//Server Side
public void BeforeSendReply(ref System.ServiceModel.Channels.Message reply, object correlationState)
{
X509Certificate2 myCert = CryptoHelper.FindCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=klServer");
byte[] myHash = myCert.GetCertHash();
byte[] mySignedHash = CryptoHelper.Sign(myHash, myCert);
byte[] mySignedDetachedHash = CryptoHelper.SignDetached(myHash, myCert);
byte[] myEncryptedHash = CryptoHelper.Encrypt(mySignedHash, myCert);
byte[] myEncryptedDetachedHash = CryptoHelper.Encrypt(mySignedDetachedHash, myCert);
byte[] myDecodedHash = CryptoHelper.VerifyAndRemoveSignature(mySignedHash);
bool myOK = CryptoHelper.VerifyDetached(mySignedHash, mySignedDetachedHash);
char[] keyChars = new char[mySignedHash.Length];
for (int i = 0; i < mySignedHash.Length; i++)
{
keyChars[i] = (char)mySignedHash[i];
}
reply.Headers.Add((new CustomSecurityHeader(new string(keyChars))));
MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);
reply = buffer.CreateMessage();
Console.WriteLine("Service Sending:\n{0}", buffer.CreateMessage().ToString());
}
public static byte[] SignMacWithPrivateKey(byte[] mac)
{
X509Certificate2 myCert = CryptoHelper.FindCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=klLicenseKeyGen");
byte[] mySignedMac = CryptoHelper.Sign(mac, myCert);
return(mySignedMac);
}
//Server Side
public void BeforeSendReply(ref Message reply, object correlationState)
{
X509Certificate2 myCert = CryptoHelper.FindCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=klServer");
var myHash = myCert.GetCertHash();
var mySignedHash = CryptoHelper.Sign(myHash, myCert);
var keyChars = new char[mySignedHash.Length];
for (int i = 0; i < mySignedHash.Length; i++)
{
keyChars[i] = (char)mySignedHash[i];
}
reply.Headers.Add((new CustomSecurityHeader(new string(keyChars))));
MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);
reply = buffer.CreateMessage();
}
//Client Side
public void AfterReceiveReply(ref Message reply, object correlationState)
{
MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);
reply = buffer.CreateMessage();
Console.WriteLine("Client Received:\n{0}", buffer.CreateMessage().ToString());
X509Certificate2 myCert = CryptoHelper.FindCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=klServer");
byte[] myHash = myCert.GetCertHash();
Int32 headerPosition = reply.Headers.FindHeader(CustomHeaderNames.CustomHeaderName, CustomHeaderNames.CustomHeaderNamespace);
XmlDictionaryReader reader = reply.Headers.GetReaderAtHeader(headerPosition);
CustomSecurityHeader header = CustomSecurityHeader.ReadHeader(reader);
string mySignedHashString = header.Key;
char[] mysignedHashCharArray = mySignedHashString.ToArray();
byte[] mySignedHash = new byte[mySignedHashString.Length];
for (int i = 0; i < mySignedHashString.Length; i++)
{
mySignedHash[i] = (byte)mysignedHashCharArray[i];
}
byte[] myDecodedHash = CryptoHelper.VerifyAndRemoveSignature(mySignedHash);
for (int i = 0; i < myHash.Length; i++)
{
if (myDecodedHash[i] != myHash[i])
{
throw new Exception("Access Denied");
}
}
}