Esempio n. 1
0
        /// <summary>PublicKeyCryptography</summary>
        private static void PublicKeyCryptography()
        {
            #region Variables

            #region Env
            OperatingSystem os = Environment.OSVersion;

            // https://github.com/dotnet/corefx/issues/29404#issuecomment-385287947
            //   *.pfxから証明書を開く場合、X509KeyStorageFlags.Exportableの指定が必要な場合がある。
            //   Linuxのキーは常にエクスポート可能だが、WindowsやMacOSでは必ずしもそうではない。
            X509KeyStorageFlags x509KSF = 0;
            if (os.Platform == PlatformID.Win32NT)
            {
                x509KSF = X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable;
            }
            else //if (os.Platform == PlatformID.Unix)
            {
                x509KSF = X509KeyStorageFlags.DefaultKeySet;
            }
            #endregion

            #region Keys
            X509Certificate2 publicX509Key  = null;
            X509Certificate2 privateX509Key = null;

            #endregion

            #region DigitalSign
            string moji = "hogehoge";
            byte[] data = CustomEncode.StringToByte(moji, CustomEncode.UTF_8);
            byte[] sign = null;
            #endregion

            #endregion

            #region Test of the X.509 Certificates

            #region RSA
            privateX509Key = new X509Certificate2(Program.PrivateRsaX509Path, Program.PfxPassword, x509KSF);
            publicX509Key  = new X509Certificate2(Program.PublicRsaX509Path, "", x509KSF);
            MyDebug.InspectPrivateX509Key("RSA", privateX509Key);
            MyDebug.InspectPublicX509Key("RSA", publicX509Key);
            #endregion

#if NETCORE || NET47
            #region DSA
            // https://github.com/dotnet/corefx/issues/18733#issuecomment-296723615

            privateX509Key = new X509Certificate2(Program.PrivateDsaX509Path, Program.PfxPassword);
            publicX509Key  = new X509Certificate2(Program.PublicDsaX509Path, "");
            MyDebug.InspectPrivateX509Key("DSA", privateX509Key);
            MyDebug.InspectPublicX509Key("DSA", publicX509Key);

            DSA privateDSA = privateX509Key.GetDSAPrivateKey();
            MyDebug.OutputDebugAndConsole("privateDSA", (privateDSA == null ? "is null" : "is not null"));
            //DSA publicDSA = null; // publicX509Key.GetDSAPublicKey(); // Internal.Cryptography.CryptoThrowHelper.WindowsCryptographicException
            #endregion

            #region ECDsa
            // https://github.com/dotnet/corefx/issues/18733#issuecomment-296723615
            privateX509Key = new X509Certificate2(Program.PrivateECDsaX509Path, Program.PfxPassword);
            publicX509Key  = new X509Certificate2(Program.PublicECDsaX509Path, "");
            MyDebug.InspectPrivateX509Key("ECDsa", privateX509Key);
            MyDebug.InspectPublicX509Key("ECDsa", publicX509Key);

            ECDsa privateECDsa = privateX509Key.GetECDsaPrivateKey();
            MyDebug.OutputDebugAndConsole("privateECDsa", (privateECDsa == null ? "is null" : "is not null"));
            ECDsa publicECDsa = publicX509Key.GetECDsaPublicKey();
            MyDebug.OutputDebugAndConsole("publicECDsa", (publicECDsa == null ? "is null" : "is not null"));

            #endregion
#endif

            #endregion

            #region Test of the OpenTouryo.Public.Security.ASymCrypt

            ASymmetricCryptography ascPublic = new ASymmetricCryptography(
                EnumASymmetricAlgorithm.X509, Program.PublicRsaX509Path, "", x509KSF);

            string temp = ascPublic.EncryptString(moji);

            ASymmetricCryptography ascPrivate = new ASymmetricCryptography(
                EnumASymmetricAlgorithm.X509, Program.PrivateRsaX509Path, Program.PfxPassword, x509KSF);

            temp = ascPrivate.DecryptString(temp);

            MyDebug.OutputDebugAndConsole("ASymCrypt(X509).Enc&Dec", (temp == moji).ToString());

            #endregion

            #region Test of the OpenTouryo.Public.Security.DigitalSign

            // RSA, DSA
            DigitalSignX509  dsX509  = null;
            DigitalSignParam dsParam = null;
            DigitalSignXML   dsXML   = null;

            // ECDsa
#if NETCORE || NET47
            DigitalSignECDsaX509 dsECDsaX509 = null;
            DigitalSignECDsaCng  dsECDsaCng  = null;
#endif
#if NETCORE
            DigitalSignECDsaOpenSsl dsECDsaOpenSsl = null;
#endif

            if (os.Platform == PlatformID.Win32NT)
            {
                #region RSA
                // X509
                dsX509 = new DigitalSignX509(Program.PrivateRsaX509Path, Program.PfxPassword, "SHA256", x509KSF);
                sign   = dsX509.Sign(data);

                dsX509 = new DigitalSignX509(Program.PublicRsaX509Path, "", "SHA256", x509KSF);
                MyDebug.OutputDebugAndConsole("DigitalSignX509.Verify(RS256)", dsX509.Verify(data, sign).ToString());

                // Param
                dsParam = new DigitalSignParam(EnumDigitalSignAlgorithm.RsaCSP_SHA256);
                sign    = dsParam.Sign(data);

                dsParam = new DigitalSignParam((RSAParameters)dsParam.PublicKey, EnumDigitalSignAlgorithm.RsaCSP_SHA256);
                MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(RS256)", dsParam.Verify(data, sign).ToString());

                // XML
                dsXML = new DigitalSignXML(EnumDigitalSignAlgorithm.RsaCSP_SHA256);
                sign  = dsXML.Sign(data);

#if !NETCORE
                // NETCOREでは、XML鍵のExportが動かない。
                dsXML = new DigitalSignXML(dsXML.PublicKey, EnumDigitalSignAlgorithm.RsaCSP_SHA256);
#endif
                MyDebug.OutputDebugAndConsole("DigitalSignXML.Verify(RS256)", dsXML.Verify(data, sign).ToString());
                #endregion

                #region DSA
                // DSAはFormatterバージョンしか動かない。
                // また、WinではDSAのX509が処理できない(Linux上では動作することを確認済み)。
                //dsX509 = new DigitalSignX509(Program.PrivateDsaX509Path, Program.PfxPassword , "SHA256", x509KSF);
                //sign = dsX509.Sign(data);
                //MyDebug.OutputDebugAndConsole("DigitalSignX509.Verify(DSA-SHA256)", dsX509.Verify(data, sign).ToString());

                // Param
                dsParam = new DigitalSignParam(EnumDigitalSignAlgorithm.DsaCSP_SHA1);
                sign    = dsParam.SignByFormatter(data);

                dsParam = new DigitalSignParam((DSAParameters)dsParam.PublicKey, EnumDigitalSignAlgorithm.DsaCSP_SHA1);
                MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(DSA-SHA1)", dsParam.VerifyByDeformatter(data, sign).ToString());

                // XML
                dsXML = new DigitalSignXML(EnumDigitalSignAlgorithm.DsaCSP_SHA1);
                sign  = dsXML.SignByFormatter(data);

#if !NETCORE
                // NETCOREでは、XML鍵のExportが動かない。
                dsXML = new DigitalSignXML(dsXML.PublicKey, EnumDigitalSignAlgorithm.DsaCSP_SHA1);
#endif

                MyDebug.OutputDebugAndConsole("DigitalSignXML.Verify(DSA-SHA1)", dsXML.VerifyByDeformatter(data, sign).ToString());
                #endregion

#if NETCORE || NET47
                #region ECDsa
                // X509
                dsECDsaX509 = new DigitalSignECDsaX509(Program.PrivateECDsaX509Path, Program.PfxPassword, HashAlgorithmName.SHA256);
                sign        = dsECDsaX509.Sign(data);

                dsECDsaX509 = new DigitalSignECDsaX509(Program.PublicECDsaX509Path, "", HashAlgorithmName.SHA256);
                MyDebug.OutputDebugAndConsole("DigitalSignECDsaX509.Verify(ECDSA-SHA256)", dsECDsaX509.Verify(data, sign).ToString());

#if NET47 || NETCOREAPP3_0
                // Param
                dsECDsaCng = new DigitalSignECDsaCng(EnumDigitalSignAlgorithm.ECDsaCng_P256);
                sign       = dsECDsaCng.Sign(data);

                dsECDsaCng = new DigitalSignECDsaCng(dsECDsaCng.PublicKey);
                MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(ECDSA-P256)", dsECDsaCng.Verify(data, sign).ToString());
#endif
                #endregion
#endif
            }
            else //if (os.Platform == PlatformID.Unix)
            {
#if NETCORE
                #region RSA
                // X509
                dsX509 = new DigitalSignX509(Program.PrivateRsaX509Path, Program.PfxPassword, "SHA256");
                sign   = dsX509.Sign(data);

                dsX509 = new DigitalSignX509(Program.PublicRsaX509Path, "", "SHA256");
                MyDebug.OutputDebugAndConsole("DigitalSignX509.Verify(RS256)", dsX509.Verify(data, sign).ToString());

                // Param
                dsParam = new DigitalSignParam(EnumDigitalSignAlgorithm.RsaOpenSsl_SHA256);
                sign    = dsParam.Sign(data);

                dsParam = new DigitalSignParam((RSAParameters)dsParam.PublicKey, EnumDigitalSignAlgorithm.RsaOpenSsl_SHA256);
                MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(RS256)", dsParam.Verify(data, sign).ToString());

                // XML
                dsXML = new DigitalSignXML(EnumDigitalSignAlgorithm.RsaOpenSsl_SHA256);
                sign  = dsXML.Sign(data);

                //dsXML = new DigitalSignXML(dsXML.PublicKey, EnumDigitalSignAlgorithm.RsaOpenSsl_SHA256); // 動かない
                MyDebug.OutputDebugAndConsole("DigitalSignXML.Verify(RS256)", dsXML.Verify(data, sign).ToString());
                #endregion

                #region DSA
                // X509
                dsX509 = new DigitalSignX509(Program.PrivateDsaX509Path, Program.PfxPassword, "SHA256");
                sign   = dsX509.Sign(data);

                dsX509 = new DigitalSignX509(Program.PublicDsaX509Path, "", "SHA256");
                MyDebug.OutputDebugAndConsole("DigitalSignX509.Verify(DSA-SHA256)", dsX509.Verify(data, sign).ToString());

                // Param
                dsParam = new DigitalSignParam(EnumDigitalSignAlgorithm.DsaOpenSsl_SHA1);
                sign    = dsParam.Sign(data);

                dsParam = new DigitalSignParam((DSAParameters)dsParam.PublicKey, EnumDigitalSignAlgorithm.DsaOpenSsl_SHA1);
                MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(DSA-SHA1)", dsParam.Verify(data, sign).ToString());

                // XML
                dsXML = new DigitalSignXML(EnumDigitalSignAlgorithm.DsaOpenSsl_SHA1);
                sign  = dsXML.Sign(data);

                //dsXML = new DigitalSignXML(dsXML.PublicKey, EnumDigitalSignAlgorithm.DsaOpenSsl_SHA1); // 動かない
                MyDebug.OutputDebugAndConsole("DigitalSignXML.Verify(DSA-SHA1)", dsXML.Verify(data, sign).ToString());
                #endregion

                #region ECDsa (.NET Core on Linux)
                // X509
                dsECDsaX509 = new DigitalSignECDsaX509(Program.PrivateECDsaX509Path, Program.PfxPassword, HashAlgorithmName.SHA256);
                sign        = dsECDsaX509.Sign(data);

                dsECDsaX509 = new DigitalSignECDsaX509(Program.PublicECDsaX509Path, "", HashAlgorithmName.SHA256);
                MyDebug.OutputDebugAndConsole("DigitalSignECDsaX509.Verify(ECDSA)", dsECDsaX509.Verify(data, sign).ToString());

                // Param
                dsECDsaOpenSsl = new DigitalSignECDsaOpenSsl(
                    EnumDigitalSignAlgorithm.ECDsaOpenSsl_P256, SHA256CryptoServiceProvider.Create());
                sign = dsECDsaOpenSsl.Sign(data);

                dsECDsaOpenSsl = new DigitalSignECDsaOpenSsl(
                    dsECDsaOpenSsl.PublicKey.Value, SHA256CryptoServiceProvider.Create());
                MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(ECDSA-P256)", dsParam.Verify(data, sign).ToString());
                #endregion
#endif
            }
            #endregion
        }