public static void ItDecryptsLicense()
{
var keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
var pair = keyGen.GenerateKeyPair();
string expected;
string encryptedLicenseWithGrants = GenerateLicenseXmlWithEncryptedGrants((RsaKeyParameters)pair.Public, out expected);
Assert.Contains("hello", expected);
Assert.DoesNotContain("hello", encryptedLicenseWithGrants);
XmlNamespaceManager nsManager;
XmlDocument toDecrypt = LoadXmlWithLicenseNs(encryptedLicenseWithGrants, out nsManager);
var decryptor = new XmlLicenseEncryptedRef();
var transform = new XmlLicenseTransform()
{
Decryptor = decryptor,
Context = FindLicenseTransformContext(toDecrypt, nsManager)
};
decryptor.AddAsymmetricKey(pair);
transform.LoadInput(null);
XmlDocument decryptedDoc = transform.GetOutput() as XmlDocument;
Assert.NotNull(decryptedDoc);
string decrypted = decryptedDoc.OuterXml;
Assert.Equal(expected, decrypted);
}
public static void ItDecryptsLicense()
{
using (var key = RSA.Create())
{
string expected;
string encryptedLicenseWithGrants = GenerateLicenseXmlWithEncryptedGrants(key, out expected);
Assert.Contains("hello", expected);
Assert.DoesNotContain("hello", encryptedLicenseWithGrants);
XmlNamespaceManager nsManager;
XmlDocument toDecrypt = LoadXmlWithLicenseNs(encryptedLicenseWithGrants, out nsManager);
var decryptor = new XmlLicenseEncryptedRef();
var transform = new XmlLicenseTransform()
{
Decryptor = decryptor,
Context = FindLicenseTransformContext(toDecrypt, nsManager)
};
decryptor.AddAsymmetricKey(key);
// Context is the input for this transform, argument is always ignored
transform.LoadInput(null);
XmlDocument decryptedDoc = transform.GetOutput() as XmlDocument;
Assert.NotNull(decryptedDoc);
string decrypted = decryptedDoc.OuterXml;
Assert.Equal(expected, decrypted);
}
}
/// <summary>
/// Verifies the Signature and Licence Info in the Certificate
/// </summary>
/// <param name="path">Path to the certificate file</param>
/// <returns>true if 'sign' matches the signature computed using the specified hash algorithm and key on 'Signature' and 'Digest' matches the computed hash for license; otherwise, false.</returns>
static bool VerifyCertSignature(string path)
{
XmlDocument doc = new XmlDocument();
doc.Load(path);
XmlDsigC14NTransform transform = new XmlDsigC14NTransform();
transform.LoadInput(new MemoryStream(Encoding.UTF8.GetBytes(doc.GetElementsByTagName("SignedInfo")[0].OuterXml)));
byte[] siHash = transform.GetDigestedOutput(SHA1.Create());
byte[] Signature = Convert.FromBase64String(doc.GetElementsByTagName("SignatureValue")[0].InnerText);
byte[] Modulus = Convert.FromBase64String(doc.GetElementsByTagName("Modulus")[0].InnerText);
byte[] Exponent = Convert.FromBase64String(doc.GetElementsByTagName("Exponent")[0].InnerText);
string Digest = doc.GetElementsByTagName("DigestValue")[0].InnerText;
RSAParameters parameter = new RSAParameters();
parameter.Modulus = Modulus;
parameter.Exponent = Exponent;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(parameter);
RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(rsa);
rsaDeformatter.SetHashAlgorithm("SHA1");
bool sign = rsaDeformatter.VerifySignature(siHash, Signature);
XmlLicenseTransform License = new XmlLicenseTransform();
License.Context = (XmlElement)doc.GetElementsByTagName("Signature")[0];
License.LoadInput(doc);
transform = new XmlDsigC14NTransform();
transform.LoadInput(License.GetOutput());
string dvHash = Convert.ToBase64String(transform.GetDigestedOutput(SHA1.Create()));
return(sign && dvHash.Equals(Digest));
}
