Exemplo n.º 1
0
        public JToken DecryptResourceData(JToken item)
        {
            const string encryptedContentProperty = "encryptedContent";
            const string certificateIdProperty    = "encryptionCertificateId";
            const string symmetricKeyProperty     = "dataKey";
            const string encryptedPayloadProperty = "data";
            const string signatureProperty        = "dataSignature";

            var encryptedContent = item[encryptedContentProperty];

            string certificateId         = encryptedContent[certificateIdProperty]?.Value <string>() ?? throw new InvalidOperationException("Encryption key id does not exist in the notification payload");
            string encryptedSymmetricKey = encryptedContent[symmetricKeyProperty]?.Value <string>() ?? throw new InvalidOperationException("Symmetric key does not exist in the notification payload");
            string encryptedPayload      = encryptedContent[encryptedPayloadProperty]?.Value <string>() ?? throw new InvalidOperationException("Encrypted payload ;sdoes not exist in the notification payload");
            string hashMac = encryptedContent[signatureProperty]?.Value <string>() ?? throw new InvalidOperationException("Encrypted signature does not exist in the notification payload");

            var payloadBytes   = Convert.FromBase64String(encryptedPayload);
            var signatureBytes = Convert.FromBase64String(hashMac);

            // descrypt the symetric key
            var symmetricKey = AsymmetricDecryptor.Decrypt(Convert.FromBase64String(encryptedSymmetricKey), certificateId);

            // verify signature using the symmetric key
            SymmetricDecryptor.VerifyHMACSignature(payloadBytes, symmetricKey, signatureBytes);

            // decrypt payload using symmetric key
            string plainText = SymmetricDecryptor.Decrypt(payloadBytes, symmetricKey);

            return(JToken.Parse(plainText));
        }
Exemplo n.º 2
0
        public static byte[] AsymmetricDecrypt(
            RSACryptoServiceProvider rsa, byte[] data)
        {
            if (rsa == null)
            {
                throw new ArgumentNullException("rsa");
            }
            if (data == null)
            {
                throw new ArgumentNullException("data");
            }
            AsymmetricDecryptor decryptor = new AsymmetricDecryptor(rsa, data);

            return(decryptor.GetDecryptedBytes());
        }
        public void TestAsymmetricDecryption()
        {
            var someBytes = new byte[32];

            new Random().NextBytes(someBytes);

            const string certId = "E96149FC-3B4F-4E0B-ACED-E715D29961FD";

            var key  = Convert.FromBase64String(DummyKeyStore.GetPublicKeyLocal(certId));
            var cert = new X509Certificate2();

            cert.Import(key);

            byte[] encryptedBytes;
            using (var provider = (RSACryptoServiceProvider)cert.PublicKey.Key)
            {
                encryptedBytes = provider.Encrypt(someBytes, true);
            }

            var decryptedBytes = AsymmetricDecryptor.Decrypt(encryptedBytes, certId);

            Assert.IsTrue(someBytes.SequenceEqual(decryptedBytes));
        }