
System.Diagnostics.Debug.WriteLine($"CryptoImpl.cs: Could not add a new key pair to KeyChain. status = \"{r}\"\n"
+ " Please make sure \"Entitlements.plist\" is set for custom entitlements in project property page.");
return(null);
}
System.Diagnostics.Debug.WriteLine("CryptoImpl.cs: A new key encryption key pair was generated.");
return(key);
}