public String receive(String message, String signature, String aesKey, String IV, String senderAlias) { // Verify the signature String hash = Convert.ToBase64String(m_encryptorVerifier.decrypt(Convert.FromBase64String(signature))); String expectedHash = Convert.ToBase64String(Hash.getHash(Convert.FromBase64String(message))); bool validSignature = hash.Equals(expectedHash); if (validSignature) { // Decrypt the AES key and IV byte[] key = m_signerDecryptor .decrypt(Convert.FromBase64String(aesKey)); byte[] iv = m_signerDecryptor.decrypt(Convert.FromBase64String(IV)); m_aesCipher.Key = key; m_aesCipher.IV = iv; // Decrypt the message String msg = m_aesCipher.decrypt(Convert.FromBase64String(message)); String response = m_proxy.receive(validSignature, MethodInfo.decode(msg), senderAlias); return(encryptResponse(response)); } else { String response = m_proxy.receive(validSignature, null, senderAlias); return(encryptResponse(response)); } }
public void TestReceiveCall() { TestWebServiceProxy testProxy = new TestWebServiceProxy(); ITransportProxy proxy = testProxy; // This establishes the signature of the proxy's "receive" // method. We need to know if the signature was verified // and whether it came from an authorized sender. MethodInfo methodInfo = new MethodInfo(); bool validSignature = true; String sender = "sender"; String reply = proxy.receive(validSignature, methodInfo, sender); FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray()); RSACipher encryptorVerifier = new RSACipher( keyStore, "stateKey", false); RSACipher signerDecryptor = new RSACipher( keyStore, "countyKey", true); SecureTransport transport = new SecureTransport(proxy, encryptorVerifier, signerDecryptor); testProxy.m_validSignature = false; testProxy.m_message = null; sender = "stateKey"; String result = transport.receive(encryptedMessage, signature, encryptedAesKey, encryptedIV, sender); Assert.IsTrue(testProxy.m_validSignature); Assert.IsNotNull(testProxy.m_methodInfo); Assert.AreEqual(expectedMethodInfo.MethodName, testProxy.m_methodInfo.MethodName); Assert.AreEqual(sender, testProxy.m_senderAlias); }