public void _HL_12_02_Digest_Gost3411_12_512_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find firsst slot with token present IRutokenSlot slot = Helpers.GetUsableSlot(pkcs11); // Open RO session using (ISession session = slot.OpenSession(SessionType.ReadOnly)) { // Specify digesting mechanism var mechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_GOSTR3411_12_512); byte[] sourceData = TestData.Digest_Gost3411_SourceData; // Digest data byte[] digest = session.Digest(mechanism, sourceData); byte[] targetData = TestData.Digest_Gost3411_12_512_TargetData; // Do something interesting with digest value Assert.IsTrue(Convert.ToBase64String(digest) == Convert.ToBase64String(targetData)); } } }
public static void Block(IRutokenSlot slot, RutokenType tokenType) { using var session = slot.OpenSession(SessionType.ReadWrite); var wrongPin = tokenType == RutokenType.RUTOKEN ? _wrongPin1_RutokenS : _wrongPin1; var wrongPin2 = tokenType == RutokenType.RUTOKEN ? _wrongPin2_RutokenS : _wrongPin2; while (true) { try { session.Login(CKU.CKU_SO, wrongPin); session.Logout(); // Если успешно залогинились, то логинимся еще с другим паролем try { session.Login(CKU.CKU_SO, wrongPin2); session.Logout(); } catch (Pkcs11Exception ex) when(ex.RV == CKR.CKR_PIN_LOCKED) { return; } } catch (Pkcs11Exception ex) when(ex.RV == CKR.CKR_PIN_LOCKED) { return; } catch { // ignored } } }
public static void Format(IRutokenSlot slot, string currentAdminPin, string newAdminPin, string newUserPin, string tokenLabel, RutokenFlag policy, uint minAdminPinLength, uint minUserPinLength, uint maxAdminAttempts, uint maxUserAttempts, uint smMode) { var factory = new RutokenInitParamFactory(); var rutokenInitParam = factory.Create( newAdminPin, newUserPin, tokenLabel, new List <RutokenFlag> { policy }, minAdminPinLength, minUserPinLength, maxAdminAttempts, maxUserAttempts, smMode, true); try { slot.InitTokenExtended(currentAdminPin, rutokenInitParam); } catch (Pkcs11Exception ex) when(ex.RV == CKR.CKR_PIN_INCORRECT) { throw new CKRException(ex.RV, Resources.IncorrectPin); } }
public static void Unlock(IRutokenSlot slot, string adminPin) { new PinUnlockOperation().Invoke(slot, new BaseTokenOperationParams { LoginType = CKU.CKU_SO, LoginPin = adminPin }); }
public static void Set(IRutokenSlot slot, string userPin, string tokenName) { new SetTokenNameOperation().Invoke(slot, new SetTokenNameOperationParams { LoginType = CKU.CKU_USER, LoginPin = userPin, TokenName = tokenName }); }
public static void Change <TOperation>(IRutokenSlot slot, string oldPin, string newPin, CKU loginType) where TOperation : BaseTokenOperation <PinChangeOperationParams>, new() { new TOperation().Invoke(slot, new PinChangeOperationParams { LoginType = loginType, OldPin = oldPin, NewPin = newPin }); }
public static void Format(IRutokenSlot slot, string adminPin, IEnumerable <IVolumeFormatInfoExtended> volumeInfos) { try { slot.FormatDrive(CKU.CKU_SO, adminPin, volumeInfos); } catch (Pkcs11Exception ex) when(ex.RV == CKR.CKR_PIN_INCORRECT) { throw new CKRException(ex.RV, Resources.IncorrectAdminPin); } }
public static void ChangePin2(IRutokenSlot slot, uint pinId) { try { slot.SetPIN2(pinId); } catch (Pkcs11Exception ex) when(ex.RV == CKR.CKR_PIN_INCORRECT) { throw new CKRException(ex.RV, Resources.IncorrectPin); } }
public static void ChangeLocalPin(IRutokenSlot slot, string userPin, string localPin, uint localPinId) { try { slot.SetLocalPIN(userPin, localPin, localPinId); } catch (Pkcs11Exception ex) when(ex.RV == CKR.CKR_PIN_INCORRECT) { throw new CKRException(ex.RV, Resources.IncorrectPin); } }
public static IEnumerable <byte[]> Generate(IRutokenSlot slot, string adminPin, ActivationPasswordCharacterSet characterSet, uint smMode) { var operationParams = new GenerateActivationPasswordsOperationParams { LoginType = CKU.CKU_SO, LoginPin = adminPin, CharacterSet = characterSet, SmMode = smMode }; new GenerateActivationPasswordsOperation().Invoke(slot, operationParams); return(operationParams.ActivationPasswords); }
public void _HL_20_08_EncryptAndDecrypt_Magma_CTR_ACPKM_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Установление соединения с Рутокен в первом доступном слоте IRutokenSlot slot = Helpers.GetUsableSlot(pkcs11); // Открытие RW сессии using (ISession session = slot.OpenRutokenSession(SessionType.ReadWrite)) { // Выполнение аутентификации пользователя session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Генерация ключей для шифрования Магма // Generate symetric key IObjectHandle generatedKey = Helpers.GenerateMagmaKey(session); var random = new Random(); byte[] initVector = new byte[Settings.MAGMA_BLOCK_SIZE / 2]; random.NextBytes(initVector); byte[] mechaismParams = new byte[Settings.CTR_ACPKM_PERIOD_SIZE + Settings.MAGMA_BLOCK_SIZE / 2]; mechaismParams[0] = 0x01; mechaismParams[1] = 0x00; mechaismParams[2] = 0x00; mechaismParams[3] = 0x00; Array.Copy(initVector, 0, mechaismParams, Settings.CTR_ACPKM_PERIOD_SIZE, initVector.Length); var mechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_MAGMA_CTR_ACPKM, mechaismParams); byte[] sourceData = TestData.Encrypt_Gost28147_89_ECB_SourceData; // Encrypt data byte[] encryptedData = session.Encrypt(mechanism, generatedKey, sourceData); // Decrypt data byte[] decryptedData = session.Decrypt(mechanism, generatedKey, encryptedData); Assert.IsTrue(Convert.ToBase64String(sourceData) == Convert.ToBase64String(decryptedData)); session.DestroyObject(generatedKey); // Завершение сессии session.Logout(); } } }
public static void Change(IRutokenSlot slot, ChangeVolumeAttributesParams volumeAttributes) { try { slot.ChangeVolumeAttributes( volumeAttributes.VolumeOwner, volumeAttributes.OwnerPin, (uint)volumeAttributes.VolumeId, volumeAttributes.AccessMode, volumeAttributes.Permanent); } catch (Pkcs11Exception ex) when(ex.RV == CKR.CKR_PIN_INCORRECT) { throw new CKRException(ex.RV, Resources.IncorrectVolumeOwnerPin); } }
public void Invoke(IRutokenSlot slot, T operationParams) { using var session = slot.OpenRutokenSession(SessionType.ReadWrite); try { session.Login(operationParams.LoginType, operationParams.LoginPin); } catch (Pkcs11Exception ex) when(ex.RV == CKR.CKR_PIN_INCORRECT) { throw new CKRException(ex.RV, Resources.IncorrectPin); } try { Payload(session, operationParams); } finally { session.Logout(); } }
public static string Generate(IRutokenSlot slot, RutokenType tokenType, uint pinLength) { using var session = slot.OpenSession(SessionType.ReadOnly); var pin = new byte[pinLength]; for (var i = 0; i < pinLength; i++) { var random = session.GenerateRandom(2); if (tokenType == RutokenType.PINPAD_FAMILY) { pin[i] = (byte)(random[1] % 10 + 0x30); } else { pin[i] = oneByteLetters[random[1] % oneByteLetters.Length]; } } return(Encoding.ASCII.GetString(pin)); }
public void _HL_12_01_Digest_SHA1_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Find first slot with token present IRutokenSlot slot = Helpers.GetUsableSlot(pkcs11); // Open RO session using (ISession session = slot.OpenSession(SessionType.ReadOnly)) { // Specify digesting mechanism var mechanism = Settings.Factories.MechanismFactory.Create(CKM.CKM_SHA_1); byte[] sourceData = ConvertUtils.Utf8StringToBytes("Hello world"); // Digest data byte[] digest = session.Digest(mechanism, sourceData); // Do something interesting with digest value Assert.IsTrue(Convert.ToBase64String(digest) == "e1AsOh9IyGCa4hLN+2Od7jlnP14="); } } }
public void _HL_20_06_EncryptAndDecrypt_Magma_ECB_Test() { using (var pkcs11 = Settings.Factories.RutokenPkcs11LibraryFactory.LoadRutokenPkcs11Library(Settings.Factories, Settings.Pkcs11LibraryPath, Settings.AppType)) { // Установление соединения с Рутокен в первом доступном слоте IRutokenSlot slot = Helpers.GetUsableSlot(pkcs11); // Открытие RW сессии using (ISession session = slot.OpenRutokenSession(SessionType.ReadWrite)) { // Выполнение аутентификации пользователя session.Login(CKU.CKU_USER, Settings.NormalUserPin); // Генерация ключей для шифрования Магма // Generate symetric key IObjectHandle generatedKey = Helpers.GenerateMagmaKey(session); var mechanism = Settings.Factories.MechanismFactory.Create((CKM)Extended_CKM.CKM_MAGMA_ECB); byte[] sourceData = TestData.Encrypt_Gost28147_89_ECB_SourceData; // Encrypt data byte[] encryptedData = session.Encrypt(mechanism, generatedKey, sourceData); // Decrypt data byte[] decryptedData = session.Decrypt(mechanism, generatedKey, encryptedData); Assert.IsTrue(Convert.ToBase64String(sourceData) == Convert.ToBase64String(decryptedData)); session.DestroyObject(generatedKey); // Завершение сессии session.Logout(); } } }
/// <summary> /// Finds slot containing the token that matches criteria specified in Settings class /// </summary> /// <param name='pkcs11'>Initialized PKCS11 wrapper</param> /// <returns>Slot containing the token that matches criteria</returns> public static IRutokenSlot GetUsableSlot(IRutokenPkcs11Library pkcs11) { // Get list of available slots with token present List <IRutokenSlot> slots = pkcs11.GetRutokenSlotList(SlotsType.WithTokenPresent); Assert.IsNotNull(slots); Assert.IsTrue(slots.Count > 0); // First slot with token present is OK... IRutokenSlot matchingSlot = slots[0]; // ...unless there are matching criteria specified in Settings class if (Settings.TokenSerial != null || Settings.TokenLabel != null) { matchingSlot = null; foreach (IRutokenSlot slot in slots) { ITokenInfo tokenInfo = null; try { tokenInfo = slot.GetTokenInfo(); } catch (Pkcs11Exception ex) { if (ex.RV != CKR.CKR_TOKEN_NOT_RECOGNIZED && ex.RV != CKR.CKR_TOKEN_NOT_PRESENT) { throw; } } if (tokenInfo == null) { continue; } if (!string.IsNullOrEmpty(Settings.TokenSerial)) { if (0 != string.Compare(Settings.TokenSerial, tokenInfo.SerialNumber, StringComparison.Ordinal)) { continue; } } if (!string.IsNullOrEmpty(Settings.TokenLabel)) { if (0 != string.Compare(Settings.TokenLabel, tokenInfo.Label, StringComparison.Ordinal)) { continue; } } matchingSlot = slot; break; } } Assert.IsTrue(matchingSlot != null, "Token matching criteria specified in Settings class is not present"); return(matchingSlot); }