/// <summary> /// POST Request From Wechat /// </summary> /// <param name="AppID"></param> /// <param name="signature"></param> /// <param name="timestamp"></param> /// <param name="nonce"></param> /// <returns></returns> public IHttpActionResult Post(String AppID, [FromUri] String signature, [FromUri] String timestamp, [FromUri]String nonce) { try { IWechatConfig config = SimpleWechatConfigManager.GetInstance().FetchSelectedConfig(AppID); logger.DebugFormat(@"The app [{1}] token is [{0}]", config.Token ?? @"Nu1l", AppID ?? @"Nu1l"); String request = this.Request.Content.ReadAsStringAsync().Result; logger.DebugFormat(@"The post AppID is [{0}], signature is [{2}], timestamp is [{3}], request is [{1}]", AppID ?? @"Nu1l", request ?? @"Nu1l", signature ?? @"Nu1l", timestamp ?? @"Nu1l"); if ( ( !String.IsNullOrEmpty(signature) && !String.IsNullOrEmpty(timestamp) && !String.IsNullOrEmpty(nonce)) || _FORCE_SIGNATURE_FLAG) { MessageCryptErrorCode retCode = SignatureVerifier.VerifySignature(config.Token, timestamp, nonce, request, signature); if (retCode != MessageCryptErrorCode.WXMsgCrypt_OK) throw new ApplicationException(@"verify signature failed"); } return NotFound(); } catch (Exception ex) { logger.Error(ex); return BadRequest(); } }
public async void InstallUpdate(AppCastItem item, string installPath = null) { var path = installPath != null && File.Exists(installPath) ? installPath : await GetDownloadPathForAppCastItem(item); if (File.Exists(path)) { NetSparkleUpdater.Enums.ValidationResult result; try { result = SignatureVerifier.VerifySignatureOfFile(item.DownloadSignature, path); } catch (Exception exc) { Log.Error("Error validating signature of file: {0}; {1}", exc.Message, exc.StackTrace); result = NetSparkleUpdater.Enums.ValidationResult.Invalid; } if (result == NetSparkleUpdater.Enums.ValidationResult.Valid) { await RunDownloadedInstaller(path); } } }
public DeliverToActivityPubTask(EventQueueItem item, IEntityStore entityStore, EntityFlattener entityFlattener, IServiceProvider serviceProvider, DeliveryService deliveryService, SignatureVerifier verifier, KeyService keyService) : base(item) { _entityStore = entityStore; _entityFlattener = entityFlattener; _serviceProvider = serviceProvider; _deliveryService = deliveryService; _verifier = verifier; _keyService = keyService; }
public void VerifySignature() { var signature = TestdataLoader.ReadFromResource("signature.p7s"); var signedData = TestdataLoader.ReadFromResource("signedData.xml"); var signatureVerifier = new SignatureVerifier(); var certificate = signatureVerifier.Validate(signedData, signature); certificate.Should().NotBeNull(); }
public DeliverToActivityPubTask(EventQueueItem item, IEntityStore entityStore, EntityFlattener entityFlattener, IServiceProvider serviceProvider, DeliveryService deliveryService, APContext context, EntityData data, SignatureVerifier verifier) : base(item) { _entityStore = entityStore; _entityFlattener = entityFlattener; _serviceProvider = serviceProvider; _deliveryService = deliveryService; _context = context; _data = data; _verifier = verifier; }
public void PublicKeyImportWithPrivateKeyShouldFail() { bool isValid = SignatureVerifier.IsSignatureValid("this-is-not-important", "absAUKYl78KAI3aA8FDWE2y2JATOCz7OUKG1hVhFNOyjSfwlGXhMA4oe3qou6JEnuKlsx+AqS5O+nz0oJ68FR7gLU8NPrWjVIWqFTyQMS0ntDRMEUl3oZXXD24fy+NaUOZ6o9OPxFASlEN/ueplXSgcedpXLfo0cfWQWM0GcTJ4=", //next we will give public private exported csp "BwIAAACkAABSU0EyAAQAAAEAAQBXZXt7QOileknWzBH2Sg+Yk4INDTbKA5XUUfUe23zUmr6eM1USCNHX3lidZfjk5Emuui1m8k0KnghxcJfOau8iPRpLg/lubMNojpLGe2MXn5GsyjgEpVdE+Cf0pLBAYHcBuBYHj99muMsJrJW1/InbKFa24JuVnBr+MybPuMXqtc9Ehyz/oomfsO6eYguHP4sqrvB595AFTtkKE7TcGmbt1dUWkSTxT0vfkvbVj0C/H8d7XlshIHlG1m2BEnFNi+T5CM2o0MH54c8DXKRhEujS+xeuk+u9POwL2/XLIvUcfMhL6Pt3o+Dk7HRkT3SPhRa/yJeZ1JEHpoVkYJOVfcXLfwijulTXJughtRpgd+0CBk4JSLYj0fkY+QyRWtuHQfAXTscNGGyW8uIMvHfPdNNOwuiKC4yZLfHuw+hQ1FDtTgH+iJ3nW5fwcIKudN0wusnRE3RIDo8QZky8AvAPb9Z/KbZHhpYXriWyfBKAfP9izhZaIcrRT6Fu+N9E+7oWkQY82jRwv237qtKOuqKl/WGcQE42vfBHWxmeKnBSzKZq8o+92oc06o2PYXqNqt38JOXn34W64nccPvINJJMIQ2UFoSydNf9D6iyxde86RDgSbNMxjqwEY3MiQmRs+QTG/8gwm5aiZG9Kr7K+3Vs65yr0NCwBmZ0DqMowmMbaeTrP3JYS/Ngr22p5vqtsYSTTGn/tU9mBL2asfWO4dxvkNXHCDNmendlCwvYKQZJONTS+GgxDfeC5i/lThMP1ua64H3I=" ); Assert.True(!isValid); }
public void Verify_Returns_True_When_Timestamp_And_Signature_Are_Valid() { var timestamp = DateTimeOffset.UnixEpoch.ToUnixTimeSeconds(); var verifier = new SignatureVerifier( Secret, TimeSpan.FromSeconds(int.MaxValue)); var actual = verifier.Verify( "v0=213cb52f067f4cd9faa388704ba5eac347bc79df40fc4491590cd4d8571b8af1", timestamp, "message"); Assert.True(actual); }
public void Verify_Returns_False_When_Signature_Is_Not_Valid() { var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds(); var verifier = new SignatureVerifier( Secret, TimeSpan.FromSeconds(TimeDeltaToleranceSeconds)); var actual = verifier.Verify( "signature", timestamp, "message"); Assert.False(actual); }
static void Main(string[] args) { SignatureVerifier signatureVerifier = new SignatureVerifier(); RNGRandomGenerator rngGenerator = new RNGRandomGenerator(); EmailSender emailSender = new EmailSender(); BlindChatDbContext context = new BlindChatDbContext(); GroupRepository groupRepository = new GroupRepository(context); APIServer server = new APIServer(groupRepository, emailSender, rngGenerator, signatureVerifier); CertificateGenerator generator = new CertificateGenerator(); int userInput = 0; do { userInput = DisplayMenu(); switch (userInput.ToString()) { case "1": CreateGroup(server, generator); break; case "2": InviteParticipants(context, server); break; case "3": RegisterParticipant(server, groupRepository, generator); break; case "4": SignCertificate(server); break; case "5": SaveBlindParticipant(server, groupRepository); break; case "6": SendMessageOnGroup(server, groupRepository); break; default: Console.WriteLine("Default case"); break; } } while (userInput != 7); }
public AuthController(APContext context, UserManager <APUser> userManager, SignInManager <APUser> signInManager, JwtTokenSettings tokenSettings, EntityFlattener entityFlattener, IEntityStore entityStore, AtomEntryParser entryParser, AtomEntryGenerator entryGenerator, EntityData entityConfiguration, IDataProtectionProvider dataProtectionProvider, IConfigurationRoot configuration, DeliveryService deliveryService, SignatureVerifier verifier) { _context = context; _userManager = userManager; _signInManager = signInManager; _tokenSettings = tokenSettings; _entityFlattener = entityFlattener; _entityStore = entityStore; _entryParser = entryParser; _entryGenerator = entryGenerator; _entityConfiguration = entityConfiguration; _dataProtector = dataProtectionProvider.CreateProtector("OAuth tokens"); _configuration = configuration; _deliveryService = deliveryService; _verifier = verifier; }
public void Verify_Returns_False_When_Timestamp_Has_Expired() { var expiredTimestamp = DateTimeOffset.UtcNow.AddSeconds(-TimeDeltaToleranceSeconds + 1) .ToUnixTimeSeconds(); var verifier = new SignatureVerifier( Secret, TimeSpan.FromSeconds(TimeDeltaToleranceSeconds)); var actual = verifier.Verify( "signature", expiredTimestamp, "message"); Assert.False(actual); }
public ActionResult PostInfluxTelemetry([FromBody] InfluxTelemetry telemetryPackage) { // verify in coming data if (telemetryPackage?.NodeId == null || string.IsNullOrWhiteSpace(telemetryPackage.Signature) || telemetryPackage.Payload == null || telemetryPackage.Payload.Count == 0) { Console.WriteLine("bad request"); return(BadRequest()); } // Get Node key from keystore string nodeKey; try { nodeKey = _keyStore.GetKeyForNode(telemetryPackage.NodeId); } catch (KeyNotFoundException) { Console.WriteLine($"Node Unknown: {telemetryPackage.NodeId}"); return(StatusCode(403)); } // Verify Signature string signedPayload = string.Join("", telemetryPackage.Payload); bool signatureValid = SignatureVerifier.IsSignatureValid(signedPayload, telemetryPackage.Signature, nodeKey); if (!signatureValid) { Console.WriteLine($"Bad signature from node: {telemetryPackage.NodeId}"); return(StatusCode(403)); } Console.WriteLine($"Accepted telemetry from {telemetryPackage.NodeId} [{telemetryPackage.Payload.Count} metrics]"); // Signature valid - record to db if (_influx.Enqueue(telemetryPackage.Payload, true)) { return(Accepted()); } else { return(StatusCode(400)); } }
public AuthController(DbConnection connection, UserManager <APUser> userManager, SignInManager <APUser> signInManager, JwtTokenSettings tokenSettings, EntityFlattener entityFlattener, IEntityStore entityStore, EntityData entityConfiguration, IDataProtectionProvider dataProtectionProvider, IConfigurationRoot configuration, DeliveryService deliveryService, SignatureVerifier verifier, IServiceProvider provider, CollectionTools collectionTools, RelevantEntitiesService relevantEntities) { _connection = connection; _userManager = userManager; _signInManager = signInManager; _tokenSettings = tokenSettings; _entityFlattener = entityFlattener; _entityStore = entityStore; _entityConfiguration = entityConfiguration; _dataProtector = dataProtectionProvider.CreateProtector("OAuth tokens"); _configuration = configuration; _deliveryService = deliveryService; _verifier = verifier; _provider = provider; _collectionTools = collectionTools; _relevantEntities = relevantEntities; }
public GetEntityHandler(DbConnection connection, EntityFlattener flattener, IEntityStore mainStore, IServiceProvider serviceProvider, DeliveryService deliveryService, ServerConfig entityData, ClaimsPrincipal user, CollectionTools collectionTools, INotifier notifier, JwtTokenSettings tokenSettings, SignatureVerifier verifier, IAuthorizer authorizer) { _connection = connection; _flattener = flattener; _mainStore = mainStore; _serviceProvider = serviceProvider; _entityData = entityData; _deliveryService = deliveryService; _user = user; _collectionTools = collectionTools; _notifier = notifier; _tokenSettings = tokenSettings; _verifier = verifier; _authorizer = authorizer; }
public GetEntityHandler(APContext acontext, EntityFlattener flattener, IEntityStore mainStore, AtomEntryGenerator entryGenerator, IServiceProvider serviceProvider, DeliveryService deliveryService, EntityData entityData, ClaimsPrincipal user, CollectionTools collectionTools, INotifier notifier, JwtTokenSettings tokenSettings, SignatureVerifier verifier) { _context = acontext; _flattener = flattener; _mainStore = mainStore; _entryGenerator = entryGenerator; _serviceProvider = serviceProvider; _entityData = entityData; _deliveryService = deliveryService; _user = user; _collectionTools = collectionTools; _notifier = notifier; _tokenSettings = tokenSettings; _verifier = verifier; }
public static PayloadSignatureTuple CreateSamplePayload(int numberOfEvents, bool useValidSigningKey, int firstSequenceNumber) { var sampleEvents = CreateThisManyEvents(numberOfEvents); var payload = new Payload { Events = sampleEvents, FirstEventSequence = firstSequenceNumber, LastEventSequence = firstSequenceNumber + numberOfEvents - 1 }; var payloadString = JsonConvert.SerializeObject(payload); var signature = new SignatureVerifier().GenerateSignature(useValidSigningKey ? File.ReadAllText("Resources/SigningKey.txt") : "InvalidKey", payloadString); return(new PayloadSignatureTuple(payload, signature)); }
public IActionResult Verify([FromQuery] string signature) { var userAgent = Request.Headers["User-Agent"].ToString(); var adscoreKey = "KEY_GOES_HERE"; List <string> ipAddresses = GetIpAddresses(); var verifyResult = SignatureVerifier.Verify(signature, userAgent, "customer", adscoreKey, ipAddresses.ToArray()); // Possible scores and verdicts: // score verdict // 0 "ok" // 3 "junk" // 6 "proxy" // 9 "bot" // null "no verdict" (verification is not possible. Check error for more details) var score = verifyResult.Score; var verdict = verifyResult.Verdict; // Error message explaining e.g why "bot" score has been assigned to given request var error = verifyResult.Error; // Ip addresses used to check against the signature. It can be either IPv4 or IPv6 var ipAddress = verifyResult.IpAddress; // Epoch millis when request has been executed, resolved from the signature var requestTime = verifyResult.RequestTime; // Epoch millis when signature for given request has been generated var signatureTime = verifyResult.SignatureTime; // True if either requestTime or signatureTime expired var expired = verifyResult.Expired; return(Ok(String.Format("Score:{0}, verdict:{1}, expired:{2}, error:{3}, ipAddress:{4}, requestTime:{5}, signatureTime:{6}", score, verdict, expired, error, ipAddress, requestTime, signatureTime))); }
public static PayloadSignatureTuple CreateSamplePayload(int numberOfEvents, bool useValidSigningKey, int firstSequenceNumber) { var sampleEvents = CreateThisManyEvents(numberOfEvents); var payload = new Payload { Events = sampleEvents, FirstEventSequence = firstSequenceNumber, LastEventSequence = firstSequenceNumber + numberOfEvents - 1 }; var payloadString = JsonConvert.SerializeObject(payload); string signature; if (useValidSigningKey) { var configuration = new ConfigurationBuilder() .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true) .Build(); var webhookSettings = configuration.GetSection("WebhookSettings").Get <WebhookSettings>(); signature = new SignatureVerifier(webhookSettings).GenerateSignature(payloadString); } else { var webhookSettings = new WebhookSettings { SigningKey = "InvalidKey" }; signature = new SignatureVerifier(webhookSettings).GenerateSignature(payloadString); } return(new PayloadSignatureTuple(payload, signature)); }
public asicManifest VerifiedManifest() { if (Signatures?.Containers?.FirstOrDefault() != null && CadesManifest != null) { var certificate = new SignatureVerifier().Validate( GetCadesManifestBlob(), Signatures.Containers.FirstOrDefault().Data.ToArray()); return(new asicManifest { certificate = new[] { certificate }, file = CadesManifest.Digests.Select(d => new asicFile { digest = d.Value.Digest.ToArray(), mimetype = d.Value.MimeType.ToString(), name = d.Value.Name, verified = true }).ToArray(), rootfile = CadesManifest.RootFile }); } return(null); }
public ActionResult PostRealTimeTelemetry([FromBody] RealTimeTelemetry realTimePackage) { // verify incoming data if (realTimePackage?.NodeId == null || string.IsNullOrWhiteSpace(realTimePackage.Signature) || realTimePackage.Payload == null || string.IsNullOrWhiteSpace(realTimePackage.Payload.Client) || string.IsNullOrWhiteSpace(realTimePackage.Payload.BlockHash) ) { Console.WriteLine("Bad Request: " + JsonConvert.SerializeObject(realTimePackage, Formatting.Indented)); return(BadRequest()); } // Get Node key from keystore string nodeKey; try { nodeKey = _keyStore.GetKeyForNode(realTimePackage.NodeId); } catch (KeyNotFoundException) { Console.WriteLine($"Node Unknown: {realTimePackage.NodeId}"); return(StatusCode(403)); } // Verify Signature string payload = JsonConvert.SerializeObject(realTimePackage.Payload); bool signatureValid = SignatureVerifier.IsSignatureValid(payload, realTimePackage.Signature, nodeKey); if (!signatureValid) { Console.WriteLine($"Bad signature from node: {realTimePackage.NodeId}"); return(StatusCode(403)); } //Point format |measurement|,tag_set| |field_set| |timestamp| //create a point from incoming JSON Console.WriteLine($"Accepted RT telemetry from {realTimePackage.NodeId} "); long nanotimestamp = (long)(realTimePackage.Payload.BlockReceived * 1e9); string influxPoint = string.Format("parity,nodeid={0},client={1} blocknum={2},numpeers={3},blockts={4},numtxinblock={5},propagationtime={6},gaslimit={8},gasused={9} {7}", realTimePackage.NodeId, realTimePackage.Payload.Client, realTimePackage.Payload.BlockNum, realTimePackage.Payload.NumPeers, realTimePackage.Payload.BlockTS, realTimePackage.Payload.NumTxInBlock, (realTimePackage.Payload.BlockReceived - realTimePackage.Payload.BlockTS), nanotimestamp, realTimePackage.Payload.GasLimit, realTimePackage.Payload.GasUsed); // Signature valid - record to db if (_influx.Enqueue(influxPoint, true)) { return(Accepted()); } else { return(StatusCode(400)); } }
static void Main(string[] args) { //Asta va fi inlocuit cu un API call SignatureVerifier signatureVerifier = new SignatureVerifier(); RNGRandomGenerator rngGenerator = new RNGRandomGenerator(); EmailSender emailSender = new EmailSender(); BlindChatDbContext context = new BlindChatDbContext(); GroupRepository groupRepository = new GroupRepository(context); APIServer server = new APIServer(groupRepository, emailSender, rngGenerator, signatureVerifier); //Set participants List <Participant> unconfirmedParticipants = server.GetParticipantsToConfirm("Loazarii"); foreach (var participant in unconfirmedParticipants) { int invitationCode = participant.InvitationCode; Guid groupId = (Guid)participant.GroupId; string email = participant.Email; Group group = server.GetGroup(participant.InvitationCode); ClientParticipant clientParticipant = new ClientParticipant(server, groupRepository); var groupPublicKey = clientParticipant.GetGroupDetails(invitationCode); //Generate certificate CertificateGenerator generator = new CertificateGenerator(); var participantKeys = generator.GenerateCertificate("C=RO,O=Qubiz", TimeSpan.FromDays(1), "certParticipant.pfx", "Test.123"); //Serialize var privateSerializedKey = RsaKeyUtils.GetSerializedPrivateKey(participantKeys.Private); var publicSerializedKey = RsaKeyUtils.GetSerializedPublicKey(participantKeys.Public); //Concatenante serialized key var content = RsaKeyUtils.Combine(publicSerializedKey, privateSerializedKey); //Generate blind content ContentBlinder contentBlinder = new ContentBlinder((RsaKeyParameters)groupPublicKey, "Loazarii"); var blindedContent = contentBlinder.GetBlindedContent(content); var groupRegistration = clientParticipant.GetGroupRegistration(invitationCode, (RsaKeyParameters)participantKeys.Public); //Save blindedCertificate clientParticipant.RegisterBlindCertificate(invitationCode, groupRegistration); //Send for sign DONE //Get blindSignature var blindMessage = server.GetSignedMessage(groupId, email); var signature = Convert.FromBase64CharArray(blindMessage.Signature.ToCharArray(), 0, blindMessage.Signature.Length); //Unblind signature var unblindedSignature = contentBlinder.GetUnblindedSignature(signature); //Verify var verifiedParticipant = clientParticipant.CheckVerifiedEntity(group, participant.Email, groupRegistration); clientParticipant.AddClientCertificate(verifiedParticipant, group, email); ParticipantMessage message = new ParticipantMessage(); message.Message = "Andreiu, ce nevoie faci?"; clientParticipant.AddMessage(groupId, message, verifiedParticipant); } Console.ReadKey(); }
/// <summary> /// Perform JAR digital signature verification against a JAR filename on disk /// </summary> /// <param name="jar">JAR container. The caller is expected to dispose this type themselves - it will not be disposed /// by this method</param> /// <param name="certificates">certificate to verify / accept against</param> /// <param name="nonStandardCountCheck">whether to perform the additional file count verification check against /// MANIFEST.MF (recommended if the file is actually an arbitrary ZIP)</param> /// <returns>digital signature verification state of the JAR</returns> public static VerificationResult Jar(IJar jar, IVerificationCertificates certificates, bool nonStandardCountCheck = true) { // Unsigned ZIP and probably not even a JAR if (!jar.Contains(@"META-INF\MANIFEST.MF")) { return(new VerificationResult { Status = SigningStatus.NotSigned, Valid = false }); } IManifestLoader manifestLoader = new ManifestLoader(); ManifestData centralManifest = manifestLoader.Load(jar, @"META-INF\MANIFEST.MF"); if (nonStandardCountCheck) { // Non-standard check: Ensure that no unsigned files have been ADDED // to the JAR (file qty. [except signature itself] must match manifest entries) // int nonManifestFiles = jar.NonSignatureFiles().Count(); if (centralManifest.Entries.Count != nonManifestFiles) { Log.Message($"Expected {centralManifest.Entries.Count} file(s) found {nonManifestFiles}"); return(new VerificationResult { Status = SigningStatus.FundamentalHashMismatch, Valid = false }); } } // Verify the hashes of every file in the JAR // using (var h = new Hasher()) { Log.Message($"Central manifest contains {centralManifest.Entries.Count} entries"); foreach (ManifestEntry e in centralManifest.Entries) { Log.Message($"Digest check {e.Path} ({e.Digest})"); // Check each file matches the hash in the manifest if (jar.SHA256(h, e.Path).ToBase64() != e.Digest) { Log.Message($"{e.Path} has an incorrect digest"); return(new VerificationResult { Status = SigningStatus.FundamentalHashMismatch, Valid = false }); } } } // Detect signatures // // ISignatureFinder finder = new SignatureFinder(); List <Signature> signatures = finder.Find(jar); if (!signatures.Any()) { Log.Message("No signatures detected"); return(new VerificationResult { Status = SigningStatus.NotSigned, Valid = false }); } Log.Message($"{signatures.Count} signature(s) detected"); // Verify signatures // // SignatureVerifier ver = new SignatureVerifier(); if (ver.Verify(jar, centralManifest, signatures, certificates)) { return(new VerificationResult { Status = SigningStatus.SignedValid, Valid = true }); } else { return(new VerificationResult { Status = SigningStatus.SignedInvalid, Valid = false }); } }
public void SignatureShouldNotVerify(string pubKey, string payload, string signature) { bool isValid = SignatureVerifier.IsSignatureValid(payload, signature, pubKey); Assert.True(!isValid); }