using System; using System.Security.Cryptography; using System.Text; using BirdsiteLive.Domain.Factories; namespace BirdsiteLive.Domain { public interface ICryptoService { string GetUserPem(string id); string SignAndGetSignatureHeader(DateTime date, string actor, string host, string digest, string inbox); string ComputeSha256Hash(string data); } public class CryptoService : ICryptoService { private readonly IMagicKeyFactory _magicKeyFactory; #region Ctor public CryptoService(IMagicKeyFactory magicKeyFactory) { _magicKeyFactory = magicKeyFactory; } #endregion public string GetUserPem(string id) { return _magicKeyFactory.GetMagicKey().AsPEM; } /// /// /// /// /// in the form of https://domain.io/actor /// in the form of domain.io /// public string SignAndGetSignatureHeader(DateTime date, string actor, string targethost, string digest, string inbox) { var usedInbox = "/inbox"; if (!string.IsNullOrWhiteSpace(inbox)) usedInbox = inbox; var httpDate = date.ToString("r"); var signedString = $"(request-target): post {usedInbox}\nhost: {targethost}\ndate: {httpDate}\ndigest: SHA-256={digest}"; var signedStringBytes = Encoding.UTF8.GetBytes(signedString); var signature = _magicKeyFactory.GetMagicKey().Sign(signedStringBytes); var sig64 = Convert.ToBase64String(signature); var header = "keyId=\"" + actor + "\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date digest\",signature=\"" + sig64 + "\""; return header; } public string ComputeSha256Hash(string data) { // Create a SHA256 using (SHA256 sha256Hash = SHA256.Create()) { // ComputeHash - returns byte array byte[] bytes = sha256Hash.ComputeHash(Encoding.UTF8.GetBytes(data)); return Convert.ToBase64String(bytes); } } } }