Ejemplo n.º 1
0
        public void RSAFunctions_ShouldEncryptAndDecryptBackToSame()
        {
            var sourceData          = "Hello crazy world";
            var sourceDataBinary    = Encoding.UTF8.GetBytes(sourceData);
            var encryptedData       = _crypto.EncryptRSA(sourceDataBinary, _publicKey);
            var decryptedData       = _crypto.DecryptRSA(encryptedData, _privateKey);
            var decryptedDataString = Encoding.UTF8.GetString(decryptedData);

            Assert.AreEqual(sourceData, decryptedDataString);
        }
Ejemplo n.º 2
0
        public ServiceV3AuthsGetResponse ServiceV3AuthsGet(Guid authRequestId, EntityIdentifier subject)
        {
            var response = ExecuteRequest(HttpMethod.GET, $"/service/v3/auths/{authRequestId}", subject, null, new List <int> {
                408
            });

            if ((int)response.StatusCode == 204)
            {
                // user has not responded yet
                return(null);
            }

            if ((int)response.StatusCode == 408)
            {
                throw new AuthorizationRequestTimedOutError();
            }

            try
            {
                var coreResponse = DecryptResponse <ServiceV3AuthsGetResponseCore>(response);
                var jwtHeader    = response.Headers[IOV_JWT_HEADER];
                var jwtData      = _jwtService.GetJWTData(jwtHeader);
                var audience     = EntityIdentifier.FromString(jwtData.Audience);
                var key          = _keyMap.GetKey(audience, coreResponse.PublicKeyId);

                bool     authResponse = false;
                string   deviceId     = null;
                string[] servicePins  = null;
                string   type;
                string   reason;
                string   denialReason;
                AuthPolicy.JWEAuthPolicy authPolicy;
                AuthPolicy.AuthMethod[]  authMethods;



                try
                {
                    if (coreResponse.JweEncryptedDeviceResponse != null)
                    {
                        var decryptedResponse = DecryptJweData(coreResponse.JweEncryptedDeviceResponse);
                        var deviceResponse    = DecodeResponse <ServiceV3AuthsGetResponseDeviceJWE>(decryptedResponse);
                        authResponse = deviceResponse.Type == "AUTHORIZED";
                        deviceId     = deviceResponse.DeviceId;
                        servicePins  = deviceResponse.ServicePins;
                        type         = deviceResponse.Type;
                        reason       = deviceResponse.Reason;
                        denialReason = deviceResponse.DenialReason;
                        authPolicy   = deviceResponse.AuthPolicy;
                        authMethods  = deviceResponse.AuthMethods;
                    }
                    else
                    {
                        var encryptedDeviceResponse = Convert.FromBase64String(coreResponse.EncryptedDeviceResponse);
                        var decryptedResponse       = _crypto.DecryptRSA(encryptedDeviceResponse, key);
                        var decryptedResponseString = Encoding.UTF8.GetString(decryptedResponse);
                        var deviceResponse          = _jsonDecoder.DecodeObject <ServiceV3AuthsGetResponseDevice>(decryptedResponseString);
                        authResponse = deviceResponse.Response;
                        deviceId     = deviceResponse.DeviceId;
                        servicePins  = deviceResponse.ServicePins;
                        type         = null;
                        reason       = null;
                        denialReason = null;
                        authPolicy   = null;
                        authMethods  = null;
                    }

                    return(new ServiceV3AuthsGetResponse(
                               audience,
                               subject.Id,
                               coreResponse.ServiceUserHash,
                               coreResponse.OrgUserHash,
                               coreResponse.UserPushId,
                               authRequestId,
                               authResponse,
                               deviceId,
                               servicePins,
                               type,
                               reason,
                               denialReason,
                               authPolicy,
                               authMethods
                               ));
                }
                catch (Exception ex)
                {
                    throw new CryptographyError("Error decrypting device response", ex);
                }
            }
            catch (JwtError ex)
            {
                throw new CryptographyError("Unable to parse JWT to get key info", ex);
            }
        }