/*private void GenerateLicense() { DSA dsa = new DSACryptoServiceProvider(); dsa.FromXmlString(PrivateKey); string vfyhash = "Sam Bacsa" + "netMercs Group" + "Unlimited" + "CMS-102022-00UL" + "Never" + "1.2" + "1.3"; // Grab all the featurebits foreach (bool val in _features.Values) vfyhash += val.ToString(); // Hash it and get the result string hash = Convert.ToBase64String(dsa.CreateSignature(Convert.FromBase64String(CConfig.SHA1(vfyhash)))); }*/ private bool VerifyLicense() { // Verifies the loaded license details to see if they // check out g.LogDebug("LicenseManager::VerifyLicense: Enter"); g.LogDebug("LicenseManager::VerifyLicense: Loading DSA object and public key"); DSA dsa = new DSACryptoServiceProvider(); dsa.FromXmlString(PublicKey); g.LogDebug("LicenseManager::VerifyLicense: Object loaded. Key is " + PublicKey); string vfyhash = _user + _company + _limit + _serial + ((_expires.Year == 1) ? "Never" : _expires.ToString()) + _version.ToString() + _version_limit.ToString(); // Load the feature bits foreach (bool val in _features.Values) vfyhash += val.ToString(); g.LogDebug("LicenseManager::VerifyLicense: vfyhash is " + vfyhash); g.LogDebug("LicenseManager::VerifyLicense: Verifying signature"); bool result = dsa.VerifySignature( Convert.FromBase64String(CConfig.SHA1(vfyhash)), Convert.FromBase64String(_signature) ); g.LogDebug("LicenseManager::VerifyLicense: Result of signature verification is: " + result.ToString()); g.LogDebug("LicenseManager::VerifyLicense: Leave"); return result; }
public void MonoVerify () { byte[] hash = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 }; DSACryptoServiceProvider dsa = new DSACryptoServiceProvider (); dsa.FromXmlString (MonoXml512); byte[] sign512 = { 0x53, 0x44, 0x0A, 0xD7, 0x43, 0x3C, 0x1F, 0xC7, 0xCE, 0x9C, 0xAE, 0xDC, 0xFC, 0x61, 0xD5, 0xCE, 0xC9, 0x5C, 0x8D, 0x13, 0x0F, 0x66, 0x15, 0xCB, 0x9F, 0x94, 0x19, 0x18, 0x63, 0x40, 0x6D, 0x3E, 0x16, 0xA8, 0x3E, 0x9B, 0x8A, 0xC2, 0xA5, 0x38 }; Assert.IsTrue (dsa.VerifySignature (hash, sign512), "Mono-512-Verify"); sign512[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign512), "Mono-512-VerBad"); dsa.FromXmlString (MonoXml576); byte[] sign576 = { 0xAC, 0xC8, 0xA3, 0x22, 0x3D, 0x77, 0xE1, 0x13, 0xFD, 0x65, 0x72, 0xE0, 0xA5, 0xF5, 0x94, 0xD6, 0x70, 0x70, 0x40, 0xA9, 0x10, 0x1E, 0x1D, 0xEA, 0x51, 0x68, 0x32, 0x2A, 0x24, 0x47, 0x22, 0x8D, 0xC0, 0xD0, 0x8A, 0x5A, 0x0E, 0x98, 0x5F, 0x2C }; Assert.IsTrue (dsa.VerifySignature (hash, sign576), "Mono-576-Verify"); sign576[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign576), "Mono-576-VerBad"); dsa.FromXmlString (MonoXml640); byte[] sign640 = { 0x5E, 0x6E, 0x1F, 0x38, 0xCA, 0x0D, 0x01, 0x01, 0xBE, 0x5E, 0x8B, 0xAB, 0xCE, 0xD2, 0x42, 0x80, 0x4A, 0xBD, 0x74, 0x60, 0x56, 0x4B, 0x16, 0x4A, 0x71, 0xBC, 0xC3, 0x82, 0xE1, 0x54, 0x0D, 0xB0, 0x67, 0xB6, 0xB6, 0x71, 0x46, 0xA9, 0x01, 0x44 }; Assert.IsTrue (dsa.VerifySignature (hash, sign640), "Mono-640-Verify"); sign640[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign640), "Mono-640-VerBad"); dsa.FromXmlString (MonoXml704); byte[] sign704 = { 0x27, 0x33, 0x45, 0xC5, 0x41, 0xC7, 0xD6, 0x5D, 0x68, 0x32, 0x50, 0x4C, 0xB3, 0x4B, 0x59, 0xCF, 0x49, 0xD1, 0x61, 0x82, 0xCF, 0x73, 0x20, 0x20, 0x3E, 0x09, 0xA3, 0x49, 0xAA, 0x22, 0x1D, 0x1D, 0x27, 0xBA, 0x9F, 0xDD, 0xE2, 0x7D, 0xCD, 0x82 }; Assert.IsTrue (dsa.VerifySignature (hash, sign704), "Mono-704-Verify"); sign704[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign704), "Mono-704-VerBad"); dsa.FromXmlString (MonoXml768); byte[] sign768 = { 0xCA, 0x53, 0x91, 0x99, 0xAE, 0x1B, 0x97, 0xE5, 0x3B, 0x08, 0x78, 0x92, 0xD1, 0x2E, 0x0D, 0xAC, 0xB7, 0x82, 0xFB, 0xA3, 0x84, 0xEE, 0x9B, 0x5E, 0x12, 0x6C, 0x16, 0x6D, 0x97, 0xC1, 0xCF, 0x9A, 0xA9, 0xCF, 0x6A, 0x6E, 0x08, 0x45, 0xA7, 0x19 }; Assert.IsTrue (dsa.VerifySignature (hash, sign768), "Mono-768-Verify"); sign768[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign768), "Mono-768-VerBad"); dsa.FromXmlString (MonoXml832); byte[] sign832 = { 0x7F, 0x1C, 0xC5, 0xA4, 0xDB, 0x95, 0x27, 0xD3, 0x23, 0x6E, 0xCE, 0xBC, 0xC0, 0x9D, 0x82, 0x02, 0x6E, 0xA0, 0x80, 0x5D, 0x53, 0x54, 0x3D, 0x1B, 0x1C, 0x54, 0xDD, 0x1F, 0xD5, 0x7E, 0x07, 0x60, 0xDD, 0x2A, 0xB2, 0x96, 0x3C, 0x36, 0xB3, 0x60 }; Assert.IsTrue (dsa.VerifySignature (hash, sign832), "Mono-832-Verify"); sign832[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign832), "Mono-832-VerBad"); dsa.FromXmlString (MonoXml896); byte[] sign896 = { 0x36, 0x90, 0xA2, 0x4C, 0xDA, 0xDC, 0x6C, 0xF3, 0x83, 0xFE, 0xA8, 0x14, 0xFB, 0x01, 0x69, 0x5F, 0xFA, 0xFA, 0x71, 0xA6, 0x6F, 0xBE, 0x96, 0xB7, 0x11, 0xE7, 0xDE, 0xC7, 0x71, 0x10, 0x83, 0xEE, 0x34, 0x18, 0x4E, 0x88, 0xC1, 0xE0, 0xF9, 0x0A }; Assert.IsTrue (dsa.VerifySignature (hash, sign896), "Mono-896-Verify"); sign896[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign896), "Mono-896-VerBad"); dsa.FromXmlString (MonoXml960); byte[] sign960 = { 0xCE, 0xE8, 0x52, 0x32, 0x9B, 0x30, 0xB5, 0x22, 0x6C, 0x21, 0x34, 0xC6, 0x09, 0xD8, 0xA8, 0x6D, 0x00, 0x87, 0x0F, 0x87, 0x21, 0x50, 0x18, 0x99, 0xED, 0x2A, 0xD3, 0xA5, 0x82, 0x8D, 0x38, 0x63, 0x21, 0xDA, 0xE1, 0x94, 0x65, 0xE1, 0x6E, 0x72 }; Assert.IsTrue (dsa.VerifySignature (hash, sign960), "Mono-960-Verify"); sign960[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign960), "Mono-960-VerBad"); dsa.FromXmlString (MonoXml1024); byte[] sign1024 = { 0x67, 0x73, 0x4D, 0x6C, 0x0E, 0xB2, 0x85, 0xC6, 0x97, 0x5F, 0x09, 0x42, 0xEA, 0xDB, 0xC6, 0xE1, 0x6D, 0x84, 0xA0, 0x15, 0x63, 0x6C, 0xE3, 0x83, 0xA5, 0xCB, 0x58, 0xC6, 0x51, 0x3C, 0xB4, 0xD2, 0x6B, 0xA0, 0x70, 0xCE, 0xD9, 0x8D, 0x96, 0xCA }; Assert.IsTrue (dsa.VerifySignature (hash, sign1024), "Mono-1024-Verify"); sign1024[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign1024), "Mono-1024-VerBad"); }
public void VerifySignatureWithoutKey () { byte[] hash = new byte [20]; byte[] sign = new byte [40]; DSACryptoServiceProvider emptyDSA = new DSACryptoServiceProvider (minKeySize); // Mono hasn't generated a keypair - but it's impossible to // verify a signature based on a new just generated keypair Assert.IsFalse (emptyDSA.VerifySignature (hash, sign)); }
public void CapiVerify () { byte[] hash = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 }; DSACryptoServiceProvider dsa = new DSACryptoServiceProvider (); dsa.FromXmlString (CapiXml512); byte[] sign512 = { 0xCA, 0x11, 0xA4, 0xCD, 0x5B, 0xBA, 0xA1, 0xC9, 0x8C, 0xEF, 0x9A, 0xB8, 0x84, 0x09, 0x96, 0xD0, 0x1B, 0x39, 0x6D, 0x1C, 0xE1, 0xB2, 0x0E, 0xD3, 0xCE, 0xCF, 0x6A, 0x48, 0xDC, 0x22, 0x40, 0xDC, 0xCD, 0x61, 0x25, 0x7F, 0x9E, 0x1B, 0x79, 0x89 }; Assert.IsTrue (dsa.VerifySignature (hash, sign512), "Capi-512-Verify"); sign512[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign512), "Capi-512-VerBad"); dsa.FromXmlString (CapiXml576); byte[] sign576 = { 0x10, 0x77, 0xE9, 0x4C, 0x29, 0xB0, 0xF4, 0x0E, 0x3B, 0xB7, 0x8E, 0x3A, 0x40, 0x22, 0x63, 0x70, 0xF3, 0xA5, 0xB7, 0x4A, 0x5C, 0x85, 0xB5, 0xF3, 0x4B, 0x1C, 0x4A, 0x92, 0xDD, 0x1D, 0xED, 0x63, 0x26, 0xC2, 0x42, 0x20, 0xBE, 0x33, 0x55, 0x57 }; Assert.IsTrue (dsa.VerifySignature (hash, sign576), "Capi-576-Verify"); sign576[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign576), "Capi-576-VerBad"); dsa.FromXmlString (CapiXml640); byte[] sign640 = { 0x4C, 0x04, 0xAC, 0xE0, 0x84, 0x04, 0x5A, 0x1D, 0x9D, 0x61, 0xA1, 0x62, 0xBE, 0x11, 0xEA, 0x0D, 0x1C, 0x21, 0xC7, 0x55, 0x2C, 0x7C, 0x84, 0x4F, 0x22, 0xE9, 0xA1, 0xF1, 0x2C, 0x83, 0x13, 0x90, 0xAE, 0x36, 0xFD, 0x59, 0x32, 0x21, 0xAE, 0x0F }; Assert.IsTrue (dsa.VerifySignature (hash, sign640), "Capi-640-Verify"); sign640[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign640), "Capi-640-VerBad"); dsa.FromXmlString (CapiXml704); byte[] sign704 = { 0xA2, 0x75, 0x32, 0xE0, 0x4B, 0xCA, 0x92, 0x51, 0x84, 0xAC, 0x7C, 0xDE, 0x97, 0xB8, 0xC3, 0x25, 0xD7, 0xF8, 0xA7, 0xE0, 0x76, 0x42, 0x7E, 0x5E, 0x5E, 0x3F, 0x82, 0xDB, 0x87, 0xBF, 0xC9, 0xCC, 0xD9, 0xA2, 0x8E, 0xA2, 0xFE, 0xD3, 0x48, 0x30 }; Assert.IsTrue (dsa.VerifySignature (hash, sign704), "Capi-704-Verify"); sign704[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign704), "Capi-704-VerBad"); dsa.FromXmlString (CapiXml768); byte[] sign768 = { 0x92, 0x27, 0x89, 0x4B, 0xB2, 0xDF, 0xE9, 0x98, 0x5A, 0xC5, 0x78, 0x5E, 0xBD, 0x51, 0x6D, 0x10, 0x30, 0xEC, 0x14, 0x95, 0x6E, 0xEB, 0xA6, 0x5F, 0x3E, 0x47, 0x47, 0x86, 0x19, 0xD0, 0xF2, 0x9B, 0x70, 0x98, 0x97, 0x07, 0x04, 0x0C, 0x13, 0xC6 }; Assert.IsTrue (dsa.VerifySignature (hash, sign768), "Capi-768-Verify"); sign768[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign768), "Capi-768-VerBad"); dsa.FromXmlString (CapiXml832); byte[] sign832 = { 0xC7, 0x10, 0x86, 0x86, 0x4A, 0x19, 0xBC, 0x8E, 0xC5, 0x0E, 0x53, 0xC0, 0x9E, 0x70, 0x2C, 0xFD, 0x4B, 0x9B, 0xBD, 0x79, 0x46, 0x8E, 0x9F, 0x64, 0x41, 0xF9, 0xBB, 0xDD, 0x3B, 0x93, 0x63, 0x82, 0x7B, 0x9B, 0x5B, 0x12, 0x9B, 0xAA, 0x90, 0xAD }; Assert.IsTrue (dsa.VerifySignature (hash, sign832), "Capi-832-Verify"); sign832[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign832), "Capi-832-VerBad"); dsa.FromXmlString (CapiXml896); byte[] sign896 = { 0x7F, 0x0F, 0x5F, 0xC4, 0x44, 0x38, 0x65, 0xD7, 0x0B, 0x03, 0xD1, 0xAC, 0x77, 0xA2, 0xA2, 0x47, 0x37, 0x37, 0x42, 0xA2, 0x97, 0x23, 0xDA, 0x7F, 0xEC, 0xD5, 0x78, 0x3D, 0x5E, 0xDA, 0xA0, 0x02, 0xD6, 0x2D, 0x4B, 0xFA, 0x79, 0x7B, 0x7A, 0x87 }; Assert.IsTrue (dsa.VerifySignature (hash, sign896), "Capi-896-Verify"); sign896[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign896), "Capi-896-VerBad"); dsa.FromXmlString (CapiXml960); byte[] sign960 = { 0x63, 0x77, 0x39, 0xE5, 0x03, 0xD2, 0x33, 0xF5, 0xFE, 0x16, 0xE4, 0x7E, 0x49, 0x4E, 0x72, 0xA0, 0x1B, 0x8D, 0x4D, 0xEC, 0x55, 0x15, 0x72, 0x1C, 0x22, 0x37, 0x4B, 0x64, 0xEB, 0x02, 0x3E, 0xC5, 0xCF, 0x32, 0x07, 0xC5, 0xD3, 0xA2, 0x02, 0x0A }; Assert.IsTrue (dsa.VerifySignature (hash, sign960), "Capi-960-Verify"); sign960[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign960), "Capi-960-VerBad"); dsa.FromXmlString (CapiXml1024); byte[] sign1024 = { 0x1C, 0x5A, 0x9D, 0x82, 0xDD, 0xE0, 0xF5, 0x65, 0x74, 0x48, 0xFB, 0xD6, 0x27, 0x92, 0x98, 0xEA, 0xC6, 0x7F, 0x4F, 0x7C, 0x49, 0xFC, 0xCF, 0x46, 0xEB, 0x62, 0x27, 0x05, 0xFC, 0x9C, 0x40, 0x74, 0x5B, 0x13, 0x7E, 0x76, 0x9C, 0xE4, 0xF6, 0x53 }; Assert.IsTrue (dsa.VerifySignature (hash, sign1024), "Capi-1024-Verify"); sign1024[0] = 0x00; Assert.IsFalse (dsa.VerifySignature (hash, sign1024), "Capi-1024-VerBad"); }
internal static bool VerifyLocalKeyfile(string filename, out AuthInfo authinfo) { StreamReader reader = null; string data = ""; authinfo = null; try { reader = new StreamReader(filename); data = reader.ReadToEnd(); reader.Close(); } catch (Exception exc) { MessageBox.Show("Offline key authorization failure: Could not read keyfile.\n\n\n" + exc.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } Regex rx = new Regex(@"\s*Keyfile(\n*|\s*)?" + @"(?<inner>" + @"(?>" + @"\{(?<LEVEL>)" + @"|" + @"\};(?<-LEVEL>)" + @"|" + @"(?!\{|\};)." + @")+" + @"(?(LEVEL)(?!))" + @")" , RegexOptions.IgnoreCase | RegexOptions.Singleline); Match topmatch = rx.Match(data); if (!topmatch.Success) { MessageBox.Show("Offline key authorization failure: Could not find valid 'keyfile' block.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } string keyfile_data = topmatch.Groups["inner"].Value; // Once we have the top matched group, parse each line in it rx = new Regex(@"\s*\b(?<name>[A-Z]*)\b\s*=\s*((" + "\"" + @"\s*(?<single>.*?)\s*" + "\"" + @"\s*;)|(\{(?<multi>.*?)\};))", RegexOptions.Singleline | RegexOptions.IgnoreCase); // 1 = name // 4 = normal definition // 6 = multiline definition string version = ""; string name = ""; string expires = ""; string machinecode = ""; string featurebit = ""; string hash = ""; string signature = ""; string email = ""; foreach(Match m in rx.Matches(keyfile_data)) { switch(m.Groups["name"].Value.ToLower()) { case "version": version = m.Groups["single"].Value; break; case "name": name = m.Groups["single"].Value; break; case "expires": expires = m.Groups["single"].Value; break; case "machinecode": machinecode = m.Groups["single"].Value; break; case "featurebit": featurebit = m.Groups["single"].Value; break; case "hash": hash = m.Groups["single"].Value; break; case "keysignature": signature = m.Groups["multi"].Value; break; case "email": email = m.Groups["single"].Value; break; } } // Clean up signature signature = signature.Replace(" ", ""); signature = signature.Replace("\t", ""); signature = signature.Replace("\n", ""); signature = signature.Replace("\r", ""); // Check field validity if (version == "" || expires == "" || machinecode == "" || featurebit == "" || hash == "" || name == "" || email == "" || signature == "") { MessageBox.Show("Offline key authorization failure: Keyfile construction incomplete.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } // Check version if (version != "1.00") { MessageBox.Show("Offline key authorization failure: Incorrect version (Expected '1.00')", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } // Check expiration date try { DateTime dt = DateTime.Parse(expires); if (DateTime.Now.Ticks >= dt.Ticks) { MessageBox.Show("Offline key authorization has expired. Please visit www.torquedev.com to request a new offline authorization file.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } } catch (Exception exc) { MessageBox.Show("Offline key authorization failure: Unable to verify date stamp. Error returned was: " + exc.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } // Check if the machine codes match if (machinecode != CConfig.GetHardKey()) { MessageBox.Show("Offline key authorization failure: Machine code mismatch.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } // Verify hash of data string sighash = CConfig.SHA1(version + name + machinecode + expires + featurebit + email); if (sighash != hash) { MessageBox.Show("Offline key authorization failure: Checksum mismatch.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } // Verify signature by first loading the public key into memory DSA dsa = new DSACryptoServiceProvider(); try { dsa.FromXmlString(CVerify.PublicKey); } catch (Exception exc) { MessageBox.Show("Offline key authorization failure: Unable to load DSA public key. Error returned was: " + exc.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return false; } // Verify the data against the signature try { if (!dsa.VerifySignature(Convert.FromBase64String(hash), Convert.FromBase64String(signature))) { MessageBox.Show("Offline key authorization failure: File signature is invalid.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); dsa.Clear(); return false; } else { // Signature checked out. Create the passback reference authinfo = new AuthInfo(version, name, expires, machinecode, featurebit, hash, signature, email); return true; } } catch (Exception exc) { MessageBox.Show("Offline key authorization failure: DSA verification failure. Error returned was: " + exc.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); dsa.Clear(); return false; } }