コード例 #1
0
        /// <summary>
        /// Gets decrypted data from a wire message.
        /// </summary>
        /// <param name="message">Wire message</param>
        /// <param name="serializer">Serializer used to deserialized the signed content</param>
        /// <param name="sharedSecret">Shared secret (null, if the wire message is not encrypted)</param>
        /// <param name="sendersPublicKeyBlob">Public key of the sender used for RSA signature verification</param>
        /// <param name="sendersPublicKeySize">Sender's public key size</param>
        /// <returns>Decrypted raw data</returns>
        public byte[] GetDecryptedMessageData(
            WireMessage message,
            ISerializerAdapter serializer,
            byte[] sharedSecret         = null,
            byte[] sendersPublicKeyBlob = null,
            int sendersPublicKeySize    = 0)
        {
            if (message.Iv.Length > 0 && sharedSecret != null)
            {
                var decryptedRawData =
                    AesEncryption.Decrypt(
                        encryptedData: message.Data,
                        sharedSecret: sharedSecret,
                        iv: message.Iv);

                var signedMessageData = serializer.Deserialize <SignedMessageData>(decryptedRawData);

                if (sendersPublicKeyBlob != null && signedMessageData.Signature != null)
                {
                    if (RsaSignature.VerifySignature(
                            keySize: sendersPublicKeySize,
                            sendersPublicKeyBlob: sendersPublicKeyBlob,
                            rawData: signedMessageData.MessageRawData,
                            signature: signedMessageData.Signature))
                    {
                        return(signedMessageData.MessageRawData);
                    }
                    else
                    {
                        throw new SecurityException("Verification of message signature failed.");
                    }
                }
                else
                {
                    return(decryptedRawData);
                }
            }
            else
            {
                return(message.Data);
            }
        }
コード例 #2
0
        public void VerifySignature_should_return_true_if_signature_is_valid()
        {
            int keySize = 4096;
            var keyPair = new RsaKeyPair(keySize);

            var data = Encoding.UTF8.GetBytes("Test");

            var signature =
                RsaSignature.CreateSignature(
                    keySize: keySize,
                    sendersPrivateKeyBlob: keyPair.PrivateKey,
                    rawData: data);

            var result =
                RsaSignature.VerifySignature(
                    keySize: keySize,
                    sendersPublicKeyBlob: keyPair.PublicKey,
                    rawData: data,
                    signature: signature);

            Assert.Equal(512, signature.Length);
            Assert.True(result);
        }
コード例 #3
0
        /// <summary>
        /// Processes a complete handshake message from server.
        /// </summary>
        /// <param name="message">Deserialized WireMessage that contains a plain or encrypted Session ID</param>
        private void ProcessCompleteHandshakeMessage(WireMessage message)
        {
            if (MessageEncryption)
            {
                var signedMessageData =
                    Serializer.Deserialize <SignedMessageData>(message.Data);

                var encryptedSecret =
                    Serializer.Deserialize <EncryptedSecret>(signedMessageData.MessageRawData);

                _serverPublicKeyBlob = encryptedSecret.SendersPublicKeyBlob;

                if (!RsaSignature.VerifySignature(
                        keySize: _keyPair?.KeySize ?? 0,
                        sendersPublicKeyBlob: _serverPublicKeyBlob,
                        rawData: signedMessageData.MessageRawData,
                        signature: signedMessageData.Signature))
                {
                    throw new SecurityException("Verification of message signature failed.");
                }

                _sessionId =
                    new Guid(
                        RsaKeyExchange.DecrpytSecret(
                            keySize: _config.KeySize,
                            // ReSharper disable once PossibleNullReferenceException
                            receiversPrivateKeyBlob: _keyPair.PrivateKey,
                            encryptedSecret: encryptedSecret));
            }
            else
            {
                _sessionId = new Guid(message.Data);
            }

            _handshakeCompletedWaitHandle.Set();
        }