public void TestKeyTransAes128Der() { byte[] data = new byte[2000]; for (int i = 0; i != 2000; i++) { data[i] = (byte)(i & 0xff); } CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); edGen.AddKeyTransRecipient(ReciCert); MemoryStream bOut = new MemoryStream(); Stream outStream = edGen.Open( bOut, CmsEnvelopedDataGenerator.Aes128Cbc); for (int i = 0; i != 2000; i++) { outStream.WriteByte(data[i]); } outStream.Close(); // convert to DER byte[] derEncodedBytes = Asn1Object.FromByteArray(bOut.ToArray()).GetDerEncoded(); VerifyData(derEncodedBytes, CmsEnvelopedDataGenerator.Aes128Cbc, data); }
public void TestKeyTransAes128Buffered() { byte[] data = new byte[2000]; for (int i = 0; i != 2000; i++) { data[i] = (byte)(i & 0xff); } // // unbuffered // CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); edGen.AddKeyTransRecipient(ReciCert); MemoryStream bOut = new MemoryStream(); Stream outStream = edGen.Open( bOut, CmsEnvelopedDataGenerator.Aes128Cbc); for (int i = 0; i != 2000; i++) { outStream.WriteByte(data[i]); } outStream.Close(); VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data); int unbufferedLength = bOut.ToArray().Length; // // buffered - less than default of 1000 // edGen = new CmsEnvelopedDataStreamGenerator(); edGen.SetBufferSize(300); edGen.AddKeyTransRecipient(ReciCert); bOut.SetLength(0); outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc); for (int i = 0; i != 2000; i++) { outStream.WriteByte(data[i]); } outStream.Close(); VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data); Assert.IsTrue(unbufferedLength < bOut.ToArray().Length); }
public void encode(Stream outStream, bool toBase64) { CmsEnvelopedDataStreamGenerator cmsEnvelopedDataStreamGenerator = new CmsEnvelopedDataStreamGenerator(); cmsEnvelopedDataStreamGenerator.AddKeyTransRecipient(b); if (toBase64) { MemoryStream memoryStream = new MemoryStream(); Stream stream = cmsEnvelopedDataStreamGenerator.Open(memoryStream, c); Streams.PipeAll(a, stream); stream.Close(); memoryStream.Position = 0L; Base64.Encode(memoryStream.ToArray(), outStream); } else { Stream stream2 = cmsEnvelopedDataStreamGenerator.Open(outStream, c); Streams.PipeAll(a, stream2); stream2.Close(); } }
public void TestKeyTransAes128BufferedStream() { byte[] data = new byte[2000]; for (int i = 0; i != 2000; i++) { data[i] = (byte)(i & 0xff); } // // unbuffered // CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); edGen.AddKeyTransRecipient(ReciCert); MemoryStream bOut = new MemoryStream(); Stream outStream = edGen.Open( bOut, CmsEnvelopedDataGenerator.Aes128Cbc); for (int i = 0; i != 2000; i++) { outStream.WriteByte(data[i]); } outStream.Close(); VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data); int unbufferedLength = bOut.ToArray().Length; // // Using buffered output - should be == to unbuffered // edGen = new CmsEnvelopedDataStreamGenerator(); edGen.AddKeyTransRecipient(ReciCert); bOut.SetLength(0); outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc); Streams.PipeAll(new MemoryStream(data, false), outStream); outStream.Close(); VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data); Assert.AreEqual(unbufferedLength, bOut.ToArray().Length); }
static void Main(string[] args) { try { // First load a Certificate, filename/path and certificate password Cert = ReadCertFromFile("./test.pfx", "test"); // Select a binary file var dialog = new OpenFileDialog { Filter = "All files (*.*)|*.*", InitialDirectory = "./", Title = "Select a text file" }; var filename = (dialog.ShowDialog() == DialogResult.OK) ? dialog.FileName : null; // Get the file var f = new FileStream(filename, System.IO.FileMode.Open); // Reading through this code stub to be sure I get it all :-) [ Different subject entirely ] var fileContent = ReadFully(f); // Create the generator var dataGenerator = new CmsEnvelopedDataStreamGenerator(); // Add receiver // Cert is the user's X.509 Certificate set bellow dataGenerator.AddKeyTransRecipient(Cert); // Make the output stream var outStream = new FileStream(filename + ".p7m", FileMode.Create); // Sign the stream var cryptoStream = dataGenerator.Open(outStream, CmsEnvelopedGenerator.Aes128Cbc); // Store in our binary stream writer and write the signed content var binWriter = new BinaryWriter(cryptoStream); binWriter.Write(fileContent); } catch (Exception ex) { Console.WriteLine("So, you wanna make an exception huh! : " + ex.ToString()); Console.ReadKey(); } }
public void TestTwoAesKek() { byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington"); KeyParameter kek1 = CmsTestUtil.MakeAes192Key(); KeyParameter kek2 = CmsTestUtil.MakeAes192Key(); CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); byte[] kekId1 = new byte[] { 1, 2, 3, 4, 5 }; byte[] kekId2 = new byte[] { 5, 4, 3, 2, 1 }; edGen.AddKekRecipient("AES192", kek1, kekId1); edGen.AddKekRecipient("AES192", kek2, kekId2); MemoryStream bOut = new MemoryStream(); Stream outStream = edGen.Open( bOut, CmsEnvelopedDataGenerator.DesEde3Cbc); outStream.Write(data, 0, data.Length); outStream.Close(); CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); RecipientInformationStore recipients = ep.GetRecipientInfos(); Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc); RecipientID recSel = new RecipientID(); recSel.KeyIdentifier = kekId2; RecipientInformation recipient = recipients.GetFirstRecipient(recSel); Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25"); CmsTypedStream recData = recipient.GetContentStream(kek2); Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream))); ep.Close(); }
public void TestECKeyAgree() { byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); edGen.AddKeyAgreementRecipient( CmsEnvelopedDataGenerator.ECDHSha1Kdf, OrigECKP.Private, OrigECKP.Public, ReciECCert, CmsEnvelopedDataGenerator.Aes128Wrap); MemoryStream bOut = new MemoryStream(); Stream outStr = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc); outStr.Write(data, 0, data.Length); outStr.Close(); CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); RecipientInformationStore recipients = ep.GetRecipientInfos(); Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); RecipientID recSel = new RecipientID(); // recSel.SetIssuer(PrincipalUtilities.GetIssuerX509Principal(ReciECCert).GetEncoded()); recSel.Issuer = PrincipalUtilities.GetIssuerX509Principal(ReciECCert); recSel.SerialNumber = ReciECCert.SerialNumber; RecipientInformation recipient = recipients.GetFirstRecipient(recSel); CmsTypedStream recData = recipient.GetContentStream(ReciECKP.Private); Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream))); ep.Close(); }
public void TestAesKek() { byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington"); KeyParameter kek = CmsTestUtil.MakeAes192Key(); CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); byte[] kekId = new byte[] { 1, 2, 3, 4, 5 }; edGen.AddKekRecipient("AES192", kek, kekId); MemoryStream bOut = new MemoryStream(); Stream outStream = edGen.Open( bOut, CmsEnvelopedDataGenerator.DesEde3Cbc); outStream.Write(data, 0, data.Length); outStream.Close(); CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); RecipientInformationStore recipients = ep.GetRecipientInfos(); Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc); ICollection c = recipients.GetRecipients(); foreach (RecipientInformation recipient in c) { Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25"); CmsTypedStream recData = recipient.GetContentStream(kek); Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream))); } ep.Close(); }
public void TestKeyTransAes128() { byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington"); CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); edGen.AddKeyTransRecipient(ReciCert); MemoryStream bOut = new MemoryStream(); Stream outStream = edGen.Open( bOut, CmsEnvelopedDataGenerator.Aes128Cbc); outStream.Write(data, 0, data.Length); outStream.Close(); CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); RecipientInformationStore recipients = ep.GetRecipientInfos(); Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); ICollection c = recipients.GetRecipients(); foreach (RecipientInformation recipient in c) { Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private); Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream))); } ep.Close(); }
public void TestKeyTransAes128Throughput() { byte[] data = new byte[40001]; for (int i = 0; i != data.Length; i++) { data[i] = (byte)(i & 0xff); } // // buffered // CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); edGen.SetBufferSize(BufferSize); edGen.AddKeyTransRecipient(ReciCert); MemoryStream bOut = new MemoryStream(); Stream outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc); for (int i = 0; i != data.Length; i++) { outStream.WriteByte(data[i]); } outStream.Close(); CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); RecipientInformationStore recipients = ep.GetRecipientInfos(); ICollection c = recipients.GetRecipients(); IEnumerator e = c.GetEnumerator(); if (e.MoveNext()) { RecipientInformation recipient = (RecipientInformation)e.Current; Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private); Stream dataStream = recData.ContentStream; MemoryStream dataOut = new MemoryStream(); int len; byte[] buf = new byte[BufferSize]; int count = 0; while (count != 10 && (len = dataStream.Read(buf, 0, buf.Length)) > 0) { Assert.AreEqual(buf.Length, len); dataOut.Write(buf, 0, buf.Length); count++; } len = dataStream.Read(buf, 0, buf.Length); dataOut.Write(buf, 0, len); Assert.IsTrue(Arrays.AreEqual(data, dataOut.ToArray())); } else { Assert.Fail("recipient not found."); } }
protected void Encrypt(Stream cipher, Stream clear, ICollection <X509Certificate2> certs, SecretKey key, WebKey[] webKeys) { #if NETFRAMEWORK trace.TraceEvent(TraceEventType.Information, 0, "Encrypting message for {0} known and {1} unknown recipient", certs == null ? 0 : certs.Count, key == null ? 0 : 1); #else logger.LogInformation("Encrypting message for {0} known and {1} unknown recipient", certs == null ? 0 : certs.Count, key == null ? 0 : 1); #endif CmsEnvelopedDataStreamGenerator encryptGenerator = new CmsEnvelopedDataStreamGenerator(); if (certs != null) { foreach (X509Certificate2 cert in certs) { BC::X509.X509Certificate bcCert = DotNetUtilities.FromX509Certificate(cert); encryptGenerator.AddKeyTransRecipient(bcCert); #if NETFRAMEWORK trace.TraceEvent(TraceEventType.Verbose, 0, "Added known recipient: {0} ({1})", bcCert.SubjectDN.ToString(), bcCert.IssuerDN.ToString()); #else logger.LogDebug("Added known recipient: {0} ({1})", bcCert.SubjectDN.ToString(), bcCert.IssuerDN.ToString()); #endif } } if (key != null) { encryptGenerator.AddKekRecipient("AES", key.BCKey, key.Id); #if NETFRAMEWORK trace.TraceEvent(TraceEventType.Verbose, 0, "Added unknown recipient [Algorithm={0}, keyId={1}]", "AES", key.IdString); #else logger.LogDebug("Added unknown recipient [Algorithm={0}, keyId={1}]", "AES", key.IdString); #endif } if (webKeys != null) { foreach (WebKey webKey in webKeys) { encryptGenerator.AddKeyTransRecipient(webKey.BCPublicKey, webKey.Id); #if NETFRAMEWORK trace.TraceEvent(TraceEventType.Verbose, 0, "Added web recipient [Algorithm={0}, keyId={1}]", "RSA", webKey.IdString); #else logger.LogDebug("Added web recipient [Algorithm={0}, keyId={1}]", "RSA", webKey.IdString); #endif } } Stream encryptingStream = encryptGenerator.Open(cipher, EteeActiveConfig.Seal.EncryptionAlgorithm.Value); #if NETFRAMEWORK trace.TraceEvent(TraceEventType.Verbose, 0, "Create encrypted message (still empty) [EncAlgo={0} ({1})]", EteeActiveConfig.Seal.EncryptionAlgorithm.FriendlyName, EteeActiveConfig.Seal.EncryptionAlgorithm.Value); #else logger.LogDebug("Create encrypted message (still empty) [EncAlgo={0} ({1})]", EteeActiveConfig.Seal.EncryptionAlgorithm.FriendlyName, EteeActiveConfig.Seal.EncryptionAlgorithm.Value); #endif try { clear.CopyTo(encryptingStream); #if NETFRAMEWORK trace.TraceEvent(TraceEventType.Verbose, 0, "Message encrypted"); #else logger.LogDebug("Message encrypted"); #endif } finally { encryptingStream.Close(); #if NETFRAMEWORK trace.TraceEvent(TraceEventType.Verbose, 0, "Recipient infos added"); #else logger.LogDebug("Recipient infos added"); #endif } }