public void TestLoadCertFromPfx() { X509Certificate2 certificate = KeyStoreUtil.GetCertificateFromPfx(TEST_PFX_PATH, TEST_PFX_PASSWORD, true); Console.WriteLine(certificate); Assert.NotNull(certificate); }
public void TestLoadKeyFromPfx() { RSACryptoServiceProvider rsa = KeyStoreUtil.GetPrivateKeyFromPfx(TEST_PFX_PATH, TEST_PFX_PASSWORD, true); Console.WriteLine(rsa); Assert.NotNull(rsa); }
public void setup() { AsymmetricCipherKeyPair keyPair = KeyStoreUtil.GenerateKeyPair(); Org.BouncyCastle.X509.X509Certificate rootCertificate = KeyStoreUtil.CreateCert("CN=Root", keyPair.Public, keyPair.Private); AsymmetricCipherKeyPair clientKeyPair = KeyStoreUtil.GenerateKeyPair(); Org.BouncyCastle.X509.X509Certificate clientCertificate = KeyStoreUtil.CreateCert("CN=Client", clientKeyPair.Public, clientKeyPair.Private); this.invalidCertChain = new List <Org.BouncyCastle.X509.X509Certificate>(); this.invalidCertChain.Add(rootCertificate); this.invalidCertChain.Add(clientCertificate); }
public void TestCreateKeyStore() { AsymmetricCipherKeyPair keyPair = KeyStoreUtil.GenerateKeyPair(); RsaPrivateCrtKeyParameters RSAprivKey = (RsaPrivateCrtKeyParameters)keyPair.Private; RsaKeyParameters RSApubKey = (RsaKeyParameters)keyPair.Public; Org.BouncyCastle.X509.X509Certificate cert = KeyStoreUtil.CreateCert("Test", RSApubKey, RSAprivKey); Console.WriteLine(cert.ToString()); string pfxPath = TEST_PFX_PATH; if (File.Exists(pfxPath)) { pfxPath += "_old"; if (File.Exists(pfxPath)) { File.Delete(pfxPath); } } FileStream fs = new FileStream(pfxPath, FileMode.CreateNew); KeyStoreUtil.WritePkcs12(RSAprivKey, cert, TEST_PFX_PASSWORD, fs); fs.Close(); string crtPath = TEST_CRT_PATH; if (File.Exists(crtPath)) { crtPath += "_old"; if (File.Exists(crtPath)) { File.Delete(crtPath); } } FileStream certFileStream = new FileStream(crtPath, FileMode.CreateNew); byte[] encodedCert = cert.GetEncoded(); certFileStream.Write(encodedCert, 0, encodedCert.Length); certFileStream.Close(); }
public void TestInvalidChainInvalidWSSecuritySig() { X509Certificate2 validCertificate = new X509Certificate2(WS_SECURITY_CERT); AsymmetricCipherKeyPair keyPair = KeyStoreUtil.GenerateKeyPair(); X509Certificate2 serviceCertificate = new X509Certificate2(DotNetUtilities.ToX509Certificate (KeyStoreUtil.CreateCert(validCertificate.Subject, keyPair.Public, keyPair.Private))); XkmsClient client = new XkmsClientImpl(TestXkms.TRUST_SERVICE_LOCATION); client.configureWSSecurity(serviceCertificate, null); try { client.validate("test", this.invalidCertChain); Assert.Fail(); } catch (MessageSecurityException e) { // expected } }
public void TestCreateServiceSignature() { RSACryptoServiceProvider rsa = KeyStoreUtil.GetPrivateKeyFromPfx(TEST_PFX_PATH, TEST_PFX_PASSWORD, true); X509Certificate2 certificate = KeyStoreUtil.GetCertificateFromPfx(TEST_PFX_PATH, TEST_PFX_PASSWORD, true); List <X509Certificate2> certificateChain = new List <X509Certificate2>(); certificateChain.Add(certificate); ServiceSignatureDO serviceSignature = SignatureRequestUtil.CreateServiceSignature(rsa, certificateChain, "signature-request", null, "target", "language", "content-type", "relay-state"); Assert.NotNull(serviceSignature); Assert.NotNull(serviceSignature.ServiceSigned); Assert.NotNull(serviceSignature.ServiceSignature); Assert.NotNull(serviceSignature.ServiceCertificateChainSize); Assert.NotNull(serviceSignature.ServiceCertificates); Assert.True(serviceSignature.ServiceCertificates.Count == 1); Console.WriteLine("ServiceSignature"); Console.WriteLine("----------------"); Console.WriteLine(" * ServiceSigned =" + serviceSignature.ServiceSigned); Console.WriteLine(" * ServiceSignature=" + serviceSignature.ServiceSignature); }
private void SetSignatureRequest(bool signed, bool artifact, String languageValue) { if (FileUpload1.HasFile) { try { // read to be signed document byte[] doc = new byte[FileUpload1.PostedFile.ContentLength]; FileUpload1.PostedFile.InputStream.Read(doc, 0, FileUpload1.PostedFile.ContentLength); // construct post parameter values String signatureRequestValue = null; String signatureRequestIdValue = null; String contentTypeValue = FileUpload1.PostedFile.ContentType; String relayStateValue = Guid.NewGuid().ToString(); String targetValue = Request.Url.ToString(); if (artifact) { // upload using WS StorageInfoDO storageInfo = getClient().Store(doc, FileUpload1.PostedFile.ContentType); signatureRequestIdValue = storageInfo.Artifact; } else { signatureRequestValue = Convert.ToBase64String(doc); } // construct service signature if requested ServiceSignatureDO serviceSignature = null; if (signed) { RSACryptoServiceProvider rsa = KeyStoreUtil.GetPrivateKeyFromPfx(TEST_PFX_PATH, TEST_PFX_PASSWORD, true); X509Certificate2 certificate = KeyStoreUtil.GetCertificateFromPfx(TEST_PFX_PATH, TEST_PFX_PASSWORD, true); List <X509Certificate2> certificateChain = new List <X509Certificate2>(); certificateChain.Add(certificate); serviceSignature = SignatureRequestUtil.CreateServiceSignature(rsa, certificateChain, signatureRequestValue, signatureRequestIdValue, targetValue, languageValue, contentTypeValue, relayStateValue); } // set signature request post parameters if (null != signatureRequestValue) { SignatureRequest.Value = signatureRequestValue; SignatureRequestId.Visible = false; } else { SignatureRequest.Visible = false; SignatureRequestId.Value = signatureRequestIdValue; } if (null != serviceSignature) { ServiceSigned.Value = serviceSignature.ServiceSigned; ServiceSignature.Value = serviceSignature.ServiceSignature; ServiceCertificateChainSize.Value = serviceSignature.ServiceCertificateChainSize; ServiceCertificate.Value = serviceSignature.ServiceCertificates[0]; ServiceCertificate.ID = "ServiceCertificate.1"; } else { ServiceSigned.Visible = false; ServiceSignature.Visible = false; ServiceCertificateChainSize.Visible = false; ServiceCertificate.Visible = false; } ContentType.Value = contentTypeValue; RelayState.Value = relayStateValue; target.Value = targetValue; language.Value = languageValue; // store signature request state on session for response validation Session[SIGNATURE_REQUEST_SESSION_PARAM] = signatureRequestValue; Session[SIGNATURE_REQUEST_ID_SESSION_PARAM] = signatureRequestIdValue; Session[RELAY_STATE_SESSION_PARAM] = relayStateValue; Session[TARGET_SESSION_PARAM] = targetValue; Session[CONTENT_TYPE_SESSION_PARAM] = contentTypeValue; // ready for sign request SignForm.Action = dssLocation; Button1.Text = "Sign Document"; hideRequest(); // display some info Label1.Text = "File name: " + FileUpload1.PostedFile.FileName + "<br>" + FileUpload1.PostedFile.ContentLength + " kb<br>" + "Content type: " + FileUpload1.PostedFile.ContentType + "<br>"; if (null != signatureRequestIdValue) { Label1.Text += "Document ID: " + signatureRequestIdValue + "<br>"; } if (null != serviceSignature) { Label1.Text += "Service Signed: " + serviceSignature.ServiceSigned + "<br>"; } } catch (Exception ex) { Label1.Text = "ERROR: " + ex.Message.ToString(); } } else { Label1.Text = "You have not specified a file."; } }