public void ThenCreateCorrectEncoding()
{
// Arrange
var xmlDocument = new XmlDocument();
xmlDocument.LoadXml(Properties.Resources.EncryptedKeyWithMGFSpec);
AS4EncryptedKey as4EncryptedKey = AS4EncryptedKey.LoadFromXmlDocument(xmlDocument);
// Act
OaepEncoding encoding = EncodingFactory.Instance.Create(
as4EncryptedKey.GetDigestAlgorithm(),
as4EncryptedKey.GetMaskGenerationFunction());
// Assert
AssertMgf1Hash(encoding, "SHA-256");
}
public void ThenCreateAS4EncryptedKeySucceeds(string algorithm, string digest, string mgf)
{
byte[] encryptionKey = GenerateEncryptionKey();
var keyEncryption = new KeyEncryption
{
TransportAlgorithm = algorithm,
DigestAlgorithm = digest,
MgfAlgorithm = mgf
};
var keyEncryptionConfiguration = new KeyEncryptionConfiguration(GetCertificate(), keyEncryption);
AS4EncryptedKey key =
AS4EncryptedKey.CreateEncryptedKeyBuilderForKey(encryptionKey, keyEncryptionConfiguration)
.Build();
Assert.Equal(algorithm, key.GetEncryptionAlgorithm());
Assert.Equal(digest, key.GetDigestAlgorithm());
Assert.Equal(mgf, key.GetMaskGenerationFunction());
}
private static byte[] DecryptEncryptedKey(AS4EncryptedKey encryptedKey, X509Certificate2 certificate)
{
OaepEncoding encoding = EncodingFactory.Instance
.Create(encryptedKey.GetDigestAlgorithm(), encryptedKey.GetMaskGenerationFunction());
// We do not look at the KeyInfo element in here, but rather decrypt it with the certificate provided as argument.
// Call GetRSAPrivateKey to avoid KeySet does not exist exceptions that might be thrown.
RSA privateKey = certificate.GetRSAPrivateKey();
if (privateKey == null)
{
throw new CryptographicException("The decryption certificate does not contain a private key.");
}
AsymmetricCipherKeyPair encryptionCertificateKeyPair =
DotNetUtilities.GetRsaKeyPair(privateKey);
encoding.Init(false, encryptionCertificateKeyPair.Private);
CipherData cipherData = encryptedKey.GetCipherData();
return(encoding.ProcessBlock(
inBytes: cipherData.CipherValue, inOff: 0, inLen: cipherData.CipherValue.Length));
}
