////////////////////////////////////////////////////////////////////////////////////////////////////
/// <summary> Rsa encrypt a string with a public key </summary>
///
/// <remarks> Chris, 4/2/2020. </remarks>
///
/// <param name="val"> String value to be encrypted. </param>
/// <param name="pRSAPublic"> The rsa public key</param>
///
/// <returns> An encrypted byte[] buffer. </returns>
////////////////////////////////////////////////////////////////////////////////////////////////////
public byte[] RSAEncrypt(string val, string pRSAPublic)
{
if (string.IsNullOrEmpty(pRSAPublic) || string.IsNullOrEmpty(val))
{
return(null);
}
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
string[] rsaP = pRSAPublic.Split(',');
RSAParameters tP = new RSAParameters()
{
Modulus = CU.ToHexByte(rsaP[1]),
Exponent = CU.ToHexByte(rsaP[0])
};
rsa.ImportParameters(tP);
byte[] tBytes = rsa.Encrypt(CU.CUTF8String2Array(val), false);
return(tBytes);
}
/// <summary>
/// Adds a signature to the license.
/// </summary>
/// <param name="rsaPrivateKeyCSPBlob">Private key to use for generating the signature.</param>
/// <returns></returns>
public bool AddSignature(byte[] rsaPrivateKeyCSPBlob)
{
bool success = false;
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportCspBlob(rsaPrivateKeyCSPBlob);
if (rsa.PublicOnly)
{
return(false);
}
// JWS inspired, but
// 1) jwk is RSA key in XML format
// 2) Empty payload
string header = Convert.ToBase64String(CU.CUTF8String2Array(CU.SerializeObjectToJSONString(new Header {
jwk = rsa.ToXmlString(false), alg = "RS256"
})));
string payload = GetCanonicalLicense();
byte[] payloadBytes = CU.CUTF8String2Array(payload);
byte[] tBytes = rsa.SignData(payloadBytes, "SHA1");
payload = ""; // Don't store the payload again as would be required by JWS
string signature = Convert.ToBase64String(tBytes);
var newSignatures = new string[Signatures.Length + 1];
Signatures.CopyTo(newSignatures, 0);
newSignatures[newSignatures.Length - 1] = String.Format("{0}.{1}.{2}", header, "", signature);
Signatures = newSignatures;
success = true;
}
catch (Exception)
{
//ignored?
}
return(success);
}
/// <summary>
/// Validates the signatures of license using the public keys of the signer
/// </summary>
/// <param name="rsaPublicKeyCSPBlobs">The public key(s) for each of the signatures.</param>
/// <returns></returns>
public bool ValidateSignature(List <byte[]> rsaPublicKeyCSPBlobs)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
var payload = CU.CUTF8String2Array(GetCanonicalLicense());
foreach (var key in rsaPublicKeyCSPBlobs)
{
rsa.ImportCspBlob(key);
string keyAsXml;
try
{
keyAsXml = rsa.ToXmlString(false);
}
catch (PlatformNotSupportedException)
{
keyAsXml = TheBaseAssets.MyCrypto.GetRSAKeyAsXML(rsa, false);
}
string header = Convert.ToBase64String(CU.CUTF8String2Array(CU.SerializeObjectToJSONString(new Header {
jwk = keyAsXml, alg = "RS256"
})));
foreach (var signature in Signatures)
{
var parts = signature.Split('.');
if (parts.Length == 3)
{
if (parts[0] == header)
{
if (rsa.VerifyData(payload, "SHA1", Convert.FromBase64String(parts[2])))
{
return(true);
}
}
}
}
}
return(false);
}