/// <summary>
/// Creates an offline escrow entry for the master keys in the profile.
/// </summary>
/// <param name="Profile">The profile to create offline escrow entries for.</param>
/// <param name="Shares">The total number of key shares to be created.</param>
/// <param name="Quorum">The number of key shares required to recover the keys.</param>
/// <returns></returns>
public OfflineEscrowEntry(PersonalProfile Profile, int Shares, int Quorum) {
var Master = Profile.PersonalMasterProfile;
var EscrowedKeySet = new EscrowedKeySet();
EscrowedKeySet.PrivateKeys = new List<Key>();
EscrowedKeySet.PrivateKeys.Add(GetEscrow(
Profile.PersonalMasterProfile.MasterSignatureKey.UDF));
foreach (var Escrow in Profile.PersonalMasterProfile.MasterEscrowKeys) {
EscrowedKeySet.PrivateKeys.Add(GetEscrow (Escrow.UDF));
}
var Encryptor = CryptoCatalog.Default.GetEncryption(
CryptoAlgorithmID.AES128CBC);
var Secret = new Secret(Encryptor.Size);
_KeyShares = Secret.Split(Shares, Quorum);
//Trace.WriteHex("MasterKey", Secret.Key);
//foreach (var share in _KeyShares) {
// Trace.WriteHex("Share", share.Key);
// }
Encryptor.Key = Secret.Key;
EncryptedData = new JoseWebEncryption (EscrowedKeySet.GetBytes(), Encryptor);
Identifier = UDF.ToString (UDF.FromEscrowed(Secret.Key, 150));
}
/// <summary>
/// Create and recover profile.
/// </summary>
void KeyRecovery() {
// Create escrow keyshares for 2 our of 3
OfflineEscrowEntry = new OfflineEscrowEntry(PersonalProfile, 3, 2);
Portal.Label(LabelEscrow);
// Publish key escrow to the Mesh
MeshClient.Publish(OfflineEscrowEntry);
// Recover encryption key from two shares
var share1 = OfflineEscrowEntry.KeyShares[0].Text;
var share2 = OfflineEscrowEntry.KeyShares[1].Text;
// Get recovery data
string[] TestShares = { share1, share2 };
var RecoveryKey = new Secret (TestShares);
// Determine identifier
var Identifier = UDF.ToString(UDF.FromEscrowed(
RecoveryKey.Key, 150));
// Here need a call to pull the data
Portal.Label(LabelRecover);
MeshClient.Recover(Identifier);
}