Esempio n. 1
0
        public void TestSha1AndMD5WithRsa()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddDigests(CmsSignedDataStreamGenerator.DigestSha1,
                           CmsSignedDataStreamGenerator.DigestMD5);

            byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);

            Stream sigOut = gen.Open(bOut);

            sigOut.Write(testBytes, 0, testBytes.Length);

            gen.AddCertificates(x509Certs);
            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestMD5);

            sigOut.Close();

            CheckSigParseable(bOut.ToArray());

            CmsSignedDataParser sp = new CmsSignedDataParser(
                new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray());

            sp.GetSignedContent().Drain();

            VerifySignatures(sp);
        }
Esempio n. 2
0
        public void TestSha1WithRsaNonData()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
            IX509Store x509Crls  = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);
            gen.AddCrls(x509Crls);

            byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);

            Stream sigOut = gen.Open(bOut, "1.2.3.4", true);

            sigOut.Write(testBytes, 0, testBytes.Length);
            sigOut.Close();

            CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());

            CmsTypedStream stream = sp.GetSignedContent();

            Assert.AreEqual("1.2.3.4", stream.ContentType);

            stream.Drain();

            // compute expected content digest
            byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes);

            VerifySignatures(sp, hash);
        }
Esempio n. 3
0
        public void TestCertOrdering1()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);

            byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);

            Stream sigOut = gen.Open(bOut, true);

            sigOut.Write(testBytes, 0, testBytes.Length);
            sigOut.Close();

            CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());

            sp.GetSignedContent().Drain();
            x509Certs = sp.GetCertificates("Collection");
            ArrayList a = new ArrayList(x509Certs.GetMatches(null));

            Assert.AreEqual(2, a.Count);
            Assert.AreEqual(OrigCert, a[0]);
            Assert.AreEqual(SignCert, a[1]);
        }
Esempio n. 4
0
        public void Test1000()
        {
            byte[]       testData = new byte[10000];
            SecureRandom rand     = new SecureRandom();

            rand.SetSeed(0);

            for (int i = 0; i != 10; i++)
            {
                CmsCompressedDataStreamGenerator gen = new CmsCompressedDataStreamGenerator();
                MemoryStream bOut = new MemoryStream();

                Stream cOut = gen.Open(bOut, CmsCompressedDataStreamGenerator.ZLib);

                rand.NextBytes(testData);

                cOut.Write(testData, 0, testData.Length);

                cOut.Close();

                CmsCompressedDataParser ed = new CmsCompressedDataParser(bOut.ToArray());

                Assert.IsTrue(Arrays.AreEqual(testData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream)));
            }
        }
Esempio n. 5
0
        public void TestSha1WithRsa()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
            IX509Store x509Crls  = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);
            gen.AddCrls(x509Crls);

            Stream sigOut = gen.Open(bOut);

            byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
            sigOut.Write(testBytes, 0, testBytes.Length);

            sigOut.Close();

            CheckSigParseable(bOut.ToArray());

            CmsSignedDataParser sp = new CmsSignedDataParser(
                new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray());

            sp.GetSignedContent().Drain();

            // compute expected content digest
            byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes);

            VerifySignatures(sp, hash);

            //
            // try using existing signer
            //
            gen = new CmsSignedDataStreamGenerator();
            gen.AddSigners(sp.GetSignerInfos());
            gen.AddCertificates(sp.GetCertificates("Collection"));
            gen.AddCrls(sp.GetCrls("Collection"));

            bOut.SetLength(0);

            sigOut = gen.Open(bOut, true);
            sigOut.Write(testBytes, 0, testBytes.Length);
            sigOut.Close();

            VerifyEncodedData(bOut);

            //
            // look for the CRLs
            //
            ArrayList col = new ArrayList(x509Crls.GetMatches(null));

            Assert.AreEqual(2, col.Count);
            Assert.IsTrue(col.Contains(SignCrl));
            Assert.IsTrue(col.Contains(OrigCrl));
        }
Esempio n. 6
0
        public void TestEncapsulatedSignerStoreReplacement()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);

            byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);

            Stream sigOut = gen.Open(bOut, true);

            sigOut.Write(testBytes, 0, testBytes.Length);
            sigOut.Close();

            //
            // create new Signer
            //
            MemoryStream original = new MemoryStream(bOut.ToArray(), false);

            bOut.SetLength(0);

            gen = new CmsSignedDataStreamGenerator();
            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha224);
            gen.AddCertificates(x509Certs);

            sigOut = gen.Open(bOut, true);
            sigOut.Write(testBytes, 0, testBytes.Length);
            sigOut.Close();

            CmsSignedData sd = new CmsSignedData(bOut.ToArray());

            //
            // replace signer
            //
            MemoryStream newOut = new MemoryStream();

            CmsSignedDataParser.ReplaceSigners(original, sd.GetSignerInfos(), newOut);

            sd = new CmsSignedData(newOut.ToArray());

            IEnumerator signerEnum = sd.GetSignerInfos().GetSigners().GetEnumerator();

            signerEnum.MoveNext();
            SignerInformation signer = (SignerInformation)signerEnum.Current;

            Assert.AreEqual(signer.DigestAlgOid, CmsSignedDataStreamGenerator.DigestSha224);

            CmsSignedDataParser sp = new CmsSignedDataParser(newOut.ToArray());

            sp.GetSignedContent().Drain();

            VerifySignatures(sp);
        }
Esempio n. 7
0
        public void TestSha1WithRsaEncapsulatedSubjectKeyID()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private,
                          CmsTestUtil.CreateSubjectKeyId(OrigCert.GetPublicKey()).GetKeyIdentifier(),
                          CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);

            byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);

            Stream sigOut = gen.Open(bOut, true);

            sigOut.Write(testBytes, 0, testBytes.Length);
            sigOut.Close();

            CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());

            sp.GetSignedContent().Drain();

            VerifySignatures(sp);

            byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[CmsSignedGenerator.DigestSha1];

            ArrayList signers = new ArrayList(sp.GetSignerInfos().GetSigners());

            AttributeTable table = ((SignerInformation)signers[0]).SignedAttributes;

            Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest];

            Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets()));

            //
            // try using existing signer
            //
            gen = new CmsSignedDataStreamGenerator();
            gen.AddSigners(sp.GetSignerInfos());
//			gen.AddCertificatesAndCRLs(sp.GetCertificatesAndCrls("Collection", "BC"));
            gen.AddCertificates(sp.GetCertificates("Collection"));

            bOut.SetLength(0);

            sigOut = gen.Open(bOut, true);
            sigOut.Write(testBytes, 0, testBytes.Length);
            sigOut.Close();

            CmsSignedData sd = new CmsSignedData(new CmsProcessableByteArray(testBytes), bOut.ToArray());

            Assert.AreEqual(1, sd.GetSignerInfos().GetSigners().Count);

            VerifyEncodedData(bOut);
        }
Esempio n. 8
0
        public void TestWorkingData()
        {
            byte[] keyData = Base64.Decode(
                "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKrAz/SQKrcQ" +
                "nj9IxHIfKDbuXsMqUpI06s2gps6fp7RDNvtUDDMOciWGFhD45YSy8GO0mPx3" +
                "Nkc7vKBqX4TLcqLUz7kXGOHGOwiPZoNF+9jBMPNROe/B0My0PkWg9tuq+nxN" +
                "64oD47+JvDwrpNOS5wsYavXeAW8Anv9ZzHLU7KwZAgMBAAECgYA/fqdVt+5K" +
                "WKGfwr1Z+oAHvSf7xtchiw/tGtosZ24DOCNP3fcTXUHQ9kVqVkNyzt9ZFCT3" +
                "bJUAdBQ2SpfuV4DusVeQZVzcROKeA09nPkxBpTefWbSDQGhb+eZq9L8JDRSW" +
                "HyYqs+MBoUpLw7GKtZiJkZyY6CsYkAnQ+uYVWq/TIQJBAP5zafO4HUV/w4KD" +
                "VJi+ua+GYF1Sg1t/dYL1kXO9GP1p75YAmtm6LdnOCas7wj70/G1YlPGkOP0V" +
                "GFzeG5KAmAUCQQCryvKU9nwWA+kypcQT9Yr1P4vGS0APYoBThnZq7jEPc5Cm" +
                "ZI82yseSxSeea0+8KQbZ5mvh1p3qImDLEH/iNSQFAkAghS+tboKPN10NeSt+" +
                "uiGRRWNbiggv0YJ7Uldcq3ZeLQPp7/naiekCRUsHD4Qr97OrZf7jQ1HlRqTu" +
                "eZScjMLhAkBNUMZCQnhwFAyEzdPkQ7LpU1MdyEopYmRssuxijZao5JLqQAGw" +
                "YCzXokGFa7hz72b09F4DQurJL/WuDlvvu4jdAkEAxwT9lylvfSfEQw4/qQgZ" +
                "MFB26gqB6Gqs1pHIZCzdliKx5BO3VDeUGfXMI8yOkbXoWbYx5xPid/+N8R//" +
                "+sxLBw==");

            byte[] envData = Base64.Decode(
                "MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1C" +
                "b3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBHjANBgkqhkiG9w0BAQEFAASB" +
                "gDmnaDZ0vDJNlaUSYyEXsgbaUH+itNTjCOgv77QTX2ImXj+kTctM19PQF2I1" +
                "0/NL0fjakvCgBTHKmk13a7jqB6cX3bysenHNrglHsgNGgeXQ7ggAq5fV/JQQ" +
                "T7rSxEtuwpbuHQnoVUZahOHVKy/a0uLr9iIh1A3y+yZTZaG505ZJMIAGCSqG" +
                "SIb3DQEHATAdBglghkgBZQMEAQIEENmkYNbDXiZxJWtq82qIRZKggAQgkOGr" +
                "1JcTsADStez1eY4+rO4DtyBIyUYQ3pilnbirfPkAAAAAAAAAAAAA");


            CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(envData);

            RecipientInformationStore recipients = ep.GetRecipientInfos();

            Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);

            ICollection c = recipients.GetRecipients();

//            PKCS8EncodedKeySpec	keySpec = new PKCS8EncodedKeySpec(keyData);
//            KeyFactory			keyFact = KeyFactory.GetInstance("RSA");
//            Key					priKey = keyFact.generatePrivate(keySpec);
            AsymmetricKeyParameter priKey = PrivateKeyFactory.CreateKey(keyData);

            byte[] data = Hex.Decode("57616c6c6157616c6c6157617368696e67746f6e");

            foreach (RecipientInformation recipient in c)
            {
                Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);

                CmsTypedStream recData = recipient.GetContentStream(priKey);

                byte[] compare = CmsTestUtil.StreamToByteArray(recData.ContentStream);
                Assert.IsTrue(Arrays.AreEqual(data, compare));
            }
        }
Esempio n. 9
0
        public void TestSha1WithRsaEncapsulatedBuffered()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            //
            // find unbuffered length
            //
            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);

            Stream sigOut = gen.Open(bOut, true);

            for (int i = 0; i != 2000; i++)
            {
                sigOut.WriteByte((byte)(i & 0xff));
            }

            sigOut.Close();

            CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());

            sp.GetSignedContent().Drain();

            VerifySignatures(sp);

            int unbufferedLength = bOut.ToArray().Length;

            //
            // find buffered length - buffer size less than default
            //
            bOut.SetLength(0);

            gen = new CmsSignedDataStreamGenerator();
            gen.SetBufferSize(300);
            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);

            sigOut = gen.Open(bOut, true);

            for (int i = 0; i != 2000; i++)
            {
                sigOut.WriteByte((byte)(i & 0xff));
            }

            sigOut.Close();

            VerifyEncodedData(bOut);

            Assert.IsTrue(unbufferedLength < bOut.ToArray().Length);
        }
Esempio n. 10
0
        public void TestSha1WithRsaEncapsulatedBufferedStream()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            //
            // find unbuffered length
            //
            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);

            Stream sigOut = gen.Open(bOut, true);

            for (int i = 0; i != 2000; i++)
            {
                sigOut.WriteByte((byte)(i & 0xff));
            }
            sigOut.Close();

            CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());

            sp.GetSignedContent().Drain();

            VerifySignatures(sp);

            int unbufferedLength = bOut.ToArray().Length;

            //
            // find buffered length with buffered stream - should be equal
            //
            bOut.SetLength(0);

            gen = new CmsSignedDataStreamGenerator();
            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);

            sigOut = gen.Open(bOut, true);

            byte[] data = new byte[2000];
            for (int i = 0; i != 2000; i++)
            {
                data[i] = (byte)(i & 0xff);
            }

            Streams.PipeAll(new MemoryStream(data, false), sigOut);
            sigOut.Close();

            VerifyEncodedData(bOut);

            Assert.AreEqual(unbufferedLength, bOut.ToArray().Length);
        }
Esempio n. 11
0
        public void TestCertsOnly()
        {
            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            MemoryStream bOut = new MemoryStream();

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddCertificates(x509Certs);
            gen.Open(bOut).Close();

            CheckSigParseable(bOut.ToArray());
        }
        public void TestWithAttributeCertificate()
        {
            IList certList = new ArrayList();

            certList.Add(SignCert);

            IX509Store x509Certs = X509StoreFactory.Create(
                "Certificate/Collection",
                new X509CollectionStoreParameters(certList));

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);

            gen.AddCertificates(x509Certs);

            IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate();

            ArrayList attrCerts = new ArrayList();

            attrCerts.Add(attrCert);
            IX509Store store = X509StoreFactory.Create(
                "AttributeCertificate/Collection",
                new X509CollectionStoreParameters(attrCerts));

            gen.AddAttributeCertificates(store);

            MemoryStream bOut = new MemoryStream();

            Stream sigOut = gen.Open(bOut, true);

            byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
            sigOut.Write(testBytes, 0, testBytes.Length);

            sigOut.Close();

            CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());

            sp.GetSignedContent().Drain();

            Assert.AreEqual(4, sp.Version);

            store = sp.GetAttributeCertificates("Collection");

            ArrayList coll = new ArrayList(store.GetMatches(null));

            Assert.AreEqual(1, coll.Count);

            Assert.IsTrue(coll.Contains(attrCert));
        }
Esempio n. 13
0
        public void TestEach()
        {
            byte[] testData = Encoding.ASCII.GetBytes("Hello world!");

            CmsCompressedDataStreamGenerator gen = new CmsCompressedDataStreamGenerator();
            MemoryStream bOut = new MemoryStream();

            Stream cOut = gen.Open(bOut, CmsCompressedDataStreamGenerator.ZLib);

            cOut.Write(testData, 0, testData.Length);

            cOut.Close();

            CmsCompressedDataParser ed = new CmsCompressedDataParser(bOut.ToArray());

            Assert.IsTrue(Arrays.AreEqual(testData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream)));
        }
Esempio n. 14
0
        public void TestTwoAesKek()
        {
            byte[]       data = Encoding.ASCII.GetBytes("WallaWallaWashington");
            KeyParameter kek1 = CmsTestUtil.MakeAes192Key();
            KeyParameter kek2 = CmsTestUtil.MakeAes192Key();

            CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();

            byte[] kekId1 = new byte[] { 1, 2, 3, 4, 5 };
            byte[] kekId2 = new byte[] { 5, 4, 3, 2, 1 };

            edGen.AddKekRecipient("AES192", kek1, kekId1);
            edGen.AddKekRecipient("AES192", kek2, kekId2);

            MemoryStream bOut = new MemoryStream();

            Stream outStream = edGen.Open(
                bOut,
                CmsEnvelopedDataGenerator.DesEde3Cbc);

            outStream.Write(data, 0, data.Length);

            outStream.Close();

            CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());

            RecipientInformationStore recipients = ep.GetRecipientInfos();

            Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);

            RecipientID recSel = new RecipientID();

            recSel.KeyIdentifier = kekId2;

            RecipientInformation recipient = recipients.GetFirstRecipient(recSel);

            Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25");

            CmsTypedStream recData = recipient.GetContentStream(kek2);

            Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));

            ep.Close();
        }
Esempio n. 15
0
        public void TestECKeyAgree()
        {
            byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");

            CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();

            edGen.AddKeyAgreementRecipient(
                CmsEnvelopedDataGenerator.ECDHSha1Kdf,
                OrigECKP.Private,
                OrigECKP.Public,
                ReciECCert,
                CmsEnvelopedDataGenerator.Aes128Wrap);

            MemoryStream bOut = new MemoryStream();

            Stream outStr = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc);

            outStr.Write(data, 0, data.Length);

            outStr.Close();

            CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());

            RecipientInformationStore recipients = ep.GetRecipientInfos();

            Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);

            RecipientID recSel = new RecipientID();

//			recSel.SetIssuer(PrincipalUtilities.GetIssuerX509Principal(ReciECCert).GetEncoded());
            recSel.Issuer       = PrincipalUtilities.GetIssuerX509Principal(ReciECCert);
            recSel.SerialNumber = ReciECCert.SerialNumber;

            RecipientInformation recipient = recipients.GetFirstRecipient(recSel);

            CmsTypedStream recData = recipient.GetContentStream(ReciECKP.Private);

            Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));

            ep.Close();
        }
Esempio n. 16
0
        public void TestAesKek()
        {
            byte[]       data = Encoding.ASCII.GetBytes("WallaWallaWashington");
            KeyParameter kek  = CmsTestUtil.MakeAes192Key();

            CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();

            byte[] kekId = new byte[] { 1, 2, 3, 4, 5 };

            edGen.AddKekRecipient("AES192", kek, kekId);

            MemoryStream bOut = new MemoryStream();

            Stream outStream = edGen.Open(
                bOut,
                CmsEnvelopedDataGenerator.DesEde3Cbc);

            outStream.Write(data, 0, data.Length);

            outStream.Close();

            CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());

            RecipientInformationStore recipients = ep.GetRecipientInfos();

            Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);

            ICollection c = recipients.GetRecipients();

            foreach (RecipientInformation recipient in c)
            {
                Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25");

                CmsTypedStream recData = recipient.GetContentStream(kek);

                Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));
            }

            ep.Close();
        }
Esempio n. 17
0
        public void TestAttributeGenerators()
        {
            MemoryStream bOut = new MemoryStream();

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            CmsAttributeTableGenerator signedGen   = new SignedGenAttributeTableGenerator();
            CmsAttributeTableGenerator unsignedGen = new UnsignedGenAttributeTableGenerator();

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert,
                          CmsSignedDataStreamGenerator.DigestSha1, signedGen, unsignedGen);
            gen.AddCertificates(x509Certs);

            byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);

            Stream sigOut = gen.Open(bOut, true);

            sigOut.Write(testBytes, 0, testBytes.Length);
            sigOut.Close();

            CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());

            sp.GetSignedContent().Drain();

            VerifySignatures(sp);

            //
            // check attributes
            //
            SignerInformationStore signers = sp.GetSignerInfos();

            foreach (SignerInformation signer in signers.GetSigners())
            {
                CheckAttribute(signer.GetContentDigest(), signer.SignedAttributes[dummyOid1]);
                CheckAttribute(signer.GetSignature(), signer.UnsignedAttributes[dummyOid2]);
            }
        }
Esempio n. 18
0
        private void VerifyData(
            byte[]  encodedBytes,
            string expectedOid,
            byte[]  expectedData)
        {
            CmsEnvelopedDataParser    ep         = new CmsEnvelopedDataParser(encodedBytes);
            RecipientInformationStore recipients = ep.GetRecipientInfos();

            Assert.AreEqual(ep.EncryptionAlgOid, expectedOid);

            ICollection c = recipients.GetRecipients();

            foreach (RecipientInformation recipient in c)
            {
                Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);

                CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private);

                Assert.IsTrue(Arrays.AreEqual(expectedData, CmsTestUtil.StreamToByteArray(
                                                  recData.ContentStream)));
            }
        }
Esempio n. 19
0
        public void TestCertStoreReplacement()
        {
            MemoryStream bOut = new MemoryStream();

            byte[] data = Encoding.ASCII.GetBytes(TestMessage);

            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);

            CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();

            gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
            gen.AddCertificates(x509Certs);

            Stream sigOut = gen.Open(bOut);

            sigOut.Write(data, 0, data.Length);
            sigOut.Close();

            CheckSigParseable(bOut.ToArray());

            //
            // create new certstore with the right certificates
            //
            x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);

            //
            // replace certs
            //
            MemoryStream original = new MemoryStream(bOut.ToArray(), false);
            MemoryStream newOut   = new MemoryStream();

            CmsSignedDataParser.ReplaceCertificatesAndCrls(original, x509Certs, null, null, newOut);

            CmsSignedDataParser sp = new CmsSignedDataParser(new CmsTypedStream(new MemoryStream(data, false)), newOut.ToArray());

            sp.GetSignedContent().Drain();

            VerifySignatures(sp);
        }
Esempio n. 20
0
        public void TestKeyTransAes128()
        {
            byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");

            CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();

            edGen.AddKeyTransRecipient(ReciCert);

            MemoryStream bOut = new MemoryStream();

            Stream outStream = edGen.Open(
                bOut, CmsEnvelopedDataGenerator.Aes128Cbc);

            outStream.Write(data, 0, data.Length);

            outStream.Close();

            CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());

            RecipientInformationStore recipients = ep.GetRecipientInfos();

            Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);

            ICollection c = recipients.GetRecipients();

            foreach (RecipientInformation recipient in c)
            {
                Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);

                CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private);

                Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));
            }

            ep.Close();
        }
Esempio n. 21
0
 public void TestAes256Kek()
 {
     TryKekAlgorithm(CmsTestUtil.MakeAesKey(256), NistObjectIdentifiers.IdAes256Wrap);
 }
Esempio n. 22
0
        public void TestWorkingData()
        {
            CmsCompressedDataParser ed = new CmsCompressedDataParser(compData);

            Assert.IsTrue(Arrays.AreEqual(uncompData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream)));
        }
 public void TestKEKDESede()
 {
     tryKekAlgorithm(CmsTestUtil.MakeDesEde192Key(), new DerObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
 }
Esempio n. 24
0
 public void TestCamellia256Kek()
 {
     TryKekAlgorithm(CmsTestUtil.MakeCamelliaKey(256), NttObjectIdentifiers.IdCamellia256Wrap);
 }
Esempio n. 25
0
 public void TestSeed128Kek()
 {
     TryKekAlgorithm(CmsTestUtil.MakeSeedKey(), KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap);
 }
Esempio n. 26
0
 public void TestAes192Kek()
 {
     TryKekAlgorithm(CmsTestUtil.MakeAesKey(192), NistObjectIdentifiers.IdAes192Wrap);
 }
Esempio n. 27
0
 public void TestRC2128Kek()
 {
     TryKekAlgorithm(CmsTestUtil.MakeRC2128Key(), new DerObjectIdentifier("1.2.840.113549.1.9.16.3.7"));
 }