/// <summary>
/// Validates a client signature
/// </summary>
/// <param name="Data">Binary data being signed.</param>
/// <param name="s1">First signature</param>
/// <param name="s2">Second signature, if available.</param>
/// <returns>If the client signature is correct</returns>
public bool ValidateSignature(byte[] Data, byte[] s1, byte[] s2)
{
if (!this.HasClientPublicKey)
{
return(false);
}
if (this.clientKeyName.StartsWith("RSA"))
{
if (!int.TryParse(this.clientKeyName.Substring(3), out int KeySize))
{
return(false);
}
return(RsaAes.Verify(Data, s1, KeySize, this.clientPubKey1, this.clientPubKey2));
}
else if (EndpointSecurity.TryCreateEndpoint(this.clientKeyName,
EndpointSecurity.IoTHarmonizationE2E, out IE2eEndpoint Endpoint) &&
Endpoint is EcAes256 EcAes256)
{
if (s2 == null)
{
return(false);
}
return(EcAes256.Verify(Data, this.clientPubKey1, this.clientPubKey2, s1, s2, HashFunction.SHA256));
}
else
{
return(false);
}
}
/// <summary>
/// Parses an identity from its XML representation
/// </summary>
/// <param name="Xml">XML representation</param>
/// <returns>Legal identity</returns>
public static LegalIdentity Parse(XmlElement Xml)
{
List <Property> Properties = new List <Property>();
LegalIdentity Result = new LegalIdentity()
{
id = XML.Attribute(Xml, "id")
};
foreach (XmlNode N in Xml.ChildNodes)
{
if (N is XmlElement E)
{
switch (E.LocalName)
{
case "clientPublicKey":
foreach (XmlNode N2 in E.ChildNodes)
{
if (N2 is XmlElement E2)
{
IE2eEndpoint Key = EndpointSecurity.ParseE2eKey(E2);
if (Key != null && Key.Namespace == EndpointSecurity.IoTHarmonizationE2E)
{
if (Key is RsaAes RsaAes)
{
Result.clientKeyName = "RSA" + RsaAes.KeySize.ToString();
Result.clientPubKey1 = RsaAes.Modulus;
Result.clientPubKey2 = RsaAes.Exponent;
}
else if (Key is EcAes256 EcAes256)
{
Result.clientKeyName = Key.LocalName;
Result.ClientPubKey1 = EcAes256.ToNetwork(EcAes256.PublicKey.X);
Result.ClientPubKey2 = EcAes256.ToNetwork(EcAes256.PublicKey.Y);
}
}
}
}
break;
case "property":
string Name = XML.Attribute(E, "name");
string Value = XML.Attribute(E, "value");
Properties.Add(new Property(Name, Value));
break;
case "clientSignature":
foreach (XmlAttribute Attr in E.Attributes)
{
switch (Attr.Name)
{
case "s1":
Result.clientSignature1 = Convert.FromBase64String(Attr.Value);
break;
case "s2":
Result.clientSignature2 = Convert.FromBase64String(Attr.Value);
break;
}
}
break;
case "status":
foreach (XmlAttribute Attr in E.Attributes)
{
switch (Attr.Name)
{
case "provider":
Result.provider = Attr.Value;
break;
case "state":
if (Enum.TryParse <IdentityState>(Attr.Value, out IdentityState IdentityState))
{
Result.state = IdentityState;
}
break;
case "created":
if (XML.TryParse(Attr.Value, out DateTime TP))
{
Result.created = TP;
}
break;
case "updated":
if (XML.TryParse(Attr.Value, out TP))
{
Result.updated = TP;
}
break;
case "from":
if (XML.TryParse(Attr.Value, out TP))
{
Result.from = TP;
}
break;
case "to":
if (XML.TryParse(Attr.Value, out TP))
{
Result.to = TP;
}
break;
}
}
break;
case "serverSignature":
foreach (XmlAttribute Attr in E.Attributes)
{
switch (Attr.Name)
{
case "s1":
Result.serverSignature1 = Convert.FromBase64String(Attr.Value);
break;
case "s2":
Result.serverSignature2 = Convert.FromBase64String(Attr.Value);
break;
}
}
break;
}
}
}
Result.properties = Properties.ToArray();
return(Result);
}
