|
public ImportParameters ( |
||
| parameters | ||
| return | void | |
public static D2LSecurityToken CreateTokenWithTimeRemaining(
TimeSpan remaining,
Guid? id = null
) {
id = id ?? Guid.NewGuid();
var validTo = DateTime.UtcNow + remaining;
var validFrom = validTo - TimeSpan.FromHours( 1 );
RSAParameters privateKey;
using( var csp = new RSACryptoServiceProvider( Keys.Constants.GENERATED_RSA_KEY_SIZE ) {
PersistKeyInCsp = false
} ) {
privateKey = csp.ExportParameters( includePrivateParameters: true );
}
return new D2LSecurityToken(
id.Value,
validFrom,
validTo,
keyFactory: () => {
var csp = new RSACryptoServiceProvider() { PersistKeyInCsp = false };
csp.ImportParameters( privateKey );
var key = new RsaSecurityKey( csp );
return new Tuple<AsymmetricSecurityKey, IDisposable>( key, csp );
}
);
}
public static void EncryptionKeyRequest(MinecraftClient client, IPacket _packet)
{
var packet = (EncryptionKeyRequestPacket)_packet;
var random = RandomNumberGenerator.Create();
client.SharedSecret = new byte[16];
random.GetBytes(client.SharedSecret); // Generate a secure AES key
if (packet.ServerId != "-") // Online mode
{
// Authenticate with minecraft.net
var data = Encoding.ASCII.GetBytes(packet.ServerId)
.Concat(client.SharedSecret)
.Concat(packet.PublicKey).ToArray();
var hash = Cryptography.JavaHexDigest(data);
var webClient = new WebClient();
string result = webClient.DownloadString("http://session.minecraft.net/game/joinserver.jsp?user="******"&sessionId=" + Uri.EscapeUriString(client.Session.SessionId) +
"&serverId=" + Uri.EscapeUriString(hash));
if (result != "OK")
LogProvider.Log("Unable to verify session: " + result);
}
var parser = new AsnKeyParser(packet.PublicKey);
var key = parser.ParseRSAPublicKey();
// Encrypt shared secret and verification token
var crypto = new RSACryptoServiceProvider();
crypto.ImportParameters(key);
var encryptedSharedSecret = crypto.Encrypt(client.SharedSecret, false);
var encryptedVerification = crypto.Encrypt(packet.VerificationToken, false);
var response = new EncryptionKeyResponsePacket(encryptedSharedSecret, encryptedVerification);
client.SendPacket(response);
}
static async Task MainAsync(string[] args)
{
var keyClient = new KeyVaultClient((authority, resource, scope) =>
{
var adCredential = new ClientCredential(applicationId, applicationSecret);
var authenticationContext = new AuthenticationContext(authority, null);
return authenticationContext.AcquireToken(resource, adCredential).AccessToken;
});
// Get the key details
var keyIdentifier = "https://testvaultrahul.vault.azure.net/keys/rahulkey/0f653b06c1d94159bc7090596bbf7784";
var key = await keyClient.GetKeyAsync(keyIdentifier);
var publicKey = Convert.ToBase64String(key.Key.N);
using (var rsa = new RSACryptoServiceProvider())
{
var p = new RSAParameters() { Modulus = key.Key.N, Exponent = key.Key.E };
rsa.ImportParameters(p);
var byteData = Encoding.Unicode.GetBytes(textToEncrypt);
// Encrypt and Decrypt
var encryptedText = rsa.Encrypt(byteData, true);
var decryptedData = await keyClient.DecryptDataAsync(keyIdentifier, "RSA_OAEP", encryptedText);
var decryptedText = Encoding.Unicode.GetString(decryptedData.Result);
// Sign and Verify
var hasher = new SHA256CryptoServiceProvider();
var digest = hasher.ComputeHash(byteData);
var signature = await keyClient.SignAsync(keyIdentifier, "RS256", digest);
var isVerified = rsa.VerifyHash(digest, "Sha256", signature.Result);
}
}
public static RSAViewModel rsa2(RSAViewModel model)
{
try
{
int keySize = 1024;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(keySize);
RSAParameters publickey = rsa.ExportParameters(false); // don't export private key
RSAParameters privatekey = rsa.ExportParameters(true); // export private key
//\b 123\b0
model.PublicKey = "e=" + ByteToString(publickey.Exponent) + Environment.NewLine + "n=" + ByteToString(publickey.Modulus);
model.PrivateKey = "d=" + ByteToString(privatekey.D) + Environment.NewLine + "n=" + ByteToString(publickey.Modulus);
rsa.ImportParameters(publickey);
byte[] encryptedData = rsa.Encrypt(StringToByte(model.PlainText), true);
model.CipherText=ByteToString(encryptedData);
rsa.ImportParameters(privatekey);
byte[] decryptedData = rsa.Decrypt(encryptedData, true);
model.DecryptedText = ByteToAscii(decryptedData);
}
catch (CryptographicException ex)
{
}
return model;
}
private readonly static RSAParameters PrivateParams = Rsa.ExportParameters(true); //Complete key pairs.
/// <summary>
/// Encrypt an input string
/// </summary>
/// <param name="input">the input string to be encrpty</param>
/// <param name="signature">the private key signature</param>
/// <returns>A Base 64 encrypted string or empty if can't encrpyt</returns>
public static string Encrpyt(string input, out byte[] signature)
{
signature = null;
try
{
if (string.IsNullOrEmpty(input)) return string.Empty;
var provider = new RSACryptoServiceProvider(new CspParameters { Flags = CspProviderFlags.UseMachineKeyStore });
provider.ImportParameters(PublicParams);
var buffer = Encoding.ASCII.GetBytes(input);
var encryptedbuffer = provider.Encrypt(buffer, false);
var hash = new SHA1Managed();
provider.ImportParameters(PrivateParams);
var hashedData = hash.ComputeHash(encryptedbuffer);
signature = provider.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"));
var stringBuilder = new StringBuilder();
stringBuilder.Append(Convert.ToBase64String(encryptedbuffer));
return stringBuilder.ToString();
}
catch
{
return string.Empty;
}
}
public static string DecryptPublicRSA(string input, string key, bool KeyIsPublic)
{
SysCrypt.RSACryptoServiceProvider rsa = new SysCrypt.RSACryptoServiceProvider();
if (!KeyIsPublic)
{
rsa.ImportParameters(GetPrivateKeyParams(key));
SysCrypt.RSAParameters p = rsa.ExportParameters(false);
rsa.ImportParameters(p);
}
else
rsa.ImportParameters(GetPublicKeyParams(key));
return DoDecrypt(input, rsa);
}
/// <summary>
/// Проверяет, действительна ли лицензия.
/// Это включает проверку подписи на ней,
/// а также сроков ее действия.
/// </summary>
/// <param name="license">Лицензия</param>
/// <returns>true если лицензия действительна. Иначе false.</returns>
public bool IsValid(LicenseInfo license)
{
if (license == null)
throw new ArgumentNullException("license cannot be null");
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(_publicKey);
if (!rsa.VerifyData(
GetBytesToSign(license),
"SHA1",
license.Signature
)
)
return false;
if (!(license.IssueDate <= DateTime.Now &&
DateTime.Now <= license.IssueDate + license.Duration)
)
return false;
}
catch
{
return false;
}
return true;
}
public void GetProviderFromDerEncodedRsaPrivateKey()
{
string keyValid;
string keyDER = null;
RSAParameters parameters = new RSAParameters();
parameters.D = Convert.FromBase64String(@"pRgiRK2tfvFdYcGbiqyJ+rgi/HTAPEnR/dtr87I5ctDwOzBG0qOaB3oiUW7qEU0G0iy4hNc1zaHsjhSZYgKZEHP+Xgs7RJZYOTPI9sqbymrDJDLur7h2pMvsqLhcJjEn6qz+hnLMT046D9uSMg9Tpr0Z6FUiOoAwnUZcSK50gj0=");
parameters.DP = Convert.FromBase64String(@"w49jS+lsTPP5l8QLmMWeyKQ1PzWpRWsV0DJPHRZFHdjNtQkW1zMn5yJsGJ0a9yqXROv6n3BY18iuqY0S/c2PYw==");
parameters.DQ = Convert.FromBase64String(@"tzis4VqnqbIsZ/CkcBE6Nz3/Rk9nnU5Bw6JyZMs2DVY3JJtOVdmqzZmQ4KquonW5IH6ti3W3844ao+sHm3o3xQ==");
parameters.Exponent = Convert.FromBase64String(@"AQAB");
parameters.InverseQ = Convert.FromBase64String(@"/ihX2MBotgMyCIhbyR8l/7G877/nF5BFIC8RGUJqh0SFovYRHVEleLTK7Pi7eA7+OokKEwshZlfwPuE7xiIKyw==");
parameters.Modulus = Convert.FromBase64String(@"9ws/iSH6l00F/3HUhoJQyY2Y1iorw0roP9BcZRxEmtEfRzPmLnWwrQpusWJUfK71LQu/OLPD9qtnfQdVIGBMns7gfFJBGq+Dsef7CVRb0HIZv3kqUAh8AI46KIx3xRKsdVY4mh7QZcSdAyHHUi0839yNVbObhXDUNETgT5CzKFU=");
parameters.P = Convert.FromBase64String(@"/u0mEbvml8X8DrbKBiB0QGX9+G2ALRN+SwasDi7jW65SeBf49ENPxH8iC5XXB/yxQpBV2RojferhdE4Nh1+btw==");
parameters.Q = Convert.FromBase64String(@"+BWZ2QG6x2gL5qOqfZd6wtP/eQRLVz9OC2IUfw0ZojHuWXt45ybw/F+o+bQmyQcTFYES6hFYTUtWjMgn5IG0Uw==");
using (RSACryptoServiceProvider providerValid = new RSACryptoServiceProvider())
{
providerValid.ImportParameters(parameters);
keyValid = providerValid.ToXmlString(true);
}
byte[] fileBytes = File.ReadAllBytes(@"..\..\..\..\Resources\Tests\private.der");
using (RSACryptoServiceProvider providerDER = RSACryptoHelper.GetProviderFromDerEncodedRsaPrivateKey(fileBytes))
{
if (providerDER != null)
keyDER = providerDER.ToXmlString(true);
}
Assert.AreEqual(keyValid, keyDER);
}
/// <summary>
/// 加密成base64字符串
/// </summary>
/// <param name="publicKey"></param>
/// <param name="content"></param>
/// <param name="size"></param>
/// <returns></returns>
public static string Encrypt2Base64(RSAParameters publicKey, string content, int size = 1024)
{
var rsa = new RSACryptoServiceProvider(size);
rsa.ImportParameters(publicKey);
var cipherbytes = rsa.Encrypt(content.ToUtf8Bytes(), false);
return cipherbytes.Bytes2Base64();
}
/// <summary>
/// 证书方式签名(多证书时使用),指定证书路径。
/// </summary>
/// <param name="reqData">请求的数据源</param>
/// <param name="certRawData">证书数据</param>
/// <param name="certPwd">证书密码</param>
/// <param name="encoding">编码方式</param>
public static void SignByCertInfo(Dictionary <string, string> reqData, byte[] certRawData, string certPwd, Encoding encoding)
{
var cert = new X509Certificate2(certRawData, certPwd, X509KeyStorageFlags.Exportable);
reqData["certId"] = new System.Numerics.BigInteger(cert.GetSerialNumber()).ToString();
//将Dictionary信息转换成key1=value1&key2=value2的形式
string stringData = SDKUtil.CreateLinkString(reqData, true, false, encoding);
byte[] signDigest = System.Security.Cryptography.SHA256.Create().ComputeHash(encoding.GetBytes(stringData));
string stringSignDigest = SDKUtil.ByteArray2HexString(signDigest);
//bug 修复,类型对不上, 直接继承公共的基类,避免类型错误。
var rsa = cert.PrivateKey as System.Security.Cryptography.RSA;
// Create a new RSACryptoServiceProvider
var rsaClear = new System.Security.Cryptography.RSACryptoServiceProvider();
// Export RSA parameters from 'rsa' and import them into 'rsaClear'
rsaClear.ImportParameters(rsa.ExportParameters(true));
byte[] byteSign = rsaClear.SignData(encoding.GetBytes(stringSignDigest), System.Security.Cryptography.SHA256.Create());
string stringSign = Convert.ToBase64String(byteSign);
//设置签名域值
reqData["signature"] = stringSign;
}
public static string SignData(byte[] message, RSAParameters privateKey)
{
//// The array to store the signed message in bytes
byte[] signedBytes;
using (var rsa = new RSACryptoServiceProvider())
{
byte[] originalData = message;
try
{
//// Import the private key used for signing the message
rsa.ImportParameters(privateKey);
//// Sign the data, using SHA512 as the hashing algorithm
signedBytes = rsa.SignData(originalData, CryptoConfig.MapNameToOID("SHA512"));
}
catch (CryptographicException e)
{
Console.WriteLine(e.Message);
return null;
}
finally
{
//// Set the keycontainer to be cleared when rsa is garbage collected.
rsa.PersistKeyInCsp = false;
}
}
//// Convert the a base64 string before returning
return Convert.ToBase64String(signedBytes);
}
/// <summary>
/// for clients; pass null as privateKey
/// </summary>
internal void SetRSAKey(byte[] publicKey, byte[] privateKey)
{
m_rsa = new RSACryptoServiceProvider();
RSAParameters prm = new RSAParameters();
prm.Exponent = Extract(publicKey, 0, 3);
prm.Modulus = Extract(publicKey, 3, 128);
if (privateKey != null)
{
int ptr = 0;
prm.D = Extract(privateKey, ptr, 128); ptr += 128;
prm.DP = Extract(privateKey, ptr, 64); ptr += 64;
prm.DQ = Extract(privateKey, ptr, 64); ptr += 64;
prm.InverseQ = Extract(privateKey, ptr, 64); ptr += 64;
prm.P = Extract(privateKey, ptr, 64); ptr += 64;
prm.Q = Extract(privateKey, ptr, 64); ptr += 64;
}
m_rsa.ImportParameters(prm);
// also generate random symmetric key
byte[] newKey = new byte[16];
NetRandom.Default.NextBytes(newKey);
SetSymmetricKey(newKey);
}
public byte[] Decrypt(byte[] DataToDecrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding)
{
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSA.ImportParameters(RSAKeyInfo);
return RSA.Decrypt(DataToDecrypt, DoOAEPPadding);
}
public frmWEB_Test()
{
InitializeComponent();
// classe per la comunicazione col webservice
m_ArchivaASP = new Archiva.ASP.Test.ArchivaASP.ArchivaASP();
m_ArchivaASP.Timeout = 60 * 60 * 1000;
// ottengo la chiave pubblica del server
String sKey = "";
if (m_ArchivaASP.GetKey(ref sKey, ref m_RSA_KeyLength) != 0)
{
grpLogin.Enabled = false;
return;
}
// creo il servizio RSA per il server
m_RSA_Server = new RSACryptoServiceProvider((int)m_RSA_KeyLength);
ArchivaASP_KEY ServerKey = (ArchivaASP_KEY)ArchivaASP_SERIALIZER.DeserializeObject(sKey, typeof(ArchivaASP_KEY));
RSAParameters ServerParameters = new RSAParameters();
ServerParameters.Exponent = ServerKey.Exp;
ServerParameters.Modulus = ServerKey.Mod;
m_RSA_Server.ImportParameters(ServerParameters);
// creo il servizio RSA per il client
m_RSA_Client = new RSACryptoServiceProvider((int)m_RSA_KeyLength);
RSAParameters RSA_Param = m_RSA_Client.ExportParameters(false);
m_UserKey = new ArchivaASP_KEY();
m_UserKey.Mod = RSA_Param.Modulus;
m_UserKey.Exp = RSA_Param.Exponent;
}
public static string Encrypt(string toEncrypt)
{
string retval;
var csp = new RSACryptoServiceProvider();
RSAParameters pubKey;
using (StreamReader sr = new StreamReader("pub.key"))
{
string readdata = sr.ReadLine();
var stringReader = new System.IO.StringReader(readdata);
var xs = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
pubKey = (RSAParameters)xs.Deserialize(sr);
}
csp.ImportParameters(pubKey);
var bytesPlainTextData = Encoding.Unicode.GetBytes(toEncrypt);
var bytesCypherText = csp.Encrypt(bytesPlainTextData, false);
var cypherText = Convert.ToBase64String(bytesCypherText);
return cypherText;
}
private void btnOK_Click(object sender, EventArgs e)
{
try
{
using (MemoryStream mS = new MemoryStream(Encoding.UTF8.GetBytes(txtRSAKey.Text)))
{
_parameters = PEMFormat.ReadRSAPrivateKey(mS);
}
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.ImportParameters(_parameters);
if (rsa.KeySize < 4096)
{
MessageBox.Show("The RSA private key must be at least 4096-bit. The current key is " + rsa.KeySize + "-bit.", "Short RSA Private Key", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
}
this.DialogResult = System.Windows.Forms.DialogResult.OK;
this.Close();
}
catch
{
MessageBox.Show("Error in reading PEM format. Please make sure you have pasted the RSA private key in a proper PEM format.", "Invalid PEM Format", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
public bool verify(byte[] sig)
{
m_cs.Close();
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSA.ImportParameters(m_RSAKeyInfo);
RSAPKCS1SignatureDeformatter RSADeformatter = new RSAPKCS1SignatureDeformatter(RSA);
RSADeformatter.SetHashAlgorithm("SHA1");
long i = 0;
long j = 0;
byte[] tmp;
if (sig[0] == 0 && sig[1] == 0 && sig[2] == 0)
{
long i1 = (sig[i++] << 24) & 0xff000000;
long i2 = (sig[i++] << 16) & 0x00ff0000;
long i3 = (sig[i++] << 8) & 0x0000ff00;
long i4 = (sig[i++]) & 0x000000ff;
j = i1 | i2 | i3 | i4;
i += j;
i1 = (sig[i++] << 24) & 0xff000000;
i2 = (sig[i++] << 16) & 0x00ff0000;
i3 = (sig[i++] << 8) & 0x0000ff00;
i4 = (sig[i++]) & 0x000000ff;
j = i1 | i2 | i3 | i4;
tmp = new byte[j];
Array.Copy(sig, i, tmp, 0, j);
sig = tmp;
}
return RSADeformatter.VerifySignature(m_sha1, sig);
}
static void Main(string[] args)
{
var rsa = new RSACryptoServiceProvider();
_publicKey = rsa.ExportParameters(false);
_privateKey = rsa.ExportParameters(true);
Console.WriteLine("\n********* Public key info *******************");
printInfo(_publicKey);
Console.WriteLine("\n********* Private key info *******************");
printInfo(_privateKey);
var message = "I am a plain text message";
var messageContent = Encoding.UTF8.GetBytes(message.ToCharArray());
Console.WriteLine("**** Plain Message ****");
Console.WriteLine(Encoding.UTF8.GetString(messageContent));
var encrypter = new RSACryptoServiceProvider();
encrypter.ImportParameters(_publicKey);
var encryptedMessage = encrypter.Encrypt(messageContent, true);
Console.WriteLine("**** Encrypted Message ****");
Console.WriteLine(Convert.ToBase64String(encryptedMessage));
var decrypter = new RSACryptoServiceProvider();
decrypter.ImportParameters(_privateKey);
var decryptedMessage = decrypter.Decrypt(encryptedMessage, true);
Console.WriteLine("**** Decrypted Message ****");
Console.WriteLine(Encoding.UTF8.GetString(decryptedMessage));
}
/// <summary>Extracts the <see cref="Key"/> from the given PKCS8 private key.</summary>
public Initializer FromPrivateKey(string privateKey)
{
RSAParameters rsaParameters = ConvertPKCS8ToRSAParameters(privateKey);
Key = new RSACryptoServiceProvider();
Key.ImportParameters(rsaParameters);
return this;
}
/// <summary>
/// 从base64字符串解密
/// </summary>
/// <param name="privateKey"></param>
/// <param name="content"></param>
/// <param name="size"></param>
/// <returns></returns>
public static string DecryptFromBase64(RSAParameters privateKey, string content, int size = 1024)
{
var rsa = new RSACryptoServiceProvider(size);
rsa.ImportParameters(privateKey);
var cipherbytes = rsa.Decrypt(content.Base64ToBytes(), false);
return cipherbytes.FromUtf8Bytes();
}
/// <summary>
/// Decrypt a base 64 string hash
/// </summary>
/// <param name="hash">The encrypted hash</param>
/// <param name="signature">the private key signature</param>
/// <returns>If is valid return decrypt hash, else return empty string</returns>
public static string Decrypt(string hash, byte[] signature)
{
if (!VerifyHash(hash, signature)) return string.Empty;
try
{
var provider = new RSACryptoServiceProvider();
provider.ImportParameters(PrivateParams);
var encryptedbuffer = Convert.FromBase64String(hash);
var decryptedbuffer = provider.Decrypt(encryptedbuffer, false);
var arrayList = new ArrayList();
arrayList.AddRange(decryptedbuffer);
var converted = arrayList.ToArray(typeof(byte)) as byte[];
if (converted != null) return Encoding.ASCII.GetString(converted);
return string.Empty;
}
catch
{
return string.Empty;
}
}
public static bool VerifyData(string originalMessage, string signedMessage, RSAParameters Parameters)
{
bool success = false;
var encoder = new UTF8Encoding();
byte[] bytesToVerify = encoder.GetBytes(originalMessage);
byte[] signedBytes = Convert.FromBase64String(signedMessage);
RSAParameters parameters = Parameters;
using (var rsa = new RSACryptoServiceProvider())
{
try
{
rsa.ImportParameters(parameters);
SHA256Managed Hash = new SHA256Managed();
byte[] hashedData = Hash.ComputeHash(bytesToVerify);
success = rsa.VerifyData(hashedData, CryptoConfig.MapNameToOID("SHA256"), signedBytes);
}
catch (CryptographicException e)
{
Console.WriteLine(e.Message);
}
finally
{
rsa.PersistKeyInCsp = false;
}
}
return success;
}
static OAuthServerHelper()
{
RSAParameters privateRsaParameters;
RSAParameters publicRsaParameters;
using (var rsaKeyGen = new RSACryptoServiceProvider(RsaKeySize))
{
privateRsaParameters = rsaKeyGen.ExportParameters(true);
publicRsaParameters = rsaKeyGen.ExportParameters(false);
}
Tuple<byte[], byte[]> aesKeyAndIV;
using (var aesKeyGen = new AesCryptoServiceProvider())
{
aesKeyAndIV = Tuple.Create(aesKeyGen.Key, aesKeyGen.IV);
}
rsa = new ThreadLocal<RSACryptoServiceProvider>(() =>
{
var result = new RSACryptoServiceProvider();
result.ImportParameters(privateRsaParameters);
return result;
});
aes = new ThreadLocal<AesCryptoServiceProvider>(() =>
{
var result = new AesCryptoServiceProvider();
result.Key = aesKeyAndIV.Item1;
result.IV = aesKeyAndIV.Item2;
return result;
});
rsaExponent = OAuthHelper.BytesToString(publicRsaParameters.Exponent);
rsaModulus = OAuthHelper.BytesToString(publicRsaParameters.Modulus);
}
public static bool VerifyLicense(string licenseTo, string licenseKey) {
AssertKeyIsNotBanned(licenseKey);
const string modulusString =
"tccosXHxEfxzsO1NgsAbGT0X+WuQMUYcj7r2UJCHDqqq3TbR7UoAgzjm3MV1k/eJxRnURypw2wj98eafyajeprk3lK6BnWa5tG8S7p3QU5kkUo7TnmTj8rRkTk9RwArIGGjKfCVZToE06UQudsJmw1UK3mku1qF0/hD909cSiCM=";
const string exponentString = "AQAB";
byte[] data = Encoding.UTF8.GetBytes(licenseTo);
RSAParameters rsaParameters = new RSAParameters {
Modulus = Convert.FromBase64String(modulusString),
Exponent = Convert.FromBase64String(exponentString)
};
#if STANDARD
using( var rsa = System.Security.Cryptography.RSA.Create() )
#else
using (RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider())
#endif
{
byte[] licenseData = Convert.FromBase64String(licenseKey);
rsa.ImportParameters(rsaParameters);
bool verified = false;
#if STANDARD
verified = rsa.VerifyData(data, licenseData, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
#else
verified = rsa.VerifyData(data, CryptoConfig.MapNameToOID("SHA256"), licenseData);
#endif
return verified;
}
}
//static RSACryptoServiceProvider RSA;
//public static void ExportParameters()
//{
// var publicKey = RSA.ExportParameters(false);
// // +Exponent { byte[3]}
// //+Modulus { byte[256]}
//}
public async Task<byte[]> Encrypt(byte[] Exponent, byte[] Modulus)
{
// https://sites.google.com/a/jsc-solutions.net/backlog/knowledge-base/2015/201503/20150323
// encrypted state sharing.
// what about import?
// http://bouncy-castle.1462172.n4.nabble.com/Interoperability-issue-with-SunJCE-OAEP-td4656157.html
// http://www.w3.org/TR/WebCryptoAPI/#rsa-oaep
// RSA/ECB/OAEPWithSHA-1AndMGF1Padding
// X:\jsc.svn\examples\java\hybrid\JVMCLRCryptoKeyExport\JVMCLRCryptoKeyExport\Program.cs
//var n = new RSACryptoServiceProvider(2048);
var n = new RSACryptoServiceProvider();
// can we import in java android?
n.ImportParameters(
new RSAParameters { Exponent = Exponent, Modulus = Modulus }
);
// http://stackoverflow.com/questions/9839274/rsa-encryption-by-supplying-modulus-and-exponent
var value = n.Encrypt(
Encoding.UTF8.GetBytes("hello from server"), fOAEP: true
);
//Array.Reverse(value);
return value;
}
public RSACrypto( byte[] key )
{
AsnKeyParser keyParser = new AsnKeyParser( key );
rsa = new RSACryptoServiceProvider();
rsa.ImportParameters( keyParser.ParseRSAPublicKey() );
}
public static string ToPEM (RSAKeyPair RSAKeyPair) {
var Provider = RSAKeyPair.Provider;
Assert.Null(Provider, NoProviderSpecified.Throw);
var RSAParameters = Provider.ExportParameters(true);
Assert.Null(RSAParameters, PrivateKeyNotAvailable.Throw);
var NewProvider = new RSACryptoServiceProvider();
NewProvider.ImportParameters(RSAParameters);
RSAParameters.Dump();
var RSAPrivateKey = new RSAPrivateKey(RSAParameters);
var Builder = new StringBuilder();
Builder.Append("-----BEGIN RSA PRIVATE KEY-----");
var KeyDER = RSAPrivateKey.DER();
Builder.AppendBase64(KeyDER);
Builder.Append("\n-----END RSA PRIVATE KEY-----\n");
return Builder.ToString();
}
static void Main(string[] args)
{
// Create message and signature on your end
string message = "Here is the license message";
var secret = "wangchunlei";
var converter = new ASCIIEncoding();
byte[] plainText = converter.GetBytes(secret);
var rsaWrite = new RSACryptoServiceProvider();
var privateParams = rsaWrite.ExportParameters(true);
// Generate the public key / these can be sent to the user.
var publicParams = rsaWrite.ExportParameters(false);
byte[] signature =
rsaWrite.SignData(plainText, new SHA1CryptoServiceProvider());
// Verify from the user's side. Note that only the public parameters
// are needed.
var rsaRead = new RSACryptoServiceProvider();
rsaRead.ImportParameters(publicParams);
if (rsaRead.VerifyData(plainText,
new SHA1CryptoServiceProvider(),
signature))
{
Console.WriteLine("Verified!");
}
else
{
Console.WriteLine("NOT verified!");
}
}
static public byte[] RSADecrypt(byte[] DataToDecrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding)
{
try
{
byte[] decryptedData;
//Create a new instance of RSACryptoServiceProvider.
using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
{
//Import the RSA Key information. This needs
//to include the private key information.
RSA.ImportParameters(RSAKeyInfo);
//Decrypt the passed byte array and specify OAEP padding.
//OAEP padding is only available on Microsoft Windows XP or
//later.
decryptedData = RSA.Decrypt(DataToDecrypt, DoOAEPPadding);
}
return decryptedData;
}
//Catch and display a CryptographicException
//to the console.
catch (CryptographicException e)
{
Console.WriteLine(e.ToString());
return null;
}
}
public string EncryptData(string data)
{
try
{
//initialze the byte arrays to the public key information.
byte[] PublicKey = _publicKey.ToArray();
byte[] Exponent = _exponent.ToArray();
//Create a new instance of RSACryptoServiceProvider.
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
//Create a new instance of RSAParameters.
RSAParameters RSAKeyInfo = new RSAParameters();
//Set RSAKeyInfo to the public key values.
RSAKeyInfo.Modulus = PublicKey;
RSAKeyInfo.Exponent = Exponent;
//Import key parameters into RSA.
RSA.ImportParameters(RSAKeyInfo);
var dataBytes = ASCIIEncoding.ASCII.GetBytes(data);
var encryptedBytes = RSA.Encrypt(dataBytes, false);
var encryptedValue = BitConverter.ToString(encryptedBytes).Replace("-", "").ToLower();
return encryptedValue;
}
catch (CryptographicException e)
{
Console.WriteLine(e.Message);
}
return null;
}
public override void Encrypt()
{
//RSA Rsa = new RSA();
//base.Component.Text = Rsa.encode(base.Component.tp.Text);
try
{
UnicodeEncoding ByteConverter = new UnicodeEncoding();
byte[] encryptedData;
using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
{
RSA.ImportParameters(RSA.ExportParameters(false));
byte[] Data = ByteConverter.GetBytes(base.Component.tp.Text.ToString());
encryptedData = RSA.Encrypt(Data , false);
}
base.Component.Text = ByteConverter.GetString(encryptedData);
}
//Catch and display a CryptographicException
//to the console.
catch (CryptographicException e)
{
Console.WriteLine(e.Message);
base.Component.Text = base.Component.tp.Text.ToString();
}
}
/// <summary>
/// Decrypts a string which was previously encrypted with the Encrypt method
/// </summary>
/// <param name="cipher">The encrypted byte array</param>
/// <param name="privateKey">The private key used to decrypt the data</param>
/// <returns>A byte array containing the decrypted value</returns>
public static string Decrypt(string cipher, RSAParameters privateKey)
{
using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider())
{
//ImportParameters sets the keySize according to the size used to create the privateKey
rsa.ImportParameters(privateKey);
int base64BlockSize = ((rsa.KeySize / 8) % 3 != 0) ? (((rsa.KeySize / 8) / 3) * 4) + 4 : ((rsa.KeySize / 8) / 3) * 4;
int iterations = cipher.Length / base64BlockSize;
//var arrayList = new ArrayList();
var fullBytes = new byte[0];
for (int i = 0; i < iterations; i++)
{
byte[] encryptedBytes = Convert.FromBase64String(cipher.Substring(base64BlockSize * i, base64BlockSize));
// Be aware the RSACryptoServiceProvider reverses the order of
// encrypted bytes after encryption and before decryption.
// If you do not require compatibility with Microsoft Cryptographic
// API (CAPI) and/or other vendors.
// Comment out the next line and the corresponding one in the
// EncryptString function.
Array.Reverse(encryptedBytes);
var bytes = rsa.Decrypt(encryptedBytes, true);
var len = fullBytes.Length;
Array.Resize(ref fullBytes, len + bytes.Length);
Array.Copy(bytes, 0, fullBytes, len, bytes.Length);
//arrayList.AddRange(bytes);
}
return(Encoding.UTF32.GetString(fullBytes));
//return Encoding.UTF32.GetString(arrayList.ToArray(Type.GetType("System.Byte")) as byte[]);
}
}
public static bool VerifyLicense(string licenseTo, string licenseKey)
{
AssertKeyIsNotBanned(licenseKey);
const string modulusString =
"vBgOPQiBhRR22ClUzIBJCmxcaOWfuAweUNpodRuZWDn8whviOe4JdA/sjzqw54KGh1qHJIc7JY5sGTCxNZQiSuyZQ6iHK2ykmU0Yb+QBvbqG33x2R7Di8MoNA1Tv2fX7SSny++IKEOQEEvwYhYr6oRU8sVItMcybUjiaaSw1rbU=";
const string exponentString = "AQAB";
var data = Encoding.UTF8.GetBytes(licenseTo);
var rsaParameters = new RSAParameters
{
Modulus = Convert.FromBase64String(modulusString),
Exponent = Convert.FromBase64String(exponentString)
};
#if STANDARD
using (var rsa = System.Security.Cryptography.RSA.Create())
#else
using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider())
#endif
{
var licenseData = Convert.FromBase64String(licenseKey);
rsa.ImportParameters(rsaParameters);
bool verified = false;
#if STANDARD
verified = rsa.VerifyData(data, licenseData, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
#else
verified = rsa.VerifyData(data, CryptoConfig.MapNameToOID("SHA256"), licenseData);
#endif
return(verified);
}
}
static public byte[] RSAEncrypt(int bits, byte[] dataToEncrypt, RSAParameters rsaKeyInfo, bool doOAEPPadding)
{
try
{
byte[] encryptedData;
//Create a new instance of RSACryptoServiceProvider.
using (var rsa = new RSACryptoServiceProvider(bits))
{
//Import the RSA Key information. This only needs
//toinclude the public key information.
rsa.ImportParameters(rsaKeyInfo);
var rsaExportParameters = rsa.ExportParameters(true);
var rsaFormatter = new RSAPKCS1SignatureFormatter(rsa);
rsaFormatter.SetHashAlgorithm("SHA256");
//Encrypt the passed byte array and specify OAEP padding.
//OAEP padding is only available on Microsoft Windows XP or
//later.
encryptedData = rsa.Encrypt(dataToEncrypt, doOAEPPadding);
}
return encryptedData;
}
//Catch and display a CryptographicException
//to the console.
catch (CryptographicException e)
{
Console.WriteLine(e.Message);
return null;
}
}
/// <summary>Extracts the <see cref="Key"/> from the given PKCS8 private key.</summary>
public Initializer FromPrivateKey(string privateKey)
{
RSAParameters rsaParameters = Pkcs8.DecodeRsaParameters(privateKey);
Key = (RsaKey)RSA.Create();
Key.ImportParameters(rsaParameters);
return(this);
}
/// <inheritdoc/>
public ICryptographicKey ImportPublicKey(byte[] keyBlob, CryptographicPublicKeyBlobType blobType = CryptographicPublicKeyBlobType.X509SubjectPublicKeyInfo)
{
Requires.NotNull(keyBlob, "keyBlob");
var rsa = new Platform.RSACryptoServiceProvider();
rsa.ImportParameters(KeyFormatter.ToPlatformParameters(KeyFormatter.GetFormatter(blobType).Read(keyBlob)));
return(new RsaCryptographicKey(rsa, this.algorithm));
}
public static string RSAKeysToXmlString(RSAParameters nKey, bool nIncludePrivateParameters)
{
RSACryptoServiceProvider.UseMachineKeyStore = true;
var rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.ImportParameters(nKey);
return(rsa.ToXmlString(nIncludePrivateParameters));
}
public static bool verify(string content, string signedString, string publicKey, string input_charset)
{
System.Text.Encoding encoding = System.Text.Encoding.GetEncoding(input_charset);
byte[] bytes = encoding.GetBytes(content);
byte[] signature = System.Convert.FromBase64String(signedString);
System.Security.Cryptography.RSAParameters parameters = RSAFromPkcs8.ConvertFromPublicKey(publicKey);
System.Security.Cryptography.RSACryptoServiceProvider rSACryptoServiceProvider = new System.Security.Cryptography.RSACryptoServiceProvider();
rSACryptoServiceProvider.ImportParameters(parameters);
System.Security.Cryptography.SHA1 halg = new System.Security.Cryptography.SHA1CryptoServiceProvider();
return(rSACryptoServiceProvider.VerifyData(bytes, halg, signature));
}
public RsaSecurityKey GetKey()
{
if (NeedsUpdate())
{
GenerateKeyAndSave();
}
var provider = new System.Security.Cryptography.RSACryptoServiceProvider();
provider.ImportParameters(GetKeyParameters());
return(new RsaSecurityKey(provider));
}
public static string decrypt(string elementToDesencrypt, string pathPublicKey)
{
string pem = System.IO.File.ReadAllText(pathPublicKey);
byte[] Buffer = getBytesFromPEMFile(pem, "RSA PRIVATE KEY");
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
System.Security.Cryptography.RSAParameters rsaParam = rsa.ExportParameters(false);
rsaParam.Modulus = Buffer;
rsa.ImportParameters(rsaParam);
byte[] text = Encoding.UTF8.GetBytes(elementToDesencrypt); //Convert.FromBase64String(elementToDesencrypt)
byte[] encryptedMessageByte = rsa.Decrypt(text, false);
return(Convert.ToBase64String(encryptedMessageByte));
}
/// <summary>
/// 基于证书对 RSA 签名校验
/// </summary>
/// <param name="data">要签名的文本</param>
/// <param name="signatureText">签名(十六进制格式文本)</param>
/// <param name="publicKeyPemString">公钥内容(PEM格式的,即base64格式的证书文件内容)</param>
/// <returns></returns>
public static bool VerifySignature(string data, string signatureText, string publicKeyPemString)
{
publicKeyPemString = publicKeyPemString.Replace("-----BEGIN PUBLIC KEY-----", "")
.Replace("-----END PUBLIC KEY-----", "");
var signatureBytes = HexStringToBytes(signatureText);
var rsaCryptoServiceProvider = new System.Security.Cryptography.RSACryptoServiceProvider();
rsaCryptoServiceProvider.ImportParameters(CreateRsaParametersFromPublicKey(publicKeyPemString));
var RSADeformatter = new RSAPKCS1SignatureDeformatter(rsaCryptoServiceProvider);
RSADeformatter.SetHashAlgorithm("MD5");
var plainTextBytes = Encoding.UTF8.GetBytes(data);
HashAlgorithm md5 = HashAlgorithm.Create("MD5");
var hashBytes = md5.ComputeHash(plainTextBytes);
return(RSADeformatter.VerifySignature(hashBytes, signatureBytes));
}
/*
* converts a bouncy castle private key to a windows private key
*/
private static sys2.AsymmetricAlgorithm ConvertToSystemKey(RsaPrivateCrtKeyParameters privateKey)
{
sys2.CspParameters cspPars = new sys2.CspParameters
{
KeyContainerName = Guid.NewGuid().ToString(),
KeyNumber = (int)sys2.KeyNumber.Exchange
};
sys2.RSACryptoServiceProvider rsaCryptoProvider = new sys2.RSACryptoServiceProvider(cspPars);
sys2.RSAParameters rsaParameters = new sys2.RSAParameters
{
Modulus = privateKey.Modulus.ToByteArrayUnsigned(),
P = privateKey.P.ToByteArrayUnsigned(),
Q = privateKey.Q.ToByteArrayUnsigned(),
DP = privateKey.DP.ToByteArrayUnsigned(),
DQ = privateKey.DQ.ToByteArrayUnsigned(),
InverseQ = privateKey.QInv.ToByteArrayUnsigned(),
D = privateKey.Exponent.ToByteArrayUnsigned(),
Exponent = privateKey.PublicExponent.ToByteArrayUnsigned()
};
rsaCryptoProvider.ImportParameters(rsaParameters);
return(rsaCryptoProvider);
}
public async void StartMQTT(string clientid, string cafile, string clientcertfile, string clientprivate, string clientprivatepassword = "")
{
var ca = new X509Certificate(cafile, "");
var reader = new PemReader(File.OpenText(clientprivate));
var privatekey = (AsymmetricCipherKeyPair)reader.ReadObject();
var pkinfo = (Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters)privatekey.Private;
var ce1 = new X509Certificate2(File.ReadAllBytes(clientcertfile), clientprivatepassword,
X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
CspParameters parms = new CspParameters();
parms.Flags = CspProviderFlags.NoFlags;
parms.KeyContainerName = Guid.NewGuid().ToString().ToUpperInvariant();
parms.ProviderType = ((Environment.OSVersion.Version.Major > 5) || ((Environment.OSVersion.Version.Major == 5) && (Environment.OSVersion.Version.Minor >= 1))) ? 0x18 : 1;
System.Security.Cryptography.RSACryptoServiceProvider rcsp =
new System.Security.Cryptography.RSACryptoServiceProvider(parms)
{
PersistKeyInCsp = true
};
rcsp.ImportParameters(DotNetUtilities.ToRSAParameters(pkinfo));
ce1.PrivateKey = rcsp;
//var clientcert = CertificatesToDBandBack.Certificate.GetCertificateFromPEMstring(File.ReadAllText(clientcertfile), File.ReadAllText(clientprivate), clientprivatepassword);
MQTTClient = new MqttFactory().CreateMqttClient();
var options = new MqttClientOptionsBuilder()
.WithTcpServer(mqtt_host, mqtt_port).WithClientId(clientid).WithTls(new MqttClientOptionsBuilderTlsParameters
{
AllowUntrustedCertificates = false,
IgnoreCertificateChainErrors = false,
IgnoreCertificateRevocationErrors = false,
UseTls = true,
SslProtocol = System.Security.Authentication.SslProtocols.Tls12,
Certificates = new List <byte[]>
{
ca.Export(X509ContentType.SerializedCert),
ce1.Export(X509ContentType.SerializedCert)
},
CertificateValidationCallback = (X509Certificate x, X509Chain y, SslPolicyErrors z, IMqttClientOptions o) =>
{
return(true);
}
}).Build();
MQTTClient.ApplicationMessageReceivedHandler = new MqttApplicationMessageReceivedHandlerDelegate(e =>
{
Console.WriteLine("### RECEIVED APPLICATION MESSAGE ###");
Console.WriteLine($"+ Topic = {e.ApplicationMessage.Topic}");
Console.WriteLine($"+ Payload = {Encoding.UTF8.GetString(e.ApplicationMessage.Payload)}");
Console.WriteLine($"+ QoS = {e.ApplicationMessage.QualityOfServiceLevel}");
Console.WriteLine($"+ Retain = {e.ApplicationMessage.Retain}");
Console.WriteLine();
});
MQTTClient.ConnectedHandler = new MqttClientConnectedHandlerDelegate(async a =>
{
Console.WriteLine("### CONNECTED WITH SERVER ###");
await MQTTClient.SubscribeAsync(new TopicFilterBuilder().WithTopic("#").Build());
});
MQTTClient.DisconnectedHandler = new MqttClientDisconnectedHandlerDelegate(async a =>
{
Console.WriteLine("### DISCONNECTED FROM SERVER ###");
});
var connect = await MQTTClient.ConnectAsync(options);
var sub = MQTTClient.SubscribeAsync(new TopicFilter
{
Topic = "test", QualityOfServiceLevel = MqttQualityOfServiceLevel.AtMostOnce
});
}
public void TestRfc7515Example_A_2_1()
{
string protectedSample = // From the RFC example
"{\"alg\":\"RS256\"}";
byte[] protectedBytesExpected = // From the RFC example
{
123, 34, 97, 108, 103, 34, 58, 34, 82, 83, 50, 53, 54, 34, 125
};
byte[] protectedBytesActual = Encoding.UTF8.GetBytes(protectedSample);
CollectionAssert.AreEqual(protectedBytesExpected, protectedBytesActual);
string protectedB64uExpected = "eyJhbGciOiJSUzI1NiJ9"; // From the RFC example
string protectedB64uActual = CryptoHelper.Base64.UrlEncode(protectedBytesActual);
Assert.AreEqual(protectedB64uExpected, protectedB64uActual);
string payloadSample = // From the RFC example
"{\"iss\":\"joe\",\r\n" +
" \"exp\":1300819380,\r\n" +
" \"http://example.com/is_root\":true}";
byte[] payloadBytesActual = Encoding.UTF8.GetBytes(payloadSample);
string payloadB64uActual = CryptoHelper.Base64.UrlEncode(payloadBytesActual);
string signingInput = $"{protectedB64uActual}.{payloadB64uActual}";
byte[] signingBytesExpected = // From the RFC example
{
101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 122, 73,
49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79,105,
74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72,
65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68,
65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76,
121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118,
98, 83, 57, 112, 99, 49, 57, 121, 98, 50, 57, 48, 73, 106, 112, 48,
99, 110, 86, 108, 102, 81
};
byte[] signingBytesActual = Encoding.ASCII.GetBytes(signingInput);
CollectionAssert.AreEqual(signingBytesExpected, signingBytesActual);
byte[] sigExpected = // From the RFC example
{
112, 46, 33, 137, 67, 232, 143, 209, 30, 181, 216, 45, 191, 120, 69,
243, 65, 6, 174, 27, 129, 255, 247, 115, 17, 22, 173, 209, 113, 125,
131, 101, 109, 66, 10, 253, 60, 150, 238, 221, 115, 162, 102, 62, 81,
102, 104, 123, 0, 11, 135, 34, 110, 1, 135, 237, 16, 115, 249, 69,
229, 130, 173, 252, 239, 22, 216, 90, 121, 142, 232, 198, 109, 219,
61, 184, 151, 91, 23, 208, 148, 2, 190, 237, 213, 217, 217, 112, 7,
16, 141, 178, 129, 96, 213, 248, 4, 12, 167, 68, 87, 98, 184, 31,
190, 127, 249, 217, 46, 10, 231, 111, 36, 242, 91, 51, 187, 230, 244,
74, 230, 30, 177, 4, 10, 203, 32, 4, 77, 62, 249, 18, 142, 212,1,
48, 121, 91, 212, 189, 59, 65, 238, 202, 208, 102, 171, 101, 25, 129,
253, 228, 141, 247, 127, 55, 45, 195, 139, 159, 175, 221, 59, 239,
177, 139, 93, 163, 204, 60, 46, 176, 47, 158, 58, 65, 214, 18, 202,
173, 21, 145, 18, 115, 160, 95, 35, 185, 232, 56, 250, 175, 132, 157,
105, 132, 41, 239, 90, 30, 136, 121, 130, 54, 195, 212, 14, 96, 69,
34, 165, 68, 200, 242, 122, 122, 45, 184, 6, 99, 209, 108, 247, 202,
234, 86, 222, 64, 92, 178, 33, 90, 69, 178, 194, 85, 102, 181, 90,
193, 167, 72, 160, 112, 223, 200, 163, 42, 70, 149, 67, 208, 25, 238,
251, 71
};
byte[] sigActual = null;
using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider())
{
rsa.ImportParameters(GetRsaParamsForRfc7515Example_A_2_1());
using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider())
{
sigActual = rsa.SignData(signingBytesExpected, sha256);
}
}
CollectionAssert.AreEqual(sigExpected, sigActual);
string sigB64uExpected = // From the RFC example
"cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7" +
"AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4" +
"BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K" +
"0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv" +
"hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB" +
"p0igcN_IoypGlUPQGe77Rw";
string sigB64uActual = CryptoHelper.Base64.UrlEncode(sigActual);
Assert.AreEqual(sigB64uExpected, sigB64uActual);
}
//===============================================================================
// Name: Function IALUGenerator_GenKey
// Input:
// ByRef Lic As ActiveLock3.ProductLicense - Product license
// ByVal InstCode As String - Installation Code sent by the user
// ByVal RegisteredLevel As String - Registration Level for the license. Default is "0"
// Output:
// String - Liberation key for the license
// Purpose: Given the Installation Code, generates an Activelock license liberation key.
// Remarks: None
//===============================================================================
private string IALUGenerator_GenKey(ref ActiveLock3_6NET.ProductLicense Lic, string InstCode, [System.Runtime.InteropServices.OptionalAttribute, System.Runtime.InteropServices.DefaultParameterValueAttribute("0")] // ERROR: Optional parameters aren't supported in C#
string RegisteredLevel)
{
// Take request code and decrypt it.
string strReq = null;
// 05.13.05 - ialkan Modified to merge DLLs into one
strReq = modBase64.Base64_Decode(ref InstCode);
// strReq now contains the {LockCode + vbLf + User} string
string strLock = string.Empty;
string strUser = string.Empty;
GetLockAndUserFromInstallCode(strReq, ref strLock, ref strUser);
Lic.Licensee = strUser;
// registration date
string strRegDate = null;
// registered level
Lic.RegisteredLevel = RegisteredLevel;
strRegDate = Lic.RegisteredDate;
string strEncrypted = null;
// @todo Rethink this bit about encrypting the dates.
// We need to keep in mind that the app does not have access to the private key, so and any decryption that requires private key
// would not be possible.
// Perhaps instead of encrypting, we could do MD5 hash of (regdate+lockcode)?
//ActiveLockEventSink_ValidateValue strRegDate, strEncrypted
// hash it
//strEncrypted = ActiveLock3.MD5Hash(strEncrypted)
strEncrypted = strRegDate;
// get software codes
ProductInfo ProdInfo = null;
ProdInfo = IALUGenerator_RetrieveProduct(Lic.ProductName, Lic.ProductVer);
Lic.ProductKey = ProdInfo.VCode;
string strLic = null;
strLic = Lic.ToString_Renamed() + Constants.vbLf + strLock;
System.Diagnostics.Debug.WriteLine("strLic: " + Constants.vbCrLf + strLic);
if (modALUGEN.strLeft(ProdInfo.VCode, 3) != "RSA")
{
// sign it
string strSig = null;
strSig = new string(Strings.Chr(0), 1024);
// 05.13.05 - ialkan Modified to merge DLLs into one. Moved RSASign into a module
strSig = modActiveLock.RSASign(ProdInfo.VCode, ProdInfo.GCode, strLic);
// Create liberation key. This will be a base-64 encoded string of the whole license.
string strLicKey = null;
// 05.13.05 - ialkan Modified to merge DLLs into one
strLicKey = modBase64.Base64_Encode(ref strSig);
// update Lic with license key
Lic.LicenseKey = strLicKey;
// Print some info for debugging purposes
System.Diagnostics.Debug.WriteLine("VCode: " + ProdInfo.VCode);
System.Diagnostics.Debug.WriteLine("Lic: " + strLic);
System.Diagnostics.Debug.WriteLine("Lic hash: " + modMD5.Hash(ref strLic));
System.Diagnostics.Debug.WriteLine("LicKey: " + strLicKey);
System.Diagnostics.Debug.WriteLine("Sig: " + strSig);
System.Diagnostics.Debug.WriteLine("Verify: " + modActiveLock.RSAVerify(ProdInfo.VCode, strLic, modBase64.Base64_Decode(ref strLicKey)));
System.Diagnostics.Debug.WriteLine("====================================================");
}
else
{
try {
System.Security.Cryptography.RSACryptoServiceProvider rsaCSP = new System.Security.Cryptography.RSACryptoServiceProvider();
string strPublicBlob = null;
string strPrivateBlob = null;
strPublicBlob = ProdInfo.VCode;
strPrivateBlob = ProdInfo.GCode;
if (modALUGEN.strLeft(ProdInfo.GCode, 6) == "RSA512")
{
strPrivateBlob = modALUGEN.strRight(ProdInfo.GCode, Strings.Len(ProdInfo.GCode) - 6);
}
else
{
strPrivateBlob = modALUGEN.strRight(ProdInfo.GCode, Strings.Len(ProdInfo.GCode) - 7);
}
// import private key params into instance of RSACryptoServiceProvider
rsaCSP.FromXmlString(strPrivateBlob);
RSAParameters rsaPrivateParams = default(RSAParameters);
//stores private key
rsaPrivateParams = rsaCSP.ExportParameters(true);
rsaCSP.ImportParameters(rsaPrivateParams);
byte[] userData = Encoding.UTF8.GetBytes(strLic);
AsymmetricSignatureFormatter asf = new RSAPKCS1SignatureFormatter(rsaCSP);
HashAlgorithm algorithm = new SHA1Managed();
asf.SetHashAlgorithm(algorithm.ToString());
byte[] myhashedData = null;
// a byte array to store hash value
string myhashedDataString = null;
myhashedData = algorithm.ComputeHash(userData);
myhashedDataString = BitConverter.ToString(myhashedData).Replace("-", string.Empty);
byte[] mysignature = null;
// holds signatures
mysignature = asf.CreateSignature(algorithm);
string mySignatureBlock = null;
mySignatureBlock = Convert.ToBase64String(mysignature);
Lic.LicenseKey = mySignatureBlock;
}
catch (Exception ex) {
modActiveLock.Set_Locale(modActiveLock.regionalSymbol);
Err().Raise(AlugenGlobals.alugenErrCodeConstants.alugenProdInvalid, modTrial.ACTIVELOCKSTRING, ex.Message);
}
}
// Serialize it into a formatted string
string strLibKey = string.Empty;
Lic.Save(ref strLibKey);
return(strLibKey);
}
public static void VerifySig(XmlDocument sigDoc)
{
try
{
XmlElement envelope = sigDoc.DocumentElement;
XmlElement securityElem = LameXpath.SelectSingleNode(sigDoc, Elem.Security);
if (securityElem != null)
{
XmlAttribute mustUndAtt = securityElem.Attributes[Attrib.mustUnderstand, Ns.soap];
if (mustUndAtt != null)
{
mustUndAtt.Value = "0";
}
}
XmlElement sigElem = LameXpath.SelectSingleNode(sigDoc, Elem.Signature);
if (sigElem == null)
{
return;
}
XmlElement sigValElem = LameXpath.SelectSingleNode(sigElem, Elem.SignatureValue);
byte[] baSigVal = OpenNETCF.Security.Cryptography.Internal.Format.GetB64(sigValElem.InnerText);
bool comments = false;
bool exclusive = true;
System.Security.Cryptography.SHA1CryptoServiceProvider shaCsp = new System.Security.Cryptography.SHA1CryptoServiceProvider();
XmlElement sigMethElem = LameXpath.SelectSingleNode(sigElem, Elem.SignatureMethod);
string segMeth = sigMethElem.Attributes["Algorithm"].Value;
XmlElement signedInfoElem = LameXpath.SelectSingleNode(sigElem, Elem.SignedInfo);
XmlDocument xdSignedInfo = new XmlDocument();
xdSignedInfo.LoadXml(signedInfoElem.OuterXml);
XmlCanonicalizer xc = new XmlCanonicalizer(comments, exclusive);
MemoryStream ms = (MemoryStream)xc.Canonicalize(xdSignedInfo);
byte [] baMs = new byte[ms.Length];
ms.Read(baMs, 0, baMs.Length);
ArrayList keyInfoRefElem = LameXpath.SelectChildNodes(sigElem, Elem.SecurityTokenReference, Elem.Reference);
XmlElement keyInfoRef = (XmlElement)keyInfoRefElem[0];
string secTokUri = keyInfoRef.Attributes["URI"].Value;
secTokUri = secTokUri.TrimStart(new char[] { '#' });
XmlElement secTokElem = LameXpath.SelectSingleNode(secTokUri, sigDoc);
if (secTokElem.LocalName == Elem.UsernameToken)
{
XmlElement nonce = LameXpath.SelectSingleNode(secTokElem, Elem.Nonce);
XmlElement created = LameXpath.SelectSingleNode(secTokElem, Elem.Created);
//DerivedKeyGenerator seems to be off by 1?
//byte [] baKey = P_SHA1.DeriveKey(ClearPassword, StrKeyLabel, nonce.InnerText, created.InnerText, NumKeyBytes);
byte [] baKey = P_SHA1.DeriveKey(SigObj.ClearPassword, StrKeyLabel, nonce.InnerText, created.InnerText, NumKeyBytes);
HMACSHA1 hmacSha = new HMACSHA1(baKey);
byte [] baSig = hmacSha.ComputeHash(baMs);
OpenNETCF.Security.Cryptography.Internal.Format.SameBytes(baSigVal, baSig);
}
else if (secTokElem.LocalName == Elem.BinarySecurityToken)
{
byte[] baCert = OpenNETCF.Security.Cryptography.Internal.Format.GetB64(secTokElem.InnerText);
X509Certificate cert = new X509Certificate(baCert); //pub key to verify sig.
byte [] exponent;
byte [] modulus;
DecodeCertKey.GetPublicRsaParams(cert, out exponent, out modulus);
System.Security.Cryptography.RSAParameters rsaParam = new System.Security.Cryptography.RSAParameters();
rsaParam.Exponent = exponent;
rsaParam.Modulus = modulus;
System.Security.Cryptography.RSACryptoServiceProvider rsaCsp = new System.Security.Cryptography.RSACryptoServiceProvider();
rsaCsp.ImportParameters(rsaParam);
byte [] baUnsigHash = shaCsp.ComputeHash(baMs);
bool valid = rsaCsp.VerifyHash(baUnsigHash, "SHA", baSigVal);
if (valid == false)
{
throw new Exception("signature is not valid");
}
}
else if (secTokElem.LocalName == Elem.SecurityContextToken)
{
//TODO how to validate signature?
}
else
{
throw new Exception("only support Username, BinarySecurity, and SecurityContext Token signature");
}
//verify reference hashes
string refdName = String.Empty;
ArrayList refNodes = LameXpath.SelectChildNodes(sigDoc, Elem.SignedInfo, Elem.Reference);
foreach (object oXn in refNodes)
{
XmlNode xn = (XmlNode)oXn;
string uriId = xn.Attributes[Attrib.URI].Value;
uriId = uriId.TrimStart(new char[] { '#' });
XmlElement digValElem = LameXpath.SelectSingleNode(xn, Elem.DigestValue);
byte[] baDigest = OpenNETCF.Security.Cryptography.Internal.Format.GetB64(digValElem.InnerText);
XmlElement refdElem = LameXpath.SelectSingleNode(uriId, sigDoc);
XmlDocument xdRefdElem = new XmlDocument();
refdName = refdElem.LocalName; //for debug visibility
xdRefdElem.LoadXml(refdElem.OuterXml);
//not reusable
xc = new XmlCanonicalizer(comments, exclusive);
//MemoryStream ms = (MemoryStream) xc.Canonicalize(refdElem);
ms = (MemoryStream)xc.Canonicalize(xdRefdElem);
baMs = new byte[ms.Length];
ms.Read(baMs, 0, baMs.Length);
byte [] baHash = shaCsp.ComputeHash(baMs);
try
{
OpenNETCF.Security.Cryptography.Internal.Format.SameBytes(baDigest, baHash);
}
catch (Exception ex)
{
throw new Exception(refdName + ":" + ex.Message, ex);
}
}
}
finally
{
//ClearPassword = null;
SigObj = null;
}
}
private static System.Security.Cryptography.RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
System.IO.MemoryStream input = new System.IO.MemoryStream(privkey);
System.IO.BinaryReader binaryReader = new System.IO.BinaryReader(input);
System.Security.Cryptography.RSACryptoServiceProvider result;
try
{
ushort num = binaryReader.ReadUInt16();
if (num == 33072)
{
binaryReader.ReadByte();
}
else
{
if (num != 33328)
{
result = null;
return(result);
}
binaryReader.ReadInt16();
}
num = binaryReader.ReadUInt16();
if (num != 258)
{
result = null;
}
else
{
byte b = binaryReader.ReadByte();
if (b != 0)
{
result = null;
}
else
{
int integerSize = RSAFromPkcs8.GetIntegerSize(binaryReader);
byte[] modulus = binaryReader.ReadBytes(integerSize);
integerSize = RSAFromPkcs8.GetIntegerSize(binaryReader);
byte[] exponent = binaryReader.ReadBytes(integerSize);
integerSize = RSAFromPkcs8.GetIntegerSize(binaryReader);
byte[] d = binaryReader.ReadBytes(integerSize);
integerSize = RSAFromPkcs8.GetIntegerSize(binaryReader);
byte[] p = binaryReader.ReadBytes(integerSize);
integerSize = RSAFromPkcs8.GetIntegerSize(binaryReader);
byte[] q = binaryReader.ReadBytes(integerSize);
integerSize = RSAFromPkcs8.GetIntegerSize(binaryReader);
byte[] dP = binaryReader.ReadBytes(integerSize);
integerSize = RSAFromPkcs8.GetIntegerSize(binaryReader);
byte[] dQ = binaryReader.ReadBytes(integerSize);
integerSize = RSAFromPkcs8.GetIntegerSize(binaryReader);
byte[] inverseQ = binaryReader.ReadBytes(integerSize);
System.Security.Cryptography.RSACryptoServiceProvider rSACryptoServiceProvider = new System.Security.Cryptography.RSACryptoServiceProvider();
rSACryptoServiceProvider.ImportParameters(new System.Security.Cryptography.RSAParameters
{
Modulus = modulus,
Exponent = exponent,
D = d,
P = p,
Q = q,
DP = dP,
DQ = dQ,
InverseQ = inverseQ
});
result = rSACryptoServiceProvider;
}
}
}
catch (System.Exception)
{
result = null;
}
finally
{
binaryReader.Close();
}
return(result);
}
public async Task ValidLocallySignedAccessToken_FromX509Certificate()
{
#if NETSTANDARD
const string sPfx = @"
MIIGMQIBAzCCBfcGCSqGSIb3DQEHAaCCBegEggXkMIIF4DCCAt8GCSqGSIb3DQEHBqCCAtAwggLM
AgEAMIICxQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQImgNbotR3pnACAggAgIICmMHYqn7R
91hqe5gpwTGxNHaDmrvaLWfBq17xyVIdboPxzSAX4MoNasJplZgCzlN4vMwsY9CG3aY/AV5b4qF3
GRlkR5Ou3xJ84WJUkKkjVcql7hXZ8Zl8hyMKfQgW7SYpmJK/I4qYPqz5wg2ivZ4YbH4KA+VL9eaX
XR5KKdePWt+P9T3oFD1GYAjdPRTL/phSflvv01v2vkmx6In5hS10w2LjxyOJQtiHocOyEe7XAtor
bjsPi9jzMQmW5OESh9c+LDgEHCQQrccc0kG9j+GYJ65b7qORGq9OzBarVgiK+QGrC6aZhGgXZjMD
2K/efd4igVN/QqbpMHB+BDkZKQDRiEc4ezDqZ1VRP8T6VrYP/C+vhvPjZLgIacsxzxZ3f497OkOQ
pnrdpvBC6vPUxzsBpSTMcYlUGObWu+PNuwbOsQabps55c/jb67g/POKmkAqnJMFPXY45tT0/FrHX
hVK3rsSXQBwxy9/qzzPN+nBF7VlgvSoVzrF384t5Slf2ehwYTw3sgJoUudZ4c12kyE+uLdrOVl3Q
BHKDLfy1hRgxMQS/c3uNKkSgXAH3lk9SqMZ9dBzUoY2hZ45YogsP0dQDvzs3AQEdhGW0ZoGEQjC/
QcTTvp7lg/M9gRoBUp/DegGjf2p0N1OlPhj4m63Q2XEm65AvOkA5xxs5RTZKgcU28BJjkgEUpVNt
1rnp0sBsMABmtZ4FXP1YNcKCBdNkIYw67DOO5MRfAGqaDqosT3CL9EOGna61KLQEmtOS33NAx49y
ZtCeh/N91jnC+AMjjhhqwzRtrXJ6g/MLxEmmIFvNYcEipeYHfPynhuVywVVH/tj0SqmnDP4cQd4t
HvFQL5frBq963Wl0ToPVAC+koMvsplAr0dvJLVfNceIwggL5BgkqhkiG9w0BBwGgggLqBIIC5jCC
AuIwggLeBgsqhkiG9w0BDAoBAqCCAqYwggKiMBwGCiqGSIb3DQEMAQMwDgQINLkrmjjeasQCAggA
BIICgIc2PtM3mraGPkm8MqvJOEj64fTocAnAHzGVJ8BhwBXkQI++2d9eAGlSB7pO0JioT7uMBwCL
i3zVQ6bvDw2tbgVD3Pmc/qY0TpIySptODk6X1Y9fI1Bwrvgi+6cx7PIdFUrypnL/djNTtVIkIfFk
TO48YTlT6Gsn+z2Pe6asI0PSDoLgmw2yPauN7Xz1KkAg0KHDT+vMlSLaAYWF8k3+/jFNgPVUpaMM
t/DzuJti0R5+eVnpAPkMTJhncumvMdBYzg2Wx0URHzU4+24hSXE8/xMBN3pVsj11T7Eu5jPazIKR
qB5a5dn/ICVx/JHzz5dFonHilIvyiMfNE7VKTTerisEhCSdUgqq+sIhlPAlLTBCoyUgcGiCi7dKW
GAT47PJ4rvJsGHSUcaNORF71W1GqQQ5iTsJK5rPmGpMUmGwjsemmWmgp00BeMtmqO19B1yRrjDZO
atDYISR3UkmeI0A9VlXAspZ2ngmbuWvW0M8nrzwvDLIfgJ8rsFwexIVecFO58j2YSKBmVEykUvSd
x+PH3gr8IWAd/Ct0VNLF1Jk2ktOXx1pnM9GWUl8rbvTvM5lNevArHpWp+7vY6JlkM+trdaSE66Lr
cvvI+faKAnj4QtkmkbKPF0qLFsDssFv7AI0l7/65PhRZwJ12WpZEOKsqkUyAUbQI16Cva6cuY38y
XZ++x67rU4ldumq0YKOJPdPbAtptwMdCn7lepDaxT8mwv4SIZSd37hAP8UNvmRdRWL4dYx3m8Y+l
4hnClZt+GbKmMgXu/o4ua37kOlCV1T0VqmuRzpOwnct8HBvtVS6TuScExeiEkNBA4KwSIY04ZSm+
Sell3vQywF3jry7v/FMgPhoxJTAjBgkqhkiG9w0BCRUxFgQU+7ZMLd/K3gq6I9wxj3LcCb2tf5Uw
MTAhMAkGBSsOAwIaBQAEFOM/amdwLHU0WBmyCw96Za0+5Z+PBAgvp7LF+Qwu+AICCAA=";
var x509Cert = new X509Certificate2(Convert.FromBase64String(sPfx));
#else
const string sPrivateKey = @"
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALQoMIfUT93VMvb5
4U5dsJLXD1D6z4o/VuVlNUaf5xH01qAv8Egpxe6f5frLB/p1eNyDjNIZ3QitD6aN
9Vfh4ifg6txBuBJtIMfSDvRJITNZ2SjKJREbflZuBk0HINKYQk2H+3TIzUbE/pN4
Cu6Mids5L/oVOnRWIe3bEC+PHR7ZAgMBAAECgYBI1qrwb+2ukeFeK59lcMnQRLVD
l3RLv9ohOy80E7h38RbJgzhR5NnK5ck1AduC7vXjqihIVf6g4F+ghmq4knI94KPQ
2fOyQGVV6jVeRVqMusx7tP9V1H26yABiK6TPklcCsWwADFmexfOxfIgbBGSmlbAd
N2/ad1Xog1xDebrbEQJBAO+2qSIDX1ahfxUyvvcMaix6Mrh/OYKb5aH1Y/7MfAav
lpbQavQHNvak2147aPNxy0ZvWdJ2HVA7hUMkgysYWSUCQQDAZalkZMSrve+Onh55
U+w5xjLklhh8PhYxx8plT8ae9VG75dGvWSz/W81B3ILg2lrNU6o08NKBJdZsJYmc
BeKlAkBtJh3zF9gEaTqlW1rqwKNjpyyLJ5r3JqczzLmAXnmmzbLi7vmULejP+5bL
XH/YQZtOcgtTMmb8jm2Kegijyc1lAkANGt+e5v4+dIGMxVhuCzlb9hQhXdftHo2E
dodivzxYN32Jvu25c+mMu0QP6GVBy53Dvp8pW/36rgkc9LGa3wvBAkEA7dGAl95T
UeNFVfuzkYNtQppcSgrx1oTcpTHoNgcvk8AgBf4yDdJJyo0IUONmgJCVffc1aTWn
nf/8cW9YC+0icQ==
-----END PRIVATE KEY-----";
const string sCert = @"
MIICNDCCAZ2gAwIBAgIJAKl3qU1+NsuuMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNV
BAYTAkdCMRMwEQYDVQQIDApTb21lLVN0YXRlMQ8wDQYDVQQKDAZHb29nbGUwHhcN
MTYwODEwMTQwOTQ2WhcNNDMxMjI3MTQwOTQ2WjAzMQswCQYDVQQGEwJHQjETMBEG
A1UECAwKU29tZS1TdGF0ZTEPMA0GA1UECgwGR29vZ2xlMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQC0KDCH1E/d1TL2+eFOXbCS1w9Q+s+KP1blZTVGn+cR9Nag
L/BIKcXun+X6ywf6dXjcg4zSGd0IrQ+mjfVX4eIn4OrcQbgSbSDH0g70SSEzWdko
yiURG35WbgZNByDSmEJNh/t0yM1GxP6TeArujInbOS/6FTp0ViHt2xAvjx0e2QID
AQABo1AwTjAdBgNVHQ4EFgQUMqzJi099PA8ML5CV1OSiHgiTGoUwHwYDVR0jBBgw
FoAUMqzJi099PA8ML5CV1OSiHgiTGoUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOBgQBQ9cMInb2rEcg8TTYq8MjDEegHWLUI9Dq/IvP/FHyKDczza4eX8m+G
3buutN74pX2/GHRgqvqEvvUUuAQUnZ36k6KjTNxfzNLiSXDPNeYmy6PWsUZy4Rye
/Van/ePiXdipTKMiUyl7V6dTjkE5p/e372wNVXUpcxOMmYdWmzSMvg==";
var x509Cert = new X509Certificate2(Convert.FromBase64String(sCert));
RSAParameters rsaParameters = Pkcs8.DecodeRsaParameters(sPrivateKey);
var privateKey = new System.Security.Cryptography.RSACryptoServiceProvider();
privateKey.ImportParameters(rsaParameters);
x509Cert.PrivateKey = privateKey;
#endif
Assert.That(x509Cert.HasPrivateKey);
var initializer = new ServiceAccountCredential.Initializer("some-id")
{
Clock = new MockClock {
UtcNow = new DateTime(2016, 1, 1, 0, 0, 0, DateTimeKind.Utc)
}
};
var cred = new ServiceAccountCredential(initializer.FromCertificate(x509Cert));
Assert.That(cred.Scopes?.Any(), Is.False); // HasScopes must be false for the type of access token we want to test.
string accessToken = await cred.GetAccessTokenForRequestAsync("http://authurl/");
string expectedToken =
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzb21lLWlkIiwic3ViIjoi" +
"c29tZS1pZCIsImF1ZCI6Imh0dHA6Ly9hdXRodXJsLyIsImV4cCI6MTQ1MTYxMDAwMCwia" +
"WF0IjoxNDUxNjA2NDAwfQ.GfpDHgrFi4ZlGC5LuJEarLU4_eTrT5PVa-S40YtkdB2E1f3" +
"4naYG2ItcfBEFg7Gbdkr1cIAyipuhEd2yLfPmWGwhOwVcBRNyK_J5w8RodS44mxNJwau0" +
"jKy4x1K20ybLqcnNgzE0wag6fi5GHwdNIB0URdHDTiC88CRYdl1CIdk";
Assert.That(accessToken, Is.EqualTo(expectedToken));
}
/// <summary>
/// RSAPkcs8Util
/// </summary>
/// <param name="dataEncoding"></param>
/// <param name="publicKey"></param>
/// <param name="privateKey"></param>
/// <param name="keySize"></param>
public RsaPkcs8Util(Encoding dataEncoding, string publicKey, string privateKey = null, int keySize = 2048)
{
if (string.IsNullOrEmpty(privateKey) && string.IsNullOrEmpty(publicKey))
{
throw new Exception("Public and private keys must not be empty at the same time");
}
if (!string.IsNullOrEmpty(privateKey))
{
#if NET451 || NET452
PrivateRsa = new MsRSA {
KeySize = keySize
};
#else
PrivateRsa = MsRSA.Create();
PrivateRsa.KeySize = keySize;
#endif
PrivateRsa.TouchFromPrivateKeyInPkcs8(privateKey, out var priRsap);
#if NET451 || NET452
PrivateRsaKeyParameter = GetPrivateKeyParameter(privateKey);
#endif
if (string.IsNullOrEmpty(publicKey))
{
#if NET451 || NET452
PublicRsa = new MsRSA {
KeySize = keySize
};
#else
PublicRsa = MsRSA.Create();
PublicRsa.KeySize = keySize;
#endif
var pubRsap = new RSAParameters
{
Modulus = priRsap.Modulus,
Exponent = priRsap.Exponent
};
PublicRsa.ImportParameters(pubRsap);
#if NET451 || NET452
PublicRsaKeyParameter = GetPublicKeyParameter(publicKey);
#endif
}
}
if (!string.IsNullOrEmpty(publicKey))
{
#if NET451 || NET452
PublicRsa = new MsRSA {
KeySize = keySize
};
#else
PublicRsa = MsRSA.Create();
PublicRsa.KeySize = keySize;
#endif
PublicRsa.TouchFromPublicKeyInPkcs8(publicKey, out _);
#if NET451 || NET452
PublicRsaKeyParameter = GetPublicKeyParameter(publicKey);
#endif
}
DataEncoding = dataEncoding.SafeEncodingValue();
}
