public bool CreateSectretKey(ref authTokenType token, string keyAlias) { LunaXml.xmCryptoService client = new xmCryptoService(); try { generateSecretKey sec = new generateSecretKey(); sec.AuthToken = token; sec.KeyAlgorithm = KeyAlgorithmType.DES3; sec.KeyAlias = keyAlias; sec.KeySize = "1024"; sec.ReturnKeyInfo = true; generateSecretKeyResponse res = client.generateSecretKey(sec); token = res.AuthToken; if (res.Result.ResultMajor != null && res.Result.ResultMajor == "urn:oasis:names:tc:dss:resultmajor:Success") { return(true); } else { Log.Error((res.Result.ResultMessage != null ? res.Result.ResultMessage.Value: "")); return(false); } } catch (Exception ex) { Log.Error("Error al crear la llave privada " + ex); return(false); } finally { client.Dispose(); } }
public Dictionary <string, string> ExtraerTokendeRespuesta(string soap) { bool success; string mensaje, autorizacion; XmlDocument doc = new XmlDocument(); authTokenType tok = new authTokenType(); Dictionary <string, string> dic = new Dictionary <string, string>(); doc.LoadXml(soap); foreach (XmlNode node in doc.ChildNodes[1].ChildNodes[1].ChildNodes[0]) { if (node.Name == "dss:Result") { success = node.FirstChild.InnerText.IndexOf("Success") >= 0; if (!success) { mensaje = node.ChildNodes[1].InnerText; dic.Add("Estado", "False"); dic.Add("Mensaje", mensaje); } else { dic.Add("Estado", "True"); } } if (node.Name == "xmc:AuthToken") { autorizacion = node.FirstChild.InnerText; dic.Add("Autorizacion", autorizacion); } } return(dic); }
public Dictionary <string, string> SubirLlavePublica(authTokenType token, string archivoLlave, string pass, string alias) { X509Certificate2 x509Certificate2 = new X509Certificate2(archivoLlave); string soap = ArmarSoapPublica(alias, Convert.ToBase64String(x509Certificate2.RawData), token.SessionStateToken); return(ExtraerTokendeRespuesta(Ejecutar(soap))); }
public bool GenerarPardeLlaves(ref authTokenType token, int tamaño, string alias, KeyAlgorithmType algoritmo) { xmCryptoService client = new xmCryptoService(); try { generateKeyPair keyPair = new generateKeyPair(); generateKeyPairResponse res = new generateKeyPairResponse(); keyPair.KeyAlgorithm = KeyAlgorithmType.RSA; keyPair.KeySize = tamaño.ToString(); keyPair.AuthToken = token; keyPair.KeyAlias = alias; res = client.generateKeyPair(keyPair); token = res.AuthToken; if (res.Result.ResultMajor != null && res.Result.ResultMajor == "urn:oasis:names:tc:dss:resultmajor:Success") { return(true); } else { Log.Error((res.Result.ResultMessage != null ? res.Result.ResultMessage.Value : "")); return(false); } } catch (Exception ex) { Log.Error("Error al intentar generar par de llaves: " + ex); return(false); } }
public bool Logout(authTokenType token) { xmCryptoService client = new xmCryptoService(); try { logout log = new logout(); log.AuthToken = token; client.logout(log); return(true); } catch (Exception ex) { Log.Error("Error al intentar realizar logout: " + ex); return(false); } finally { client.Dispose(); //if (client.State == CommunicationState.Faulted) // client.Abort(); //else // client.Close(); } }
public string Firmar(ref authTokenType token, string texto, string alias, SignatureModeType tipodefirma) { LunaXml.xmCryptoService client = new xmCryptoService(); try { sign textoafirmar = new sign(); textoafirmar.AuthToken = token; textoafirmar.SignatureModeSpecified = true; textoafirmar.DataToSign = Convert.ToBase64String(Encoding.UTF8.GetBytes(texto)); textoafirmar.SignatureMode = tipodefirma; textoafirmar.SigningKeyAlias = alias; signResponse respuesta = client.sign(textoafirmar); token = respuesta.AuthToken; if (respuesta.Result.ResultMajor != null && respuesta.Result.ResultMajor == "urn:oasis:names:tc:dss:resultmajor:Success") { return(respuesta.Signature); } else { Log.Error((respuesta.Result.ResultMessage != null ? respuesta.Result.ResultMessage.Value : "")); return(null); } } catch (Exception ex) { Log.Error("Error al intentar firmar: " + ex); return(null); } finally { client.Dispose(); } }
public Dictionary <string, string> SubirLlavePrivada1(ref authTokenType token, string archivo, string password, string aliasLlave, string aliasCifrar) { byte[] bytesLlave = File.ReadAllBytes(archivo); byte[] bytesDescifrados = OpensslKey.DecodeEncryptedPrivateKeyInfoBytes(bytesLlave, password); string llaveAcifrar = Cifrar(ref token, Convert.ToBase64String(bytesDescifrados), aliasCifrar); string header = "<?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">"; string body = "<soapenv:Body><ns5:inject xmlns:ns5=\"http://xmCrypto.safenet-inc.com/xsd\">"; string injectedKeyAlias = "<ns5:InjectedKeyAlias>" + aliasLlave + "</ns5:InjectedKeyAlias>"; string keytoInject = "<KeyToInject xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" + "<xmc:WrappedKey xmlns:xmc = \"http://xmCrypto.safenet-inc.com/xsd\"><xmc:WrappedKeyValue>" + llaveAcifrar + "</xmc:WrappedKeyValue><xmc:MaskingKeyAlias>" + aliasCifrar + "</xmc:MaskingKeyAlias>" + "<xmc:KeyAlgorithm>RSAPrivate</xmc:KeyAlgorithm><xmc:Mechanism>CBC</xmc:Mechanism>" + "<xmc:Padding>PKCS5Padding</xmc:Padding><xmc:Parameter><xmc:ParameterName>IV</xmc:ParameterName>" + "<xmc:ParameterValue>MTIzNDU2Nzg=</xmc:ParameterValue></xmc:Parameter></xmc:WrappedKey></KeyToInject>"; string publicobject = "<ns5:PublicObject>false</ns5:PublicObject>"; string politica = "<ns5:Policy><ns5:PolicyName>SetKeySpace</ns5:PolicyName><ns5:PolicyValue>soapAdmin</ns5:PolicyValue></ns5:Policy>"; string tokenauth = "<ns5:AuthToken><ns5:SessionStateToken>" + token.SessionStateToken + "</ns5:SessionStateToken></ns5:AuthToken></ns5:inject></soapenv:Body></soapenv:Envelope>"; string soap = header + body + injectedKeyAlias + keytoInject + publicobject + politica + tokenauth; string res = Ejecutar(soap); var x = ExtraerTokendeRespuesta(res); return(x); }
public bool BorrarObjeto(ref authTokenType token, string alias) { LunaXml.xmCryptoService client = new xmCryptoService(); try { deleteObject del = new deleteObject(); del.AuthToken = token; del.ObjectAlias = alias; deleteObjectResponse res = client.deleteObject(del); token = res.AuthToken; if (res.Result.ResultMajor != null && res.Result.ResultMajor == "urn:oasis:names:tc:dss:resultmajor:Success") { return(true); } else { return(false); } } catch (Exception ex) { Log.Error("Error al crear la llave privada " + ex); return(false); } finally { client.Dispose(); } }
public Dictionary <string, string> SubirLlavePrivada(authTokenType token, string archivoLlave, string pass, string alias) { byte[] bytes = File.ReadAllBytes(archivoLlave); RSAParameters param = OpensslKey.DecodeEncryptedPrivateKeyInfoParams(bytes, pass); string soap = ArmarSoapPrivada(alias, Convert.ToBase64String(param.Modulus), Convert.ToBase64String(param.Exponent), token.SessionStateToken); return(ExtraerTokendeRespuesta(Ejecutar(soap))); }
public bool GenerarCsr(ref authTokenType token, string privateKeyalias, string publicKeyAlias, string subject, string fileName, string challenge) { LunaXml.xmCryptoService client = new xmCryptoService(); try { byte[] modulus = new byte[] {}; byte [] exponent = new byte[] {}; this.Extraer(ref token, publicKeyAlias, ref modulus, ref exponent); RsaKeyParameters param = new RsaKeyParameters(false, new BigInteger(modulus), new BigInteger(exponent)); DerSet derset = null; if (challenge != null) { ChallengePassword chpass = new ChallengePassword(challenge); derset = new DerSet(chpass); //IList oid = new ArrayList(); //IList values = new ArrayList(); //oid.Add(PkcsObjectIdentifiers.Pkcs9AtChallengePassword); //var pass = new DerPrintableString(challenge); ////Asn1OctetString oct = pass.ToAsn1Object(); //new DerOctetString(pass);//Encoding.ASCII.GetBytes(Convert.ToBase64String(Encoding.UTF8.GetBytes("AABBccc22")))); //X509Extension ext = new X509Extension(false,new DerOctetString(pass.GetEncoded())); //values.Add(pass); //X509Extensions extensions = new X509Extensions(oid, values); //derset = new DerSet(extensions.ToAsn1Object()); } else { derset = new DerSet(); } //string sub = //"2.5.4.45=SAT970701NN3 / GATF730321GG5, SERIALNUMBER= / GATF730321HJCRRR01, O=SERVICIO DE ADMINISTRACION TRIBUTARIA, OU=PACNLC091211KC657202"; //+ ", 1.2.840.113549.1.9.7= NtLink2012" X509Name sub = new X509Name(subject, new ConverterSidetec()); Pkcs10CertificationRequestDelaySigned ds = new Pkcs10CertificationRequestDelaySigned("SHA1WITHRSA", sub, param, derset); string pafirmar = Convert.ToBase64String(ds.GetDataToSign()); string firmados = Firmar(ref token, pafirmar, privateKeyalias, SignatureModeType.SHA1withRSA); byte[] bytes = Convert.FromBase64String(firmados); ds.SignRequest(bytes); File.WriteAllBytes(fileName, ds.GetDerEncoded()); return(true); } catch (Exception ex) { Log.Error(ex); return(false); } finally { client.Dispose(); } }
public Dictionary <string, string> GetAliasList(ref authTokenType token, string keySpace) { xmCryptoService client = new xmCryptoService(); try { Dictionary <string, string> dic = new Dictionary <string, string>(); string tipo = string.Empty; getAliasListResponse respuesta = null; getAliasList getAliasList = new getAliasList(); getAliasList.AuthToken = token; getAliasList.KeySpace = keySpace; respuesta = client.getAliasList(getAliasList); token = respuesta.AuthToken; foreach (var alias in respuesta.ObjectAlias) { var info = new getObjectInfo { ObjectAlias = alias, AuthToken = respuesta.AuthToken }; getObjectInfoResponse resp = client.getObjectInfo(info); respuesta.AuthToken = resp.AuthToken; if (resp.KeyInfo != null && resp.KeyInfo.ItemsElementName[0] == ItemsChoiceType1.X509Data) { tipo = "Certificado"; } else { tipo = resp.CryptoObject.Policy[1].PolicyValue; if (tipo == "Private Key") { tipo = "Llave Privada"; } else { tipo = "Llave Pública"; } } dic.Add(alias, tipo); } token = respuesta.AuthToken; return(dic); } catch (Exception ee) { Log.Error("Error al intentar realizar login: " + ee); return(null); } }
public String GeneraSelloDigitalTimbre(String cadenaOriginal) { try { string usuario = ConfigurationManager.AppSettings["UsuarioHsm"]; string contraseña = ConfigurationManager.AppSettings["ContraseñaHsm"]; string aliaspk = ConfigurationManager.AppSettings["AliasPK"]; HsmXmlConnect hsm = new HsmXmlConnect(); authTokenType token = hsm.Login(usuario, contraseña); // String sello = hsm.Firmar(ref token, cadenaOriginal, aliaspk, SignatureModeType.SHA1withRSA); String sello = hsm.Firmar(ref token, cadenaOriginal, aliaspk, SignatureModeType.SHA256withRSA); hsm.Logout(token); return(sello); } catch (Exception Ex) { Logger.Error(Ex.ToString()); return("Error"); } }
public List <string> GetAliasSimetricas(ref authTokenType token, string keySpace) { xmCryptoService client = new xmCryptoService(); try { List <string> dic = new List <string>(); string tipo = string.Empty; getAliasListResponse respuesta = null; getAliasList getAliasList = new getAliasList(); getAliasList.AuthToken = token; getAliasList.KeySpace = keySpace; respuesta = client.getAliasList(getAliasList); foreach (var alias in respuesta.ObjectAlias) { var info = new getObjectInfo { ObjectAlias = alias, AuthToken = respuesta.AuthToken }; getObjectInfoResponse resp = client.getObjectInfo(info); respuesta.AuthToken = resp.AuthToken; if (resp.CryptoObject.Policy != null && resp.CryptoObject.Policy[1].PolicyValue == "Secret Key") { dic.Add(alias); } } token = respuesta.AuthToken; return(dic); } catch (Exception ee) { Log.Error("Error al intentar realizar login: " + ee); return(null); } }
public string Cifrar(ref authTokenType token, string texto, string alias) { LunaXml.xmCryptoService client = new xmCryptoService(); try { encrypt en = new encrypt(); en.DataToEncrypt = texto; en.AuthToken = token; en.EncryptionKeyAlias = alias; en.Mechanism = MechanismType.CBC; en.Padding = paddingType.PKCS5Padding; en.Parameter = new[] { new ParameterType() { ParameterName = "IV", ParameterValue = "MTIzNDU2Nzg=" } }; encryptResponse res = client.encrypt(en); token = res.AuthToken; if (res.Result.ResultMajor != null && res.Result.ResultMajor == "urn:oasis:names:tc:dss:resultmajor:Success") { return(res.EncryptedData); } else { Log.Error((res.Result.ResultMessage != null ? res.Result.ResultMessage.Value : "")); return(null); } } catch (Exception ex) { Log.Error("Error al intentar firmar: " + ex); return(null); } finally { client.Dispose(); } }
private bool Extraer(ref authTokenType token, string alias, ref byte[] modulus, ref byte[] exponent) { LunaXml.xmCryptoService client = new xmCryptoService(); try { extract ex = new extract(); ex.KeyAlias = alias; //ex.WrappingOptions = new WrappingOptionsType(); ex.AuthToken = token; var res = client.extract(ex); token = res.AuthToken; if (res.Result.ResultMajor != null && res.Result.ResultMajor == "urn:oasis:names:tc:dss:resultmajor:Success") { KeyValueType type = (KeyValueType)res.KeyInfo.Items[0]; RSAKeyValueType rsatype = (RSAKeyValueType)type.Item; modulus = rsatype.Modulus; exponent = rsatype.Exponent; return(true); } else { Log.Error((res.Result.ResultMessage != null ? res.Result.ResultMessage.Value : "")); return(false); } } catch (Exception ex) { Log.Error("Error al crear la llave privada " + ex); return(false); } finally { client.Dispose(); } }