Exemplo n.º 1
0
        //Server Side
        public void BeforeSendReply(ref System.ServiceModel.Channels.Message reply, object correlationState)
        {
            X509Certificate2 myCert = CryptoHelper.FindCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=klServer");

            byte[] myHash = myCert.GetCertHash();

            byte[] mySignedHash         = CryptoHelper.Sign(myHash, myCert);
            byte[] mySignedDetachedHash = CryptoHelper.SignDetached(myHash, myCert);

            byte[] myEncryptedHash         = CryptoHelper.Encrypt(mySignedHash, myCert);
            byte[] myEncryptedDetachedHash = CryptoHelper.Encrypt(mySignedDetachedHash, myCert);

            byte[] myDecodedHash = CryptoHelper.VerifyAndRemoveSignature(mySignedHash);

            bool myOK = CryptoHelper.VerifyDetached(mySignedHash, mySignedDetachedHash);

            char[] keyChars = new char[mySignedHash.Length];

            for (int i = 0; i < mySignedHash.Length; i++)
            {
                keyChars[i] = (char)mySignedHash[i];
            }

            reply.Headers.Add((new CustomSecurityHeader(new string(keyChars))));

            MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);

            reply = buffer.CreateMessage();
            Console.WriteLine("Service Sending:\n{0}", buffer.CreateMessage().ToString());
        }
Exemplo n.º 2
0
        //Client Side
        public void AfterReceiveReply(ref Message reply, object correlationState)
        {
            MessageBuffer buffer = reply.CreateBufferedCopy(Int32.MaxValue);

            reply = buffer.CreateMessage();
            Console.WriteLine("Client Received:\n{0}", buffer.CreateMessage().ToString());

            X509Certificate2 myCert = CryptoHelper.FindCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=klServer");

            byte[] myHash = myCert.GetCertHash();

            Int32 headerPosition = reply.Headers.FindHeader(CustomHeaderNames.CustomHeaderName, CustomHeaderNames.CustomHeaderNamespace);

            XmlDictionaryReader reader = reply.Headers.GetReaderAtHeader(headerPosition);

            CustomSecurityHeader header = CustomSecurityHeader.ReadHeader(reader);

            string mySignedHashString = header.Key;

            char[] mysignedHashCharArray = mySignedHashString.ToArray();

            byte[] mySignedHash = new byte[mySignedHashString.Length];
            for (int i = 0; i < mySignedHashString.Length; i++)
            {
                mySignedHash[i] = (byte)mysignedHashCharArray[i];
            }

            byte[] myDecodedHash = CryptoHelper.VerifyAndRemoveSignature(mySignedHash);

            for (int i = 0; i < myHash.Length; i++)
            {
                if (myDecodedHash[i] != myHash[i])
                {
                    throw new Exception("Access Denied");
                }
            }
        }
Exemplo n.º 3
0
            public static void RunLocalLicenseKeyHelper()
            {
                InstallPerServerLicensePkCertificates();

                var mac = GetMacAddress();

                var myMac = new byte[mac.Length];

                for (int i = 0; i < mac.Length; i++)
                {
                    myMac[i] = (byte)mac[i];
                }

                byte[] mySignedMacPrivateKey = SignMacWithPrivateKey(myMac);

                byte[] myDecodedMacPrivate = CryptoHelper.VerifyAndRemoveSignature(mySignedMacPrivateKey);

                for (int i = 0; i < myDecodedMacPrivate.Length; i++)
                {
                    if (myDecodedMacPrivate[i] != myMac[i])
                    {
                        throw new Exception("kl License Key Invalid");
                    }
                }

                var myFile = File.OpenWrite("signedMac");

                myFile.Write(mySignedMacPrivateKey, 0, mySignedMacPrivateKey.Length);
                myFile.Close();

                //Remove Certificates with private keys
                var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);

                try
                {
                    store.Open(OpenFlags.ReadWrite);
                    RemoveCertificates(store, "CN=klLicenseKeyGen");
                }
                finally
                {
                    store.Close();
                }

                store = new X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine);
                try
                {
                    store.Open(OpenFlags.ReadWrite);
                    RemoveCertificates(store, "CN=klLicenseKeyGen");
                }
                finally
                {
                    store.Close();
                }

                store = new X509Store("TRUST", StoreLocation.LocalMachine);
                try
                {
                    store.Open(OpenFlags.ReadWrite);

                    RemoveCertificates(store, "CN=klLicenseKeyGenBase");
                }
                finally
                {
                    store.Close();
                }

                InstallPerServerLicensePublicCertificates();

                myFile = File.OpenRead("signedMac");

                long length = myFile.Length;

                var myRead = new byte[length];

                myFile.Read(myRead, 0, (int)length);

                myFile.Close();

                //Since we removed the private keys and instaleld the public ones, this step simulates the
                //validation step that allows the WCF security to be installed on the machine with the specified MAC address.

                var signedMessage = new SignedCms();

                signedMessage.Decode(myRead);

                signedMessage.CheckSignature(true);

                byte[] myDecodedMac = signedMessage.ContentInfo.Content;

                for (int i = 0; i < myDecodedMacPrivate.Length; i++)
                {
                    if (myDecodedMac[i] != myMac[i])
                    {
                        throw new Exception("kl License Key Invalid");
                    }
                }

                //Now we have the prerequisites to install the certificates on this machine.
                SecureString mySs = GetSecureStringFromConsole();

                InstallWcfSecurityCertificates(mySs);
            }