//*** 20200524 - This one needs to be checked for consistency with Dart code!
public static byte[] encryptStringWithAesGCM(String data, KeyParameter key)
{
// Generate a random 96-bit nonce N
byte[] nonce = KeysHelper.generateRandomNonceUtf8(12);
GcmBlockCipher cipher = new GcmBlockCipher(new AesEngine());
//*** 20200524 - Is 96 the right number?
AeadParameters parameters = new AeadParameters(key, 96, nonce);
cipher.Init(true, parameters);
byte[] utf8Data = Encoding.UTF8.GetBytes(data);
int bufSize = utf8Data.Length;
byte[] cipherText = new byte[cipher.GetOutputSize(bufSize)];
int len = cipher.ProcessBytes(utf8Data, 0, bufSize, cipherText, 0);
cipher.DoFinal(cipherText, len);
using (MemoryStream combinedStream = new MemoryStream())
{
using (BinaryWriter binaryWriter = new BinaryWriter(combinedStream))
{
binaryWriter.Write(nonce);
binaryWriter.Write(cipherText);
}
return(combinedStream.ToArray());
}
}
public static async Task <RequestDidPowerUp> fromWallet(Wallet senderWallet, String pairwiseDid, List <StdCoin> amount, RSAPrivateKey privateKey)
{
// Get the timestamp
String timestamp = GenericUtils.getTimeStampEpoch(); // RC 20200913: Be careful, the Dart version uses a different timestamp format non ISO-8601 - Why?
String senderDid = senderWallet.bech32Address;
// Build and sign the signature
byte[] signedSignatureHash = SignHelper.signPowerUpSignature(
senderDid: senderDid,
pairwiseDid: pairwiseDid,
timestamp: timestamp,
rsaPrivateKey: privateKey);
// Build the payload -*
DidPowerUpRequestPayload payload = new DidPowerUpRequestPayload(
senderDid: senderDid,
pairwiseDid: pairwiseDid,
timeStamp: timestamp,
signature: Convert.ToBase64String(signedSignatureHash)
);
// =============
// Encrypt proof
// =============
// Generate an AES-256 key
KeyParameter aesKey = KeysHelper.generateAesKey(); // await ?
// Encrypt the payload
byte[] encryptedProof = EncryptionHelper.encryptStringWithAesGCM(JsonConvert.SerializeObject(payload), aesKey);
// =================
// Encrypt proof key
// =================
// Encrypt the key using the Tumbler public RSA key
RSAPublicKey rsaPubTkKey = await EncryptionHelper.getGovernmentRsaPubKey(senderWallet.networkInfo.lcdUrl);
byte[] encryptedProofKey = EncryptionHelper.encryptBytesWithRsa(aesKey.GetKey(), rsaPubTkKey);
// Build the message
RequestDidPowerUp request = new RequestDidPowerUp(
claimantDid: senderDid,
amount: amount,
powerUpProof: Convert.ToBase64String(encryptedProof),
uuid: Guid.NewGuid().ToString(),
encryptionKey: Convert.ToBase64String(encryptedProofKey)
);
return(request);
}
/// Creates a CommercioDoc from the given [wallet],
/// [recipients], [id], [metadata]
/// and optionally [contentUri], [checksum],
/// [doSign], [encryptedData], [aesKey].
public static async Task <CommercioDoc> fromWallet(
Wallet wallet,
List <String> recipients,
String id,
CommercioDocMetadata metadata,
String contentUri = null,
CommercioDocChecksum checksum = null,
CommercioDoSign doSign = null,
List <EncryptedData> encryptedData = null,
KeyParameter aesKey = null
)
{
// Build a generic document
CommercioDoc commercioDocument = new CommercioDoc(
senderDid: wallet.bech32Address,
recipientDids: recipients,
uuid: id,
contentUri: contentUri,
metadata: metadata,
checksum: checksum,
encryptionData: null,
doSign: doSign
);
// Encrypt its contents, if necessary
if ((encryptedData != null) && (encryptedData.Count > 0))
{
// Get a default aes key for encryption if needed
if (aesKey == null)
{
aesKey = KeysHelper.generateAesKey();
}
// Encrypt its contents, if necessary
commercioDocument = await DocsUtils.encryptField(
commercioDocument,
aesKey,
encryptedData,
recipients,
wallet
);
}
return(commercioDocument);
}
/// Given a [payload], creates a new AES-256 key and uses that to encrypt
/// the payload itself.
/// This is now a static method of the class - we cannot have function outside class in C#, while Dart can...
public static async Task <ProofGenerationResult> generateProof(Object payload, String lcdUrl)
{
// Generate the AES key - no await here...
KeyParameter aesKey = KeysHelper.generateAesKey();
// Encrypt the payload
String encryptionData = JsonConvert.SerializeObject(payload);
byte[] encryptedPayload = EncryptionHelper.encryptStringWithAes(encryptionData, aesKey);
// Generate nonce, concatenate with payload and encode(?)
//*** 20200524 - I am not sure of encoding - I am already working with arrays...No encode until extensive testing
byte[] nonce = KeysHelper.generateRandomNonce(12);
String encodedProof = Convert.ToBase64String(encryptedPayload.Concat(nonce).ToArray());
// Encrypt the AES key
RSAPublicKey rsaKey = await EncryptionHelper.getGovernmentRsaPubKey(lcdUrl);
byte[] encryptedAesKey = EncryptionHelper.encryptBytesWithRsa(aesKey.GetKey(), rsaKey);
String encodedAesKey = Convert.ToBase64String(encryptedAesKey);
return(new ProofGenerationResult(encryptedProof: encodedProof, encryptedAesKey: encodedAesKey));
}