public void TestTimeoutSignAndVerify(string subPath, string nestDir) { using (var signer = new TimeoutSigner(Util.TestDataPath(TEST_DATA, subPath, nestDir))) using (var verifier = new TimeoutVerifier(Util.TestDataPath(TEST_DATA, subPath, nestDir))) { // Create a signature that will be valid for a long time var sig = signer.Sign(input, DateTime.Now.AddDays(365)); Expect(signer.Verify(input, sig), Is.True); Expect(verifier.Verify(input, sig), Is.True); // Create a signature that is already expired sig = signer.Sign(input, DateTime.Now.AddDays(-1)); Expect(signer.Verify(input, sig), Is.False); Expect(verifier.Verify(input, sig), Is.False); // Create a valid signature, let it expire, and check that it is now invalid var nearExpiration = DateTime.Now.AddSeconds(5); sig = signer.Sign(input, nearExpiration); Expect(verifier.Verify(input, sig), Is.True); while (DateTime.Now < nearExpiration) { Thread.Sleep(1000); } Expect(verifier.Verify(input, sig), Is.False); } }
public void TestTimeoutSignAndVerify(string subPath) { using (var signer = new TimeoutSigner(Util.TestDataPath(TEST_DATA, subPath))) { var streamInput = new MemoryStream(); streamInput.Write(new byte[ExtraDataLength], 0, ExtraDataLength); using (Utility.ResetStreamWhenFinished(streamInput)) { InputStream.CopyTo(streamInput); streamInput.Write(new byte[ExtraDataLength], 0, ExtraDataLength); } Expect(streamInput.Position, Is.EqualTo(ExtraDataLength)); byte[] sig; // Create a signature that will be valid for a long time using (Utility.ResetStreamWhenFinished(streamInput)) sig = signer.Sign(streamInput, DateTime.Now.AddDays(365), InputStream.Length); Expect(streamInput.Position, Is.EqualTo(ExtraDataLength)); Expect(signer.Verify(streamInput, sig, InputStream.Length), Is.True); Expect(streamInput.Position, Is.EqualTo(InputStream.Length + ExtraDataLength)); } }
protected int TakeAction(IKeySet keyset, Stream inStream, Stream outStream, Stream outStream2, IKeySet keyset2) { if ((WireFormat.IsNullOrEmpty(_format) && (keyset.Metadata.Purpose == KeyPurpose.DecryptAndEncrypt || keyset.Metadata.Purpose == KeyPurpose.Encrypt)) || _format == WireFormat.Crypt ) { using (var ucrypter = new Encrypter(keyset)) { var err = UseCompression(ucrypter); if (err != 0) { return(err); } ucrypter.Encrypt(inStream, outStream); } } else if (WireFormat.IsNullOrEmpty(_format) || _format == WireFormat.Sign) { using (var signer = new Signer(keyset)) { var sig = signer.Sign(inStream); outStream.Write(sig, 0, sig.Length); } } else if (_format == WireFormat.SignTimeout) { using (var signer = new TimeoutSigner(keyset)) { var sig = signer.Sign(inStream, _expires.GetValueOrDefault()); outStream.Write(sig, 0, sig.Length); } } else if (_format == WireFormat.SignAttached) { using (var signer = new AttachedSigner(keyset)) { byte[] hidden = null; if (!String.IsNullOrWhiteSpace(_attachedHidden)) { hidden = Keyczar.Keyczar.RawStringEncoding.GetBytes(_attachedHidden); } signer.Sign(inStream, outStream, hidden); } } else if (_format == WireFormat.SignVanilla || _format == WireFormat.SignUnversioned) { using (var signer = new Keyczar.Compat.VanillaSigner(keyset)) { var sig = signer.Sign(inStream); outStream.Write(sig, 0, sig.Length); } } else if (_format == WireFormat.CryptSession) { using (var crypter = new Encrypter(keyset)) using (var sessionCrypter = new SessionCrypter(crypter)) { var err = UseCompression(sessionCrypter); if (err != 0) { return(err); } var materials = sessionCrypter.SessionMaterial.ToBytes(); outStream.Write(materials, 0, materials.Length); sessionCrypter.Encrypt(inStream, outStream2); } } else if (_format == WireFormat.CryptSignedSession) { if (keyset2 == null) { Console.WriteLine(Localized.MsgRequiresLocation2); return(-1); } using (var crypter = new Encrypter(keyset)) using (var signer = new AttachedSigner(keyset2)) using (var sessionCrypter = new SessionCrypter(crypter, signer)) { var err = UseCompression(sessionCrypter); if (err != 0) { return(err); } var materials = sessionCrypter.SessionMaterial.ToBytes(); outStream.Write(materials, 0, materials.Length); sessionCrypter.Encrypt(inStream, outStream2); } } else { Console.WriteLine(Localized.MsgUnknownFormat, _format); return(-1); } return(0); }
//Asymentric key genteration is too slow //[TestCase("rsa_priv", "rsa", "1024", "crypt")] //[TestCase("rsa_priv", "rsa-sign", "1024", "sign")] //[TestCase("dsa_priv", "dsa", "1024", "sign")] public void CreateKeyCollision(string key, string dir, string sizeString, string purpose) { var crypt = purpose == "crypt"; var purp = crypt ? KeyPurpose.DecryptAndEncrypt : KeyPurpose.SignAndVerify; KeyType ktype = key; int size = int.Parse(sizeString); IDictionary <int, Key> keys = new Dictionary <int, Key>(); var kspath = Util.TestDataPath(WRITE_DATA, dir, "key-collision"); var writer = new KeySetWriter(kspath, overwrite: true); using (var ks = CreateNewKeySet(ktype, purp)) { var success = ks.Save(writer); Expect(success, Is.True); } long count = 0; Key newKey2; using (var ks = new MutableKeySet(kspath)) { Key newKey1; while (true) { newKey1 = Key.Generate(ktype, size); int newHash = Utility.ToInt32(newKey1.GetKeyHash()); count++; if (keys.TryGetValue(newHash, out newKey2)) { break; } keys.Add(newHash, newKey1); } Console.WriteLine("Created {1} collision after {0} iterations", count, dir); var ver = ks.AddKey(KeyStatus.Primary, newKey1); Expect(ver, Is.EqualTo(1)); var success = ks.Save(writer); Expect(success, Is.True); } if (crypt) { using (var encrypter = new Encrypter(kspath)) { var ciphertext = encrypter.Encrypt(input); File.WriteAllText(Path.Combine(kspath, "1.out"), ciphertext); } } else { using (var signer = new Signer(kspath)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, "1.out"), ciphertext); } using (var signer = new TimeoutSigner(kspath)) { var ciphertext = signer.Sign(input, new DateTime(2012, 12, 21, 11, 11, 0, DateTimeKind.Utc)); File.WriteAllText(Path.Combine(kspath, "1.timeout"), ciphertext); } using (var signer = new AttachedSigner(kspath)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, "1.attached"), ciphertext); } using (var signer = new AttachedSigner(kspath)) { var ciphertext = signer.Sign(input, Encoding.UTF8.GetBytes("secret")); File.WriteAllText(Path.Combine(kspath, "1.secret.attached"), ciphertext); } } using (var ks = new MutableKeySet(kspath)) { var ver = ks.AddKey(KeyStatus.Primary, newKey2); Expect(ver, Is.EqualTo(2)); var success = ks.Save(writer); Expect(success, Is.True); } if (crypt) { using (var encrypter = new Encrypter(kspath)) { var ciphertext = encrypter.Encrypt(input); File.WriteAllText(Path.Combine(kspath, "2.out"), ciphertext); } } else { using (var signer = new Signer(kspath)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, "2.out"), ciphertext); } using (var signer = new TimeoutSigner(kspath)) { var ciphertext = signer.Sign(input, new DateTime(2012, 12, 21, 11, 11, 0, DateTimeKind.Utc)); File.WriteAllText(Path.Combine(kspath, "2.timeout"), ciphertext); } using (var signer = new AttachedSigner(kspath)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, "2.atttached"), ciphertext); } using (var signer = new AttachedSigner(kspath)) { var ciphertext = signer.Sign(input, Encoding.UTF8.GetBytes("secret")); File.WriteAllText(Path.Combine(kspath, "2.secret.atttached"), ciphertext); } } }