예제 #1
0
        public void Sha256_ShouldProduceValidHash()
        {
            var sourceData       = "Hello crazy world";
            var sourceDataBinary = Encoding.UTF8.GetBytes(sourceData);

            var resultHash       = _crypto.Sha256(sourceDataBinary);
            var resultHashString = ByteArrayUtils.ByteArrayToHexString(resultHash);

            Assert.AreEqual(resultHashString, "2907d7ba4e806c96a8ab89b03be1745b5beb5568a109af9287acd71707e79f2d");
        }
예제 #2
0
        private HttpResponse ExecuteRequest(
            HttpMethod method,
            string path,
            EntityIdentifier subjectEntity,
            object transportObject,
            List <int> httpStatusCodeWhiteList)
        {
            try
            {
                var requestUrl  = MakeUrl(path);
                var requestBody = EncodeRequestBody(transportObject);

                // encrypt the payload using the API's public key
                var    publicKey        = GetCurrentPublicKey();
                string hashString       = null;
                string hashFunction     = null;
                string encryptedPayload = null;

                if (requestBody != null)
                {
                    encryptedPayload = _jweService.Encrypt(
                        requestBody,
                        publicKey.KeyData,
                        publicKey.Thumbprint,
                        "application/json"
                        );
                    var hash = _crypto.Sha256(Encoding.UTF8.GetBytes(encryptedPayload));
                    hashString   = ByteArrayUtils.ByteArrayToHexString(hash);
                    hashFunction = "S256";
                }

                var requestId = Guid.NewGuid().ToString("D");

                // sign the encrypted payload and turn it into a JWT token ... this is sent as the header
                var token = _jwtService.Encode(
                    requestId,
                    _issuer.ToString(),
                    subjectEntity.ToString(),
                    GetCurrentTime(),
                    method.ToString(),
                    path,
                    hashFunction,
                    hashString
                    );

                var response = _httpClient.ExecuteRequest(
                    method,
                    requestUrl,
                    encryptedPayload,
                    new Dictionary <string, string>
                {
                    { "Authorization", "IOV-JWT " + token }
                }
                    );

                var    JWTHeaders = Jose.JWT.Headers(response.Headers[IOV_JWT_HEADER]);
                string kid        = (string)JWTHeaders["kid"];

                if (kid != publicKey.Thumbprint)
                {
                    publicKey = FetchPublicKeyWithId(kid);
                }

                // check for errors, decode and decrypt them if needed and crash out
                ThrowForStatus(response, publicKey.KeyData, requestId, httpStatusCodeWhiteList);

                // validate the response itself
                ValidateEncryptedResponse(response, publicKey.KeyData, requestId);

                // if we're here, we've passed all validation and error handling
                return(response);
            }
            catch (JwtError ex)
            {
                throw new InvalidResponseException("JWT error occurred -- see exception", ex);
            }
            catch (IOException ex)
            {
                throw new CommunicationErrorException("A network-level error occurred, see inner exception.", ex);
            }
            catch (TimeoutException ex)
            {
                throw new CommunicationErrorException("A connection timeout occurred, see inner exception.", ex);
            }
        }