public void _LL_21_03_SignAndVerify_RSA_Test() { if (Platform.NativeULongSize != 4 || Platform.StructPackingSize != 1) { Assert.Inconclusive("Test cannot be executed on this platform"); } CKR rv = CKR.CKR_OK; using (RutokenPkcs11Library pkcs11 = new RutokenPkcs11Library(Settings.Pkcs11LibraryPath)) { // Инициализация библиотеки rv = pkcs11.C_Initialize(Settings.InitArgs40); if ((rv != CKR.CKR_OK) && (rv != CKR.CKR_CRYPTOKI_ALREADY_INITIALIZED)) { Assert.Fail(rv.ToString()); } // Установление соединения с Рутокен в первом доступном слоте NativeULong slotId = Helpers.GetUsableSlot(pkcs11); // Открытие RW сессии NativeULong session = CK.CK_INVALID_HANDLE; rv = pkcs11.C_OpenSession(slotId, (CKF.CKF_SERIAL_SESSION | CKF.CKF_RW_SESSION), IntPtr.Zero, IntPtr.Zero, ref session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Выполнение аутентификации пользователя rv = pkcs11.C_Login(session, CKU.CKU_USER, Settings.NormalUserPinArray, Convert.ToUInt32(Settings.NormalUserPinArray.Length)); if (rv != CKR.CKR_OK && rv != CKR.CKR_USER_ALREADY_LOGGED_IN) { Assert.Fail(rv.ToString()); } // Инициализация хэш-функции SHA-1 CK_MECHANISM digestMechanism = CkmUtils.CreateMechanism(CKM.CKM_SHA_1); rv = pkcs11.C_DigestInit(session, ref digestMechanism); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } byte[] sourceData = TestData.Digest_Gost3411_SourceData; // Определение размера хэш-кода NativeULong digestLen = 0; rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt32(sourceData.Length), null, ref digestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(digestLen > 0); // Вычисление хэш-кода данных byte[] digest = new byte[digestLen]; rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt32(sourceData.Length), digest, ref digestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Генерация ключевой пары RSA NativeULong pubKeyId = CK.CK_INVALID_HANDLE; NativeULong privKeyId = CK.CK_INVALID_HANDLE; Helpers.GenerateRSAKeyPair(pkcs11, session, ref pubKeyId, ref privKeyId, Settings.RsaKeyPairId); // Инициализация операции подписи данных по алгоритму RSA CK_MECHANISM signMechanism = CkmUtils.CreateMechanism(CKM.CKM_RSA_PKCS); rv = pkcs11.C_SignInit(session, ref signMechanism, privKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Определение размера подписи данных NativeULong signatureLen = 0; rv = pkcs11.C_Sign(session, digest, Convert.ToUInt32(digest.Length), null, ref signatureLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(signatureLen > 0); byte[] signature = new byte[signatureLen]; // Подпись данных rv = pkcs11.C_Sign(session, digest, Convert.ToUInt32(digest.Length), signature, ref signatureLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Инициализация проверки подписи по алгоритму RSA rv = pkcs11.C_VerifyInit(session, ref signMechanism, pubKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Проверка подписи для данных rv = pkcs11.C_Verify(session, digest, Convert.ToUInt32(digest.Length), signature, Convert.ToUInt32(signature.Length)); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_DestroyObject(session, privKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_DestroyObject(session, pubKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_Logout(session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_CloseSession(session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_Finalize(IntPtr.Zero); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } } }
public void _LL_21_01_SignAndVerify_Gost3410_01_Test() { Helpers.CheckPlatform(); CKR rv = CKR.CKR_OK; using (RutokenPkcs11Library pkcs11 = new RutokenPkcs11Library(Settings.Pkcs11LibraryPath)) { rv = pkcs11.C_Initialize(Settings.InitArgs81); if ((rv != CKR.CKR_OK) && (rv != CKR.CKR_CRYPTOKI_ALREADY_INITIALIZED)) { Assert.Fail(rv.ToString()); } // Установление соединения с Рутокен в первом доступном слоте NativeULong slotId = Helpers.GetUsableSlot(pkcs11); NativeULong session = CK.CK_INVALID_HANDLE; rv = pkcs11.C_OpenSession(slotId, (CKF.CKF_SERIAL_SESSION | CKF.CKF_RW_SESSION), IntPtr.Zero, IntPtr.Zero, ref session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Выполнение аутентификации пользователя rv = pkcs11.C_Login(session, CKU.CKU_USER, Settings.NormalUserPinArray, Convert.ToUInt64(Settings.NormalUserPinArray.Length)); if (rv != CKR.CKR_OK && rv != CKR.CKR_USER_ALREADY_LOGGED_IN) { Assert.Fail(rv.ToString()); } // Инициализация хэш-функции CK_MECHANISM digestMechanism = CkmUtils.CreateMechanism(CKM.CKM_GOSTR3411); rv = pkcs11.C_DigestInit(session, ref digestMechanism); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } byte[] sourceData = TestData.Digest_Gost3411_SourceData; // Определение размера хэш-кода NativeULong digestLen = 0; rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt64(sourceData.Length), null, ref digestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(digestLen > 0); // Вычисление хэш-кода данных byte[] digest = new byte[digestLen]; rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt64(sourceData.Length), digest, ref digestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Генерация ключевой пары ГОСТ Р 34.10-2001 NativeULong pubKeyId = CK.CK_INVALID_HANDLE; NativeULong privKeyId = CK.CK_INVALID_HANDLE; Helpers.GenerateGostKeyPair(pkcs11, session, ref pubKeyId, ref privKeyId, Settings.GostKeyPairId1); // Инициализация операции подписи данных по алгоритму ГОСТ Р 34.10-2001 CK_MECHANISM signMechanism = CkmUtils.CreateMechanism(CKM.CKM_GOSTR3410); rv = pkcs11.C_SignInit(session, ref signMechanism, privKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Определение размера подписи данных NativeULong signatureLen = 0; rv = pkcs11.C_Sign(session, digest, Convert.ToUInt64(digest.Length), null, ref signatureLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(signatureLen > 0); byte[] signature = new byte[signatureLen]; // Подпись данных rv = pkcs11.C_Sign(session, digest, Convert.ToUInt64(digest.Length), signature, ref signatureLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Инициализация проверки подписи по алгоритму ГОСТ Р 34.10-2001 rv = pkcs11.C_VerifyInit(session, ref signMechanism, pubKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Проверить подпись для данных rv = pkcs11.C_Verify(session, digest, Convert.ToUInt64(digest.Length), signature, Convert.ToUInt64(signature.Length)); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_DestroyObject(session, privKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_DestroyObject(session, pubKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_Logout(session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_CloseSession(session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_Finalize(IntPtr.Zero); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } } }
public void _LL_12_04_Digest_Gost3411_94_Test() { if (Platform.NativeULongSize != 4 || Platform.StructPackingSize != 1) { Assert.Inconclusive("Test cannot be executed on this platform"); } CKR rv = CKR.CKR_OK; using (RutokenPkcs11Library pkcs11 = new RutokenPkcs11Library(Settings.Pkcs11LibraryPath)) { rv = pkcs11.C_Initialize(Settings.InitArgs80); if ((rv != CKR.CKR_OK) && (rv != CKR.CKR_CRYPTOKI_ALREADY_INITIALIZED)) { Assert.Fail(rv.ToString()); } // Find first slot with token present NativeULong slotId = Helpers.GetUsableSlot(pkcs11); NativeULong session = CK.CK_INVALID_HANDLE; rv = pkcs11.C_OpenSession(slotId, (CKF.CKF_SERIAL_SESSION | CKF.CKF_RW_SESSION), IntPtr.Zero, IntPtr.Zero, ref session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Specify digesting mechanism (needs no parameter => no unamanaged memory is needed) CK_MECHANISM mechanism = CkmUtils.CreateMechanism(CKM.CKM_GOSTR3411); // Initialize digesting operation rv = pkcs11.C_DigestInit(session, ref mechanism); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } byte[] sourceData = TestData.Digest_Gost3411_SourceData; // Get length of digest value in first call NativeULong digestLen = 0; rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt64(sourceData.Length), null, ref digestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(digestLen > 0); // Allocate array for digest value byte[] digest = new byte[digestLen]; // Get digest value in second call rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt64(sourceData.Length), digest, ref digestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } byte[] targetData = TestData.Digest_Gost3411_94_TargetData; Assert.IsTrue(Convert.ToBase64String(digest) == Convert.ToBase64String(targetData)); rv = pkcs11.C_CloseSession(session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_Finalize(IntPtr.Zero); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } } }
public void _LL_30_01_SignJournalTest() { if (Platform.NativeULongSize != 4 || Platform.StructPackingSize != 1) { Assert.Inconclusive("Test cannot be executed on this platform"); } CKR rv = CKR.CKR_OK; using (RutokenPkcs11Library pkcs11 = new RutokenPkcs11Library(Settings.Pkcs11LibraryPath)) { rv = pkcs11.C_Initialize(Settings.InitArgs41); if ((rv != CKR.CKR_OK) && (rv != CKR.CKR_CRYPTOKI_ALREADY_INITIALIZED)) { Assert.Fail(rv.ToString()); } // Установление соединения с Рутокен в первом доступном слоте NativeULong slotId = Helpers.GetUsableSlot(pkcs11); // Открытие RW сессии NativeULong session = CK.CK_INVALID_HANDLE; rv = pkcs11.C_OpenSession(slotId, (CKF.CKF_SERIAL_SESSION | CKF.CKF_RW_SESSION), IntPtr.Zero, IntPtr.Zero, ref session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Выполнение аутентификации пользователя rv = pkcs11.C_Login(session, CKU.CKU_USER, Settings.NormalUserPinArray, Convert.ToUInt32(Settings.NormalUserPinArray.Length)); if (rv != CKR.CKR_OK && rv != CKR.CKR_USER_ALREADY_LOGGED_IN) { Assert.Fail(rv.ToString()); } // Инициализация хэш-функции CK_MECHANISM digestMechanism = CkmUtils.CreateMechanism((CKM)Extended_CKM.CKM_GOSTR3411_12_512); rv = pkcs11.C_DigestInit(session, ref digestMechanism); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } byte[] sourceData = TestData.Digest_Gost3411_SourceData; // Определение размера хэш-кода NativeULong dataDigestLen = 0; rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt32(sourceData.Length), null, ref dataDigestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(dataDigestLen > 0); // Вычисление хэш-кода данных byte[] dataDigest = new byte[dataDigestLen]; rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt32(sourceData.Length), dataDigest, ref dataDigestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Генерация ключевой пары ГОСТ Р 34.10-2012 NativeULong dataPublicKeyId = CK.CK_INVALID_HANDLE; NativeULong dataPrivateKeyId = CK.CK_INVALID_HANDLE; Helpers.GenerateGost512KeyPair(pkcs11, session, ref dataPublicKeyId, ref dataPrivateKeyId, Settings.Gost512KeyPairId1); // Инициализация операции подписи данных по алгоритму ГОСТ Р 34.10-2012 CK_MECHANISM signMechanism = CkmUtils.CreateMechanism((CKM)Extended_CKM.CKM_GOSTR3410_512); rv = pkcs11.C_SignInit(session, ref signMechanism, dataPrivateKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Определение размера подписи данных NativeULong signatureLen = 0; rv = pkcs11.C_Sign(session, dataDigest, Convert.ToUInt32(dataDigest.Length), null, ref signatureLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(signatureLen > 0); byte[] signature = new byte[signatureLen]; // Подпись данных rv = pkcs11.C_Sign(session, dataDigest, Convert.ToUInt32(dataDigest.Length), signature, ref signatureLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Инициализация проверки подписи по алгоритму ГОСТ Р 34.10-2012 rv = pkcs11.C_VerifyInit(session, ref signMechanism, dataPublicKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Проверить подпись для данных rv = pkcs11.C_Verify(session, dataDigest, Convert.ToUInt32(dataDigest.Length), signature, Convert.ToUInt32(signature.Length)); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Получение длины журнала операций NativeULong journalLen = 0; rv = pkcs11.C_EX_GetJournal(slotId, null, ref journalLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(journalLen > 0); // Получение журнала операций byte[] journal = new byte[journalLen]; rv = pkcs11.C_EX_GetJournal(slotId, journal, ref journalLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Генерация ключевой пары ГОСТ Р 34.10-2012 для подписи журнала NativeULong journalPublicKeyId = CK.CK_INVALID_HANDLE; NativeULong journalPrivateKeyId = CK.CK_INVALID_HANDLE; Helpers.GenerateGost512JournalKeyPair( pkcs11, session, ref journalPublicKeyId, ref journalPrivateKeyId); // Инициализация хэш-функции rv = pkcs11.C_DigestInit(session, ref digestMechanism); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Определение размера хэш-кода для журнала NativeULong journalDigestLen = 0; rv = pkcs11.C_Digest(session, journal, Convert.ToUInt32(journal.Length), null, ref journalDigestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(journalDigestLen > 0); // Вычисление хэш-кода журнала byte[] journalDigest = new byte[journalDigestLen]; rv = pkcs11.C_Digest(session, journal, Convert.ToUInt32(journal.Length), journalDigest, ref journalDigestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Инициализация операции подписи данных по алгоритму ГОСТ Р 34.10-2012 rv = pkcs11.C_SignInit(session, ref signMechanism, journalPrivateKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Определение размера подписи журнала NativeULong journalSignatureLen = 0; rv = pkcs11.C_Sign(session, journalDigest, Convert.ToUInt32(journalDigest.Length), null, ref journalSignatureLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(journalSignatureLen > 0); byte[] journalSignature = new byte[journalSignatureLen]; // Подпись журнала rv = pkcs11.C_Sign(session, journalDigest, Convert.ToUInt32(journalDigest.Length), journalSignature, ref journalSignatureLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Инициализация проверки подписи по алгоритму ГОСТ Р 34.10-2012 rv = pkcs11.C_VerifyInit(session, ref signMechanism, journalPublicKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Проверить подпись журнала rv = pkcs11.C_Verify(session, journalDigest, Convert.ToUInt32(journalDigest.Length), journalSignature, Convert.ToUInt32(journalSignature.Length)); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Уничтожение созданных ключей rv = pkcs11.C_DestroyObject(session, dataPrivateKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_DestroyObject(session, dataPublicKeyId); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_Logout(session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_CloseSession(session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_Finalize(IntPtr.Zero); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } } }
public void _LL_12_01_Digest_SHA1_Test() { Helpers.CheckPlatform(); CKR rv = CKR.CKR_OK; using (RutokenPkcs11Library pkcs11 = new RutokenPkcs11Library(Settings.Pkcs11LibraryPath)) { rv = pkcs11.C_Initialize(Settings.InitArgs41); if ((rv != CKR.CKR_OK) && (rv != CKR.CKR_CRYPTOKI_ALREADY_INITIALIZED)) { Assert.Fail(rv.ToString()); } // Find first slot with token present NativeULong slotId = Helpers.GetUsableSlot(pkcs11); NativeULong session = CK.CK_INVALID_HANDLE; rv = pkcs11.C_OpenSession(slotId, (CKF.CKF_SERIAL_SESSION | CKF.CKF_RW_SESSION), IntPtr.Zero, IntPtr.Zero, ref session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Specify digesting mechanism (needs no parameter => no unamanaged memory is needed) CK_MECHANISM mechanism = CkmUtils.CreateMechanism(CKM.CKM_SHA_1); // Initialize digesting operation rv = pkcs11.C_DigestInit(session, ref mechanism); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } byte[] sourceData = ConvertUtils.Utf8StringToBytes("Hello world"); // Get length of digest value in first call NativeULong digestLen = 0; rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt32(sourceData.Length), null, ref digestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } Assert.IsTrue(digestLen > 0); // Allocate array for digest value byte[] digest = new byte[digestLen]; // Get digest value in second call rv = pkcs11.C_Digest(session, sourceData, Convert.ToUInt32(sourceData.Length), digest, ref digestLen); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } // Do something interesting with digest value rv = pkcs11.C_CloseSession(session); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } rv = pkcs11.C_Finalize(IntPtr.Zero); if (rv != CKR.CKR_OK) { Assert.Fail(rv.ToString()); } } }