public void Java2NetAddressedLTALevelTma()
{
RunJava("etee.crypto.test.Seal MANDATORY");
UnsealResult result;
FileStream file = new FileStream(GetAbsoluteTestFilePath("message_to_bob.msg"), FileMode.Open);
using (file)
{
IDataUnsealer unsealer = DataUnsealerFactory.CreateFromTimemarkAuthority(Level.LTA_Level, new CurrentTimemarkProvider(), bob);
result = unsealer.Unseal(file);
}
System.Console.WriteLine(result.SecurityInformation);
Assert.AreEqual(Egelke.EHealth.Etee.Crypto.Status.TrustStatus.Full, result.SecurityInformation.TrustStatus);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual("SERIALNUMBER=79021802145, G=Bryan Eduard, SN=Brouckaert, CN=Bryan Brouckaert (Authentication), C=BE", result.AuthenticationCertificate.Subject);
byte[] bytes = new byte[result.UnsealedData.Length];
result.UnsealedData.Read(bytes, 0, bytes.Length);
String msg = Encoding.UTF8.GetString(bytes);
Assert.IsTrue(msg.StartsWith("This is a message to bob"));
}
private void Unseal(Stream output)
{
IDataUnsealer unsealer = DataUnsealerFactory.Create(level, alice, bob);
UnsealResult result = unsealer.Unseal(output);
Console.WriteLine(result.SecurityInformation.ToString());
MemoryStream stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
result.UnsealedData.Close();
Assert.IsTrue((DateTime.UtcNow - result.SealedOn) < new TimeSpan(0, 1, 0));
Assert.IsNotNull(result.SignatureValue);
Assert.AreEqual(validationStatus, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(trustStatus, result.SecurityInformation.TrustStatus);
Assert.IsNull(result.SecurityInformation.OuterSignature.Signer);
Assert.IsNotNull(result.SecurityInformation.OuterSignature.SignerId);
Assert.IsNull(result.SecurityInformation.InnerSignature.Signer);
Assert.IsNotNull(result.SecurityInformation.InnerSignature.SignerId);
//todo:encrypt for WebKey
Assert.AreEqual(bob["825373489"].Thumbprint, result.SecurityInformation.Encryption.Subject.Certificate.Thumbprint);
Assert.AreEqual(clearMessage, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
}
public void Size31KFile()
{
Random rand = new Random();
byte[] buffer = new byte[1024]; //1k blocks
String file = Path.GetTempFileName();
FileStream hudgeFile = new FileStream(file, FileMode.Open);
try
{
//Write random stuff into it, exactly 32K
for (int i = 0; i < 31; i++)
{
rand.NextBytes(buffer);
hudgeFile.Write(buffer, 0, buffer.Length);
}
rand.NextBytes(buffer);
hudgeFile.Write(buffer, 0, 512);
//Rest
hudgeFile.Position = 0;
//Get ETK
EncryptionToken receiver = new EncryptionToken(Utils.ReadFully(GetAbsoluteTestFilePath("bob/bobs_public_key.etk")));
//Seal
IDataSealer sealer = EhDataSealerFactory.Create(Level.B_Level, alice);
Stream output = sealer.Seal(hudgeFile, receiver);
hudgeFile.Position = 0;
UnsealResult result;
using (output)
{
//Unseal again
IDataUnsealer unsealer = DataUnsealerFactory.Create(null, alice, bob);
result = unsealer.Unseal(output);
}
Console.WriteLine(result.SecurityInformation.ToString());
//check the lenth and the first bytes
Assert.AreEqual(hudgeFile.Length, result.UnsealedData.Length);
Assert.AreEqual(hudgeFile.ReadByte(), result.UnsealedData.ReadByte());
Assert.AreEqual(hudgeFile.ReadByte(), result.UnsealedData.ReadByte());
Assert.AreEqual(hudgeFile.ReadByte(), result.UnsealedData.ReadByte());
Assert.AreEqual(hudgeFile.ReadByte(), result.UnsealedData.ReadByte());
Assert.AreEqual(hudgeFile.ReadByte(), result.UnsealedData.ReadByte());
result.UnsealedData.Dispose();
}
finally
{
hudgeFile.Close();
File.Delete(file);
}
}
private void Mixed(IDataSealer sealer, IDataUnsealer unsealer)
{
String str = "This is a secret message from Alice to everybody";
SecretKey key = new SecretKey("btSefztkXjZmlZyHQIumLA==", "aaUnRynIwd3GFQmhXfW+VQ==");
EncryptionToken receiver1 = new EncryptionToken(Utils.ReadFully(GetAbsoluteTestFilePath("bob/bobs_public_key.etk")));
Stream output = sealer.Seal(new MemoryStream(Encoding.UTF8.GetBytes(str)), key, receiver1);
UnsealResult result = unsealer.Unseal(output, key);
Console.WriteLine(result.SecurityInformation.ToString());
MemoryStream stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.IsNull(result.SecurityInformation.Encryption.Subject);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
output.Position = 0;
result = unsealer.Unseal(output);
Console.WriteLine(result.SecurityInformation.ToString());
stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.AreEqual(bob["825373489"].Thumbprint, result.SecurityInformation.Encryption.Subject.Certificate.Thumbprint);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
}
public void Java2NetBasic()
{
RunJava("etee.crypto.test.Seal BASIC");
//check adressed
UnsealResult result;
FileStream file = new FileStream(GetAbsoluteTestFilePath("message_to_bob.msg"), FileMode.Open);
using (file)
{
IDataUnsealer unsealer = DataUnsealerFactory.Create(null, bob);
result = unsealer.Unseal(file);
}
System.Console.WriteLine(result.SecurityInformation);
Assert.AreEqual(Egelke.EHealth.Etee.Crypto.Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.IsTrue(result.IsNonRepudiatable);
//Assert.AreEqual(mcn["authentication"].Subject, result.AuthenticationCertificate.Subject);
byte[] bytes = new byte[result.UnsealedData.Length];
result.UnsealedData.Read(bytes, 0, bytes.Length);
String msg = Encoding.UTF8.GetString(bytes);
Assert.AreEqual("Hello from Alice to Bob", msg);
//check unaddressed
SecretKey sk = new SecretKey("btSefztkXjZmlZyHQIumLA==", "QUFBQUFBQUFBQUFBQUFBQQ==");
file = new FileStream(GetAbsoluteTestFilePath("message_to_bob.msg"), FileMode.Open);
using (file)
{
IDataUnsealer unsealer = DataUnsealerFactory.Create(null);
result = unsealer.Unseal(file, sk);
}
System.Console.WriteLine(result.SecurityInformation);
Assert.AreEqual(Egelke.EHealth.Etee.Crypto.Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.IsTrue(result.IsNonRepudiatable);
//Assert.AreEqual(mcn["authentication"].Subject, result.AuthenticationCertificate.Subject);
bytes = new byte[result.UnsealedData.Length];
result.UnsealedData.Read(bytes, 0, bytes.Length);
msg = Encoding.UTF8.GetString(bytes);
Assert.AreEqual("Hello from Alice to Bob", msg);
}
public void Java2NetAddressedLTALevel()
{
RunJava("etee.crypto.test.Seal NONE");
File.Copy(GetAbsoluteTestFilePath("message_to_bob.msg"), GetAbsoluteTestFilePath("message_to_store.msg"), true);
String output = RunJava("etee.crypto.test.Verify OPTIONAL");
SHA256 sha = SHA256.Create();
byte[] hash = sha.ComputeHash(Convert.FromBase64String(output.Trim()));
var tsa = new TimeStampAuthorityClient(new StsBinding(), new EndpointAddress("https://services-acpt.ehealth.fgov.be/TimestampAuthority/v2"));
tsa.Endpoint.Behaviors.Remove <ClientCredentials>();
tsa.Endpoint.Behaviors.Add(new OptClientCredentials());
tsa.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "566fd3fe13e3ab185a7224bcec8ad9cffbf9e9c2");
var tsProvider = new EHealthTimestampProvider(tsa);
byte[] tst = tsProvider.GetTimestampFromDocumentHash(hash, "http://www.w3.org/2001/04/xmlenc#sha256");
File.Copy(GetAbsoluteTestFilePath("message_to_bob.msg"), GetAbsoluteTestFilePath("message_to_store.msg"), true);
RunJava("etee.crypto.test.Stamp " + Convert.ToBase64String(tst));
UnsealResult result;
FileStream file = new FileStream(GetAbsoluteTestFilePath("message_to_bob.msg"), FileMode.Open);
using (file)
{
IDataUnsealer unsealer = DataUnsealerFactory.Create(Level.LTA_Level, bob);
result = unsealer.Unseal(file);
}
System.Console.WriteLine(result.SecurityInformation);
Assert.AreEqual(Egelke.EHealth.Etee.Crypto.Status.TrustStatus.Full, result.SecurityInformation.TrustStatus);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual("SERIALNUMBER=79021802145, G=Bryan Eduard, SN=Brouckaert, CN=Bryan Brouckaert (Authentication), C=BE", result.AuthenticationCertificate.Subject);
byte[] bytes = new byte[result.UnsealedData.Length];
result.UnsealedData.Read(bytes, 0, bytes.Length);
String msg = Encoding.UTF8.GetString(bytes);
Assert.IsTrue(msg.StartsWith("This is a message to bob"));
}
public void Java2NetEid()
{
RunJava("etee.crypto.test.Seal EID");
UnsealResult result;
FileStream file = new FileStream(GetAbsoluteTestFilePath("message_to_bob.msg"), FileMode.Open);
using (file)
{
IDataUnsealer unsealer = DataUnsealerFactory.Create(null, bob);
result = unsealer.Unseal(file);
}
System.Console.WriteLine(result.SecurityInformation);
Assert.AreEqual(Egelke.EHealth.Etee.Crypto.Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.IsFalse(result.IsNonRepudiatable);
}
public void WebAuth()
{
UnsealResult result;
FileStream file = new FileStream("msg/web-auth.cms", FileMode.Open);
using (file)
{
X509Certificate2 aliceAuth = alice["authentication"];
result = bUnsealer.Unseal(file, new WebKey(new byte[] { 0x53, 0x35, 0x39, 0x33, 0x39, 0x31, 0x30, 0x31, 0x37, 0x31, 0x31, 0x32, 0x30, 0x36, 0x32, 0x36, 0x36, 0x31, 0x39, 0x30 }, aliceAuth.PublicKey.Key));
}
System.Console.WriteLine(result.SecurityInformation);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(TrustStatus.Full, result.SecurityInformation.TrustStatus);
//Assert.IsTrue(result.SecurityInformation.SecurityViolations.Contains(UnsealSecurityViolation.UntrustedSender));
//Assert.IsTrue(result.SecurityInformation.OuterSignature.SecurityViolations.Contains(SecurityViolation.UntrustedSubject));
//Assert.IsTrue(result.SecurityInformation.OuterSignature.Subject.SecurityViolations.Contains(CertSecurityViolation.NotTimeValid));
//Assert.IsTrue(result.SecurityInformation.InnerSignature.SecurityViolations.Contains(SecurityViolation.UntrustedSubject));
//Assert.IsTrue(result.SecurityInformation.InnerSignature.Subject.SecurityViolations.Contains(CertSecurityViolation.NotTimeValid));
}
public void MultiAddressed()
{
String str = "This is a secret message from Alice for Bob and Herself";
//Get ETK
EncryptionToken receiver1 = new EncryptionToken(Utils.ReadFully(GetAbsoluteTestFilePath("bob/bobs_public_key.etk")));
EncryptionToken receiver2 = new EncryptionToken(Utils.ReadFully(GetAbsoluteTestFilePath("alice/alices_public_key.etk")));
IDataSealer sealer = EhDataSealerFactory.Create(Level.B_Level, alice);
Stream output = sealer.Seal(new MemoryStream(Encoding.UTF8.GetBytes(str)), receiver1, receiver2);
IDataUnsealer unsealer = DataUnsealerFactory.Create(null, alice, bob);
UnsealResult result = unsealer.Unseal(output);
Console.WriteLine(result.SecurityInformation.ToString());
output.Position = 0;
MemoryStream stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.IsTrue(result.IsNonRepudiatable);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
unsealer = DataUnsealerFactory.Create(null, alice);
result = unsealer.Unseal(output);
Console.WriteLine(result.SecurityInformation.ToString());
output.Position = 0;
stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
//Assert.IsInstanceOfType(result.UnsealedData, typeof(WindowsTempFileStream));
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.IsTrue(result.IsNonRepudiatable);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.AreEqual(alice["1204544406096826217265"].Thumbprint, result.SecurityInformation.Encryption.Subject.Certificate.Thumbprint);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
unsealer = DataUnsealerFactory.Create(null, bob);
result = unsealer.Unseal(output);
Console.WriteLine(result.SecurityInformation.ToString());
output.Position = 0;
output.Close();
stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
//Assert.IsInstanceOfType(result.UnsealedData, typeof(WindowsTempFileStream));
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.IsTrue(result.IsNonRepudiatable);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.AreEqual(bob["825373489"].Thumbprint, result.SecurityInformation.Encryption.Subject.Certificate.Thumbprint);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
}
public void BothEidCertsSignedV21()
{
UnsealResult result;
FileStream file = new FileStream(GetAbsoluteTestFilePath("msg/SEALED_WITH_EID_OCSP_NONE.msg"), FileMode.Open);
using (file)
{
result = nullUnsealer.Unseal(file);
}
System.Console.WriteLine(result.SecurityInformation);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(TrustStatus.None, result.SecurityInformation.TrustStatus);
}
private void NonAddressed(IDataSealer sealer, IDataUnsealer unsealer)
{
String str = "This is a secret message from Alice";
SecretKey key = new SecretKey("btSefztkXjZmlZyHQIumLA==", "aaUnRynIwd3GFQmhXfW+VQ==");
Stream output = sealer.Seal(new MemoryStream(Encoding.UTF8.GetBytes(str)), key);
UnsealResult result = unsealer.Unseal(output, key);
Console.WriteLine(result.SecurityInformation.ToString());
output.Close();
MemoryStream stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
//Assert.IsInstanceOfType(result.UnsealedData, typeof(WindowsTempFileStream));
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.IsNull(result.SecurityInformation.Encryption.Subject);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
}
private void Mixed(IDataSealer sealer, IDataUnsealer unsealer)
{
String str = "This is a secret message from Alice to everybody";
SecretKey key = new SecretKey("btSefztkXjZmlZyHQIumLA==", "aaUnRynIwd3GFQmhXfW+VQ==");
EncryptionToken receiver1 = new EncryptionToken(Utils.ReadFully("../../bob/bobs_public_key.etk"));
Stream output = sealer.Seal(new MemoryStream(Encoding.UTF8.GetBytes(str)), key, receiver1);
UnsealResult result = unsealer.Unseal(output, key);
Console.WriteLine(result.SecurityInformation.ToString());
MemoryStream stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.IsNull(result.SecurityInformation.Encryption.Subject);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
output.Position = 0;
result = unsealer.Unseal(output);
Console.WriteLine(result.SecurityInformation.ToString());
stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.AreEqual(bob["825373489"].Thumbprint, result.SecurityInformation.Encryption.Subject.Certificate.Thumbprint);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
}
private void Addressed(IDataSealer sealer, IDataUnsealer unsealer)
{
String str = "This is a secret message from Alice for Bob";
//Get ETK
EncryptionToken receiver = new EncryptionToken(Utils.ReadFully("../../bob/bobs_public_key.etk"));
//receiver.Verify();
Stream output = sealer.Seal(new MemoryStream(Encoding.UTF8.GetBytes(str)), receiver);
UnsealResult result = unsealer.Unseal(output);
Console.WriteLine(result.SecurityInformation.ToString());
output.Close();
MemoryStream stream = new MemoryStream();
Utils.Copy(result.UnsealedData, stream);
//Assert.IsInstanceOfType(result.UnsealedData, typeof(WindowsTempFileStream));
Assert.AreEqual(ValidationStatus.Valid, result.SecurityInformation.ValidationStatus);
Assert.AreEqual(ETEE::Status.TrustStatus.Unsure, result.SecurityInformation.TrustStatus);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.AuthenticationCertificate.Thumbprint);
Assert.AreEqual(alice["Authentication"].Thumbprint, result.SigningCertificate.Thumbprint);
Assert.AreEqual(bob["825373489"].Thumbprint, result.SecurityInformation.Encryption.Subject.Certificate.Thumbprint);
Assert.AreEqual(str, Encoding.UTF8.GetString(stream.ToArray()));
Assert.IsNotNull(result.SecurityInformation.ToString());
}