Moved VerifySignature out of the licenses and into an extension method

2025-06-14 06:50:47 -05:00 · 2025-06-09 15:15:54 -04:00 · 2025-06-09 15:15:54 -04:00 · b8f26cbe60
commit b8f26cbe60
parent 0a4dad6c3d
4 changed files with 9 additions and 14 deletions
--- a/src/Core/Billing/Licenses/Extensions/LicenseExtensions.cs
+++ b/src/Core/Billing/Licenses/Extensions/LicenseExtensions.cs
@ -1,6 +1,7 @@
 using System.Reflection;
 using System.Security.Claims;
 using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Billing.Enums;
@ -13,12 +14,14 @@ namespace Bit.Core.Billing.Licenses.Extensions;

 public static class LicenseExtensions
 {
-    public static byte[] ComputeHash(this ILicense license)
+    public static byte[] ComputeHash(this ILicense license) => SHA256.HashData(license.GetDataBytes(true));
+
+    public static bool VerifySignature(this ILicense license, X509Certificate2 certificate)
    {
-        using (var alg = SHA256.Create())
-        {
-            return alg.ComputeHash(license.GetDataBytes(true));
-        }
+        var dataBytes = license.GetDataBytes();
+        var signatureBytes = Convert.FromBase64String(license.Signature);
+        using var rsa = certificate.GetRSAPublicKey();
+        return rsa.VerifyData(dataBytes, signatureBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
    }

    public static byte[] GetDataBytesWithAttributes(this ILicense license, bool forHash = false)
--- a/src/Core/Models/Business/BaseLicense.cs
+++ b/src/Core/Models/Business/BaseLicense.cs
@ -49,14 +49,6 @@ public abstract class BaseLicense : ILicense

    public abstract byte[] GetDataBytes(bool forHash = false);

-    public bool VerifySignature(X509Certificate2 certificate)
-    {
-        using (var rsa = certificate.GetRSAPublicKey())
-        {
-            return rsa.VerifyData(GetDataBytes(), Convert.FromBase64String(Signature), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
-        }
-    }
-
    public byte[] Sign(X509Certificate2 certificate)
    {
        if (!certificate.HasPrivateKey)
--- a/src/Core/Models/Business/ILicense.cs
+++ b/src/Core/Models/Business/ILicense.cs
@ -16,6 +16,5 @@ public interface ILicense
    string Signature { get; set; }
    string Token { get; set; }
    byte[] GetDataBytes(bool forHash = false);
-    bool VerifySignature(X509Certificate2 certificate);
    byte[] Sign(X509Certificate2 certificate);
 }
--- a/src/Core/Services/Implementations/LicensingService.cs
+++ b/src/Core/Services/Implementations/LicensingService.cs
@ -4,6 +4,7 @@ using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using System.Text.Json;
 using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Billing.Licenses.Extensions;
 using Bit.Core.Billing.Licenses.Models;
 using Bit.Core.Billing.Licenses.Services;
 using Bit.Core.Entities;