public void LoadXml()
{
const string pValue = "oDZlcdJA1Kf6UeNEIZqm4KDqA6zpX7CmEtAGWi9pgnBhWOUDVEfhswfsvTLR5BCbKfE6KoHvt5Hh8D1RcAko//iZkLZ+gds9y/5Oxape8tu3TUi1BnNPWu8ieXjMtdnpyudKFsCymssJked1rBeRePG23HTVwOV1DpopjRkjBEU=";
const string qValue = "0JxsZhjbIteTbrtfWmt5Uif6il8=";
const string gValue = "EOVCfv1saTWIc6Dgim24a07dqqyCJXmIT+5PrgrfV3M8/hfmaMfZtpvM0BUkXVv0dFScnN7txnSpnLWchBz0RfehL6c7Mofu/d2H1cp8zvwTasfiJhypQHDuC4p1aSXuQ1hnzzyYeHKzBH9r0PA78haL7/HnwrrscttXGhmU/L0=";
const string yValue = "HBHSdiOJDoZhRpK+B4Ft5hisHvRjz6rELay+aPrya2yKRUUN7ZysNi12PltAvljexay0gEpPncg6TrRtH1+7usTxbgkuIwcQ3RPPIzM7y+XldbcyVUfyze5+zXy9ALiugT+zP8DOMRj9Yj6kR6ZsgbnSdlH2hGIn9NctXgRQ6Kg=";
const string seedValue = "NKemrvYwT/4u8DNiXoPj9jO6LAg=";
const string pgenCounterValue = "uA==";
string dsaKey = $"<KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>{pValue}</P><Q>{qValue}</Q><G>{gValue}</G><Y>{yValue}</Y><Seed>{seedValue}</Seed><PgenCounter>{pgenCounterValue}</PgenCounter></DSAKeyValue></KeyValue>";
var xmlDoc = new XmlDocument();
xmlDoc.LoadXml(dsaKey);
var dsaKeyValue = new DSAKeyValue();
dsaKeyValue.LoadXml(xmlDoc.DocumentElement);
var parameters = dsaKeyValue.Key.ExportParameters(false);
Assert.Equal(Convert.ToBase64String(parameters.P), pValue);
Assert.Equal(Convert.ToBase64String(parameters.Q), qValue);
Assert.Equal(Convert.ToBase64String(parameters.G), gValue);
Assert.Equal(Convert.ToBase64String(parameters.Y), yValue);
Assert.NotNull(parameters.Seed);
Assert.Equal(Convert.ToBase64String(parameters.Seed), seedValue);
Assert.Equal(BitConverter.GetBytes(parameters.Counter)[0], Convert.FromBase64String(pgenCounterValue)[0]);
}
public void GetXml()
{
DSAKeyValue dsa = new DSAKeyValue();
XmlElement xmlkey = dsa.GetXml();
XmlNamespaceManager ns = new XmlNamespaceManager(xmlkey.OwnerDocument.NameTable);
ns.AddNamespace("schema", SignedXml.XmlDsigNamespaceUrl);
IEnumerable <XmlNode> elements =
new[] { "P", "Q", "G", "Y", "J", "Seed", "PgenCounter" }
.Select(elementName => xmlkey.SelectSingleNode($"/schema:DSAKeyValue/schema:{elementName}", ns))
.Where(element => element != null);
//There MUST be existing elements
Assert.NotEmpty(elements);
//Existing elements MUST include a "Y"-Element
Assert.True(elements.SingleOrDefault(element => element.Name == "Y") != null);
//Existing elements MUST contain InnerText
Assert.True(elements.All(element => !string.IsNullOrEmpty(element.InnerText)));
//Existing elements MUST be convertible from BASE64
elements.Select(element => Convert.FromBase64String(element.InnerText));
}
public void Ctor_Dsa()
{
var pair = TestHelpers.DSAGenerateKeyPair();
DSAKeyValue dsaKeyValue = new DSAKeyValue((DsaPublicKeyParameters)pair.Public);
Assert.Equal(pair.Public, dsaKeyValue.Key);
}
virtual protected void SignWithKeyInfo(String src, String dest, ICipherParameters pk,
AsymmetricAlgorithm publicKey, String digestAlgorithm)
{
// Creating the reader and the stamper
PdfReader reader = new PdfReader(src);
FileStream os = new FileStream(dest, FileMode.Create);
PdfStamper stamper = PdfStamper.createXmlSignature(reader, os);
// Creating the appearance
XmlSignatureAppearance appearance = stamper.XmlSignatureAppearance;
//Set XfaXmlLocator to control getting and setting Document
appearance.SetXmlLocator(new XfaXmlLocator(stamper));
// Creating the signature
IExternalSignature pks = new PrivateKeySignature(pk, digestAlgorithm);
KeyInfoClause keyInfo;
if (publicKey is DSA)
{
keyInfo = new DSAKeyValue((DSA)publicKey);
}
else if (publicKey is RSA)
{
keyInfo = new RSAKeyValue((RSA)publicKey);
}
else
{
throw new ArgumentException("Invalid public key algorithm", "publicKey");
}
MakeXmlSignature.SignXmlDSig(appearance, pks, keyInfo);
}
public void Ctor_Dsa()
{
using (DSA dsa = DSA.Create())
{
DSAKeyValue dsaKeyValue = new DSAKeyValue(dsa);
Assert.Equal(dsa, dsaKeyValue.Key);
}
}
public void GetXml_SameDsa()
{
var pair = TestHelpers.DSAGenerateKeyPair();
DSAKeyValue dsaKeyValue1 = new DSAKeyValue((DsaPublicKeyParameters)pair.Public);
DSAKeyValue dsaKeyValue2 = new DSAKeyValue((DsaPublicKeyParameters)pair.Public);
Assert.Equal(dsaKeyValue1.GetXml(), dsaKeyValue2.GetXml());
}
public void GetXml_SameDsa()
{
using (DSA dsa = DSA.Create())
{
DSAKeyValue dsaKeyValue1 = new DSAKeyValue(dsa);
DSAKeyValue dsaKeyValue2 = new DSAKeyValue(dsa);
Assert.Equal(dsaKeyValue1.GetXml(), dsaKeyValue2.GetXml());
}
}
public void GetXml_SameDsa()
{
using (DSA dsa = TestHelpers.GetWorkingDSA())
{
DSAKeyValue dsaKeyValue1 = new DSAKeyValue(dsa);
DSAKeyValue dsaKeyValue2 = new DSAKeyValue(dsa);
Assert.Equal(dsaKeyValue1.GetXml(), dsaKeyValue2.GetXml());
}
}
public void Ctor_Dsa_Null()
{
DSAKeyValue dsaKeyValue = new DSAKeyValue(null);
//From https://github.com/peterwurzinger:
//This assertion is incorrect, since the parameter value is stored unvalidated/unprocessed
//Assert.NotNull(dsaKeyValue.Key);
Assert.Null(dsaKeyValue.Key);
}
public void InvalidValue2()
{
string badKey = "<Test></Test>";
XmlDocument doc = new XmlDocument();
doc.LoadXml(badKey);
DSAKeyValue dsa1 = new DSAKeyValue();
dsa1.LoadXml(doc.DocumentElement);
}
public void DSAKeyValue()
{
DSA key = DSA.Create();
key.FromXmlString(xmlDSA);
DSAKeyValue dsa = new DSAKeyValue(key);
info.AddClause(dsa);
AssertCrypto.AssertXmlEquals("dsa", "<KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" + xmlDSA + "</KeyValue></KeyInfo>", (info.GetXml().OuterXml));
Assert.AreEqual(1, info.Count, "dsa count");
}
public void Complex()
{
KeyInfoName name = new KeyInfoName();
name.Value = "CoreFx::";
info.AddClause(name);
using (DSA keyDSA = DSA.Create())
{
keyDSA.ImportParameters(new DSAParameters
{
P = Convert.FromBase64String(dsaP),
Q = Convert.FromBase64String(dsaQ),
G = Convert.FromBase64String(dsaG),
Y = Convert.FromBase64String(dsaY),
});
DSAKeyValue dsa = new DSAKeyValue(keyDSA);
info.AddClause(dsa);
using (RSA keyRSA = RSA.Create())
{
keyRSA.ImportParameters(new RSAParameters()
{
Modulus = Convert.FromBase64String(rsaModulus),
Exponent = Convert.FromBase64String(rsaExponent)
});
RSAKeyValue rsa = new RSAKeyValue(keyRSA);
info.AddClause(rsa);
KeyInfoRetrievalMethod retrieval = new KeyInfoRetrievalMethod();
retrieval.Uri = "https://github.com/dotnet/corefx";
info.AddClause(retrieval);
using (X509Certificate x509 = new X509Certificate(cert))
{
KeyInfoX509Data x509data = new KeyInfoX509Data(x509);
info.AddClause(x509data);
string s = "<KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><KeyName>CoreFx::</KeyName><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>rjxsMU368YOCTQejWkiuO9e/vUVwkLtq1jKiU3TtJ53hBJqjFRuTa228vZe+BH2su9RPn/vYFWfQDv6zgBYe3eNdu4Afw+Ny0FatX6dl3E77Ra6Tsd3MmLXBiGSQ1mMNd5G2XQGpbt9zsGlUaexXekeMLxIufgfZLwYp67M+2WM=</P><Q>tf0K9rMyvUrU4cIkwbCrDRhQAJk=</Q><G>S8Z+1pGCed00w6DtVcqZLKjfqlCJ7JsugEFIgSy/Vxtu9YGCMclV4ijGEbPo/jU8YOSMuD7E9M7UaopMRcmKQjoKZzoJjkgVFP48Ohxl1f08lERnButsxanx3+OstFwUGQ8XNaGg3KrIoZt1FUnfxN3RHHTvVhjzNSHxMGULGaU=</G><Y>LnrxxRGLYeV2XLtK3SYz8RQHlHFZYrtznDZyMotuRfO5uC5YODhSFyLXvb1qB3WeGtF4h3Eo4KzHgMgfN2ZMlffxFRhJgTtH3ctbL8lfQoDkjeiPPnYGhspdJxr0tyZmiy0gkjJG3vwHYrLnvZWx9Wm/unqiOlGBPNuxJ+hOeP8=</Y></DSAKeyValue></KeyValue>";
s += "<KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>9DC4XNdQJwMRnz5pP2a6U51MHCODRilaIoVXqUPhCUb0lJdGroeqVYT84ZyIVrcarzD7Tqs3aEOIa3rKox0N1bxQpZPqayVQeLAkjLLtzJW/ScRJx3uEDJdgT1JnM1FH0GZTinmEdCUXdLc7+Y/c/qqIkTfbwHbRZjW0bBJyExM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue>";
s += "<RetrievalMethod URI=\"https://github.com/dotnet/corefx\" />";
s += "<X509Data xmlns=\"http://www.w3.org/2000/09/xmldsig#\">";
s += "<X509Certificate>MIICHTCCAYYCARQwDQYJKoZIhvcNAQEEBQAwWDELMAkGA1UEBhMCQ0ExHzAdBgNVBAMTFktleXdpdG5lc3MgQ2FuYWRhIEluYy4xKDAmBgorBgEEASoCCwIBExhrZXl3aXRuZXNzQGtleXdpdG5lc3MuY2EwHhcNOTYwNTA3MDAwMDAwWhcNOTkwNTA3MDAwMDAwWjBYMQswCQYDVQQGEwJDQTEfMB0GA1UEAxMWS2V5d2l0bmVzcyBDYW5hZGEgSW5jLjEoMCYGCisGAQQBKgILAgETGGtleXdpdG5lc3NAa2V5d2l0bmVzcy5jYTCBnTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEAzSP6KuHtmPTp0JM+13qAAkzMwQKvXLYff/pXQm8w0SDFtSEHQCyphsLzZISuPYUu7YW9VLAYKO9q+BvnCxYfkyVPx/iOw7nKmIQOVdAv73h3xXIoX2C/GSvRcqK32D/glzRaAb0EnMh4Rc2TjRXydhARq7hbLp5S3YE+nGTIKZMCAQMwDQYJKoZIhvcNAQEEBQADgYEAMho1ur9DJ9a01Lh25eObTWzAhsl3NbprFi0TRkqwMlOhW1rpmeIMhogXTg3+gqxOR+/7/zms7jXI+lI3CkmtWa3iiqkcxl8f+G9zfs2gMegMvvVN2bKrihK2MHhoEXwN8UlNo/2y6f8d8JH6VIX/M5Dowb+km6RiRr1hElmYQYk=</X509Certificate></X509Data></KeyInfo>";
AssertCrypto.AssertXmlEquals("Complex", s, (info.GetXml().OuterXml));
Assert.Equal(5, info.Count);
}
}
}
}
public void ImportKey()
{
string dsaKey = "<KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>xc+QZRWTgr390gzwNXF+WzoepZkvAQvCzfCm+YyXj0KPoeHHeSc5ORzXQw81V+7XJR3gupvlI4F7lW9YC538l+3eqGm8IQlCIS+U+7ICTDOFFKevqsYX0BnjO0vvE4aAtDyxfSOTCOAo1cJ+6G6xgcC1JGIBEYCtg1tH8wUewDE=</P><Q>yyfZb0S/rimXl9ScJ3zIba2oGl8=</Q><G>crLazMg+vgI7u6+Idgi9iTLdRa4fptat3gdY97zcc857+OVdmT+lVRpK3okWpmBbw2wSffU8QltwFf42BVs+/HGUOUo2hNqSSXgzl1i+1frO7/cqooHVcy5WX0xxaIPsKcREPI5pNPj/3g8apTgErLMGsHkFdngwbMed9DArTks=</G><Y>FlAozo17wV/LCMRrtnmMKxVQNpidJVkZNM1/0eR65x8giwPs6yXzJmFT8f2tmPJY2FIOAtp5JYin4xUhwIHF452Gg50wUrjV6WTGkiC+gzLC2fVIyGlVsFecLj6ue7J+MACG+b3NQnxFuT5maQnPnEeuGgjLXfwYsAR1vfU0Gas=</Y><J>+UPMvUPq9Fo6Q1fr2oEYDxfGMMtfdoQmVBxI+TkUYQsReodRzBbnvGV1uPLWTpKKd/uJNUHO/QGb05Cvc6u49/AToDJIyi4e01hTLNCzeQk/Hj19gowb5wkTIjyaH04VyPE5zYoTYfuu3Y3Q</J><Seed>+cvoO7bzdpAwAjnDDApPzBCl6zg=</Seed><PgenCounter>ATM=</PgenCounter></DSAKeyValue></KeyValue>";
XmlDocument doc = new XmlDocument();
doc.LoadXml(dsaKey);
DSAKeyValue dsa1 = new DSAKeyValue();
dsa1.LoadXml(doc.DocumentElement);
string s = (dsa1.GetXml().OuterXml);
Assert.AreEqual(dsaKey, s, "DSA Key");
}
/// <summary>
/// Verify the given document using a KeyInfo instance. The KeyInfo instance's KeyClauses will be traversed for
/// elements that can verify the signature, eg. certificates or keys. If nothing is found, an exception is thrown.
/// </summary>
public static bool CheckSignature(XmlDocument doc, KeyInfo keyinfo)
{
CheckDocument(doc);
SignedXml signedXml = RetrieveSignature(doc);
AsymmetricAlgorithm alg = null;
X509Certificate2 cert = null;
foreach (KeyInfoClause clause in keyinfo)
{
if (clause is RSAKeyValue)
{
RSAKeyValue key = (RSAKeyValue)clause;
alg = key.Key;
break;
}
else if (clause is KeyInfoX509Data)
{
KeyInfoX509Data x509data = (KeyInfoX509Data)clause;
int count = x509data.Certificates.Count;
cert = (X509Certificate2)x509data.Certificates[count - 1];
}
else if (clause is DSAKeyValue)
{
DSAKeyValue key = (DSAKeyValue)clause;
alg = key.Key;
break;
}
}
if (alg == null && cert == null)
{
throw new InvalidOperationException("Unable to locate the key or certificate to verify the signature.");
}
if (alg != null)
{
return(signedXml.CheckSignature(alg));
}
else
{
return(signedXml.CheckSignature(cert, true));
}
}
public void GenerateKey()
{
DSAKeyValue dsa1 = new DSAKeyValue();
Assert.IsNotNull(dsa1.Key, "Key");
XmlElement xmlkey = dsa1.GetXml();
DSAKeyValue dsa2 = new DSAKeyValue();
dsa2.LoadXml(xmlkey);
Assert.IsTrue((dsa1.GetXml().OuterXml) == (dsa2.GetXml().OuterXml), "dsa1==dsa2");
DSA key = dsa1.Key;
DSAKeyValue dsa3 = new DSAKeyValue(key);
Assert.IsTrue((dsa3.GetXml().OuterXml) == (dsa1.GetXml().OuterXml), "dsa3==dsa1");
Assert.IsTrue((dsa3.GetXml().OuterXml) == (dsa2.GetXml().OuterXml), "dsa3==dsa2");
}
public void DSAKeyValue()
{
var key = new DsaPublicKeyParameters(y: new BigInteger(1, Convert.FromBase64String(dsaY)),
parameters: new DsaParameters(
p: new BigInteger(1, Convert.FromBase64String(dsaP)),
q: new BigInteger(1, Convert.FromBase64String(dsaQ)),
g: new BigInteger(1, Convert.FromBase64String(dsaG))
));
//J = Convert.FromBase64String(dsaJ),
//Seed = Convert.FromBase64String(dsaSeed),
//Counter = BitConverter.ToUInt16(Convert.FromBase64String(dsaPgenCounter), 0)
DSAKeyValue dsa = new DSAKeyValue(key);
info.AddClause(dsa);
AssertCrypto.AssertXmlEquals("dsa",
"<KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
xmlDSA + "</KeyValue></KeyInfo>", (info.GetXml().OuterXml));
Assert.Equal(1, info.Count);
}
/// <summary>
/// Attempts to retrieve an asymmetric key from the KeyInfoClause given as parameter.
/// </summary>
/// <param name="keyInfoClause"></param>
/// <returns>null if the key could not be found.</returns>
public static AsymmetricAlgorithm ExtractKey(KeyInfoClause keyInfoClause)
{
if (keyInfoClause is RSAKeyValue)
{
RSAKeyValue key = (RSAKeyValue)keyInfoClause;
return(key.Key);
}
else if (keyInfoClause is KeyInfoX509Data)
{
X509Certificate2 cert = GetCertificateFromKeyInfo((KeyInfoX509Data)keyInfoClause);
return(cert != null ? cert.PublicKey.Key : null);
}
else if (keyInfoClause is DSAKeyValue)
{
DSAKeyValue key = (DSAKeyValue)keyInfoClause;
return(key.Key);
}
return(null);
}
public void DSAKeyValue()
{
using (DSA key = DSA.Create())
{
key.ImportParameters(new DSAParameters {
P = Convert.FromBase64String(dsaP),
Q = Convert.FromBase64String(dsaQ),
G = Convert.FromBase64String(dsaG),
Y = Convert.FromBase64String(dsaY),
//J = Convert.FromBase64String(dsaJ),
//Seed = Convert.FromBase64String(dsaSeed),
//Counter = BitConverter.ToUInt16(Convert.FromBase64String(dsaPgenCounter), 0)
});
DSAKeyValue dsa = new DSAKeyValue(key);
info.AddClause(dsa);
AssertCrypto.AssertXmlEquals("dsa",
"<KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
xmlDSA + "</KeyValue></KeyInfo>", (info.GetXml().OuterXml));
Assert.Equal(1, info.Count);
}
}
public void LoadXml_Null()
{
DSAKeyValue dsa1 = new DSAKeyValue();
Assert.Throws <ArgumentNullException>(() => dsa1.LoadXml(null));
}
public void Ctor_Empty()
{
DSAKeyValue dsaKeyValue = new DSAKeyValue();
Assert.NotNull(dsaKeyValue.Key);
}
