/// <summary>PublicKeyCryptography</summary>
private static void PublicKeyCryptography()
{
#region Variables
#region Env
OperatingSystem os = Environment.OSVersion;
// https://github.com/dotnet/corefx/issues/29404#issuecomment-385287947
// *.pfxから証明書を開く場合、X509KeyStorageFlags.Exportableの指定が必要な場合がある。
// Linuxのキーは常にエクスポート可能だが、WindowsやMacOSでは必ずしもそうではない。
X509KeyStorageFlags x509KSF = 0;
if (os.Platform == PlatformID.Win32NT)
{
x509KSF = X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable;
}
else //if (os.Platform == PlatformID.Unix)
{
x509KSF = X509KeyStorageFlags.DefaultKeySet;
}
#endregion
#region Keys
X509Certificate2 publicX509Key = null;
X509Certificate2 privateX509Key = null;
#endregion
#region DigitalSign
string moji = "hogehoge";
byte[] data = CustomEncode.StringToByte(moji, CustomEncode.UTF_8);
byte[] sign = null;
#endregion
#endregion
#region Test of the X.509 Certificates
#region RSA
privateX509Key = new X509Certificate2(Program.PrivateRsaX509Path, Program.PfxPassword, x509KSF);
publicX509Key = new X509Certificate2(Program.PublicRsaX509Path, "", x509KSF);
MyDebug.InspectPrivateX509Key("RSA", privateX509Key);
MyDebug.InspectPublicX509Key("RSA", publicX509Key);
#endregion
#if NETCORE || NET47
#region DSA
// https://github.com/dotnet/corefx/issues/18733#issuecomment-296723615
privateX509Key = new X509Certificate2(Program.PrivateDsaX509Path, Program.PfxPassword);
publicX509Key = new X509Certificate2(Program.PublicDsaX509Path, "");
MyDebug.InspectPrivateX509Key("DSA", privateX509Key);
MyDebug.InspectPublicX509Key("DSA", publicX509Key);
DSA privateDSA = privateX509Key.GetDSAPrivateKey();
MyDebug.OutputDebugAndConsole("privateDSA", (privateDSA == null ? "is null" : "is not null"));
//DSA publicDSA = null; // publicX509Key.GetDSAPublicKey(); // Internal.Cryptography.CryptoThrowHelper.WindowsCryptographicException
#endregion
#region ECDsa
// https://github.com/dotnet/corefx/issues/18733#issuecomment-296723615
privateX509Key = new X509Certificate2(Program.PrivateECDsaX509Path, Program.PfxPassword);
publicX509Key = new X509Certificate2(Program.PublicECDsaX509Path, "");
MyDebug.InspectPrivateX509Key("ECDsa", privateX509Key);
MyDebug.InspectPublicX509Key("ECDsa", publicX509Key);
ECDsa privateECDsa = privateX509Key.GetECDsaPrivateKey();
MyDebug.OutputDebugAndConsole("privateECDsa", (privateECDsa == null ? "is null" : "is not null"));
ECDsa publicECDsa = publicX509Key.GetECDsaPublicKey();
MyDebug.OutputDebugAndConsole("publicECDsa", (publicECDsa == null ? "is null" : "is not null"));
#endregion
#endif
#endregion
#region Test of the OpenTouryo.Public.Security.ASymCrypt
ASymmetricCryptography ascPublic = new ASymmetricCryptography(
EnumASymmetricAlgorithm.X509, Program.PublicRsaX509Path, "", x509KSF);
string temp = ascPublic.EncryptString(moji);
ASymmetricCryptography ascPrivate = new ASymmetricCryptography(
EnumASymmetricAlgorithm.X509, Program.PrivateRsaX509Path, Program.PfxPassword, x509KSF);
temp = ascPrivate.DecryptString(temp);
MyDebug.OutputDebugAndConsole("ASymCrypt(X509).Enc&Dec", (temp == moji).ToString());
#endregion
#region Test of the OpenTouryo.Public.Security.DigitalSign
// RSA, DSA
DigitalSignX509 dsX509 = null;
DigitalSignParam dsParam = null;
DigitalSignXML dsXML = null;
// ECDsa
#if NETCORE || NET47
DigitalSignECDsaX509 dsECDsaX509 = null;
DigitalSignECDsaCng dsECDsaCng = null;
#endif
#if NETCORE
DigitalSignECDsaOpenSsl dsECDsaOpenSsl = null;
#endif
if (os.Platform == PlatformID.Win32NT)
{
#region RSA
// X509
dsX509 = new DigitalSignX509(Program.PrivateRsaX509Path, Program.PfxPassword, "SHA256", x509KSF);
sign = dsX509.Sign(data);
dsX509 = new DigitalSignX509(Program.PublicRsaX509Path, "", "SHA256", x509KSF);
MyDebug.OutputDebugAndConsole("DigitalSignX509.Verify(RS256)", dsX509.Verify(data, sign).ToString());
// Param
dsParam = new DigitalSignParam(EnumDigitalSignAlgorithm.RsaCSP_SHA256);
sign = dsParam.Sign(data);
dsParam = new DigitalSignParam((RSAParameters)dsParam.PublicKey, EnumDigitalSignAlgorithm.RsaCSP_SHA256);
MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(RS256)", dsParam.Verify(data, sign).ToString());
// XML
dsXML = new DigitalSignXML(EnumDigitalSignAlgorithm.RsaCSP_SHA256);
sign = dsXML.Sign(data);
#if !NETCORE
// NETCOREでは、XML鍵のExportが動かない。
dsXML = new DigitalSignXML(dsXML.PublicKey, EnumDigitalSignAlgorithm.RsaCSP_SHA256);
#endif
MyDebug.OutputDebugAndConsole("DigitalSignXML.Verify(RS256)", dsXML.Verify(data, sign).ToString());
#endregion
#region DSA
// DSAはFormatterバージョンしか動かない。
// また、WinではDSAのX509が処理できない(Linux上では動作することを確認済み)。
//dsX509 = new DigitalSignX509(Program.PrivateDsaX509Path, Program.PfxPassword , "SHA256", x509KSF);
//sign = dsX509.Sign(data);
//MyDebug.OutputDebugAndConsole("DigitalSignX509.Verify(DSA-SHA256)", dsX509.Verify(data, sign).ToString());
// Param
dsParam = new DigitalSignParam(EnumDigitalSignAlgorithm.DsaCSP_SHA1);
sign = dsParam.SignByFormatter(data);
dsParam = new DigitalSignParam((DSAParameters)dsParam.PublicKey, EnumDigitalSignAlgorithm.DsaCSP_SHA1);
MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(DSA-SHA1)", dsParam.VerifyByDeformatter(data, sign).ToString());
// XML
dsXML = new DigitalSignXML(EnumDigitalSignAlgorithm.DsaCSP_SHA1);
sign = dsXML.SignByFormatter(data);
#if !NETCORE
// NETCOREでは、XML鍵のExportが動かない。
dsXML = new DigitalSignXML(dsXML.PublicKey, EnumDigitalSignAlgorithm.DsaCSP_SHA1);
#endif
MyDebug.OutputDebugAndConsole("DigitalSignXML.Verify(DSA-SHA1)", dsXML.VerifyByDeformatter(data, sign).ToString());
#endregion
#if NETCORE || NET47
#region ECDsa
// X509
dsECDsaX509 = new DigitalSignECDsaX509(Program.PrivateECDsaX509Path, Program.PfxPassword, HashAlgorithmName.SHA256);
sign = dsECDsaX509.Sign(data);
dsECDsaX509 = new DigitalSignECDsaX509(Program.PublicECDsaX509Path, "", HashAlgorithmName.SHA256);
MyDebug.OutputDebugAndConsole("DigitalSignECDsaX509.Verify(ECDSA-SHA256)", dsECDsaX509.Verify(data, sign).ToString());
#if NET47 || NETCOREAPP3_0
// Param
dsECDsaCng = new DigitalSignECDsaCng(EnumDigitalSignAlgorithm.ECDsaCng_P256);
sign = dsECDsaCng.Sign(data);
dsECDsaCng = new DigitalSignECDsaCng(dsECDsaCng.PublicKey);
MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(ECDSA-P256)", dsECDsaCng.Verify(data, sign).ToString());
#endif
#endregion
#endif
}
else //if (os.Platform == PlatformID.Unix)
{
#if NETCORE
#region RSA
// X509
dsX509 = new DigitalSignX509(Program.PrivateRsaX509Path, Program.PfxPassword, "SHA256");
sign = dsX509.Sign(data);
dsX509 = new DigitalSignX509(Program.PublicRsaX509Path, "", "SHA256");
MyDebug.OutputDebugAndConsole("DigitalSignX509.Verify(RS256)", dsX509.Verify(data, sign).ToString());
// Param
dsParam = new DigitalSignParam(EnumDigitalSignAlgorithm.RsaOpenSsl_SHA256);
sign = dsParam.Sign(data);
dsParam = new DigitalSignParam((RSAParameters)dsParam.PublicKey, EnumDigitalSignAlgorithm.RsaOpenSsl_SHA256);
MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(RS256)", dsParam.Verify(data, sign).ToString());
// XML
dsXML = new DigitalSignXML(EnumDigitalSignAlgorithm.RsaOpenSsl_SHA256);
sign = dsXML.Sign(data);
//dsXML = new DigitalSignXML(dsXML.PublicKey, EnumDigitalSignAlgorithm.RsaOpenSsl_SHA256); // 動かない
MyDebug.OutputDebugAndConsole("DigitalSignXML.Verify(RS256)", dsXML.Verify(data, sign).ToString());
#endregion
#region DSA
// X509
dsX509 = new DigitalSignX509(Program.PrivateDsaX509Path, Program.PfxPassword, "SHA256");
sign = dsX509.Sign(data);
dsX509 = new DigitalSignX509(Program.PublicDsaX509Path, "", "SHA256");
MyDebug.OutputDebugAndConsole("DigitalSignX509.Verify(DSA-SHA256)", dsX509.Verify(data, sign).ToString());
// Param
dsParam = new DigitalSignParam(EnumDigitalSignAlgorithm.DsaOpenSsl_SHA1);
sign = dsParam.Sign(data);
dsParam = new DigitalSignParam((DSAParameters)dsParam.PublicKey, EnumDigitalSignAlgorithm.DsaOpenSsl_SHA1);
MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(DSA-SHA1)", dsParam.Verify(data, sign).ToString());
// XML
dsXML = new DigitalSignXML(EnumDigitalSignAlgorithm.DsaOpenSsl_SHA1);
sign = dsXML.Sign(data);
//dsXML = new DigitalSignXML(dsXML.PublicKey, EnumDigitalSignAlgorithm.DsaOpenSsl_SHA1); // 動かない
MyDebug.OutputDebugAndConsole("DigitalSignXML.Verify(DSA-SHA1)", dsXML.Verify(data, sign).ToString());
#endregion
#region ECDsa (.NET Core on Linux)
// X509
dsECDsaX509 = new DigitalSignECDsaX509(Program.PrivateECDsaX509Path, Program.PfxPassword, HashAlgorithmName.SHA256);
sign = dsECDsaX509.Sign(data);
dsECDsaX509 = new DigitalSignECDsaX509(Program.PublicECDsaX509Path, "", HashAlgorithmName.SHA256);
MyDebug.OutputDebugAndConsole("DigitalSignECDsaX509.Verify(ECDSA)", dsECDsaX509.Verify(data, sign).ToString());
// Param
dsECDsaOpenSsl = new DigitalSignECDsaOpenSsl(
EnumDigitalSignAlgorithm.ECDsaOpenSsl_P256, SHA256CryptoServiceProvider.Create());
sign = dsECDsaOpenSsl.Sign(data);
dsECDsaOpenSsl = new DigitalSignECDsaOpenSsl(
dsECDsaOpenSsl.PublicKey.Value, SHA256CryptoServiceProvider.Create());
MyDebug.OutputDebugAndConsole("DigitalSignParam.Verify(ECDSA-P256)", dsParam.Verify(data, sign).ToString());
#endregion
#endif
}
#endregion
}