protected void SetYouTubeAuthItems()
{
if (string.IsNullOrEmpty(VideoInfoRequestor.Thumbprint))
{
VideoInfoRequestor.Thumbprint = SignatureVerification.GetSignature(PackageManager, PackageName);
}
VideoInfoRequestor.PackageName = PackageName;
}
public void TestVerifyMessage()
{
var keyData = "{\"keys\":[{\"keyValue\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPYnHwS8uegWAewQtlxizmLFynwHcxRT1PK07cDA6/C4sXrVI1SzZCUx8U8S0LjMrT6ird/VW7be3Mz6t/srtRQ==\",\"protocolVersion\":\"ECv1\"}]}";
var keyProvider = new GoogleKeyProvider(keyData, _clock);
var payload = new PaymentData()
{
ProtocolVersion = "ECv1",
Signature = "MEQCIDxBoUCoFRGReLdZ/cABlSSRIKoOEFoU3e27c14vMZtfAiBtX3pGMEpnw6mSAbnagCCgHlCk3NcFwWYEyxIE6KGZVA==",
SignedMessage = "{\"tag\":\"ZVwlJt7dU8Plk0+r8rPF8DmPTvDiOA1UAoNjDV+SqDE\\u003d\",\"ephemeralPublicKey\":\"BPhVspn70Zj2Kkgu9t8+ApEuUWsI/zos5whGCQBlgOkuYagOis7qsrcbQrcprjvTZO3XOU+Qbcc28FSgsRtcgQE\\u003d\",\"encryptedMessage\":\"12jUObueVTdy\"}"
};
var signatureVerification = new SignatureVerification(_clock);
Assert.True(signatureVerification.VerifyMessage(payload, "Google", "someRecipient", keyProvider));
}
/// <summary>Main method for validating a signature</summary>
/// <param name="signature"></param>
/// <param name="referenceTime"></param>
/// <returns>the report part pertaining to the signature</returns>
protected internal virtual SignatureInformation ValidateSignature(AdvancedSignature
signature, DateTime referenceTime)
{
if (signature.GetSigningCertificate() == null)
{
LOG.Error("There is no signing certificate");
return(null);
}
QCStatementInformation qcStatementInformation = VerifyQStatement(signature.GetSigningCertificate
());
SignatureVerification signatureVerification = new SignatureVerification(new Result
(signature.CheckIntegrity(this.ExternalContent)), signature.GetSignatureAlgorithm
());
try
{
ValidationContext ctx = CertificateVerifier.ValidateCertificate(signature.GetSigningCertificate
(), referenceTime, signature.GetCertificateSource(), signature.GetCRLSource(), signature
.GetOCSPSource());
TrustedListInformation info = new TrustedListInformation(ctx.GetRelevantServiceInfo
());
CertPathRevocationAnalysis path = new CertPathRevocationAnalysis(ctx, info);
SignatureLevelXL signatureLevelXL = VerifyLevelXL(signature, referenceTime, ctx);
SignatureLevelC signatureLevelC = VerifyLevelC(signature, referenceTime, ctx, signatureLevelXL
!= null ? signatureLevelXL.GetLevelReached().IsValid() : false);
SignatureLevelAnalysis signatureLevelAnalysis = new SignatureLevelAnalysis(signature
, VerifyLevelBES(signature, referenceTime, ctx), VerifyLevelEPES(signature, referenceTime
, ctx), VerifyLevelT(signature, referenceTime, ctx), signatureLevelC, VerifyLevelX
(signature, referenceTime, ctx), signatureLevelXL, VerifyLevelA(signature, referenceTime
, ctx), VerifyLevelLTV(signature, referenceTime, ctx));
QualificationsVerification qualificationsVerification = VerifyQualificationsElement
(signature, referenceTime, ctx);
SignatureInformation signatureInformation = new SignatureInformation(signatureVerification
, path, signatureLevelAnalysis, qualificationsVerification, qcStatementInformation
);
return(signatureInformation);
}
catch (IOException e)
{
throw new RuntimeException("Cannot read signature file", e);
}
}
public void TestVerifyMessageECv2()
{
var keyData = "{\"keys\":[{\"keyValue\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEvhuz8WZo0DhP7Lg1AQtpQpm2i7Gr6yBa+i6mVOwz3iepodYVDE9YGLzUwoL8AEsPUz/26Pg3lofL2u04/edeXg==\",\"protocolVersion\":\"ECv2\",\"keyExpiration\":\"2154841200000\"}]}";
var keyProvider = new GoogleKeyProvider(keyData, _clock);
var payload = new PaymentData()
{
ProtocolVersion = "ECv2",
Signature = "MEQCIH6Q4OwQ0jAceFEkGF0JID6sJNXxOEi4r+mA7biRxqBQAiAondqoUpU/bdsrAOpZIsrHQS9nwiiNwOrr24RyPeHA0Q==",
SignedMessage = "{\"tag\":\"jpGz1F1Bcoi/fCNxI9n7Qrsw7i7KHrGtTf3NrRclt+U\\u003d\",\"ephemeralPublicKey\":\"BJatyFvFPPD21l8/uLP46Ta1hsKHndf8Z+tAgk+DEPQgYTkhHy19cF3h/bXs0tWTmZtnNm+vlVrKbRU9K8+7cZs\\u003d\",\"encryptedMessage\":\"mKOoXwi8OavZ\"}",
IntermediateSigningKey = new SigningKey()
{
SignedKey = "{\"keyExpiration\":\"1542323393147\",\"keyValue\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE/1+3HBVSbdv+j7NaArdgMyoSAM43yRydzqdg1TxodSzA96Dj4Mc1EiKroxxunavVIvdxGnJeFViTzFvzFRxyCw\\u003d\\u003d\"}",
Signatures = new string[] { "MEYCIQCO2EIi48s8VTH+ilMEpoXLFfkxAwHjfPSCVED/QDSHmQIhALLJmrUlNAY8hDQRV/y1iKZGsWpeNmIP+z+tCQHQxP0v" }
}
};
var signatureVerification = new SignatureVerification(_clock);
Assert.True(signatureVerification.VerifyMessage(payload, "Google", "merchant:12345", keyProvider));
}
protected internal virtual SignatureVerification[] VerifyCounterSignatures(AdvancedSignature
signature, ValidationContext ctx)
{
IList <AdvancedSignature> counterSignatures = signature.GetCounterSignatures();
if (counterSignatures == null)
{
return(null);
}
IList <SignatureVerification> counterSigVerifs = new AList <SignatureVerification>(
);
foreach (AdvancedSignature counterSig in counterSignatures)
{
Result counterSigResult = new Result(counterSig.CheckIntegrity(ExternalContent));
string counterSigAlg = counterSig.GetSignatureAlgorithm();
counterSigVerifs.AddItem(new SignatureVerification(counterSigResult, counterSigAlg
));
}
SignatureVerification[] ret = new SignatureVerification[counterSigVerifs.Count];
return(Sharpen.Collections.ToArray(counterSigVerifs, ret));
}
protected override TPMCommandResponse InternalProcess()
{
TPMBlob requestBlob = new TPMBlob();
requestBlob.WriteCmdHeader(TPMCmdTags.TPM_TAG_RQU_AUTH1_COMMAND, TPMOrdinals.TPM_ORD_Quote);
//key handle gets inserted later, it may be not available now
requestBlob.WriteUInt32(0);
requestBlob.Write(_nonce, 0, 20);
_pcrSelection.WriteToTpmBlob(requestBlob);
_keyManager.LoadKey(_params.GetValueOf <string>("key"));
AuthorizeMe(requestBlob);
using (_keyManager.AcquireLock())
{
requestBlob.SkipHeader();
requestBlob.WriteUInt32(_keyManager.IdentifierToHandle(_params.GetValueOf <string>("key")).Handle);
_responseBlob = TransmitMe(requestBlob);
}
CheckResponseAuthInfo();
_responseBlob.SkipHeader();
TPMPCRCompositeCore pcrComposite = TPMPCRCompositeCore.CreateFromTPMBlob(_responseBlob);
uint sigSize = _responseBlob.ReadUInt32();
byte[] signature = _responseBlob.ReadBytes((int)sigSize);
// Do signature verification
TPMQuoteInfoCore quoteInfo = TPMQuoteInfoCore.Create(new HashProvider().Hash(new HashTPMBlobWritableDataProvider(pcrComposite)), _nonce);
byte[] signingData;
using (TPMBlob blob = new TPMBlob())
{
quoteInfo.WriteToTpmBlob(blob);
signingData = blob.ToArray();
}
Parameters pubKeyParams = new Parameters();
pubKeyParams.AddPrimitiveType("key", _params.GetValueOf <string>("key"));
TPMCommandRequest pubKeyRequest = new TPMCommandRequest(TPMCommandNames.TPM_CMD_GetPubKey, pubKeyParams);
TPMCommandResponse pubKeyResponse = _tpmWrapper.Process(pubKeyRequest,
_commandAuthHelper, _keyManager);
if (pubKeyResponse.Status == false)
{
_log.FatalFormat("TPM_Quote: Could not retrieve pubkey of key");
return(new TPMCommandResponse(false, TPMCommandNames.TPM_CMD_Quote, new Parameters()));
}
TPMKey keyInfo = TPMKeyCore.CreateFromBytes(_keyManager.GetKeyBlob(_params.GetValueOf <string>("key")));
TPMPubkey pubkey = pubKeyResponse.Parameters.GetValueOf <TPMPubkey>("pubkey");
if (SignatureVerification.VerifySignature(keyInfo, pubkey, signingData, signature) == false)
{
throw new ArgumentException("The TPM_Quote signature could not be verified");
}
Parameters responseParams = new Parameters();
responseParams.AddValue("pcrData", pcrComposite);
responseParams.AddPrimitiveType("sig", signature);
return(new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_Quote, responseParams));
}
// инициализация
public AmazonSnsManager(ICommonLogger logger)
{
_logger = logger;
_signatureVerification = new SignatureVerification(logger);
_subscription = new Subscription(logger);
}