static void Main(string[] args)
{
try
{
Logger.Initialize();
byte[] data = "Hello world".GetBytes();
SignKeys signKeys = DataSigner.GenerateSignKeyPair();
byte[] signature = DataSigner.Sign(data, signKeys.PublicAndPrivate);
bool valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly);
Console.WriteLine(valid ? "Valid" : "NOT Valid");
data[0] = 41;
valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly);
Console.WriteLine(valid ? "Valid" : "NOT Valid");
data[0] = "H".GetBytes()[0];
valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly);
Console.WriteLine(valid ? "Valid" : "NOT Valid");
}
catch (Exception e)
{
Logger.LogError("Unhandled exception", e);
Console.WriteLine("Error: " + e.Message);
}
Console.WriteLine("Press a key to exit");
Console.ReadKey();
}
public bool VerifyIntegrity(Guid userId, Guid dataEntityId)
{
AssertSystemIsInitialized();
User user = GetAssertUser(userId);
IList <Role> roles = this.storage.GetRolesForUser(user.Id);
bool userHasRoleWhichHasDataEntity = roles.Any(role => role.DataEntities.Contains(dataEntityId));
if (!userHasRoleWhichHasDataEntity)
{
throw new InvalidOperationException("You do not have a role which gives access to the requested data entity");
}
DataEntity dataEntity = this.storage.GetDataEntityFromId(dataEntityId);
if (dataEntity == null)
{
throw new InvalidOperationException("Data entity with specified id was not found");
}
Guid authorId = this.storage.GetAuthorOfDataEntity(dataEntityId);
User authoringUser = this.storage.GetUser(authorId);
dataEntity.Payload.Content = this.storage.GetDataEntityPayloadFromId(dataEntityId);
return(DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, authoringUser.SignPublicKey));
}
public void Insert(Guid userId, DataEntity dataEntity)
{
if (userId == Guid.Empty)
{
throw new ArgumentException("userId");
}
CheckDataEntity(dataEntity);
GetDelegationKey(userId); // check that the user has a key (is still valid)
byte[] signPublicKey = this.tokenStorage.FindSignPublicKey(userId);
if (signPublicKey == null)
{
throw new InvalidOperationException("Cannot insert data as no sign key is registered for the user");
}
if (!DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, signPublicKey))
{
throw new InvalidOperationException("The data signature is not valid");
}
// TODO: check access rights)
this.dataEntityStorage.InsertDataEntity(userId, dataEntity);
}
public void CreateDataEntities(Guid userId, IList <Guid> roleIds, IList <DataEntity> dataEntities)
{
if (dataEntities == null)
{
throw new ArgumentNullException("dataEntities");
}
if (userId == Guid.Empty)
{
throw new ArgumentException("userId");
}
AssertSystemIsInitialized();
User user = GetAssertUser(userId);
IList <Role> checkedRoles = new List <Role>();
foreach (Guid roleId in roleIds)
{
Role r = GetAssertRole(roleId);
AssertUserHasRoleOrAncestorOfRole(user, roleId);
if (r.DataEntityPermission == DataEntityPermission.ReadContent)
{
throw new InvalidOperationException("You cannot create data using one of the specified roles");
}
checkedRoles.Add(r);
}
AssertRolesHasSameRoot(checkedRoles);
foreach (DataEntity dataEntity in dataEntities)
{
CheckDataEntity(dataEntity);
if (!DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, user.SignPublicKey))
{
throw new InvalidOperationException("A data signature is not valid");
}
}
foreach (DataEntity entity in dataEntities)
{
this.storage.CreateDataEntity(userId, entity);
}
foreach (Role role in checkedRoles)
{
AddDataEntitiesToRoleAndAllParentsRoles(this.storage.GetDataOwnerRole(), role, dataEntities);
}
}
public bool VerifyIntegrity(Guid userId, Guid dataEntityId)
{
GetDelegationKey(userId); // to check that the user is still valid and has not been revoked
DataEntity dataEntity = this.dataEntityStorage.FindDataEntityMetadataFromId(dataEntityId);
if (dataEntity == null)
{
throw new InvalidOperationException("Data entity with specified id was not found");
}
Guid authorId = this.dataEntityStorage.FindAuthorOfDataEntity(dataEntityId);
byte[] signPublicKey = this.tokenStorage.FindSignPublicKey(authorId);
dataEntity.Payload.Content = this.dataEntityStorage.FindDataEntityPayloadFromId(dataEntityId);
return(DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, signPublicKey));
}
