public DSACryptoServiceProviderTest ()
{
disposed = new DSACryptoServiceProvider (minKeySize);
// FX 2.0 beta 1 bug - we must use the key before clearing it
// http://lab.msdn.microsoft.com/ProductFeedback/viewfeedback.aspx?feedbackid=dc970a7f-b82f-45e5-9d37-fb0ed72e6b41
int ks = disposed.KeySize;
disposed.Clear ();
// do not generate a new keypair for each test
smallDsa = new DSACryptoServiceProvider (minKeySize);
}
/// <summary>
/// DSA 加密
/// </summary>
/// <param name="password">要加密的字符串</param>
/// <returns>等效于此实例经过 DSA 加密密文</returns>
public static string DSAEncryptPassword(string password)
{
if (password == null)
{
throw new ArgumentNullException("password");
}
DSACryptoServiceProvider ServiceProvider = new DSACryptoServiceProvider();
string NewPassword = BitConverter.ToString(ServiceProvider.SignData(Encoding.UTF8.GetBytes(password)));
ServiceProvider.Clear();
return NewPassword.Replace("-", null);
}
static bool VerifyDsaMessage(byte[] keyData, byte[] message, byte[] signature)
{
// Load the Public Key X.509 Format
AsnKeyParser keyParser = new AsnKeyParser(keyData);
DSAParameters publicKey = keyParser.ParseDSAPublicKey();
CspParameters csp = new CspParameters();
// Cannot use PROV_DSS_DH
const int PROV_DSS = 3;
csp.ProviderType = PROV_DSS;
const int AT_SIGNATURE = 2;
csp.KeyNumber = AT_SIGNATURE;
csp.KeyContainerName = "DSA Test (OK to Delete)";
DSACryptoServiceProvider dsa = new DSACryptoServiceProvider(csp);
dsa.PersistKeyInCsp = false;
dsa.ImportParameters(publicKey);
SHA1 sha = new SHA1CryptoServiceProvider();
byte[] hash = sha.ComputeHash(message);
DSASignatureDeformatter verifier = new DSASignatureDeformatter(dsa);
verifier.SetHashAlgorithm("SHA1");
bool result = verifier.VerifySignature(hash, signature);
// See http://blogs.msdn.com/tess/archive/2007/10/31/
// asp-net-crash-system-security-cryptography-cryptographicexception.aspx
dsa.Clear();
return result;
}
public void UseMachineKeyStore ()
{
// note only applicable when CspParameters isn't used - which don't
// help much as you can't know the generated key container name
try {
DSACryptoServiceProvider.UseMachineKeyStore = true;
CspParameters csp = new CspParameters (13, null, "UseMachineKeyStore");
csp.KeyContainerName = "UseMachineKeyStore";
DSACryptoServiceProvider dsa = new DSACryptoServiceProvider (csp);
string machineKeyPair = dsa.ToXmlString (true);
dsa.Clear ();
DSACryptoServiceProvider.UseMachineKeyStore = false;
csp = new CspParameters (13, null, "UseMachineKeyStore");
csp.Flags |= CspProviderFlags.UseMachineKeyStore;
dsa = new DSACryptoServiceProvider (csp);
Assert.IsTrue (machineKeyPair != dsa.ToXmlString (true), "UseMachineKeyStore");
}
catch (CryptographicException ce) {
// only root can create the required directory (if inexistant)
// afterward anyone can use (read from) it
if (!(ce.InnerException is UnauthorizedAccessException))
throw;
}
catch (UnauthorizedAccessException) {
}
}
public void Persistence_Delete ()
{
CspParameters csp = new CspParameters (3, null, "Persistence_Delete");
// MS generates (or load) keypair here
// Mono load (if it exists) the keypair here
DSACryptoServiceProvider dsa1 = new DSACryptoServiceProvider (minKeySize, csp);
// Mono will generate the keypair here (if it doesn't exists)
string original = dsa1.ToXmlString (true);
// note: Delete isn't well documented but can be done by
// flipping the PersistKeyInCsp to false and back to true.
dsa1.PersistKeyInCsp = false;
dsa1.Clear ();
// recreate using the same container name
DSACryptoServiceProvider dsa2 = new DSACryptoServiceProvider (minKeySize, csp);
string newKeyPair = dsa2.ToXmlString (true);
Assert.IsTrue (original != newKeyPair, "Key Pair Deleted");
}
public void Properties ()
{
dsa = new DSACryptoServiceProvider (minKeySize);
Assert.AreEqual (1, dsa.LegalKeySizes.Length, "LegalKeySize");
Assert.AreEqual (minKeySize, dsa.LegalKeySizes[0].MinSize, "LegalKeySize.MinSize");
Assert.AreEqual (1024, dsa.LegalKeySizes[0].MaxSize, "LegalKeySize.MaxSize");
Assert.AreEqual (64, dsa.LegalKeySizes[0].SkipSize, "LegalKeySize.SkipSize");
Assert.IsNull (dsa.KeyExchangeAlgorithm, "KeyExchangeAlgorithm");
Assert.AreEqual ("http://www.w3.org/2000/09/xmldsig#dsa-sha1", dsa.SignatureAlgorithm);
dsa.Clear ();
Assert.AreEqual (1, dsa.LegalKeySizes.Length, "LegalKeySize(disposed)");
Assert.AreEqual (minKeySize, dsa.LegalKeySizes[0].MinSize, "LegalKeySize.MinSize(disposed)");
Assert.AreEqual (1024, dsa.LegalKeySizes[0].MaxSize, "LegalKeySize.MaxSize(disposed)");
Assert.AreEqual (64, dsa.LegalKeySizes[0].SkipSize, "LegalKeySize.SkipSize(disposed)");
Assert.IsNull (dsa.KeyExchangeAlgorithm, "KeyExchangeAlgorithm(disposed)");
Assert.AreEqual ("http://www.w3.org/2000/09/xmldsig#dsa-sha1", dsa.SignatureAlgorithm);
}
/// <summary>
/// Clear, then try to use
/// </summary>
private static void CSPClearUse()
{
using (DSACryptoServiceProvider dsa = new DSACryptoServiceProvider())
{
dsa.SignData(new byte[] { 0, 1, 2, 3, 4, 5 });
dsa.Clear();
dsa.SignData(new byte[] { 0, 1, 2, 3, 4, 5 });
}
}
internal static bool VerifyLocalKeyfile(string filename, out AuthInfo authinfo)
{
StreamReader reader = null;
string data = "";
authinfo = null;
try {
reader = new StreamReader(filename);
data = reader.ReadToEnd();
reader.Close();
} catch (Exception exc) {
MessageBox.Show("Offline key authorization failure: Could not read keyfile.\n\n\n" + exc.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
Regex rx = new Regex(@"\s*Keyfile(\n*|\s*)?" +
@"(?<inner>" +
@"(?>" +
@"\{(?<LEVEL>)" +
@"|" +
@"\};(?<-LEVEL>)" +
@"|" +
@"(?!\{|\};)." +
@")+" +
@"(?(LEVEL)(?!))" +
@")"
, RegexOptions.IgnoreCase | RegexOptions.Singleline);
Match topmatch = rx.Match(data);
if (!topmatch.Success) {
MessageBox.Show("Offline key authorization failure: Could not find valid 'keyfile' block.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
string keyfile_data = topmatch.Groups["inner"].Value;
// Once we have the top matched group, parse each line in it
rx = new Regex(@"\s*\b(?<name>[A-Z]*)\b\s*=\s*((" + "\"" + @"\s*(?<single>.*?)\s*" + "\"" + @"\s*;)|(\{(?<multi>.*?)\};))", RegexOptions.Singleline | RegexOptions.IgnoreCase);
// 1 = name
// 4 = normal definition
// 6 = multiline definition
string version = "";
string name = "";
string expires = "";
string machinecode = "";
string featurebit = "";
string hash = "";
string signature = "";
string email = "";
foreach(Match m in rx.Matches(keyfile_data)) {
switch(m.Groups["name"].Value.ToLower()) {
case "version":
version = m.Groups["single"].Value;
break;
case "name":
name = m.Groups["single"].Value;
break;
case "expires":
expires = m.Groups["single"].Value;
break;
case "machinecode":
machinecode = m.Groups["single"].Value;
break;
case "featurebit":
featurebit = m.Groups["single"].Value;
break;
case "hash":
hash = m.Groups["single"].Value;
break;
case "keysignature":
signature = m.Groups["multi"].Value;
break;
case "email":
email = m.Groups["single"].Value;
break;
}
}
// Clean up signature
signature = signature.Replace(" ", "");
signature = signature.Replace("\t", "");
signature = signature.Replace("\n", "");
signature = signature.Replace("\r", "");
// Check field validity
if (version == "" || expires == "" || machinecode == "" || featurebit == "" || hash == "" || name == "" || email == "" || signature == "") {
MessageBox.Show("Offline key authorization failure: Keyfile construction incomplete.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
// Check version
if (version != "1.00") {
MessageBox.Show("Offline key authorization failure: Incorrect version (Expected '1.00')", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
// Check expiration date
try {
DateTime dt = DateTime.Parse(expires);
if (DateTime.Now.Ticks >= dt.Ticks) {
MessageBox.Show("Offline key authorization has expired. Please visit www.torquedev.com to request a new offline authorization file.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
} catch (Exception exc) {
MessageBox.Show("Offline key authorization failure: Unable to verify date stamp. Error returned was: " + exc.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
// Check if the machine codes match
if (machinecode != CConfig.GetHardKey()) {
MessageBox.Show("Offline key authorization failure: Machine code mismatch.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
// Verify hash of data
string sighash = CConfig.SHA1(version + name + machinecode + expires + featurebit + email);
if (sighash != hash) {
MessageBox.Show("Offline key authorization failure: Checksum mismatch.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
// Verify signature by first loading the public key into memory
DSA dsa = new DSACryptoServiceProvider();
try {
dsa.FromXmlString(CVerify.PublicKey);
} catch (Exception exc) {
MessageBox.Show("Offline key authorization failure: Unable to load DSA public key. Error returned was: " + exc.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return false;
}
// Verify the data against the signature
try {
if (!dsa.VerifySignature(Convert.FromBase64String(hash), Convert.FromBase64String(signature))) {
MessageBox.Show("Offline key authorization failure: File signature is invalid.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
dsa.Clear();
return false;
} else {
// Signature checked out. Create the passback reference
authinfo = new AuthInfo(version, name, expires, machinecode, featurebit, hash, signature, email);
return true;
}
} catch (Exception exc) {
MessageBox.Show("Offline key authorization failure: DSA verification failure. Error returned was: " + exc.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
dsa.Clear();
return false;
}
}
public void ImportDisposed ()
{
DSACryptoServiceProvider import = new DSACryptoServiceProvider (minKeySize);
import.Clear ();
import.ImportParameters (AllTests.GetKey (false));
// no exception from Fx 2.0 +
}
