public void _01_Pkcs11UriInSignatureCreationApplication()
{
if (Platform.UnmanagedLongSize != 8 || Platform.StructPackingSize != 0)
Assert.Inconclusive("Test cannot be executed on this platform");
// PKCS#11 URI can be acquired i.e. from configuration file as a simple string...
string uri = @"<pkcs11:serial=7BFF2737350B262C;
type=private;
object=John%20Doe
?module-path=pkcs11.dll&
pin-value=11111111>";
Assert.IsNotNull(uri);
// ...or it can be easily constructed with Pkcs11UriBuilder
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.Serial = "7BFF2737350B262C";
pkcs11UriBuilder.Type = CKO.CKO_PRIVATE_KEY;
pkcs11UriBuilder.Object = "John Doe";
pkcs11UriBuilder.ModulePath = "pkcs11.dll";
pkcs11UriBuilder.PinValue = "11111111";
uri = pkcs11UriBuilder.ToString();
Assert.IsNotNull(uri);
// Warning: Please note that PIN stored in PKCS#11 URI can pose a security risk and therefore other options
// should be carefully considered. For example an application may ask for a PIN with a GUI dialog etc.
// Use PKCS#11 URI acquired from Settings class to identify private key in signature creation method
byte[] signature = SignData(ConvertUtils.Utf8StringToBytes("Hello world"), Settings.PrivateKeyUri);
// Do something interesting with the signature
Assert.IsNotNull(signature);
}
public void Pkcs11UriInSignatureCreationApplication()
{
byte[] dataToSign = ConvertUtils.Utf8StringToBytes("Hello world");
// PKCS#11 URI can be acquired i.e. from configuration file as a simple string...
string uri = @"<pkcs11:serial=7BFF2737350B262C;
type=private;
object=John%20Doe
?module-path=siecap11.dll&
pin-value=11111111>";
// ...or it can be easily constructed with Pkcs11UriBuilder
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.Serial = "7BFF2737350B262C";
pkcs11UriBuilder.Type = CKO.CKO_PRIVATE_KEY;
pkcs11UriBuilder.Object = "John Doe";
pkcs11UriBuilder.ModulePath = "siecap11.dll";
pkcs11UriBuilder.PinValue = "11111111";
uri = pkcs11UriBuilder.ToString();
// Warning: Please note that PIN stored in PKCS#11 URI can pose a security risk and therefore other options
// should be carefully considered. For example an application may ask for a PIN with a GUI dialog etc.
// Use PKCS#11 URI to identify private key in signature creation method
byte[] signature = SignData(dataToSign, uri);
// Do something interesting with the signature
}
public void ModelWithoutValue()
{
string uri = @"pkcs11:model=";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.Model = string.Empty;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == true);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.Model == string.Empty);
}
public void VendorSpecificQueryAttributeWithoutValue()
{
string uri = @"pkcs11:?vendor=";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownQueryAttributes = new Dictionary<string, List<string>>();
pkcs11UriBuilder.UnknownQueryAttributes.Add("vendor", new List<string> { string.Empty });
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes != null && pkcs11uri.UnknownQueryAttributes.Count == 1);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes["vendor"].Count == 1);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes["vendor"][0] == string.Empty);
}
public void UriWithoutQueryAttributes()
{
string uri = @"pkcs11:";
uri += @"library-manufacturer=foo;library-description=bar;library-version=1;";
uri += @"slot-manufacturer=foo;slot-description=bar;slot-id=1;";
uri += @"manufacturer=foo;model=bar;serial=foo;token=bar;";
uri += @"type=private;object=foo;id=%62%61%72";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.LibraryManufacturer = "foo";
pkcs11UriBuilder.LibraryDescription = "bar";
pkcs11UriBuilder.LibraryVersion = "1";
pkcs11UriBuilder.SlotManufacturer = "foo";
pkcs11UriBuilder.SlotDescription = "bar";
pkcs11UriBuilder.SlotId = 1;
pkcs11UriBuilder.Manufacturer = "foo";
pkcs11UriBuilder.Model = "bar";
pkcs11UriBuilder.Serial = "foo";
pkcs11UriBuilder.Token = "bar";
pkcs11UriBuilder.Type = CKO.CKO_PRIVATE_KEY;
pkcs11UriBuilder.Object = "foo";
pkcs11UriBuilder.Id = ConvertUtils.Utf8StringToBytes("bar");
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == true);
Assert.IsTrue(pkcs11uri.DefinesToken == true);
Assert.IsTrue(pkcs11uri.DefinesObject == true);
Assert.IsTrue(pkcs11uri.UnknownPathAttributes == null);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes == null);
Assert.IsTrue(pkcs11uri.LibraryManufacturer == "foo");
Assert.IsTrue(pkcs11uri.LibraryDescription == "bar");
Assert.IsTrue(pkcs11uri.LibraryVersion == "1.0");
Assert.IsTrue(pkcs11uri.SlotManufacturer == "foo");
Assert.IsTrue(pkcs11uri.SlotDescription == "bar");
Assert.IsTrue(pkcs11uri.SlotId == 1);
Assert.IsTrue(pkcs11uri.Manufacturer == "foo");
Assert.IsTrue(pkcs11uri.Model == "bar");
Assert.IsTrue(pkcs11uri.Serial == "foo");
Assert.IsTrue(pkcs11uri.Token == "bar");
Assert.IsTrue(pkcs11uri.Type == CKO.CKO_PRIVATE_KEY);
Assert.IsTrue(pkcs11uri.Object == "foo");
Assert.IsTrue(Helpers.ByteArraysMatch(pkcs11uri.Id, ConvertUtils.Utf8StringToBytes("bar")));
Assert.IsTrue(pkcs11uri.ModulePath == null);
Assert.IsTrue(pkcs11uri.ModuleName == null);
Assert.IsTrue(pkcs11uri.PinValue == null);
Assert.IsTrue(pkcs11uri.PinSource == null);
}
public void ModulePathWithValidValue()
{
string uri = @"pkcs11:?module-path=" + _pk11QueryChars + _pctEncodedUnicodeChar;
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.ModulePath = _pk11QueryChars + _unicodeChar;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.ModulePath == _pk11QueryChars + _unicodeChar);
}
public void UriWithoutPathAttributes()
{
string uri = @"pkcs11:";
uri += @"?";
uri += @"module-path=foo&module-name=bar&";
uri += @"pin-value=foo&pin-source=bar";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.ModulePath = "foo";
pkcs11UriBuilder.ModuleName = "bar";
pkcs11UriBuilder.PinValue = "foo";
pkcs11UriBuilder.PinSource = "bar";
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.UnknownPathAttributes == null);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes == null);
Assert.IsTrue(pkcs11uri.LibraryManufacturer == null);
Assert.IsTrue(pkcs11uri.LibraryDescription == null);
Assert.IsTrue(pkcs11uri.LibraryVersion == null);
Assert.IsTrue(pkcs11uri.SlotManufacturer == null);
Assert.IsTrue(pkcs11uri.SlotDescription == null);
Assert.IsTrue(pkcs11uri.SlotId == null);
Assert.IsTrue(pkcs11uri.Manufacturer == null);
Assert.IsTrue(pkcs11uri.Model == null);
Assert.IsTrue(pkcs11uri.Serial == null);
Assert.IsTrue(pkcs11uri.Token == null);
Assert.IsTrue(pkcs11uri.Type == null);
Assert.IsTrue(pkcs11uri.Object == null);
Assert.IsTrue(Helpers.ByteArraysMatch(pkcs11uri.Id, null));
Assert.IsTrue(pkcs11uri.ModulePath == "foo");
Assert.IsTrue(pkcs11uri.ModuleName == "bar");
Assert.IsTrue(pkcs11uri.PinValue == "foo");
Assert.IsTrue(pkcs11uri.PinSource == "bar");
}
public void IdWithoutValue()
{
string uri = @"pkcs11:id=";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.Id = new byte[0];
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == true);
Assert.IsTrue(pkcs11uri.Id != null && pkcs11uri.Id.Length == 0);
}
public void _081_PinSourceWithValidValue()
{
string uri = @"pkcs11:?pin-source=" + _pk11QueryChars + _pctEncodedUnicodeChar;
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.PinSource = _pk11QueryChars + _unicodeChar;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.PinSource == _pk11QueryChars + _unicodeChar);
}
public void _079_VendorSpecificPathAttributeWithoutValue()
{
string uri = @"pkcs11:vendor=";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownPathAttributes.Add("vendor", string.Empty);
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.UnknownPathAttributes.Count == 1);
Assert.IsTrue(pkcs11uri.UnknownPathAttributes["vendor"] == string.Empty);
}
public void _077_VendorSpecificPathAttributeWithValidNameAndValue()
{
string uri = @"pkcs11:" + _pk11VendorAttrNameChars + "=" + _pk11PathChars + _pctEncodedUnicodeChar;
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownPathAttributes.Add(_pk11VendorAttrNameChars, _pk11PathChars + _unicodeChar);
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.UnknownPathAttributes.Count == 1);
Assert.IsTrue(pkcs11uri.UnknownPathAttributes[_pk11VendorAttrNameChars] == _pk11PathChars + _unicodeChar);
}
public void _076_VendorSpecificPathAttributeWithInvalidName()
{
string uri = @"pkcs11:.=" + _pk11PathChars + _pctEncodedUnicodeChar;
try
{
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownPathAttributes.Add(".", _pk11PathChars + _unicodeChar);
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
try
{
// Parse URI
new Pkcs11Uri(uri);
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
}
public void _005_UriWithoutAttributes()
{
string uri = @"pkcs11:";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.UnknownPathAttributes.Count == 0);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes.Count == 0);
Assert.IsTrue(pkcs11uri.LibraryManufacturer == null);
Assert.IsTrue(pkcs11uri.LibraryDescription == null);
Assert.IsTrue(pkcs11uri.LibraryVersion == null);
Assert.IsTrue(pkcs11uri.SlotManufacturer == null);
Assert.IsTrue(pkcs11uri.SlotDescription == null);
Assert.IsTrue(pkcs11uri.SlotId == null);
Assert.IsTrue(pkcs11uri.Manufacturer == null);
Assert.IsTrue(pkcs11uri.Model == null);
Assert.IsTrue(pkcs11uri.Serial == null);
Assert.IsTrue(pkcs11uri.Token == null);
Assert.IsTrue(pkcs11uri.Type == null);
Assert.IsTrue(pkcs11uri.Object == null);
Assert.IsTrue(Helpers.ByteArraysMatch(pkcs11uri.Id, null));
Assert.IsTrue(pkcs11uri.ModulePath == null);
Assert.IsTrue(pkcs11uri.ModuleName == null);
Assert.IsTrue(pkcs11uri.PinValue == null);
Assert.IsTrue(pkcs11uri.PinSource == null);
}
public void _038_LibraryDescriptionWithoutValue()
{
string uri = @"pkcs11:library-description=";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.LibraryDescription = string.Empty;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == true);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.LibraryDescription == string.Empty);
}
public void KnownTypes()
{
string[] uris = new string[]
{
@"pkcs11:type=public",
@"pkcs11:type=private",
@"pkcs11:type=cert",
@"pkcs11:type=secret-key",
@"pkcs11:type=data"
};
foreach (string uri in uris)
{
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == true);
Assert.IsTrue(pkcs11uri.Type != null);
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.Type = pkcs11uri.Type;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
}
}
public void IdWithValidValue()
{
string uri = @"pkcs11:id=" + _pk11PathChars + _pctEncodedUnicodeChar;
// Note: Builder cannot be used to produce URI like this one
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == true);
Assert.IsTrue(Helpers.ByteArraysMatch(pkcs11uri.Id, ConvertUtils.Utf8StringToBytes(_pk11PathChars + _unicodeChar)));
uri = @"pkcs11:id=%41%42%43%44%45%46%47%48%49%4A%4B%4C%4D%4E%4F%50%51%52%53%54%55%56%57%58%59%5A%61%62%63%64%65%66%67%68%69%6A%6B%6C%6D%6E%6F%70%71%72%73%74%75%76%77%78%79%7A%30%31%32%33%34%35%36%37%38%39%2D%2E%5F%7E%3A%5B%5D%40%21%24%27%28%29%2A%2B%2C%3D%26%C3%A4";
// Build URI without length checking
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(false);
pkcs11UriBuilder.Id = ConvertUtils.Utf8StringToBytes(_pk11PathChars + _unicodeChar);
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI without length checking
pkcs11uri = new Pkcs11Uri(uri, false);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == true);
Assert.IsTrue(Helpers.ByteArraysMatch(pkcs11uri.Id, ConvertUtils.Utf8StringToBytes(_pk11PathChars + _unicodeChar)));
// Build URI with length checking
pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.Id = ConvertUtils.Utf8StringToBytes(_pk11PathChars + _unicodeChar);
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI with length checking
pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == true);
Assert.IsTrue(Helpers.ByteArraysMatch(pkcs11uri.Id, ConvertUtils.Utf8StringToBytes(_pk11PathChars + _unicodeChar)));
}
public void _097_VendorSpecificQueryAttributeWithIncompleteName()
{
string uri = @"pkcs11:?=" + _pk11QueryChars + _pctEncodedUnicodeChar;
try
{
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownQueryAttributes.Add(string.Empty, new List<string> { _pk11QueryChars + _unicodeChar });
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
try
{
// Parse URI
new Pkcs11Uri(uri);
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
}
public void VendorSpecificPathAttributeWithIncompleteName()
{
string uri = @"pkcs11:=" + _pk11PathChars + _pctEncodedUnicodeChar;
try
{
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownPathAttributes = new Dictionary<string, string>();
pkcs11UriBuilder.UnknownPathAttributes.Add(string.Empty, _pk11PathChars + _unicodeChar);
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
try
{
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
}
public void LibraryVersionWithValidValue()
{
string uri = @"pkcs11:library-version=1.256";
// Build URI without length checking
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(false);
pkcs11UriBuilder.LibraryVersion = "1.256";
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI without length checking
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri, false);
Assert.IsTrue(pkcs11uri.DefinesLibrary == true);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.LibraryVersion == "1.256");
try
{
// Build URI with length checking
pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.LibraryVersion = "1.256";
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is ArgumentOutOfRangeException);
}
try
{
// Parse URI with length checking
pkcs11uri = new Pkcs11Uri(uri);
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
}
public void PinSourceWithoutValue()
{
string uri = @"pkcs11:?pin-source=";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.PinSource = string.Empty;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.PinSource == string.Empty);
}
public void LibraryVersionWithoutMinorPart()
{
string uri = @"pkcs11:library-version=1";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.LibraryVersion = "1";
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == true);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.LibraryVersion == "1.0");
}
public void VendorSpecificQueryAttributeWithInvalidName()
{
string uri = @"pkcs11:?.=" + _pk11QueryChars + _pctEncodedUnicodeChar;
try
{
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownQueryAttributes = new Dictionary<string, List<string>>();
pkcs11UriBuilder.UnknownQueryAttributes.Add(".", new List<string> { _pk11QueryChars + _unicodeChar });
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
try
{
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
}
public void SlotManufacturerWithoutValue()
{
string uri = @"pkcs11:slot-manufacturer=";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.SlotManufacturer = string.Empty;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == true);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.SlotManufacturer == string.Empty);
}
public void VendorSpecificQueryAttributeWithValidNameAndValue()
{
string uri = @"pkcs11:?" + _pk11VendorAttrNameChars + "=" + _pk11QueryChars + _pctEncodedUnicodeChar;
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownQueryAttributes = new Dictionary<string, List<string>>();
pkcs11UriBuilder.UnknownQueryAttributes.Add(_pk11VendorAttrNameChars, new List<string> { _pk11QueryChars + _unicodeChar });
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes != null && pkcs11uri.UnknownQueryAttributes.Count == 1);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes[_pk11VendorAttrNameChars].Count == 1);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes[_pk11VendorAttrNameChars][0] == _pk11QueryChars + _unicodeChar);
}
public void SlotIdWithValidValue()
{
string uri = @"pkcs11:slot-id=18446744073709551615";
// Build URI without length checking
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(false);
pkcs11UriBuilder.SlotId = 18446744073709551615;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI without length checking
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri, false);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == true);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.SlotId == 18446744073709551615);
// Build URI with length checking
pkcs11UriBuilder = new Pkcs11UriBuilder(true);
pkcs11UriBuilder.SlotId = 18446744073709551615;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI with length checking
pkcs11uri = new Pkcs11Uri(uri, true);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == true);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.SlotId == 18446744073709551615);
}
public void VendorSpecificQueryAttributeWithMultipleValues()
{
string uri = @"pkcs11:?vendor=foo&vendor=bar";
// Build URI
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.UnknownQueryAttributes = new Dictionary<string, List<string>>();
pkcs11UriBuilder.UnknownQueryAttributes.Add("vendor", new List<string> { "foo", "bar" });
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes != null && pkcs11uri.UnknownQueryAttributes.Count == 1);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes["vendor"].Count == 2);
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes["vendor"][0] == "foo");
Assert.IsTrue(pkcs11uri.UnknownQueryAttributes["vendor"][1] == "bar");
}
public void ObjectDescriptionWithValidValue()
{
string uri = @"pkcs11:object=" + _pk11PathChars + _pctEncodedUnicodeChar;
// Build URI without length checking
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(false);
pkcs11UriBuilder.Object = _pk11PathChars + _unicodeChar;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI without length checking
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri, false);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == true);
Assert.IsTrue(pkcs11uri.Object == _pk11PathChars + _unicodeChar);
// Build URI with length checking
pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.Object = _pk11PathChars + _unicodeChar;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI with length checking
pkcs11uri = new Pkcs11Uri(uri);
Assert.IsTrue(pkcs11uri.DefinesLibrary == false);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == true);
Assert.IsTrue(pkcs11uri.Object == _pk11PathChars + _unicodeChar);
}
public void LibraryManufacturerWithValidValue()
{
string uri = @"pkcs11:library-manufacturer=" + _pk11PathChars + _pctEncodedUnicodeChar;
// Build URI without length checking
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(false);
pkcs11UriBuilder.LibraryManufacturer = _pk11PathChars + _unicodeChar;
Assert.IsTrue(uri == pkcs11UriBuilder.ToString());
// Parse URI without length checking
Pkcs11Uri pkcs11uri = new Pkcs11Uri(uri, false);
Assert.IsTrue(pkcs11uri.DefinesLibrary == true);
Assert.IsTrue(pkcs11uri.DefinesSlot == false);
Assert.IsTrue(pkcs11uri.DefinesToken == false);
Assert.IsTrue(pkcs11uri.DefinesObject == false);
Assert.IsTrue(pkcs11uri.LibraryManufacturer == _pk11PathChars + _unicodeChar);
try
{
// Build URI with length checking
pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.LibraryManufacturer = _pk11PathChars + _unicodeChar;
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is ArgumentOutOfRangeException);
}
try
{
// Parse URI with length checking
pkcs11uri = new Pkcs11Uri(uri);
Assert.Fail("Exception expected but not thrown");
}
catch (Exception ex)
{
Assert.IsTrue(ex is Pkcs11UriException);
}
}
/// <summary>
/// Static class constructor
/// </summary>
static Settings()
{
// Uncomment following three lines to enable logging of PKCS#11 calls with PKCS11-LOGGER library
// System.Environment.SetEnvironmentVariable("PKCS11_LOGGER_LIBRARY_PATH", Pkcs11LibraryPath);
// System.Environment.SetEnvironmentVariable("PKCS11_LOGGER_LOG_FILE_PATH", @"c:\pkcs11-logger.txt");
// Pkcs11LibraryPath = @"c:\pkcs11-logger-x86.dll";
// Setup arguments passed to the C_Initialize function
if (UseOsLocking)
{
InitArgs40 = new LLA40.CK_C_INITIALIZE_ARGS();
InitArgs40.Flags = CKF.CKF_OS_LOCKING_OK;
InitArgs41 = new LLA41.CK_C_INITIALIZE_ARGS();
InitArgs41.Flags = CKF.CKF_OS_LOCKING_OK;
InitArgs80 = new LLA80.CK_C_INITIALIZE_ARGS();
InitArgs80.Flags = CKF.CKF_OS_LOCKING_OK;
InitArgs81 = new LLA81.CK_C_INITIALIZE_ARGS();
InitArgs81.Flags = CKF.CKF_OS_LOCKING_OK;
}
// Convert strings to byte arrays
SecurityOfficerPinArray = ConvertUtils.Utf8StringToBytes(SecurityOfficerPin);
NormalUserPinArray = ConvertUtils.Utf8StringToBytes(NormalUserPin);
ApplicationNameArray = ConvertUtils.Utf8StringToBytes(ApplicationName);
// Build PKCS#11 URI that identifies private key usable in signature creation tests
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.ModulePath = Pkcs11LibraryPath;
pkcs11UriBuilder.Serial = TokenSerial;
pkcs11UriBuilder.Token = TokenLabel;
pkcs11UriBuilder.PinValue = NormalUserPin;
pkcs11UriBuilder.Type = CKO.CKO_PRIVATE_KEY;
pkcs11UriBuilder.Object = ApplicationName;
PrivateKeyUri = pkcs11UriBuilder.ToString();
}