/// <summary> /// Imports the specified RSAParameters. /// </summary> /// <param name="parameters">The parameters for RSA.</param> public void ImportParameters(RSAParameters parameters) { bool fIncludePrivate = parameters.D != null; int cntAttribs = fIncludePrivate ? 10 : 4; CryptokiAttribute[] attribs = new CryptokiAttribute[cntAttribs]; attribs[0] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class, Utility.ConvertToBytes((int)(fIncludePrivate ? CryptokiClass.PRIVATE_KEY : CryptokiClass.PUBLIC_KEY))); attribs[1] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType, Utility.ConvertToBytes((int)CryptoKey.KeyType.RSA)); attribs[2] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Modulus, parameters.Modulus); attribs[3] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PublicExponent, parameters.Exponent); if (fIncludePrivate) { attribs[4] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PrivateExponent, parameters.D); attribs[5] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Exponent1, parameters.DP); attribs[6] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Exponent2, parameters.DQ); attribs[7] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Coefficent, parameters.InverseQ); attribs[8] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime1, parameters.P); attribs[9] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime2, parameters.Q); } KeyPair = CryptoKey.LoadKey(m_session, attribs); OwnsKeyPair = true; }
protected override void GenerateKeyPair() { CryptokiAttribute[] attribs = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueLen, Utility.ConvertToBytes(KeySizeValue)) }; KeyPairValue = CryptoKey.GenerateKeyPair(m_session, m_keyGenMech, attribs, null); OwnsKeyPair = true; }
protected override void GenerateKeyPair() { CryptokiAttribute[] attribs = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueLen, Utility.ConvertToBytes(KeySizeValue)) }; KeyPairValue = CryptoKey.GenerateKeyPair(m_session, new Mechanism(MechanismType.EC_KEY_PAIR_GEN), attribs, null); OwnsKeyPair = true; }
/// <summary> /// Generates a random symmetric key for use in the signing process. /// </summary> /// <param name="keySize">Size of the symmetric key in bits</param> private void GenerateKey(int keySize) { CryptokiAttribute[] attribs = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueLen, Utility.ConvertToBytes(keySize)) }; KeyValue = CryptoKey.GenerateKey(m_session, new Mechanism(MechanismType.GENERIC_SECRET_KEY_GEN), attribs); OwnsKey = true; m_mechanism.Parameter = KeyValue.Handle; Initialize(); }
private void GetKeyAttribs() { byte[] keyType = new byte[4]; byte[] length = new byte[4]; CryptokiAttribute[] keyTypeAttr = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType, keyType), new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueBits, length), }; GetAttributeValues(ref keyTypeAttr); m_keyType = (KeyType)Utility.ConvertToInt32(keyType); m_length = Utility.ConvertToInt32(length); }
/// <summary> /// Imports a key of specifed type given the raw key bytes and key class. /// </summary> /// <param name="session">The Cryptoki session context.</param> /// <param name="keyData">The raw key data bytes.</param> /// <param name="keyClass">The class of key represented by the raw bytes.</param> /// <param name="keyType">The type of key represented by the raw bytes.</param> /// <param name="canBeExported">true if the key can be exported, false other wise.</param> /// <returns>The key created from the specified bytes.</returns> public static CryptoKey ImportKey(Session session, byte[] keyData, KeyClass keyClass, KeyType keyType, bool canBeExported) { CryptokiAttribute[] keyImport = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class, Utility.ConvertToBytes((int)keyClass)), new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType, Utility.ConvertToBytes((int)keyType)), new CryptokiAttribute(CryptokiAttribute.CryptokiType.Value, keyData), new CryptokiAttribute(CryptokiAttribute.CryptokiType.Extractable, Utility.ConvertToBytes(canBeExported ? 1 : 0)), }; CryptoKey ret = LoadKey(session, keyImport); session.AddSessionObject(ret); return(ret); }
/// <summary> /// Exports the key in standard Windows KeyBlob format. /// </summary> /// <param name="fIncludePrivate"></param> /// <returns></returns> public byte[] ExportKey(bool fIncludePrivate) { byte[] keyData = new byte[(Size + 7) / 8]; CryptokiAttribute[] keyImport = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.Private, Utility.ConvertToBytes((int)(fIncludePrivate? 1 : 0))), new CryptokiAttribute(CryptokiAttribute.CryptokiType.Value, keyData), }; if (GetAttributeValues(ref keyImport)) { return(keyData); } return(null); }
/// <summary> /// Exports the RSAParameters. /// </summary> /// <param name="includePrivateParameters">true to include private parameters; otherwise, false.</param> /// <returns>The parameters for RSA.</returns> public RSAParameters ExportParameters(bool includePrivateParameters) { RSAParameters parms = new RSAParameters(); int keySizeBytes = KeySizeValue / 8; int cntAttribs = includePrivateParameters ? 8 : 2; parms.Modulus = new byte[keySizeBytes]; parms.Exponent = new byte[3]; if (includePrivateParameters) { int halfKeyBytes = keySizeBytes / 2; parms.D = new byte[keySizeBytes]; parms.DP = new byte[halfKeyBytes]; parms.DQ = new byte[halfKeyBytes]; parms.InverseQ = new byte[halfKeyBytes]; parms.P = new byte[halfKeyBytes]; parms.Q = new byte[halfKeyBytes]; } CryptokiAttribute[] attribs = new CryptokiAttribute[cntAttribs]; attribs[0] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Modulus, parms.Modulus); attribs[1] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PublicExponent, parms.Exponent); if (includePrivateParameters) { attribs[2] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PrivateExponent, parms.D); attribs[3] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Exponent1, parms.DP); attribs[4] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Exponent2, parms.DQ); attribs[5] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Coefficent, parms.InverseQ); attribs[6] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime1, parms.P); attribs[7] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime2, parms.Q); } if (!KeyPair.GetAttributeValues(ref attribs)) { throw new CryptographicException(); } return(parms); }
/// <summary> /// Generates a random key to use for the algorithm. /// </summary> public override void GenerateKey() { CryptoKey key; Mechanism mech = new Mechanism(Microsoft.SPOT.Cryptoki.MechanismType.AES_KEY_GEN); CryptokiAttribute[] attribs = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.ValueLen, Utility.ConvertToBytes(KeySizeValue)) }; key = CryptoKey.GenerateKey(m_session, mech, attribs); if (KeyValue != null && OwnsKey) { KeyValue.Dispose(); } KeyValue = key; OwnsKey = true; }
/// <summary> /// Opens a CryptoKey with the specified key name from the underlying key store. /// </summary> /// <param name="session">The Cryptoki session context.</param> /// <param name="keyName">The name of the key to be opened.</param> /// <returns>The CryptoKey for the specifed key name.</returns> public static CryptoKey OpenKey(Session session, string keyName, string keyStore = "") { CryptokiAttribute[] template = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class, Utility.ConvertToBytes((int)CryptokiClass.OTP_KEY)), new CryptokiAttribute(CryptokiAttribute.CryptokiType.Label, System.Text.UTF8Encoding.UTF8.GetBytes(keyStore)), new CryptokiAttribute(CryptokiAttribute.CryptokiType.ObjectID, System.Text.UTF8Encoding.UTF8.GetBytes(keyName)) }; using (FindObjectEnum objects = new FindObjectEnum(session, template)) { CryptokiObject[] objs = objects.GetNext(1); if (objs != null && objs.Length == 1 && objs[0] is CryptoKey) { return((CryptoKey)objs[0]); } } return(null); }
/// <summary> /// Exports the DSAParameters. /// </summary> /// <param name="includePrivateParameters">true to include the private key; otherwise, false.</param> /// <returns>The parameters for DSA.</returns> public DSAParameters ExportParameters(bool includePrivateParameters) { DSAParameters parms = new DSAParameters(); int keySizeBytes = KeySizeValue / 8; int cntAttribs = includePrivateParameters ? 5 : 4; parms.P = new byte[keySizeBytes]; parms.Q = new byte[160 / 8]; parms.G = new byte[keySizeBytes]; parms.Y = new byte[keySizeBytes]; if (includePrivateParameters) { parms.X = new byte[160 / 8]; } CryptokiAttribute[] attribs = new CryptokiAttribute[cntAttribs]; attribs[0] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime, parms.P); attribs[1] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Subprime, parms.Q); attribs[2] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Base, parms.G); attribs[3] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PublicExponent, parms.Y); if (includePrivateParameters) { attribs[4] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PrivateExponent, parms.X); } if (!KeyPair.GetAttributeValues(ref attribs)) { throw new CryptographicException(); } return(parms); }
// // public methods // /// <summary> /// Imports the specified DSAParameters. /// </summary> /// <param name="parameters">The parameters for DSA.</param> public void ImportParameters(DSAParameters parameters) { bool fIncludePrivate = parameters.X != null; int cntAttribs = fIncludePrivate ? 7 : 6; CryptokiAttribute[] attribs = new CryptokiAttribute[cntAttribs]; attribs[0] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class, Utility.ConvertToBytes((int)(fIncludePrivate ? CryptokiClass.PRIVATE_KEY : CryptokiClass.PUBLIC_KEY))); attribs[1] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType, Utility.ConvertToBytes((int)CryptoKey.KeyType.DSA)); attribs[2] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Prime, parameters.P); attribs[3] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Subprime, parameters.Q); attribs[4] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.Base, parameters.G); attribs[5] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PublicExponent, parameters.Y); if (fIncludePrivate) { attribs[6] = new CryptokiAttribute(CryptokiAttribute.CryptokiType.PrivateExponent, parameters.X); } KeyPair = CryptoKey.LoadKey(m_session, attribs); OwnsKeyPair = true; }
public bool GetAttributeValue(int session, int hObject, IntPtr pTemplate, int ulCount) { try { SessionData ctx = ((SessionDriver)this.Hal.Session).GetSessionCtx(session); CryptokiObject obj = ctx.ObjectCtx.GetObject(hObject); if (obj == null) { return(false); } DSAParameters dsaParms = new DSAParameters(); bool hasDsaParms = false; int valueLen = 0; RSAParameters rsaParms = new RSAParameters(); while (ulCount-- > 0) { CryptokiAttribute attrib = new CryptokiAttribute(); Marshal.PtrToStructure(pTemplate, attrib); if (obj.Type == CryptokiObjectType.Cert) { X509Certificate2 cert = (X509Certificate2)obj.Data; switch ((CryptokiAttribType)attrib.type) { case CryptokiAttribType.Class: Marshal.WriteInt32(attrib.pValue, (int)CryptokiClass.CERTIFICATE); valueLen = 4; break; case CryptokiAttribType.Private: Marshal.WriteInt32(attrib.pValue, cert.HasPrivateKey ? 1 : 0); valueLen = 4; break; case CryptokiAttribType.KeyType: switch (cert.GetKeyAlgorithm()) { case "1.2.840.113549.1.1.1": Marshal.WriteInt32(attrib.pValue, (int)KeyType.RSA); break; default: Marshal.WriteInt32(attrib.pValue, -1); break; } valueLen = 4; break; case CryptokiAttribType.Issuer: { byte [] data = UTF8Encoding.UTF8.GetBytes(cert.Issuer); Marshal.Copy(data, 0, attrib.pValue, data.Length); valueLen = data.Length; } break; case CryptokiAttribType.Subject: { byte [] data = UTF8Encoding.UTF8.GetBytes(cert.Subject); Marshal.Copy(data, 0, attrib.pValue, data.Length); valueLen = data.Length; } break; case CryptokiAttribType.SerialNumber: { byte[] data = cert.GetSerialNumber(); Marshal.Copy(data, 0, attrib.pValue, data.Length); valueLen = data.Length; } break; case CryptokiAttribType.PublicExponent: { } break; case CryptokiAttribType.StartDate: case CryptokiAttribType.EndDate: { DATE_TIME_INFO dti = new DATE_TIME_INFO(); DateTime dt = (CryptokiAttribType)attrib.type == CryptokiAttribType.StartDate ? cert.NotBefore : cert.NotAfter; dti.year = dt.Year; dti.month = dt.Month; dti.day = dt.Day; dti.hour = dt.Hour; dti.minute = dt.Minute; dti.second = dt.Second; dti.msec = dt.Millisecond; dti.tzOffset = TimeZoneInfo.Local.BaseUtcOffset.Hours; Marshal.StructureToPtr(dti, attrib.pValue, true); valueLen = Marshal.SizeOf(dti); } break; case CryptokiAttribType.MechanismType: { switch (cert.SignatureAlgorithm.Value) { case "1.2.840.113549.1.1.5": Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.SHA1_RSA_PKCS); break; case "1.2.840.113549.1.1.4": Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.MD5_RSA_PKCS); break; case "1.2.840.113549.1.1.11": Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.SHA256_RSA_PKCS); break; case "1.2.840.113549.1.1.12": Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.SHA384_RSA_PKCS); break; case "1.2.840.113549.1.1.13": Marshal.WriteInt32(attrib.pValue, (int)AlgorithmType.SHA512_RSA_PKCS); break; } valueLen = 4; } break; case CryptokiAttribType.Value: valueLen = cert.RawData.Length; Marshal.Copy(cert.RawData, 0, attrib.pValue, valueLen); break; case CryptokiAttribType.ValueLen: Marshal.WriteInt32(attrib.pValue, valueLen); break; } } else if (obj.Type == CryptokiObjectType.Key) { object key = ((KeyData)obj.Data).KeyCsp; switch ((CryptokiAttribType)attrib.type) { case CryptokiAttribType.Class: Marshal.WriteInt32(attrib.pValue, (int)CryptokiClass.OTP_KEY); valueLen = 4; break; case CryptokiAttribType.PrivateExponent: if (key is DSACryptoServiceProvider) { if (!hasDsaParms) { dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.X.Length); Marshal.Copy(dsaParms.X, 0, attrib.pValue, valueLen); } else if (key is AesCryptoServiceProvider) { AesCryptoServiceProvider aes = (AesCryptoServiceProvider)key; valueLen = Math.Min((int)attrib.ulValueLen, aes.Key.Length); Marshal.Copy(aes.Key, 0, attrib.pValue, valueLen); } else if (key is KeyManagementDriver.SecretKey) { KeyManagementDriver.SecretKey sk = (KeyManagementDriver.SecretKey)key; valueLen = Math.Min((int)attrib.ulValueLen, sk.Data.Length); Marshal.Copy(sk.Data, 0, attrib.pValue, valueLen); } else if (key is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key; if (rsaParms.Modulus == null) { rsaParms = rsa.ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.D.Length); Marshal.Copy(rsaParms.D, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.PublicExponent: if (key is DSACryptoServiceProvider) { if (!hasDsaParms) { dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.Y.Length); Marshal.Copy(dsaParms.Y, 0, attrib.pValue, valueLen); } else if (key is ECDiffieHellman) { ECDiffieHellman ecdh = (ECDiffieHellman)key; byte[] pubKey = ecdh.PublicKey.ToByteArray(); valueLen = Math.Min((int)attrib.ulValueLen, pubKey.Length - 8); Marshal.Copy(pubKey, 8, attrib.pValue, valueLen); } else if (key is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key; if (rsaParms.Modulus == null) { rsaParms = rsa.ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.Exponent.Length); Marshal.Copy(rsaParms.Exponent, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Prime: if (key is DSACryptoServiceProvider) { if (!hasDsaParms) { dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.P.Length); Marshal.Copy(dsaParms.P, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Subprime: if (key is DSACryptoServiceProvider) { if (!hasDsaParms) { dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.Q.Length); Marshal.Copy(dsaParms.Q, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Base: if (key is DSACryptoServiceProvider) { if (!hasDsaParms) { dsaParms = ((DSACryptoServiceProvider)key).ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, dsaParms.G.Length); Marshal.Copy(dsaParms.G, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.ValueLen: Marshal.WriteInt32(attrib.pValue, valueLen); break; case CryptokiAttribType.KeyType: if (key is DSACryptoServiceProvider) { Marshal.WriteInt32(attrib.pValue, (int)KeyType.DSA); } else if (key is RSACryptoServiceProvider) { Marshal.WriteInt32(attrib.pValue, (int)KeyType.RSA); } else if (key is ECDsaCng) { Marshal.WriteInt32(attrib.pValue, (int)KeyType.ECDSA); } else if (key is ECDiffieHellman) { Marshal.WriteInt32(attrib.pValue, (int)KeyType.EC); } else if (key is AesCryptoServiceProvider) { Marshal.WriteInt32(attrib.pValue, (int)KeyType.AES); } else if (key is TripleDESCryptoServiceProvider) { Marshal.WriteInt32(attrib.pValue, (int)KeyType.DES3); } else if (key is KeyManagementDriver.SecretKey) { Marshal.WriteInt32(attrib.pValue, (int)KeyType.GENERIC_SECRET); } break; case CryptokiAttribType.ValueBits: if (key is DSACryptoServiceProvider) { Marshal.WriteInt32(attrib.pValue, ((DSACryptoServiceProvider)key).KeySize); } else if (key is RSACryptoServiceProvider) { Marshal.WriteInt32(attrib.pValue, ((RSACryptoServiceProvider)key).KeySize); } else if (key is ECDsaCng) { Marshal.WriteInt32(attrib.pValue, ((ECDsaCng)key).KeySize); } else if (key is ECDiffieHellman) { Marshal.WriteInt32(attrib.pValue, ((ECDiffieHellman)key).KeySize); } else if (key is AesCryptoServiceProvider) { Marshal.WriteInt32(attrib.pValue, ((AesCryptoServiceProvider)key).KeySize); } else if (key is TripleDESCryptoServiceProvider) { Marshal.WriteInt32(attrib.pValue, ((TripleDESCryptoServiceProvider)key).KeySize); } else if (key is KeyManagementDriver.SecretKey) { Marshal.WriteInt32(attrib.pValue, ((KeyManagementDriver.SecretKey)key).Size); } break; case CryptokiAttribType.Value: if (key is AesCryptoServiceProvider) { AesCryptoServiceProvider aes = (AesCryptoServiceProvider)key; valueLen = Math.Min((int)attrib.ulValueLen, aes.Key.Length); Marshal.Copy(aes.Key, 0, attrib.pValue, valueLen); } else if (key is KeyManagementDriver.SecretKey) { KeyManagementDriver.SecretKey sk = (KeyManagementDriver.SecretKey)key; valueLen = Math.Min((int)attrib.ulValueLen, sk.Data.Length); Marshal.Copy(sk.Data, 0, attrib.pValue, valueLen); } else if (key is ECDiffieHellman) { ECDiffieHellman ecdh = (ECDiffieHellman)key; byte[] pubKey = ecdh.PublicKey.ToByteArray(); valueLen = Math.Min((int)attrib.ulValueLen, pubKey.Length); Marshal.Copy(pubKey, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Modulus: if (key is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key; if (rsaParms.Modulus == null) { rsaParms = rsa.ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.Modulus.Length); Marshal.Copy(rsaParms.Modulus, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Prime1: if (key is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key; if (rsaParms.Modulus == null) { rsaParms = rsa.ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.P.Length); Marshal.Copy(rsaParms.P, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Prime2: if (key is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key; if (rsaParms.Modulus == null) { rsaParms = rsa.ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.Q.Length); Marshal.Copy(rsaParms.Q, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Exponent1: if (key is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key; if (rsaParms.Modulus == null) { rsaParms = rsa.ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.DP.Length); Marshal.Copy(rsaParms.DP, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Exponent2: if (key is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key; if (rsaParms.Modulus == null) { rsaParms = rsa.ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.DQ.Length); Marshal.Copy(rsaParms.DQ, 0, attrib.pValue, valueLen); } break; case CryptokiAttribType.Coefficent: if (key is RSACryptoServiceProvider) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)key; if (rsaParms.Modulus == null) { rsaParms = rsa.ExportParameters(true); } valueLen = Math.Min((int)attrib.ulValueLen, rsaParms.InverseQ.Length); Marshal.Copy(rsaParms.InverseQ, 0, attrib.pValue, valueLen); } break; } } pTemplate += Marshal.SizeOf(attrib); } } catch { return(false); } return(true); }
public MFTestResults HmacTest_Compare() { bool testResult = false; if (!m_isEmulator) { return(MFTestResults.Skip); } try { CryptokiAttribute[] secretKey = new CryptokiAttribute[] { new CryptokiAttribute(CryptokiAttribute.CryptokiType.Class, new byte[] { 4, 0, 0, 0 }), new CryptokiAttribute(CryptokiAttribute.CryptokiType.KeyType, new byte[] { 0x10, 0, 0, 0 }), new CryptokiAttribute(CryptokiAttribute.CryptokiType.Value, new byte[20]) }; Mechanism mech = new Mechanism(MechanismType.SHA_1_HMAC); using (Session openSession = new Session("", mech.Type)) { using (RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(openSession)) { rng.GetBytes(secretKey[2].Value); } using (CryptoKey keyOpen = CryptoKey.LoadKey(openSession, secretKey)) { string dataToSign = "This is a simple message to be encrypted"; byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign); using (KeyedHashAlgorithm hmacOpenSSL = new KeyedHashAlgorithm(KeyedHashAlgorithmType.HMACSHA1, keyOpen)) { byte[] hmac1 = hmacOpenSSL.ComputeHash(data); using (Session emuSession = new Session("Emulator_Crypto", mech.Type)) { using (CryptoKey keyEmu = CryptoKey.LoadKey(emuSession, secretKey)) { using (KeyedHashAlgorithm hmacEmu = new KeyedHashAlgorithm(KeyedHashAlgorithmType.HMACSHA1, keyEmu)) { byte[] hmac2 = hmacEmu.ComputeHash(data); testResult = true; for (int i = 0; i < hmac1.Length; i++) { if (hmac1[i] != hmac2[i]) { testResult = false; break; } } } } } } } } } catch (Exception ex) { Log.Exception("Unexpected Exception", ex); } return(testResult ? MFTestResults.Pass : MFTestResults.Fail); }
public bool SetAttributeValue(int session, int hObject, IntPtr pTemplate, int ulCount) { try { SessionData ctx = ((SessionDriver)this.Hal.Session).GetSessionCtx(session); CryptokiObject obj = ctx.ObjectCtx.GetObject(hObject); if (obj == null) { return(false); } if (obj.Type == CryptokiObjectType.Cert) { X509Certificate2 cert = obj.Data as X509Certificate2; bool fSave = false; bool fDelete = false; string group = "", fileName = ""; uint len = 0; byte[] data; for (int i = 0; i < (int)ulCount; i++) { CryptokiAttribute attrib = new CryptokiAttribute(); Marshal.PtrToStructure(pTemplate, attrib); switch ((CryptokiAttribType)attrib.type) { case CryptokiAttribType.Persist: fSave = Marshal.ReadInt32(attrib.pValue) == 1; fDelete = !fSave; break; case CryptokiAttribType.Label: len = attrib.ulValueLen; data = new byte[len]; Marshal.Copy(attrib.pValue, data, 0, (int)len); group = UTF8Encoding.UTF8.GetString(data); break; case CryptokiAttribType.ObjectID: len = attrib.ulValueLen; data = new byte[len]; Marshal.Copy(attrib.pValue, data, 0, (int)len); fileName = UTF8Encoding.UTF8.GetString(data); break; default: return(false); } pTemplate += Marshal.SizeOf(attrib); } if (fDelete) { ctx.ObjectCtx.DestroyObject(hObject); } else if (fSave) { // TODO: Store in persistant storage for emulator obj.Properties["FileName"] = fileName; obj.Properties["Group"] = group; } else { return(false); } } return(true); } catch { return(false); } }
public bool CreateObject(int session, IntPtr pTemplate, int ulCount, out int phObject) { phObject = -1; if (ulCount == 0) { return(false); } try { SessionData ctx = ((SessionDriver)this.Hal.Session).GetSessionCtx(session); CryptokiAttribute attrib = new CryptokiAttribute(); Marshal.PtrToStructure(pTemplate, attrib); if ((CryptokiAttribType)attrib.type == CryptokiAttribType.Class) { CryptokiClass type = (CryptokiClass)Marshal.ReadInt32(attrib.pValue); if (type == CryptokiClass.CERTIFICATE) { string password = ""; while (0 < --ulCount) { pTemplate += Marshal.SizeOf(attrib); Marshal.PtrToStructure(pTemplate, attrib); switch ((CryptokiAttribType)attrib.type) { case CryptokiAttribType.Password: { byte[] data = new byte[attrib.ulValueLen]; Marshal.Copy(attrib.pValue, data, 0, data.Length); password = UTF8Encoding.UTF8.GetString(data); } break; case CryptokiAttribType.Value: { byte[] data = new byte[attrib.ulValueLen]; Marshal.Copy(attrib.pValue, data, 0, data.Length); X509Certificate2 x509 = new X509Certificate2(data, password); phObject = ctx.ObjectCtx.AddObject(CryptokiObjectType.Cert, x509); return(true); } default: break; } } } } } catch { } return(false); }
MFTestResults Test_ImportKey(Session session) { bool testResult = false; try { using (CryptoKey pubkey = CryptoKey.LoadKey(session, m_publicDsaKey)) { // replace publickey with private CryptokiAttribute[] privateKey = new CryptokiAttribute[m_publicDsaKey.Length]; for (int x = 0; x < m_publicDsaKey.Length; x++) { privateKey[x] = new CryptokiAttribute(m_publicDsaKey[x].Type, new byte[m_publicDsaKey[x].Value.Length]); Array.Copy(m_publicDsaKey[x].Value, privateKey[x].Value, m_publicDsaKey[x].Value.Length); } privateKey[0].Value = Utility.ConvertToBytes((int)CryptokiClass.PRIVATE_KEY); privateKey[5].Value = new byte[] { 0x45, 0xB3, 0x34, 0x77, 0x54, 0x3E, 0x7E, 0xBC, 0x82, 0xA8, 0x4E, 0x8E, 0x91, 0x55, 0x86, 0xC1, 0xDA, 0x22, 0xDE, 0x09, }; using (CryptoKey privkey = CryptoKey.LoadKey(session, privateKey)) { string dataToSign = "This is a simple message to be encrypted"; byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign); using (DSACryptoServiceProvider dsaEncr = new DSACryptoServiceProvider(privkey)) using (DSACryptoServiceProvider dsaDecr = new DSACryptoServiceProvider(pubkey)) { byte[] signature = dsaEncr.SignData(data); testResult = dsaDecr.VerifyData(data, signature); } } using (CryptoKey privkey = CryptoKey.LoadKey(session, m_privateDsaKey)) { string dataToSign = "This is a simple message to be encrypted"; byte[] data = System.Text.UTF8Encoding.UTF8.GetBytes(dataToSign); using (DSACryptoServiceProvider dsaEncr = new DSACryptoServiceProvider(privkey)) using (DSACryptoServiceProvider dsaDecr = new DSACryptoServiceProvider(privkey)) { byte[] signature = dsaEncr.SignData(data); testResult &= dsaDecr.VerifyData(data, signature); } } } } catch (Exception ex) { Log.Exception("Unexpected Exception", ex); testResult = false; } return(testResult ? MFTestResults.Pass : MFTestResults.Fail); }
public bool FindObjectsInit(int session, IntPtr pTemplate, int ulCount) { try { SessionData ctx = ((SessionDriver)this.Hal.Session).GetSessionCtx(session); if (ctx.FindObjCtx != null) { return(false); } ctx.FindObjCtx = new FindObjectsContext(); string fileName = ""; string group = ""; CryptokiObjectType type = CryptokiObjectType.Data; byte[] data; while (ulCount-- > 0) { CryptokiAttribute attrib = new CryptokiAttribute(); Marshal.PtrToStructure(pTemplate, attrib); switch ((CryptokiAttribType)attrib.type) { case CryptokiAttribType.Class: switch ((CryptokiClass)Marshal.ReadInt32(attrib.pValue)) { case CryptokiClass.CERTIFICATE: type = CryptokiObjectType.Cert; break; case CryptokiClass.OTP_KEY: type = CryptokiObjectType.Key; break; } break; case CryptokiAttribType.ObjectID: data = new byte[attrib.ulValueLen]; Marshal.Copy(attrib.pValue, data, 0, data.Length); fileName = UTF8Encoding.UTF8.GetString(data); break; case CryptokiAttribType.Label: data = new byte[attrib.ulValueLen]; Marshal.Copy(attrib.pValue, data, 0, data.Length); group = UTF8Encoding.UTF8.GetString(data); break; } pTemplate += Marshal.SizeOf(attrib); } ctx.FindObjCtx.FileName = fileName; ctx.FindObjCtx.Group = group; ctx.FindObjCtx.Type = type; return(true); } catch { return(false); } }