public void _01_BasicInitTokenAndPinTest() { using (IPkcs11Library pkcs11Library = Settings.Factories.Pkcs11LibraryFactory.LoadPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present ISlot slot = Helpers.GetUsableSlot(pkcs11Library); ITokenInfo tokenInfo = slot.GetTokenInfo(); // Check if token needs to be initialized if (!tokenInfo.TokenFlags.TokenInitialized) { // Initialize token and SO (security officer) pin slot.InitToken(Settings.SecurityOfficerPin, Settings.ApplicationName); // Open RW session using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { // Login as SO (security officer) session.Login(CKU.CKU_SO, Settings.SecurityOfficerPin); // Initialize user pin session.InitPin(Settings.NormalUserPin); session.Logout(); } } } }
private static void InitializeToken(ISlot slot, string label, string soPin, string userPin) { if (slot.GetTokenInfo().TokenFlags.TokenInitialized) { throw new Exception("Token already initialized"); } slot.InitToken(soPin, label); using (ISession session = slot.OpenSession(SessionType.ReadWrite)) { session.Login(CKU.CKU_SO, soPin); session.InitPin(userPin); } }
public ActionResult GetAllCerts() { Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, DllLibPath, AppType.MultiThreaded)) { ISlot slot = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent).FirstOrDefault(); if (slot is null) { return(Ok("No slots found")); } ITokenInfo tokenInfo = slot.GetTokenInfo(); ISlotInfo slotInfo = slot.GetSlotInfo(); using (var session = slot.OpenSession(SessionType.ReadWrite)) { session.Login(CKU.CKU_USER, Encoding.UTF8.GetBytes(TokenPin)); var certificateSearchAttributes = new List <IObjectAttribute>() { session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_CERTIFICATE), session.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true), session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CERTIFICATE_TYPE, CKC.CKC_X_509) }; IObjectHandle certificate = session.FindAllObjects(certificateSearchAttributes).FirstOrDefault(); var certificateValue = session.GetAttributeValue(certificate, new List <CKA> { CKA.CKA_VALUE }); var xcert = new X509Certificate2(certificateValue[0].GetValueAsByteArray()); return(Ok( new { xcert.Thumbprint, xcert.Subject, xcert.IssuerName, hasKeyNull = xcert.PrivateKey is null }));
public void _01_BasicTokenInfoTest() { using (IPkcs11 pkcs11 = Settings.Factories.Pkcs11Factory.CreatePkcs11(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present ISlot slot = Helpers.GetUsableSlot(pkcs11); // Get token info ITokenInfo tokenInfo = slot.GetTokenInfo(); // Do something interesting with token info Assert.IsFalse(String.IsNullOrEmpty(tokenInfo.ManufacturerId)); } }
private Pkcs11TokenInfo ReadTokenInfo() { return(new Pkcs11TokenInfo(_slot.GetTokenInfo())); }
public string SignWithCMS(String serializedJson) { byte[] data = Encoding.UTF8.GetBytes(serializedJson); Pkcs11InteropFactories factories = new Pkcs11InteropFactories(); using (IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, DllLibPath, AppType.MultiThreaded)) { ISlot slot = pkcs11Library.GetSlotList(SlotsType.WithTokenPresent).FirstOrDefault(); if (slot is null) { return("No slots found"); } ITokenInfo tokenInfo = slot.GetTokenInfo(); ISlotInfo slotInfo = slot.GetSlotInfo(); using (var session = slot.OpenSession(SessionType.ReadWrite)) { session.Login(CKU.CKU_USER, Encoding.UTF8.GetBytes(TokenPin)); var certificateSearchAttributes = new List <IObjectAttribute>() { session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CLASS, CKO.CKO_CERTIFICATE), session.Factories.ObjectAttributeFactory.Create(CKA.CKA_TOKEN, true), session.Factories.ObjectAttributeFactory.Create(CKA.CKA_CERTIFICATE_TYPE, CKC.CKC_X_509) }; IObjectHandle certificate = session.FindAllObjects(certificateSearchAttributes).FirstOrDefault(); if (certificate is null) { return("Certificate not found"); } X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.MaxAllowed); // find cert by thumbprint var foundCerts = store.Certificates.Find(X509FindType.FindByIssuerName, TokenCertificate, false); //var foundCerts = store.Certificates.Find(X509FindType.FindBySerialNumber, "2b1cdda84ace68813284519b5fb540c2", true); if (foundCerts.Count == 0) { return("no device detected"); } var certForSigning = foundCerts[0]; store.Close(); ContentInfo content = new ContentInfo(new Oid("1.2.840.113549.1.7.5"), data); SignedCms cms = new SignedCms(content, true); EssCertIDv2 bouncyCertificate = new EssCertIDv2(new Org.BouncyCastle.Asn1.X509.AlgorithmIdentifier(new DerObjectIdentifier("1.2.840.113549.1.9.16.2.47")), this.HashBytes(certForSigning.RawData)); SigningCertificateV2 signerCertificateV2 = new SigningCertificateV2(new EssCertIDv2[] { bouncyCertificate }); CmsSigner signer = new CmsSigner(certForSigning); signer.DigestAlgorithm = new Oid("2.16.840.1.101.3.4.2.1"); signer.SignedAttributes.Add(new Pkcs9SigningTime(DateTime.UtcNow)); signer.SignedAttributes.Add(new AsnEncodedData(new Oid("1.2.840.113549.1.9.16.2.47"), signerCertificateV2.GetEncoded())); cms.ComputeSignature(signer); var output = cms.Encode(); return(Convert.ToBase64String(output)); } } }