コード例 #1
0
 public Signature(Stream data, string hashAlgo, Certificate signingCert, AsymmetricCryptoKey privateKey)
 {
     _signedHash  = privateKey.Sign(data, hashAlgo);
     _hashAlgo    = hashAlgo;
     _signAlgo    = privateKey.Algorithm;
     _signingCert = signingCert;
 }
コード例 #2
0
 public RevocationCertificate(Certificate certToRevoke, string hashAlgo, AsymmetricCryptoKey privateKey)
 {
     _serialNumber = certToRevoke.SerialNumber;
     _revokedOnUTC = DateTime.UtcNow;
     _signature    = privateKey.Sign(GetHash(hashAlgo, _serialNumber, _revokedOnUTC), hashAlgo);
     _hashAlgo     = hashAlgo;
 }
コード例 #3
0
        public bool Verify(byte[] hash, Certificate[] trustedRootCAs)
        {
            if (AsymmetricCryptoKey.Verify(hash, _signedHash, _hashAlgo, _signingCert))
            {
                _signingCert.Verify(trustedRootCAs);

                return(true);
            }
            else
            {
                return(false);
            }
        }
コード例 #4
0
        public static AsymmetricCryptoKey CreateUsing(RSAParameters parameters)
        {
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

            rsa.PersistKeyInCsp = false;
            rsa.ImportParameters(parameters);

            AsymmetricCryptoKey obj = new AsymmetricCryptoKey();

            obj._asymAlgo   = rsa;
            obj._cryptoAlgo = AsymmetricEncryptionAlgorithm.RSA;

            return(obj);
        }
コード例 #5
0
        private static bool IsValid(Certificate certToCheck, DateTime revokedOnUTC, byte[] signature, string hashAlgo)
        {
            Certificate signingCert;

            if (certToCheck.Type == CertificateType.RootCA)
            {
                signingCert = certToCheck;
            }
            else
            {
                signingCert = certToCheck.IssuerSignature.SigningCertificate;
            }

            return(AsymmetricCryptoKey.Verify(GetHash(hashAlgo, certToCheck.SerialNumber, revokedOnUTC), signature, hashAlgo, signingCert));
        }
コード例 #6
0
        public void Sign(string hashAlgo, Certificate signingCert, AsymmetricCryptoKey privateKey, Uri revocationUri)
        {
            switch (_type)
            {
            case CertificateType.RootCA:
                throw new CryptoException("Cannot sign a root certificate with any other certificate. Root certificate must be self signed.");

            case CertificateType.CA:
                switch (signingCert._type)
                {
                case CertificateType.CA:
                case CertificateType.RootCA:
                    if (signingCert._capability != CertificateCapability.SignCACertificate)
                    {
                        throw new CryptoException("Signing certificate must have certificate authority (CA) signing capability.");
                    }
                    break;

                default:
                    throw new CryptoException("Signing certificate must be root certificate or a certificate authority (CA).");
                }
                break;

            default:
                switch (signingCert._capability)
                {
                case CertificateCapability.SignAnyUserCertificate:
                    break;

                case CertificateCapability.SignDomainUserCertificate:
                    //check if issuer email domain matches with user email domain

                    if (!_issuedTo.FieldExists(CertificateProfileFlags.EmailAddress) || !signingCert.IssuedTo.EmailAddress.Host.Equals(_issuedTo.EmailAddress.Host, StringComparison.OrdinalIgnoreCase))
                    {
                        throw new CryptoException("Signing certificate domain must match with user certificate email address domain.");
                    }

                    break;

                default:
                    throw new CryptoException("Signing certificate must have user certificate signing capability.");
                }
                break;
            }

            _revocationUri   = revocationUri;
            _issuerSignature = new Signature(GetHash(hashAlgo), hashAlgo, signingCert, privateKey);
        }
コード例 #7
0
        protected override void ReadPlainTextFrom(Stream s)
        {
            byte[] format = new byte[2];
            s.Read(format, 0, 2);

            if (Encoding.ASCII.GetString(format) != "CS")
            {
                throw new InvalidCryptoContainerException("Invalid CertificateStore format.");
            }

            switch (s.ReadByte()) //version
            {
            case 1:
                _cert       = new Certificate(s);
                _privateKey = new AsymmetricCryptoKey(s);
                break;

            case -1:
                throw new EndOfStreamException();

            default:
                throw new CryptoException("CertificateStore format version not supported.");
            }
        }
コード例 #8
0
 public bool Verify(byte[] hash, Certificate signingCert)
 {
     return(AsymmetricCryptoKey.Verify(hash, _signedHash, _hashAlgo, signingCert));
 }
コード例 #9
0
 public void SelfSign(string hashAlgo, AsymmetricCryptoKey privateKey, Uri revocationUri)
 {
     _revocationUri   = revocationUri;
     _issuerSignature = new Signature(GetHash(hashAlgo), hashAlgo, null, privateKey);
 }
コード例 #10
0
 public CertificateStore(Certificate cert, AsymmetricCryptoKey privateKey, string password)
     : base(SymmetricEncryptionAlgorithm.Rijndael, 256, password)
 {
     _cert       = cert;
     _privateKey = privateKey;
 }
コード例 #11
0
 public CertificateStore(Certificate cert, AsymmetricCryptoKey privateKey)
 {
     _cert       = cert;
     _privateKey = privateKey;
 }