public async Task <KGSSGetKeyResponseContent> GetKeyFromKGSS(string keyId, SAMLAssertion assertion) { var orgAuthCertificate = _keyStoreManager.GetOrgAuthCertificate(); var orgEtk = await _etkService.GetOrgETK(); var kgssEtk = await _etkService.GetKgssETK(); var getKeyRequestContent = new KGSSGetKeyRequestContent { KeyIdentifier = keyId, ETK = orgEtk.ETK }; var contentInfoPayload = Encoding.UTF8.GetBytes(getKeyRequestContent.Serialize().ToString()); var sealedContentInfoPayload = TripleWrapper.Seal(contentInfoPayload, orgAuthCertificate, kgssEtk.Certificate); var issueInstant = DateTime.UtcNow; var soapRequest = SOAPRequestBuilder <KGSSGetKeyRequestBody> .New(new KGSSGetKeyRequestBody { Id = $"id-{Guid.NewGuid().ToString()}", Request = new KGSSGetKeyRequest { SealedKeyRequest = new KGSSSealedKeyRequest { SealedContent = Convert.ToBase64String(sealedContentInfoPayload) } } }) .AddTimestamp(issueInstant, issueInstant.AddHours(1)) .AddSAMLAssertion(assertion) .AddReferenceToSAMLAssertion() .SignWithCertificate(orgAuthCertificate) .Build(); var result = await _soapClient.Send(soapRequest, new Uri(_options.KgssUrl), null); result.EnsureSuccessStatusCode(); var xml = await result.Content.ReadAsStringAsync(); var response = SOAPEnvelope <KGSSGetKeyResponseBody> .Deserialize(xml); var certificates = new List <X509Certificate2> { orgAuthCertificate.Certificate, _keyStoreManager.GetOrgETKCertificate().Certificate }; var unsealedPayload = TripleWrapper.Unseal(Convert.FromBase64String(response.Body.GetKeyResponse.SealedKeyResponse.SealedContent), certificates.ToCertificateCollection()); return(KGSSGetKeyResponseContent.Deserialize(unsealedPayload)); }
public async Task <KGSSGetNewKeyResponseContent> GetKGSS(List <CredentialType> credentials) { var orgAuthCertificate = _keyStoreManager.GetOrgAuthCertificate(); var orgEtk = await _etkService.GetOrgETK(); var kgssEtk = await _etkService.GetKgssETK(); var getNewRequestContent = new KGSSGetNewKeyRequestContent { AllowedReaders = credentials, ETK = orgEtk.ETK }; var contentInfoPayload = Encoding.UTF8.GetBytes(getNewRequestContent.Serialize().ToString()); var sealedContentInfoPayload = TripleWrapper.Seal(contentInfoPayload, orgAuthCertificate, kgssEtk.Certificate); var request = new SOAPEnvelope <KGSSGetNewKeyRequestBody> { Body = new KGSSGetNewKeyRequestBody { Request = new KGSSGetNewKeyRequest { SealedNewKeyRequest = new KGSSSealedNewKeyRequest { SealedContent = Convert.ToBase64String(sealedContentInfoPayload) } } } }; var result = await _soapClient.Send(request, new Uri(_options.KgssUrl), null); result.EnsureSuccessStatusCode(); var xml = await result.Content.ReadAsStringAsync(); var response = SOAPEnvelope <KGSSGetNewKeyResponseBody> .Deserialize(xml); var certificates = new List <X509Certificate2> { orgAuthCertificate.Certificate, _keyStoreManager.GetOrgETKCertificate().Certificate }; var unsealedPayload = TripleWrapper.Unseal(Convert.FromBase64String(response.Body.GetNewKeyResponse.SealedNewKeyResponse.SealedContent), certificates.ToCertificateCollection()); return(KGSSGetNewKeyResponseContent.Deserialize(unsealedPayload)); }
public async Task <GetPrescriptionResult> GetPrescription(string rid, SAMLAssertion assertion) { var orgCertificate = _keyStoreManager.GetOrgAuthCertificate(); var issueInstant = DateTime.UtcNow; var recipeETK = await _etkService.GetRecipeETK(); var symKey = new TripleDESCryptoServiceProvider { Padding = PaddingMode.None, Mode = CipherMode.ECB }; var getPrescriptionParameter = new GetPrescriptionForPrescriberParameter { Rid = rid, SymmKey = Convert.ToBase64String(symKey.Key) }; var serializedPrescriptionParameter = Encoding.UTF8.GetBytes(getPrescriptionParameter.Serialize().SerializeToString(false, true)); byte[] sealedContent = TripleWrapper.Seal(serializedPrescriptionParameter, orgCertificate, recipeETK.Certificate); var getPrescriptionRequest = new GetPrescriptionRequest { Id = $"id{Guid.NewGuid().ToString()}", IssueInstant = issueInstant, ProgramId = _options.ProductName, SecuredGetPrescriptionRequest = new SecuredContentType { SecuredContent = Convert.ToBase64String(sealedContent) } }; var soapRequest = SOAPRequestBuilder <GetPrescriptionRequestBody> .New(new GetPrescriptionRequestBody { Id = $"id-{Guid.NewGuid().ToString()}", Request = getPrescriptionRequest }) .AddTimestamp(issueInstant, issueInstant.AddHours(1)) .AddSAMLAssertion(assertion) .AddReferenceToSAMLAssertion() .SignWithCertificate(orgCertificate) .Build(); var result = await _soapClient.Send(soapRequest, new Uri(_options.PrescriberUrl), "urn:be:fgov:ehealth:recipe:protocol:v4:getPrescription"); var xml = await result.Content.ReadAsStringAsync(); result.EnsureSuccessStatusCode(); var response = SOAPEnvelope <GetPrescriptionResponseBody> .Deserialize(xml); var securedContent = response.Body.GetPrescriptionResponse.SecuredGetPrescriptionResponse.SecuredContent; byte[] decrypted; using (var decryptor = symKey.CreateDecryptor()) { var payload = Convert.FromBase64String(securedContent); decrypted = decryptor.TransformFinalBlock(payload, 0, payload.Length); } xml = Encoding.UTF8.GetString(decrypted).ClearBadFormat(); var prescriptionResult = GetPrescriptionForPrescriberResult.Deserialize(xml); var kgssResponse = await _kgssService.GetKeyFromKGSS(prescriptionResult.EncryptionKeyId, assertion); var unsealed = TripleWrapper.Unseal(Convert.FromBase64String(prescriptionResult.Prescription), Convert.FromBase64String(kgssResponse.NewKey)); var decompressed = Decompress(unsealed); return(new GetPrescriptionResult { Status = prescriptionResult.Status.Code, CreationDate = prescriptionResult.CreationDate, FeedbackAllowed = prescriptionResult.FeedbackAllowed, PatientId = prescriptionResult.PatientId, ExpirationDate = prescriptionResult.ExpirationDate, Rid = prescriptionResult.Rid, KmehrmessageType = Encoding.UTF8.GetString(decompressed).Deserialize <kmehrmessageType>() }); }
public async Task <ListRidsHistoryResult> GetHistoryPrescriptions(string patientId, Page page, SAMLAssertion assertion) { var orgCertificate = _keyStoreManager.GetOrgAuthCertificate(); var issueInstant = DateTime.UtcNow; var recipeETK = await _etkService.GetRecipeETK(); var symKey = new TripleDESCryptoServiceProvider(); symKey.Padding = PaddingMode.None; symKey.Mode = CipherMode.ECB; var listPrescriptionHistoryParameter = new ListPrescriptionHistoryParameter { PatientId = patientId, Page = page, SymmKey = Convert.ToBase64String(symKey.Key) }; var serializedPrescriptionParameter = Encoding.UTF8.GetBytes(listPrescriptionHistoryParameter.Serialize().SerializeToString(false, true)); byte[] sealedContent = TripleWrapper.Seal(serializedPrescriptionParameter, orgCertificate, recipeETK.Certificate); var listPrescriptionHistoryRequest = new ListPrescriptionHistoryRequest { Id = $"id{Guid.NewGuid().ToString()}", IssueInstant = issueInstant, ProgramId = _options.ProductName, SecuredListRidsHistoryRequest = new SecuredContentType { SecuredContent = Convert.ToBase64String(sealedContent) } }; var soapRequest = SOAPRequestBuilder <ListPrescriptionHistoryRequestBody> .New(new ListPrescriptionHistoryRequestBody { Id = $"id-{Guid.NewGuid().ToString()}", Request = listPrescriptionHistoryRequest }) .AddTimestamp(issueInstant, issueInstant.AddHours(1)) .AddSAMLAssertion(assertion) .AddReferenceToSAMLAssertion() .SignWithCertificate(orgCertificate) .Build(); var result = await _soapClient.Send(soapRequest, new Uri(_options.PrescriberUrl), "urn:be:fgov:ehealth:recipe:protocol:v4:listRidsHistory"); result.EnsureSuccessStatusCode(); var xml = await result.Content.ReadAsStringAsync(); var response = SOAPEnvelope <ListPrescriptionHistoryResponseBody> .Deserialize(xml); var securedContent = response.Body.ListPrescriptionHistoryResponse.SecuredListRidsHistoryResponse.SecuredContent; byte[] decrypted; using (var decryptor = symKey.CreateDecryptor()) { var payload = Convert.FromBase64String(securedContent); decrypted = decryptor.TransformFinalBlock(payload, 0, payload.Length); } xml = Encoding.UTF8.GetString(decrypted); xml = xml.ClearBadFormat(); var res = ListRidsHistoryResult.Deserialize(xml); return(res); }
public async Task <CreatePrescriptionResult> CreatePrescription(string prescriptionType, string patientId, DateTime expirationDateTime, kmehrmessageType msgType, SAMLAssertion assertion) { var orgCertificate = _keyStoreManager.GetOrgAuthCertificate(); var recipeETK = await _etkService.GetRecipeETK(); var kgssResponse = await _kgssService.GetKGSS(new System.Collections.Generic.List <CredentialType> { new CredentialType { Namespace = Constants.AttributeStatementNamespaces.Identification, Name = Constants.AttributeStatementNames.PersonSSIN, Value = assertion.AttributeStatement.Attribute.First(_ => _.AttributeNamespace == EHealth.Constants.AttributeStatementNamespaces.Identification).AttributeValue }, new CredentialType { Namespace = Constants.AttributeStatementNamespaces.Certified, Name = assertion.AttributeStatement.Attribute.First(_ => _.AttributeNamespace == EHealth.Constants.AttributeStatementNamespaces.Certified).AttributeName } }); var prescriptionPayload = msgType.SerializeToByte(false, true); var compressedPayload = Compress(prescriptionPayload); byte[] encryptedPayload; using (var aes = Aes.Create()) { aes.Padding = PaddingMode.PKCS7; aes.Mode = CipherMode.CBC; aes.KeySize = 128; aes.Key = Convert.FromBase64String(kgssResponse.NewKey); encryptedPayload = TripleWrapper.Seal(compressedPayload, orgCertificate, kgssResponse.NewKeyIdentifier, aes); } var symKey = new TripleDESCryptoServiceProvider { Padding = PaddingMode.None, Mode = CipherMode.ECB }; var prescriptionParameter = new CreatePrescriptionParameter { Prescription = Convert.ToBase64String(encryptedPayload), PrescriptionType = prescriptionType, FeedbackRequested = false, KeyId = kgssResponse.NewKeyIdentifier, SymmKey = Convert.ToBase64String(symKey.Key), PatientId = patientId, ExpirationDate = expirationDateTime.ToString("yyyy-MM-dd"), Vision = "" }; var serializedPrescriptionParameter = Encoding.UTF8.GetBytes(prescriptionParameter.Serialize().SerializeToString(false, true)); byte[] sealedContent = TripleWrapper.Seal(serializedPrescriptionParameter, orgCertificate, recipeETK.Certificate); var issueInstant = DateTime.UtcNow; var createPrescriptionRequest = new CreatePrescriptionRequest { IssueInstant = issueInstant, Id = $"id{Guid.NewGuid().ToString()}", ProgramId = "Medikit", AdministrativeInformation = new CreatePrescriptionAdministrativeInformationType { KeyIdentifier = Convert.ToBase64String(ASCIIEncoding.ASCII.GetBytes(kgssResponse.NewKeyIdentifier)), PrescriptionVersion = "kmehr_1.29", ReferenceSourceVersion = "samv2:ABCDE999999999999", PrescriptionType = prescriptionType }, SecuredCreatePrescriptionRequest = new SecuredContentType { SecuredContent = Convert.ToBase64String(sealedContent) } }; var soapRequest = SOAPRequestBuilder <CreatePrescriptionRequestBody> .New(new CreatePrescriptionRequestBody { Id = $"id-{Guid.NewGuid().ToString()}", Request = createPrescriptionRequest }) .AddTimestamp(issueInstant, issueInstant.AddHours(1)) .AddSAMLAssertion(assertion) .AddReferenceToSAMLAssertion() .SignWithCertificate(orgCertificate) .Build(); var result = await _soapClient.Send(soapRequest, new Uri(_options.PrescriberUrl), "urn:be:fgov:ehealth:recipe:protocol:v4:createPrescription"); var xml = await result.Content.ReadAsStringAsync(); result.EnsureSuccessStatusCode(); var response = SOAPEnvelope <CreatePrescriptionResponseBody> .Deserialize(xml); var securedContent = response.Body.CreatePrescriptionResponse.SecuredGetPrescriptionResponse.SecuredContent; byte[] decrypted; using (var decryptor = symKey.CreateDecryptor()) { var payload = Convert.FromBase64String(securedContent); decrypted = decryptor.TransformFinalBlock(payload, 0, payload.Length); } xml = Encoding.UTF8.GetString(decrypted); xml = xml.ClearBadFormat(); return(CreatePrescriptionResult.Deserialize(xml)); }