// valides the specific case of a root node's trust chain
public static bool ValidateRoot(TrustChainNode root)
{
bool parentIsThis = root.ParentId.SequenceEqual(root.ThisId);
bool sanePermissions = ValidatePermissions(root.HeldPermissions, root.GrantablePermissions);
bool correctSignature = CryptoUtil.Verify(root.Payload, root.ThisId, root.ParentSignature);
return(parentIsThis && sanePermissions && correctSignature);
}
// adds the given identity to the known nodes, and returns true if the node was not already trusted
// TODO remove name crap
public bool AddIdentity(TrustChainNode identity, string name = "")
{
bool successAdded = userIdentityTable.TryAdd(GetIdentityString(identity.ThisId), identity);
string existsString = successAdded ? "not found" : "found";
Console.WriteLine($"{name} adding {identity.Name}: identity {existsString}");
return(successAdded);
}
// validates two nodes' relation in a trust chain
public static bool ValidateRelation(TrustChainNode parent, TrustChainNode child)
{
bool correctSignatures = parent.ValidateSignature() && child.ValidateSignature();
bool correctRelation = parent.ThisId.SequenceEqual(child.ParentId);
bool correctPermissions = ValidatePermissions(parent.GrantablePermissions, child.HeldPermissions) &&
ValidatePermissions(child.HeldPermissions, child.GrantablePermissions);
bool correctDescendantSignature = CryptoUtil.Verify(child.Payload, parent.ThisId, child.ParentSignature);
bool parentCanInvite = ValidatePermissions(parent.HeldPermissions, Permission.Invite);
return(correctSignatures && correctRelation && correctPermissions && correctDescendantSignature &&
parentCanInvite);
}
// generates a new trust chain based off an existing one and the new parameters
public static byte[] GenerateNewChain(TrustChainNode[] existing, byte[] parentId, byte[] childId,
Permission heldPermissions, Permission grantablePermissions,
byte[] unassignedData, RSAParameters privateKey)
{
using (var buffer = new MemoryStream())
using (var writer = new BinaryWriter(buffer)) {
TrustChainNode newChild = CreateNode(parentId, childId, heldPermissions, grantablePermissions,
unassignedData, privateKey);
foreach (var node in existing)
{
writer.Write(node.FullData);
}
writer.Write(newChild.FullData);
return(buffer.ToArray());
}
}
// static helper method to segment trust chain into an array of nodes
public static TrustChainNode[] SegmentChain(byte[] data)
{
if (data == null || data.Length % TrustChainNode.NODE_BLOCK_SIZE != 0 || data.Length == 0)
{
throw new CryptographicException($"Data size is not multiple of block size ({data.Length} % {TrustChainNode.NODE_BLOCK_SIZE} != 0)");
}
int numNodes = data.Length / TrustChainNode.NODE_BLOCK_SIZE;
TrustChainNode[] trustChain = new TrustChainNode[numNodes];
for (int i = 0; i < numNodes; i++)
{
byte[] buffer = new byte[TrustChainNode.NODE_BLOCK_SIZE];
Buffer.BlockCopy(data, i * TrustChainNode.NODE_BLOCK_SIZE, buffer, 0, TrustChainNode.NODE_BLOCK_SIZE);
trustChain[i] = new TrustChainNode(buffer);
}
return(trustChain);
}
