static void Main(string[] args) { try { Logger.Initialize(); byte[] data = "Hello world".GetBytes(); SignKeys signKeys = DataSigner.GenerateSignKeyPair(); byte[] signature = DataSigner.Sign(data, signKeys.PublicAndPrivate); bool valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly); Console.WriteLine(valid ? "Valid" : "NOT Valid"); data[0] = 41; valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly); Console.WriteLine(valid ? "Valid" : "NOT Valid"); data[0] = "H".GetBytes()[0]; valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly); Console.WriteLine(valid ? "Valid" : "NOT Valid"); } catch (Exception e) { Logger.LogError("Unhandled exception", e); Console.WriteLine("Error: " + e.Message); } Console.WriteLine("Press a key to exit"); Console.ReadKey(); }
public bool VerifyIntegrity(Guid userId, Guid dataEntityId) { AssertSystemIsInitialized(); User user = GetAssertUser(userId); IList <Role> roles = this.storage.GetRolesForUser(user.Id); bool userHasRoleWhichHasDataEntity = roles.Any(role => role.DataEntities.Contains(dataEntityId)); if (!userHasRoleWhichHasDataEntity) { throw new InvalidOperationException("You do not have a role which gives access to the requested data entity"); } DataEntity dataEntity = this.storage.GetDataEntityFromId(dataEntityId); if (dataEntity == null) { throw new InvalidOperationException("Data entity with specified id was not found"); } Guid authorId = this.storage.GetAuthorOfDataEntity(dataEntityId); User authoringUser = this.storage.GetUser(authorId); dataEntity.Payload.Content = this.storage.GetDataEntityPayloadFromId(dataEntityId); return(DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, authoringUser.SignPublicKey)); }
public void Insert(Guid userId, DataEntity dataEntity) { if (userId == Guid.Empty) { throw new ArgumentException("userId"); } CheckDataEntity(dataEntity); GetDelegationKey(userId); // check that the user has a key (is still valid) byte[] signPublicKey = this.tokenStorage.FindSignPublicKey(userId); if (signPublicKey == null) { throw new InvalidOperationException("Cannot insert data as no sign key is registered for the user"); } if (!DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, signPublicKey)) { throw new InvalidOperationException("The data signature is not valid"); } // TODO: check access rights) this.dataEntityStorage.InsertDataEntity(userId, dataEntity); }
public void CreateDataEntities(Guid userId, IList <Guid> roleIds, IList <DataEntity> dataEntities) { if (dataEntities == null) { throw new ArgumentNullException("dataEntities"); } if (userId == Guid.Empty) { throw new ArgumentException("userId"); } AssertSystemIsInitialized(); User user = GetAssertUser(userId); IList <Role> checkedRoles = new List <Role>(); foreach (Guid roleId in roleIds) { Role r = GetAssertRole(roleId); AssertUserHasRoleOrAncestorOfRole(user, roleId); if (r.DataEntityPermission == DataEntityPermission.ReadContent) { throw new InvalidOperationException("You cannot create data using one of the specified roles"); } checkedRoles.Add(r); } AssertRolesHasSameRoot(checkedRoles); foreach (DataEntity dataEntity in dataEntities) { CheckDataEntity(dataEntity); if (!DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, user.SignPublicKey)) { throw new InvalidOperationException("A data signature is not valid"); } } foreach (DataEntity entity in dataEntities) { this.storage.CreateDataEntity(userId, entity); } foreach (Role role in checkedRoles) { AddDataEntitiesToRoleAndAllParentsRoles(this.storage.GetDataOwnerRole(), role, dataEntities); } }
public bool VerifyIntegrity(Guid userId, Guid dataEntityId) { GetDelegationKey(userId); // to check that the user is still valid and has not been revoked DataEntity dataEntity = this.dataEntityStorage.FindDataEntityMetadataFromId(dataEntityId); if (dataEntity == null) { throw new InvalidOperationException("Data entity with specified id was not found"); } Guid authorId = this.dataEntityStorage.FindAuthorOfDataEntity(dataEntityId); byte[] signPublicKey = this.tokenStorage.FindSignPublicKey(authorId); dataEntity.Payload.Content = this.dataEntityStorage.FindDataEntityPayloadFromId(dataEntityId); return(DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, signPublicKey)); }