private void VerifyResponse(HttpResponseMessage responseMessage, string content)
{
var serverSignatureHeader = responseMessage.Headers.FirstOrDefault(h => h.Key == ServerSignatureHeaderName).Value.FirstOrDefault();
if (serverSignatureHeader == null)
{
throw new BunqApiException("Server sent an invalid response. No signature header found.");
}
var builder = new StringBuilder();
builder.AppendFormat("{0}\n", (int)responseMessage.StatusCode);
foreach (var header in responseMessage.Headers.Where(h => h.Key.StartsWith("X-Bunq-") && h.Key != ServerSignatureHeaderName).OrderBy(h => h.Key))
{
builder.AppendFormat("{0}: {1}\n", header.Key, header.Value.First());
}
builder.Append("\n");
builder.Append(content);
var builderBytes = Encoding.UTF8.GetBytes(builder.ToString());
var serverSignature = Convert.FromBase64String(serverSignatureHeader);
if (!ServerPublicKey.VerifyData(builderBytes, serverSignature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1))
{
throw new BunqApiException("Server sent an invalid response. Signature invalid.");
}
}
public override void OnHandleMessage(Sfs2X.Entities.Data.ISFSObject data)
{
ServerPublicKey pubKey = new ServerPublicKey();
pubKey.FromSFSObject(data);
EncryptionProvider.GetInstance().SetServerPublicKeyParameters(pubKey.parameters);
}
public override void OnHandleMessage(Sfs2X.Entities.Data.ISFSObject data)
{
ServerPublicKey pubKey = new ServerPublicKey();
pubKey.FromSFSObject(data);
EncryptionProvider.GetInstance().SetServerPublicKeyParameters(pubKey.parameters);
}
private RegistrationResponse RegisterInputs(RegistrationRequest request)
{
pk = ComputeServerPublicKey(sk);
var Mas = request.CredentialRequests.Mas;
// Checks the proofs (amounts and range)
if (request.DeltaValue == Scalar.Zero)
{
// Proof of NULL
Assert.True(VerifyProofOfExponent(Mas, Generators.Gh, request.CredentialRequests.RangeProof));
}
else
{
if (request.Credentials.Length > 0)
{
var(c0, (c1, (c2, (c3, _)))) = request.Credentials;
var B = (request.DeltaValue * Generators.Gg) +
(c0.Credential.Ca + c1.Credential.Ca + c2.Credential.Ca + c3.Credential.Ca) +
Sum(Mas).Negate();
Assert.True(VerifyProofOfSum(B, request.BalanceProof));
}
}
// We must generate the proof of knowledge of the secret key here
var(cr0, (cr1, (cr2, (cr3, _)))) = Mas;
var credential0 = ComputeMAC(sk, cr0);
var credential1 = ComputeMAC(sk, cr1);
var credential2 = ComputeMAC(sk, cr2);
var credential3 = ComputeMAC(sk, cr3);
var pi_params0 = ProofOfParams(sk, cr0, credential0.U, credential0.t);
var pi_params1 = ProofOfParams(sk, cr1, credential1.U, credential1.t);
var pi_params2 = ProofOfParams(sk, cr2, credential2.U, credential2.t);
var pi_params3 = ProofOfParams(sk, cr3, credential3.U, credential3.t);
// This is what the coordinator responds to the client.
return(new RegistrationResponse {
iParams = pk,
Credentials = new[] {
new Credential(credential0, pi_params0),
new Credential(credential1, pi_params1),
new Credential(credential2, pi_params2),
new Credential(credential3, pi_params3)
}
});
}
internal void SetServerPublicKey(ServerPublicKey serverPublicKey)
{
ServerPublicKey = RSAExtensions.FromPublicKeyPemString(serverPublicKey.Value);
}
public void SetServerPublicKey(ServerPublicKey serverPublicKey)
{
_serverPublicKey = RSAExtensions.FromPemString(serverPublicKey.Value);
}
public Installation(BunqEntity[] entities)
{
Id = entities.OfType <Id>().First();
Token = entities.OfType <Token>().First();
ServerPublicKey = entities.OfType <ServerPublicKey>().First();
}
