public DeviceAuthenticationWithTpm( string deviceId, SecurityClientHsmTpm securityClient, int suggestedTimeToLiveSeconds, int timeBufferPercentage) : base(deviceId, suggestedTimeToLiveSeconds, timeBufferPercentage) { _securityClient = securityClient ?? throw new ArgumentNullException(nameof(securityClient)); }
public SaslTpmHandler( byte[] endorsementKey, byte[] storageRootKey, string idScope, SecurityClientHsmTpm security) { Debug.Assert(endorsementKey != null); Debug.Assert(storageRootKey != null); Debug.Assert(!string.IsNullOrWhiteSpace(idScope)); Debug.Assert(security != null); Mechanism = MechanismName; _endorsementKey = endorsementKey; _storageRootKey = storageRootKey; _idScope = idScope; _security = security; }
public DeviceAuthenticationWithTpm( string deviceId, SecurityClientHsmTpm securityClient, int timeToLiveSeconds = 1 * 60 * 60, int timeToLiveBufferSeconds = 10 * 60) : base(deviceId, timeToLiveBufferSeconds) { if (securityClient == null) { throw new ArgumentNullException(nameof(securityClient)); } if (timeToLiveSeconds < 0) { throw new ArgumentOutOfRangeException(nameof(timeToLiveSeconds)); } if (timeToLiveBufferSeconds < 0) { throw new ArgumentOutOfRangeException(nameof(timeToLiveBufferSeconds)); } _securityClient = securityClient; _timeToLiveSeconds = timeToLiveSeconds; }
private static string BuildSasSignature(SecurityClientHsmTpm securityClient, string keyName, string target, TimeSpan timeToLive) { string expiresOn = BuildExpiresOn(timeToLive); string audience = WebUtility.UrlEncode(target); var fields = new List <string> { audience, expiresOn }; // Example string to be signed: // dh://myiothub.azure-devices.net/a/b/c?myvalue1=a // <Value for ExpiresOn> byte[] signedBytes = securityClient.Sign(Encoding.UTF8.GetBytes(string.Join("\n", fields))); string signature = Convert.ToBase64String(signedBytes); // Example returned string: // SharedAccessSignature sr=ENCODED(dh://myiothub.azure-devices.net/a/b/c?myvalue1=a)&sig=<Signature>&se=<ExpiresOnValue>[&skn=<KeyName>] var buffer = new StringBuilder(); buffer.AppendFormat(CultureInfo.InvariantCulture, "{0} {1}={2}&{3}={4}&{5}={6}", "SharedAccessSignature", "sr", audience, "sig", WebUtility.UrlEncode(signature), "se", WebUtility.UrlEncode(expiresOn)); if (!string.IsNullOrEmpty(keyName)) { buffer.AppendFormat(CultureInfo.InvariantCulture, "&{0}={1}", "skn", WebUtility.UrlEncode(keyName)); } return(buffer.ToString()); }
public HttpAuthStrategyTpm(SecurityClientHsmTpm security) { _security = security; }
internal static string ExtractServiceAuthKey(SecurityClientHsmTpm securityClient, string hostName, byte[] activation) { securityClient.ActivateSymmetricIdentity(activation); return(BuildSasSignature(securityClient, KeyName, hostName, TimeToLive)); }
public TpmDelegatingHandler(SecurityClientHsmTpm securityClient) { _securityClient = securityClient; }
public TpmSharedAccessSignatureBuilder(SecurityClientHsmTpm securityClient) { _securityClient = securityClient; }
public DeviceAuthenticationWithTpm( string deviceId, SecurityClientHsmTpm securityClient) : base(deviceId) { _securityClient = securityClient ?? throw new ArgumentNullException(nameof(securityClient)); }