public static Tuple <NetTcpBinding, EndpointAddress> PrepBindingAndAddressForReader(string ServiceCertCN)
{
NetTcpBinding binding = new NetTcpBinding();
binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate;
/// Use CertManager class to obtain the certificate based on the "srvCertCN" representing the expected service identity.
X509Certificate2 srvCert = CertManager.GetCertificateFromStorage(StoreName.TrustedPeople, StoreLocation.LocalMachine, ServiceCertCN);
EndpointAddress address = new EndpointAddress(new Uri(Config.ReaderServiceAddress), new X509CertificateEndpointIdentity(srvCert));
binding.ReceiveTimeout = TimeSpan.FromMinutes(30);
binding.SendTimeout = TimeSpan.FromMinutes(30);
return(new Tuple <NetTcpBinding, EndpointAddress>(binding, address));
}
public static bool ValidateSignature(string s, byte[] signature, string signCert)
{
if (signature == null)
{
return(false);
}
X509Certificate2 clientCertificate = CertManager.GetCertificateFromStorage(StoreName.TrustedPeople, StoreLocation.LocalMachine, signCert);
/// Verify signature using SHA1 hash algorithm
if (DigitalSignature.Verify(s, "SHA1", signature, clientCertificate))
{
Console.WriteLine("Digital Signature is valid.");
//Console.WriteLine(message);
return(true);
}
else
{
Console.WriteLine("Digital Signature is invalid.");
return(false);
}
}