public void TestSendDecryptResponse()
{
String methodName = "methodOne";
String arg0 = "arg0";
String arg1 = "arg1";
TestWebServiceProxy testProxy = new TestWebServiceProxy();
ITransportProxy proxy = testProxy;
FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
RSACipher encryptorVerifier = new RSACipher(
keyStore,
"countyKey",
false);
RSACipher signerDecryptor = new RSACipher(
keyStore,
"stateKey",
true);
SecureTransport transport = new SecureTransport(proxy, encryptorVerifier,
signerDecryptor);
String response = transport.send(methodName, new String[] { arg0, arg1 });
Assert.AreEqual(TestWebServiceProxy.THIS_IS_THE_RESPONSE, response);
}
public SecureTransport(
ITransportProxy proxy,
RSACipher encryptorVerifier,
RSACipher signerDecryptor)
{
m_proxy = proxy;
m_encryptorVerifier = encryptorVerifier;
m_signerDecryptor = signerDecryptor;
}
public void TestReceiveResponse()
{
TestWebServiceProxy testProxy = new TestWebServiceProxy();
ITransportProxy proxy = testProxy;
FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
RSACipher encryptorVerifier = new RSACipher(
keyStore,
"stateKey",
false);
RSACipher signerDecryptor = new RSACipher(
keyStore,
"countyKey",
true);
SecureTransport transport = new SecureTransport(proxy, encryptorVerifier, signerDecryptor);
String sender = "stateKey";
string result = transport.receive(encryptedMessage, signature,
encryptedAesKey, encryptedIV, sender);
// The result should be an XML document with an encrypted AES key
// and
// IV,
// an AES-encrypted response string, and a signed hash of the
// encrypted
// response string.
ResponseInfo objResponseInfo = ResponseInfo.decode(result);
encryptorVerifier = new RSACipher(
keyStore,
"countyKey",
false);
signerDecryptor = new RSACipher(
keyStore,
"stateKey",
true);
byte[] sig = Convert.FromBase64String(objResponseInfo.Signature);
byte[] hash = encryptorVerifier.decrypt(sig);
byte[] encryptedResponse = Convert.FromBase64String(objResponseInfo.Response);
byte[] expectedHash = Hash.getHash(encryptedResponse);
Assert.AreEqual(hash, expectedHash);
byte[] key = signerDecryptor.decrypt(Convert.FromBase64String(objResponseInfo.Key));
byte[] iv = signerDecryptor.decrypt(Convert.FromBase64String(objResponseInfo.IV));
AESCipher cipher = new AESCipher(key, iv);
Assert.AreEqual(TestWebServiceProxy.THIS_IS_THE_RESPONSE, cipher
.decrypt(encryptedResponse));
}
public void TestReceiveCall()
{
TestWebServiceProxy testProxy = new TestWebServiceProxy();
ITransportProxy proxy = testProxy;
// This establishes the signature of the proxy's "receive"
// method. We need to know if the signature was verified
// and whether it came from an authorized sender.
MethodInfo methodInfo = new MethodInfo();
bool validSignature = true;
String sender = "sender";
String reply = proxy.receive(validSignature, methodInfo, sender);
FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
RSACipher encryptorVerifier = new RSACipher(
keyStore,
"stateKey",
false);
RSACipher signerDecryptor = new RSACipher(
keyStore,
"countyKey",
true);
SecureTransport transport = new SecureTransport(proxy, encryptorVerifier,
signerDecryptor);
testProxy.m_validSignature = false;
testProxy.m_message = null;
sender = "stateKey";
String result = transport.receive(encryptedMessage, signature,
encryptedAesKey, encryptedIV, sender);
Assert.IsTrue(testProxy.m_validSignature);
Assert.IsNotNull(testProxy.m_methodInfo);
Assert.AreEqual(expectedMethodInfo.MethodName, testProxy.m_methodInfo.MethodName);
Assert.AreEqual(sender, testProxy.m_senderAlias);
}
public void TestSecureTransport()
{
String methodName = "methodOne";
String arg0 = "arg0";
String arg1 = "arg1";
TestWebServiceProxy testProxy = new TestWebServiceProxy();
ITransportProxy proxy = testProxy;
FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
RSACipher encryptorVerifier = new RSACipher(
keyStore,
"countyKey",
false);
RSACipher signerDecryptor = new RSACipher(
keyStore,
"stateKey",
true);
SecureTransport transport = new SecureTransport(
proxy,
encryptorVerifier,
signerDecryptor);
// Test for the proxy method
String message = "message";
String signature = "signature";
String aesKey = "key";
String iv = "iv";
String senderAlias = "alias";
String retval = proxy.send(message, signature, aesKey, iv, senderAlias);
String returnVal = transport.send(methodName, new String[] { arg0, arg1 });
// First, just check to see if something got to the proxy.
Assert.IsNotNull(returnVal);
Assert.IsNotNull(testProxy.m_aesKey);
Assert.IsNotNull(testProxy.m_iv);
Assert.IsNotNull(testProxy.m_message);
Assert.IsNotNull(testProxy.m_senderAlias);
Assert.IsNotNull(testProxy.m_signature);
Console.WriteLine("Encrypted AES Key:" + testProxy.m_aesKey);
Console.WriteLine("Encrypted IV:" + testProxy.m_iv);
Console.WriteLine("Encrypted Message:" + testProxy.m_message);
Console.WriteLine("Sender Alias:" + testProxy.m_senderAlias);
Console.WriteLine("Signature:" + testProxy.m_signature);
// Decrypt the AES Key
RSACipher testDecryptor = new RSACipher(
keyStore,
"countyKey",
true);
byte[] testKey = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_aesKey));
byte[] testIV = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_iv));
Console.WriteLine("Decrypted Key:" + Convert.ToBase64String(testKey));
Console.WriteLine("Decrypted IV:" + Convert.ToBase64String(testIV));
AESCipher cipher = new AESCipher(testKey, testIV);
// Independently encrypt the message and make sure they're the same
MethodInfo mInfo = new MethodInfo(methodName, new String[] { arg0, arg1 });
String xml = mInfo.encode();
String testEncryptedMessage = Convert.ToBase64String(cipher.encrypt(xml));
Assert.AreEqual(xml, cipher.decrypt(Convert.FromBase64String(testEncryptedMessage)));
Assert.AreEqual(testEncryptedMessage, testProxy.m_message);
string decryptedMessage = cipher.decrypt(Convert.FromBase64String(testProxy.m_message));
string expectedMessage = expectedMethodInfo.encode();
Assert.AreEqual(expectedMessage, decryptedMessage);
}
