コード例 #1
0
        public SigningOutput SignContent(string serializedRequest)
        {
            var hashManager = new HashManager();
            var privateKey  = KeyStoreAdapter.GetPrivateKeyForUser(SignatoryReference);

            var envolope = SigningEnvelope <string> .Create(serializedRequest, SignatoryReference, SignatoryEmail, SignatoryIpAddress);

            var hashSigningContent = hashManager.HashContent(envolope.Body);

            var rsaEncryptor = new Chilkat.Rsa {
                EncodingMode = EncodingMode
            };

            rsaEncryptor.ImportPrivateKey(privateKey);

            var encryptedSignContentHash = rsaEncryptor.EncryptStringENC(hashSigningContent, true);

            envolope.AddEncryptedHashForBody(encryptedSignContentHash);

            var symmetricKey = KeyStoreAdapter.GetSymmetricKeyForUser(SignatoryReference);

            var serializedSignedContent = JsonConvert.SerializeObject(envolope);
            var encryptedSignedString   = Encrypt(serializedSignedContent, symmetricKey);

            return(SigningOutput.Create(encryptedSignedString, SignatoryReference));
        }
コード例 #2
0
        public void WhenKeyNotFoundAndCreateNewIsFalse_ThenGetRsaKeyAsyncReturnsNull()
        {
            var adapter = new KeyStoreAdapter();

            Assert.IsNull(adapter.CreateRsaKey(
                              KeyName,
                              CngKeyUsages.Signing,
                              false,
                              null));
        }
コード例 #3
0
        public SigningEnvelope <T> DecryptSignedContent <T>(string encryptedSignedContent, string signatory)
        {
            var symmetricKey = KeyStoreAdapter.GetSymmetricKeyForUser(signatory);

            var decryptedEnvolope = Decrypt(encryptedSignedContent, symmetricKey);

            var decryptedContent = JsonConvert.DeserializeObject <SigningEnvelope <T> >(decryptedEnvolope);

            return(decryptedContent);
        }
コード例 #4
0
        public async Task WhenKeyNotFoundAndCreateNewIsFalse_ThenGetRsaKeyAsyncReturnsNull()
        {
            var adapter = new KeyStoreAdapter(
                CngProvider.MicrosoftSoftwareKeyStorageProvider,
                KeySize);

            Assert.IsNull(await adapter.CreateRsaKeyAsync(
                              KeyName,
                              CngKeyUsages.Signing,
                              false,
                              null));
        }
コード例 #5
0
        public void WhenKeyNotFoundAndCreateNewIsTrue_ThenGetRsaKeyAsyncReturnsNewKey()
        {
            var adapter = new KeyStoreAdapter();

            var key = adapter.CreateRsaKey(
                KeyName,
                CngKeyUsages.Signing,
                true,
                null);

            Assert.IsNotNull(key);
            Assert.AreEqual("RSA", key.SignatureAlgorithm);
        }
コード例 #6
0
        public async Task WhenKeyNotFoundAndCreateNewIsTrue_ThenGetRsaKeyAsyncReturnsNewKey()
        {
            var adapter = new KeyStoreAdapter(
                CngProvider.MicrosoftSoftwareKeyStorageProvider,
                KeySize);

            var key = await adapter.CreateRsaKeyAsync(
                KeyName,
                CngKeyUsages.Signing,
                true,
                null);

            Assert.IsNotNull(key);
            Assert.AreEqual("RSA", key.SignatureAlgorithm);
        }
コード例 #7
0
        public void WhenKeyExistsButUsageDoesNotMatch_ThenGetRsaKeyAsyncReturnsKey()
        {
            var adapter = new KeyStoreAdapter();

            var key1 = adapter.CreateRsaKey(
                KeyName,
                CngKeyUsages.Signing,
                true,
                null);

            Assert.Throws <CryptographicException>(
                () => adapter.CreateRsaKey(
                    KeyName,
                    CngKeyUsages.Decryption,
                    false,
                    null));
        }
コード例 #8
0
        public async Task WhenKeyExistsButUsageDoesNotMatch_ThenGetRsaKeyAsyncReturnsKey()
        {
            var adapter = new KeyStoreAdapter(
                CngProvider.MicrosoftSoftwareKeyStorageProvider,
                KeySize);

            var key1 = await adapter.CreateRsaKeyAsync(
                KeyName,
                CngKeyUsages.Signing,
                true,
                null);

            AssertEx.ThrowsAggregateException <CryptographicException>(
                () => adapter.CreateRsaKeyAsync(
                    KeyName,
                    CngKeyUsages.Decryption,
                    false,
                    null).Wait());
        }
コード例 #9
0
        public void WhenKeyExists_ThenGetRsaKeyAsyncReturnsKey()
        {
            var adapter = new KeyStoreAdapter();

            var key1 = adapter.CreateRsaKey(
                KeyName,
                CngKeyUsages.Signing,
                true,
                null);

            var key2 = adapter.CreateRsaKey(
                KeyName,
                CngKeyUsages.Signing,
                false,
                null);

            Assert.IsNotNull(key2);
            Assert.AreEqual(key1.ExportParameters(false).Modulus, key2.ExportParameters(false).Modulus);
            Assert.AreEqual(key1.ExportParameters(false).Exponent, key2.ExportParameters(false).Exponent);
        }
コード例 #10
0
        public async Task WhenKeyExists_ThenGetRsaKeyAsyncReturnsKey()
        {
            var adapter = new KeyStoreAdapter(
                CngProvider.MicrosoftSoftwareKeyStorageProvider,
                KeySize);

            var key1 = await adapter.CreateRsaKeyAsync(
                KeyName,
                CngKeyUsages.Signing,
                true,
                null);

            var key2 = await adapter.CreateRsaKeyAsync(
                KeyName,
                CngKeyUsages.Signing,
                false,
                null);

            Assert.IsNotNull(key2);
            Assert.AreEqual(key1.ExportParameters(false).Modulus, key2.ExportParameters(false).Modulus);
            Assert.AreEqual(key1.ExportParameters(false).Exponent, key2.ExportParameters(false).Exponent);
        }
コード例 #11
0
        public VerificationResult <string> VerifySignature(DigitalSignature <string> signature)
        {
            var verificationResults = new VerificationResult <string>();
            var hashManager         = new HashManager();

            var envelope = DecryptSignedContent <string>(signature.SignedContent, signature.SignatoryReference);

            if (envelope == null)
            {
                verificationResults.SignatoryMatchedToSignature = false;
                return(verificationResults);
            }

            var hashCurrentBody = hashManager.HashContent(envelope.Body);
            var publicKey       = KeyStoreAdapter.GetPublicKeyForUser(signature.SignatoryReference);

            // Decrypt hash with public key to ensure there is no tampering and content is still the same
            var rsaDecryptor = new Chilkat.Rsa {
                EncodingMode = EncodingMode
            };

            rsaDecryptor.ImportPublicKey(publicKey);
            var decryptedoriginalHash = rsaDecryptor.DecryptStringENC(envelope.Header.EncryptedBodyHashSignature, false);

            var signitureMatch = hashCurrentBody == decryptedoriginalHash;

            verificationResults.IpAddress                       = envelope.Body?.IpAddress;
            verificationResults.SignatoryEmailAddress           = envelope.Body?.EmailAddress;
            verificationResults.SignatoryMatchedToSignature     = true;
            verificationResults.SignedContentMatchesToSignature = signitureMatch;

            verificationResults.ExpectedContent = signature.OriginalContent;
            verificationResults.SignedContent   = envelope?.Body?.Content;

            return(verificationResults);
        }