Add c# sample to compute signature

admin-ch / CovidCertificate-Apidoc

API documentation for the integration of primary systems with the machine to machine API

73 stars 7 forks source link

Add c# sample to compute signature #14

Closed taconaut closed 3 years ago

taconaut commented 3 years ago

I had to figure out how to generate the signature using c# code and hope to save future developers some time by providing this example. This code has been successfully used for tests and has been reformatted/renamed slightly to provide a concise example.

golayp commented 3 years ago

Hello @taconaut Did you test with spaces in values ? I'm facing an issue: Integrity check failed, the body hash does not match the hash in the header when I try for example with "familyName": "Roger Martin".

delixfe commented 3 years ago

@taconaut: Thanks for providing the sample. @golayp: The regex new Regex("[\\n\\r\\t ]" should handle the spaces.

golayp commented 3 years ago

thanks @taconaut @delixfe but as explained in this bug I already use this regex for signing my calls, but the validation fails on the test server of OFIT.

taconaut commented 3 years ago

@golayp I just did a quick test with your example and the generation worked fine:

golayp commented 3 years ago

It's seems we're all doing the same stuff lol... my code looks like yours. Unfortunately it's probably elsewhere in the process. I'm using Newtonsoft.Json.JsonConvert.SerializeObject to serialize the payload before using regex... do you think it could end up in an error ?

taconaut commented 3 years ago

It's seems we're all doing the same stuff lol... my code looks like yours.

That's the reason I've posted the sample. I've suspected we weren't the only ones :)

I'm using Newtonsoft.Json.JsonConvert.SerializeObject to serialize the payload before using regex... do you think it could end up in an error ?

No, I do the same:

        private string GetSignature(VaccinationCertificateCreateDto certificateCreateDto)
        {
            var jsonString = JsonConvert.SerializeObject(certificateCreateDto);
            var cleanJsonString = _cleanJsonStringReplaceRegex.Replace(jsonString, string.Empty);

            var signedBytes = _rsaSignature.Value.SignData(Encoding.UTF8.GetBytes(cleanJsonString), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);

            return Convert.ToBase64String(signedBytes);
        }

Where VaccinationCertificateCreateDto is generated using Nswag.

golayp commented 3 years ago

Exact same process on my side, we investigate. Thank you for your help.

golayp commented 3 years ago

Hi @taconaut do you have a version of your generated nswag client to provide to me ? since my issue is almost incomprehensible... I still have issue with givenname or familyname with space in them.... it could be very useful to me.

taconaut commented 3 years ago

Hi @golayp, I''ve added the generatedc client along with the nswag spec, used to generat it, here https://gist.github.com/taconaut/b1c0c88cdaa54c0e2d32288e1a32c5f1

golayp commented 3 years ago

Thanks. Finally it was an issue somewhat diffcult to spot on my side... Thank for you help.