/// <summary> /// Calls d2i_PKCS12_bio() and then PKCS12_parse() /// </summary> /// <param name="bio"></param> /// <param name="password"></param> public PKCS12(BIO bio, string password) : base(Native.ExpectNonNull(Native.d2i_PKCS12_bio(bio.Handle, IntPtr.Zero)), true) { IntPtr cert; IntPtr pkey; IntPtr cacerts; // Parse the PKCS12 object and get privatekey, cert, cacerts if available Native.ExpectSuccess(Native.PKCS12_parse(this.ptr, password, out pkey, out cert, out cacerts)); if (cert != IntPtr.Zero) { this.certificate = new X509Certificate(cert, true); if (pkey != IntPtr.Zero) { this.privateKey = new CryptoKey(pkey, true); // We have a private key, assign it to the cert this.certificate.PrivateKey = this.privateKey.CopyRef(); } } if (cacerts != IntPtr.Zero) { this.caCertificates = new Core.Stack<X509Certificate>(cacerts, true); } }
public static X509Chain LoadX509Chain(string resource) { using (var bio = new BIO(LoadBytes(resource))) { return new X509Chain(bio); } }
public static X509Certificate LoadPKCS12Certificate(string resource, string password) { using (var bio = new BIO(LoadBytes(resource))) { return X509Certificate.FromPKCS12(bio, password); } }
public void CanLoadFromPKCS7_DER() { using (BIO bio = new BIO(LoadBytes(Resources.CaChainP7c))) { using (X509Certificate cert = X509Certificate.FromPKCS7_DER(bio)) { TestCert(cert, "CN=Root", "CN=Root", 1234); } } }
public void CanLoadFromPKCS7_PEM() { using (BIO bio = new BIO(LoadString(Resources.CaChainP7cPem))) { using (X509Certificate cert = X509Certificate.FromPKCS7_PEM(bio)) { TestCert(cert, "CN=Root", "CN=Root", 1234); } } }
public void CanLoadFromPEM() { using (BIO bio = new BIO(LoadString(Resources.CaCrt))) { using (X509Certificate cert = new X509Certificate(bio)) { TestCert(cert, "CN=Root", "CN=Root", 1234); } } }
public void CanLoadFromDER() { using (var bio = new BIO(Util.LoadBytes(Resources.CaDer))) { using (var cert = X509Certificate.FromDER(bio)) { TestCert(cert, "CN=Root", "CN=Root", 1234); } } }
/// <summary> /// Prints the LongName of this cipher. /// </summary> /// <param name="bio"></param> public override void Print(BIO bio) { bio.Write(this.LongName); }
/// <summary> /// Calls PEM_write_bio_RSAPrivateKey() /// </summary> /// <param name="bio"></param> /// <param name="enc"></param> /// <param name="passwd"></param> /// <param name="arg"></param> public void WritePrivateKey(BIO bio, Cipher enc, PasswordHandler passwd, object arg) { PasswordThunk thunk = new PasswordThunk(passwd, arg); Native.ExpectSuccess(Native.PEM_write_bio_RSAPrivateKey( bio.Handle, this.ptr, enc == null ? IntPtr.Zero : enc.Handle, null, 0, thunk.Callback, IntPtr.Zero)); }
/// <summary> /// Calls PEM_read_bio_RSAPrivateKey() /// </summary> /// <param name="bio"></param> /// <param name="callback"></param> /// <param name="arg"></param> /// <returns></returns> public static RSA FromPrivateKey(BIO bio, PasswordHandler callback, object arg) { PasswordThunk thunk = new PasswordThunk(callback, arg); IntPtr ptr = Native.PEM_read_bio_RSAPrivateKey(bio.Handle, IntPtr.Zero, thunk.Callback, IntPtr.Zero); return new RSA(Native.ExpectNonNull(ptr), true); }
/// <summary> /// Returns PEM_read_bio_DSAPrivateKey() /// </summary> /// <param name="bio"></param> /// <returns></returns> public static DSA FromPrivateKey(BIO bio) { return new DSA(Native.ExpectNonNull(Native.PEM_read_bio_DSAPrivateKey(bio.Handle, IntPtr.Zero, null, IntPtr.Zero)), true); }
/// <summary> /// This method is used by the ToString() implementation. A great number of /// openssl objects support printing, so this is a convenience method. /// Derived types should override this method and not ToString(). /// </summary> /// <param name="bio">The BIO stream object to print into</param> public virtual void Print(BIO bio) { }
/// <summary> /// Prints MessageDigest /// </summary> /// <param name="bio"></param> public override void Print(BIO bio) { bio.Write("MessageDigest"); }
/// <summary> /// Calls EVP_SignFinal() /// </summary> /// <param name="md"></param> /// <param name="bio"></param> /// <param name="pkey"></param> /// <returns></returns> public static byte[] Sign(MessageDigest md, BIO bio, CryptoKey pkey) { BIO bmd = BIO.MessageDigest(md); bmd.Push(bio); while (true) { ArraySegment<byte> bytes = bmd.ReadBytes(1024 * 4); if (bytes.Count == 0) break; } MessageDigestContext ctx = new MessageDigestContext(bmd); byte[] sig = new byte[pkey.Size]; uint len = (uint)sig.Length; Native.ExpectSuccess(Native.EVP_SignFinal(ctx.Handle, sig, ref len, pkey.Handle)); byte[] ret = new byte[len]; Buffer.BlockCopy(sig, 0, ret, 0, (int)len); return ret; }
/// <summary> /// Calls BIO_get_md_ctx() then BIO_get_md() /// </summary> /// <param name="bio"></param> public MessageDigestContext(BIO bio) : base(Native.ExpectNonNull(Native.BIO_get_md_ctx(bio.Handle)), false) { this.md = new MessageDigest(Native.ExpectNonNull(Native.BIO_get_md(bio.Handle)), false); }
/// <summary> /// Calls BN_print() /// </summary> /// <param name="bio"></param> public override void Print(BIO bio) { Native.ExpectSuccess(Native.BN_print(bio.Handle, this.ptr)); }
/// <summary> /// Calls BIO_push() /// </summary> /// <param name="bio"></param> public void Push(BIO bio) { Native.ExpectNonNull(Native.BIO_push(ptr, bio.Handle)); }
/// <summary> /// Prints the long name /// </summary> /// <param name="bio"></param> public override void Print(BIO bio) { bio.Write("MessageDigestContext: " + this.md.LongName); }
public void CanLoadFromPCKS12() { using (BIO bio = new BIO(LoadBytes(Resources.ServerPfx))) { using (X509Certificate cert = X509Certificate.FromPKCS12(bio, password)) { TestCert(cert, "CN=localhost", "CN=Root", 1235); } } }
/// <summary> /// Calls EVP_VerifyFinal() /// </summary> /// <param name="md"></param> /// <param name="bio"></param> /// <param name="sig"></param> /// <param name="pkey"></param> /// <returns></returns> public static bool Verify(MessageDigest md, BIO bio, byte[] sig, CryptoKey pkey) { BIO bmd = BIO.MessageDigest(md); bmd.Push(bio); while (true) { ArraySegment<byte> bytes = bmd.ReadBytes(1024 * 4); if (bytes.Count == 0) break; } MessageDigestContext ctx = new MessageDigestContext(bmd); int ret = Native.ExpectSuccess(Native.EVP_VerifyFinal(ctx.Handle, sig, (uint)sig.Length, pkey.Handle)); return ret == 1; }
public void CanCreatePKCS12() { using (BIO bio = new BIO(LoadBytes(Resources.ServerPfx))) { using (var pfx = new PKCS12(bio, password)) { using (var new_pfx = new PKCS12(password, pfx.PrivateKey, pfx.Certificate, pfx.CACertificates)) { TestCert(new_pfx.Certificate, "CN=localhost", "CN=Root", 1235); } } } }
/// <summary>Create a DtlsFilter.</summary> /// <param name="key">A CryptoKey initialized by the OpenSSL.NET library.</param> /// <param name="cert">The path to the certificate to use.</param> /// <param name="ca_cert">The path to the ca certificate to use.</param> /// <param name="client">Use client initialization parameters.</param> public DtlsAssociation(ISender sender, CertificateHandler ch, PType ptype, Ssl ssl, bool client) : base(sender, ch) { _ip = new IdentifierPair(); PType = ptype; _ssl = ssl; _client = client; _ssl.SetReadAhead(1); // Buggy SSL versions have issue with compression and dtls _ssl.SetOptions((int) SslOptions.SSL_OP_NO_COMPRESSION); if(client) { _ssl.SetConnectState(); } else { _ssl.SetAcceptState(); } // The ssl object will take control _read = BIO.MemoryBuffer(false); _read.NonBlocking = true; _write = BIO.MemoryBuffer(false); _write.NonBlocking = true; _ssl.SetBIO(_read, _write); _ssl.DoHandshake(); _buffer = new byte[Int16.MaxValue]; _buffer_sync = new object(); _fe_lock = 0; }
/// <summary> /// Calls BIO_push() /// </summary> /// <param name="bio"></param> public void Push(BIO bio) { Native.ExpectNonNull(Native.BIO_push(this.ptr, bio.Handle)); }
/// <summary> /// Calls PEM_read_bio_PKCS7() /// </summary> /// <param name="bio"></param> /// <returns></returns> public static PKCS7 FromPEM(BIO bio) { return new PKCS7(Native.ExpectNonNull(Native.PEM_read_bio_PKCS7(bio.Handle, IntPtr.Zero, null, IntPtr.Zero))); }
/// <summary> /// Calls PEM_read_bio_RSAPrivateKey() /// </summary> /// <param name="bio"></param> /// <returns></returns> public static RSA FromPrivateKey(BIO bio) { return FromPrivateKey(bio, null, null); }
/// <summary> /// Calls d2i_PKCS7_bio() /// </summary> /// <param name="bio"></param> /// <returns></returns> public static PKCS7 FromDER(BIO bio) { return new PKCS7(Native.ExpectNonNull(Native.d2i_PKCS7_bio(bio.Handle, IntPtr.Zero))); }
/// <summary> /// Calls PEM_write_bio_RSA_PUBKEY() /// </summary> /// <param name="bio"></param> public void WritePublicKey(BIO bio) { Native.ExpectSuccess(Native.PEM_write_bio_RSA_PUBKEY(bio.Handle, this.ptr)); }
//public ArraySegment<byte> Digest(IntPtr type, byte[] digest) //{ // uint len = (uint)digest.Length; // Native.ExpectSuccess(Native.X509_REQ_digest(this.ptr, type, digest, ref len)); // return new ArraySegment<byte>(digest, 0, (int)len); //} /// <summary> /// Calls X509_REQ_print() /// </summary> /// <param name="bio"></param> public override void Print(BIO bio) { Native.ExpectSuccess(Native.X509_REQ_print(bio.Handle, this.ptr)); }
/// <summary> /// Calls RSA_print() /// </summary> /// <param name="bio"></param> public override void Print(BIO bio) { Native.ExpectSuccess(Native.RSA_print(bio.Handle, this.ptr, 0)); }
/// <summary> /// Calls PEM_write_bio_X509_REQ() /// </summary> /// <param name="bio"></param> public void Write(BIO bio) { Native.ExpectSuccess(Native.PEM_write_bio_X509_REQ(bio.Handle, this.ptr)); }
/// <summary> /// Returns the cipher's LongName /// </summary> /// <param name="bio"></param> public override void Print(BIO bio) { bio.Write("CipherContext: " + this.cipher.LongName); }
/// <summary> /// Calls PEM_read_bio_X509_REQ() /// </summary> /// <param name="bio"></param> public X509Request(BIO bio) : base(Native.ExpectNonNull(Native.PEM_read_bio_X509_REQ(bio.Handle, IntPtr.Zero, null, IntPtr.Zero)), true) { }