Beispiel #1
0
        public string SignAuthCookieV1(string cookie)
        {
            byte[] privateKey = this.GetPrivateKey(KeyType.AuthCookieV1);

            //// The array to store the signed message in bytes
            byte[] signedBytes;
            using (var rsa = new RSACryptoServiceProvider())
            {
                // Write the message to a byte array using UTF8 as the encoding.

                byte[] originalData = System.Text.Encoding.UTF8.GetBytes(cookie);

                try
                {
                    // Import the private key used for signing the message
                    rsa.ImportParameters(SecureSigningService.FromBinaryToRSAParameters(privateKey));

                    signedBytes = rsa.SignData(originalData, CryptoConfig.MapNameToOID("SHA512"));
                }
                catch (CryptographicException e)
                {
                    Console.WriteLine(e.Message);
                    return(null);
                }
                finally
                {
                    //// Set the keycontainer to be cleared when rsa is garbage collected.
                    rsa.PersistKeyInCsp = false;
                }
            }

            // Convert the a base64 string before returning
            return(Convert.ToBase64String(signedBytes));
        }
Beispiel #2
0
        public bool VerifyAuthCookieV1(string cookie, string sign)
        {
            byte[] publicKey = this.GetPublicKey(KeyType.AuthCookieV1);

            using (var rsa = new RSACryptoServiceProvider())
            {
                byte[] originalData = System.Text.Encoding.UTF8.GetBytes(cookie);
                byte[] signedBytes  = Convert.FromBase64String(sign);

                try
                {
                    // Import the private key used for signing the message
                    rsa.ImportParameters(SecureSigningService.FromBinaryToRSAParameters(publicKey));

                    return(rsa.VerifyData(originalData, CryptoConfig.MapNameToOID("SHA512"), signedBytes));
                }
                catch (CryptographicException e)
                {
                    return(false);
                }
                finally
                {
                    //// Set the keycontainer to be cleared when rsa is garbage collected.
                    rsa.PersistKeyInCsp = false;
                }
            }
        }
Beispiel #3
0
        private void CreateKeys(KeyType type, SqlConnection connection, SqlTransaction sqlTransaction, out byte[] publicKey, out byte[] privateKey)
        {
            byte[] publicKeyInternal  = null;
            byte[] privateKeyInternal = null;
            publicKey  = null;
            privateKey = null;
            SecureSigningService.GenerateKeys(out publicKeyInternal, out privateKeyInternal);

            // Create the Command and Parameter objects.
            using (SqlCommand command = new SqlCommand(SecureSigningService.InsertKeyCommandString, connection, sqlTransaction))
            {
                command.Parameters.AddWithValue("@publicKey", publicKeyInternal);
                command.Parameters.AddWithValue("@privateKey", privateKeyInternal);
                command.Parameters.AddWithValue("@keyType", type);

                command.ExecuteScalar();

                sqlTransaction.Commit();

                publicKey  = publicKeyInternal;
                privateKey = privateKeyInternal;
            }
        }