public void PrivateKeyInfo_End_Certificate_CP_01_01 () { Assert.AreEqual (PKCS8.KeyInfo.PrivateKey, PKCS8.GetType (End_Certificate_CP_01_01_crtx), "PKCS8.GetType"); PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (End_Certificate_CP_01_01_crtx); Assert.AreEqual ("1.2.840.113549.1.1.1", p8.Algorithm, "Algorithm"); Assert.AreEqual (0, p8.Attributes.Count, "Attributes"); Assert.AreEqual (BitConverter.ToString (End_Certificate_CP_01_01_pki), BitConverter.ToString (p8.PrivateKey), "PrivateKey"); Assert.AreEqual (0, p8.Version, "Version"); }
public void PrivateKeyInfo_End_Certificate_CP_01_01 () { AssertEquals ("PKCS8.GetType", PKCS8.KeyInfo.PrivateKey, PKCS8.GetType (End_Certificate_CP_01_01_crtx)); PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (End_Certificate_CP_01_01_crtx); AssertEquals ("Algorithm", "1.2.840.113549.1.1.1", p8.Algorithm); AssertEquals ("Attributes", 0, p8.Attributes.Count); AssertEquals ("PrivateKey", BitConverter.ToString (End_Certificate_CP_01_01_pki), BitConverter.ToString (p8.PrivateKey)); AssertEquals ("Version", 0, p8.Version); }
public void PrivateKeyInfo_End_Certificate_CP_01_02 () { PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (End_Certificate_CP_01_02_crtx); Assert.AreEqual ("1.2.840.113549.1.1.1", p8.Algorithm, "Algorithm"); Assert.AreEqual (0, p8.Attributes.Count, "Attributes"); Assert.AreEqual ("30-82-02-5B-02-01-00-02-81-81-00-D6-39-9E-21-93-E2-BA-35-7F-E5-F8-E8-87-0B-8A-5F-28-25-85-B7-E5-CC-DA-7F-D3-C7-09-2A-63-E9-AD-8F-D0-A8-EF-BA-CF-3C-FB-55-03-B9-83-29-4E-0E-89-84-FB-E2-62-16-1F-9D-87-40-16-6B-F8-F4-66-38-58-74-67-D4-B5-A1-3A-4B-6F-13-4B-08-37-3A-3A-64-0A-06-8E-A2-7B-14-88-B7-F8-CE-6A-D1-45-9B-39-93-67-BF-0A-AB-DB-37-9D-FA-CE-54-0F-37-82-09-8F-0D-33-E4-B8-6E-46-C1-CC-4F-80-5A-B4-BD-19-80-27-40-84-49-02-03-01-00-01-02-81-80-14-95-5A-AD-4D-41-56-B4-F7-42-08-85-87-1C-43-C2-5A-E0-28-16-00-5D-8B-8D-06-B3-34-1D-3F-96-5F-57-D7-2B-B4-45-15-CE-7D-33-B0-F4-ED-36-55-CA-AD-C9-FA-4D-C9-30-E8-FE-C0-D5-16-92-6F-4C-44-5A-1B-9D-7E-AE-B8-01-6D-38-9D-DC-93-68-AB-93-D6-C0-8A-8A-63-B4-D6-DA-21-C1-A0-28-8C-24-C4-27-E1-4B-30-D2-2D-87-62-F9-17-75-21-5E-E1-3C-E2-2D-92-03-C6-A1-8D-1D-E9-67-F4-CE-FF-AC-52-86-D2-F5-0F-EB-03-01-02-41-00-ED-6A-AE-A7-33-B0-B8-86-36-91-BA-E7-D2-DD-15-3A-97-A2-66-31-98-24-A6-0D-E7-09-E3-BD-36-79-91-F2-5E-23-AA-21-C9-71-43-24-10-FA-F0-E6-FC-E4-C6-1F-08-45-E8-91-74-13-69-63-A5-40-8F-38-44-2B-54-69-02-41-00-E6-FE-39-8B-6F-DB-44-CA-E7-72-D3-CA-09-5B-3D-B1-53-85-29-36-FC-F1-B9-D8-1F-64-02-D4-F7-F5-71-E5-9F-17-D7-F3-9F-5A-3A-A6-A3-62-46-F6-93-3D-D3-CD-18-F2-12-BD-68-02-AA-91-55-DA-64-26-D7-16-34-E1-02-40-60-3F-F4-C8-72-4B-3D-B3-A3-A1-D6-FD-2E-DE-54-41-E9-C1-7B-DE-B5-48-7E-4D-7A-91-E6-D3-09-A7-A5-84-75-A7-CD-CC-5E-C7-5D-29-DC-FC-6E-F7-A6-24-F5-31-15-80-89-F5-95-F2-5C-B2-7A-07-3F-48-D7-52-1D-A9-02-40-40-1B-FC-C2-9B-57-E2-DE-E1-9F-B7-F2-11-E8-B5-D5-9A-55-91-DB-C6-16-1C-BB-43-F3-10-EA-24-AB-85-61-F2-66-BE-B3-C9-DD-53-FB-DD-CA-AF-E1-4D-7A-52-67-50-EE-16-8F-64-E7-A0-89-57-A7-96-36-45-69-CF-61-02-40-3D-9E-E3-29-D6-BD-59-FF-A5-C3-AC-57-CB-74-FE-B0-C3-67-34-A8-40-EB-04-88-C3-C2-74-4F-69-77-13-48-8A-97-3C-C2-4B-CD-E8-E0-97-98-A2-3F-B6-E2-71-D3-65-9F-5A-C6-C8-AE-FE-BA-B1-ED-DA-08-8A-5B-7B-12", BitConverter.ToString (p8.PrivateKey), "PrivateKey"); Assert.AreEqual (0, p8.Version, "Version"); // static RSA rsa = PKCS8.PrivateKeyInfo.DecodeRSA (p8.PrivateKey); Assert.AreEqual ("<RSAKeyValue><Modulus>1jmeIZPiujV/5fjohwuKXyglhbflzNp/08cJKmPprY/QqO+6zzz7VQO5gylODomE++JiFh+dh0AWa/j0ZjhYdGfUtaE6S28TSwg3OjpkCgaOonsUiLf4zmrRRZs5k2e/CqvbN536zlQPN4IJjw0z5LhuRsHMT4BatL0ZgCdAhEk=</Modulus><Exponent>AQAB</Exponent><P>7WqupzOwuIY2kbrn0t0VOpeiZjGYJKYN5wnjvTZ5kfJeI6ohyXFDJBD68Ob85MYfCEXokXQTaWOlQI84RCtUaQ==</P><Q>5v45i2/bRMrnctPKCVs9sVOFKTb88bnYH2QC1Pf1ceWfF9fzn1o6pqNiRvaTPdPNGPISvWgCqpFV2mQm1xY04Q==</Q><DP>YD/0yHJLPbOjodb9Lt5UQenBe961SH5NepHm0wmnpYR1p83MXsddKdz8bvemJPUxFYCJ9ZXyXLJ6Bz9I11IdqQ==</DP><DQ>QBv8wptX4t7hn7fyEei11ZpVkdvGFhy7Q/MQ6iSrhWHyZr6zyd1T+93Kr+FNelJnUO4Wj2TnoIlXp5Y2RWnPYQ==</DQ><InverseQ>PZ7jKda9Wf+lw6xXy3T+sMNnNKhA6wSIw8J0T2l3E0iKlzzCS83o4JeYoj+24nHTZZ9axsiu/rqx7doIilt7Eg==</InverseQ><D>FJVarU1BVrT3QgiFhxxDwlrgKBYAXYuNBrM0HT+WX1fXK7RFFc59M7D07TZVyq3J+k3JMOj+wNUWkm9MRFobnX6uuAFtOJ3ck2irk9bAiopjtNbaIcGgKIwkxCfhSzDSLYdi+Rd1IV7hPOItkgPGoY0d6Wf0zv+sUobS9Q/rAwE=</D></RSAKeyValue>", rsa.ToXmlString (true), "DecodeRSA"); }
private ASN1 KeyBagSafeBag (AsymmetricAlgorithm aa, IDictionary attributes) { PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (); if (aa is RSA) { pki.Algorithm = "1.2.840.113549.1.1.1"; pki.PrivateKey = PKCS8.PrivateKeyInfo.Encode ((RSA)aa); } else if (aa is DSA) { pki.Algorithm = null; pki.PrivateKey = PKCS8.PrivateKeyInfo.Encode ((DSA)aa); } else throw new CryptographicException ("Unknown asymmetric algorithm {0}", aa.ToString ()); ASN1 safeBag = new ASN1 (0x30); safeBag.Add (ASN1Convert.FromOid (keyBag)); ASN1 bagValue = new ASN1 (0xA0); bagValue.Add (new ASN1 (pki.GetBytes ())); safeBag.Add (bagValue); if (attributes != null) { ASN1 bagAttributes = new ASN1 (0x31); IDictionaryEnumerator de = attributes.GetEnumerator (); while (de.MoveNext ()) { string oid = (string)de.Key; switch (oid) { case PKCS9.friendlyName: ArrayList names = (ArrayList)de.Value; if (names.Count > 0) { ASN1 pkcs12Attribute = new ASN1 (0x30); pkcs12Attribute.Add (ASN1Convert.FromOid (PKCS9.friendlyName)); ASN1 attrValues = new ASN1 (0x31); foreach (byte[] name in names) { ASN1 attrValue = new ASN1 (0x1e); attrValue.Value = name; attrValues.Add (attrValue); } pkcs12Attribute.Add (attrValues); bagAttributes.Add (pkcs12Attribute); } break; case PKCS9.localKeyId: ArrayList keys = (ArrayList)de.Value; if (keys.Count > 0) { ASN1 pkcs12Attribute = new ASN1 (0x30); pkcs12Attribute.Add (ASN1Convert.FromOid (PKCS9.localKeyId)); ASN1 attrValues = new ASN1 (0x31); foreach (byte[] key in keys) { ASN1 attrValue = new ASN1 (0x04); attrValue.Value = key; attrValues.Add (attrValue); } pkcs12Attribute.Add (attrValues); bagAttributes.Add (pkcs12Attribute); } break; default: break; } } if (bagAttributes.Count > 0) { safeBag.Add (bagAttributes); } } return safeBag; }
public IDictionary GetAttributes (AsymmetricAlgorithm aa) { IDictionary result = new Hashtable (); foreach (SafeBag sb in _safeBags) { if (sb.BagOID.Equals (keyBag) || sb.BagOID.Equals (pkcs8ShroudedKeyBag)) { ASN1 safeBag = sb.ASN1; ASN1 bagValue = safeBag [1]; AsymmetricAlgorithm saa = null; if (sb.BagOID.Equals (keyBag)) { PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value); byte[] privateKey = pki.PrivateKey; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: break; } Array.Clear (privateKey, 0, privateKey.Length); } else if (sb.BagOID.Equals (pkcs8ShroudedKeyBag)) { PKCS8.EncryptedPrivateKeyInfo epki = new PKCS8.EncryptedPrivateKeyInfo (bagValue.Value); byte[] decrypted = Decrypt (epki.Algorithm, epki.Salt, epki.IterationCount, epki.EncryptedData); PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (decrypted); byte[] privateKey = pki.PrivateKey; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: break; } Array.Clear (privateKey, 0, privateKey.Length); Array.Clear (decrypted, 0, decrypted.Length); } if (saa != null && CompareAsymmetricAlgorithm (saa, aa)) { if (safeBag.Count == 3) { ASN1 bagAttributes = safeBag [2]; for (int i = 0; i < bagAttributes.Count; i++) { ASN1 pkcs12Attribute = bagAttributes [i]; ASN1 attrId = pkcs12Attribute [0]; string aOid = ASN1Convert.ToOid (attrId); ArrayList aValues = new ArrayList (); ASN1 attrValues = pkcs12Attribute [1]; for (int j = 0; j < attrValues.Count; j++) { ASN1 attrValue = attrValues [j]; aValues.Add (attrValue.Value); } result.Add (aOid, aValues); } } } } } return result; }
public AsymmetricAlgorithm GetAsymmetricAlgorithm (IDictionary attrs) { foreach (SafeBag sb in _safeBags) { if (sb.BagOID.Equals (keyBag) || sb.BagOID.Equals (pkcs8ShroudedKeyBag)) { ASN1 safeBag = sb.ASN1; if (safeBag.Count == 3) { ASN1 bagAttributes = safeBag [2]; int bagAttributesFound = 0; for (int i = 0; i < bagAttributes.Count; i++) { ASN1 pkcs12Attribute = bagAttributes [i]; ASN1 attrId = pkcs12Attribute [0]; string ao = ASN1Convert.ToOid (attrId); ArrayList dattrValues = (ArrayList)attrs [ao]; if (dattrValues != null) { ASN1 attrValues = pkcs12Attribute [1]; if (dattrValues.Count == attrValues.Count) { int attrValuesFound = 0; for (int j = 0; j < attrValues.Count; j++) { ASN1 attrValue = attrValues [j]; byte[] value = (byte[])dattrValues [j]; if (Compare (value, attrValue.Value)) { attrValuesFound += 1; } } if (attrValuesFound == attrValues.Count) { bagAttributesFound += 1; } } } } if (bagAttributesFound == bagAttributes.Count) { ASN1 bagValue = safeBag [1]; AsymmetricAlgorithm aa = null; if (sb.BagOID.Equals (keyBag)) { PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value); byte[] privateKey = pki.PrivateKey; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME aa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: aa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: break; } Array.Clear (privateKey, 0, privateKey.Length); } else if (sb.BagOID.Equals (pkcs8ShroudedKeyBag)) { PKCS8.EncryptedPrivateKeyInfo epki = new PKCS8.EncryptedPrivateKeyInfo (bagValue.Value); byte[] decrypted = Decrypt (epki.Algorithm, epki.Salt, epki.IterationCount, epki.EncryptedData); PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (decrypted); byte[] privateKey = pki.PrivateKey; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME aa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: aa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: break; } Array.Clear (privateKey, 0, privateKey.Length); Array.Clear (decrypted, 0, decrypted.Length); } return aa; } } } } return null; }
public void RemoveKeyBag (AsymmetricAlgorithm aa) { int aaIndex = -1; for (int i = 0; aaIndex == -1 && i < _safeBags.Count; i++) { SafeBag sb = (SafeBag)_safeBags [i]; if (sb.BagOID.Equals (keyBag)) { ASN1 bagValue = sb.ASN1 [1]; PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value); byte[] privateKey = pki.PrivateKey; AsymmetricAlgorithm saa = null; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: Array.Clear (privateKey, 0, privateKey.Length); throw new CryptographicException ("Unknown private key format"); } Array.Clear (privateKey, 0, privateKey.Length); if (CompareAsymmetricAlgorithm (aa, saa)) { aaIndex = i; } } } if (aaIndex != -1) { _safeBags.RemoveAt (aaIndex); _keyBagsChanged = true; } }
public void AddKeyBag (AsymmetricAlgorithm aa, IDictionary attributes) { bool found = false; for (int i = 0; !found && i < _safeBags.Count; i++) { SafeBag sb = (SafeBag)_safeBags [i]; if (sb.BagOID.Equals (keyBag)) { ASN1 bagValue = sb.ASN1 [1]; PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value); byte[] privateKey = pki.PrivateKey; AsymmetricAlgorithm saa = null; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: Array.Clear (privateKey, 0, privateKey.Length); throw new CryptographicException ("Unknown private key format"); } Array.Clear (privateKey, 0, privateKey.Length); if (CompareAsymmetricAlgorithm (aa, saa)) { found = true; } } } if (!found) { _safeBags.Add (new SafeBag (keyBag, KeyBagSafeBag (aa, attributes))); _keyBagsChanged = true; } }
public void PrivateKeyInfo_NotDSA () { PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (End_Certificate_CP_01_02_crtx); DSAParameters p = new DSAParameters (); DSA dsa = PKCS8.PrivateKeyInfo.DecodeDSA (p8.PrivateKey, p); }
public void PrivateKeyInfo_BadVersion () { byte[] bad = (byte[]) End_Certificate_CP_01_01_pki.Clone (); bad [4] = 0x30; // SEQUENCE (not INTEGER) PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (bad); }
public void PrivateKeyInfo_BadData () { byte[] bad = (byte[]) End_Certificate_CP_01_01_pki.Clone (); bad [0] = 0x31; // SET (no SEQUENCE) PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (bad); }
public void NullPrivateKey () { PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (); p8.PrivateKey = null; }
public void NegativeVersion () { PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (); p8.Version = -1; }
public void PrivateKeyInfo () { PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (); Assert.IsNull (p8.Algorithm, "Default-Algorithm"); Assert.AreEqual (0, p8.Attributes.Count, "Default-Attributes"); Assert.IsNull (p8.PrivateKey, "Default-PrivateKey"); Assert.AreEqual (0, p8.Version, "Default-Version"); byte[] key = new byte [8]; p8.Algorithm = "1.2.3.4.5"; p8.Attributes.Add (new ASN1 (0x05)); // NULL p8.PrivateKey = key; p8.Version = 1; Assert.AreEqual ("1.2.3.4.5", p8.Algorithm, "Algorithm"); Assert.AreEqual (1, p8.Attributes.Count, "Attributes"); Assert.AreEqual (8, p8.PrivateKey.Length, "PrivateKey"); Assert.AreEqual (1, p8.Version, "Version"); key [0] = 1; Assert.AreEqual (0, p8.PrivateKey [0], "PrivateKey not directly accessible"); byte[] p8pki = p8.GetBytes (); PKCS8.PrivateKeyInfo decoded = new PKCS8.PrivateKeyInfo (p8pki); Assert.AreEqual ("1.2.3.4.5", decoded.Algorithm, "Decoded-Algorithm"); Assert.AreEqual (1, decoded.Attributes.Count, "Decoded-Attributes"); Assert.AreEqual (8, decoded.PrivateKey.Length, "Decoded-PrivateKey"); Assert.AreEqual (1, decoded.Version, "Decoded-Version"); }
public void PrivateKeyInfo () { PKCS8.PrivateKeyInfo p8 = new PKCS8.PrivateKeyInfo (); AssertNull ("Default-Algorithm", p8.Algorithm); AssertEquals ("Default-Attributes", 0, p8.Attributes.Count); AssertNull ("Default-PrivateKey", p8.PrivateKey); AssertEquals ("Default-Version", 0, p8.Version); byte[] key = new byte [8]; p8.Algorithm = "1.2.3.4.5"; p8.Attributes.Add (new ASN1 (0x05)); // NULL p8.PrivateKey = key; p8.Version = 1; AssertEquals ("Algorithm", "1.2.3.4.5", p8.Algorithm); AssertEquals ("Attributes", 1, p8.Attributes.Count); AssertEquals ("PrivateKey", 8, p8.PrivateKey.Length); AssertEquals ("Version", 1, p8.Version); key [0] = 1; AssertEquals ("PrivateKey not directly accessible", 0, p8.PrivateKey [0]); byte[] p8pki = p8.GetBytes (); PKCS8.PrivateKeyInfo decoded = new PKCS8.PrivateKeyInfo (p8pki); AssertEquals ("Decoded-Algorithm", "1.2.3.4.5", decoded.Algorithm); AssertEquals ("Decoded-Attributes", 1, decoded.Attributes.Count); AssertEquals ("Decoded-PrivateKey", 8, decoded.PrivateKey.Length); AssertEquals ("Decoded-Version", 1, decoded.Version); }