public RsaWithRsaParameterKey GetKeys(string routingToken, OwnCertificate ownCert)
{
//var participantRepo = new ParticipantRepository(new UnitOfWork(new InteropContext()));
//var publicKeyString = participantRepo.GetPublicKey(routingToken);
var publicKeyString =
"<RSAKeyValue><Modulus>ks+L8kWHiBwiPw4zJcZwIkeGrhNP0fI6LohybpGjNoZSf4bZ1hXrgLiWoklA2QY7CD7hPbW2d1cLVK7VOAYqAtyIdrchG6AVSWg2ul90QT/BgvNFcBqf9xuS3l25t1OimUcj47/hPx2Nu9NMMMpGhqp6PR2pEwjvMAxHgW7BzOM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";
var fromModulus = publicKeyString.IndexOf("<Modulus>") + "<Modulus>".Length;
var toModulus = publicKeyString.LastIndexOf("</Modulus>");
var modulus = publicKeyString.Substring(fromModulus, toModulus - fromModulus);
var fromExponent = publicKeyString.IndexOf("<Exponent>") + "<Exponent>".Length;
var toExponent = publicKeyString.LastIndexOf("</Exponent>");
var exponent = publicKeyString.Substring(fromExponent, toExponent - fromExponent);
var rsaParam = new RSAParameters();
rsaParam.Modulus = Convert.FromBase64String(modulus);
rsaParam.Exponent = Convert.FromBase64String(exponent);
var rsaParamKey = new RsaWithRsaParameterKey();
rsaParamKey.PublicKey = rsaParam;
rsaParamKey.PrivateKey = ownCert.PrivateKey;
return(rsaParamKey);
}
public static void Demo()
{
const string original = "Very secret and important information that can not fall.";
var hybrid = new HybridEncryption();
var rsaParams = new RsaWithRsaParameterKey();
rsaParams.AssignNewKey();
Console.WriteLine("Hybrid encryption with integrity check.");
try
{
var encrypted = hybrid.Encrypt(Encoding.UTF8.GetBytes(original), rsaParams);
var decrypted = hybrid.Decrypt(encrypted, rsaParams);
Console.WriteLine($"Original: {original}");
Console.WriteLine($"Decrypted: {Encoding.UTF8.GetString(decrypted)}");
}
catch (CryptographicException ex)
{
Console.WriteLine(ex.Message);
}
}
public EncryptedPacket EncryptSoapBody(string original, RsaWithRsaParameterKey keys)
{
var hybrid = new HybridEncryption();
var encryptedBlock = hybrid.EncryptData(Encoding.UTF8.GetBytes(original), keys);
return(encryptedBlock);
}
// Опис: Метод за екстракција и вчитување на приватен клуч од сертификат кој е во форма на податочен тип string
// Влезни параметри: податочна вредност certString
// Излезни параметри: RsaWithRsaParameterKey модел
public RsaWithRsaParameterKey GetPrivateKey(RSAParameters privateKeyRsaParams)
{
var rsaParamKey = new RsaWithRsaParameterKey();
rsaParamKey.PrivateKey = privateKeyRsaParams;
return(rsaParamKey);
}
// Опис: Метод за екстракција и вчитување на јавен клуч од сертификат за соодветен провајдер
// Влезни параметри: податочна вредност routingToken
// Излезни параметри: PublicKeyClass модел
public PublicKeyClass GetPublicKeyForProvider(string routingToken)
{
var providersRepository = new ProvidersRepository(new UnitOfWork(new InteropContext()));
var cerDb = providersRepository.GetPublicKey(routingToken);
var cert = new X509Certificate2(Convert.FromBase64String(cerDb));
var publicKeyCert = (RSACryptoServiceProvider)cert.PublicKey.Key;
var publicKeyString = publicKeyCert.ToXmlString(false);
var fromModulus = publicKeyString.IndexOf("<Modulus>") + "<Modulus>".Length;
var toModulus = publicKeyString.LastIndexOf("</Modulus>");
var modulus = publicKeyString.Substring(fromModulus, toModulus - fromModulus);
var fromExponent = publicKeyString.IndexOf("<Exponent>") + "<Exponent>".Length;
var toExponent = publicKeyString.LastIndexOf("</Exponent>");
var exponent = publicKeyString.Substring(fromExponent, toExponent - fromExponent);
var rsaParam = new RSAParameters();
rsaParam.Modulus = Convert.FromBase64String(modulus);
rsaParam.Exponent = Convert.FromBase64String(exponent);
var rsaParamKey = new RsaWithRsaParameterKey();
rsaParamKey.PublicKey = rsaParam;
var publicKey = new PublicKeyClass();
publicKey.PublicKeyRsa = rsaParamKey;
publicKey.PublicKeyString = publicKeyString;
publicKey.CertString = cerDb;
return(publicKey);
}
// Тест метод за успешна RSA декрипција со јавен клуч
public string Decrypt(EncryptedPacket encryptedBlock)
{
var rsa = (RSACryptoServiceProvider)_certForUJP.PrivateKey;
var privateKey = rsa.ExportParameters(true);
var rsaParams = new RsaWithRsaParameterKey {
PrivateKey = privateKey
};
var decrypted = _hybrid.DecryptData(encryptedBlock, rsaParams);
return(Encoding.UTF8.GetString(decrypted));
}
public byte[] DecryptData(EncryptedPacket encryptedPacket, RsaWithRsaParameterKey rsaParams)
{
// Decrypt AES Key with RSA.
var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);
// Decrypt our data with AES using the decrypted session key.
var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData,
decryptedSessionKey, encryptedPacket.Iv);
return(decryptedData);
}
// Тест метод за успешна RSA енкрипција со јавен клуч
public EncryptedPacket Encrypt()
{
var ascii = ASCIIEncoding.Default.GetBytes(_startText);
var rsa = (RSACryptoServiceProvider)_certForUJP.PrivateKey;
var publicKey = rsa.ExportParameters(false);
var rsaParams = new RsaWithRsaParameterKey {
PublicKey = publicKey
};
var encryptedBlock = _hybrid.EncryptData(ascii, rsaParams);
return(encryptedBlock);
}
public EncryptedPacket EncryptData(byte[] original, RsaWithRsaParameterKey rsaParams)
{
// Generate our session key.
var sessionKey = _aes.GenerateRandomNumber(32);
// Create the encrypted packet and generate the IV.
var encryptedPacket = new EncryptedPacket {
Iv = _aes.GenerateRandomNumber(16)
};
// Encrypt our data with AES.
encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv);
// Encrypt the session key with RSA
encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);
return(encryptedPacket);
}
public EncryptedPacket Encrypt(byte[] original, RsaWithRsaParameterKey rsaParams)
{
var sessionKey = AesEncryption.GenerateRandomNumber(32);
var encryptedPacket = new EncryptedPacket {
Iv = AesEncryption.GenerateRandomNumber(16)
};
encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv);
encryptedPacket.EncryptedSessionKey = rsaParams.Encrypt(sessionKey);
using (var hmac = new HMACSHA256(sessionKey))
{
encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
}
encryptedPacket.Signature = _digitalSignature.SignData(encryptedPacket.Hmac);
return(encryptedPacket);
}
// Тест метод за неуспешна RSA декрипција со јавен клуч
public string DecryptFailed(EncryptedPacket encryptedBlock)
{
var rsa = (RSACryptoServiceProvider)_certForMVR.PrivateKey;
var privateKey = rsa.ExportParameters(true);
var rsaParams = new RsaWithRsaParameterKey {
PrivateKey = privateKey
};
var decrypted = new byte[256];
try
{
decrypted = _hybrid.DecryptData(encryptedBlock, rsaParams);
}
catch (CryptographicException e)
{
throw new CryptographicException(e.Message);
}
return(Encoding.UTF8.GetString(decrypted));
}
static void Main(string[] args)
{
const string original = "Very secret and important information that can not fall into the wrong hands.";
var rsaParams = new RsaWithRsaParameterKey();
rsaParams.AssignNewKey();
var hybrid = new HybridEncryption();
var encryptedBlock = hybrid.EncryptData(Encoding.UTF8.GetBytes(original), rsaParams);
var decrpyted = hybrid.DecryptData(encryptedBlock, rsaParams);
Console.WriteLine("Hybrid Encryption Demonstration in .NET");
Console.WriteLine("---------------------------------------");
Console.WriteLine();
Console.WriteLine("Original Message = " + original);
Console.WriteLine();
Console.WriteLine("Message After Decryption = " + Encoding.UTF8.GetString(decrpyted));
Console.ReadLine();
}
public byte[] Decrypt(EncryptedPacket packet, RsaWithRsaParameterKey rsaParams)
{
var decriptedSessionKey = rsaParams.Decrypt(packet.EncryptedSessionKey);
using (var hmac = new HMACSHA256(decriptedSessionKey))
{
var hmacToCheck = hmac.ComputeHash(packet.EncryptedData);
if (!Compare(packet.Hmac, hmacToCheck))
{
throw new CryptographicException("HMAC for decription doesn't match");
}
if (!_digitalSignature.VerifySignature(packet.Hmac, packet.Signature))
{
throw new CryptographicException("Digital signature cannot be verified.");
}
}
return(_aes.Decrypt(packet.EncryptedData, decriptedSessionKey, packet.Iv));
}
// Опис: Метод за екстракција и вчитување на јавен клуч од сертификат кој е во форма на податочен тип string
// Влезни параметри: податочна вредност certString
// Излезни параметри: RsaWithRsaParameterKey модел
public RsaWithRsaParameterKey GetPublicKeyFromString(string certString)
{
var cert = new X509Certificate2(Convert.FromBase64String(certString));
var publicKeyCert = (RSACryptoServiceProvider)cert.PublicKey.Key;
var publicKeyString = publicKeyCert.ToXmlString(false);
var fromModulus = publicKeyString.IndexOf("<Modulus>") + "<Modulus>".Length;
var toModulus = publicKeyString.LastIndexOf("</Modulus>");
var modulus = publicKeyString.Substring(fromModulus, toModulus - fromModulus);
var fromExponent = publicKeyString.IndexOf("<Exponent>") + "<Exponent>".Length;
var toExponent = publicKeyString.LastIndexOf("</Exponent>");
var exponent = publicKeyString.Substring(fromExponent, toExponent - fromExponent);
var rsaParam = new RSAParameters();
rsaParam.Modulus = Convert.FromBase64String(modulus);
rsaParam.Exponent = Convert.FromBase64String(exponent);
var rsaParamKey = new RsaWithRsaParameterKey();
rsaParamKey.PublicKey = rsaParam;
return(rsaParamKey);
}
public string DecryptSoapBody(byte[] encryptedData, byte[] sessionKey, byte[] iVector, RsaWithRsaParameterKey rsaParams)
{
var encryptedBlock = new EncryptedPacket();
encryptedBlock.EncryptedData = encryptedData;
encryptedBlock.EncryptedSessionKey = sessionKey;
encryptedBlock.Iv = iVector;
encryptedBlock.RsaParams = rsaParams;
var hybrid = new HybridEncryption();
var decrpyted = hybrid.DecryptData(encryptedBlock, encryptedBlock.RsaParams);
var decryptedString = Encoding.UTF8.GetString(decrpyted);
return(decryptedString);
}
