static void Main(string[] args)
{
//Fetch certificates in the currently connected card
List <X509Certificate2> cardCertificates = new List <X509Certificate2>();
try
{
cardCertificates.AddRange(BaseSmartCardCryptoProvider.GetCertificates());
}
catch (Win32Exception ex)
{
Console.WriteLine(ex.Message);
}
X509Certificate2 digitalSignatureCertificate = null;
//Get the certificate that has non repudiation key usage as it is the digital signature key for the Kuwaiti civil id
foreach (X509Certificate2 x509 in cardCertificates)
{
foreach (X509Extension extension in x509.Extensions)
{
//OID 2.5.29.15 is for key usage
if (extension.Oid.Value.Equals("2.5.29.15"))
{
X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
if (((ext.KeyUsages & X509KeyUsageFlags.NonRepudiation) | (ext.KeyUsages & X509KeyUsageFlags.DigitalSignature)) == (X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.DigitalSignature))
{
digitalSignatureCertificate = x509;
}
}
}
}
//See if digital signature certificate was found
if (digitalSignatureCertificate != null)
{
//Export the public key which will be used in validation
X509Certificate2 publicKeySigning = new X509Certificate2(digitalSignatureCertificate.Export(X509ContentType.Cert));
//Read the pin
Console.Write("Please enter your pin: ");
string pin = Console.ReadLine();
//Load XML document to be signed
string xmlData = File.ReadAllText(@"XMLDocuments\cd_catalog.xml");
//Sign the XML document
string signedXMLData = Crypto.SignXml(xmlData, digitalSignatureCertificate, true, pin);
//Output the signed XML to file
File.WriteAllText(@"XMLDocuments\cd_catalog_SIGNED.xml", signedXMLData);
//Read a signed XML document
signedXMLData = File.ReadAllText(@"XMLDocuments\cd_catalog_SIGNED.xml");
//Validate the signed XML document using the embedded key in it
Console.WriteLine("Verifying XML using internal signature STATUS = " + Crypto.VerifyXml(signedXMLData));
//Validate the signed XML document using external certificate
Console.WriteLine("Verifying XML using publicKey STATUS = " + Crypto.VerifyXml(signedXMLData, publicKeySigning));
}
Console.ReadKey();
}
private static void Main(string[] args)
{
Crypto crypto = new Crypto();
//Fetch certificates in the currently connected card
List <X509Certificate2> cardCertificates = BaseSmartCardCryptoProvider.GetCertificates();
X509Certificate2 digitalSignatureCertificate = null;
//Get the certificate that has non repudiation key usage as it is the digital signature key for the Kuwaiti civil id
foreach (X509Certificate2 x509 in cardCertificates)
{
foreach (X509Extension extension in x509.Extensions)
{
//OID 2.5.29.15 is for key usage
if (extension.Oid.Value.Equals("2.5.29.15"))
{
X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
if (((ext.KeyUsages & X509KeyUsageFlags.NonRepudiation) | (ext.KeyUsages & X509KeyUsageFlags.DigitalSignature)) == (X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.DigitalSignature))
{
digitalSignatureCertificate = x509;
}
}
}
}
//See if digital signature certificate was found
if (digitalSignatureCertificate != null)
{
//Export the public key which will be used in encrypting
X509Certificate2 publicKeyExchange = new X509Certificate2(digitalSignatureCertificate.Export(X509ContentType.Cert));
//Read the pin
Console.Write("Please enter your pin: ");
string pin = Console.ReadLine();
//This is the message that will be used in the encryption and decryption process
string message = "There is nothing that my blade cannot cut!";
//Encrypt the message as a Base64 encoded string
string encryptedMessage = Crypto.Encrypt
(
Encoding.UTF8.GetBytes(message), publicKeyExchange, RSAEncryptionPadding.OaepSHA1
);
//Decrypt the Base64 encoded encrypted message
string decryptedMessage = Encoding.UTF8.GetString
(
Crypto.Decrypt
(
encryptedMessage, digitalSignatureCertificate, RSAEncryptionPadding.OaepSHA1, pin
)
);
//Encrypt the message as raw data
byte[] encryptedMessage2 = Crypto.EncryptToByteArray
(
Encoding.UTF8.GetBytes(message), publicKeyExchange, RSAEncryptionPadding.OaepSHA1
);
//Decrypt the raw data
string decryptedMessage2 = Encoding.UTF8.GetString(Crypto.Decrypt
(
encryptedMessage2, digitalSignatureCertificate, RSAEncryptionPadding.OaepSHA1, pin
));
//Output the results
Console.WriteLine
(
"Message: " + message + "\n" +
"Encrypted: " + encryptedMessage + "\n" +
"Decrypted: " + decryptedMessage
);
Console.WriteLine("\n*********************************\n");
Console.WriteLine
(
"Message: " + message + "\n" +
"Encrypted: " + ToHex(encryptedMessage2) + "\n" +
"Decrypted: " + decryptedMessage2
);
}
Console.ReadKey();
}
static void Main(string[] args)
{
//Fetch certificates in the currently connected card
List <X509Certificate2> cardCertificates = BaseSmartCardCryptoProvider.GetCertificates();
X509Certificate2 digitalSignatureCertificate = null;
//Get the certificate that has non repudiation key usage as it is the digital signature key for the Kuwaiti civil id
foreach (X509Certificate2 x509 in cardCertificates)
{
foreach (X509Extension extension in x509.Extensions)
{
//OID 2.5.29.15 is for key usage
if (extension.Oid.Value.Equals("2.5.29.15"))
{
X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
if (((ext.KeyUsages & X509KeyUsageFlags.NonRepudiation) | (ext.KeyUsages & X509KeyUsageFlags.DigitalSignature)) == (X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.DigitalSignature))
{
digitalSignatureCertificate = x509;
}
}
}
}
//See if digital signature certificate was found
if (digitalSignatureCertificate != null)
{
//Export the public key which will be used in validation
X509Certificate2 publicKeySigning = new X509Certificate2(digitalSignatureCertificate.Export(X509ContentType.Cert));
//Create the message that will be signed
string message = "There is nothing that my blade cannot cut!";
//Read the pin
Console.Write("Please enter your pin: ");
string pin = Console.ReadLine();
//Sign the data
string signedMessage = Crypto.SignData
(
Encoding.UTF8.GetBytes(message),
digitalSignatureCertificate,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1,
pin
);
//Verify the signed data
bool validationStatus = Crypto.VerifyData
(
Encoding.UTF8.GetBytes(message), signedMessage, publicKeySigning, HashAlgorithmName.SHA256
);
//Create the hash
byte[] hash = SHA256.Create().ComputeHash(Encoding.UTF8.GetBytes(message));
//Sign the data
string signedHash = Crypto.SignHash
(
hash,
digitalSignatureCertificate,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1,
pin
);
//Verify the signed data
bool validationStatus2 = Crypto.VerifyHash
(
hash, signedHash, publicKeySigning, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1
);
//Output the results
Console.WriteLine
(
"Message: " + message + "\n" +
"Signature: " + signedMessage + "\n" +
"Validation Status: " + validationStatus.ToString()
);
Console.WriteLine("\n*********************************\n");
Console.WriteLine
(
"Hash: " + ToHex(hash) + "\n" +
"Signature: " + signedHash + "\n" +
"Validation Status: " + validationStatus2.ToString()
);
}
Console.ReadKey();
}
