public void _01_BasicOperationStateTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RO (read-only) session using (Session session = slot.OpenSession(true)) { // Get operation state byte[] state = session.GetOperationState(); // Do something interesting with operation state Assert.IsNotNull(state); // Let's set state so the test is complete // Note that CK_INVALID_HANDLE is passed in as encryptionKey and authenticationKey session.SetOperationState(state, new ObjectHandle(), new ObjectHandle()); } } }
public void _01_BasicInitTokenAndPinTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); TokenInfo tokenInfo = slot.GetTokenInfo(); // Check if token needs to be initialized if (!tokenInfo.TokenFlags.TokenInitialized) { // Initialize token and SO (security officer) pin slot.InitToken(Settings.SecurityOfficerPin, Settings.ApplicationName); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as SO (security officer) session.Login(CKU.CKU_SO, Settings.SecurityOfficerPin); // Initialize user pin session.InitPin(Settings.NormalUserPin); session.Logout(); } } } }
public void _02_CancelFunctionTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RO (read-only) session using (Session session = slot.OpenSession(true)) { // Legacy functions should always return CKR_FUNCTION_NOT_PARALLEL try { session.CancelFunction(); } catch (Pkcs11Exception ex) { if (ex.RV != CKR.CKR_FUNCTION_NOT_PARALLEL) throw; } } } }
public void _01_GetAttributeValueTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Create object ObjectHandle objectHandle = Helpers.CreateDataObject(session); // Prepare list of empty attributes we want to read List<CKA> attributes = new List<CKA>(); attributes.Add(CKA.CKA_LABEL); attributes.Add(CKA.CKA_VALUE); // Get value of specified attributes List<ObjectAttribute> objectAttributes = session.GetAttributeValue(objectHandle, attributes); // Do something interesting with attribute value Assert.IsTrue(objectAttributes[0].GetValueAsString() == Settings.ApplicationName); session.DestroyObject(objectHandle); session.Logout(); } } }
public void _02_CopyObjectTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Create object that can be copied ObjectHandle objectHandle = Helpers.CreateDataObject(session); // Copy object ObjectHandle copiedObjectHandle = session.CopyObject(objectHandle, null); // Do something interesting with new object session.DestroyObject(copiedObjectHandle); session.DestroyObject(objectHandle); session.Logout(); } } }
public void _02_DigestMultiPartTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RO session using (Session session = slot.OpenSession(true)) { // Specify digesting mechanism Mechanism mechanism = new Mechanism(CKM.CKM_SHA_1); byte[] sourceData = ConvertUtils.Utf8StringToBytes("Hello world"); byte[] digest = null; // Multipart digesting can be used i.e. for digesting of streamed data using (MemoryStream inputStream = new MemoryStream(sourceData)) { // Digest data digest = session.Digest(mechanism, inputStream); } // Do something interesting with digest value Assert.IsTrue(Convert.ToBase64String(digest) == "e1AsOh9IyGCa4hLN+2Od7jlnP14="); } } }
/// <summary> /// Obtains a list of unmanaged struct sizes. /// This method should be used only for testing purposes with PKCS11-MOCK module. /// </summary> /// <param name="pkcs11">Instance of the extended class</param> /// <returns>List of unmanaged struct sizes</returns> public static List <uint> GetUnmanagedStructSizeList(this HLA40.Pkcs11 pkcs11) { if (pkcs11.Disposed) { throw new ObjectDisposedException(pkcs11.GetType().FullName); } uint sizeCount = 0; CKR rv = pkcs11.LowLevelPkcs11.C_GetUnmanagedStructSizeList(null, ref sizeCount); if (rv != CKR.CKR_OK) { throw new Pkcs11Exception("C_GetUnmanagedStructSizeList", rv); } uint[] sizeList = new uint[sizeCount]; rv = pkcs11.LowLevelPkcs11.C_GetUnmanagedStructSizeList(sizeList, ref sizeCount); if (rv != CKR.CKR_OK) { throw new Pkcs11Exception("C_GetUnmanagedStructSizeList", rv); } if (sizeList.Length != sizeCount) { Array.Resize(ref sizeList, Convert.ToInt32(sizeCount)); } return(new List <uint>(sizeList)); }
public void _01_BasicSignEncryptAndDecryptVerifyTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate asymetric key pair ObjectHandle publicKey = null; ObjectHandle privateKey = null; Helpers.GenerateKeyPair(session, out publicKey, out privateKey); // Specify signing mechanism Mechanism signingMechanism = new Mechanism(CKM.CKM_SHA1_RSA_PKCS); // Generate symetric key ObjectHandle secretKey = Helpers.GenerateKey(session); // Generate random initialization vector byte[] iv = session.GenerateRandom(8); // Specify encryption mechanism with initialization vector as parameter Mechanism encryptionMechanism = new Mechanism(CKM.CKM_DES3_CBC, iv); byte[] sourceData = ConvertUtils.Utf8StringToBytes("Passw0rd"); // Sign and encrypt data byte[] signature = null; byte[] encryptedData = null; session.SignEncrypt(signingMechanism, privateKey, encryptionMechanism, secretKey, sourceData, out signature, out encryptedData); // Do something interesting with signature and encrypted data // Decrypt data and verify signature of data byte[] decryptedData = null; bool isValid = false; session.DecryptVerify(signingMechanism, publicKey, encryptionMechanism, secretKey, encryptedData, signature, out decryptedData, out isValid); // Do something interesting with decrypted data and verification result Assert.IsTrue(Convert.ToBase64String(sourceData) == Convert.ToBase64String(decryptedData)); Assert.IsTrue(isValid); session.DestroyObject(privateKey); session.DestroyObject(publicKey); session.DestroyObject(secretKey); session.Logout(); } } }
public void _01_BasicWrapAndUnwrapKeyTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate asymetric key pair ObjectHandle publicKey = null; ObjectHandle privateKey = null; Helpers.GenerateKeyPair(session, out publicKey, out privateKey); // Generate symetric key ObjectHandle secretKey = Helpers.GenerateKey(session); // Specify wrapping mechanism Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS); // Wrap key byte[] wrappedKey = session.WrapKey(mechanism, publicKey, secretKey); // Do something interesting with wrapped key Assert.IsNotNull(wrappedKey); // Define attributes for unwrapped key List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>(); objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_SECRET_KEY)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_DES3)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_ENCRYPT, true)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_DERIVE, true)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_EXTRACTABLE, true)); // Unwrap key ObjectHandle unwrappedKey = session.UnwrapKey(mechanism, privateKey, wrappedKey, objectAttributes); // Do something interesting with unwrapped key Assert.IsTrue(unwrappedKey.ObjectId != CK.CK_INVALID_HANDLE); session.DestroyObject(privateKey); session.DestroyObject(publicKey); session.DestroyObject(secretKey); session.Logout(); } } }
public void _02_UsingPkcs11DisposeTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); // Pkcs11 class can be used in using statement which defines a scope // at the end of which an object will be disposed. using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Do something interesting } }
public void _03_SingleThreadedInitializeTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); // If an application will not be accessing PKCS#11 library from multiple threads // simultaneously, it should specify "false" as a value of "useOsLocking" parameter. using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, false)) { // Do something interesting } }
public void _01_BasicGetInfoTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { LibraryInfo libraryInfo = pkcs11.GetInfo(); // Do something interesting with library information Assert.IsFalse(String.IsNullOrEmpty(libraryInfo.ManufacturerId)); } }
public void _01_BasicDigestEncryptAndDecryptDigestTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate symetric key ObjectHandle generatedKey = Helpers.GenerateKey(session); // Generate random initialization vector byte[] iv = session.GenerateRandom(8); // Specify encryption mechanism with initialization vector as parameter Mechanism encryptionMechanism = new Mechanism(CKM.CKM_DES3_CBC, iv); // Specify digesting mechanism Mechanism digestingMechanism = new Mechanism(CKM.CKM_SHA_1); byte[] sourceData = ConvertUtils.Utf8StringToBytes("Our new password"); // Encrypt and digest data byte[] digest1 = null; byte[] encryptedData = null; session.DigestEncrypt(digestingMechanism, encryptionMechanism, generatedKey, sourceData, out digest1, out encryptedData); // Do something interesting with encrypted data and digest // Decrypt and digest data byte[] digest2 = null; byte[] decryptedData = null; session.DecryptDigest(digestingMechanism, encryptionMechanism, generatedKey, encryptedData, out digest2, out decryptedData); // Do something interesting with decrypted data and digest Assert.IsTrue(Convert.ToBase64String(sourceData) == Convert.ToBase64String(decryptedData)); Assert.IsTrue(Convert.ToBase64String(digest1) == Convert.ToBase64String(digest2)); session.DestroyObject(generatedKey); session.Logout(); } } }
public void _02_LibraryInfoMatches() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { LibraryInfo libraryInfo = pkcs11.GetInfo(); // Empty URI Pkcs11Uri pkcs11uri = new Pkcs11Uri(@"pkcs11:"); Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, libraryInfo)); // Unknown path attribute in URI pkcs11uri = new Pkcs11Uri(@"pkcs11:vendor=foobar"); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, libraryInfo)); // All attributes matching Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.LibraryManufacturer = libraryInfo.ManufacturerId; pkcs11UriBuilder.LibraryDescription = libraryInfo.LibraryDescription; pkcs11UriBuilder.LibraryVersion = libraryInfo.LibraryVersion; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, libraryInfo)); // LibraryManufacturer nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.LibraryManufacturer = "foobar"; pkcs11UriBuilder.LibraryDescription = libraryInfo.LibraryDescription; pkcs11UriBuilder.LibraryVersion = libraryInfo.LibraryVersion; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, libraryInfo)); // LibraryDescription nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.LibraryManufacturer = libraryInfo.ManufacturerId; pkcs11UriBuilder.LibraryDescription = "foobar"; pkcs11UriBuilder.LibraryVersion = libraryInfo.LibraryVersion; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, libraryInfo)); // LibraryVersion nonmatching pkcs11UriBuilder = new Pkcs11UriBuilder(); pkcs11UriBuilder.LibraryManufacturer = libraryInfo.ManufacturerId; pkcs11UriBuilder.LibraryDescription = libraryInfo.LibraryDescription; pkcs11UriBuilder.LibraryVersion = "0"; pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri(); Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, libraryInfo)); } }
public void _03_WaitForSlotEventTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Wait for a slot event bool eventOccured = false; uint slotId = 0; pkcs11.WaitForSlotEvent(true, out eventOccured, out slotId); Assert.IsFalse(eventOccured); } }
/// <summary> /// Finds slot containing the token that matches criteria specified in Settings class /// </summary> /// <param name='pkcs11'>Initialized PKCS11 wrapper</param> /// <returns>Slot containing the token that matches criteria</returns> public static Slot GetUsableSlot(Pkcs11 pkcs11) { // Get list of available slots with token present List<Slot> slots = pkcs11.GetSlotList(true); Assert.IsNotNull(slots); Assert.IsTrue(slots.Count > 0); // First slot with token present is OK... Slot matchingSlot = slots[0]; // ...unless there are matching criteria specified in Settings class if (Settings.TokenSerial != null || Settings.TokenLabel != null) { matchingSlot = null; foreach (Slot slot in slots) { TokenInfo tokenInfo = null; try { tokenInfo = slot.GetTokenInfo(); } catch (Pkcs11Exception ex) { if (ex.RV != CKR.CKR_TOKEN_NOT_RECOGNIZED && ex.RV != CKR.CKR_TOKEN_NOT_PRESENT) throw; } if (tokenInfo == null) continue; if (!string.IsNullOrEmpty(Settings.TokenSerial)) if (0 != string.Compare(Settings.TokenSerial, tokenInfo.SerialNumber, StringComparison.Ordinal)) continue; if (!string.IsNullOrEmpty(Settings.TokenLabel)) if (0 != string.Compare(Settings.TokenLabel, tokenInfo.Label, StringComparison.Ordinal)) continue; matchingSlot = slot; break; } } Assert.IsTrue(matchingSlot != null, "Token matching criteria specified in Settings class is not present"); return matchingSlot; }
public void _01_SlotListTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Get list of available slots List<Slot> slots = pkcs11.GetSlotList(false); // Do something interesting with slots Assert.IsNotNull(slots); Assert.IsTrue(slots.Count > 0); } }
public void _01_BasicPkcs11DisposeTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); // Unmanaged PKCS#11 library is loaded by the constructor of Pkcs11 class. // Every PKCS#11 library needs to be initialized with C_Initialize method // which is also called automatically by the constructor of Pkcs11 class. Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking); // Do something interesting // Unmanaged PKCS#11 library is unloaded by Dispose() method. // C_Finalize should be the last call made by an application and it // is also called automatically by Dispose() method. pkcs11.Dispose(); }
public void _01_BasicTokenInfoTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Get token info TokenInfo tokenInfo = slot.GetTokenInfo(); // Do something interesting with token info Assert.IsFalse(String.IsNullOrEmpty(tokenInfo.ManufacturerId)); } }
public void _01_BasicSignAndVerifyRecoverTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate key pair ObjectHandle publicKey = null; ObjectHandle privateKey = null; Helpers.GenerateKeyPair(session, out publicKey, out privateKey); // Specify signing mechanism Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS); byte[] sourceData = ConvertUtils.Utf8StringToBytes("Hello world"); // Sign data byte[] signature = session.SignRecover(mechanism, privateKey, sourceData); // Do something interesting with signature // Verify signature bool isValid = false; byte[] recoveredData = session.VerifyRecover(mechanism, publicKey, signature, out isValid); // Do something interesting with verification result and recovered data Assert.IsTrue(isValid); Assert.IsTrue(Convert.ToBase64String(sourceData) == Convert.ToBase64String(recoveredData)); session.DestroyObject(privateKey); session.DestroyObject(publicKey); session.Logout(); } } }
public void _02_UsingSessionTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Session class can be used in using statement which defines a scope // at the end of which the session will be closed automatically. using (Session session = slot.OpenSession(true)) { // Do something interesting in RO session } } }
public void _01_BasicObjectFindingTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Let's create two objects so we can find something ObjectHandle objectHandle1 = Helpers.CreateDataObject(session); ObjectHandle objectHandle2 = Helpers.CreateDataObject(session); // Prepare attribute template that defines search criteria List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>(); objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_DATA)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true)); // Initialize searching session.FindObjectsInit(objectAttributes); // Get search results List<ObjectHandle> foundObjects = session.FindObjects(2); // Terminate searching session.FindObjectsFinal(); // Do something interesting with found objects Assert.IsTrue(foundObjects.Count == 2); Assert.IsTrue((foundObjects[0].ObjectId != CK.CK_INVALID_HANDLE) && (foundObjects[1].ObjectId != CK.CK_INVALID_HANDLE)); session.DestroyObject(objectHandle2); session.DestroyObject(objectHandle1); session.Logout(); } } }
public void _03_CloseSessionViaSlotTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RO (read-only) session Session session = slot.OpenSession(true); // Do something interesting in RO session // Alternatively session can be closed with CloseSession method of Slot class. slot.CloseSession(session); } }
public void _02_BasicSlotListAndInfoTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Get list of available slots List<Slot> slots = pkcs11.GetSlotList(false); // Do something interesting with slots Assert.IsNotNull(slots); Assert.IsTrue(slots.Count > 0); // Analyze first slot SlotInfo slotInfo = slots[0].GetSlotInfo(); // Do something interesting with slot info Assert.IsNotNull(slotInfo.ManufacturerId); } }
public void _02_GenerateRandomTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RO (read-only) session using (Session session = slot.OpenSession(true)) { // Get random or pseudo-random data byte[] randomData = session.GenerateRandom(256); // Do something interesting with random data Assert.IsTrue(randomData.Length == 256); } } }
public void _01_SeedRandomTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RO (read-only) session using (Session session = slot.OpenSession(true)) { // Mix additional seed material into the token's random number generator byte[] seed = ConvertUtils.Utf8StringToBytes("Additional seed material"); session.SeedRandom(seed); // Do something interesting with random number generator } } }
public void _01_BasicDeriveKeyTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Generate symetric key ObjectHandle baseKey = Helpers.GenerateKey(session); // Generate random data needed for key derivation byte[] data = session.GenerateRandom(24); // Specify mechanism parameters CkKeyDerivationStringData mechanismParams = new CkKeyDerivationStringData(data); // Specify derivation mechanism with parameters Mechanism mechanism = new Mechanism(CKM.CKM_XOR_BASE_AND_DATA, mechanismParams); // Derive key ObjectHandle derivedKey = session.DeriveKey(mechanism, baseKey, null); // Do something interesting with derived key Assert.IsTrue(derivedKey.ObjectId != CK.CK_INVALID_HANDLE); session.DestroyObject(baseKey); session.DestroyObject(derivedKey); session.Logout(); } } }
public void _01_BasicMechanismListAndInfoTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Get supported mechanisms List<CKM> mechanisms = slot.GetMechanismList(); Assert.IsTrue(mechanisms.Count > 0); // Analyze first supported mechanism MechanismInfo mechanismInfo = slot.GetMechanismInfo(mechanisms[0]); // Do something interesting with mechanism info Assert.IsNotNull(mechanismInfo.MechanismFlags); } }
public void _02_SecurityOfficerLoginTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as SO (security officer) session.Login(CKU.CKU_SO, Settings.SecurityOfficerPin); // Do something interesting as security officer session.Logout(); } } }
public void _01_GenerateKeyTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Prepare attribute template of new key List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>(); objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_SECRET_KEY)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_DES3)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_ENCRYPT, true)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true)); // Specify key generation mechanism Mechanism mechanism = new Mechanism(CKM.CKM_DES3_KEY_GEN); // Generate key ObjectHandle objectHandle = session.GenerateKey(mechanism, objectAttributes); // Do something interesting with generated key // Destroy object session.DestroyObject(objectHandle); session.Logout(); } } }
public void _01_BasicSetPinTest() { if (Platform.UnmanagedLongSize != 4 || Platform.StructPackingSize != 0) Assert.Inconclusive("Test cannot be executed on this platform"); using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath, Settings.UseOsLocking)) { // Find first slot with token present Slot slot = Helpers.GetUsableSlot(pkcs11); // Open RW session using (Session session = slot.OpenSession(false)) { // Login as normal user session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Set new pin for the logged in user session.SetPin(Settings.NormalUserPin, Settings.NormalUserPin); session.Logout(); } } }