| public static Decrypt ( byte encryptedBytes, byte cryptKey, byte iv ) : byte[] | ||
| encryptedBytes | byte | |
| cryptKey | byte | |
| iv | byte | |
| Résultat | byte[] | |
public WebServiceException DecryptedException(WebServiceException ex, SymmetricAlgorithm aes)
{
var encResponse = ex.ResponseDto as EncryptedMessageResponse;
if (encResponse != null)
{
var responseJson = AesUtils.Decrypt(encResponse.EncryptedBody, aes.Key, aes.IV);
var errorResponse = JsonServiceClient.FromJson <ErrorResponse>(responseJson);
ex.ResponseDto = errorResponse;
}
return(ex);
}
public TResponse Send <TResponse>(string httpMethod, object request)
{
using (var aes = new AesManaged {
KeySize = AesUtils.KeySize
})
{
try
{
var encryptedMessage = CreateEncryptedMessage(request, request.GetType().Name, aes, httpMethod);
var encResponse = Client.Send(encryptedMessage);
var responseJson = AesUtils.Decrypt(encResponse.EncryptedBody, aes.Key, aes.IV);
var response = JsonServiceClient.FromJson <TResponse>(responseJson);
return(response);
}
catch (WebServiceException ex)
{
throw DecryptedException(ex, aes);
}
}
}
public List <TResponse> SendAll <TResponse>(IEnumerable <IReturn <TResponse> > requests)
{
using (var aes = new AesManaged {
KeySize = AesUtils.KeySize
})
{
try
{
var elType = requests.GetType().GetCollectionType();
var encryptedMessage = CreateEncryptedMessage(requests, elType.Name + "[]", aes);
var encResponse = Client.Send(encryptedMessage);
var responseJson = AesUtils.Decrypt(encResponse.EncryptedBody, aes.Key, aes.IV);
var response = JsonServiceClient.FromJson <List <TResponse> >(responseJson);
return(response);
}
catch (WebServiceException ex)
{
throw DecryptedException(ex, aes);
}
}
}
public void Register(IAppHost appHost)
{
if (PrivateKey == null)
{
PrivateKey = RsaUtils.CreatePrivateKeyParams();
}
appHost.RegisterService(typeof(EncryptedMessagesService), PublicKeyPath);
appHost.RequestConverters.Add((req, requestDto) =>
{
var encRequest = requestDto as EncryptedMessage;
if (encRequest == null)
{
return(null);
}
byte[] aesKey = null;
byte[] iv = null;
try
{
var rsaEncAesKeyBytes = RsaUtils.Decrypt(Convert.FromBase64String(encRequest.EncryptedSymmetricKey), PrivateKey.Value);
aesKey = new byte[AesUtils.KeySize / 8];
iv = new byte[AesUtils.IvSize / 8];
Buffer.BlockCopy(rsaEncAesKeyBytes, 0, aesKey, 0, aesKey.Length);
Buffer.BlockCopy(rsaEncAesKeyBytes, aesKey.Length, iv, 0, iv.Length);
if (nonceCache.ContainsKey(iv))
{
throw HttpError.Forbidden(ErrorNonceSeen);
}
var now = DateTime.UtcNow;
nonceCache.TryAdd(iv, now.Add(MaxRequestAge));
var requestBodyBytes = AesUtils.Decrypt(Convert.FromBase64String(encRequest.EncryptedBody), aesKey, iv);
var requestBody = requestBodyBytes.FromUtf8Bytes();
if (string.IsNullOrEmpty(requestBody))
{
throw new ArgumentNullException("EncryptedBody");
}
var parts = requestBody.SplitOnFirst(' ');
var unixTime = int.Parse(parts[0]);
var minRequestDate = now.Subtract(MaxRequestAge);
if (unixTime.FromUnixTime() < minRequestDate)
{
throw HttpError.Forbidden(ErrorRequestTooOld);
}
DateTime expiredEntry;
nonceCache.Where(x => now > x.Value).ToList()
.Each(entry => nonceCache.TryRemove(entry.Key, out expiredEntry));
parts = parts[1].SplitOnFirst(' ');
req.Items[Keywords.InvokeVerb] = parts[0];
parts = parts[1].SplitOnFirst(' ');
var operationName = parts[0];
var requestJson = parts[1];
var requestType = appHost.Metadata.GetOperationType(operationName);
var request = JsonSerializer.DeserializeFromString(requestJson, requestType);
req.Items[RequestItemsAesKey] = aesKey;
req.Items[RequestItemsIv] = iv;
return(request);
}
catch (Exception ex)
{
WriteEncryptedError(req, aesKey, iv, ex, ErrorInvalidMessage);
return(null);
}
});
appHost.ResponseConverters.Add((req, response) =>
{
object oAesKey;
object oIv;
if (!req.Items.TryGetValue(RequestItemsAesKey, out oAesKey) ||
!req.Items.TryGetValue(RequestItemsIv, out oIv))
{
return(null);
}
req.Response.ClearCookies();
var ex = response as Exception;
if (ex != null)
{
WriteEncryptedError(req, (byte[])oAesKey, (byte[])oIv, ex);
return(null);
}
var responseBody = response.ToJson();
var encryptedBody = AesUtils.Encrypt(responseBody, (byte[])oAesKey, (byte[])oIv);
return(new EncryptedMessageResponse
{
EncryptedBody = encryptedBody
});
});
}
