public DtoSocketServerVerify VerifyServer() { var computerGuid = Context.Headers["computerGuid"]; var computer = new ServiceComputer().GetByGuid(computerGuid); if (computer == null) { return(null); } var deviceCertEntity = new ServiceCertificate().GetCertificate(computer.CertificateId); var deviceCert = new X509Certificate2(deviceCertEntity.PfxBlob, new EncryptionServices().DecryptText(deviceCertEntity.Password), X509KeyStorageFlags.Exportable); //Calculate UNIX time DateTime epochStart = new DateTime(1970, 01, 01, 0, 0, 0, 0, DateTimeKind.Utc); TimeSpan timeSpan = DateTime.UtcNow - epochStart; string requestTimeStamp = Convert.ToUInt64(timeSpan.TotalSeconds).ToString(); string nonce = Guid.NewGuid().ToString("N"); string signatureRawData = requestTimeStamp + nonce; var csp = (RSACryptoServiceProvider)deviceCert.PrivateKey; SHA1Managed sha1 = new SHA1Managed(); UnicodeEncoding encoding = new UnicodeEncoding(); byte[] data = encoding.GetBytes(signatureRawData); byte[] hash = sha1.ComputeHash(data); var signature = csp.SignHash(hash, CryptoConfig.MapNameToOID("SHA1")); var serverVerification = new DtoSocketServerVerify(); serverVerification.nOnce = nonce; serverVerification.Timestamp = requestTimeStamp; serverVerification.signature = Convert.ToBase64String(signature); return(serverVerification); }
private bool isValidRequest(DtoSocketServerVerify verification) { if (isReplayRequest(verification.nOnce, verification.Timestamp)) { Logger.Debug($"ID: {_logId} - Request appears to be a replay, denying {verification.nOnce} {verification.Timestamp}"); return(false); } var deviceThumbprint = new ServiceSetting().GetSetting("device_thumbprint"); var deviceCert = ServiceCertificate.GetCertificateFromStore(deviceThumbprint.Value, StoreName.My); if (deviceCert == null) { Logger.Error("Could Not Find The Device Certificate For Signature Verification."); return(false); } if (!ServiceCertificate.VerifySignature(deviceCert, Convert.FromBase64String(verification.signature), verification.Timestamp + verification.nOnce)) { return(false); } return(true); }
private bool VerifyServer(DtoSocketServerVerify verification) { return(true); }