static public void CreateGroup(APIServer server, CertificateGenerator generator)
{
// Generate group Certificate
var groupKeys = generator.GenerateCertificate("C=DE,O=Organiztion", TimeSpan.FromDays(1), "cert.pfx", "Test.123");
Console.WriteLine("Group certificate was generated");
BlindSigner blindSigner = new BlindSigner(groupKeys);
GroupCreator groupCreator = new GroupCreator(server, blindSigner);
Console.WriteLine("Create group");
Console.WriteLine("Enter group name:");
string groupName = Console.ReadLine();
//string groupName = "Loazarii";
Group group = new Group();
group.Name = groupName;
Console.WriteLine("Enter owner email:");
string ownerEmail = Console.ReadLine();
//string ownerEmail = "*****@*****.**";
group.OwnerEmail = ownerEmail;
group.RsaPublicKey = (RsaKeyParameters)groupKeys.Public;
groupCreator.RegisterGroup(group);
Console.WriteLine("");
//Write keys to file
File.WriteAllText(group.Name + "PublicKey.txt", RsaKeyUtils.GetSerializedPublicKey((RsaKeyParameters)groupKeys.Public));
File.WriteAllText(group.Name + "PrivateKey.txt", RsaKeyUtils.GetSerializedPrivateKey((RsaKeyParameters)groupKeys.Private));
Console.WriteLine("You're group " + group.Name + " was registered!");
}
static public void SaveBlindParticipant(APIServer server, GroupRepository groupRepository)
{
Console.WriteLine("Enter the group for which you want to register participants:");
var groupName = Console.ReadLine();
Console.WriteLine("Enter participant email address that you want to be saved as blind participant:");
var participantEmail = Console.ReadLine();
var group = server.GetGroupByName(groupName);
var factor = File.ReadAllText("BlindFactor.txt");
BigInteger blindFactor = new BigInteger(factor);
var fileToRead = (participantEmail.Substring(0, participantEmail.IndexOf("@")) + "PublicKey.txt").ToString();
RsaKeyParameters participantPublicKey = (RsaKeyParameters)RsaKeyUtils.GetDeserializedKPublicKey(File.ReadAllText(fileToRead));
GroupRegistration groupRegistration = new GroupRegistration(group, new ContentBlinder(group.RsaPublicKey, blindFactor), participantPublicKey);
ClientParticipant clientParticipant = new ClientParticipant(server, groupRepository);
VerifiedParticipant verifiedParticipant = clientParticipant.CheckVerifiedEntity(group, participantEmail, groupRegistration);
clientParticipant.AddClientCertificate(verifiedParticipant, group, participantEmail);
Console.WriteLine("Enter nickname:");
var nickname = Console.ReadLine();
clientParticipant.AddBlindParticipant(group.Id, verifiedParticipant, nickname);
Console.WriteLine();
Console.WriteLine("Participant was saved as a blind participant to the group");
}
static public AsymmetricCipherKeyPair ImportCertificate(string pubKeyFile, string privKeyFile)
{
var pubKey = (AsymmetricKeyParameter)RsaKeyUtils.GetDeserializedKPublicKey(File.ReadAllText(pubKeyFile));
var privKey = (AsymmetricKeyParameter)RsaKeyUtils.GetDeserializedPrivateKey(File.ReadAllText(privKeyFile));
AsymmetricCipherKeyPair keys = new AsymmetricCipherKeyPair(pubKey, privKey);
return(keys);
}
public void TestReadPrivateKeyFile_ShouldSupportPkcs8Der2048bits()
{
// GIVEN
const string keyPath = "./_Resources/Keys/Pkcs8/test_key_pkcs8-2048.der";
// WHEN
var rsa = RsaKeyUtils.ReadPrivateKeyFile(keyPath);
// THEN
Assert.AreNotEqual("RSACryptoServiceProvider", rsa.GetType().Name);
Assert.AreEqual(2048, rsa.KeySize);
}
public void TestReadPrivateKeyFile_ShouldSupportPkcs8Pem512bits()
{
// GIVEN
const string keyPath = "./_Resources/Keys/Pkcs8/test_key_pkcs8-512.pem";
// WHEN
var rsa = RsaKeyUtils.ReadPrivateKeyFile(keyPath);
// THEN
Assert.AreNotEqual("RSACryptoServiceProvider", rsa.GetType().Name); // We expect a RSACng (Windows) or a RSAOpenSsl (Linux, macOS)
Assert.AreEqual(512, rsa.KeySize);
}
public void TestGetEncoded_ShouldSupportPublicKey4096bits()
{
// GIVEN
const string certificatePath = "./_Resources/Certificates/test_certificate-4096.pem";
var certificate = EncryptionUtils.LoadEncryptionCertificate(certificatePath);
// WHEN
var encodedBytes = RsaKeyUtils.GetEncoded(certificate.PublicKey);
// THEN
const string javaGetEncodedValue = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAygN/8OUwDKbTIt5zguBP4sBF1GCWpKsV6Nt2llfMNqugd/9xM2BI4WyINNSzQDA69Qp+ce2mAkqxO72l7BhBdGitHDRrU4QAun/ls+ECrWZ5ug9iFZD2dsrLxj08gLRlybwFCUjuLLK5QUjB4HfbgAxkgYfVBgluIgA6G7Lcr9rQr57F53IZ5hM9ppcbNeb9HlW5wHV+tHW/1l9ZcOS5TJPP5ptV3aHneMpVKB8TJIMjSiWZt+6bs1VoCB2jaxaVNC2jkgzInezsqGur+G7Zq5oofcRDKyDt8imXf71i3BcM7d7fOur/r5gB0k6Kc+UGSzQK2oVP54T/0X52+2eKV8NqGF3Lpu5Poy5Nq0rID3L1Db81P7qUrrISuMkLP+uPPbFk4A6ZuczNAbxXARjSwOFhshUHEVKIW7FWeWWCCY5Ti21eWG9Recl5ahA7aHLogTFqyhAqV5h4l7D/icoxr2TAOkllFGLCRZ3ad43ET7gXPttiqu3SPstUFbuqDbmt3Yp4ZuoDA3+KEeSXYPaIn+J9Drm4B6gMTrTh/i0eRdKc9VFYmIgVJGRH4X6KCAO3erhzAUuFRKELJl1g6i0xZnPLICSktG+dBWkiFSqkLIsxPc9K4o9ZEOmhALih8gLEitXIcze7TT4ohhJsuA9T4GVMBRaQiAHo9fK2PF7h+WcCAwEAAQ==";
Assert.AreEqual(javaGetEncodedValue, Convert.ToBase64String(encodedBytes));
}
public void TestGetEncoded_ShouldSupportPublicKey2048bits()
{
// GIVEN
const string certificatePath = "./_Resources/Certificates/test_certificate-2048.pem";
var certificate = EncryptionUtils.LoadEncryptionCertificate(certificatePath);
// WHEN
var encodedBytes = RsaKeyUtils.GetEncoded(certificate.PublicKey);
// THEN
const string javaGetEncodedKeyValue = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Mp6gEFp9E+/1SS5XrUyYKMbE7eU0dyJCfmJPz8YOkOYV7ohqwXQvjlaP/YazZ6bbmYfa2WCraOpW0o2BYijHgQ7z2a2Az87rKdAtCpZSKFW82Ijnsw++lx7EABI3tFF282ZV7LT13n9m4th5Kldukk9euy+TuJqCvPu4xzE/NE+l4LFMr8rfD47EPQkrun5w/TXwkmJrdnG9ejl3BLQO06Ns6Bs516geiYZ7RYxtI8Xnu0ZC0fpqDqjCPZBTORkiFeLocEPRbTgo1H+0xQFNdsMH1/0F1BI+hvdxlbc3+kHZFZFoeBMkR3jC8jDXOXNCMNWb13Tin6HqPReO0KW8wIDAQAB";
Assert.AreEqual(javaGetEncodedKeyValue, Convert.ToBase64String(encodedBytes));
}
public void TestGetEncoded_ShouldSupportPublicKey1024bits()
{
// GIVEN
const string certificatePath = "./_Resources/Certificates/test_certificate-1024.pem";
var certificate = EncryptionUtils.LoadEncryptionCertificate(certificatePath);
// WHEN
var encodedBytes = RsaKeyUtils.GetEncoded(certificate.PublicKey);
// THEN
const string javaGetEncodedKeyValue = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDih8akxCCa30Pv5epkBWt4KzpGaXqeyB/ydbj3Hq7ylvHnJwrb9cJ4MbsKzox2JUbtYg/AVXCaQTDlsXfql6+O51ptKLWWilyzAZb5/okpOx2DlzHe4c/crrDfMnF0UA2sFbmzqSUVpNY7NjE7tquRhYueJTT2RpAGGANMReMhjwIDAQAB";
Assert.AreEqual(javaGetEncodedKeyValue, Convert.ToBase64String(encodedBytes));
}
public void TestGetEncoded_ShouldSupportPublicKey512bits()
{
// GIVEN
const string certificatePath = "./_Resources/Certificates/test_certificate-512.pem";
var certificate = EncryptionUtils.LoadEncryptionCertificate(certificatePath);
// WHEN
var encodedBytes = RsaKeyUtils.GetEncoded(certificate.PublicKey);
// THEN
const string javaGetEncodedKeyValue = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANgkcDW0LBw2whiJld9zMq2fs56NdZcPxaM4kbN5NJKcWMv/120mOUrRlqsxdN0slsqvnyxG+D+weHdEQVFcUn8CAwEAAQ==";
Assert.AreEqual(javaGetEncodedKeyValue, Convert.ToBase64String(encodedBytes));
}
public void AddMessage(Guid groupId, ParticipantMessage message, VerifiedParticipant participant)
{
var groupDetails = groupRepository.GetGroup(groupId);
var groupPubKey = File.ReadAllText(groupDetails.Name + "PublicKey.txt");
var rsaPubKey = RsaKeyUtils.GetDeserializedKPublicKey(groupPubKey);
SignedEntity signedEntity = new SignedEntity(FromBase64String(participant.PublicKey), FromBase64String(participant.Signature));
bool isVerified = signatureVerifier.Verify(signedEntity, rsaPubKey);
if (isVerified)
{
groupRepository.SaveMessage(participant, message);
}
}
public VerifiedParticipant CheckVerifiedEntity(Group group, string email, GroupRegistration groupRegistration)
{
var signedMessage = server.GetSignedMessage(group.Id, email);
if (signedMessage == null)
{
return(null);
}
VerifiedParticipant verifiedParticipant = new VerifiedParticipant();
verifiedParticipant.PublicKey = RsaKeyUtils.GetSerializedPublicKey(groupRegistration.PublicKey);
verifiedParticipant.Signature = GetSignature(groupRegistration, signedMessage);
return(verifiedParticipant);
}
protected internal void ComputeEncryptionKeyFingerprintWhenNeeded()
{
try
{
if (_encryptionCertificate == null || !string.IsNullOrEmpty(_encryptionKeyFingerprint))
{
// No encryption certificate set or certificate fingerprint already provided
return;
}
var encodedKey = RsaKeyUtils.GetEncoded(_encryptionCertificate.PublicKey);
var keyFingerprintBytes = Sha256Digest(encodedKey);
_encryptionKeyFingerprint = EncodingUtils.HexEncode(keyFingerprintBytes);
}
catch (Exception e)
{
throw new EncryptionException("Failed to compute encryption key fingerprint!", e);
}
}
private string GetBlindedPublickey(IContentBlinder contentBlinder, RsaKeyParameters participantPublicKey)
{
byte[] message = Convert.FromBase64String(RsaKeyUtils.GetSerializedPublicKey(participantPublicKey));
byte[] blindedMessage = contentBlinder.GetBlindedContent(message);
return(Convert.ToBase64String(blindedMessage));
}
static void Main(string[] args)
{
//Asta va fi inlocuit cu un API call
SignatureVerifier signatureVerifier = new SignatureVerifier();
RNGRandomGenerator rngGenerator = new RNGRandomGenerator();
EmailSender emailSender = new EmailSender();
BlindChatDbContext context = new BlindChatDbContext();
GroupRepository groupRepository = new GroupRepository(context);
APIServer server = new APIServer(groupRepository, emailSender, rngGenerator, signatureVerifier);
//Set participants
List <Participant> unconfirmedParticipants = server.GetParticipantsToConfirm("Loazarii");
foreach (var participant in unconfirmedParticipants)
{
int invitationCode = participant.InvitationCode;
Guid groupId = (Guid)participant.GroupId;
string email = participant.Email;
Group group = server.GetGroup(participant.InvitationCode);
ClientParticipant clientParticipant = new ClientParticipant(server, groupRepository);
var groupPublicKey = clientParticipant.GetGroupDetails(invitationCode);
//Generate certificate
CertificateGenerator generator = new CertificateGenerator();
var participantKeys = generator.GenerateCertificate("C=RO,O=Qubiz", TimeSpan.FromDays(1), "certParticipant.pfx", "Test.123");
//Serialize
var privateSerializedKey = RsaKeyUtils.GetSerializedPrivateKey(participantKeys.Private);
var publicSerializedKey = RsaKeyUtils.GetSerializedPublicKey(participantKeys.Public);
//Concatenante serialized key
var content = RsaKeyUtils.Combine(publicSerializedKey, privateSerializedKey);
//Generate blind content
ContentBlinder contentBlinder = new ContentBlinder((RsaKeyParameters)groupPublicKey, "Loazarii");
var blindedContent = contentBlinder.GetBlindedContent(content);
var groupRegistration = clientParticipant.GetGroupRegistration(invitationCode, (RsaKeyParameters)participantKeys.Public);
//Save blindedCertificate
clientParticipant.RegisterBlindCertificate(invitationCode, groupRegistration);
//Send for sign DONE
//Get blindSignature
var blindMessage = server.GetSignedMessage(groupId, email);
var signature = Convert.FromBase64CharArray(blindMessage.Signature.ToCharArray(), 0, blindMessage.Signature.Length);
//Unblind signature
var unblindedSignature = contentBlinder.GetUnblindedSignature(signature);
//Verify
var verifiedParticipant = clientParticipant.CheckVerifiedEntity(group, participant.Email, groupRegistration);
clientParticipant.AddClientCertificate(verifiedParticipant, group, email);
ParticipantMessage message = new ParticipantMessage();
message.Message = "Andreiu, ce nevoie faci?";
clientParticipant.AddMessage(groupId, message, verifiedParticipant);
}
Console.ReadKey();
}
static public void RegisterParticipant(APIServer server, GroupRepository groupRepository, CertificateGenerator generator)
{
Console.WriteLine("Enter the group for which you want to register participants:");
string groupName = Console.ReadLine();
string pubKeyFile = groupName + "PublicKey.txt";
string privKeyFile = groupName + "PrivateKey.txt";
if (pubKeyFile != null && privKeyFile != null)
{
var groupCreator = GetGroupCreator(server, pubKeyFile, privKeyFile);
Console.WriteLine();
Console.WriteLine("Enter participant email to be confirmed:");
var participantEmail = Console.ReadLine();
var participant = groupCreator.GetParticipantToConfirm(groupName, participantEmail);
int invitationCode = participant.InvitationCode;
Guid groupId = (Guid)participant.GroupId;
string email = participant.Email;
Group user_group = groupCreator.GetGroup(participant.InvitationCode);
ClientParticipant clientParticipant = new ClientParticipant(server, groupRepository);
var groupPublicKey = clientParticipant.GetGroupDetails(invitationCode);
//Generate certificate
var participantKeys = generator.GenerateCertificate("C=RO,O=Qubiz", TimeSpan.FromDays(1), "certParticipant.pfx", "Test.123");
Console.WriteLine("Client certificate was generated");
//Write keys to file
File.WriteAllText(participantEmail.Substring(0, participantEmail.IndexOf("@")) + "PublicKey.txt", RsaKeyUtils.GetSerializedPublicKey((RsaKeyParameters)participantKeys.Public));
File.WriteAllText(participantEmail.Substring(0, participantEmail.IndexOf("@")) + "PrivateKey.txt", RsaKeyUtils.GetSerializedPrivateKey((RsaKeyParameters)participantKeys.Private));
Console.WriteLine("Participant keys were saved to file");
//Create GroupRegistration
var groupRegistration = clientParticipant.GetGroupRegistration(invitationCode, (RsaKeyParameters)participantKeys.Public);
Console.WriteLine("Blind factor was saved");
//Save blindedCertificate
clientParticipant.RegisterBlindCertificate(invitationCode, groupRegistration);
Console.WriteLine("Blind certificate was saved");
}
else
{
Console.WriteLine("Group creator Keys were not saved to file, please go to step 1");
}
}
