/// <summary> /// - Gets specific encrypted source file from server. /// - Encryption and Decription using AES symetric and commonSecret derived from EC Diffie-Helman key Exchange /// - Decrypts source files /// - verifies digital signature of source code /// </summary> /// <param name="sourceFileInfo">the file to get</param> /// <returns>verified and decrypted source file or null if operation unsuccessfull</returns> private string DecryptSourceFromServer(SourceFileInfo sourceFileInfo) { byte[] dhClientPublic; byte[] dhClientPrivate; _keyGen.GenerateKeyPair(out dhClientPrivate, out dhClientPublic); string uri = (TroubleShooterClient.SERVICE_PATH + "/source"); ProtectedSourceRequest request = new ProtectedSourceRequest() { DhClientPublic = dhClientPublic, FileName = sourceFileInfo.FileName }; HttpResponseMessage response = _client.PostAsJsonAsync(uri, request).GetAwaiter().GetResult(); if (response.IsSuccessStatusCode) { ProtectedSource source = response.Content.ReadAsAsync <ProtectedSource>().GetAwaiter().GetResult(); byte[] sharedSecret = _diffieHelman.SharedSecret(dhClientPrivate, source.DhPublicServer); string decryptedSource = AesHandler.DecryptStringFromBytes_Aes(source.SourceCode, sharedSecret); if (_verifier.VerifySignature(decryptedSource, source.Signature, _signatureKey)) { return(decryptedSource); } else { return(null); } } return(null); }
public ProtectedSource Get([FromBody] ProtectedSourceRequest request) { //read source code string sourceCode = System.IO.File.ReadAllText(Path.Combine(SOURCE_FILES_DIR, request.FileName)); //generate key pair and derive shared secret byte[] dhServerPublic; byte[] dhServerPrivate; keyGen.GenerateKeyPair(out dhServerPrivate, out dhServerPublic); byte[] sharedSecret = diffieHelman.SharedSecret(dhServerPrivate, request.DhClientPublic); //send encrypted and signed source back to client; //send also servers public key so client can derive common secret return(new ProtectedSource() { SourceCode = AesHandler.EncryptStringToBytes_Aes(sourceCode, sharedSecret), DhPublicServer = dhServerPublic, Signature = signatureMaker.Signature(sourceCode, signatureKey) }); }