public void _01_BasicInitTokenAndPinTest()
{
if (Platform.UnmanagedLongSize != 8 || Platform.StructPackingSize != 0)
{
Assert.Inconclusive("Test cannot be executed on this platform");
}
CKR rv = CKR.CKR_OK;
using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath))
{
rv = pkcs11.C_Initialize(Settings.InitArgs80);
if ((rv != CKR.CKR_OK) && (rv != CKR.CKR_CRYPTOKI_ALREADY_INITIALIZED))
{
Assert.Fail(rv.ToString());
}
// Find first slot with token present
ulong slotId = Helpers.GetUsableSlot(pkcs11);
CK_TOKEN_INFO tokenInfo = new CK_TOKEN_INFO();
rv = pkcs11.C_GetTokenInfo(slotId, ref tokenInfo);
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
// Check if token needs to be initialized
if ((tokenInfo.Flags & CKF.CKF_TOKEN_INITIALIZED) != CKF.CKF_TOKEN_INITIALIZED)
{
// Token label is 32 bytes long string padded with blank characters
byte[] label = new byte[32];
for (int i = 0; i < label.Length; i++)
{
label[i] = 0x20;
}
Array.Copy(Settings.ApplicationNameArray, 0, label, 0, Settings.ApplicationNameArray.Length);
// Initialize token and SO (security officer) pin
rv = pkcs11.C_InitToken(slotId, Settings.SecurityOfficerPinArray, Convert.ToUInt64(Settings.SecurityOfficerPinArray.Length), label);
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
// Open RW session
ulong session = CK.CK_INVALID_HANDLE;
rv = pkcs11.C_OpenSession(slotId, (CKF.CKF_SERIAL_SESSION | CKF.CKF_RW_SESSION), IntPtr.Zero, IntPtr.Zero, ref session);
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
// Login as SO (security officer)
rv = pkcs11.C_Login(session, CKU.CKU_SO, Settings.SecurityOfficerPinArray, Convert.ToUInt64(Settings.SecurityOfficerPinArray.Length));
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
// Initialize user pin
rv = pkcs11.C_InitPIN(session, Settings.NormalUserPinArray, Convert.ToUInt64(Settings.NormalUserPinArray.Length));
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
rv = pkcs11.C_Logout(session);
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
rv = pkcs11.C_CloseSession(session);
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
}
rv = pkcs11.C_Finalize(IntPtr.Zero);
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
}
}
/// <summary>
/// Finds slot containing the token that matches criteria specified in Settings class
/// </summary>
/// <param name='pkcs11Library'>Initialized PKCS11 wrapper</param>
/// <returns>Slot containing the token that matches criteria</returns>
public static NativeULong GetUsableSlot(Pkcs11Library pkcs11Library)
{
CKR rv = CKR.CKR_OK;
// Get list of available slots with token present
NativeULong slotCount = 0;
rv = pkcs11Library.C_GetSlotList(true, null, ref slotCount);
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
Assert.IsTrue(slotCount > 0);
NativeULong[] slotList = new NativeULong[slotCount];
rv = pkcs11Library.C_GetSlotList(true, slotList, ref slotCount);
if (rv != CKR.CKR_OK)
{
Assert.Fail(rv.ToString());
}
// Return first slot with token present when both TokenSerial and TokenLabel are null...
if (Settings.TokenSerial == null && Settings.TokenLabel == null)
{
return(slotList[0]);
}
// First slot with token present is OK...
NativeULong?matchingSlot = slotList[0];
// ...unless there are matching criteria specified in Settings class
if (Settings.TokenSerial != null || Settings.TokenLabel != null)
{
matchingSlot = null;
foreach (NativeULong slot in slotList)
{
CK_TOKEN_INFO tokenInfo = new CK_TOKEN_INFO();
rv = pkcs11Library.C_GetTokenInfo(slot, ref tokenInfo);
if (rv != CKR.CKR_OK)
{
if (rv == CKR.CKR_TOKEN_NOT_RECOGNIZED || rv == CKR.CKR_TOKEN_NOT_PRESENT)
{
continue;
}
else
{
Assert.Fail(rv.ToString());
}
}
if (!string.IsNullOrEmpty(Settings.TokenSerial))
{
if (0 != string.Compare(Settings.TokenSerial, ConvertUtils.BytesToUtf8String(tokenInfo.SerialNumber, true), StringComparison.Ordinal))
{
continue;
}
}
if (!string.IsNullOrEmpty(Settings.TokenLabel))
{
if (0 != string.Compare(Settings.TokenLabel, ConvertUtils.BytesToUtf8String(tokenInfo.Label, true), StringComparison.Ordinal))
{
continue;
}
}
matchingSlot = slot;
break;
}
}
Assert.IsTrue(matchingSlot != null, "Token matching criteria specified in Settings class is not present");
return(matchingSlot.Value);
}
public void _06_GetMatchingSlotList()
{
if (Platform.UnmanagedLongSize != 8 || Platform.StructPackingSize != 1)
{
Assert.Inconclusive("Test cannot be executed on this platform");
}
using (Pkcs11 pkcs11 = new Pkcs11(Settings.Pkcs11LibraryPath))
{
CKR rv = pkcs11.C_Initialize(Settings.InitArgs81);
Assert.IsTrue(rv == CKR.CKR_OK);
// Get all slots
ulong allSlotsCount = 0;
rv = pkcs11.C_GetSlotList(true, null, ref allSlotsCount);
Assert.IsTrue(rv == CKR.CKR_OK);
Assert.IsTrue(allSlotsCount > 0);
ulong[] allSlots = new ulong[allSlotsCount];
rv = pkcs11.C_GetSlotList(true, allSlots, ref allSlotsCount);
Assert.IsTrue(rv == CKR.CKR_OK);
// Empty URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(@"pkcs11:");
ulong[] matchedSlots = null;
rv = Pkcs11UriUtils.GetMatchingSlotList(pkcs11uri, pkcs11, true, out matchedSlots);
Assert.IsTrue(rv == CKR.CKR_OK);
Assert.IsTrue(matchedSlots.Length == allSlots.Length);
// Unknown path attribute in URI
pkcs11uri = new Pkcs11Uri(@"pkcs11:vendor=foobar");
rv = Pkcs11UriUtils.GetMatchingSlotList(pkcs11uri, pkcs11, true, out matchedSlots);
Assert.IsTrue(rv == CKR.CKR_OK);
Assert.IsTrue(matchedSlots.Length == 0);
// All attributes matching one slot
CK_INFO libraryInfo = new CK_INFO();
rv = pkcs11.C_GetInfo(ref libraryInfo);
Assert.IsTrue(rv == CKR.CKR_OK);
CK_SLOT_INFO slotInfo = new CK_SLOT_INFO();
rv = pkcs11.C_GetSlotInfo(allSlots[0], ref slotInfo);
Assert.IsTrue(rv == CKR.CKR_OK);
CK_TOKEN_INFO tokenInfo = new CK_TOKEN_INFO();
rv = pkcs11.C_GetTokenInfo(allSlots[0], ref tokenInfo);
Assert.IsTrue(rv == CKR.CKR_OK);
Pkcs11UriBuilder pkcs11UriBuilder = new Pkcs11UriBuilder();
pkcs11UriBuilder.LibraryManufacturer = ConvertUtils.BytesToUtf8String(libraryInfo.ManufacturerId, true);
pkcs11UriBuilder.LibraryDescription = ConvertUtils.BytesToUtf8String(libraryInfo.LibraryDescription, true);
pkcs11UriBuilder.LibraryVersion = libraryInfo.LibraryVersion.ToString();
pkcs11UriBuilder.SlotManufacturer = ConvertUtils.BytesToUtf8String(slotInfo.ManufacturerId, true);
pkcs11UriBuilder.SlotDescription = ConvertUtils.BytesToUtf8String(slotInfo.SlotDescription, true);
pkcs11UriBuilder.SlotId = allSlots[0];
pkcs11UriBuilder.Token = ConvertUtils.BytesToUtf8String(tokenInfo.Label, true);
pkcs11UriBuilder.Manufacturer = ConvertUtils.BytesToUtf8String(tokenInfo.ManufacturerId, true);
pkcs11UriBuilder.Serial = ConvertUtils.BytesToUtf8String(tokenInfo.SerialNumber, true);
pkcs11UriBuilder.Model = ConvertUtils.BytesToUtf8String(tokenInfo.Model, true);
pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri();
rv = Pkcs11UriUtils.GetMatchingSlotList(pkcs11uri, pkcs11, true, out matchedSlots);
Assert.IsTrue(rv == CKR.CKR_OK);
Assert.IsTrue(matchedSlots.Length == 1);
// One attribute nonmatching
pkcs11UriBuilder.Serial = "foobar";
pkcs11uri = pkcs11UriBuilder.ToPkcs11Uri();
rv = Pkcs11UriUtils.GetMatchingSlotList(pkcs11uri, pkcs11, true, out matchedSlots);
Assert.IsTrue(rv == CKR.CKR_OK);
Assert.IsTrue(matchedSlots.Length == 0);
rv = pkcs11.C_Finalize(IntPtr.Zero);
Assert.IsTrue(rv == CKR.CKR_OK);
}
}
public void _04_TokenInfoMatches()
{
if (Platform.UnmanagedLongSize != 8 || Platform.StructPackingSize != 1)
{
Assert.Inconclusive("Test cannot be executed on this platform");
}
// Empty URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(@"pkcs11:");
CK_TOKEN_INFO tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// Empty attribute
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes(" ");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// Unknown path attribute in URI
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar;foo=bar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// All attributes matching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// Label nonmatching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// ManufacturerId nonmatching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// SerialNumber nonmatching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("012");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// Model nonmatching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foo bar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
}
public void _04_TokenInfoMatches()
{
Helpers.CheckPlatform();
// Empty URI
Pkcs11Uri pkcs11uri = new Pkcs11Uri(@"pkcs11:");
CK_TOKEN_INFO tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// Empty attribute
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes(" ");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// Unknown path attribute in URI
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar;foo=bar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// All attributes matching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsTrue(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// Label nonmatching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// ManufacturerId nonmatching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// SerialNumber nonmatching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("012");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foobar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
// Model nonmatching
pkcs11uri = new Pkcs11Uri(@"pkcs11:token=foo;manufacturer=bar;serial=123;model=foobar");
tokenInfo = new CK_TOKEN_INFO();
tokenInfo.Label = ConvertUtils.Utf8StringToBytes("foo");
tokenInfo.ManufacturerId = ConvertUtils.Utf8StringToBytes("bar");
tokenInfo.SerialNumber = ConvertUtils.Utf8StringToBytes("123");
tokenInfo.Model = ConvertUtils.Utf8StringToBytes("foo bar");
Assert.IsFalse(Pkcs11UriUtils.Matches(pkcs11uri, tokenInfo));
}
internal TokenInfo(CK_TOKEN_INFO paramCK_TOKEN_INFO)
{
this.paramCK_TOKEN_INFO = paramCK_TOKEN_INFO;
}
