DecryptSignatureAESKey
- Andy Erd
Declaration
Delphi
function DecryptSignatureAESKey(EncryptedAESKey:AnsiString; DocumentHash: AnsisTring; NotaryPrivateKeyFName : AnsiString; var OutLen : integer) :pointer;
C/C++
SOPAD_API VOID* SOPAD_DecryptSignatureAESKey(char *EncryptedAESKey, char *DocumentHash, char *NotaryPrivateKeyFName, int *OutLen) ;
ActiveX
HRESULT _stdcall DecryptSignatureAESKey([in] BSTR EncryptedAESKey, [in] BSTR DocumentHash, [in] BSTR NotaryPrivateKeyFName, [out, retval] BSTR* Result);
Description
Function to decrypt the AES-key with document hash (PreliminaryDocumentHash) and the notary private key.
This function can only by used with biometric pads, as the standard pads have a secure notarykey.
Arguments
string encryptedAESKey, encoded as hex-string
string documentHash , encoded as hex-string
string pathToNotaryPrivateKey
Return value
returns the decrypted AESkey (alias encrypted-randomkey) encoded as hex-string.
Sample
private string GetFileContentAsString(String FileName, bool asHexString)
{
string result = "";
if (!asHexString)
{
result = File.ReadAllText(FileName);
}
else
{
byte[] fileBytes = File.ReadAllBytes(FileName);
result = BitConverter.ToString(fileBytes);
result = result.Replace("-", "");
}
return result;
}
// function to collect all signature data
private void getSignature()
{
SigDev.startCapture(cert, true, true, true, true, ref padSetting);
// wait for 2 sec for signing
Thread.Sleep(2000);
// Save SignImage
System.IO.File.WriteAllBytes("signature.bmp", (byte[])SigDev.ReadHighResBitmap(1));
// Collect encrypted Biodata
string biodata = "";
SigDev.getBiodataString(ref biodata);
System.IO.File.WriteAllText("biodata.bin", biodata);
// some arbitrary preliminary document hash, should be generated of the signing content in that case its a dummy value
byte[] prelimHash = {0,0,0,0,1,0,0,0, 1,0,0,0,0,0,0,0, 0,1,0,1,0,0,0,0, 0,0,0,0,1,0,0,0};
// save preliminary document hash (better way is not to save it and recreate it from the signed data).
System.IO.File.WriteAllBytes("prelimHash.bin", prelimHash);
// Send preliminary document hash to Device
SigDev.SetPreliminaryDocumentHash(prelimHash);
// Collect and Save EncryptedAES Key from Device
System.IO.File.WriteAllBytes("encryptedAesKey.bin", (byte[])SigDev.GetEncryptedAesKey());
// Stop Signmode, Pad will switch to Standby again
SigDev.stopCapture(0);
}
// function to decrypt biodata with raw data
private void DecryptBiometricdata()
{
string notarykey = "private4096.txt";
string biodata = GetFileContentAsString("biodata.bin", false);
string aeskey = GetFileContentAsString("encryptedAesKey.bin", true);
string dochash = GetFileContentAsString("prelimHash.bin", true);
string randomkey = SigDev.DecryptSignatureAESKey(aeskey, dochash, notarykey);
string decryptedBiodata = SigDev.DecryptSignatureBiodata((randomkey), biodata);
Console.WriteLine("btnDecryptBiodataClick done.");
Console.WriteLine("btnDecryptBiodataClick randomkey=" + (randomkey));
Console.WriteLine("btnDecryptBiodataClick decryptedBiodata=" + decryptedBiodata);
}