public void CertificateCanBeUsedToComputeAttachedCmsSignature()
{
var cert = GetTestCertificate();
var sign = GostCryptoHelpers.ComputeAttachedSignature(cert, "Привет!");
Assert.IsNotNull(sign);
Assert.IsTrue(sign.StartsWith("MII"));
Assert.IsTrue(sign.Length > 1000);
}
/// <summary>
/// Performs authentication, returns access token with a limited lifetime.
/// </summary>
/// <param name="apiClient">API client to perform API calls.</param>
/// <returns><see cref="AuthToken"/> instance.</returns>
public override AuthToken Authenticate(CommonApiClient apiClient)
{
// make sure it's an OMS client
var edoLiteClient = apiClient as EdoLiteClient;
if (edoLiteClient == null)
{
throw new InvalidOperationException("EdoLiteCredentials requires EdoLiteClient.");
}
// check if the token is already available
var authToken = CheckSessionToken(edoLiteClient);
if (authToken != null)
{
return(authToken);
}
// load the certificate with a private key by userId
var certificate = apiClient.UserCertificate;
if (certificate == null)
{
throw new SecurityException("GOST-compliant certificate not found. " +
"Make sure that the certificate is properly installed and has the associated private key. " +
"Thumbprint or subject name: " + CertificateThumbprint);
}
// get authentication code
var authResponse = Authenticate(edoLiteClient);
// compute the signature and save the size
var signedData = GostCryptoHelpers.ComputeAttachedSignature(certificate, authResponse.Data);
apiClient.SignatureSize = Encoding.UTF8.GetByteCount(signedData);
// get authentication token
return(GetToken(edoLiteClient, authResponse, signedData));
}
// <summary>
// Gets or sets the OMS Identity, taken from the user's profile,
// see https://intuot.crpt.ru:12011/configuration/profile
// </summary>
// public string OmsID { get; set; }
// <summary>
// Gets or sets the device token, taken from the device properties,
// see https://intuot.crpt.ru:12011/management/devices
// </summary>
// public string DeviceToken { get; set; }
/// <summary>
/// Performs authentication, returns access token with a limited lifetime.
/// </summary>
/// <param name="apiClient">GIS MT client to perform API calls.</param>
/// <returns><see cref="AuthToken"/> instance.</returns>
public AuthToken Authenticate(CommonApiClient apiClient)
{
// load the certificate with a private key by userId
var certificate = apiClient.UserCertificate;
if (certificate == null)
{
throw new SecurityException("GOST-compliant certificate not found. " +
"Make sure that the certificate is properly installed and has the associated private key. " +
"Thumbprint or subject name: " + CertificateThumbprint);
}
// get authentication code
var authResponse = apiClient.Authenticate();
// compute the signature and save the size
var signedData = GostCryptoHelpers.ComputeAttachedSignature(certificate, authResponse.Data);
apiClient.SignatureSize = Encoding.UTF8.GetByteCount(signedData);
// get authentication token
return(apiClient.GetToken(authResponse, signedData));
}
private void Button_Click(object sender, RoutedEventArgs e)
{
//tbxSignedText.Text = GostCryptoHelpers.ComputeDetachedSignature(TrueApiClient.UserCertificate, tbxTextToSign.Text);
tbxSignedText.Text = GostCryptoHelpers.ComputeAttachedSignature(TrueApiClient.UserCertificate, tbxTextToSign.Text.Trim()).Trim();
}
