public void ReadTokens(List <PgpToken> ltTokens) { ITokenInfo TokenInfo; List <ISlot> ltSlots; PgpToken Token; if (isWithOpenSc) { ltTokens.RemoveAll(t => t.isOnSmartCard); ltSlots = _Pkcs11Library.GetSlotList(SlotsType.WithTokenPresent); if (ltSlots != null) { foreach (ISlot Slot in ltSlots) { TokenInfo = Slot.GetTokenInfo(); Token = ltTokens.Find(t => t.sSerialNumber == TokenInfo.SerialNumber); if (Token == null) { Token = new PgpToken(TokenInfo, this); ltTokens.Add(Token); } AddKeysToToken(Slot, Token); } } } }
public Pkcs11Signature(string libraryPath, ulong slotId) { Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, libraryPath, AppType.MultiThreaded); slot = pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent).Find(slot => slot.SlotId == slotId); }
private List <Pkcs11Slot> GetPkcs11Slots() { List <Pkcs11Slot> slots = new List <Pkcs11Slot>(); foreach (ISlot slot in _pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent)) { slots.Add(new Pkcs11Slot(slot)); } return(slots); }
public void _01_SlotListTest() { using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Get list of available slots List <ISlot> slots = pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent); // Do something interesting with slots Assert.IsNotNull(slots); Assert.IsTrue(slots.Count > 0); } }
/// <summary> /// Obtains a list of all PKCS#11 URI matching slots /// </summary> /// <param name="pkcs11Uri">PKCS#11 URI</param> /// <param name="pkcs11Library">High level PKCS#11 wrapper</param> /// <param name="slotsType">Type of slots to be obtained</param> /// <returns>List of slots matching PKCS#11 URI</returns> public static List <ISlot> GetMatchingSlotList(Pkcs11Uri pkcs11Uri, IPkcs11Library pkcs11Library, SlotsType slotsType) { if (pkcs11Uri == null) { throw new ArgumentNullException("pkcs11Uri"); } if (pkcs11Library == null) { throw new ArgumentNullException("pkcs11Library"); } List <ISlot> matchingSlots = new List <ISlot>(); ILibraryInfo libraryInfo = pkcs11Library.GetInfo(); if (!Matches(pkcs11Uri, libraryInfo)) { return(matchingSlots); } List <ISlot> slots = pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent); if ((slots == null) || (slots.Count == 0)) { return(matchingSlots); } foreach (ISlot slot in slots) { ISlotInfo slotInfo = slot.GetSlotInfo(); if (Matches(pkcs11Uri, slotInfo)) { if (slotInfo.SlotFlags.TokenPresent) { ITokenInfo tokenInfo = slot.GetTokenInfo(); if (Matches(pkcs11Uri, tokenInfo)) { matchingSlots.Add(slot); } } else { if (slotsType == SlotsType.WithOrWithoutTokenPresent && Pkcs11UriSharedUtils.Matches(pkcs11Uri, null, null, null, null)) { matchingSlots.Add(slot); } } } } return(matchingSlots); }
public void TestAccess() { // Specify the path to unmanaged PKCS#11 library provided by the cryptographic device vendor string pkcs11LibraryPath = @"d:\Program Files\SoftHSM2\lib\softhsm2-x64.dll"; // Create factories used by Pkcs11Interop library Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); // Load unmanaged PKCS#11 library using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, pkcs11LibraryPath, AppType.MultiThreaded)) { // Show general information about loaded library ILibraryInfo libraryInfo = pkcs11Library.GetInfo(); Console.WriteLine("Library"); Console.WriteLine(" Manufacturer: " + libraryInfo.ManufacturerId); Console.WriteLine(" Description: " + libraryInfo.LibraryDescription); Console.WriteLine(" Version: " + libraryInfo.LibraryVersion); // Get list of all available slots foreach (ISlot slot in pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent)) { // Show basic information about slot ISlotInfo slotInfo = slot.GetSlotInfo(); Console.WriteLine(); Console.WriteLine("Slot"); Console.WriteLine(" Manufacturer: " + slotInfo.ManufacturerId); Console.WriteLine(" Description: " + slotInfo.SlotDescription); Console.WriteLine(" Token present: " + slotInfo.SlotFlags.TokenPresent); if (slotInfo.SlotFlags.TokenPresent) { // Show basic information about token present in the slot ITokenInfo tokenInfo = slot.GetTokenInfo(); Console.WriteLine("Token"); Console.WriteLine(" Manufacturer: " + tokenInfo.ManufacturerId); Console.WriteLine(" Model: " + tokenInfo.Model); Console.WriteLine(" Serial number: " + tokenInfo.SerialNumber); Console.WriteLine(" Label: " + tokenInfo.Label); // Show list of mechanisms (algorithms) supported by the token Console.WriteLine("Supported mechanisms: "); foreach (CKM mechanism in slot.GetMechanismList()) { Console.WriteLine(" " + mechanism); } } } } }
public ActionResult GetAllCerts() { Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, DllLibPath, AppType.MultiThreaded)) { ISlot slot = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent).FirstOrDefault(); if (slot is null) { return(Ok("No slots found")); } ITokenInfo tokenInfo = slot.GetTokenInfo(); ISlotInfo slotInfo = slot.GetSlotInfo(); using (var session = slot.OpenSession(SessionType.ReadWrite)) { session.Login(CKU.CKU_USER, Encoding.UTF8.GetBytes(TokenPin)); var certificateSearchAttributes = new List <IObjectAttribute>() { session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_CERTIFICATE), session.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true), session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CERTIFICATE_TYPE, CKC.CKC_X_509) }; IObjectHandle certificate = session.FindAllObjects(certificateSearchAttributes).FirstOrDefault(); var certificateValue = session.GetAttributeValue(certificate, new List <CKA> { CKA.CKA_VALUE }); var xcert = new X509Certificate2(certificateValue[0].GetValueAsByteArray()); return(Ok( new { xcert.Thumbprint, xcert.Subject, xcert.IssuerName, hasKeyNull = xcert.PrivateKey is null }));
public PkcsInteropSigner() { Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, pkcs11LibraryPath, AppType.MultiThreaded); var slots = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent); if (slots.Count == 0) { throw new InstanceCreationException("Por favor, verifique que el lector está conectado y que la cédula fue insertada correctamente."); } slot = slots[0]; }
public void _03_SlotInfoMatches() { using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { List <ISlot> slots = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent); Assert.IsTrue(slots != null && slots.Count > 0); ISlotInfo slotInfo = slots[0].GetSlotInfo(); // Empty URI Pkcs11Uri pkcs11uri = new Pkcs11Uri(@"pkcs11:"); Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, slotInfo)); // Unknown path attribute in URI pkcs11uri = new Pkcs11Uri(@"pkcs11:vendor=foobar"); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, slotInfo)); // All attributes matching Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.SlotManufacturer = slotInfo.ManufacturerId; pkcs11UriBuilder.SlotDescription = slotInfo.SlotDescription; pkcs11UriBuilder.SlotId = slotInfo.SlotId; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, slotInfo)); // Manufacturer nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.SlotManufacturer = "foobar"; pkcs11UriBuilder.SlotDescription = slotInfo.SlotDescription; pkcs11UriBuilder.SlotId = slotInfo.SlotId; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, slotInfo)); // Description nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.SlotManufacturer = slotInfo.ManufacturerId; pkcs11UriBuilder.SlotDescription = "foobar"; pkcs11UriBuilder.SlotId = slotInfo.SlotId; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, slotInfo)); // Slot id nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.SlotManufacturer = slotInfo.ManufacturerId; pkcs11UriBuilder.SlotDescription = slotInfo.SlotDescription; pkcs11UriBuilder.SlotId = slotInfo.SlotId + 1; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, slotInfo)); } }
public void _06_GetMatchingSlotList() { using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Get all slots List <ISlot> allSlots = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent); Assert.IsTrue(allSlots != null && allSlots.Count > 0); // Empty URI Pkcs11Uri pkcs11uri = new Pkcs11Uri(@"pkcs11:"); List <ISlot> matchedSlots = Pkcs11UriUtils.GetMatchingSlotList(pkcs11uri, pkcs11Library, SlotsType.WithTokenPresent); Assert.IsTrue(matchedSlots.Count == allSlots.Count); // Unknown path attribute in URI pkcs11uri = new Pkcs11Uri(@"pkcs11:vendor=foobar"); matchedSlots = Pkcs11UriUtils.GetMatchingSlotList(pkcs11uri, pkcs11Library, SlotsType.WithTokenPresent); Assert.IsTrue(matchedSlots.Count == 0); // All attributes matching one slot ILibraryInfo libraryInfo = pkcs11Library.GetInfo(); ISlotInfo slotInfo = allSlots[0].GetSlotInfo(); ITokenInfo tokenInfo = allSlots[0].GetTokenInfo(); Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.LibraryManufacturer = libraryInfo.ManufacturerId; pkcs11UriBuilder.LibraryDescription = libraryInfo.LibraryDescription; pkcs11UriBuilder.LibraryVersion = libraryInfo.LibraryVersion; pkcs11UriBuilder.SlotManufacturer = slotInfo.ManufacturerId; pkcs11UriBuilder.SlotDescription = slotInfo.SlotDescription; pkcs11UriBuilder.SlotId = slotInfo.SlotId; pkcs11UriBuilder.Token = tokenInfo.Label; pkcs11UriBuilder.Manufacturer = tokenInfo.ManufacturerId; pkcs11UriBuilder.Serial = tokenInfo.SerialNumber; pkcs11UriBuilder.Model = tokenInfo.Model; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); matchedSlots = Pkcs11UriUtils.GetMatchingSlotList(pkcs11uri, pkcs11Library, SlotsType.WithTokenPresent); Assert.IsTrue(matchedSlots.Count == 1); // One attribute nonmatching pkcs11UriBuilder.Serial = "foobar"; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); matchedSlots = Pkcs11UriUtils.GetMatchingSlotList(pkcs11uri, pkcs11Library, SlotsType.WithTokenPresent); Assert.IsTrue(matchedSlots.Count == 0); } }
public void _02_BasicSlotListAndInfoTest() { using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Get list of available slots List <ISlot> slots = pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent); // Do something interesting with slots Assert.IsNotNull(slots); Assert.IsTrue(slots.Count > 0); // Analyze first slot ISlotInfo slotInfo = slots[0].GetSlotInfo(); // Do something interesting with slot info Assert.IsNotNull(slotInfo.ManufacturerId); } }
public void TestAccessKeyAndCertificate() { // Specify the path to unmanaged PKCS#11 library provided by the cryptographic device vendor string pkcs11LibraryPath = @"d:\Program Files\SoftHSM2\lib\softhsm2-x64.dll"; Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, pkcs11LibraryPath, AppType.MultiThreaded)) { ISlot slot = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent).Find(slot => slot.SlotId == 171137967); Assert.IsNotNull(slot, "Slot with ID 171137967 does not exist or does not have token."); using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { // Login as normal user session.Login(CKU.CKU_USER, "5678"); List <IObjectAttribute> attributes = new List <IObjectAttribute>(); ObjectAttributeFactory objectAttributeFactory = new ObjectAttributeFactory(); attributes.Add(objectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY)); List <IObjectHandle> keys = session.FindAllObjects(attributes); Assert.AreEqual(1, keys.Count, "Unexpected number of private keys: {0}", keys.Count); attributes.Clear(); attributes.Add(objectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_CERTIFICATE)); attributes.Add(objectAttributeFactory.Create(CKA.CKA_CERTIFICATE_TYPE, CKC.CKC_X_509)); List <IObjectHandle> certificates = session.FindAllObjects(attributes); Assert.AreEqual(1, certificates.Count, "Unexpected number of certificates: {0}", certificates.Count); List <CKA> certificateAttributeKeys = new List <CKA>(); certificateAttributeKeys.Add(CKA.CKA_VALUE); certificateAttributeKeys.Add(CKA.CKA_LABEL); List <IObjectAttribute> certificateAttributes = session.GetAttributeValue(certificates[0], certificateAttributeKeys); Assert.AreEqual(2, certificateAttributes.Count, "Unexpected number of certificate attributes: {0}", certificateAttributes.Count); string certificateLabel = certificateAttributes[1].GetValueAsString(); Console.WriteLine("Certificate label: {0}", certificateLabel); byte[] certificateBytes = certificateAttributes[0].GetValueAsByteArray(); X509Certificate2 certificate = new X509Certificate2(certificateBytes); Console.WriteLine("Subject: {0}", certificate.Subject.ToString()); } } }
public static ISlot GetUsableSlot(IPkcs11Library pkcs11Library) { // Get list of available slots with token present List <ISlot> slots = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent); // First slot with token present is OK... ISlot matchingSlot = slots[0]; // ...unless there are matching criteria specified in Settings class { matchingSlot = null; foreach (ISlot slot in slots) { ITokenInfo tokenInfo = null; try { tokenInfo = slot.GetTokenInfo(); } catch (Pkcs11Exception ex) { if (ex.RV != CKR.CKR_TOKEN_NOT_RECOGNIZED && ex.RV != CKR.CKR_TOKEN_NOT_PRESENT) { throw; } } if (tokenInfo == null) { continue; } matchingSlot = slot; break; } } return(matchingSlot); }
public ActionResult GetAllTokenDetails() { Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); List <ITokenInfo> tokens = new List <ITokenInfo>(); List <ISlotInfo> slots = new List <ISlotInfo>(); using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, DllLibPath, AppType.MultiThreaded)) { var slotList = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent).ToList(); slotList.ForEach(item => { tokens.Add(item.GetTokenInfo()); slots.Add(item.GetSlotInfo()); }); return(Ok(new { tokens, slots })); } }
/// <summary> /// Finds slot containing the token that matches criteria specified in Settings class /// </summary> /// <param name='pkcs11Library'>Initialized PKCS11 wrapper</param> /// <returns>Slot containing the token that matches criteria</returns> public static ISlot GetUsableSlot(IPkcs11Library pkcs11Library) { // Get list of available slots with token present List <ISlot> slots = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent); Assert.IsNotNull(slots); Assert.IsTrue(slots.Count > 0); // First slot with token present is OK... ISlot matchingSlot = slots[0]; // ...unless there are matching criteria specified in Settings class if (Settings.TokenSerial != null || Settings.TokenLabel != null) { matchingSlot = null; foreach (ISlot slot in slots) { ITokenInfo tokenInfo = null; try { tokenInfo = slot.GetTokenInfo(); } catch (Pkcs11Exception ex) { if (ex.RV != CKR.CKR_TOKEN_NOT_RECOGNIZED && ex.RV != CKR.CKR_TOKEN_NOT_PRESENT) { throw; } } if (tokenInfo == null) { continue; } if (!string.IsNullOrEmpty(Settings.TokenSerial)) { if (0 != string.Compare(Settings.TokenSerial, tokenInfo.SerialNumber, StringComparison.Ordinal)) { continue; } } if (!string.IsNullOrEmpty(Settings.TokenLabel)) { if (0 != string.Compare(Settings.TokenLabel, tokenInfo.Label, StringComparison.Ordinal)) { continue; } } matchingSlot = slot; break; } } Assert.IsTrue(matchingSlot != null, "Token matching criteria specified in Settings class is not present"); return(matchingSlot); }
private static void InitializeTokens() { Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); // Initialize tokens and import objects using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, LibraryPath, AppType.MultiThreaded)) { // Initialize first token List <ISlot> slots = pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent); if (slots.Count != 1) { return; // Already initialized } else { InitializeToken(slots[0], Token1Label, Token1SoPin, Token1UserPin); } // Initialize second token slots = pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent); if (slots.Count != 2) { throw new Exception("Unexpected number of slots"); } else { InitializeToken(slots[1], Token2Label, Token2SoPin, Token2UserPin); } // Import objects to first token using (ISession session = slots[0].OpenSession(SessionType.ReadWrite)) { session.Login(CKU.CKU_USER, Token1UserPin); // Import CA cert without private key session.CreateObject(CryptoObjects.GetTestCaCertAttributes(session, Token1TestCaLabel)); // Import user cert with RSA private and public keys session.CreateObject(CryptoObjects.GetTestUserRsaCertAttributes(session, Token1TestUserRsaLabel)); session.CreateObject(CryptoObjects.GetTestUserRsaPrivKeyAttributes(session, Token1TestUserRsaLabel, false)); session.CreateObject(CryptoObjects.GetTestUserRsaPubKeyAttributes(session, Token1TestUserRsaLabel)); // Import user cert with ECDSA private and public keys session.CreateObject(CryptoObjects.GetTestUserEcdsaCertAttributes(session, Token1TestUserEcdsaLabel)); session.CreateObject(CryptoObjects.GetTestUserEcdsaPrivKeyAttributes(session, Token1TestUserEcdsaLabel, false)); session.CreateObject(CryptoObjects.GetTestUserEcdsaPubKeyAttributes(session, Token1TestUserEcdsaLabel)); } // Import objects to second token using (ISession session = slots[1].OpenSession(SessionType.ReadWrite)) { session.Login(CKU.CKU_USER, Token2UserPin); // Import CA cert without private key session.CreateObject(CryptoObjects.GetTestCaCertAttributes(session, Token1TestCaLabel)); // Import user cert with RSA private and public keys session.CreateObject(CryptoObjects.GetTestUserRsaCertAttributes(session, Token2TestUserRsaLabel)); session.CreateObject(CryptoObjects.GetTestUserRsaPrivKeyAttributes(session, Token2TestUserRsaLabel, true)); session.CreateObject(CryptoObjects.GetTestUserRsaPubKeyAttributes(session, Token2TestUserRsaLabel)); // Import user cert with ECDSA private and public keys session.CreateObject(CryptoObjects.GetTestUserEcdsaCertAttributes(session, Token2TestUserEcdsaLabel)); session.CreateObject(CryptoObjects.GetTestUserEcdsaPrivKeyAttributes(session, Token2TestUserEcdsaLabel, true)); session.CreateObject(CryptoObjects.GetTestUserEcdsaPubKeyAttributes(session, Token2TestUserEcdsaLabel)); } } }
public string SignWithCMS(String serializedJson) { byte[] data = Encoding.UTF8.GetBytes(serializedJson); Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, DllLibPath, AppType.MultiThreaded)) { ISlot slot = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent).FirstOrDefault(); if (slot is null) { return("No slots found"); } ITokenInfo tokenInfo = slot.GetTokenInfo(); ISlotInfo slotInfo = slot.GetSlotInfo(); using (var session = slot.OpenSession(SessionType.ReadWrite)) { session.Login(CKU.CKU_USER, Encoding.UTF8.GetBytes(TokenPin)); var certificateSearchAttributes = new List <IObjectAttribute>() { session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_CERTIFICATE), session.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true), session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CERTIFICATE_TYPE, CKC.CKC_X_509) }; IObjectHandle certificate = session.FindAllObjects(certificateSearchAttributes).FirstOrDefault(); if (certificate is null) { return("Certificate not found"); } X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.MaxAllowed); // find cert by thumbprint var foundCerts = store.Certificates.Find(X509FindType.FindByIssuerName, TokenCertificate, false); //var foundCerts = store.Certificates.Find(X509FindType.FindBySerialNumber, "2b1cdda84ace68813284519b5fb540c2", true); if (foundCerts.Count == 0) { return("no device detected"); } var certForSigning = foundCerts[0]; store.Close(); ContentInfo content = new ContentInfo(new Oid("1.2.840.113549.1.7.5"), data); SignedCms cms = new SignedCms(content, true); EssCertIDv2 bouncyCertificate = new EssCertIDv2(new Org.BouncyCastle.Asn1.X509.AlgorithmIdentifier(new DerObjectIdentifier("1.2.840.113549.1.9.16.2.47")), this.HashBytes(certForSigning.RawData)); SigningCertificateV2 signerCertificateV2 = new SigningCertificateV2(new EssCertIDv2[] { bouncyCertificate }); CmsSigner signer = new CmsSigner(certForSigning); signer.DigestAlgorithm = new Oid("2.16.840.1.101.3.4.2.1"); signer.SignedAttributes.Add(new Pkcs9SigningTime(DateTime.UtcNow)); signer.SignedAttributes.Add(new AsnEncodedData(new Oid("1.2.840.113549.1.9.16.2.47"), signerCertificateV2.GetEncoded())); cms.ComputeSignature(signer); var output = cms.Encode(); return(Convert.ToBase64String(output)); } } }
public void ListForTreeview() { try { Node Tree = new Node(); // Show general information about loaded library ILibraryInfo libraryInfo = PKCS11Library.GetInfo(); Node Library = new Node() { Header = "PKCS11 Library " + libraryInfo.LibraryDescription, IconURI = "resm:PKCS11Explorer.Assets.baseline_layers_grey_18dp.png" }; Library.Children.Add(new Node() { Header = "Filepath: " + LibraryFilePath, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); Library.Children.Add(new Node() { Header = "Manufacturer: " + libraryInfo.ManufacturerId, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); Library.Children.Add(new Node() { Header = "Description: " + libraryInfo.LibraryDescription, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); Library.Children.Add(new Node() { Header = "Version: " + libraryInfo.LibraryVersion, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); var assets = AvaloniaLocator.Current.GetService <IAssetLoader>(); Tree.Children.Add(Library); // Get list of all available slots foreach (ISlot slot in PKCS11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent)) { // Show basic information about slot ISlotInfo slotInfo = slot.GetSlotInfo(); Node Slot; if (slotInfo.SlotFlags.TokenPresent) { Slot = new Node() { Header = "Slot " + slot.GetSlotInfo().SlotId, IconURI = "resm:PKCS11Explorer.Assets.baseline_scanner_green_18dp.png" } } ; else { Slot = new Node() { Header = "Slot " + slot.GetSlotInfo().SlotId, IconURI = "resm:PKCS11Explorer.Assets.baseline_scanner_red_18dp.png" } }; Slot.Children.Add(new Node() { Header = "Manufacturer: " + slotInfo.ManufacturerId, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); Slot.Children.Add(new Node() { Header = "Description: " + slotInfo.SlotDescription, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); Slot.Children.Add(new Node() { Header = "Token present: " + slotInfo.SlotFlags.TokenPresent, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); if (slotInfo.SlotFlags.TokenPresent) { // Show basic information about token present in the slot ITokenInfo tokenInfo = slot.GetTokenInfo(); Node Token = new Node() { Header = "Token " + tokenInfo.SerialNumber, IconURI = "resm:PKCS11Explorer.Assets.baseline_sim_card_green_18dp.png" }; Token.Children.Add(new Node() { Header = "Manufacturer: " + tokenInfo.ManufacturerId, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); Token.Children.Add(new Node() { Header = "Model: " + tokenInfo.Model, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); Token.Children.Add(new Node() { Header = "Serial number: " + tokenInfo.SerialNumber, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); Token.Children.Add(new Node() { Header = "Label: " + tokenInfo.Label, IconURI = "resm:PKCS11Explorer.Assets.baseline_info_blue_18dp.png" }); /* * if (tokenInfo.FreePublicMemory != uint.MaxValue) * Token.Children.Add(new Node() { Header = "Available public objects memory: " + tokenInfo.FreePublicMemory + " / " + tokenInfo.TotalPublicMemory, IconURI = "resm:PKCS11Explorer.Assets.baseline_memory_black_18dp.png" }); * if (tokenInfo.TotalPrivateMemory != uint.MaxValue) * Token.Children.Add(new Node() { Header = "Available private objects memory: " + tokenInfo.FreePrivateMemory + " / " + tokenInfo.TotalPrivateMemory, IconURI = "resm:PKCS11Explorer.Assets.baseline_memory_black_18dp.png" }); */ // Show public keys name Node pubkeyNode = new Node() { Header = "Public keys", IconURI = "resm:PKCS11Explorer.Assets.baseline_search_grey_18dp.png" }; using (ISession session = slot.OpenSession(SessionType.ReadOnly)) { // Do something interesting in RO session var attrList = new List <IObjectAttribute>(); attrList.Add(Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_PUBLIC_KEY)); attrList.Add(Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true)); var objects = session.FindAllObjects(attrList); foreach (var obj in objects) { if (obj.ObjectId != CK.CK_INVALID_HANDLE) { var objectHandle = Factories.ObjectHandleFactory.Create(obj.ObjectId); List <CKA> attributes = new List <CKA>(); attributes.Add(CKA.CKA_LABEL); List <IObjectAttribute> objectAttributes = session.GetAttributeValue(objectHandle, attributes); pubkeyNode.Children.Add(new Node() { Header = objectAttributes[0].GetValueAsString(), IconURI = "resm:PKCS11Explorer.Assets.baseline_vpn_key_green_18dp.png" }); Console.WriteLine("Found: " + objectAttributes[0].GetValueAsString()); } } session.CloseSession(); } Token.Children.Add(pubkeyNode); // Show private keys name /*Node privkeyNode = new Node() { Header = "Private keys", IconURI = "resm:PKCS11Explorer.Assets.baseline_search_black_18dp.png" }; * using (ISession session = slot.OpenSession(SessionType.ReadOnly)) * { * session.Login(CKU.CKU_USER, ""); * // Do something interesting in RO session * var attrList = new List<IObjectAttribute>(); * attrList.Add(factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY)); * attrList.Add(factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true)); * var objects = session.FindAllObjects(attrList); * foreach (var obj in objects) * { * if (obj.ObjectId != CK.CK_INVALID_HANDLE) * { * var objectHandle = factories.ObjectHandleFactory.Create(obj.ObjectId); * List<CKA> attributes = new List<CKA>(); * attributes.Add(CKA.CKA_LABEL); * List<IObjectAttribute> objectAttributes = session.GetAttributeValue(objectHandle, attributes); * privkeyNode.Children.Add(new Node() { Header = objectAttributes[0].GetValueAsString(), IconURI = "resm:PKCS11Explorer.Assets.baseline_vpn_key_black_18dp.png" }); * Console.WriteLine("Found: " + objectAttributes[0].GetValueAsString()); * } * } * session.Logout(); * session.CloseSession(); * } * Token.Children.Add(privkeyNode); */ // Show certs name Node certsNode = new Node() { Header = "Certificates", IconURI = "resm:PKCS11Explorer.Assets.baseline_search_grey_18dp.png" }; using (ISession session = slot.OpenSession(SessionType.ReadOnly)) { // Do something interesting in RO session var attrList = new List <IObjectAttribute>(); attrList.Add(Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_CERTIFICATE)); attrList.Add(Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true)); var objects = session.FindAllObjects(attrList); foreach (var obj in objects) { if (obj.ObjectId != CK.CK_INVALID_HANDLE) { var objectHandle = Factories.ObjectHandleFactory.Create(obj.ObjectId); List <CKA> attributes = new List <CKA>(); attributes.Add(CKA.CKA_LABEL); List <IObjectAttribute> objectAttributes = session.GetAttributeValue(objectHandle, attributes); certsNode.Children.Add(new Node() { Header = objectAttributes[0].GetValueAsString(), IconURI = "resm:PKCS11Explorer.Assets.baseline_list_alt_green_18dp.png" }); Console.WriteLine("Found: " + objectAttributes[0].GetValueAsString()); } } session.CloseSession(); } Token.Children.Add(certsNode); // Show list of mechanisms (algorithms) supported by the token Node SupportedMechanisms = new Node() { Header = "Supported mechanisms", IconURI = "resm:PKCS11Explorer.Assets.baseline_memory_grey_18dp.png" }; foreach (CKM mechanism in slot.GetMechanismList()) { SupportedMechanisms.Children.Add(new Node() { Header = mechanism.ToString(), IconURI = "resm:PKCS11Explorer.Assets.baseline_check_circle_green_18dp.png" }); } Token.Children.Add(SupportedMechanisms); Slot.Children.Add(Token); } Assert.AssertTrue(slot.GetTokenInfo().RwSessionCount == 0); Assert.AssertTrue(slot.GetTokenInfo().SessionCount == 0); Tree.Children.Add(Slot); } ListForTreeviewFinished?.Invoke(Tree, new ListForTreeviewEventArgs() { MainNode = Tree, Success = true }); } catch (Net.Pkcs11Interop.Common.UnmanagedException exception) { ListForTreeviewFinished?.Invoke(exception, new ListForTreeviewEventArgs() { UnmanagedException = exception, Success = false }); } catch (Net.Pkcs11Interop.Common.Pkcs11Exception exception) { ListForTreeviewFinished?.Invoke(exception, new ListForTreeviewEventArgs() { Pkcs11Exception = exception, Success = false }); } return; }
public void _04_TokenInfoMatches() { using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { List <ISlot> slots = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent); Assert.IsTrue(slots != null && slots.Count > 0); ITokenInfo tokenInfo = slots[0].GetTokenInfo(); // Empty URI Pkcs11Uri pkcs11uri = new Pkcs11Uri(@"pkcs11:"); Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo)); // Unknown path attribute in URI pkcs11uri = new Pkcs11Uri(@"pkcs11:vendor=foobar"); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo)); // All attributes matching Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.Token = tokenInfo.Label; pkcs11UriBuilder.Manufacturer = tokenInfo.ManufacturerId; pkcs11UriBuilder.Serial = tokenInfo.SerialNumber; pkcs11UriBuilder.Model = tokenInfo.Model; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo)); // Token nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.Token = "foobar"; pkcs11UriBuilder.Manufacturer = tokenInfo.ManufacturerId; pkcs11UriBuilder.Serial = tokenInfo.SerialNumber; pkcs11UriBuilder.Model = tokenInfo.Model; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo)); // Manufacturer nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.Token = tokenInfo.Label; pkcs11UriBuilder.Manufacturer = "foobar"; pkcs11UriBuilder.Serial = tokenInfo.SerialNumber; pkcs11UriBuilder.Model = tokenInfo.Model; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo)); // Serial nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.Token = tokenInfo.Label; pkcs11UriBuilder.Manufacturer = tokenInfo.ManufacturerId; pkcs11UriBuilder.Serial = "foobar"; pkcs11UriBuilder.Model = tokenInfo.Model; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo)); // Model nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.Token = tokenInfo.Label; pkcs11UriBuilder.Manufacturer = tokenInfo.ManufacturerId; pkcs11UriBuilder.Serial = tokenInfo.SerialNumber; pkcs11UriBuilder.Model = "foobar"; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo)); } }