public void TestProtectedMessage()
{
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100));
AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
TestCertBuilder builder = new TestCertBuilder();
builder.NotBefore = DateTime.UtcNow.AddDays(-1);
builder.NotAfter = DateTime.UtcNow.AddDays(1);
builder.PublicKey = rsaKeyPair.Public;
builder.SignatureAlgorithm = "Sha1WithRSAEncryption";
builder.AddAttribute(X509Name.C, "Foo");
X509Certificate cert = builder.Build(rsaKeyPair.Private);
GeneralName sender = new GeneralName(new X509Name("CN=Sender"));
GeneralName recipient = new GeneralName(new X509Name("CN=Recip"));
ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient)
.SetBody(new PkiBody(PkiBody.TYPE_INIT_REP, CertRepMessage.GetInstance(new DerSequence(new DerSequence()))))
.AddCmpCertificate(cert);
ISignatureFactory sigFact = new Asn1SignatureFactory("MD5WithRSA", rsaKeyPair.Private);
ProtectedPkiMessage msg = msgBuilder.Build(sigFact);
X509Certificate certificate = msg.GetCertificates()[0];
IVerifierFactory verifierFactory = new Asn1VerifierFactory("MD5WithRSA", rsaKeyPair.Public);
IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory));
}
public void TestMacProtectedMessage()
{
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048,
100));
AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
TestCertBuilder builder = new TestCertBuilder();
builder.NotBefore = DateTime.UtcNow.AddDays(-1);
builder.NotAfter = DateTime.UtcNow.AddDays(1);
builder.PublicKey = rsaKeyPair.Public;
builder.SignatureAlgorithm = "Sha1WithRSAEncryption";
builder.AddAttribute(X509Name.C, "Foo");
X509Certificate cert = builder.Build(rsaKeyPair.Private);
GeneralName sender = new GeneralName(new X509Name("CN=Sender"));
GeneralName recipient = new GeneralName(new X509Name("CN=Recip"));
ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient)
.SetBody(new PkiBody(PkiBody.TYPE_INIT_REP, CertRepMessage.GetInstance(new DerSequence(new DerSequence()))))
.AddCmpCertificate(cert);
//
// Default instance.
//
PKMacBuilder macFactory = new PKMacBuilder();
ProtectedPkiMessage msg = msgBuilder.Build(macFactory.Build("testpass".ToCharArray()));
IsTrue(msg.Verify(macFactory, "testpass".ToCharArray()));
}
private static Asn1Encodable GetBodyForType(int type, Asn1Encodable o)
{
switch (type)
{
case 0:
return(CertReqMessages.GetInstance(o));
case 1:
return(CertRepMessage.GetInstance(o));
case 2:
return(CertReqMessages.GetInstance(o));
case 3:
return(CertRepMessage.GetInstance(o));
case 4:
return(CertificationRequest.GetInstance(o));
case 5:
return(PopoDecKeyChallContent.GetInstance(o));
case 6:
return(PopoDecKeyRespContent.GetInstance(o));
case 7:
return(CertReqMessages.GetInstance(o));
case 8:
return(CertRepMessage.GetInstance(o));
case 9:
return(CertReqMessages.GetInstance(o));
case 10:
return(KeyRecRepContent.GetInstance(o));
case 11:
return(RevReqContent.GetInstance(o));
case 12:
return(RevRepContent.GetInstance(o));
case 13:
return(CertReqMessages.GetInstance(o));
case 14:
return(CertRepMessage.GetInstance(o));
case 15:
return(CAKeyUpdAnnContent.GetInstance(o));
case 16:
return(CmpCertificate.GetInstance(o));
case 17:
return(RevAnnContent.GetInstance(o));
case 18:
return(CrlAnnContent.GetInstance(o));
case 19:
return(PkiConfirmContent.GetInstance(o));
case 20:
return(PkiMessages.GetInstance(o));
case 21:
return(GenMsgContent.GetInstance(o));
case 22:
return(GenRepContent.GetInstance(o));
case 23:
return(ErrorMsgContent.GetInstance(o));
case 24:
return(CertConfirmContent.GetInstance(o));
case 25:
return(PollReqContent.GetInstance(o));
case 26:
return(PollRepContent.GetInstance(o));
default:
throw new ArgumentException("unknown tag number: " + type, "type");
}
}
