/// <summary>
/// Verifies whether envelope data match the AuthCode signature.
/// </summary>
/// <param name="envelope">Envelope to verify.</param>
/// <returns>True if valid.</returns>
public bool VerifyEnvelopeSignature(MrpEnvelope envelope)
{
var encodingParams = Convert.FromBase64String(envelope.EncodedBody.EncodingParams);
var encodedData = Convert.FromBase64String(envelope.EncodedBody.EncodedData);
return(envelope.EncodedBody.AuthCode == this.SignData(encodingParams.Concat(encodedData).ToArray()));
}
private MrpResponse ParseResponseData(MrpEnvelope mrpEnvelope)
{
if (mrpEnvelope.Body?.MrpResponse != null)
{
return(mrpEnvelope.Body.MrpResponse);
}
var data = Convert.FromBase64String(mrpEnvelope.EncodedBody.EncodedData);
var responseParams = DeserializeFromXmlString <MrpEncodingParams>(Encoding.UTF8.GetString(Convert.FromBase64String(mrpEnvelope.EncodedBody.EncodingParams)));
if (responseParams.Encryption == "aes")
{
if (!this.config.UseEncryption)
{
/* BUG: Response is encrypted, but we don't have secret key to decrypt it.
* Happens when server is set to require encryption, but request was plaintext.
* Let's just assume response contained error requesting encrypted/authenticated communication. */
return(new MrpResponse()
{
Status = new Status()
{
Error = new Error()
{
ErrorCode = "-1", ErrorClass = "", ErrorMessage = "Je vyžadována autentizace."
}
}
});
}
var crypto = new Cryptography(this.config.SecretKey, responseParams.VarKey);
if (!crypto.VerifyEnvelopeSignature(mrpEnvelope))
{
// Signature doesn't match, assume forged response
throw new Exception("Neplatný autentizační kód v elementu \"authCode\"!");
}
data = crypto.DecryptData(data);
}
if (responseParams.Compression == "zlib")
{
data = Compression.Inflate(data);
}
return(DeserializeFromXmlString <MrpResponse>(Encoding.UTF8.GetString(data)));
}
public async Task <T> PostAsync <T>(Data requestData) where T : IResponse
{
if (this.httpClient == null)
{
this.httpClient = new HttpClient();
}
if (this.config.Timeout != default)
{
this.httpClient.Timeout = this.config.Timeout;
}
var crypto = new Cryptography(this.config.SecretKey);
var mrpEnvelope = new MrpEnvelope();
var mrpRequest = new MrpRequest()
{
Request = new Request()
{
Command = (MrpCommands)Enum.Parse(typeof(MrpCommands), typeof(T).Name)
},
Data = requestData
};
if (this.config.UseEncryption || this.config.UseCompression)
{
var data = Encoding.UTF8.GetBytes(SerializeToXmlString <MrpRequest>(mrpRequest));
var mrpEncodingParams = new MrpEncodingParams();
if (this.config.UseCompression)
{
mrpEncodingParams.Compression = "zlib";
data = Compression.Deflate(data, this.config.CompressionLevel);
}
if (this.config.UseEncryption)
{
mrpEncodingParams.Encryption = "aes";
data = crypto.EncryptData(data);
mrpEncodingParams.VarKey = crypto.GetVariantKey();
}
var encodingParams = Encoding.UTF8.GetBytes(SerializeToXmlString <MrpEncodingParams>(mrpEncodingParams));
mrpEnvelope.EncodedBody = new EncodedBody()
{
EncodingParams = Convert.ToBase64String(encodingParams),
EncodedData = Convert.ToBase64String(data),
};
if (this.config.UseEncryption)
{
mrpEnvelope.EncodedBody.Authentication = "hmac_sha256";
mrpEnvelope.EncodedBody.AuthCode = crypto.SignData(encodingParams.Concat(data).ToArray());
}
}
else
{
mrpEnvelope.Body = new Body {
MrpRequest = mrpRequest
};
}
return((T)await this.ProcessResponseAsync <T>(
await this.httpClient.PostAsync(
this.config.Url,
new StringContent(SerializeToXmlString <MrpEnvelope>(mrpEnvelope), Encoding.UTF8, "application/xml"))));
}
