public iDealResponse HandleResponse(string response, ISignatureProvider signatureProvider)
{
var xDocument = XElement.Parse(response);
if (!signatureProvider.VerifySignature(response))
{
throw new InvalidSignatureException();
}
switch (xDocument.Name.LocalName)
{
case "DirectoryRes":
return new DirectoryResponse(response);
case "AcquirerTrxRes":
return new TransactionResponse(response);
case "AcquirerStatusRes":
var statusResponse = new StatusResponse(response);
return statusResponse;
case "AcquirerErrorRes":
throw new iDealException(xDocument);
default:
throw new InvalidDataException("Unknown response");
}
}
public iDealResponse HandleResponse(string response, ISignatureProvider signatureProvider)
{
var xDocument = XElement.Parse(response);
switch (xDocument.Name.LocalName)
{
case "DirectoryRes":
return new DirectoryResponse(response);
case "AcquirerTrxRes":
return new TransactionResponse(response);
case "AcquirerStatusRes":
var statusResponse = new StatusResponse(response);
// Check fingerprint
if (statusResponse.Fingerprint != signatureProvider.GetThumbprintAcquirerCertificate())
throw new SecurityException("Signature fingerprint from status respone does not match fingerprint acquirer's certificate");
// Check digital signature
if (!signatureProvider.VerifySignature(statusResponse.SignatureValue, statusResponse.MessageDigest))
throw new SecurityException("Signature status response from acquirer's certificate is not valid");
return statusResponse;
case "ErrorRes":
throw new iDealException(xDocument);
default:
throw new InvalidDataException("Unknown response");
}
}
public iDealResponse HandleResponse(string response, ISignatureProvider signatureProvider)
{
var xDocument = XElement.Parse(response);
if (!signatureProvider.VerifySignature(response))
{
throw new InvalidSignatureException();
}
switch (xDocument.Name.LocalName)
{
case "DirectoryRes":
return(new DirectoryResponse(response));
case "AcquirerTrxRes":
return(new TransactionResponse(response));
case "AcquirerStatusRes":
var statusResponse = new StatusResponse(response);
return(statusResponse);
case "AcquirerErrorRes":
throw new iDealException(xDocument);
default:
throw new InvalidDataException("Unknown response");
}
}
public void Execute(VerifySignatureCommand command)
{
bool isValid = signatureProvider.VerifySignature(command.PublicKey, command.Signature);
if (!isValid)
{
throw new CryptographicException("The provided signature is not valid for the given content.");
}
}
private bool VerifySignature(string url, string startMoment, string expiryMoment, string signature)
{
if (string.IsNullOrEmpty(signature))
{
return(false);
}
var data = string.Concat(url, startMoment, expiryMoment);
return(_signatureProvider.VerifySignature(data, signature));
}
/// <summary>
/// Verify the signature against the unsigned data. The encryptedData is decrypted using the public key and
/// the unsignedData is hashed and compared to the un-encrypted signed data using the supplied SignatureProvider.
/// </summary>
/// <param name="unsignedData">The raw, unencrypted data to be hashed and compared.</param>
/// <param name="encryptedData">The data that has been hashed and encrypted with the private key.</param>
/// <param name="signatureProvider">The signature provider that matches the algorithm used to generate the original signature</param>
/// <returns>Boolean representing whether the signature was valid (verified)</returns>
public bool VerifyData(byte[] unsignedData, byte[] encryptedData, ISignatureProvider signatureProvider)
{
if (m_isBusy == true)
{
throw new CryptographicException("Operation cannot be performed while a current key generation operation is in progress.");
}
if (m_KeyLoaded == false)
{
throw new CryptographicException("No key has been loaded. You must import a key or make a call to GenerateKeys() before performing data operations.");
}
return(signatureProvider.VerifySignature(unsignedData, DoDecryptPublic(ref encryptedData), m_RSAParams));
}
public iDealResponse HandleResponse(string response, ISignatureProvider signatureProvider)
{
var xDocument = XElement.Parse(response);
switch (xDocument.Name.LocalName)
{
case "DirectoryRes":
return(new DirectoryResponse(response));
case "AcquirerTrxRes":
return(new TransactionResponse(response));
case "AcquirerStatusRes":
var statusResponse = new StatusResponse(response);
// Check fingerprint
if (statusResponse.Fingerprint != signatureProvider.GetThumbprintAcquirerCertificate())
{
throw new SecurityException("Signature fingerprint from status respone does not match fingerprint acquirer's certificate");
}
// Check digital signature
if (!signatureProvider.VerifySignature(statusResponse.SignatureValue, statusResponse.MessageDigest))
{
throw new SecurityException("Signature status response from acquirer's certificate is not valid");
}
return(statusResponse);
case "ErrorRes":
throw new iDealException(xDocument);
default:
throw new InvalidDataException("Unknown response");
}
}
/// <summary>
/// Verify the signature against the unsigned data. The encryptedData is decrypted using the public key and
/// the unsignedData is hashed and compared to the un-encrypted signed data using the supplied SignatureProvider.
/// </summary>
/// <param name="unsignedData">The raw, unencrypted data to be hashed and compared.</param>
/// <param name="encryptedData">The data that has been hashed and encrypted with the private key.</param>
/// <param name="signatureProvider">The signature provider that matches the algorithm used to generate the original signature</param>
/// <returns>Boolean representing whether the signature was valid (verified)</returns>
public bool VerifyData(byte[] unsignedData, byte[] encryptedData, ISignatureProvider signatureProvider)
{
if (m_isBusy == true)
throw new CryptographicException("Operation cannot be performed while a current key generation operation is in progress.");
if (m_KeyLoaded == false)
throw new CryptographicException("No key has been loaded. You must import a key or make a call to GenerateKeys() before performing data operations.");
return signatureProvider.VerifySignature(unsignedData, DoDecryptPublic(ref encryptedData), m_RSAParams);
}