public void CreateNoPrimary(string keyType, string topDir) { KeyType type = keyType; var kspath = Util.TestDataPath(WRITE_DATA, topDir); var writer = new FileSystemKeySetWriter(kspath, overwrite: true); using (var ks = CreateNewKeySet(type.Kind, KeyPurpose.DecryptAndEncrypt)) { int ver = ks.AddKey(KeyStatus.Primary, type: type); Expect(ver, Is.EqualTo(1)); var success = ks.Save(writer); Expect(success, Is.True); } using (var encrypter = new Encrypter(kspath)) { var ciphertext = encrypter.Encrypt(input); File.WriteAllText(Path.Combine(kspath, "1.out"), ciphertext); } using (var ks = new MutableKeySet(kspath)) { var status = ks.Demote(1); Expect(status, Is.EqualTo(KeyStatus.Active)); var success = ks.Save(writer); Expect(success, Is.True); } }
public override int Run(string[] remainingArguments) { IKeySet ks = new FileSystemKeySet(_location); bool add = !ks.Metadata.Encrypted; Func <string> prompt = CachedPrompt.Password(Util.PromptForPassword).Prompt; if (!add) { Console.WriteLine(Localized.PasswordPromptOldPassword); ks = new PbeKeySet(ks, prompt); } using (ks as PbeKeySet) using (var keySet = new MutableKeySet(ks)) { keySet.ForceKeyDataChange(); IKeySetWriter writer = new FileSystemKeySetWriter(_location, overwrite: true); if (!_remove) { Console.WriteLine(Localized.PasswordPromptNewPassword); Func <string> newPrompt = CachedPrompt.Password(Util.DoublePromptForPassword).Prompt; writer = new PbeKeySetWriter(writer, newPrompt); } else { keySet.Metadata.Encrypted = false; } using (writer as PbeKeySetWriter) { if (keySet.Save(writer)) { if (_remove) { Console.WriteLine(Localized.MsgRemovedPassword); } else if (add) { Console.WriteLine(Localized.MsgAddedPasssword); } else { Console.WriteLine(Localized.MsgChangedPassword); } return(0); } return(-1); } } }
public void TestOverwriteFalse() { using (var ks = new MutableKeySet(new KeyMetadata { Name = "Don't Write", Purpose = KeyPurpose.DecryptAndEncrypt, Kind = KeyKind.Symmetric })) { ks.AddKey(KeyStatus.Primary); var writer = new FileSystemKeySetWriter(Util.TestDataPath(TEST_DATA, "pbe_json"), overwrite: false); Expect(() => ks.Save(writer), Is.False); } }
public void TestExportPem(string keyType, string purpose, string topDir) { KeyPurpose p = purpose; KeyType kt = keyType; var path = Util.TestDataPath(WRITE_DATA, topDir, "certificates"); var pubPath = path + ".public"; var exportPath = path + "-pkcs8.pem"; var exportPath2 = path + "-pkcs12.pfx"; var exportPubPath2 = path + "-public.pfx"; var exportPubPath = path + "-public.pem"; var writer = new FileSystemKeySetWriter(path, overwrite: true); var pubWriter = new FileSystemKeySetWriter(pubPath, overwrite: true); using (var ks = CreateNewKeySet(kt.Kind, p)) { var ver = ks.AddKey(KeyStatus.Primary, type: kt); Expect(ver, Is.EqualTo(1)); using (var pubks = ks.PublicKey()) { var pubsuccess = pubks.ExportPrimaryAsPkcs(exportPubPath, () => null); Expect(pubsuccess, Is.True); } Func <string> password = () => "pass"; //Hardcoding because this is a test var success = ks.ExportPrimaryAsPkcs(exportPath, password); Expect(success, Is.True); var ver2 = ks.AddKey(KeyStatus.Active, type: kt); Expect(ver2, Is.EqualTo(2)); success = ks.ExportAsPkcs12(exportPath2, password); Expect(success, Is.True); using (var pubks = ks.PublicKey()) { var pubsuccess = pubks.Save(pubWriter); Expect(pubsuccess, Is.True); pubsuccess = pubks.ExportAsPkcs12(exportPubPath2, () => null); Expect(pubsuccess, Is.True); } success = ks.Save(writer); Expect(success, Is.True); } }
public void CreateEncryptAndPublic(string keyType, string topDir) { KeyType type = keyType; var kspath = Util.TestDataPath(WRITE_DATA, topDir); var writer = new FileSystemKeySetWriter(kspath, overwrite: true); using (var ks = CreateNewKeySet(type.Kind, KeyPurpose.DecryptAndEncrypt)) { var ver = ks.AddKey(KeyStatus.Primary, type: type); Expect(ver, Is.EqualTo(1)); var success = ks.Save(writer); Expect(success, Is.True); } using (var encrypter = new Encrypter(kspath)) { var ciphertext = encrypter.Encrypt(input); File.WriteAllText(Path.Combine(kspath, "1.out"), ciphertext); } using (var ks = new MutableKeySet(kspath)) { var ver = ks.AddKey(KeyStatus.Primary, type: type); Expect(ver, Is.EqualTo(2)); var success = ks.Save(writer); Expect(success, Is.True); } using (var encrypter = new Encrypter(kspath)) { var ciphertext = encrypter.Encrypt(input); File.WriteAllText(Path.Combine(kspath, "2.out"), ciphertext); } if (type.Asymmetric) { var kspath2 = Util.TestDataPath(WRITE_DATA, topDir + ".public"); var writer2 = new FileSystemKeySetWriter(kspath2, overwrite: true); using (var ks = new MutableKeySet(kspath)) { var pubKs = ks.PublicKey(); var success = pubKs.Save(writer2); Expect(success, Is.True); } } }
public void CreatePbeKeySet() { var kspath = Util.TestDataPath(WRITE_DATA, "pbe_json"); var writer = new FileSystemKeySetWriter(kspath, overwrite: true); Func <string> passPrompt = () => "cartman"; //hardcoded because this is a test; using (var encwriter = new PbeKeySetWriter(writer, passPrompt)) { using (var ks = CreateNewKeySet(KeyKind.Symmetric, KeyPurpose.DecryptAndEncrypt)) { var success = ks.Save(writer); Expect(success, Is.True); } using (var eks = KeySet.LayerSecurity( FileSystemKeySet.Creator(kspath), PbeKeySet.Creator(passPrompt))) { HelperCryptCreate(encwriter, eks, kspath, KeyType.Aes); } } }
public void CreateAndCrypted(string keyType, string topDir, string subDir) { KeyType type = keyType; var kspath = Util.TestDataPath(WRITE_DATA, topDir, subDir); var writer = new FileSystemKeySetWriter(kspath, overwrite: true); using (var ks = CreateNewKeySet(type.Kind, KeyPurpose.DecryptAndEncrypt)) { var success = ks.Save(writer); Expect(success, Is.True); } HelperCryptCreate(writer, new FileSystemKeySet(kspath), kspath, type); var kscryptpath = Util.TestDataPath(WRITE_DATA, topDir + "-crypted", subDir); var baseWriter = new FileSystemKeySetWriter(kscryptpath, overwrite: true); using (var ks = CreateNewKeySet(type.Kind, KeyPurpose.DecryptAndEncrypt)) { var success = ks.Save(baseWriter); Expect(success, Is.True); } using (var encrypter = new Crypter(kspath)) { var cryptedwriter = new EncryptedKeySetWriter(baseWriter, encrypter); using (var eks = KeySet.LayerSecurity(FileSystemKeySet.Creator(kscryptpath), EncryptedKeySet.Creator(encrypter))) { HelperCryptCreate(cryptedwriter, eks, kscryptpath, type, new FileSystemKeySet(kscryptpath), baseWriter); } } }
public override int Run(string[] remainingArguments) { var ret = 0; Crypter crypter = null; IKeySet ks = new FileSystemKeySet(_location); Func <string> prompt = CachedPrompt.Password(Util.PromptForPassword).Prompt; IDisposable dks = null; if (!String.IsNullOrWhiteSpace(_crypterLocation)) { if (_password) { var cks = KeySet.LayerSecurity(FileSystemKeySet.Creator(_crypterLocation), PbeKeySet.Creator(prompt) ); crypter = new Crypter(cks); dks = cks; } else { crypter = new Crypter(_crypterLocation); } ks = new EncryptedKeySet(ks, crypter); } else if (_password) { ks = new PbeKeySet(ks, prompt); } var d2ks = ks as IDisposable; using (crypter) using (dks) using (d2ks) using (var keySet = new MutableKeySet(ks)) { var pubKeySet = keySet.PublicKey(); if (pubKeySet != null) { using (pubKeySet) { IKeySetWriter writer = new FileSystemKeySetWriter(_destination, overwrite: false); if (pubKeySet.Save(writer)) { Console.WriteLine(Localized.MsgNewPublicKeySet); ret = 0; } else { ret = -1; } } } else { ret = -1; } } return(ret); }
//Asymentric key genteration is too slow //[TestCase("rsa_priv", "rsa", "1024", "crypt")] //[TestCase("rsa_priv", "rsa-sign", "1024", "sign")] //[TestCase("dsa_priv", "dsa", "1024", "sign")] public void CreateKeyCollision(string key, string dir, string sizeString, string purpose) { var crypt = purpose == "crypt"; var purp = crypt ? KeyPurpose.DecryptAndEncrypt : KeyPurpose.SignAndVerify; KeyType ktype = key; int size = int.Parse(sizeString); IDictionary <int, Key> keys = new Dictionary <int, Key>(); var kspath = Util.TestDataPath(WRITE_DATA, dir, "key-collision"); var writer = new FileSystemKeySetWriter(kspath, overwrite: true); using (var ks = CreateNewKeySet(ktype.Kind, purp)) { var success = ks.Save(writer); Expect(success, Is.True); } long count = 0; Key newKey2; using (var ks = new MutableKeySet(kspath)) { Key newKey1; while (true) { newKey1 = Key.Generate(ktype, size); int newHash = Utility.ToInt32(newKey1.GetKeyHash()); count++; if (keys.TryGetValue(newHash, out newKey2)) { break; } keys.Add(newHash, newKey1); } Console.WriteLine("Created {1} collision after {0} iterations", count, dir); var ver = ks.AddKey(KeyStatus.Primary, newKey1); Expect(ver, Is.EqualTo(1)); var success = ks.Save(writer); Expect(success, Is.True); } if (crypt) { using (var encrypter = new Encrypter(kspath)) { var ciphertext = encrypter.Encrypt(input); File.WriteAllText(Path.Combine(kspath, "1.out"), ciphertext); } } else { using (var signer = new Signer(kspath)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, "1.out"), ciphertext); } using (var signer = new TimeoutSigner(kspath)) { var ciphertext = signer.Sign(input, new DateTime(2012, 12, 21, 11, 11, 0, DateTimeKind.Utc)); File.WriteAllText(Path.Combine(kspath, "1.timeout"), ciphertext); } using (var signer = new AttachedSigner(kspath)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, "1.attached"), ciphertext); } using (var signer = new AttachedSigner(kspath)) { var ciphertext = signer.Sign(input, Encoding.UTF8.GetBytes("secret")); File.WriteAllText(Path.Combine(kspath, "1.secret.attached"), ciphertext); } } using (var ks = new MutableKeySet(kspath)) { var ver = ks.AddKey(KeyStatus.Primary, newKey2); Expect(ver, Is.EqualTo(2)); var success = ks.Save(writer); Expect(success, Is.True); } if (crypt) { using (var encrypter = new Encrypter(kspath)) { var ciphertext = encrypter.Encrypt(input); File.WriteAllText(Path.Combine(kspath, "2.out"), ciphertext); } } else { using (var signer = new Signer(kspath)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, "2.out"), ciphertext); } using (var signer = new TimeoutSigner(kspath)) { var ciphertext = signer.Sign(input, new DateTime(2012, 12, 21, 11, 11, 0, DateTimeKind.Utc)); File.WriteAllText(Path.Combine(kspath, "2.timeout"), ciphertext); } using (var signer = new AttachedSigner(kspath)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, "2.atttached"), ciphertext); } using (var signer = new AttachedSigner(kspath)) { var ciphertext = signer.Sign(input, Encoding.UTF8.GetBytes("secret")); File.WriteAllText(Path.Combine(kspath, "2.secret.atttached"), ciphertext); } } }
public void CreateSignAndPublicSized(string keyType, string topDir, string nestDir) { KeyType type = keyType; topDir += "-sizes"; var kspath = Util.TestDataPath(WRITE_DATA, topDir, nestDir); var writer = new FileSystemKeySetWriter(kspath, overwrite: true); using (var ks = CreateNewKeySet(type.Kind, KeyPurpose.SignAndVerify)) { var success = ks.Save(writer); Expect(success, Is.True); } int i = 0; foreach (int size in type.KeySizeOptions) { if (Util.IsSizeTooSlow(size)) { break; } i++; using (var ks = new MutableKeySet(kspath)) { var ver = ks.AddKey(KeyStatus.Primary, size, type: type); Expect(ver, Is.EqualTo(i)); var success = ks.Save(writer); Expect(success, Is.True); } using (var ks = new FileSystemKeySet(kspath)) using (var signer = new Signer(ks)) using (var jwtSigner = new JwtSigner(ks)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, $"{size}.out"), ciphertext); var key = ks.GetPrimaryKey(); if (Jwt.AlgForKey(key) != null) { var token = jwtSigner.SignCompact(JObject.Parse(jsonInput)); File.WriteAllText(Path.Combine(kspath, $"{size}.jwt"), token); } } } if (type.Asymmetric) { var kspath2 = Util.TestDataPath(WRITE_DATA, topDir + ".public", nestDir); var writer2 = new FileSystemKeySetWriter(kspath2, overwrite: true); using (var ks = new MutableKeySet(kspath)) { var pubKs = ks.PublicKey(); var success = pubKs.Save(writer2); Expect(success, Is.True); } } }
public override int Run(string[] remainingArguments) { var ret = 0; Crypter crypter = null; IKeySet ks = new FileSystemKeySet(_location); Func <string> singlePrompt = CachedPrompt.Password(() => { Console.WriteLine(Localized.MsgForKeySet); return(Util.PromptForPassword()); }).Prompt; var prompt = ks.Metadata.Encrypted ? singlePrompt : CachedPrompt.Password(() => { Console.WriteLine(Localized.MsgForKeySet); return(Util.PromptForPassword()); }).Prompt; IDisposable dks = null; if (!String.IsNullOrWhiteSpace(_crypterLocation)) { if (_password) { var cks = KeySet.LayerSecurity(FileSystemKeySet.Creator(_crypterLocation), PbeKeySet.Creator(singlePrompt)); crypter = new Crypter(cks); dks = cks; } else { crypter = new Crypter(_crypterLocation); } ks = new EncryptedKeySet(ks, crypter); } else if (_password) { ks = new PbeKeySet(ks, prompt); } var d2ks = ks as IDisposable; using (crypter) using (dks) using (d2ks) using (var keySet = new MutableKeySet(ks)) { var official = keySet.Metadata.OriginallyOfficial && keySet.Metadata.ValidOfficial() && !_force; KeyType hint = null; if (!String.IsNullOrWhiteSpace(_type)) { hint = AddKey.KeyTypeForString(_type); } if (_status != KeyStatus.Primary && _status != KeyStatus.Active) { Console.WriteLine("{0} {1}.", Localized.Status, _status.Identifier); return(-1); } ImportedKeySet importedKeySet = null; try { importedKeySet = ImportedKeySet.Import.X509Certificate(keySet.Metadata.Purpose, _importLocation, official, hint); } catch { if (_importLocation.EndsWith("pfx", StringComparison.Ordinal) || _importLocation.EndsWith("p12", StringComparison.Ordinal) ) { importedKeySet = ImportedKeySet.Import.Pkcs12Keys( keySet.Metadata.Purpose, _importLocation, CachedPrompt.Password(() => { Console.WriteLine(Localized.MsgForImport); return(Util.PromptForPassword()); }).Prompt, official, hint); } else { importedKeySet = ImportedKeySet.Import.PkcsKey( keySet.Metadata.Purpose, _importLocation, CachedPrompt.Password(() => { Console.WriteLine(Localized.MsgForImport); return(Util.PromptForPassword()); }).Prompt, official, hint); } } if (importedKeySet == null) { Console.WriteLine(Localized.MsgUnparsableImport); ret = -1; } else { if (keySet.Metadata.OriginallyOfficial && keySet.Metadata.ValidOfficial()) { if (!_force && !importedKeySet.Metadata.ValidOfficial()) { var keySetKeyType = keySet.Metadata.OfficialKeyType(); ret = -1; Console.WriteLine(Localized.MsgMismatchedType, "Multiple Types", keySetKeyType); } else { var importedKeyType = importedKeySet.Metadata.OfficialKeyType(); var keySetKeyType = keySet.Metadata.OfficialKeyType(); if (importedKeyType != keySetKeyType && !_force) { ret = -1; Console.WriteLine(Localized.MsgMismatchedType, importedKeyType, keySetKeyType); } } } if (keySet.Metadata.Kind != importedKeySet.Metadata.Kind) { if (!keySet.Metadata.Versions.Any()) { keySet.Metadata.Kind = importedKeySet.Metadata.Kind; } else { ret = -1; Console.WriteLine(Localized.MsgConflictingKeyTypes, keySet.Metadata.Kind.Identifier, importedKeySet.Metadata.Kind); } } using (importedKeySet) { if (ret != -1) { var count = importedKeySet.Metadata.Versions.Count(); var outMsg = ""; foreach (var v in importedKeySet.Metadata.Versions) { var status = v.Status; if (count == 1 || _status != KeyStatus.Primary) { status = _status; } var ver = keySet.AddKey(status, importedKeySet.GetKey(v.VersionNumber)); outMsg = ver.ToString(); } if (count > 1) { outMsg = $"{count} keys"; } IKeySetWriter writer = new FileSystemKeySetWriter(_location, overwrite: true); if (crypter != null) { writer = new EncryptedKeySetWriter(writer, crypter); } else if (_password) { writer = new PbeKeySetWriter(writer, prompt); } if (keySet.Save(writer)) { Console.WriteLine("{0} {1}.", Localized.MsgImportedNewKey, outMsg); ret = 0; } else { ret = -1; } } } } } return(ret); }
public override int Run(string[] remainingArguments) { var ret = 0; Crypter crypter = null; IKeySet ks = new FileSystemKeySet(_location); Func <string> crypterPrompt = CachedPrompt.Password(Util.PromptForPassword).Prompt; var prompt = ks.Metadata.Encrypted ? new Func <string>(CachedPrompt.Password(Util.PromptForPassword).Prompt) : new Func <string>(CachedPrompt.Password(Util.DoublePromptForPassword).Prompt); IDisposable dks = null; if (!String.IsNullOrWhiteSpace(_crypterLocation)) { if (_password) { var cks = KeySet.LayerSecurity( FileSystemKeySet.Creator(_crypterLocation), PbeKeySet.Creator(crypterPrompt) ); crypter = new Crypter(cks); dks = cks; } else { crypter = new Crypter(_crypterLocation); } ks = new EncryptedKeySet(ks, crypter); } else if (_password) { ks = new PbeKeySet(ks, prompt); } var d2ks = ks as IDisposable; using (crypter) using (dks) using (d2ks) using (var keySet = new MutableKeySet(ks)) { if (_status != KeyStatus.Primary && _status != KeyStatus.Active) { Console.WriteLine("{0} {1}.", Localized.MsgInvalidStatus, _status.Identifier); return(-1); } object options = null; if (!String.IsNullOrWhiteSpace(_padding)) { options = new { Padding = _padding }; } int ver; var type = KeyTypeForString(_type); if (ks.Metadata.OriginallyOfficial && ks.Metadata.ValidOfficial()) { var keytype = ks.Metadata.OfficialKeyType(); if (type == null) { type = keytype; } else if (type != keytype && !_force) { throw new ConsoleHelpAsException(String.Format(Localized.MsgMismatchedType, type, keytype)); } } try { ver = keySet.AddKey(_status, _size, type, options); } #pragma warning disable 168 catch (InvalidKeyTypeException ex) #pragma warning restore 168 { throw new ConsoleHelpAsException(String.Format(Localized.MsgMismatchedKind, type?.Kind, keySet.Metadata.Kind)); } IKeySetWriter writer = new FileSystemKeySetWriter(_location, overwrite: true); if (crypter != null) { writer = new EncryptedKeySetWriter(writer, crypter); } else if (_password) { writer = new PbeKeySetWriter(writer, prompt); } using (writer as IDisposable) { try { if (keySet.Save(writer)) { Console.WriteLine("{0} {1}.", Localized.MsgCreatedKey, ver); ret = 0; } else { ret = -1; } } catch { ret = -1; } } } if (ret != 0) { Console.WriteLine("{0} {1}.", Localized.MsgCouldNotWrite, _location); } return(ret); }