ASCII.GetBytes(guid + "#" + expires + "#");
SHA1Managed provSHA1 = new SHA1Managed();
byte[] hash = provSHA1.ComputeHash(clear);
// reload the RSA provider based on the public key only
CspParameters paramsCsp = new CspParameters();
paramsCsp.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider provRSA = new RSACryptoServiceProvider(paramsCsp);
provRSA.FromXmlString(publicKey);
// verify the signature on the hash
byte[] sigBytes= Convert.FromBase64String(signature);
bool result = provRSA.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"),
sigBytes);
return result;
}
The SHA1Managed implementation of the SHA-1 hashing algorithm is used to create a
computed hash value on the contents of the license file. Once this is complete, an instance of
RSACryptoServiceProvider is initialized using the public key from the control metadata. The
VerifyHash and RSACryptoServiceProvider methods next verify that the signature in the license
file is valid according to the separately computed hash. The result of this check is returned
from RSACryptoServiceProvider.VerifyHash to IsKeyValid, which, in turn, notifies the parent
GetLicense of success or failure.
At this point, we have completed our discussion of license validation.
Pages:
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882