/// <summary>
/// Validate the hmac from a received message
/// </summary>
/// <param name="receivedHmac"></param>
/// <param name="decryptedSaleToPoiMessageByteArray"></param>
/// <param name="encryptionDerivedKey"></param>
private void ValidateHmac(byte[] receivedHmac, byte[] decryptedSaleToPoiMessageByteArray, EncryptionDerivedKey encryptionDerivedKey)
{
var hmacSha256Wrapper = new HmacSha256Wrapper();
byte[] hmac = hmacSha256Wrapper.HMac(decryptedSaleToPoiMessageByteArray, encryptionDerivedKey.HmacKey);
bool isValid = true;
if (receivedHmac.Length == hmac.Length)
{
for (int i = 0; i < hmac.Length; i++)
{
if (receivedHmac[i] != hmac[i])
{
isValid = false;
}
}
}
else
{
isValid = false;
}
if (!isValid)
{
throw new NexoCryptoException("Hmac validation failed");
}
}
public SaleToPoiMessageSecured Encrypt(string saleToPoiMessage, MessageHeader messageHeader,
EncryptionCredentialDetails encryptionCredentialDetails)
{
var encryptionDerivedKey = _encryptionDerivedKeyGenerator.Generate(encryptionCredentialDetails);
var saleToPoiMessageJson = saleToPoiMessage;
var saleToPoiMessageByteArray = Encoding.UTF8.GetBytes(saleToPoiMessageJson);
var ivMod = _ivModGenerator.GenerateRandomMod();
var saleToPoiMessageAesEncrypted = _aesEncryptor.Encrypt(saleToPoiMessageByteArray,
encryptionDerivedKey,
ivMod);
var saleToPoiMessageAesEncryptedHmac = _hmacSha256Wrapper.HMac(saleToPoiMessageByteArray,
encryptionDerivedKey.HmacKey);
var saleToPoiMessageSecured = new SaleToPoiRequestSecured
{
MessageHeader = messageHeader,
NexoBlob = Convert.ToBase64String(saleToPoiMessageAesEncrypted),
SecurityTrailer = new SecurityTrailer
{
KeyVersion = encryptionCredentialDetails.KeyVersion,
KeyIdentifier = encryptionCredentialDetails.KeyIdentifier,
Hmac = saleToPoiMessageAesEncryptedHmac,
Nonce = ivMod,
AdyenCryptoVersion = encryptionCredentialDetails.AdyenCryptoVersion
}
};
return(saleToPoiMessageSecured);
}
