public void TestReceiveResponse()
{
TestWebServiceProxy testProxy = new TestWebServiceProxy();
ITransportProxy proxy = testProxy;
FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
RSACipher encryptorVerifier = new RSACipher(
keyStore,
"stateKey",
false);
RSACipher signerDecryptor = new RSACipher(
keyStore,
"countyKey",
true);
SecureTransport transport = new SecureTransport(proxy, encryptorVerifier, signerDecryptor);
String sender = "stateKey";
string result = transport.receive(encryptedMessage, signature,
encryptedAesKey, encryptedIV, sender);
// The result should be an XML document with an encrypted AES key
// and
// IV,
// an AES-encrypted response string, and a signed hash of the
// encrypted
// response string.
ResponseInfo objResponseInfo = ResponseInfo.decode(result);
encryptorVerifier = new RSACipher(
keyStore,
"countyKey",
false);
signerDecryptor = new RSACipher(
keyStore,
"stateKey",
true);
byte[] sig = Convert.FromBase64String(objResponseInfo.Signature);
byte[] hash = encryptorVerifier.decrypt(sig);
byte[] encryptedResponse = Convert.FromBase64String(objResponseInfo.Response);
byte[] expectedHash = Hash.getHash(encryptedResponse);
Assert.AreEqual(hash, expectedHash);
byte[] key = signerDecryptor.decrypt(Convert.FromBase64String(objResponseInfo.Key));
byte[] iv = signerDecryptor.decrypt(Convert.FromBase64String(objResponseInfo.IV));
AESCipher cipher = new AESCipher(key, iv);
Assert.AreEqual(TestWebServiceProxy.THIS_IS_THE_RESPONSE, cipher
.decrypt(encryptedResponse));
}
public void TestAESCipher()
{
AESCipher aesCipher = new AESCipher();
byte[] key = aesCipher.Key;
Assert.AreEqual(32, key.Length);
byte[] iv = aesCipher.IV;
// AES block size is 16 bytes
Assert.AreEqual(16, iv.Length);
Console.WriteLine("AES Key: " + Convert.ToBase64String(key));
Console.WriteLine("AES IV: " + Convert.ToBase64String(iv));
string cleartext = "<?xml version=\"1.0\" encoding=\"utf-8\"?><FolaighMethodCall><methodName>methodOne</methodName><arg0>arg0</arg0><arg1>arg1</arg1></FolaighMethodCall>";
byte[] encryptedText = aesCipher.encrypt(cleartext);
Console.WriteLine("Encrypted text:" + Convert.ToBase64String(encryptedText));
aesCipher = new AESCipher(key, iv);
string decryptedText = aesCipher.decrypt(encryptedText);
Assert.AreEqual(cleartext, decryptedText);
Console.WriteLine("Decrypted Text: <" + decryptedText + ">");
}
protected void decryptBtn_Click(object sender, EventArgs e)
{
//get the users data and pin code input
String pass = passwordTxt.Text;
String pin = pincodeInput.Text;
String OGpin = Text1.Text;
//validate the entered pin code with the one stored in the database
bool match = ValidateHash(pin, OGpin);
//if the pin codes match
if (match)
{
String iv = "";
//get instance of AESCipher internal class
AESCipher AESCipher = new AESCipher();
//decrypt the password
String decrypted = AESCipher.decrypt(pass, OGpin, iv);
//set the text view with the decrypted password
passwordTxt.Text = decrypted;
//set pin code input to blank
pincodeInput.Text = "";
String success = "Decryption Successful!";
Label1.Text = success;
}
//pin code does not match so show error message
else
{
String error = "Please enter the correct password!";
Label1.ForeColor = System.Drawing.Color.Red;
Label1.Text = error;
}
}
public void TestSecureTransport()
{
String methodName = "methodOne";
String arg0 = "arg0";
String arg1 = "arg1";
TestWebServiceProxy testProxy = new TestWebServiceProxy();
ITransportProxy proxy = testProxy;
FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
RSACipher encryptorVerifier = new RSACipher(
keyStore,
"countyKey",
false);
RSACipher signerDecryptor = new RSACipher(
keyStore,
"stateKey",
true);
SecureTransport transport = new SecureTransport(
proxy,
encryptorVerifier,
signerDecryptor);
// Test for the proxy method
String message = "message";
String signature = "signature";
String aesKey = "key";
String iv = "iv";
String senderAlias = "alias";
String retval = proxy.send(message, signature, aesKey, iv, senderAlias);
String returnVal = transport.send(methodName, new String[] { arg0, arg1 });
// First, just check to see if something got to the proxy.
Assert.IsNotNull(returnVal);
Assert.IsNotNull(testProxy.m_aesKey);
Assert.IsNotNull(testProxy.m_iv);
Assert.IsNotNull(testProxy.m_message);
Assert.IsNotNull(testProxy.m_senderAlias);
Assert.IsNotNull(testProxy.m_signature);
Console.WriteLine("Encrypted AES Key:" + testProxy.m_aesKey);
Console.WriteLine("Encrypted IV:" + testProxy.m_iv);
Console.WriteLine("Encrypted Message:" + testProxy.m_message);
Console.WriteLine("Sender Alias:" + testProxy.m_senderAlias);
Console.WriteLine("Signature:" + testProxy.m_signature);
// Decrypt the AES Key
RSACipher testDecryptor = new RSACipher(
keyStore,
"countyKey",
true);
byte[] testKey = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_aesKey));
byte[] testIV = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_iv));
Console.WriteLine("Decrypted Key:" + Convert.ToBase64String(testKey));
Console.WriteLine("Decrypted IV:" + Convert.ToBase64String(testIV));
AESCipher cipher = new AESCipher(testKey, testIV);
// Independently encrypt the message and make sure they're the same
MethodInfo mInfo = new MethodInfo(methodName, new String[] { arg0, arg1 });
String xml = mInfo.encode();
String testEncryptedMessage = Convert.ToBase64String(cipher.encrypt(xml));
Assert.AreEqual(xml, cipher.decrypt(Convert.FromBase64String(testEncryptedMessage)));
Assert.AreEqual(testEncryptedMessage, testProxy.m_message);
string decryptedMessage = cipher.decrypt(Convert.FromBase64String(testProxy.m_message));
string expectedMessage = expectedMethodInfo.encode();
Assert.AreEqual(expectedMessage, decryptedMessage);
}