public void TestTimeoutSignAndVerify(string subPath, string nestDir)
{
using (var signer = new TimeoutSigner(Util.TestDataPath(TEST_DATA, subPath, nestDir)))
using (var verifier = new TimeoutVerifier(Util.TestDataPath(TEST_DATA, subPath, nestDir)))
{
// Create a signature that will be valid for a long time
var sig = signer.Sign(input, DateTime.Now.AddDays(365));
Expect(signer.Verify(input, sig), Is.True);
Expect(verifier.Verify(input, sig), Is.True);
// Create a signature that is already expired
sig = signer.Sign(input, DateTime.Now.AddDays(-1));
Expect(signer.Verify(input, sig), Is.False);
Expect(verifier.Verify(input, sig), Is.False);
// Create a valid signature, let it expire, and check that it is now invalid
var nearExpiration = DateTime.Now.AddSeconds(5);
sig = signer.Sign(input, nearExpiration);
Expect(verifier.Verify(input, sig), Is.True);
while (DateTime.Now < nearExpiration)
{
Thread.Sleep(1000);
}
Expect(verifier.Verify(input, sig), Is.False);
}
}
public void TestTimeoutSignAndVerify(string subPath)
{
using (var signer = new TimeoutSigner(Util.TestDataPath(TEST_DATA, subPath)))
{
var streamInput = new MemoryStream();
streamInput.Write(new byte[ExtraDataLength], 0, ExtraDataLength);
using (Utility.ResetStreamWhenFinished(streamInput))
{
InputStream.CopyTo(streamInput);
streamInput.Write(new byte[ExtraDataLength], 0, ExtraDataLength);
}
Expect(streamInput.Position, Is.EqualTo(ExtraDataLength));
byte[] sig;
// Create a signature that will be valid for a long time
using (Utility.ResetStreamWhenFinished(streamInput))
sig = signer.Sign(streamInput, DateTime.Now.AddDays(365), InputStream.Length);
Expect(streamInput.Position, Is.EqualTo(ExtraDataLength));
Expect(signer.Verify(streamInput, sig, InputStream.Length), Is.True);
Expect(streamInput.Position, Is.EqualTo(InputStream.Length + ExtraDataLength));
}
}
protected int TakeAction(IKeySet keyset, Stream inStream, Stream outStream, Stream outStream2, IKeySet keyset2)
{
if ((WireFormat.IsNullOrEmpty(_format) &&
(keyset.Metadata.Purpose == KeyPurpose.DecryptAndEncrypt ||
keyset.Metadata.Purpose == KeyPurpose.Encrypt)) ||
_format == WireFormat.Crypt
)
{
using (var ucrypter = new Encrypter(keyset))
{
var err = UseCompression(ucrypter);
if (err != 0)
{
return(err);
}
ucrypter.Encrypt(inStream, outStream);
}
}
else if (WireFormat.IsNullOrEmpty(_format) || _format == WireFormat.Sign)
{
using (var signer = new Signer(keyset))
{
var sig = signer.Sign(inStream);
outStream.Write(sig, 0, sig.Length);
}
}
else if (_format == WireFormat.SignTimeout)
{
using (var signer = new TimeoutSigner(keyset))
{
var sig = signer.Sign(inStream, _expires.GetValueOrDefault());
outStream.Write(sig, 0, sig.Length);
}
}
else if (_format == WireFormat.SignAttached)
{
using (var signer = new AttachedSigner(keyset))
{
byte[] hidden = null;
if (!String.IsNullOrWhiteSpace(_attachedHidden))
{
hidden = Keyczar.Keyczar.RawStringEncoding.GetBytes(_attachedHidden);
}
signer.Sign(inStream, outStream, hidden);
}
}
else if (_format == WireFormat.SignVanilla || _format == WireFormat.SignUnversioned)
{
using (var signer = new Keyczar.Compat.VanillaSigner(keyset))
{
var sig = signer.Sign(inStream);
outStream.Write(sig, 0, sig.Length);
}
}
else if (_format == WireFormat.CryptSession)
{
using (var crypter = new Encrypter(keyset))
using (var sessionCrypter = new SessionCrypter(crypter))
{
var err = UseCompression(sessionCrypter);
if (err != 0)
{
return(err);
}
var materials = sessionCrypter.SessionMaterial.ToBytes();
outStream.Write(materials, 0, materials.Length);
sessionCrypter.Encrypt(inStream, outStream2);
}
}
else if (_format == WireFormat.CryptSignedSession)
{
if (keyset2 == null)
{
Console.WriteLine(Localized.MsgRequiresLocation2);
return(-1);
}
using (var crypter = new Encrypter(keyset))
using (var signer = new AttachedSigner(keyset2))
using (var sessionCrypter = new SessionCrypter(crypter, signer))
{
var err = UseCompression(sessionCrypter);
if (err != 0)
{
return(err);
}
var materials = sessionCrypter.SessionMaterial.ToBytes();
outStream.Write(materials, 0, materials.Length);
sessionCrypter.Encrypt(inStream, outStream2);
}
}
else
{
Console.WriteLine(Localized.MsgUnknownFormat, _format);
return(-1);
}
return(0);
}
//Asymentric key genteration is too slow
//[TestCase("rsa_priv", "rsa", "1024", "crypt")]
//[TestCase("rsa_priv", "rsa-sign", "1024", "sign")]
//[TestCase("dsa_priv", "dsa", "1024", "sign")]
public void CreateKeyCollision(string key, string dir, string sizeString, string purpose)
{
var crypt = purpose == "crypt";
var purp = crypt ? KeyPurpose.DecryptAndEncrypt : KeyPurpose.SignAndVerify;
KeyType ktype = key;
int size = int.Parse(sizeString);
IDictionary <int, Key> keys = new Dictionary <int, Key>();
var kspath = Util.TestDataPath(WRITE_DATA, dir, "key-collision");
var writer = new KeySetWriter(kspath, overwrite: true);
using (var ks = CreateNewKeySet(ktype, purp))
{
var success = ks.Save(writer);
Expect(success, Is.True);
}
long count = 0;
Key newKey2;
using (var ks = new MutableKeySet(kspath))
{
Key newKey1;
while (true)
{
newKey1 = Key.Generate(ktype, size);
int newHash = Utility.ToInt32(newKey1.GetKeyHash());
count++;
if (keys.TryGetValue(newHash, out newKey2))
{
break;
}
keys.Add(newHash, newKey1);
}
Console.WriteLine("Created {1} collision after {0} iterations", count, dir);
var ver = ks.AddKey(KeyStatus.Primary, newKey1);
Expect(ver, Is.EqualTo(1));
var success = ks.Save(writer);
Expect(success, Is.True);
}
if (crypt)
{
using (var encrypter = new Encrypter(kspath))
{
var ciphertext = encrypter.Encrypt(input);
File.WriteAllText(Path.Combine(kspath, "1.out"), ciphertext);
}
}
else
{
using (var signer = new Signer(kspath))
{
var ciphertext = signer.Sign(input);
File.WriteAllText(Path.Combine(kspath, "1.out"), ciphertext);
}
using (var signer = new TimeoutSigner(kspath))
{
var ciphertext = signer.Sign(input, new DateTime(2012, 12, 21, 11, 11, 0, DateTimeKind.Utc));
File.WriteAllText(Path.Combine(kspath, "1.timeout"), ciphertext);
}
using (var signer = new AttachedSigner(kspath))
{
var ciphertext = signer.Sign(input);
File.WriteAllText(Path.Combine(kspath, "1.attached"), ciphertext);
}
using (var signer = new AttachedSigner(kspath))
{
var ciphertext = signer.Sign(input, Encoding.UTF8.GetBytes("secret"));
File.WriteAllText(Path.Combine(kspath, "1.secret.attached"), ciphertext);
}
}
using (var ks = new MutableKeySet(kspath))
{
var ver = ks.AddKey(KeyStatus.Primary, newKey2);
Expect(ver, Is.EqualTo(2));
var success = ks.Save(writer);
Expect(success, Is.True);
}
if (crypt)
{
using (var encrypter = new Encrypter(kspath))
{
var ciphertext = encrypter.Encrypt(input);
File.WriteAllText(Path.Combine(kspath, "2.out"), ciphertext);
}
}
else
{
using (var signer = new Signer(kspath))
{
var ciphertext = signer.Sign(input);
File.WriteAllText(Path.Combine(kspath, "2.out"), ciphertext);
}
using (var signer = new TimeoutSigner(kspath))
{
var ciphertext = signer.Sign(input, new DateTime(2012, 12, 21, 11, 11, 0, DateTimeKind.Utc));
File.WriteAllText(Path.Combine(kspath, "2.timeout"), ciphertext);
}
using (var signer = new AttachedSigner(kspath))
{
var ciphertext = signer.Sign(input);
File.WriteAllText(Path.Combine(kspath, "2.atttached"), ciphertext);
}
using (var signer = new AttachedSigner(kspath))
{
var ciphertext = signer.Sign(input, Encoding.UTF8.GetBytes("secret"));
File.WriteAllText(Path.Combine(kspath, "2.secret.atttached"), ciphertext);
}
}
}
