private static EncryptedEntity FromBase64(string base64, EncryptedVerifier verifier)
{
var encoded = Convert.FromBase64String(base64);
var parser = new EncryptedEntityParser(encoded);
parser.Decode(verifier);
return(parser.GetContent());
}
public static EncryptedEntity Decode(byte[] encoded, EncryptedVerifier verifier)
{
try
{
var bsnkType = Asn1Parser.GetBsnkType(encoded);
byte[] signedPayload;
Signature signature;
switch (bsnkType)
{
case Constants.EncryptedIdentityName:
var encryptedIdentity = Asn1Parser.GetEncryptedEntity <EncryptedIdentity>(encoded, false);
return(encryptedIdentity);
case Constants.EncryptedPseudonymName:
var encryptedPseudonym = Asn1Parser.GetEncryptedEntity <EncryptedPseudonym>(encoded, true);
return(encryptedPseudonym);
case Constants.SignedEncryptedIdentityName:
if (verifier == null)
{
throw new ParsingException("No verifier for identity found");
}
signedPayload = Asn1Parser.GetSignedPayload(encoded);
var signedEncryptedIdentity = Asn1Parser.GetEncryptedEntity <EncryptedIdentity>(signedPayload, false);
signature = Asn1Parser.GetSignature(encoded);
verifier.Verify(signedPayload, signature);
return(signedEncryptedIdentity);
case Constants.SignedEncryptedPseudonymName:
if (verifier == null)
{
throw new ParsingException("No verifier for pseudonym found");
}
signedPayload = Asn1Parser.GetSignedPayload(encoded);
var signedEncryptedPseudonym = Asn1Parser.GetEncryptedEntity <EncryptedPseudonym>(signedPayload, true);
signature = Asn1Parser.GetSignature(encoded);
verifier.Verify(signedPayload, signature);
return(signedEncryptedPseudonym);
default:
throw new ParsingException($"Cannot handle type {bsnkType}");
}
}
catch (IOException e)
{
throw new ParsingException("Could not read ASN1", e);
}
}
public static T FromBase64 <T>(string base64, EncryptedVerifier verifier) where T : EncryptedEntity
{
var key = FromBase64(base64, verifier);
if (!(key is T))
{
throw new PolymorphicPseudonymisationException(
$"Expected instance of {typeof(T).Name}, got {key.GetType().Name}");
}
return((T)key);
}
public void Decode(EncryptedVerifier verifier)
{
try
{
bsnkType = parser.GetBsnkType();
switch (bsnkType)
{
case EncryptedIdentityName:
DecodePayload(parser, false);
return;
case EncryptedPseudonymName:
DecodePayload(parser, true);
return;
case SignedEncryptedIdentityName:
if (verifier == null)
{
throw new ParsingException("No verifier for identity found");
}
DecodeSigned(false, verifier);
return;
case SignedEncryptedPseudonymName:
if (verifier == null)
{
throw new ParsingException("No verifier for pseudonym found");
}
DecodeSigned(true, verifier);
return;
default:
throw new ParsingException($"Cannot handle type {bsnkType}");
}
}
catch (IOException e)
{
throw new ParsingException("Could not read ASN1", e);
}
}
private void DecodeSigned(bool isPseudonym, EncryptedVerifier verifier)
{
try
{
var payload = parser.ReadObject <DerSequenceParser>().ToAsn1Object().GetDerEncoded();
var payloadParser = new Asn1Parser(payload);
payloadParser.ReadObject <DerSequenceParser>();
bsnkType = payloadParser.GetBsnkType();
switch (bsnkType)
{
case EncryptedIdentityName:
if (isPseudonym)
{
throw new ParsingException("Encrypted identity inside signed encrypted pseudonym");
}
DecodePayload(payloadParser, false);
break;
case EncryptedPseudonymName:
if (!isPseudonym)
{
throw new ParsingException("Encrypted pseudonym inside signed encrypted identity");
}
DecodePayload(payloadParser, true);
break;
default:
throw new ParsingException($"Cannot handle type {bsnkType}");
}
var signature = DecodeSignature();
verifier.Verify(payload, signature);
}
catch (IOException e)
{
throw new ParsingException("ASN1 decode error", e);
}
}
public EncryptedVerifiers(EncryptedVerifier identityVerifier, EncryptedVerifier pseudonymVerifier)
{
IdentityVerifier = identityVerifier;
PseudonymVerifier = pseudonymVerifier;
}
private static EncryptedEntity FromBase64(string base64, EncryptedVerifier verifier)
{
var encoded = Convert.FromBase64String(base64);
return(EncryptedEntityParser.Decode(encoded, verifier));
}
