public void _03_EncryptAndDecryptSinglePartOaepTest()
{
using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType))
{
// Find first slot with token present
ISlot slot = Helpers.GetUsableSlot(pkcs11Library);
// Open RW session
using (ISession session = slot.OpenSession(SessionType.ReadWrite))
{
// Login as normal user
session.Login(CKU.CKU_USER, Settings.NormalUserPin);
// Generate key pair
IObjectHandle publicKey = null;
IObjectHandle privateKey = null;
Helpers.GenerateKeyPair(session, out publicKey, out privateKey);
// Specify mechanism parameters
ICkRsaPkcsOaepParams mechanismParams = session.Factories.MechanismParamsFactory.CreateCkRsaPkcsOaepParams(
ConvertUtils.UInt64FromCKM(CKM.CKM_SHA_1),
ConvertUtils.UInt64FromCKG(CKG.CKG_MGF1_SHA1),
ConvertUtils.UInt64FromUInt32(CKZ.CKZ_DATA_SPECIFIED),
null
);
// Specify encryption mechanism with parameters
IMechanism mechanism = session.Factories.MechanismFactory.Create(CKM.CKM_RSA_PKCS_OAEP, mechanismParams);
byte[] sourceData = ConvertUtils.Utf8StringToBytes("Hello world");
// Encrypt data
byte[] encryptedData = session.Encrypt(mechanism, publicKey, sourceData);
// Do something interesting with encrypted data
// Decrypt data
byte[] decryptedData = session.Decrypt(mechanism, privateKey, encryptedData);
// Do something interesting with decrypted data
Assert.IsTrue(ConvertUtils.BytesToBase64String(sourceData) == ConvertUtils.BytesToBase64String(decryptedData));
session.DestroyObject(privateKey);
session.DestroyObject(publicKey);
session.Logout();
}
}
}
/// <summary>
/// Initializes a new instance of the CkAesCbcEncryptDataParams class.
/// </summary>
/// <param name='aesKeyBits'>Length of the temporary AES key in bits</param>
/// <param name='oaepParams'>Parameters of the temporary AES key wrapping</param>
public CkRsaAesKeyWrapParams(NativeULong aesKeyBits, ICkRsaPkcsOaepParams oaepParams)
{
_lowLevelStruct.AESKeyBits = 0;
_lowLevelStruct.OAEPParams = IntPtr.Zero;
if (oaepParams == null)
{
throw new ArgumentNullException("oaepParams");
}
// Keep the reference to OAEP params so GC will not free it while this object exists
_oaepParams = oaepParams;
_lowLevelStruct.AESKeyBits = aesKeyBits;
_lowLevelStruct.OAEPParams = UnmanagedMemory.Allocate(UnmanagedMemory.SizeOf(typeof(CK_RSA_PKCS_OAEP_PARAMS)));
UnmanagedMemory.Write(_lowLevelStruct.OAEPParams, oaepParams.ToMarshalableStructure());
}
/// <summary>
/// Disposes object
/// </summary>
/// <param name="disposing">Flag indicating whether managed resources should be disposed</param>
protected virtual void Dispose(bool disposing)
{
if (!this._disposed)
{
if (disposing)
{
// Dispose managed objects
// Release the reference to OAEP params so GC knows this object doesn't need it anymore
_oaepParams = null;
}
// Dispose unmanaged objects
_lowLevelStruct.AESKeyBits = 0;
UnmanagedMemory.Free(ref _lowLevelStruct.OAEPParams);
_disposed = true;
}
}
/// <summary>
/// Creates parameters for the CKM_RSA_AES_KEY_WRAP mechanism
/// </summary>
/// <param name='aesKeyBits'>Length of the temporary AES key in bits</param>
/// <param name='oaepParams'>Parameters of the temporary AES key wrapping</param>
/// <returns>Parameters for the CKM_RSA_AES_KEY_WRAP mechanism</returns>
public ICkRsaAesKeyWrapParams CreateCkRsaAesKeyWrapParams(ulong aesKeyBits, ICkRsaPkcsOaepParams oaepParams)
{
return _factory.CreateCkRsaAesKeyWrapParams(aesKeyBits, oaepParams);
}
/// <summary>
/// Creates parameters for the CKM_RSA_AES_KEY_WRAP mechanism
/// </summary>
/// <param name='aesKeyBits'>Length of the temporary AES key in bits</param>
/// <param name='oaepParams'>Parameters of the temporary AES key wrapping</param>
/// <returns>Parameters for the CKM_RSA_AES_KEY_WRAP mechanism</returns>
public ICkRsaAesKeyWrapParams CreateCkRsaAesKeyWrapParams(ulong aesKeyBits, ICkRsaPkcsOaepParams oaepParams)
{
return(new CkRsaAesKeyWrapParams(ConvertUtils.UInt32FromUInt64(aesKeyBits), oaepParams));
}
