public void TestProtectedMessage() { RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); TestCertBuilder builder = new TestCertBuilder(); builder.NotBefore = DateTime.UtcNow.AddDays(-1); builder.NotAfter = DateTime.UtcNow.AddDays(1); builder.PublicKey = rsaKeyPair.Public; builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; builder.AddAttribute(X509Name.C, "Foo"); X509Certificate cert = builder.Build(rsaKeyPair.Private); GeneralName sender = new GeneralName(new X509Name("CN=Sender")); GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient) .SetBody(new PkiBody(PkiBody.TYPE_INIT_REP, CertRepMessage.GetInstance(new DerSequence(new DerSequence())))) .AddCmpCertificate(cert); ISignatureFactory sigFact = new Asn1SignatureFactory("MD5WithRSA", rsaKeyPair.Private); ProtectedPkiMessage msg = msgBuilder.Build(sigFact); X509Certificate certificate = msg.GetCertificates()[0]; IVerifierFactory verifierFactory = new Asn1VerifierFactory("MD5WithRSA", rsaKeyPair.Public); IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory)); }
public void TestMacProtectedMessage() { RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); TestCertBuilder builder = new TestCertBuilder(); builder.NotBefore = DateTime.UtcNow.AddDays(-1); builder.NotAfter = DateTime.UtcNow.AddDays(1); builder.PublicKey = rsaKeyPair.Public; builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; builder.AddAttribute(X509Name.C, "Foo"); X509Certificate cert = builder.Build(rsaKeyPair.Private); GeneralName sender = new GeneralName(new X509Name("CN=Sender")); GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient) .SetBody(new PkiBody(PkiBody.TYPE_INIT_REP, CertRepMessage.GetInstance(new DerSequence(new DerSequence())))) .AddCmpCertificate(cert); // // Default instance. // PKMacBuilder macFactory = new PKMacBuilder(); ProtectedPkiMessage msg = msgBuilder.Build(macFactory.Build("testpass".ToCharArray())); IsTrue(msg.Verify(macFactory, "testpass".ToCharArray())); }
private static Asn1Encodable GetBodyForType(int type, Asn1Encodable o) { switch (type) { case 0: return(CertReqMessages.GetInstance(o)); case 1: return(CertRepMessage.GetInstance(o)); case 2: return(CertReqMessages.GetInstance(o)); case 3: return(CertRepMessage.GetInstance(o)); case 4: return(CertificationRequest.GetInstance(o)); case 5: return(PopoDecKeyChallContent.GetInstance(o)); case 6: return(PopoDecKeyRespContent.GetInstance(o)); case 7: return(CertReqMessages.GetInstance(o)); case 8: return(CertRepMessage.GetInstance(o)); case 9: return(CertReqMessages.GetInstance(o)); case 10: return(KeyRecRepContent.GetInstance(o)); case 11: return(RevReqContent.GetInstance(o)); case 12: return(RevRepContent.GetInstance(o)); case 13: return(CertReqMessages.GetInstance(o)); case 14: return(CertRepMessage.GetInstance(o)); case 15: return(CAKeyUpdAnnContent.GetInstance(o)); case 16: return(CmpCertificate.GetInstance(o)); case 17: return(RevAnnContent.GetInstance(o)); case 18: return(CrlAnnContent.GetInstance(o)); case 19: return(PkiConfirmContent.GetInstance(o)); case 20: return(PkiMessages.GetInstance(o)); case 21: return(GenMsgContent.GetInstance(o)); case 22: return(GenRepContent.GetInstance(o)); case 23: return(ErrorMsgContent.GetInstance(o)); case 24: return(CertConfirmContent.GetInstance(o)); case 25: return(PollReqContent.GetInstance(o)); case 26: return(PollRepContent.GetInstance(o)); default: throw new ArgumentException("unknown tag number: " + type, "type"); } }