public async Task<VerifiableString> GetData() { Console.WriteLine("enter GetData"); o = @" web service claims you have 5 dollars. claim signed by " + typeof(NamedKeyPairs.WebServiceAuthorityPrivateKey).Name + @". --- " + new { Environment.StackTrace } ; o = o.Replace(Environment.NewLine, "\n").Replace("\n", Environment.NewLine); var x = new VerifiableString { value = o // if we can verify it later, we can trust it to be set by the web service. otherwise we cannot trust it. // this would also enable state sharing now. // signed and perhaps encrypted too.. }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); Verify(x); return x; }
// https://sites.google.com/a/jsc-solutions.net/backlog/knowledge-base/2015/201511/20151123/ubuntumidexperiment public async Task<bool> Verify(VerifiableString x) { var verify = x.Verify(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); //Console.WriteLine( // new { isoriginal = o == x.value, o = o.Length, t = x.value.Length, verify }.ToString() // ); return verify; }
public async Task<VerifiableString> GetData() { Console.WriteLine("enter GetData"); var rsa = new RSACryptoServiceProvider(); rsa.ImportParameters(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); var PublicKey = rsa.ExportParameters(includePrivateParameters: false); this.PublicKeyExponent = PublicKey.Exponent; Console.WriteLine(new { PublicKeyExponent = Convert.ToBase64String(PublicKeyExponent) }); this.PublicKeyModulus = PublicKey.Modulus; Console.WriteLine(new { PublicKeyModulus = Convert.ToBase64String(PublicKeyModulus) }); var o = @" web service claims you have 5 dollars. claim signed by " + typeof(NamedKeyPairs.WebServiceAuthorityPrivateKey).Name + @". --- " + new { Environment.StackTrace } ; o = o.Replace(Environment.NewLine, "\n").Replace("\n", Environment.NewLine); var x = new VerifiableString { value = o // if we can verify it later, we can trust it to be set by the web service. otherwise we cannot trust it. // this would also enable state sharing now. // signed and perhaps encrypted too.. }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); //Verify(x); return x; }
public ApplicationWebService() { var sw = Stopwatch.StartNew(); Console.WriteLine("enter ApplicationWebService"); { var copy = typeof(NamedKeyPairs.Key1PrivateKey); } this.SpecialData = "hello world"; this.SpecialDataSignature48 = new RSACryptoStream(NamedKeyPairs.Key1PrivateKey.RSAParameters).SignString(this.SpecialData); this.foo = new VerifiableString { value = "foo string" }.Sign(NamedKeyPairs.Key1PrivateKey.RSAParameters); //this.foo.signature = new RSACryptoStream(NamedKeyPairs.Key1PrivateKey.RSAParameters).SignString(this.foo.value); Console.WriteLine("exit ApplicationWebService " + new { sw.ElapsedMilliseconds }); }
public async Task GetStatus() { { var ref0 = typeof(NamedKeyPairs.WebServiceAuthorityPrivateKey); } var x = new VerifiableString { value = "guest" // if we can verify it later, we can trust it to be set by the web service. otherwise we cannot trust it. // this would also enable state sharing now. // signed and perhaps encrypted too.. }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); // sign status // mouse over shows the sig. yay. status.SetAttributeValue("title", Convert.ToBase64String(x.signature)); status.Value = x.value; }
// is firefox sending it? // 204 no content? no fields? public async Task<string> Login() { { var ref0 = typeof(NamedKeyPairs.WebServiceAuthorityPrivateKey); } //<h2> <i>Could not load file or assembly 'TestFirefoxWebServiceField.AssetsLibrary, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The system cannot find the file specified.</i> </h2></span> this.MyLegalPersonCode = new VerifiableString { value = "xxx" }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); Console.WriteLine("Login " + new { MyLegalPersonCode }); // .field field_MyLegalPersonCode:<_02000013>%0d%0a <_04000021>eHh4</_04000021>%0d%0a <_04000022>I5FCZt058sQiF3nG9HzMHsegGdbe2qicSx/4ZXYPJEM+TFSVKol19jGJqNj05vMiAJBGtgpjMyHV2hzVhwCFqA==</_04000022>%0d%0a</_02000013> // Z:\jsc.svn\core\ScriptCoreLib.Ultra\ScriptCoreLib.Ultra\JavaScript\Remoting\InternalWebMethodRequest.cs return "not 204. got my fields firefox?"; }
public async Task<bool> Verify(VerifiableString v) { //var sw = Stopwatch.StartNew(); //var v = new RSACryptoStream(NamedKeyPairs.Key1PrivateKey.RSAParameters).VerifyString(this.foo.value, this.foo.signature); return v.Verify(NamedKeyPairs.Key1PrivateKey.RSAParameters); }
public async Task<bool> MobileAuthenticateAsync() { // Z:\jsc.svn\examples\java\hybrid\JVMCLRWSDLMID\Program.cs // https://tsp.demo.sk.ee/?wsdl //var c = new sk.DigiDocServicePortTypeClient("DigiDocService", "https://tsp.demo.sk.ee:443"); var c = new sk.DigiDocServicePortTypeClient(new BasicHttpsBinding(), new EndpointAddress("https://tsp.demo.sk.ee:443")); var sw = Stopwatch.StartNew(); Console.WriteLine("invoke MobileAuthenticateAsync " + new { sw.ElapsedMilliseconds }); var xa = c.MobileAuthenticateAsync(new sk.MobileAuthenticateRequest { // http://www.id.ee/?id=30340 // http://www.sk.ee/upload/files/DigiDocService_spec_est.pdf // Autenditava isiku isikukood. //Kohustuslik on kas IDCode või PhoneNo, //soovitatav on kasutada mõlemat //sisendparameetrit! Leedu Mobiil-ID kasutajate //puhul on kohustuslikud IDCode ja PhoneNo IDCode = "14212128025", // Isikukoodi välja andnud riik, kasutatakse ISO 3166 // 2 tähelisi riigikoode (näiteks: EE) CountryCode = "EE", // Autenditava isiku telefoninumber koos riigikoodiga //kujul +xxxxxxxxx (näiteks +3706234566). //Kui on määratud nii PhoneNo kui ka IDCode //parameetrid, kontrollitakse telefoninumbri //vastavust isikukoodile ja mittevastavuse korral //tagastatakse SOAP veakood 301. Kohustuslik on //kas IDCode või PhoneNo, soovitatav on kasutada //mõlemat sisendparameetrit! Leedu Mobiil-ID //kasutajate puhul on kohustuslikud IDCode ja //PhoneNo (vt. peatükk 5.2). Kui element “PhoneNo” //on määratud, siis teenuse siseselt lähtutakse //prefiksis määratud riigi tunnusest (sõltumata //elemendi "CountryCode" väärtusest) //PhoneNo = "+37200007" PhoneNo = "37200007", // Telefonile kuvatavate teadete keel. Kasutatakse: 3- // tähelisi koode suurtähtedes.Võimalikud variandid: //(EST, ENG, RUS, LIT). Language = "EST", // Autentimisel telefonil kuvatav teenuse nimetus, //maksimaalne pikkus 20 tähemärki. //Eelnevalt on vajalik kasutatava teenuse nimetuse //kokkuleppimine teenuse pakkujaga ServiceName = "Testimine", //Täiendav tekst, mis autentimise PIN-i küsimise //eelselt lisaks teenuse nimetuse kasutaja telefonile //kuvatakse. Maksimaalne pikkus 40 baiti (ladina //tähtede puhul tähendab see ühtlasi ka 40 sümboli //pikkust teksti, aga näiteks kirillitsa teksti puhul //võidakse tähti kodeerida 2 baidistena ja siis ei saa //saata pikemat kui 20-sümbolilist teksti). MessageToDisplay = "Testimine", //- Rakenduse pakkuja poolt genereeritud juhuslik 10 //baidine tekst, mis on osa (autentimise käigus) //kasutaja poolt signeeritavast sõnumist. //Edastatakse HEX stringina. //NB! Suurema turvalisuse huvides on soovitatav //see väli alati täita, iga kord erineva juhusliku //väärtusega. Kui autentimine õnnestub, on //soovitatav ka kontrollida, et kasutaja poolt //allkirjastatud väärtus tõepoolest ka sisaldab antud //SPChallenge-i väärtust. Täpsem info viimase //verifitseerimise kohta on peatükis //„GetMobileAuthenticateStatus“, „Signature“- //elemendi kirjelduse all. SPChallenge = "03010400000000000000", // Autentimise toimingu vastuse tagastamise viis. //Võimalikud variandid: //- “asynchClientServer” – rakendus teeb pärast //MobileAuthenticate meetodi väljakutsumist //täiendavaid staatuspäringuid (kasutades //meetodit GetMobileAuthenticateStatus). //- “asynchServerServer” – toimingu lõppemisel //või vea tekkimisel saadetakse vastus //kliendirakendusele asünkroonselt (vt. //parameeter AsyncConfiguration). MessagingMode = "asynchClientServer", //AsyncConfiguration = // Määrab asünkroonselt vastuse tagasisaatmise //konfiguratsiooni.Antud parameetri väärtust //kasutatakse ainult juhul kui MessagingMode on //“asynchServerServer”. Konfiguratsioon lepitakse //kokku teenuse kasutaja ja teenuse pakkuja vahel. //Hetkel on toetatud vastuse tagasi saatmine //kasutades Java Message Services(JMS) liidest // Kui väärtus on “TRUE”, tagastatakse vastuses //autenditava isiku sertifikaat. Sertifikaat on vajalik, //kui rakenduse pakkuja soovib talletada ja //iseseisvalt kontrollida signatuuri korrektsust ja //kehtivusinfot. ReturnCertData = true, //Väärtuse “TRUE” korral tagastatakse sertifikaadi //kehtivusinfo vastuses RevocationData väljal. ReturnRevocationData = false }); // poll for status? Console.WriteLine("after MobileAuthenticateAsync " + new { sw.ElapsedMilliseconds }); sk.MobileAuthenticateResponse x = xa.Result; Console.WriteLine("after MobileAuthenticateAsync done " + new { sw.ElapsedMilliseconds, x.Sesscode }); var xGetMobileAuthenticateStatusResponseTask = c.GetMobileAuthenticateStatusAsync( new sk.GetMobileAuthenticateStatusRequest { Sesscode = xa.Result.Sesscode, WaitSignature = true } ); // are we to show xa.Result.Sesscode // to client. signed? Console.WriteLine("after GetMobileAuthenticateStatusAsync " + new { sw.ElapsedMilliseconds }); // we need to switch to ui and back var xGetMobileAuthenticateStatusResponse = xGetMobileAuthenticateStatusResponseTask.Result; Console.WriteLine("after GetMobileAuthenticateStatusAsync done " + new { sw.ElapsedMilliseconds, xGetMobileAuthenticateStatusResponse.Signature }); //NB! Enne esimese staatuse päringu saatmist on soovitatav oodata vähemalt 15 //sekundit kuna autentimise protsess ei saa tehniliste ja inimlike piirangute tõttu //kiiremini lõppeda. Mobiil-ID toimingud aeguvad hiljemalt 4 minuti jooksul. //invoke MobileAuthenticateAsync { ElapsedMilliseconds = 0 } //after MobileAuthenticateAsync { ElapsedMilliseconds = 715 } //after MobileAuthenticateAsync done { ElapsedMilliseconds = 1527, Sesscode = 622288131 } //after GetMobileAuthenticateStatusAsync { ElapsedMilliseconds = 1531 } //after GetMobileAuthenticateStatusAsync done { ElapsedMilliseconds = 16566, Signature = qxgf var v = new VerifiableString { value = new { x.UserIDCode, x.Sesscode, xGetMobileAuthenticateStatusResponse.Status }.ToString() // if we can verify it later, we can trust it to be set by the web service. otherwise we cannot trust it. // this would also enable state sharing now. // signed and perhaps encrypted too.. }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); // sign status // mouse over shows the sig. yay. status.SetAttributeValue("title", Convert.ToBase64String(v.signature)); status.Value = v.value; return true; }
public async Task<bool> MobileAuthenticateAsync15Continue() { var sw = Stopwatch.StartNew(); var c = new sk.DigiDocServicePortTypeClient(new BasicHttpsBinding(), new EndpointAddress("https://tsp.demo.sk.ee:443")); Console.WriteLine("before GetMobileAuthenticateStatusAsync " + new { sw.ElapsedMilliseconds, MobileAuthenticateAsync15_Sesscode }); var xGetMobileAuthenticateStatusResponseTask = c.GetMobileAuthenticateStatusAsync( new sk.GetMobileAuthenticateStatusRequest { Sesscode = MobileAuthenticateAsync15_Sesscode, WaitSignature = true } ); // are we to show xa.Result.Sesscode // to client. signed? Console.WriteLine("after GetMobileAuthenticateStatusAsync " + new { sw.ElapsedMilliseconds }); // we need to switch to ui and back var xGetMobileAuthenticateStatusResponse = xGetMobileAuthenticateStatusResponseTask.Result; Console.WriteLine("after GetMobileAuthenticateStatusAsync done " + new { sw.ElapsedMilliseconds, xGetMobileAuthenticateStatusResponse.Signature }); //NB! Enne esimese staatuse päringu saatmist on soovitatav oodata vähemalt 15 //sekundit kuna autentimise protsess ei saa tehniliste ja inimlike piirangute tõttu //kiiremini lõppeda. Mobiil-ID toimingud aeguvad hiljemalt 4 minuti jooksul. //invoke MobileAuthenticateAsync { ElapsedMilliseconds = 0 } //after MobileAuthenticateAsync { ElapsedMilliseconds = 715 } //after MobileAuthenticateAsync done { ElapsedMilliseconds = 1527, Sesscode = 622288131 } //after GetMobileAuthenticateStatusAsync { ElapsedMilliseconds = 1531 } //after GetMobileAuthenticateStatusAsync done { ElapsedMilliseconds = 16566, Signature = qxgf var v = new VerifiableString { value = new { MobileAuthenticateAsync15_UserIDCode, //MobileAuthenticateAsync15_Sesscode, xGetMobileAuthenticateStatusResponse.Status }.ToString() // if we can verify it later, we can trust it to be set by the web service. otherwise we cannot trust it. // this would also enable state sharing now. // signed and perhaps encrypted too.. }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); // sign status // mouse over shows the sig. yay. status.SetAttributeValue("title", Convert.ToBase64String(v.signature)); status.Value = v.value; return true; }
public async Task<MobileAuthenticateAsync15State> MobileAuthenticateAsync15Continue(MobileAuthenticateAsync15State args) { var sw = Stopwatch.StartNew(); //var c = new sk.DigiDocServicePortTypeClient(new BasicHttpsBinding(), new EndpointAddress("https://tsp.demo.sk.ee:443")); var c = new sk.DigiDocServicePortTypeClient(new BasicHttpsBinding(), new EndpointAddress(serviceuri)); Console.WriteLine("before GetMobileAuthenticateStatusAsync " + new { sw.ElapsedMilliseconds, args.MobileAuthenticateAsync15_Sesscode }); var xGetMobileAuthenticateStatusResponseTask = c.GetMobileAuthenticateStatusAsync( new sk.GetMobileAuthenticateStatusRequest { Sesscode = Convert.ToInt32(args.MobileAuthenticateAsync15_Sesscode.value), WaitSignature = true } ); // are we to show xa.Result.Sesscode // to client. signed? Console.WriteLine("after GetMobileAuthenticateStatusAsync " + new { sw.ElapsedMilliseconds }); // we need to switch to ui and back var xGetMobileAuthenticateStatusResponse = xGetMobileAuthenticateStatusResponseTask.Result; Console.WriteLine("after GetMobileAuthenticateStatusAsync done " + new { sw.ElapsedMilliseconds, xGetMobileAuthenticateStatusResponse.Status, xGetMobileAuthenticateStatusResponse.Signature }); //NB! Enne esimese staatuse päringu saatmist on soovitatav oodata vähemalt 15 //sekundit kuna autentimise protsess ei saa tehniliste ja inimlike piirangute tõttu //kiiremini lõppeda. Mobiil-ID toimingud aeguvad hiljemalt 4 minuti jooksul. // no pin entered? // xGetMobileAuthenticateStatusResponse.Status = "USER_CANCEL" if (xGetMobileAuthenticateStatusResponse.Status == "USER_AUTHENTICATED") { this.identity = new VerifiableString { value = args.MobileAuthenticateAsync15_UserIDCode.value }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); } return new MobileAuthenticateAsync15State { MobileAuthenticateAsync15Continue_Status = new VerifiableString { value = xGetMobileAuthenticateStatusResponse.Status }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters) }; }
public void Handler(ScriptCoreLib.Ultra.WebService.WebServiceHandler h) { // ssl handshake gives certificate to global, it gives it to the handler, we give it to UI // Console.WriteLine("enter Handler " + new { h.ClientCertificate }); h.ClientCertificate.With( c => { //this.id = new { c.Subject }.ToString(); //this.status.Value = this.id; Console.WriteLine("WebServiceHandler " + new { h.ClientCertificate.Subject }); var UserIDCode = c.Subject.SkipUntilOrEmpty("SERIALNUMBER=").TakeUntilOrEmpty(","); this.identity = new VerifiableString { value = UserIDCode }.Sign(NamedKeyPairs.WebServiceAuthorityPrivateKey.RSAParameters); }); }