Example #1
0
        public String receive(String message, String signature, String aesKey,
                              String IV, String senderAlias)
        {
            // Verify the signature
            String hash           = Convert.ToBase64String(m_encryptorVerifier.decrypt(Convert.FromBase64String(signature)));
            String expectedHash   = Convert.ToBase64String(Hash.getHash(Convert.FromBase64String(message)));
            bool   validSignature = hash.Equals(expectedHash);

            if (validSignature)
            {
                // Decrypt the AES key and IV
                byte[] key = m_signerDecryptor
                             .decrypt(Convert.FromBase64String(aesKey));
                byte[] iv = m_signerDecryptor.decrypt(Convert.FromBase64String(IV));
                m_aesCipher.Key = key;
                m_aesCipher.IV  = iv;
                // Decrypt the message
                String msg      = m_aesCipher.decrypt(Convert.FromBase64String(message));
                String response = m_proxy.receive(validSignature, MethodInfo.decode(msg),
                                                  senderAlias);

                return(encryptResponse(response));
            }
            else
            {
                String response = m_proxy.receive(validSignature, null,
                                                  senderAlias);

                return(encryptResponse(response));
            }
        }
Example #2
0
        public void TestReceiveCall()
        {
            TestWebServiceProxy testProxy = new TestWebServiceProxy();
            ITransportProxy     proxy     = testProxy;

            // This establishes the signature of the proxy's "receive"
            // method. We need to know if the signature was verified
            // and whether it came from an authorized sender.
            MethodInfo methodInfo     = new MethodInfo();
            bool       validSignature = true;
            String     sender         = "sender";
            String     reply          = proxy.receive(validSignature, methodInfo, sender);

            FolaighKeyStore keyStore          = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
            RSACipher       encryptorVerifier = new RSACipher(
                keyStore,
                "stateKey",
                false);
            RSACipher signerDecryptor = new RSACipher(
                keyStore,
                "countyKey",
                true);

            SecureTransport transport = new SecureTransport(proxy, encryptorVerifier,
                                                            signerDecryptor);

            testProxy.m_validSignature = false;
            testProxy.m_message        = null;
            sender = "stateKey";
            String result = transport.receive(encryptedMessage, signature,
                                              encryptedAesKey, encryptedIV, sender);

            Assert.IsTrue(testProxy.m_validSignature);
            Assert.IsNotNull(testProxy.m_methodInfo);
            Assert.AreEqual(expectedMethodInfo.MethodName, testProxy.m_methodInfo.MethodName);
            Assert.AreEqual(sender, testProxy.m_senderAlias);
        }