/// <summary> /// Creates an offline escrow entry for the master keys in the profile. /// </summary> /// <param name="Profile">The profile to create offline escrow entries for.</param> /// <param name="Shares">The total number of key shares to be created.</param> /// <param name="Quorum">The number of key shares required to recover the keys.</param> /// <returns></returns> public OfflineEscrowEntry(PersonalProfile Profile, int Shares, int Quorum) { var Master = Profile.PersonalMasterProfile; var EscrowedKeySet = new EscrowedKeySet(); EscrowedKeySet.PrivateKeys = new List<Key>(); EscrowedKeySet.PrivateKeys.Add(GetEscrow( Profile.PersonalMasterProfile.MasterSignatureKey.UDF)); foreach (var Escrow in Profile.PersonalMasterProfile.MasterEscrowKeys) { EscrowedKeySet.PrivateKeys.Add(GetEscrow (Escrow.UDF)); } var Encryptor = CryptoCatalog.Default.GetEncryption( CryptoAlgorithmID.AES128CBC); var Secret = new Secret(Encryptor.Size); _KeyShares = Secret.Split(Shares, Quorum); //Trace.WriteHex("MasterKey", Secret.Key); //foreach (var share in _KeyShares) { // Trace.WriteHex("Share", share.Key); // } Encryptor.Key = Secret.Key; EncryptedData = new JoseWebEncryption (EscrowedKeySet.GetBytes(), Encryptor); Identifier = UDF.ToString (UDF.FromEscrowed(Secret.Key, 150)); }
/// <summary> /// Create and recover profile. /// </summary> void KeyRecovery() { // Create escrow keyshares for 2 our of 3 OfflineEscrowEntry = new OfflineEscrowEntry(PersonalProfile, 3, 2); Portal.Label(LabelEscrow); // Publish key escrow to the Mesh MeshClient.Publish(OfflineEscrowEntry); // Recover encryption key from two shares var share1 = OfflineEscrowEntry.KeyShares[0].Text; var share2 = OfflineEscrowEntry.KeyShares[1].Text; // Get recovery data string[] TestShares = { share1, share2 }; var RecoveryKey = new Secret (TestShares); // Determine identifier var Identifier = UDF.ToString(UDF.FromEscrowed( RecoveryKey.Key, 150)); // Here need a call to pull the data Portal.Label(LabelRecover); MeshClient.Recover(Identifier); }