/// <summary> /// Validate the hmac from a received message /// </summary> /// <param name="receivedHmac"></param> /// <param name="decryptedSaleToPoiMessageByteArray"></param> /// <param name="encryptionDerivedKey"></param> private void ValidateHmac(byte[] receivedHmac, byte[] decryptedSaleToPoiMessageByteArray, EncryptionDerivedKey encryptionDerivedKey) { var hmacSha256Wrapper = new HmacSha256Wrapper(); byte[] hmac = hmacSha256Wrapper.HMac(decryptedSaleToPoiMessageByteArray, encryptionDerivedKey.HmacKey); bool isValid = true; if (receivedHmac.Length == hmac.Length) { for (int i = 0; i < hmac.Length; i++) { if (receivedHmac[i] != hmac[i]) { isValid = false; } } } else { isValid = false; } if (!isValid) { throw new NexoCryptoException("Hmac validation failed"); } }
public SaleToPoiMessageSecured Encrypt(string saleToPoiMessage, MessageHeader messageHeader, EncryptionCredentialDetails encryptionCredentialDetails) { var encryptionDerivedKey = _encryptionDerivedKeyGenerator.Generate(encryptionCredentialDetails); var saleToPoiMessageJson = saleToPoiMessage; var saleToPoiMessageByteArray = Encoding.UTF8.GetBytes(saleToPoiMessageJson); var ivMod = _ivModGenerator.GenerateRandomMod(); var saleToPoiMessageAesEncrypted = _aesEncryptor.Encrypt(saleToPoiMessageByteArray, encryptionDerivedKey, ivMod); var saleToPoiMessageAesEncryptedHmac = _hmacSha256Wrapper.HMac(saleToPoiMessageByteArray, encryptionDerivedKey.HmacKey); var saleToPoiMessageSecured = new SaleToPoiRequestSecured { MessageHeader = messageHeader, NexoBlob = Convert.ToBase64String(saleToPoiMessageAesEncrypted), SecurityTrailer = new SecurityTrailer { KeyVersion = encryptionCredentialDetails.KeyVersion, KeyIdentifier = encryptionCredentialDetails.KeyIdentifier, Hmac = saleToPoiMessageAesEncryptedHmac, Nonce = ivMod, AdyenCryptoVersion = encryptionCredentialDetails.AdyenCryptoVersion } }; return(saleToPoiMessageSecured); }