Add offline validation flag support (#38)

* add offline validation flag support

* add offline validation support

* improve paths

* cleanup

---------

Co-authored-by: Viacheslav Rudkovskyi <viachaslau.rudkovski@labs64.de>

Author: v-rudkovskiy

NetLicensingClient-demo/Data/Isb-DEMO.xml

@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:netlicensing xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:ns2="http://netlicensing.labs64.com/schema/context" ttl="2020-12-28T22:53:06.681Z"><Signature><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>ICC1F7ZKeQoayrzn1iGtw7Zt96s=</DigestValue></Reference></SignedInfo><SignatureValue>jYb0aGBPR9Rn4HVRJhBsIRafzW1k3D/GF7GZ62nT8dwvJszGB0kEXdFrXTj7FhUeiBcBlqxcsEUUKA5XbE7LGbNm+V+f5xZu/+n/d/miufKPAIk6CN5xoZQLDRGRSruW0LiKJsnkbzHvIF4u6G/HUyQpUfrxwiqXb+tYFpiaMgcSHL5xGzRq5Mqusw21Cdq81MhUb9oUoujgisIZWqNyebOqWuzOjNJOy0y2uml4I5U5tBAL1OlrQKjfPUiy369HwMl37A7dR9oVcahb6/YPI039xeLTn+WzyFPIV7f41o6Ytq4Iefl6swj/elNKTHi9bYzcnjmM7ebOd+hinm8feA==</SignatureValue></Signature><ns2:infos/><ns2:items><ns2:item type="ProductModuleValidation"><ns2:property name="productModuleNumber">Msb-DEMO</ns2:property><ns2:property name="valid">true</ns2:property><ns2:property name="expires">2021-04-21T20:15:45.694Z</ns2:property><ns2:property name="productModuleName">Module using "Subscription" licensing model</ns2:property><ns2:property name="licensingModel">Subscription</ns2:property></ns2:item></ns2:items></ns2:netlicensing>

NetLicensingClient-demo/NetLicensingClient-demo.cs

@@ -1,8 +1,15 @@
 using System;
 using System.Collections.Generic;
+using System.IO;
 using System.Linq;
 using System.Runtime.InteropServices;
+using System.Security.Cryptography.X509Certificates;
+using System.Text;
+using System.Xml;
+using System.Xml.Linq;
+using System.Xml.Serialization;
 using NetLicensingClient.Entities;
+using NetLicensingClient.Utils;
 
 namespace NetLicensingClient
 {
@@ -262,7 +269,7 @@ static int Main(string[] args)
 15OWo6dArRCyNUeROu+9Jp4tET+2RA/PuqQbWW6EbJWBhpkqNdzi9CYuhuUjvk8m
 dwIDAQAB
 -----END PUBLIC KEY-----";
-                string publicKey_wrong = @"-----BEGIN PUBLIC KEY-----
+                string publicKeyWrong = @"-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq96itv1m00/czFD7IzE
 mLiXPpvok1vjqB9VU6kTkq6QFGAfJF1G+m1fbK5NvpiDCsfuofdCFuhVnvLnzrpd
 xUlse8erWEr9p9RAyh25NMK9/v0MAEAYV7zRa+ZOh31G54DwR7zk0TxyVzxKpjPi
@@ -273,7 +280,7 @@ static int Main(string[] args)
 -----END PUBLIC KEY-----";
                 Console.WriteLine("loaded privateKey: {0}", privateKey);
                 Console.WriteLine("loaded publicKey: {0}", publicKey);
-                Console.WriteLine("loaded publicKey_wrong: {0}", publicKey_wrong);
+                Console.WriteLine("loaded publicKey_wrong: {0}", publicKeyWrong);
 
                 //NetLicensing supports API Key Identification to allow limited API access on vendor's behalf.
                 //See: https://netlicensing.io/wiki/security for details.
@@ -337,7 +344,7 @@ static int Main(string[] args)
 
                     // Validate using APIKey wrongly signed
                     context.securityMode = SecurityMode.APIKEY_IDENTIFICATION;
-                    context.publicKey = publicKey_wrong;
+                    context.publicKey = publicKeyWrong;
                     try
                     {
                         validationResult = LicenseeService.validate(context, demoLicenseeNumber, validationParameters);
@@ -354,6 +361,30 @@ static int Main(string[] args)
 
                 #endregion
 
+                #region ****************** Offline validation
+                Context offlineContext = new Context();
+                offlineContext.publicKey = publicKey;
+
+                string validationFile = @"<?xml version=""1.0"" encoding=""UTF-8"" standalone=""yes""?><ns2:netlicensing xmlns=""http://www.w3.org/2000/09/xmldsig#"" xmlns:ns2=""http://netlicensing.labs64.com/schema/context"" ttl=""2020-12-28T22:53:06.681Z""><Signature><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments""/><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#rsa-sha1""/><Reference URI=""""><Transforms><Transform Algorithm=""http://www.w3.org/2000/09/xmldsig#enveloped-signature""/></Transforms><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1""/><DigestValue>ICC1F7ZKeQoayrzn1iGtw7Zt96s=</DigestValue></Reference></SignedInfo><SignatureValue>jYb0aGBPR9Rn4HVRJhBsIRafzW1k3D/GF7GZ62nT8dwvJszGB0kEXdFrXTj7FhUeiBcBlqxcsEUUKA5XbE7LGbNm+V+f5xZu/+n/d/miufKPAIk6CN5xoZQLDRGRSruW0LiKJsnkbzHvIF4u6G/HUyQpUfrxwiqXb+tYFpiaMgcSHL5xGzRq5Mqusw21Cdq81MhUb9oUoujgisIZWqNyebOqWuzOjNJOy0y2uml4I5U5tBAL1OlrQKjfPUiy369HwMl37A7dR9oVcahb6/YPI039xeLTn+WzyFPIV7f41o6Ytq4Iefl6swj/elNKTHi9bYzcnjmM7ebOd+hinm8feA==</SignatureValue></Signature><ns2:infos/><ns2:items><ns2:item type=""ProductModuleValidation""><ns2:property name=""productModuleNumber"">Msb-DEMO</ns2:property><ns2:property name=""valid"">true</ns2:property><ns2:property name=""expires"">2021-04-21T20:15:45.694Z</ns2:property><ns2:property name=""productModuleName"">Module using ""Subscription"" licensing model</ns2:property><ns2:property name=""licensingModel"">Subscription</ns2:property></ns2:item></ns2:items></ns2:netlicensing>";
+
+                Console.WriteLine("Offline validation file: {0}", validationFile);
+
+                ValidationResult validationOfflineResult = ValidationService.validateOffline(offlineContext, validationFile);
+                ConsoleWriter.WriteEntity("Offline validation result (Basic Auth):", validationOfflineResult);
+
+                offlineContext.publicKey = publicKeyWrong;
+
+                try
+                {
+                    validationOfflineResult = ValidationService.validateOffline(offlineContext, validationFile);
+                }
+                catch (NetLicensingException e)
+                {
+                    Console.WriteLine("Offline validation result exception (APIKey / wrongly signed): {0}", e);
+                }
+
+                #endregion
+
                 #region ****************** Transfer
 
                 Licensee transferLicensee = new Licensee();

NetLicensingClient-demo/NetLicensingClient-demo.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>

NetLicensingClient/Entities/Constants.cs

@@ -149,6 +149,11 @@ public class Shop
             public const String PROP_SHOPPING_CART = "shopping-cart";
         }
 
+        public class Validation
+        {
+            public const String FOR_OFFLINE_USE = "forOfflineUse";
+        }
+
         public class ValidationResult
         {
             internal const String VALIDATION_RESULT_TYPE = "ProductModuleValidation";

NetLicensingClient/Entities/ValidationParameters.cs

@@ -6,6 +6,7 @@ namespace NetLicensingClient.Entities
     public class ValidationParameters : IEntity
     {
         private String productNumber;
+        private Boolean forOfflineUse = false;
         private Dictionary<String, String> licenseeProperties;
         private Dictionary<String, Dictionary<String, String>> parameters;
 
@@ -19,6 +20,16 @@ public String getProductNumber ()
         	return productNumber;
         }
 
+        public void setForOfflineUse(Boolean forOfflineUse) 
+        {
+            this.forOfflineUse = forOfflineUse;
+        }
+
+        public Boolean isForOfflineUse() 
+        {
+            return forOfflineUse;
+        }
+
         public Dictionary<String, String> getLicenseeProperties() {
             return licenseeProperties;
         }

NetLicensingClient/LicenseeService.cs

@@ -100,32 +100,8 @@ public static ValidationResult validate(Context context, String number, String p
         /// See NetLicensingAPI for details: https://netlicensing.io/wiki/licensee-services#validate-licensee
         /// </summary>
         public static ValidationResult validate(Context context, String number, ValidationParameters validationParameters, int timeoutInMilliseconds = 100000)
-        {
-        	Dictionary<String, String> parameters = new Dictionary<String, String> ();
-            if (!String.IsNullOrEmpty(validationParameters.getProductNumber())) 
-            {
-                parameters.Add(Constants.Product.PRODUCT_NUMBER, validationParameters.getProductNumber());
-            }
-
-            foreach (KeyValuePair<String, String> property in validationParameters.getLicenseeProperties())
-            {
-                if (!String.IsNullOrEmpty(property.Key))
-                {
-                    parameters.Add(property.Key, property.Value);
-                }
-            }
-
-            int pmIndex = 0;
-        	foreach (KeyValuePair<String, Dictionary<String, String>> productModuleValidationParams in validationParameters.getParameters ()) {
-        		parameters.Add (Constants.ProductModule.PRODUCT_MODULE_NUMBER + pmIndex, productModuleValidationParams.Key);
-        		foreach (KeyValuePair<String, String> param in productModuleValidationParams.Value) {
-        			parameters.Add (param.Key + pmIndex, param.Value);
-        		}
-        		pmIndex++;
-        	}
-
-        	netlicensing output = NetLicensingAPI.request(context, NetLicensingAPI.Method.POST, Constants.Licensee.ENDPOINT_PATH + "/" + number + "/" + Constants.Licensee.ENDPOINT_PATH_VALIDATE, parameters, timeoutInMilliseconds);
-        	return new ValidationResult (output);
+        {
+            return ValidationService.validate(context, number, validationParameters, timeoutInMilliseconds);
         }
 
         /// <summary>

NetLicensingClient/RestController/NetLicensingAPI.cs

@@ -5,14 +5,9 @@
 using System.Xml.Serialization;
 using System.Text;
 using System.Text.RegularExpressions;
-using System.Web;
 using NetLicensingClient.Entities;
 using NetLicensingClient.Exceptions;
-using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.OpenSsl;
-using System.Security.Cryptography;
-using System.Security.Cryptography.Xml;
-using System.Xml;
+using NetLicensingClient.Utils;
 
 namespace NetLicensingClient.RestController
 {
@@ -143,7 +138,7 @@ public static netlicensing request(Context context, Method method, String path,
                                 using (StreamReader reader = new StreamReader(memoryStream))
                                 {
                                     var responseString = reader.ReadToEnd();
-                                    if (!VerifyXmlSignature(responseString, context.publicKey))
+                                    if (!SignatureUtils.check(responseString, context.publicKey))
                                     {
                                         throw new NetLicensingException("XML signature could not be verified");
                                     }
@@ -212,49 +207,6 @@ private static netlicensing deserialize(Stream responseStream)
             XmlSerializer NetLicensingSerializer = new XmlSerializer(typeof(netlicensing));
             return NetLicensingSerializer.Deserialize(responseStream) as netlicensing;
         }
-
-		private static bool VerifyXmlSignature(string xmlString, string publicKey)
-		{
-			using (var keyReader = new StringReader(publicKey))
-			{
-				var pemReader = new PemReader(keyReader);
-
-				RsaKeyParameters parameters = (RsaKeyParameters)pemReader.ReadObject();
-				RSAParameters rParams = new RSAParameters();
-				rParams.Modulus = parameters.Modulus.ToByteArray();
-				rParams.Exponent = parameters.Exponent.ToByteArray();
-
-                RSA rsaKey = RSA.Create();
-                rsaKey.ImportParameters(rParams);
-
-				XmlDocument xmlDoc = new XmlDocument();
-				xmlDoc.PreserveWhitespace = true;
-				xmlDoc.LoadXml(xmlString);
-
-                // Create a new SignedXml object and pass it the XML document class
-                SignedXml signedXml = new SignedXml(xmlDoc);
-                // Find the "Signature" node and create a new XmlNodeList object
-                XmlNodeList nodeList = xmlDoc.GetElementsByTagName("Signature");
-
-                // Throw an exception if no signature was found
-                if (nodeList.Count <= 0)
-				{
-					throw new CryptographicException("Verification failed: No Signature was found in the document.");
-				}
-
-				// Throw an exception if more than one signature was found
-				if (nodeList.Count >= 2)
-				{
-					throw new CryptographicException("Verification failed: More that one signature was found for the document.");
-				}
-
-                // Load the first <signature> node
-                signedXml.LoadXml((XmlElement)nodeList[0]);
-
-                // Check the signature and return the result
-                return signedXml.CheckSignature(rsaKey);
-			}
-		}
     }
 
 }

NetLicensingClient/Utils/SignatureUtils.cs

@@ -0,0 +1,57 @@
+using System.Security.Cryptography.Xml;
+using System.Security.Cryptography;
+using System.Xml;
+using System.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.OpenSsl;
+using System;
+using System.Xml.Serialization;
+
+namespace NetLicensingClient.Utils
+{
+    public class SignatureUtils
+    {
+        public static Boolean check(string xmlString, string publicKey)
+        {
+            using (var keyReader = new StringReader(publicKey))
+            {
+                var pemReader = new PemReader(keyReader);
+
+                RsaKeyParameters parameters = (RsaKeyParameters)pemReader.ReadObject();
+                RSAParameters rParams = new RSAParameters();
+                rParams.Modulus = parameters.Modulus.ToByteArray();
+                rParams.Exponent = parameters.Exponent.ToByteArray();
+
+                RSA rsaKey = RSA.Create();
+                rsaKey.ImportParameters(rParams);
+
+                XmlDocument xmlDoc = new XmlDocument();
+                xmlDoc.PreserveWhitespace = true;
+                xmlDoc.LoadXml(xmlString);
+
+                // Create a new SignedXml object and pass it the XML document class
+                SignedXml signedXml = new SignedXml(xmlDoc);
+                // Find the "Signature" node and create a new XmlNodeList object
+                XmlNodeList nodeList = xmlDoc.GetElementsByTagName("Signature");
+
+                // Throw an exception if no signature was found
+                if (nodeList.Count <= 0)
+                {
+                    throw new CryptographicException("Verification failed: No Signature was found in the document.");
+                }
+
+                // Throw an exception if more than one signature was found
+                if (nodeList.Count >= 2)
+                {
+                    throw new CryptographicException("Verification failed: More that one signature was found for the document.");
+                }
+
+                // Load the first <signature> node
+                signedXml.LoadXml((XmlElement)nodeList[0]);
+
+                // Check the signature and return the result
+                return signedXml.CheckSignature(rsaKey);
+            }
+        }
+    }
+}

NetLicensingClient/ValidationService.cs

@@ -0,0 +1,84 @@
+using NetLicensingClient.Entities;
+using NetLicensingClient.RestController;
+using NetLicensingClient.Utils;
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Text;
+using System.Xml.Linq;
+using System.Xml.Serialization;
+
+namespace NetLicensingClient
+{
+    public class ValidationService
+    {
+        public static ValidationResult validate(Context context, String number, ValidationParameters validationParameters, int timeoutInMilliseconds = 100000)
+        {
+            return convertValidationResult(retrieveValidationFile(context, number, validationParameters, timeoutInMilliseconds));
+        }
+
+        public static ValidationResult validateOffline(Context context, string validationFile)
+        {
+            if (!SignatureUtils.check(validationFile, context.publicKey)) 
+            {
+                throw new NetLicensingException("XML signature could not be verified");
+            }
+
+            byte[] byteArray = Encoding.UTF8.GetBytes(validationFile);
+            MemoryStream stream = new MemoryStream(byteArray);
+
+            XmlSerializer serializer = new XmlSerializer(typeof(netlicensing));
+            netlicensing response = (netlicensing)serializer.Deserialize(stream);
+
+            return convertValidationResult(response);
+        }
+
+        internal static netlicensing retrieveValidationFile(Context context, String number, ValidationParameters validationParameters, int timeoutInMilliseconds = 100000)
+        {
+            Dictionary<String, String> parameters = convertValidationParameters(validationParameters);
+
+            return NetLicensingAPI.request(context, NetLicensingAPI.Method.POST, Constants.Licensee.ENDPOINT_PATH + "/" + number + "/" + Constants.Licensee.ENDPOINT_PATH_VALIDATE, parameters, timeoutInMilliseconds);
+        }
+
+        internal static ValidationResult convertValidationResult(netlicensing validationFile)
+        {
+            return (validationFile != null) ? new ValidationResult(validationFile) : null;
+        }
+
+        internal static Dictionary<String, String> convertValidationParameters(ValidationParameters validationParameters)
+        {
+            Dictionary<String, String> parameters = new Dictionary<String, String>();
+
+            if (!String.IsNullOrEmpty(validationParameters.getProductNumber()))
+            {
+                parameters.Add(Constants.Product.PRODUCT_NUMBER, validationParameters.getProductNumber());
+            }
+
+            if (validationParameters.isForOfflineUse())
+            {
+                parameters.Add(Constants.Validation.FOR_OFFLINE_USE, "true");
+            }
+
+            foreach (KeyValuePair<String, String> property in validationParameters.getLicenseeProperties())
+            {
+                if (!String.IsNullOrEmpty(property.Key))
+                {
+                    parameters.Add(property.Key, property.Value);
+                }
+            }
+
+            int pmIndex = 0;
+            foreach (KeyValuePair<String, Dictionary<String, String>> productModuleValidationParams in validationParameters.getParameters())
+            {
+                parameters.Add(Constants.ProductModule.PRODUCT_MODULE_NUMBER + pmIndex, productModuleValidationParams.Key);
+                foreach (KeyValuePair<String, String> param in productModuleValidationParams.Value)
+                {
+                    parameters.Add(param.Key + pmIndex, param.Value);
+                }
+                pmIndex++;
+            }
+
+            return parameters;
+        }
+    }
+}