public override void PerformTest()
{
IAsymmetricCipherKeyPairGenerator pGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25);
pGen.Init(genParam);
AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
//
// set up the parameters
//
byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
int iterationCount = 100;
//
// set up the key
//
char[] password1 = { 'h', 'e', 'l', 'l', 'o' };
EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(alg, password1, salt, iterationCount, PrivateKeyInfoFactory.CreatePrivateKeyInfo(pair.Private));
PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password1, encInfo);
AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(info);
if (!key.Equals(pair.Private))
{
Fail("Key corrupted");
}
doOpensslTestKeys();
}
public override bool Equals(object obj)
{
AsymmetricKeyEntry asymmetricKeyEntry = obj as AsymmetricKeyEntry;
if (asymmetricKeyEntry == null)
{
return(false);
}
return(key.Equals(asymmetricKeyEntry.key));
}
public override bool Equals(object obj)
{
var other = obj as AsymmetricKeyEntry;
if (other == null)
{
return(false);
}
return(_key.Equals(other._key));
}
/// <summary>
/// The public key wrapper test.
/// </summary>
[Test] public void PublicKeyWrapperTest()
{
File.Delete("CoreDataTypesTestsPkWrapperVoters.sqlite");
using (var s = new Station(
new TestUi(),
SystemTestData.Key,
SystemTestData.Password,
SystemTestData.ManagerPort,
"CoreDataTypesTestsPkWrapperVoters.sqlite")) {
AsymmetricKeyParameter originalKey = s.Crypto.KeyPair.Public;
var pkWrapper = new PublicKeyWrapper(s.Crypto, "batman");
Assert.That(originalKey.Equals(pkWrapper.GetKey(s.Crypto, "batman").Value));
try {
pkWrapper.GetKey(s.Crypto, "wrongKey");
Assert.Fail();
} catch (ArgumentException) { }
}
File.Delete("CoreDataTypesTestsPkWrapperVoters.sqlite");
}
private void keyPairTest(
string name,
AsymmetricCipherKeyPair pair)
{
MemoryStream bOut = new MemoryStream();
PemWriter pWrt = new PemWriter(new StreamWriter(bOut));
pWrt.WriteObject(pair.Public);
pWrt.Writer.Close();
PemReader pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false)));
AsymmetricKeyParameter pubK = (AsymmetricKeyParameter)pemRd.ReadObject();
if (!pubK.Equals(pair.Public))
{
Fail("Failed public key read: " + name);
}
bOut = new MemoryStream();
pWrt = new PemWriter(new StreamWriter(bOut));
pWrt.WriteObject(pair.Private);
pWrt.Writer.Close();
pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false)));
AsymmetricCipherKeyPair kPair = (AsymmetricCipherKeyPair)pemRd.ReadObject();
if (!kPair.Private.Equals(pair.Private))
{
Fail("Failed private key read: " + name);
}
if (!kPair.Public.Equals(pair.Public))
{
Fail("Failed private key public read: " + name);
}
}
public override void PerformTest()
{
byte[] input = new byte[]
{ (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a };
byte[][] output = new byte[][]
{
Hex.Decode("8b427f781a2e59dd9def386f1956b996ee07f48c96880e65a368055ed8c0a8831669ef7250b40918b2b1d488547e72c84540e42bd07b03f14e226f04fbc2d929"),
Hex.Decode("2ec6e1a1711b6c7b8cd3f6a25db21ab8bb0a5f1d6df2ef375fa708a43997730ffc7c98856dbbe36edddcdd1b2d2a53867d8355af94fea3aeec128da908e08f4c"),
Hex.Decode("0850ac4e5a8118323200c8ed1e5aaa3d5e635172553ccac66a8e4153d35c79305c4440f11034ab147fccce21f18a50cf1c0099c08a577eb68237a91042278965"),
Hex.Decode("1c9649bdccb51056751fe43837f4eb43bada472accf26f65231666d5de7d11950d8379b3596dfdf75c6234274896fa8d18ad0865d3be2ac4d6687151abdf01e93941dcef18fa63186c9351d1506c89d09733c5ff4304208c812bdd21a50f56fde115e629e0e973721c9fcc87e89295a79853dee613962a0b2f2fc57163fd99057a3c776f13c20c26407eb8863998d7e53b543ba8d0a295a9a68d1a149833078c9809ad6a6dad7fc22a95ad615a73138c54c018f40d99bf8eeecd45f5be526f2d6b01aeb56381991c1ab31a2e756f15e052b9cd5638b2eff799795c5bae493307d5eb9f8c21d438de131fe505a4e7432547ab19224094f9e4be1968bd0793b79d"),
Hex.Decode("4c4afc0c24dddaedd4f9a3b23be30d35d8e005ffd36b3defc5d18acc830c3ed388ce20f43a00e614fd087c814197bc9fc2eff9ad4cc474a7a2ef3ed9c0f0a55eb23371e41ee8f2e2ed93ea3a06ca482589ab87e0d61dcffda5eea1241408e43ea1108726cdb87cc3aa5e9eaaa9f72507ca1352ac54a53920c94dccc768147933d8c50aefd9d1da10522a40133cd33dbc0524669e70f771a88d65c4716d471cd22b08b9f01f24e4e9fc7ffbcfa0e0a7aed47b345826399b26a73be112eb9c5e06fc6742fc3d0ef53d43896403c5105109cfc12e6deeaf4a48ba308e039774b9bdb31a9b9e133c81c321630cf0b4b2d1f90717b24c3268e1fea681ea9cdc709342"),
Hex.Decode("06b5b26bd13515f799e5e37ca43cace15cd82fd4bf36b25d285a6f0998d97c8cb0755a28f0ae66618b1cd03e27ac95eaaa4882bc6dc0078cd457d4f7de4154173a9c7a838cfc2ac2f74875df462aae0cfd341645dc51d9a01da9bdb01507f140fa8a016534379d838cc3b2a53ac33150af1b242fc88013cb8d914e66c8182864ee6de88ce2879d4c05dd125409620a96797c55c832fb2fb31d4310c190b8ed2c95fdfda2ed87f785002faaec3f35ec05cf70a3774ce185e4882df35719d582dd55ac31257344a9cba95189dcbea16e8c6cb7a235a0384bc83b6183ca8547e670fe33b1b91725ae0c250c9eca7b5ba78bd77145b70270bf8ac31653006c02ca9c"),
Hex.Decode("135f1be3d045526235bf9d5e43499d4ee1bfdf93370769ae56e85dbc339bc5b7ea3bee49717497ee8ac3f7cd6adb6fc0f17812390dcd65ac7b87fef7970d9ff9"),
Hex.Decode("03c05add1e030178c352face07cafc9447c8f369b8f95125c0d311c16b6da48ca2067104cce6cd21ae7b163cd18ffc13001aecebdc2eb02b9e92681f84033a98"),
Hex.Decode("00319bb9becb49f3ed1bca26d0fcf09b0b0a508e4d0bd43b350f959b72cd25b3af47d608fdcd248eada74fbe19990dbeb9bf0da4b4e1200243a14e5cab3f7e610c")
};
SecureRandom rand = new MyFixedSecureRandom();
// KeyFactory fact = KeyFactory.GetInstance("RSA");
//
// PrivateKey privKey = fact.generatePrivate(privKeySpec);
// PublicKey pubKey = fact.generatePublic(pubKeySpec);
AsymmetricKeyParameter privKey = privKeySpec;
AsymmetricKeyParameter pubKey = pubKeySpec;
// PrivateKey priv2048Key = fact.generatePrivate(priv2048KeySpec);
// PublicKey pub2048Key = fact.generatePublic(pub2048KeySpec);
AsymmetricKeyParameter priv2048Key = priv2048KeySpec;
AsymmetricKeyParameter pub2048Key = pub2048KeySpec;
//
// No Padding
//
// Cipher c = Cipher.GetInstance("RSA");
IBufferedCipher c = CipherUtilities.GetCipher("RSA");
// c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
c.Init(true, pubKey); // new ParametersWithRandom(pubKey, rand));
byte[] outBytes = c.DoFinal(input);
if (!AreEqual(outBytes, output[0]))
{
Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes));
}
// c.init(Cipher.DECRYPT_MODE, privKey);
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
//
// No Padding - incremental
//
// c = Cipher.GetInstance("RSA");
c = CipherUtilities.GetCipher("RSA");
// c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
c.Init(true, pubKey); // new ParametersWithRandom(pubKey, rand));
c.ProcessBytes(input);
outBytes = c.DoFinal();
if (!AreEqual(outBytes, output[0]))
{
Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes));
}
// c.init(Cipher.DECRYPT_MODE, privKey);
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
//
// No Padding - incremental - explicit use of NONE in mode.
//
c = CipherUtilities.GetCipher("RSA/NONE/NoPadding");
// c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
c.Init(true, pubKey); // new ParametersWithRandom(pubKey, rand));
c.ProcessBytes(input);
outBytes = c.DoFinal();
if (!AreEqual(outBytes, output[0]))
{
Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes));
}
// c.init(Cipher.DECRYPT_MODE, privKey);
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
//
// No Padding - maximum.Length
//
c = CipherUtilities.GetCipher("RSA");
byte[] modBytes = ((RsaKeyParameters)pubKey).Modulus.ToByteArray();
byte[] maxInput = new byte[modBytes.Length - 1];
maxInput[0] |= 0x7f;
c.Init(true, pubKey); // new ParametersWithRandom(pubKey, rand));
outBytes = c.DoFinal(maxInput);
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, maxInput))
{
Fail("NoPadding test failed on decrypt expected "
+ Hex.ToHexString(maxInput) + " got "
+ Hex.ToHexString(outBytes));
}
//
// PKCS1 V 1.5
//
c = CipherUtilities.GetCipher("RSA//PKCS1Padding");
c.Init(true, new ParametersWithRandom(pubKey, rand));
outBytes = c.DoFinal(input);
if (!AreEqual(outBytes, output[1]))
{
Fail("PKCS1 test failed on encrypt expected " + Hex.ToHexString(output[1]) + " got " + Hex.ToHexString(outBytes));
}
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("PKCS1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
//
// PKCS1 V 1.5 - NONE
//
c = CipherUtilities.GetCipher("RSA/NONE/PKCS1Padding");
c.Init(true, new ParametersWithRandom(pubKey, rand));
outBytes = c.DoFinal(input);
if (!AreEqual(outBytes, output[1]))
{
Fail("PKCS1 test failed on encrypt expected " + Hex.ToHexString(output[1]) + " got " + Hex.ToHexString(outBytes));
}
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("PKCS1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
//
// OAEP - SHA1
//
c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding");
c.Init(true, new ParametersWithRandom(pubKey, rand));
outBytes = c.DoFinal(input);
if (!AreEqual(outBytes, output[2]))
{
Fail("OAEP test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
}
c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding");
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("OAEP test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
// TODO
// AlgorithmParameters oaepP = c.getParameters();
byte[] rop = new RsaesOaepParameters(
new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance)),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded()))
// {
// Fail("OAEP test failed default sha-1 parameters");
// }
//
// OAEP - SHA224
//
c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA224AndMGF1Padding");
c.Init(true, new ParametersWithRandom(pub2048Key, rand));
outBytes = c.DoFinal(input);
if (!AreEqual(outBytes, output[3]))
{
Fail("OAEP SHA-224 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
}
c.Init(false, priv2048Key);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("OAEP SHA-224 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
// oaepP = c.getParameters();
rop = new RsaesOaepParameters(
new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance)),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())
// {
// Fail("OAEP test failed default sha-224 parameters");
// }
//
// OAEP - SHA 256
//
c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA256AndMGF1Padding");
c.Init(true, new ParametersWithRandom(pub2048Key, rand));
outBytes = c.DoFinal(input);
if (!AreEqual(outBytes, output[4]))
{
Fail("OAEP SHA-256 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
}
c.Init(false, priv2048Key);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("OAEP SHA-256 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
// oaepP = c.getParameters();
rop = new RsaesOaepParameters(
new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance)),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())
// {
// Fail("OAEP test failed default sha-256 parameters");
// }
//
// OAEP - SHA 384
//
c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA384AndMGF1Padding");
c.Init(true, new ParametersWithRandom(pub2048Key, rand));
outBytes = c.DoFinal(input);
if (!AreEqual(outBytes, output[5]))
{
Fail("OAEP SHA-384 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
}
c.Init(false, priv2048Key);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("OAEP SHA-384 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
// oaepP = c.getParameters();
rop = new RsaesOaepParameters(
new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance)),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())
// {
// Fail("OAEP test failed default sha-384 parameters");
// }
//
// OAEP - MD5
//
c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithMD5AndMGF1Padding");
c.Init(true, new ParametersWithRandom(pubKey, rand));
outBytes = c.DoFinal(input);
if (!AreEqual(outBytes, output[6]))
{
Fail("OAEP MD5 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
}
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("OAEP MD5 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
// oaepP = c.getParameters();
rop = new RsaesOaepParameters(
new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5, DerNull.Instance),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5, DerNull.Instance)),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())
// {
// Fail("OAEP test failed default md5 parameters");
// }
//
// OAEP - SHA1 with default parameters
//
c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding");
// TODO
// c.init(Cipher.ENCRYPT_MODE, pubKey, OAEPParameterSpec.DEFAULT, rand);
//
// outBytes = c.DoFinal(input);
//
// if (!AreEqual(outBytes, output[2]))
// {
// Fail("OAEP test failed on encrypt expected " + Encoding.ASCII.GetString(Hex.Encode(output[2])) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes)));
// }
//
// c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding");
//
// c.Init(false, privKey);
//
// outBytes = c.DoFinal(outBytes);
//
// if (!AreEqual(outBytes, input))
// {
// Fail("OAEP test failed on decrypt expected " + Encoding.ASCII.GetString(Hex.Encode(input)) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes)));
// }
//
// oaepP = c.getParameters();
//
// if (!AreEqual(oaepP.getEncoded(), new byte[] { 0x30, 0x00 }))
// {
// Fail("OAEP test failed default parameters");
// }
//
// OAEP - SHA1 with specified string
//
c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding");
// TODO
// c.init(Cipher.ENCRYPT_MODE, pubKey, new OAEPParameterSpec("SHA1", "MGF1", new MGF1ParameterSpec("SHA1"), new PSource.PSpecified(new byte[] { 1, 2, 3, 4, 5 })), rand);
//
// outBytes = c.DoFinal(input);
//
// oaepP = c.getParameters();
rop = new RsaesOaepParameters(
new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance)),
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[] { 1, 2, 3, 4, 5 }))).GetEncoded();
// if (!AreEqual(oaepP.getEncoded())
// {
// Fail("OAEP test failed changed sha-1 parameters");
// }
//
// if (!AreEqual(outBytes, output[7]))
// {
// Fail("OAEP test failed on encrypt expected " + Encoding.ASCII.GetString(Hex.Encode(output[2])) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes)));
// }
c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding");
// TODO
// c.init(Cipher.DECRYPT_MODE, privKey, oaepP);
//
// outBytes = c.DoFinal(outBytes);
//
// if (!AreEqual(outBytes, input))
// {
// Fail("OAEP test failed on decrypt expected " + Encoding.ASCII.GetString(Hex.Encode(input)) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes)));
// }
//
// iso9796-1
//
byte[] isoInput = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
// PrivateKey isoPrivKey = fact.generatePrivate(isoPrivKeySpec);
// PublicKey isoPubKey = fact.generatePublic(isoPubKeySpec);
AsymmetricKeyParameter isoPrivKey = isoPrivKeySpec;
AsymmetricKeyParameter isoPubKey = isoPubKeySpec;
c = CipherUtilities.GetCipher("RSA/NONE/ISO9796-1Padding");
c.Init(true, isoPrivKey);
outBytes = c.DoFinal(isoInput);
if (!AreEqual(outBytes, output[8]))
{
Fail("ISO9796-1 test failed on encrypt expected " + Hex.ToHexString(output[3]) + " got " + Hex.ToHexString(outBytes));
}
c.Init(false, isoPubKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, isoInput))
{
Fail("ISO9796-1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
//
//
// generation with parameters test.
//
IAsymmetricCipherKeyPairGenerator keyPairGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
//
// 768 bit RSA with e = 2^16-1
//
keyPairGen.Init(
new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001),
new SecureRandom(),
768,
25));
AsymmetricCipherKeyPair kp = keyPairGen.GenerateKeyPair();
pubKey = kp.Public;
privKey = kp.Private;
c.Init(true, new ParametersWithRandom(pubKey, rand));
outBytes = c.DoFinal(input);
c.Init(false, privKey);
outBytes = c.DoFinal(outBytes);
if (!AreEqual(outBytes, input))
{
Fail("key generation test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
}
//
// comparison check
//
// KeyFactory keyFact = KeyFactory.GetInstance("RSA");
//
// RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)keyFact.translateKey(privKey);
RsaPrivateCrtKeyParameters crtKey = (RsaPrivateCrtKeyParameters)privKey;
if (!privKey.Equals(crtKey))
{
Fail("private key equality check failed");
}
// RSAPublicKey copyKey = (RSAPublicKey)keyFact.translateKey(pubKey);
RsaKeyParameters copyKey = (RsaKeyParameters)pubKey;
if (!pubKey.Equals(copyKey))
{
Fail("public key equality check failed");
}
SecureRandom random = new SecureRandom();
rawModeTest("SHA1withRSA", X509ObjectIdentifiers.IdSha1, priv2048Key, pub2048Key, random);
rawModeTest("MD5withRSA", PkcsObjectIdentifiers.MD5, priv2048Key, pub2048Key, random);
rawModeTest("RIPEMD128withRSA", TeleTrusTObjectIdentifiers.RipeMD128, priv2048Key, pub2048Key, random);
}
public override void PerformTest()
{
X509CertificateParser certParser = new X509CertificateParser();
X509CrlParser crlParser = new X509CrlParser();
// initialise CertStore
X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin);
X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin);
X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin);
X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin);
X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
IList x509Certs = new ArrayList();
x509Certs.Add(rootCert);
x509Certs.Add(interCert);
x509Certs.Add(finalCert);
IList x509Crls = new ArrayList();
x509Crls.Add(rootCrl);
x509Crls.Add(interCrl);
// CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
// CertStore store = CertStore.GetInstance("Collection", ccsp);
// X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(list);
IX509Store x509CertStore = X509StoreFactory.Create(
"Certificate/Collection",
new X509CollectionStoreParameters(x509Certs));
IX509Store x509CrlStore = X509StoreFactory.Create(
"CRL/Collection",
new X509CollectionStoreParameters(x509Crls));
// NB: Month is 1-based in .NET
//DateTime validDate = new DateTime(2008,9,4,14,49,10).ToUniversalTime();
DateTime validDate = new DateTime(2008, 9, 4, 5, 49, 10);
//validating path
IList certchain = new ArrayList();
certchain.Add(finalCert);
certchain.Add(interCert);
// CertPath cp = CertificateFactory.GetInstance("X.509").GenerateCertPath(certchain);
PkixCertPath cp = new PkixCertPath(certchain);
ISet trust = new HashSet();
trust.Add(new TrustAnchor(rootCert, null));
// CertPathValidator cpv = CertPathValidator.GetInstance("PKIX");
PkixCertPathValidator cpv = new PkixCertPathValidator();
PkixParameters param = new PkixParameters(trust);
param.AddStore(x509CertStore);
param.AddStore(x509CrlStore);
param.Date = new DateTimeObject(validDate);
MyChecker checker = new MyChecker();
param.AddCertPathChecker(checker);
PkixCertPathValidatorResult result = (PkixCertPathValidatorResult)cpv.Validate(cp, param);
PkixPolicyNode policyTree = result.PolicyTree;
AsymmetricKeyParameter subjectPublicKey = result.SubjectPublicKey;
if (checker.GetCount() != 2)
{
Fail("checker not evaluated for each certificate");
}
if (!subjectPublicKey.Equals(finalCert.GetPublicKey()))
{
Fail("wrong public key returned");
}
IsTrue(result.TrustAnchor.TrustedCert.Equals(rootCert));
// try a path with trust anchor included.
certchain.Clear();
certchain.Add(finalCert);
certchain.Add(interCert);
certchain.Add(rootCert);
cp = new PkixCertPath(certchain);
cpv = new PkixCertPathValidator();
param = new PkixParameters(trust);
param.AddStore(x509CertStore);
param.AddStore(x509CrlStore);
param.Date = new DateTimeObject(validDate);
checker = new MyChecker();
param.AddCertPathChecker(checker);
result = (PkixCertPathValidatorResult)cpv.Validate(cp, param);
IsTrue(result.TrustAnchor.TrustedCert.Equals(rootCert));
//
// invalid path containing a valid one test
//
try
{
// initialise CertStore
rootCert = certParser.ReadCertificate(AC_RAIZ_ICPBRASIL);
interCert = certParser.ReadCertificate(AC_PR);
finalCert = certParser.ReadCertificate(schefer);
x509Certs = new ArrayList();
x509Certs.Add(rootCert);
x509Certs.Add(interCert);
x509Certs.Add(finalCert);
// ccsp = new CollectionCertStoreParameters(list);
// store = CertStore.GetInstance("Collection", ccsp);
// ccsp = new X509CollectionStoreParameters(list);
x509CertStore = X509StoreFactory.Create(
"Certificate/Collection",
new X509CollectionStoreParameters(x509Certs));
// NB: Month is 1-based in .NET
//validDate = new DateTime(2004,3,21,2,21,10).ToUniversalTime();
validDate = new DateTime(2004, 3, 20, 19, 21, 10);
//validating path
certchain = new ArrayList();
certchain.Add(finalCert);
certchain.Add(interCert);
// cp = CertificateFactory.GetInstance("X.509").GenerateCertPath(certchain);
cp = new PkixCertPath(certchain);
trust = new HashSet();
trust.Add(new TrustAnchor(rootCert, null));
// cpv = CertPathValidator.GetInstance("PKIX");
cpv = new PkixCertPathValidator();
param = new PkixParameters(trust);
param.AddStore(x509CertStore);
param.IsRevocationEnabled = false;
param.Date = new DateTimeObject(validDate);
result = (PkixCertPathValidatorResult)cpv.Validate(cp, param);
policyTree = result.PolicyTree;
subjectPublicKey = result.SubjectPublicKey;
Fail("Invalid path validated");
}
catch (Exception e)
{
if (e is PkixCertPathValidatorException &&
e.Message.StartsWith("Could not validate certificate signature."))
{
return;
}
Fail("unexpected exception", e);
}
}