public void SetNullKey ()
{
RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter ();
fmt.SetKey (null);
}
private RSAPKCS1SignatureDeformatter GetDefaultDeformatter (string hashName)
{
// no need for the private key
RSA rsa = RSA.Create ();
rsa.ImportParameters (AllTests.GetRsaKey (false));
RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter ();
fmt.SetKey (rsa);
fmt.SetHashAlgorithm (hashName);
return fmt;
}
public void SetDSAKey ()
{
RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter ();
fmt.SetKey (dsa);
}
public void VerifySignatureNullSignature ()
{
RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter ();
fmt.SetHashAlgorithm ("SHA1");
fmt.SetKey (rsa);
byte[] hash = new byte [20];
fmt.VerifySignature (hash, null);
}
public void VerifySignatureWithBadHash ()
{
RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter ();
fmt.SetKey (rsa);
// no hash algorithm
byte[] hash = new byte [1];
byte[] signature = new byte [1];
fmt.VerifySignature (hash, signature);
}
public void VerifySignatureNullHash ()
{
RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter ();
fmt.SetHashAlgorithm ("SHA1");
fmt.SetKey (rsa);
byte[] hash = null;
byte[] signature = new byte [128];
fmt.VerifySignature (hash, signature);
}
private bool verify(byte[] signature, byte[] message)
{
if (certificate.PublicKey == null)
{
throw new Exception("a public key is required " +
" OAuthConsumer.setProperty when " +
"verifying RSA-SHA1 signatures.");
}
using (HashAlgorithm hasher = HashAlgorithm.Create("SHA1"))
{
RSAPKCS1SignatureDeformatter signatureDeformatter = new RSAPKCS1SignatureDeformatter(certificate.PrivateKey);
signatureDeformatter.SetKey(certificate.PublicKey.Key);
signatureDeformatter.SetHashAlgorithm("SHA1");
byte[] hash = hasher.ComputeHash(message);
return signatureDeformatter.VerifySignature(hash, signature);
}
}
/// <summary>
/// Confirms the validity of the OAuth request signature.
/// </summary>
/// <param name="uri">URI of the resource.</param>
/// <param name="httpMethod">Request method.</param>
/// <param name="arguments">Request arguments.</param>
/// <param name="consumerSecret">Consumer secret.</param>
/// <param name="tokenSecret">Token secret.</param>
/// <param name="rsaCert">For RSA-SHA1 signing, the X509 certificate containing the public key used to verify the signature.</param>
/// <returns>True if the signature is valid, false if not.</returns>
static bool IsValidSignature(Uri uri, string httpMethod, NameValueCollection arguments, string consumerSecret, string tokenSecret, X509Certificate2 rsaCert)
{
NameValueCollection args = new NameValueCollection(arguments);
string receivedsig = args[OAuthArguments.OAuthSignature];
args.Remove(OAuthArguments.OAuthSignature);
string sigMethod = args[OAuthArguments.OAuthSignatureMethod];
args.Remove(Strings.Realm);
string basestring = OAuthUtility.GenerateBaseString(uri, args, httpMethod);
if (OAuthUtility.StringToSigMethod(sigMethod) == SignatureMethod.RsaSha1)
{
RSAPKCS1SignatureDeformatter verifier = new RSAPKCS1SignatureDeformatter();
verifier.SetKey(rsaCert.PublicKey.Key);
verifier.SetHashAlgorithm("SHA1");
byte[] input = Encoding.UTF8.GetBytes(basestring);
byte[] hash = SHA1.Create().ComputeHash(input);
byte[] sig = Convert.FromBase64String(receivedsig);
return verifier.VerifySignature(hash, sig);
}
else
{
string calcsig = OAuthUtility.GenerateSignature(basestring, consumerSecret, tokenSecret, null, OAuthUtility.StringToSigMethod(sigMethod));
if (receivedsig == calcsig) { return true; }
}
return false;
}
/// <summary>
/// Validiert einen signierten String
/// </summary>
/// <param name="textToValidate">Der unsignierte Text welcher mit der Signatur überprüft werden soll.</param>
/// <param name="signToValidate">Die Signatur des Textes.</param>
/// <param name="publicKey">Der öffentliche Schlüssel.</param>
/// <returns></returns>
public static bool validateSign(string textToValidate, string signToValidate, string publicKey) {
//Initialisieren der Provider
var rsacryptoprov = new RSACryptoServiceProvider();
var rsaDeFormatter = new RSAPKCS1SignatureDeformatter(rsacryptoprov);
System.Security.Cryptography.RSA rsa = System.Security.Cryptography.RSA.Create();
var sha1 = new SHA1Managed();
var encoding = new ASCIIEncoding();
//Zuweisen des Hashalgorithmus und des öffentlichen Schlüssels
rsaDeFormatter.SetHashAlgorithm("SHA1");
rsa.FromXmlString(publicKey);
rsaDeFormatter.SetKey(rsa);
//String nach Byte[]
byte[] hashed_value = encoding.GetBytes(textToValidate);
byte[] signed_value = Convert.FromBase64String(signToValidate);
//Signatur validieren und wert zurückgeben true/false
return rsaDeFormatter.VerifySignature(sha1.ComputeHash(hashed_value), signed_value);
}
/// <summary>
/// Verify a signature.
/// Throws only on unexpected failures.
/// </summary>
/// <param name="data">Data, utf8</param>
/// <param name="signature">Signature, base64</param>
/// <returns>True or false (or throws)</returns>
public static bool Verify(string data, string signature)
{
// Construct the cert
byte[] certdata = new System.Text.ASCIIEncoding().GetBytes(CERT);
byte[] rawdata = Encoding.UTF8.GetBytes(data);
// Compute hash of the raw data.
SHA1 sha = new SHA1CryptoServiceProvider();
byte[] contenthash = sha.ComputeHash(rawdata);
// Base64-decode the signature
int sl = (signature.Length % 4);
if(sl>0)
for (int j = 0; j < 4-sl; j++) { signature += "="; }
byte[] sigdata = Convert.FromBase64String(signature);
bool ok = false;
X509Certificate2 cert = new X509Certificate2(certdata);
RSAPKCS1SignatureDeformatter RSADeformatter = new RSAPKCS1SignatureDeformatter();
RSADeformatter.SetHashAlgorithm("SHA1");
RSADeformatter.SetKey(cert.PublicKey.Key);
ok=RSADeformatter.VerifySignature(contenthash, sigdata);
return ok;
}
