public void _01_EncryptAndDecryptSinglePartTest() { using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present ISlot slot = Helpers.GetUsableSlot(pkcs11Library); // Open RW session using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate symetric key IObjectHandle generatedKey = Helpers.GenerateKey(session); // Generate random initialization vector byte[] iv = session.GenerateRandom(8); // Specify encryption mechanism with initialization vector as parameter IMechanism mechanism = session.Factories.MechanismFactory.Create(CKM.CKM_DES3_CBC, iv); byte[] sourceData = ConvertUtils.Utf8StringToBytes("Our new password"); // Encrypt data byte[] encryptedData = session.Encrypt(mechanism, generatedKey, sourceData); // Do something interesting with encrypted data // Decrypt data byte[] decryptedData = session.Decrypt(mechanism, generatedKey, encryptedData); // Do something interesting with decrypted data Assert.IsTrue(ConvertUtils.BytesToBase64String(sourceData) == ConvertUtils.BytesToBase64String(decryptedData)); session.DestroyObject(generatedKey); session.Logout(); } } }
/// <summary> /// Generates asymetric key pair. /// </summary> /// <param name='session'>Read-write session with user logged in</param> /// <param name='publicKeyHandle'>Output parameter for public key object handle</param> /// <param name='privateKeyHandle'>Output parameter for private key object handle</param> public static void GenerateKeyPair(ISession session, out IObjectHandle publicKeyHandle, out IObjectHandle privateKeyHandle) { // The CKA_ID attribute is intended as a means of distinguishing multiple key pairs held by the same subject byte[] ckaId = session.GenerateRandom(20); // Prepare attribute template of new public key List <IObjectAttribute> publicKeyAttributes = new List <IObjectAttribute>(); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_TOKEN, true)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_PRIVATE, false)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_LABEL, Settings.ApplicationName)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_ID, ckaId)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_ENCRYPT, true)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_VERIFY, true)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_VERIFY_RECOVER, true)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_WRAP, true)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_MODULUS_BITS, 1024)); publicKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_PUBLIC_EXPONENT, new byte[] { 0x01, 0x00, 0x01 })); // Prepare attribute template of new private key List <IObjectAttribute> privateKeyAttributes = new List <IObjectAttribute>(); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_TOKEN, true)); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_PRIVATE, true)); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_LABEL, Settings.ApplicationName)); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_ID, ckaId)); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_SENSITIVE, true)); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_DECRYPT, true)); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_SIGN, true)); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_SIGN_RECOVER, true)); privateKeyAttributes.Add(Settings.Factories.ObjectAttributeFactory.CreateObjectAttribute(CKA.CKA_UNWRAP, true)); // Specify key generation mechanism IMechanism mechanism = Settings.Factories.MechanismFactory.CreateMechanism(CKM.CKM_RSA_PKCS_KEY_PAIR_GEN); // Generate key pair session.GenerateKeyPair(mechanism, publicKeyAttributes, privateKeyAttributes, out publicKeyHandle, out privateKeyHandle); }
public void _HL_20_03_EncryptAndDecrypt_Gost28147_89_CBC_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present ISlot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate symetric key IObjectHandle generatedKey = Helpers.GenerateGost28147_89Key(session); byte[] sourceData = TestData.Encrypt_CBC_Gost28147_89_ECB_SourceData; // Получение синхропосылки var random = new Random(); byte[] initVector = new byte[Settings.GOST28147_89_BLOCK_SIZE]; random.NextBytes(initVector); // Encrypt data byte[] encryptedData = Helpers.CBC_Gost28147_89_Encrypt( session, sourceData, initVector, generatedKey); // Decrypt data byte[] decryptedData = Helpers.CBC_Gost28147_89_Decrypt( session, encryptedData, initVector, generatedKey); Assert.IsTrue(Convert.ToBase64String(sourceData) == Convert.ToBase64String(decryptedData)); session.DestroyObject(generatedKey); session.Logout(); } } }
private void LoadCertPrivateKeyHandle() { //Carga del certificado List <IObjectAttribute> template = new List <IObjectAttribute>(); var f = new ObjectAttributeFactory(); template.Add(f.Create(CKA.CKA_CLASS, CKO.CKO_CERTIFICATE)); template.Add(f.Create(CKA.CKA_CERTIFICATE_TYPE, CKC.CKC_X_509)); List <IObjectHandle> pubKeyObjectHandle = session.FindAllObjects(template); List <CKA> pubKeyAttrsToRead = new List <CKA>(); pubKeyAttrsToRead.Add(CKA.CKA_LABEL); pubKeyAttrsToRead.Add(CKA.CKA_ID); pubKeyAttrsToRead.Add(CKA.CKA_VALUE); //La cédula tiene sólo un certificado List <IObjectAttribute> pubKeyAttributes = session.GetAttributeValue(pubKeyObjectHandle[0], pubKeyAttrsToRead); var certArray = pubKeyAttributes[2].GetValueAsByteArray(); X509CertificateParser _x509CertificateParser = new X509CertificateParser(); Org.BouncyCastle.X509.X509Certificate bcCert = _x509CertificateParser.ReadCertificate(certArray); //El identificador del certificado string ckaLabel = pubKeyAttributes[0].GetValueAsString(); //Recupera el handle a la clave privada utilizando el identificador del certificado template.Clear(); template.Add(f.Create(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY)); template.Add(f.Create(CKA.CKA_KEY_TYPE, CKK.CKK_RSA)); template.Add(f.Create(CKA.CKA_LABEL, ckaLabel)); privatekeyHandle = session.FindAllObjects(template)[0]; certPath = new Org.BouncyCastle.X509.X509Certificate[] { bcCert }; }
/// <summary> /// Constructs internal context for Pkcs11X509Certificate class /// </summary> /// <param name="certHandle">High level PKCS#11 object handle of certificate object</param> /// <param name="tokenContext">Internal context for Pkcs11Token class</param> /// <returns>Internal context for Pkcs11X509Certificate class</returns> private Pkcs11X509CertificateContext GetCertificateContext(IObjectHandle certHandle, Pkcs11TokenContext tokenContext) { using (ISession session = tokenContext.SlotContext.Slot.OpenSession(SessionType.ReadOnly)) { List <IObjectAttribute> objectAttributes = session.GetAttributeValue(certHandle, new List <CKA>() { CKA.CKA_ID, CKA.CKA_LABEL, CKA.CKA_VALUE }); byte[] ckaId = objectAttributes[0].GetValueAsByteArray(); string ckaLabel = objectAttributes[1].GetValueAsString(); byte[] ckaValue = objectAttributes[2].GetValueAsByteArray(); var certInfo = new Pkcs11X509CertificateInfo(ckaId, ckaLabel, ckaValue); IObjectHandle privKeyHandle = FindKey(session, CKO.CKO_PRIVATE_KEY, ckaId, ckaLabel); IObjectHandle pubKeyHandle = FindKey(session, CKO.CKO_PUBLIC_KEY, ckaId, ckaLabel); bool keyUsageRequiresLogin = (privKeyHandle == null) ? false : GetCkaAlwaysAuthenticateValue(session, privKeyHandle); return(new Pkcs11X509CertificateContext(certInfo, certHandle, privKeyHandle, pubKeyHandle, keyUsageRequiresLogin, tokenContext)); } }
public void _01_BasicDeriveKeyTest() { using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present ISlot slot = Helpers.GetUsableSlot(pkcs11Library); // Open RW session using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate symetric key IObjectHandle baseKey = Helpers.GenerateKey(session); // Generate random data needed for key derivation byte[] data = session.GenerateRandom(24); // Specify mechanism parameters ICkKeyDerivationStringData mechanismParams = Settings.Factories.MechanismParamsFactory.CreateCkKeyDerivationStringData(data); // Specify derivation mechanism with parameters IMechanism mechanism = Settings.Factories.MechanismFactory.Create(CKM.CKM_XOR_BASE_AND_DATA, mechanismParams); // Derive key IObjectHandle derivedKey = session.DeriveKey(mechanism, baseKey, null); // Do something interesting with derived key Assert.IsTrue(derivedKey.ObjectId != CK.CK_INVALID_HANDLE); session.DestroyObject(baseKey); session.DestroyObject(derivedKey); session.Logout(); } } }
/// <summary> /// Generates asymetric key pair. /// </summary> /// <param name = 'session' > Read - write session with user logged in</param> /// <param name = 'publicKeyHandle' > Output parameter for public key object handle</param> /// <param name = 'privateKeyHandle' > Output parameter for private key object handle</param> public static void GenerateGost512KeyPair(ISession session, out IObjectHandle publicKeyHandle, out IObjectHandle privateKeyHandle, string keyPairId) { // Шаблон для генерации открытого ключа ГОСТ Р 34.10-2012 (256 бит) var publicKeyAttributes = new List <IObjectAttribute>() { Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_PUBLIC_KEY), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_LABEL, Settings.Gost512PublicKeyLabel), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_ID, keyPairId), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_KEY_TYPE, (uint)Extended_CKK.CKK_GOSTR3410_512), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_PRIVATE, false), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_GOSTR3410_PARAMS, Settings.GostR3410_512_Parameters) }; // Шаблон для генерации закрытого ключа ГОСТ Р 34.10-2012 (256 бит) var privateKeyAttributes = new List <IObjectAttribute>() { Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_LABEL, Settings.Gost512PrivateKeyLabel), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_ID, keyPairId), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_KEY_TYPE, (uint)Extended_CKK.CKK_GOSTR3410_512), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_PRIVATE, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_DERIVE, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_GOSTR3410_PARAMS, Settings.GostR3410_512_Parameters), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_GOSTR3411_PARAMS, Settings.GostR3411_512_Parameters) }; // Specify key generation mechanism var mechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_GOSTR3410_512_KEY_PAIR_GEN); // Generate key pair session.GenerateKeyPair(mechanism, publicKeyAttributes, privateKeyAttributes, out publicKeyHandle, out privateKeyHandle); Assert.IsTrue(publicKeyHandle.ObjectId != CK.CK_INVALID_HANDLE); Assert.IsTrue(privateKeyHandle.ObjectId != CK.CK_INVALID_HANDLE); }
public static void Derive_GostR3410_12_Key(ISession session, IObjectHandle publicKeyHandle, IObjectHandle privateKeyHandle, byte[] ukm, out IObjectHandle derivedKeyHandle) { // Шаблон для создания ключа обмена var derivedKeyAttributes = new List <IObjectAttribute> { Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_SECRET_KEY), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_LABEL, Settings.DerivedGost28147_89KeyLabel), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_KEY_TYPE, CKK.CKK_GOST28147), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, false), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_MODIFIABLE, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_PRIVATE, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_EXTRACTABLE, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_SENSITIVE, false) }; // Получаем публичный ключ по его Id var attributes = new List <CKA> { CKA.CKA_VALUE }; List <IObjectAttribute> publicKeyAttributes = session.GetAttributeValue(publicKeyHandle, attributes); // Определение параметров механизма наследования ключа var deriveMechanismParams = Settings.Factories.RutokenMechanismParamsFactory.CreateCkGostR3410_12_DeriveParams( (ulong)Extended_CKD.CKD_KDF_GOSTR3411_2012_256, publicKeyAttributes[0].GetValueAsByteArray(), ukm); // Определяем механизм наследования ключа IMechanism deriveMechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_GOSTR3410_12_DERIVE, deriveMechanismParams); // Наследуем ключ derivedKeyHandle = session.DeriveKey(deriveMechanism, privateKeyHandle, derivedKeyAttributes); Assert.IsTrue(derivedKeyHandle.ObjectId != CK.CK_INVALID_HANDLE); }
public void _HL_20_06_EncryptAndDecrypt_Magma_ECB_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Установление соединения с Рутокен в первом доступном слоте IRutokenSlot slot = Helpers.GetUsableSlot(pkcs11); // Открытие RW сессии using (ISession session = slot.OpenRutokenSession(SessionType.ReadWrite)) { // Выполнение аутентификации пользователя session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Генерация ключей для шифрования Магма // Generate symetric key IObjectHandle generatedKey = Helpers.GenerateMagmaKey(session); var mechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_MAGMA_ECB); byte[] sourceData = TestData.Encrypt_Gost28147_89_ECB_SourceData; // Encrypt data byte[] encryptedData = session.Encrypt(mechanism, generatedKey, sourceData); // Decrypt data byte[] decryptedData = session.Decrypt(mechanism, generatedKey, encryptedData); Assert.IsTrue(Convert.ToBase64String(sourceData) == Convert.ToBase64String(decryptedData)); session.DestroyObject(generatedKey); // Завершение сессии session.Logout(); } } }
public void _02_GetInvalidAttributeValueTest() { using (IPkcs11 pkcs11 = Settings.Factories.Pkcs11Factory.CreatePkcs11(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present ISlot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate key pair IObjectHandle publicKey = null; IObjectHandle privateKey = null; Helpers.GenerateKeyPair(session, out publicKey, out privateKey); // Prepare list of empty attributes we want to read List <CKA> attributes = new List <CKA>(); attributes.Add(CKA.CKA_LABEL); attributes.Add(CKA.CKA_VALUE); // Get value of specified attributes List <IObjectAttribute> objectAttributes = session.GetAttributeValue(privateKey, attributes); // Do something interesting with attribute value Assert.IsTrue(objectAttributes[0].GetValueAsString() == Settings.ApplicationName); Assert.IsTrue(objectAttributes[1].CannotBeRead == true); session.DestroyObject(privateKey); session.DestroyObject(publicKey); session.Logout(); } } }
public void _HL_21_05_SignAndVerify_MagmaMac_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Установление соединения с Рутокен в первом доступном слоте ISlot slot = Helpers.GetUsableSlot(pkcs11); // Открытие RW сессии using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { // Выполнение аутентификации пользователя session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Генерация ключей для шифрования Магма // Generate symetric key IObjectHandle generatedKey = Helpers.GenerateMagmaKey(session, Helpers.KeyDestenation.ForSigVer); // Инициализация хэш-функции var signMechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_MAGMA_MAC); byte[] sourceData = TestData.Digest_Gost3411_SourceData; // Подпись данных byte[] signature = session.Sign(signMechanism, generatedKey, sourceData); // Проверка подписи для данных bool isValid = false; session.Verify(signMechanism, generatedKey, sourceData, signature, out isValid); Assert.IsTrue(isValid); session.DestroyObject(generatedKey); session.Logout(); } } }
/// <summary> /// Generates asymetric key pair. /// </summary> /// <param name = 'session' > Read - write session with user logged in</param> /// <param name = 'publicKeyHandle' > Output parameter for public key object handle</param> /// <param name = 'privateKeyHandle' > Output parameter for private key object handle</param> /// <param name="keyPairId"></param> public static void GenerateRSAKeyPair(ISession session, out IObjectHandle publicKeyHandle, out IObjectHandle privateKeyHandle, string keyPairId) { // Шаблон для генерации открытого ключа ГОСТ Р 34.10-2001 var publicKeyAttributes = new List <IObjectAttribute>() { Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_PUBLIC_KEY), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_LABEL, Settings.RsaPublicKeyLabel), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_ID, keyPairId), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_KEY_TYPE, CKK.CKK_RSA), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_ENCRYPT, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_PRIVATE, false), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_MODULUS_BITS, Settings.RsaModulusBits) }; // Шаблон для генерации закрытого ключа ГОСТ Р 34.10-2001 var privateKeyAttributes = new List <IObjectAttribute>() { Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_LABEL, Settings.RsaPrivateKeyLabel), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_ID, keyPairId), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_KEY_TYPE, CKK.CKK_RSA), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_DECRYPT, true), Settings.Factories.ObjectAttributeFactory.Create(CKA.CKA_PRIVATE, true), }; // Specify key generation mechanism var mechanism = Settings.Factories.MechanismFactory.Create(CKM.CKM_RSA_PKCS_KEY_PAIR_GEN); // Generate key pair session.GenerateKeyPair(mechanism, publicKeyAttributes, privateKeyAttributes, out publicKeyHandle, out privateKeyHandle); Assert.IsTrue(publicKeyHandle.ObjectId != CK.CK_INVALID_HANDLE); Assert.IsTrue(privateKeyHandle.ObjectId != CK.CK_INVALID_HANDLE); }
/// <summary> /// Initializes a new instance of the CkEcdh2DeriveParams class. /// </summary> /// <param name='kdf'>Key derivation function used on the shared secret value (CKD)</param> /// <param name='sharedData'>Some data shared between the two parties</param> /// <param name='publicData'>Other party's first EC public key value</param> /// <param name='privateDataLen'>The length in bytes of the second EC private key</param> /// <param name='privateData'>Key handle for second EC private key value</param> /// <param name='publicData2'>Other party's second EC public key value</param> public CkEcdh2DeriveParams(NativeULong kdf, byte[] sharedData, byte[] publicData, NativeULong privateDataLen, IObjectHandle privateData, byte[] publicData2) { _lowLevelStruct.Kdf = 0; _lowLevelStruct.SharedDataLen = 0; _lowLevelStruct.SharedData = IntPtr.Zero; _lowLevelStruct.PublicDataLen = 0; _lowLevelStruct.PublicData = IntPtr.Zero; _lowLevelStruct.PrivateDataLen = 0; _lowLevelStruct.PrivateData = 0; _lowLevelStruct.PublicDataLen2 = 0; _lowLevelStruct.PublicData2 = IntPtr.Zero; _lowLevelStruct.Kdf = kdf; if (sharedData != null) { _lowLevelStruct.SharedData = UnmanagedMemory.Allocate(sharedData.Length); UnmanagedMemory.Write(_lowLevelStruct.SharedData, sharedData); _lowLevelStruct.SharedDataLen = ConvertUtils.UInt64FromInt32(sharedData.Length); } if (publicData != null) { _lowLevelStruct.PublicData = UnmanagedMemory.Allocate(publicData.Length); UnmanagedMemory.Write(_lowLevelStruct.PublicData, publicData); _lowLevelStruct.PublicDataLen = ConvertUtils.UInt64FromInt32(publicData.Length); } _lowLevelStruct.PrivateDataLen = privateDataLen; if (privateData == null) { throw new ArgumentNullException("privateData"); } _lowLevelStruct.PrivateData = ConvertUtils.UInt64FromUInt64(privateData.ObjectId); if (publicData2 != null) { _lowLevelStruct.PublicData2 = UnmanagedMemory.Allocate(publicData2.Length); UnmanagedMemory.Write(_lowLevelStruct.PublicData2, publicData2); _lowLevelStruct.PublicDataLen2 = ConvertUtils.UInt64FromInt32(publicData2.Length); } }
public bool TryGetVariableAndWrap(string name, IScriptModule module, out IObjectHandle obj) { return(_engine.TryGetVariableAndWrap(name, module, out obj)); }
public IObjectHandle CallObject(IObjectHandle obj, IScriptModule module, params object[] args) { return(_engine.CallObject(obj, module, args)); }
public IObjectHandle CallObject(IObjectHandle obj, params object[] args) { return(_engine.CallObject(obj, args)); }
public bool IsObjectCallable(IObjectHandle obj, IScriptModule module) { return(_engine.IsObjectCallable(obj, module)); }
public bool IsObjectCallable(IObjectHandle obj) { return(_engine.IsObjectCallable(obj)); }
public string GetObjectDocumentation(IObjectHandle obj) { return(_engine.GetObjectDocumentation(obj)); }
public bool TryGetObjectMemberValue(IObjectHandle obj, string name, IScriptModule module, out IObjectHandle value) { return(_engine.TryGetObjectMemberValue(obj, name, module, out value)); }
/// <summary> /// Creates parameters for the CKM_KIP_DERIVE, CKM_KIP_WRAP and CKM_KIP_MAC mechanisms /// </summary> /// <param name='mechanism'>Underlying cryptographic mechanism (CKM)</param> /// <param name='key'>Handle to a key that will contribute to the entropy of the derived key (CKM_KIP_DERIVE) or will be used in the MAC operation (CKM_KIP_MAC)</param> /// <param name='seed'>Input seed</param> /// <returns>Parameters for the CKM_KIP_DERIVE, CKM_KIP_WRAP and CKM_KIP_MAC mechanisms</returns> public ICkKipParams CreateCkKipParams(ulong? mechanism, IObjectHandle key, byte[] seed) { return _factory.CreateCkKipParams(mechanism, key, seed); }
/// <summary> /// Creates parameters for the CKM_CMS_SIG mechanism /// </summary> /// <param name='certificateHandle'>Object handle for a certificate associated with the signing key</param> /// <param name='signingMechanism'>Mechanism to use when signing a constructed CMS SignedAttributes value</param> /// <param name='digestMechanism'>Mechanism to use when digesting the data</param> /// <param name='contentType'>String indicating complete MIME Content-type of message to be signed or null if the message is a MIME object</param> /// <param name='requestedAttributes'>DER-encoded list of CMS Attributes the caller requests to be included in the signed attributes</param> /// <param name='requiredAttributes'>DER-encoded list of CMS Attributes (with accompanying values) required to be included in the resulting signed attributes</param> /// <returns>Parameters for the CKM_CMS_SIG mechanism</returns> public ICkCmsSigParams CreateCkCmsSigParams(IObjectHandle certificateHandle, ulong? signingMechanism, ulong? digestMechanism, string contentType, byte[] requestedAttributes, byte[] requiredAttributes) { return _factory.CreateCkCmsSigParams(certificateHandle, signingMechanism, digestMechanism, contentType, requestedAttributes, requiredAttributes); }
/// <summary> /// Initializes a new instance of the CkX942MqvDeriveParams class. /// </summary>> /// <param name='kdf'>Key derivation function used on the shared secret value (CKD)</param> /// <param name='otherInfo'>Some data shared between the two parties</param> /// <param name='publicData'>Other party's first X9.42 Diffie-Hellman public key value</param> /// <param name='privateDataLen'>The length in bytes of the second X9.42 Diffie-Hellman private key</param> /// <param name='privateData'>Key handle for second X9.42 Diffie-Hellman private key value</param> /// <param name='publicData2'>Other party's second X9.42 Diffie-Hellman public key value</param> /// <param name='publicKey'>Handle to the first party's ephemeral public key</param> public CkX942MqvDeriveParams(NativeULong kdf, byte[] otherInfo, byte[] publicData, NativeULong privateDataLen, IObjectHandle privateData, byte[] publicData2, IObjectHandle publicKey) { _lowLevelStruct.Kdf = 0; _lowLevelStruct.OtherInfoLen = 0; _lowLevelStruct.OtherInfo = IntPtr.Zero; _lowLevelStruct.PublicDataLen = 0; _lowLevelStruct.PublicData = IntPtr.Zero; _lowLevelStruct.PrivateDataLen = 0; _lowLevelStruct.PrivateData = 0; _lowLevelStruct.PublicDataLen2 = 0; _lowLevelStruct.PublicData2 = IntPtr.Zero; _lowLevelStruct.PublicKey = 0; _lowLevelStruct.Kdf = kdf; if (otherInfo != null) { _lowLevelStruct.OtherInfo = UnmanagedMemory.Allocate(otherInfo.Length); UnmanagedMemory.Write(_lowLevelStruct.OtherInfo, otherInfo); _lowLevelStruct.OtherInfoLen = ConvertUtils.UInt64FromInt32(otherInfo.Length); } if (publicData != null) { _lowLevelStruct.PublicData = UnmanagedMemory.Allocate(publicData.Length); UnmanagedMemory.Write(_lowLevelStruct.PublicData, publicData); _lowLevelStruct.PublicDataLen = ConvertUtils.UInt64FromInt32(publicData.Length); } _lowLevelStruct.PrivateDataLen = privateDataLen; if (privateData == null) { throw new ArgumentNullException("privateData"); } _lowLevelStruct.PrivateData = ConvertUtils.UInt64FromUInt64(privateData.ObjectId); if (publicData2 != null) { _lowLevelStruct.PublicData2 = UnmanagedMemory.Allocate(publicData2.Length); UnmanagedMemory.Write(_lowLevelStruct.PublicData2, publicData2); _lowLevelStruct.PublicDataLen2 = ConvertUtils.UInt64FromInt32(publicData2.Length); } if (publicKey == null) { throw new ArgumentNullException("publicKey"); } _lowLevelStruct.PublicKey = ConvertUtils.UInt64FromUInt64(publicKey.ObjectId); }
/// <summary> /// Creates parameters for the CKM_X9_42_MQV_DERIVE key derivation mechanism /// </summary>> /// <param name='kdf'>Key derivation function used on the shared secret value (CKD)</param> /// <param name='otherInfo'>Some data shared between the two parties</param> /// <param name='publicData'>Other party's first X9.42 Diffie-Hellman public key value</param> /// <param name='privateDataLen'>The length in bytes of the second X9.42 Diffie-Hellman private key</param> /// <param name='privateData'>Key handle for second X9.42 Diffie-Hellman private key value</param> /// <param name='publicData2'>Other party's second X9.42 Diffie-Hellman public key value</param> /// <param name='publicKey'>Handle to the first party's ephemeral public key</param> /// <returns>Parameters for the CKM_X9_42_MQV_DERIVE key derivation mechanism</returns> public ICkX942MqvDeriveParams CreateCkX942MqvDeriveParams(ulong kdf, byte[] otherInfo, byte[] publicData, ulong privateDataLen, IObjectHandle privateData, byte[] publicData2, IObjectHandle publicKey) { return(new CkX942MqvDeriveParams(ConvertUtils.UInt32FromUInt64(kdf), otherInfo, publicData, ConvertUtils.UInt32FromUInt64(privateDataLen), privateData, publicData2, publicKey)); }
/// <summary> /// Create parameters for the CKM_ECMQV_DERIVE mechanism /// </summary>> /// <param name='kdf'>Key derivation function used on the shared secret value (CKD)</param> /// <param name='sharedData'>Some data shared between the two parties</param> /// <param name='publicData'>Other party's first EC public key value</param> /// <param name='privateDataLen'>The length in bytes of the second EC private key</param> /// <param name='privateData'>Key handle for second EC private key value</param> /// <param name='publicData2'>Other party's second EC public key value</param> /// <param name='publicKey'>Handle to the first party's ephemeral public key</param> /// <returns>Parameters for the CKM_ECMQV_DERIVE mechanism</returns> public ICkEcmqvDeriveParams CreateCkEcmqvDeriveParams(ulong kdf, byte[] sharedData, byte[] publicData, ulong privateDataLen, IObjectHandle privateData, byte[] publicData2, IObjectHandle publicKey) { return _factory.CreateCkEcmqvDeriveParams(kdf, sharedData, publicData, privateDataLen, privateData, publicData2, publicKey); }
public string[] GetObjectCallSignatures(IObjectHandle obj) { return(_engine.GetObjectCallSignatures(obj)); }
/// <summary> /// Creates parameters for the CKM_X9_42_MQV_DERIVE key derivation mechanism /// </summary>> /// <param name='kdf'>Key derivation function used on the shared secret value (CKD)</param> /// <param name='otherInfo'>Some data shared between the two parties</param> /// <param name='publicData'>Other party's first X9.42 Diffie-Hellman public key value</param> /// <param name='privateDataLen'>The length in bytes of the second X9.42 Diffie-Hellman private key</param> /// <param name='privateData'>Key handle for second X9.42 Diffie-Hellman private key value</param> /// <param name='publicData2'>Other party's second X9.42 Diffie-Hellman public key value</param> /// <param name='publicKey'>Handle to the first party's ephemeral public key</param> /// <returns>Parameters for the CKM_X9_42_MQV_DERIVE key derivation mechanism</returns> public ICkX942MqvDeriveParams CreateCkX942MqvDeriveParams(ulong kdf, byte[] otherInfo, byte[] publicData, ulong privateDataLen, IObjectHandle privateData, byte[] publicData2, IObjectHandle publicKey) { return _factory.CreateCkX942MqvDeriveParams(kdf, otherInfo, publicData, privateDataLen, privateData, publicData2, publicKey); }
public string[] GetObjectMemberNames(IObjectHandle obj) { return(_engine.GetObjectMemberNames(obj)); }
public void _HL_30_01_SignJournalTest() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Установление соединения с Рутокен в первом доступном слоте var slot = Helpers.GetUsableSlot(pkcs11); // Открытие RW сессии using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { // Выполнение аутентификации пользователя session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Инициализация хэш-функции var digestMechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_GOSTR3411_12_512); byte[] sourceData = TestData.Digest_Gost3411_SourceData; // Вычисление хэш-кода данных byte[] dataDigest = session.Digest(digestMechanism, sourceData); // Генерация ключевой пары ГОСТ Р 34.10-2012 IObjectHandle dataPublicKey = null; IObjectHandle dataPrivateKey = null; Helpers.GenerateGost512KeyPair(session, out dataPublicKey, out dataPrivateKey, Settings.Gost512KeyPairId1); // Инициализация операции подписи данных по алгоритму ГОСТ Р 34.10-2012(512) var signMechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_GOSTR3410_512); // Подпись данных byte[] dataSignature = session.Sign(signMechanism, dataPrivateKey, dataDigest); // Проверка подписи для данных bool isValid = false; session.Verify(signMechanism, dataPublicKey, dataDigest, dataSignature, out isValid); Assert.IsTrue(isValid); // Получение журнала операций byte[] journal = slot.GetJournal(); // Генерация ключевой пары ГОСТ Р 34.10-2012 для подписи журнала IObjectHandle journalPublicKey = null; IObjectHandle journalPrivateKey = null; Helpers.GenerateGost512JournalKeyPair(session, out journalPublicKey, out journalPrivateKey); // Вычисление хэш-кода журнала byte[] journalDigest = session.Digest(digestMechanism, journal); // Подпись журнала byte[] journalSignature = session.Sign(signMechanism, journalPrivateKey, journalDigest); // Проверка подписи журнала isValid = false; session.Verify(signMechanism, journalPublicKey, journalDigest, journalSignature, out isValid); Assert.IsTrue(isValid); // Уничтожение созданных ключей session.DestroyObject(dataPrivateKey); session.DestroyObject(dataPublicKey); session.Logout(); } } }
public string[] GetObjectMemberNames(IObjectHandle obj, IScriptModule module) { return(_engine.GetObjectMemberNames(obj, module)); }