-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #5 from AISGorod/custom-IEsiaSigner
Custom IEsiaSigner
- Loading branch information
Showing
11 changed files
with
200 additions
and
24 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
# История изменений | ||
|
||
## Версия 1.1.0 | ||
|
||
- Добавлена возможность реализации своего механизма подписи (интерфейс `IEsiaSigner`). | ||
- Переработан пример для демонстрации подписи запросов по ГОСТ 34.10-2012 при помощи openssl. | ||
- Добавлена инструкция по запуску примера на Ubuntu 18.04 и Windows 10 с WSL. | ||
- Указание сертификата в настройках (`options.Certificate`) признано устаревшим, т.к. ЕСИА отказывается от RS256 для подписи запросов и в .Net core нет поддержки ГОСТ по умолчанию. | ||
|
||
## Версия 1.0.2 | ||
|
||
- Интерфейс `IEsiaEnvironment` сделан публичным. | ||
- Реализации интерфейса для тестовой и продукционной среды сделаны публичными, убран модификатор `sealed`. | ||
- Добавлена возможность в настройках подключения ЕСИА указывать собственную реализацию интерфейса `IEsiaEnvironment`. | ||
|
||
## Версия 1.0.1 | ||
|
||
- Добавлена настройка для сохранения токенов и указания схемы входа/выхода. | ||
- Добавлена картинка в NuGet-пакет. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
using AISGorod.AspNetCore.Authentication.Esia; | ||
using System.Diagnostics; | ||
using System.Runtime.InteropServices; | ||
using System.Text; | ||
|
||
namespace EsiaSample | ||
{ | ||
/// <summary> | ||
/// Простейшая обёртка подписи запросов над openssl. | ||
/// </summary> | ||
public class OpensslEsiaSigner : IEsiaSigner | ||
{ | ||
private const string KEY_FILE = @"/home/vladdy/test/esia.key"; | ||
private const string CRT_FILE = @"/home/vladdy/test/esia.pem"; | ||
|
||
public string Sign(byte[] data) | ||
{ | ||
Process a = new Process(); | ||
a.StartInfo.FileName = "openssl"; | ||
a.StartInfo.Arguments = $"cms -sign -binary -stream -engine gost -inkey {KEY_FILE} -signer {CRT_FILE} -nodetach -outform pem"; | ||
|
||
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) | ||
{ | ||
a.StartInfo.FileName = "wsl"; | ||
a.StartInfo.Arguments = "openssl " + a.StartInfo.Arguments; | ||
} | ||
|
||
a.StartInfo.RedirectStandardInput = true; | ||
a.StartInfo.RedirectStandardOutput = true; | ||
a.StartInfo.UseShellExecute = false; | ||
|
||
a.Start(); | ||
a.StandardInput.Write(Encoding.UTF8.GetString(data)); // просто передавать массив байтов не получается - ломает подпись | ||
a.StandardInput.Close(); | ||
|
||
StringBuilder resultData = new StringBuilder(); | ||
bool isKeyProcessing = false; | ||
while (!a.StandardOutput.EndOfStream) | ||
{ | ||
string line = a.StandardOutput.ReadLine(); | ||
if (line == "-----BEGIN CMS-----") | ||
{ | ||
isKeyProcessing = true; | ||
} | ||
else if (line == "-----END CMS-----") | ||
{ | ||
isKeyProcessing = false; | ||
} | ||
else if (isKeyProcessing) | ||
{ | ||
resultData.Append(line); | ||
} | ||
} | ||
return resultData.ToString(); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
using System; | ||
using System.Collections.Generic; | ||
using System.Text; | ||
|
||
namespace AISGorod.AspNetCore.Authentication.Esia | ||
{ | ||
/// <summary> | ||
/// Интерфейс для подписи данных с помощью ключа ИС. | ||
/// </summary> | ||
public interface IEsiaSigner | ||
{ | ||
/// <summary> | ||
/// Подписать последовательность байт при помощи ключа из сертификата ИС. | ||
/// </summary> | ||
/// <param name="data">Данные для подписи.</param> | ||
/// <returns>Откреплённая подпись.</returns> | ||
string Sign(byte[] data); | ||
} | ||
} |