// valides the specific case of a root node's trust chain public static bool ValidateRoot(TrustChainNode root) { bool parentIsThis = root.ParentId.SequenceEqual(root.ThisId); bool sanePermissions = ValidatePermissions(root.HeldPermissions, root.GrantablePermissions); bool correctSignature = CryptoUtil.Verify(root.Payload, root.ThisId, root.ParentSignature); return(parentIsThis && sanePermissions && correctSignature); }
// adds the given identity to the known nodes, and returns true if the node was not already trusted // TODO remove name crap public bool AddIdentity(TrustChainNode identity, string name = "") { bool successAdded = userIdentityTable.TryAdd(GetIdentityString(identity.ThisId), identity); string existsString = successAdded ? "not found" : "found"; Console.WriteLine($"{name} adding {identity.Name}: identity {existsString}"); return(successAdded); }
// validates two nodes' relation in a trust chain public static bool ValidateRelation(TrustChainNode parent, TrustChainNode child) { bool correctSignatures = parent.ValidateSignature() && child.ValidateSignature(); bool correctRelation = parent.ThisId.SequenceEqual(child.ParentId); bool correctPermissions = ValidatePermissions(parent.GrantablePermissions, child.HeldPermissions) && ValidatePermissions(child.HeldPermissions, child.GrantablePermissions); bool correctDescendantSignature = CryptoUtil.Verify(child.Payload, parent.ThisId, child.ParentSignature); bool parentCanInvite = ValidatePermissions(parent.HeldPermissions, Permission.Invite); return(correctSignatures && correctRelation && correctPermissions && correctDescendantSignature && parentCanInvite); }
// generates a new trust chain based off an existing one and the new parameters public static byte[] GenerateNewChain(TrustChainNode[] existing, byte[] parentId, byte[] childId, Permission heldPermissions, Permission grantablePermissions, byte[] unassignedData, RSAParameters privateKey) { using (var buffer = new MemoryStream()) using (var writer = new BinaryWriter(buffer)) { TrustChainNode newChild = CreateNode(parentId, childId, heldPermissions, grantablePermissions, unassignedData, privateKey); foreach (var node in existing) { writer.Write(node.FullData); } writer.Write(newChild.FullData); return(buffer.ToArray()); } }
// static helper method to segment trust chain into an array of nodes public static TrustChainNode[] SegmentChain(byte[] data) { if (data == null || data.Length % TrustChainNode.NODE_BLOCK_SIZE != 0 || data.Length == 0) { throw new CryptographicException($"Data size is not multiple of block size ({data.Length} % {TrustChainNode.NODE_BLOCK_SIZE} != 0)"); } int numNodes = data.Length / TrustChainNode.NODE_BLOCK_SIZE; TrustChainNode[] trustChain = new TrustChainNode[numNodes]; for (int i = 0; i < numNodes; i++) { byte[] buffer = new byte[TrustChainNode.NODE_BLOCK_SIZE]; Buffer.BlockCopy(data, i * TrustChainNode.NODE_BLOCK_SIZE, buffer, 0, TrustChainNode.NODE_BLOCK_SIZE); trustChain[i] = new TrustChainNode(buffer); } return(trustChain); }