/// <summary>
/// Verify the signature of packed candidate data
/// </summary>
/// <param name="packed">The packed candidate data</param>
/// <param name="pubKey">The public key to verify with</param>
/// <returns></returns>
public static bool VerifySignature(byte[] packed, RSAParameters pubKey)
{
var sig = Arrays.CopyOfRange(packed, packed.Length - 512, packed.Length);
var data = Arrays.CopyOfRange(packed, 0, packed.Length - 512);
return(Crypto.RSA_Verify(data, sig, pubKey));
}
/// <summary>
/// Unpack a candidate object from storable data
/// </summary>
/// <param name="packed">The packed candidate data</param>
/// <param name="password">The password provided by the candidate</param>
/// <param name="pubKey">The public key to verify the data with</param>
/// <returns>The candidate object</returns>
public static Candidate Unpack(byte[] packed, string password, RSAParameters pubKey)
{
// Check if the RSA signature is valid
if (!VerifySignature(packed, pubKey))
{
throw new DataVerifyException("The packed data could not be cryptographically verified.");
}
// Extract the UID for later
var uid = Arrays.CopyOfRange(packed, 0, 64);
// Decrypt candidate data
byte[] data;
try {
data = Crypto.AES_Decrypt(Arrays.CopyOfRange(packed, 64, packed.Length - 512), password);
}
catch (CryptographicException) {
data = null;
}
if (data == null)
{
throw new PasswordIncorrectException("The provided password was not correct.");
}
// Set the candidate uid and deserialize
var c = Candidate.Deserialize(data);
c.Uid = uid;
return(c);
}