private static Mechanism SelectMechanism(string id) { //dataEnvelope EncryptionAlgOid //2.16.840.1.101.3.4.1.2 //DerObjectIdentifier("2.16.840.1.101.3.4") + HashAlgs.Branch("1" = IdSha256) + DerObjectIdentifier(Aes + ".2" = IdAes128Cbc) Mechanism mechanism; if (id == PkcsObjectIdentifiers.IdRsaesOaep.Id) { // RecipientInfos //1.2.840.113549.1.1.7 //pkcs1 + .7 (.7 = IdRsaesOaep) var mechanismParams = new CkRsaPkcsOaepParams( (ulong)CKM.CKM_SHA_1, (ulong)CKG.CKG_MGF1_SHA1, (ulong)CKZ.CKZ_DATA_SPECIFIED, null); mechanism = new Mechanism(CKM.CKM_RSA_PKCS_OAEP, mechanismParams); return(mechanism); } if (id == PkcsObjectIdentifiers.RsaEncryption.Id) { mechanism = new Mechanism(CKM.CKM_RSA_PKCS); return(mechanism); } throw new NotSupportedException(string.Format("No supported HSM mechanisms for pkcs-1 OBJECT IDENTIFIER ::={{iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }}{0}", id)); }
public void _03_EncryptAndDecryptSinglePartOaepTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 1) { Assert.Inconclusive("Test cannot be executed on this platform"); } using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate key pair ObjectHandle publicKey = null; ObjectHandle privateKey = null; Helpers.GenerateKeyPair(session, out publicKey, out privateKey); // Specify mechanism parameters CkRsaPkcsOaepParams mechanismParams = new CkRsaPkcsOaepParams((uint)CKM.CKM_SHA_1, (uint)CKG.CKG_MGF1_SHA1, (uint)CKZ.CKZ_DATA_SPECIFIED, null); // Specify encryption mechanism with parameters Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS_OAEP, mechanismParams); byte[] sourceData = ConvertUtils.Utf8StringToBytes("Hello world"); // Encrypt data byte[] encryptedData = session.Encrypt(mechanism, publicKey, sourceData); // Do something interesting with encrypted data // Decrypt data byte[] decryptedData = session.Decrypt(mechanism, privateKey, encryptedData); // Do something interesting with decrypted data Assert.IsTrue(Convert.ToBase64String(sourceData) == Convert.ToBase64String(decryptedData)); session.DestroyObject(privateKey); session.DestroyObject(publicKey); session.Logout(); } } }
public void _03_EncryptAndDecryptSinglePartOaepTest() { Helpers.CheckPlatform(); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(SessionType.ReadWrite)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate key pair ObjectHandle publicKey = null; ObjectHandle privateKey = null; Helpers.GenerateKeyPair(session, out publicKey, out privateKey); // Specify mechanism parameters CkRsaPkcsOaepParams mechanismParams = new CkRsaPkcsOaepParams(NativeLongUtils.ConvertFromCKM(CKM.CKM_SHA_1), NativeLongUtils.ConvertFromCKG(CKG.CKG_MGF1_SHA1), NativeLongUtils.ConvertFromUInt32(CKZ.CKZ_DATA_SPECIFIED), null); // Specify encryption mechanism with parameters Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS_OAEP, mechanismParams); byte[] sourceData = ConvertUtils.Utf8StringToBytes("Hello world"); // Encrypt data byte[] encryptedData = session.Encrypt(mechanism, publicKey, sourceData); // Do something interesting with encrypted data // Decrypt data byte[] decryptedData = session.Decrypt(mechanism, privateKey, encryptedData); // Do something interesting with decrypted data Assert.IsTrue(ConvertUtils.BytesToBase64String(sourceData) == ConvertUtils.BytesToBase64String(decryptedData)); session.DestroyObject(privateKey); session.DestroyObject(publicKey); session.Logout(); } } }