public String send(String methodName, String[] args)
{
// First, turn the method and args into XML
MethodInfo mInfo = new MethodInfo(methodName, args);
string xml = mInfo.encode();
// Generate an AES key to encrypt the method
m_aesCipher.GenerateNewKeyAndIV();
// Encrypt the AES key and IV
string encryptedAESKey = Convert.ToBase64String(m_encryptorVerifier.encrypt(m_aesCipher.Key));
string encryptedIV = Convert.ToBase64String(m_encryptorVerifier.encrypt(m_aesCipher.IV));
// Encrypt the method
byte[] encryptedMethod = m_aesCipher.encrypt(xml);
// Hash the encrypted method
// Sign the hash (encrypt it with the signer)
byte[] signedHash = m_signerDecryptor.encrypt(Hash.getHash(encryptedMethod));
String response = m_proxy.send(
Convert.ToBase64String(encryptedMethod),
Convert.ToBase64String(signedHash),
encryptedAESKey,
encryptedIV,
"A");
ResponseInfo objResponseInfo = ResponseInfo.decode(response);
return(decryptResponse(objResponseInfo));
}
public void TestSecureTransport()
{
String methodName = "methodOne";
String arg0 = "arg0";
String arg1 = "arg1";
TestWebServiceProxy testProxy = new TestWebServiceProxy();
ITransportProxy proxy = testProxy;
FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
RSACipher encryptorVerifier = new RSACipher(
keyStore,
"countyKey",
false);
RSACipher signerDecryptor = new RSACipher(
keyStore,
"stateKey",
true);
SecureTransport transport = new SecureTransport(
proxy,
encryptorVerifier,
signerDecryptor);
// Test for the proxy method
String message = "message";
String signature = "signature";
String aesKey = "key";
String iv = "iv";
String senderAlias = "alias";
String retval = proxy.send(message, signature, aesKey, iv, senderAlias);
String returnVal = transport.send(methodName, new String[] { arg0, arg1 });
// First, just check to see if something got to the proxy.
Assert.IsNotNull(returnVal);
Assert.IsNotNull(testProxy.m_aesKey);
Assert.IsNotNull(testProxy.m_iv);
Assert.IsNotNull(testProxy.m_message);
Assert.IsNotNull(testProxy.m_senderAlias);
Assert.IsNotNull(testProxy.m_signature);
Console.WriteLine("Encrypted AES Key:" + testProxy.m_aesKey);
Console.WriteLine("Encrypted IV:" + testProxy.m_iv);
Console.WriteLine("Encrypted Message:" + testProxy.m_message);
Console.WriteLine("Sender Alias:" + testProxy.m_senderAlias);
Console.WriteLine("Signature:" + testProxy.m_signature);
// Decrypt the AES Key
RSACipher testDecryptor = new RSACipher(
keyStore,
"countyKey",
true);
byte[] testKey = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_aesKey));
byte[] testIV = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_iv));
Console.WriteLine("Decrypted Key:" + Convert.ToBase64String(testKey));
Console.WriteLine("Decrypted IV:" + Convert.ToBase64String(testIV));
AESCipher cipher = new AESCipher(testKey, testIV);
// Independently encrypt the message and make sure they're the same
MethodInfo mInfo = new MethodInfo(methodName, new String[] { arg0, arg1 });
String xml = mInfo.encode();
String testEncryptedMessage = Convert.ToBase64String(cipher.encrypt(xml));
Assert.AreEqual(xml, cipher.decrypt(Convert.FromBase64String(testEncryptedMessage)));
Assert.AreEqual(testEncryptedMessage, testProxy.m_message);
string decryptedMessage = cipher.decrypt(Convert.FromBase64String(testProxy.m_message));
string expectedMessage = expectedMethodInfo.encode();
Assert.AreEqual(expectedMessage, decryptedMessage);
}