public void AddKey_ShouldOverwrite() { var km = new EntityKeyMap(); var rsa = new RSACryptoServiceProvider(); var identifier = new EntityIdentifier(EntityType.Directory, Guid.NewGuid()); km.AddKey(identifier, "key", rsa); var rsa2 = km.GetKey(identifier, "key"); Assert.AreSame(rsa, rsa2); var rsa3 = new RSACryptoServiceProvider(); km.AddKey(identifier, "key", rsa3); var rsa4 = km.GetKey(identifier, "key"); Assert.AreSame(rsa3, rsa4); }
public ServiceV3AuthsGetResponse ServiceV3AuthsGet(Guid authRequestId, EntityIdentifier subject) { var response = ExecuteRequest(HttpMethod.GET, $"/service/v3/auths/{authRequestId}", subject, null, new List <int> { 408 }); if ((int)response.StatusCode == 204) { // user has not responded yet return(null); } if ((int)response.StatusCode == 408) { throw new AuthorizationRequestTimedOutError(); } try { var coreResponse = DecryptResponse <ServiceV3AuthsGetResponseCore>(response); var jwtHeader = response.Headers[IOV_JWT_HEADER]; var jwtData = _jwtService.GetJWTData(jwtHeader); var audience = EntityIdentifier.FromString(jwtData.Audience); var key = _keyMap.GetKey(audience, coreResponse.PublicKeyId); bool authResponse = false; string deviceId = null; string[] servicePins = null; string type; string reason; string denialReason; AuthPolicy.JWEAuthPolicy authPolicy; AuthPolicy.AuthMethod[] authMethods; try { if (coreResponse.JweEncryptedDeviceResponse != null) { var decryptedResponse = DecryptJweData(coreResponse.JweEncryptedDeviceResponse); var deviceResponse = DecodeResponse <ServiceV3AuthsGetResponseDeviceJWE>(decryptedResponse); authResponse = deviceResponse.Type == "AUTHORIZED"; deviceId = deviceResponse.DeviceId; servicePins = deviceResponse.ServicePins; type = deviceResponse.Type; reason = deviceResponse.Reason; denialReason = deviceResponse.DenialReason; authPolicy = deviceResponse.AuthPolicy; authMethods = deviceResponse.AuthMethods; } else { var encryptedDeviceResponse = Convert.FromBase64String(coreResponse.EncryptedDeviceResponse); var decryptedResponse = _crypto.DecryptRSA(encryptedDeviceResponse, key); var decryptedResponseString = Encoding.UTF8.GetString(decryptedResponse); var deviceResponse = _jsonDecoder.DecodeObject <ServiceV3AuthsGetResponseDevice>(decryptedResponseString); authResponse = deviceResponse.Response; deviceId = deviceResponse.DeviceId; servicePins = deviceResponse.ServicePins; type = null; reason = null; denialReason = null; authPolicy = null; authMethods = null; } return(new ServiceV3AuthsGetResponse( audience, subject.Id, coreResponse.ServiceUserHash, coreResponse.OrgUserHash, coreResponse.UserPushId, authRequestId, authResponse, deviceId, servicePins, type, reason, denialReason, authPolicy, authMethods )); } catch (Exception ex) { throw new CryptographyError("Error decrypting device response", ex); } } catch (JwtError ex) { throw new CryptographyError("Unable to parse JWT to get key info", ex); } }
public void GetKey_ShouldThrowNoKeyFoundException() { var km = new EntityKeyMap(); km.GetKey(new EntityIdentifier(EntityType.Organization, Guid.NewGuid()), "key"); }