/// <summary> /// Validates a client signature /// </summary> /// <param name="Data">Binary data being signed.</param> /// <param name="s1">First signature</param> /// <param name="s2">Second signature, if available.</param> /// <returns>If the client signature is correct</returns> public bool ValidateSignature(byte[] Data, byte[] s1, byte[] s2) { if (!this.HasClientPublicKey) { return(false); } if (this.clientKeyName.StartsWith("RSA")) { if (!int.TryParse(this.clientKeyName.Substring(3), out int KeySize)) { return(false); } return(RsaAes.Verify(Data, s1, KeySize, this.clientPubKey1, this.clientPubKey2)); } else if (EndpointSecurity.TryCreateEndpoint(this.clientKeyName, EndpointSecurity.IoTHarmonizationE2E, out IE2eEndpoint Endpoint) && Endpoint is EcAes256 EcAes256) { if (s2 == null) { return(false); } return(EcAes256.Verify(Data, this.clientPubKey1, this.clientPubKey2, s1, s2, HashFunction.SHA256)); } else { return(false); } }
/// <summary> /// Parses an identity from its XML representation /// </summary> /// <param name="Xml">XML representation</param> /// <returns>Legal identity</returns> public static LegalIdentity Parse(XmlElement Xml) { List <Property> Properties = new List <Property>(); LegalIdentity Result = new LegalIdentity() { id = XML.Attribute(Xml, "id") }; foreach (XmlNode N in Xml.ChildNodes) { if (N is XmlElement E) { switch (E.LocalName) { case "clientPublicKey": foreach (XmlNode N2 in E.ChildNodes) { if (N2 is XmlElement E2) { IE2eEndpoint Key = EndpointSecurity.ParseE2eKey(E2); if (Key != null && Key.Namespace == EndpointSecurity.IoTHarmonizationE2E) { if (Key is RsaAes RsaAes) { Result.clientKeyName = "RSA" + RsaAes.KeySize.ToString(); Result.clientPubKey1 = RsaAes.Modulus; Result.clientPubKey2 = RsaAes.Exponent; } else if (Key is EcAes256 EcAes256) { Result.clientKeyName = Key.LocalName; Result.ClientPubKey1 = EcAes256.ToNetwork(EcAes256.PublicKey.X); Result.ClientPubKey2 = EcAes256.ToNetwork(EcAes256.PublicKey.Y); } } } } break; case "property": string Name = XML.Attribute(E, "name"); string Value = XML.Attribute(E, "value"); Properties.Add(new Property(Name, Value)); break; case "clientSignature": foreach (XmlAttribute Attr in E.Attributes) { switch (Attr.Name) { case "s1": Result.clientSignature1 = Convert.FromBase64String(Attr.Value); break; case "s2": Result.clientSignature2 = Convert.FromBase64String(Attr.Value); break; } } break; case "status": foreach (XmlAttribute Attr in E.Attributes) { switch (Attr.Name) { case "provider": Result.provider = Attr.Value; break; case "state": if (Enum.TryParse <IdentityState>(Attr.Value, out IdentityState IdentityState)) { Result.state = IdentityState; } break; case "created": if (XML.TryParse(Attr.Value, out DateTime TP)) { Result.created = TP; } break; case "updated": if (XML.TryParse(Attr.Value, out TP)) { Result.updated = TP; } break; case "from": if (XML.TryParse(Attr.Value, out TP)) { Result.from = TP; } break; case "to": if (XML.TryParse(Attr.Value, out TP)) { Result.to = TP; } break; } } break; case "serverSignature": foreach (XmlAttribute Attr in E.Attributes) { switch (Attr.Name) { case "s1": Result.serverSignature1 = Convert.FromBase64String(Attr.Value); break; case "s2": Result.serverSignature2 = Convert.FromBase64String(Attr.Value); break; } } break; } } } Result.properties = Properties.ToArray(); return(Result); }