/// <summary>
///
/// </summary>
/// <param name="server"></param>
/// <param name="context"></param>
/// <param name="callbackEndPoint"></param>
/// <param name="cancel"></param>
public override void Run(IHostServer server, WebContext context, string callbackEndPoint, CancellationToken cancel) {
if (context.PreparedParameters == null) {
context.PreparedParameters = RequestParameters.Create(context);
}
var preparedParams = context.PreparedParameters;
var fingerprint = preparedParams.Get("cert");
var cms = preparedParams.Get("message");
var container = server.Container;
var caConfigProvider = container.Get<ICaConfigProvider>();
if (caConfigProvider == null) {
throw new Exception("Cannot get CA config");
}
var caConfig = caConfigProvider.GetConfig();
if (caConfig == null || !caConfig.GetIsValid()) {
throw new Exception("Not valid CA config");
}
var cmsDecryptor = new CmsDecryptor();
cmsDecryptor.Initialize(caConfig);
var cmsMessage = new CmsMessage {
CertificateFingerprint = fingerprint,
EncryptedMessage = cms
};
context.ContentType = MimeHelper.JSON;
string salt;
lock (TokenAuthGetSaltHandler.Sync) {
salt = TokenAuthGetSaltHandler.Salts[fingerprint].Value;
}
var message = cmsDecryptor.Descrypt(cmsMessage);
var result = message != salt ? "false" : "true";
context.Finish(result);
}
/// <summary>
/// Дешифровка сообщения
/// </summary>
/// <param name="message">Сообщение фотмата CMS</param>
/// <returns>Расшифрованная строка</returns>
public string Descrypt(CmsMessage message) {
if (CaConfig == null) {
throw new Exception("Not initialized");
}
if (string.IsNullOrWhiteSpace(message.EncryptedMessage)) {
throw new ArgumentException("Empty message");
}
var provider = new CaProvider();
provider.Initialize(CaConfig);
var realMsg = RefineMessage(message);
var crtPath = provider.GetUserCertPath(message.CertificateFingerprint);
var keyPath = provider.GetUserKeyPath(message.CertificateFingerprint);
var cmsPath = Path.GetTempFileName();
File.WriteAllText(cmsPath, realMsg);
var arguments = string.Format("smime -decrypt -in {0} -recip {1} -inkey {2} -inform PEM", cmsPath, crtPath, keyPath);
var startInfo = new ProcessStartInfo {
FileName = CaConst.OpenSslProcess,
Arguments = arguments,
CreateNoWindow = true,
RedirectStandardOutput = true,
RedirectStandardError = true,
UseShellExecute = false
};
var process = new Process {StartInfo = startInfo};
process.Start();
var output = process.StandardOutput.ReadToEnd();
process.WaitForExit();
File.Delete(cmsPath);
return output;
}
/// <summary>
/// Дешифровка сообщения
/// </summary>
/// <param name="message">Сообщение фотмата CMS</param>
/// <returns>Расшифрованная строка</returns>
public string Descrypt(CmsMessage message)
{
if (CaConfig == null)
{
throw new Exception("Not initialized");
}
if (string.IsNullOrWhiteSpace(message.EncryptedMessage))
{
throw new ArgumentException("Empty message");
}
var provider = new CaProvider();
provider.Initialize(CaConfig);
var realMsg = RefineMessage(message);
var crtPath = provider.GetUserCertPath(message.CertificateFingerprint);
var keyPath = provider.GetUserKeyPath(message.CertificateFingerprint);
var cmsPath = Path.GetTempFileName();
File.WriteAllText(cmsPath, realMsg);
var arguments = string.Format("smime -decrypt -in {0} -recip {1} -inkey {2} -inform PEM", cmsPath, crtPath, keyPath);
var startInfo = new ProcessStartInfo {
FileName = CaConst.OpenSslProcess,
Arguments = arguments,
CreateNoWindow = true,
RedirectStandardOutput = true,
RedirectStandardError = true,
UseShellExecute = false
};
var process = new Process {
StartInfo = startInfo
};
process.Start();
var output = process.StandardOutput.ReadToEnd();
process.WaitForExit();
File.Delete(cmsPath);
return(output);
}
/// <summary>
/// Преобразование исходного сообщения в требуемый формат
/// </summary>
/// <param name="message">Сообщение</param>
/// <returns>Обработанное сообщение</returns>
public string RefineMessage(CmsMessage message)
{
return("-----BEGIN PKCS7-----\n" + message.EncryptedMessage + "\n-----END PKCS7-----");
}
/// <summary>
/// Преобразование исходного сообщения в требуемый формат
/// </summary>
/// <param name="message">Сообщение</param>
/// <returns>Обработанное сообщение</returns>
public string RefineMessage(CmsMessage message) {
return "-----BEGIN PKCS7-----\n" + message.EncryptedMessage + "\n-----END PKCS7-----";
}
