/// <summary> /// Creates an offline escrow entry for the master keys in the profile. /// </summary> /// <param name="Profile">The profile to create offline escrow entries for.</param> /// <param name="Shares">The total number of key shares to be created.</param> /// <param name="Quorum">The number of key shares required to recover the keys.</param> /// <returns></returns> public OfflineEscrowEntry(PersonalProfile Profile, int Shares, int Quorum) { var Master = Profile.PersonalMasterProfile; var EscrowedKeySet = new EscrowedKeySet(); EscrowedKeySet.PrivateKeys = new List<Key>(); EscrowedKeySet.PrivateKeys.Add(GetEscrow( Profile.PersonalMasterProfile.MasterSignatureKey.UDF)); foreach (var Escrow in Profile.PersonalMasterProfile.MasterEscrowKeys) { EscrowedKeySet.PrivateKeys.Add(GetEscrow (Escrow.UDF)); } var Encryptor = CryptoCatalog.Default.GetEncryption( CryptoAlgorithmID.AES128CBC); var Secret = new Secret(Encryptor.Size); _KeyShares = Secret.Split(Shares, Quorum); //Trace.WriteHex("MasterKey", Secret.Key); //foreach (var share in _KeyShares) { // Trace.WriteHex("Share", share.Key); // } Encryptor.Key = Secret.Key; EncryptedData = new JoseWebEncryption (EscrowedKeySet.GetBytes(), Encryptor); Identifier = UDF.ToString (UDF.FromEscrowed(Secret.Key, 150)); }
/// <summary> /// Create a new profile for [email protected] /// </summary> void CreateProfile() { // Create device profile SignedDeviceProfile1 = new SignedDeviceProfile(Device1, Device1Description); // Create master profile PersonalProfile = new PersonalProfile(SignedDeviceProfile1); SignedPersonalProfile = PersonalProfile.Signed; }
public void TestLiveMail () { // Create test Mesh File.Delete(Store); File.Delete(Portal); Mesh = new Mesh(Service, Store, Portal); // Create Master Profile Mesh.CheckAccount(AccountID); var DevProfile = new SignedDeviceProfile(Device1, Device1Description); var UserProfile = new PersonalProfile(DevProfile); var SignedProfile = UserProfile.Signed; Mesh.CreateAccount(UserName, SignedProfile); Mesh.GetAccount(UserName); // Read the LiveMail accounts var MailClientCatalog = new MailClientCatalogPlatform(); MailClientCatalog.ImportWindowsLiveMail(); MailClientCatalog.Dump(); var MailAccount = MailClientCatalog.Accounts[0]; // Add self signed certs if they don't have them already MailAccount.GenerateSMIME(); // Write out the updated profile MailAccount.Update(); //// Create Mail Profile //var MailProfile = new MailProfile(UserProfile, MailAccount); // Create Test Account from Mail Profile var NewMailInfo = new MailAccountInfoWLM(); //MailProfile.Export(NewMailInfo); NewMailInfo.AccountName = "Test-Delete"; // Write it out NewMailInfo.Create(); }
/// <summary> /// Deserialize a tagged stream /// </summary> /// <param name="JSONReader">The input stream</param> /// <returns>The created object.</returns> public static new Entry FromTagged (JSONReader JSONReader) { Entry Out = null; JSONReader.StartObject (); if (JSONReader.EOR) { return null; } string token = JSONReader.ReadToken (); switch (token) { case "Entry" : { var Result = new Entry (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedProfile" : { var Result = new SignedProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedDeviceProfile" : { var Result = new SignedDeviceProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedMasterProfile" : { var Result = new SignedMasterProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedPersonalProfile" : { var Result = new SignedPersonalProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedApplicationProfile" : { var Result = new SignedApplicationProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedConnectionRequest" : { var Result = new SignedConnectionRequest (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedConnectionResult" : { var Result = new SignedConnectionResult (); Result.Deserialize (JSONReader); Out = Result; break; } case "Profile" : { Out = null; throw new Exception ("Can't create abstract type"); } case "DeviceProfile" : { var Result = new DeviceProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "MasterProfile" : { var Result = new MasterProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "PersonalProfile" : { var Result = new PersonalProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "ApplicationProfile" : { var Result = new ApplicationProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "EncryptedProfile" : { var Result = new EncryptedProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "ApplicationProfilePrivate" : { var Result = new ApplicationProfilePrivate (); Result.Deserialize (JSONReader); Out = Result; break; } case "EscrowEntry" : { var Result = new EscrowEntry (); Result.Deserialize (JSONReader); Out = Result; break; } case "OfflineEscrowEntry" : { var Result = new OfflineEscrowEntry (); Result.Deserialize (JSONReader); Out = Result; break; } case "OnlineEscrowEntry" : { var Result = new OnlineEscrowEntry (); Result.Deserialize (JSONReader); Out = Result; break; } default : { //Ignore the unknown data //throw new Exception ("Not supported"); break; } } JSONReader.EndObject (); return Out; }
/// <summary> /// Generate a new profile with the requested options. Note that this could be /// parallelized very easily by performing time consuming operations (e.g. generating /// keys) while the user is answering other questions. /// </summary> public void GenerateProfile() { UserProfile = new PersonalProfile(ThisDevice); UDF = UserProfile.PersonalMasterProfile.MasterSignatureKey.UDF; if (ConfigurePassword) { var PasswordProfile = new PasswordProfile(UserProfile); PasswordProfile.AddDevice(ThisDevice); MeshClient.Publish(PasswordProfile.Signed); } if (ConfigureNetwork) { var NetworkProfile = new NetworkProfile(UserProfile); NetworkProfile.AddDevice(ThisDevice); MeshClient.Publish(NetworkProfile.Signed); } if (ConfigureEmail) { foreach (var MailAccountInfo in MailAccountInfos) { // Add in the S/MIME parameters and update the profile //if (!MailAccountInfo.GotSMIME) { MailAccountInfo.GenerateSMIME(); MailAccountInfo.Update(); //} var MailProfile = new MailProfile(UserProfile, MailAccountInfo); MailProfile.AddDevice(ThisDevice); //var SignedMailProfile = new SignedApplicationProfile(MailProfile); MeshClient.Publish(MailProfile.Signed); } } if (ConfigureRecovery) { MakeCheckRecovery(); } // publish to the cloud var SignedProfile = new SignedPersonalProfile(UserProfile); SignedProfile.ToRegistry(); MeshClient.CreatePersonalProfile(AccountID, SignedProfile); }
public void InstallMail (PersonalProfile PersonalProfile, string ID) { var SMP = MeshClient.GetApplicationProfile(ID); var MailProfile = SMP.Signed as MailProfile; MailProfile.Link(PersonalProfile); MailProfile.Private.AccountName = "Mesh-" + MailProfile.Private.AccountName; var AccountInfo = new MailAccountInfoWLM(); MailProfile.Export(AccountInfo); AccountInfo.Create(); }
/// <summary> /// Unpack the SignedData structure and verify that the components /// are all valid. /// <para>The Personal Master is signed with the PMSK.</para> /// <para>The Administration profile is signed with the POSK.</para> /// <para>The Personal profile is signed with a valid admin key.</para> /// <para>Each signing key matches the specified UDF.</para> /// </summary> /// <returns></returns> PersonalProfile UnpackAndVerify() { var Text = Encoding.UTF8.GetString(SignedData.Payload); //Goedel.Debug.Trace.WriteLine("Data as signed {0}", Text); var Unpacked = PersonalProfile.FromTagged (Text); Unpacked.Unpack(); CheckSignedPOSK(Unpacked); //CheckSignedAdmin(Unpacked); // Check the signature on the profile _Signed = Unpacked; return Unpacked; }
/// <summary> /// Convenience function that converts a generic Signed Profile returned /// by the Mesh to a PasswordProfile. /// </summary> /// <param name="SignedProfile">A signed password profile.</param> /// <param name="PersonalProfile">The personal profile to link the Password Profile to.</param> /// <returns>Inner PasswordProfile if the Signed Profile contains one, /// otherwise null.</returns> public static PasswordProfile Get(SignedProfile SignedProfile, PersonalProfile PersonalProfile) { var Result = SignedProfile.Inner as PasswordProfile; if (Result == null) { throw new Throw("Not a password profile."); } Result.Link(PersonalProfile); return (Result); }
private void GetProfile(String Portal, String UDF) { RegistrationPersonal = Machine.Personal; Utils.Assert(RegistrationPersonal, "No profile found"); PortalID = RegistrationPersonal?.Portals?[0]; Utils.Assert(PortalID, "No portal ID known"); SignedPersonalProfile = RegistrationPersonal.Profile; PersonalProfile = SignedPersonalProfile.Signed; PersonalProfile.SignedDeviceProfile = GetDevice(SignedPersonalProfile); }
public void CheckInValidBadProfileSignature(Mesh Mesh) { var DevProfile = new SignedDeviceProfile(Device1, Device1Description); var UserProfile = new PersonalProfile(DevProfile); var PasswordProfile = new PasswordProfile(UserProfile); //PasswordProfile.AddDevice(DevProfile); var SignedProfile = new SignedPersonalProfile(UserProfile); Mesh.AddProfile(SignedProfile); var SignedProfile2 = Mesh.GetSignedPersonalProfile(UserName); Trace.Spoil(SignedProfile2.SignedData.Signature, SignedProfile2.SignedData.Signature); var FoundError = CheckProfileFails(SignedProfile2, typeof(System.Exception)); Debug.Trace.Assert("Missed error", FoundError); }
///// <summary> ///// Construct a MailProfile from the specified account information. ///// </summary> ///// <param name="UserProfile">The personal profile to attach this profile to.</param> ///// <param name="MailAccountInfo">Description of the mail account.</param> //public MailProfile(PersonalProfile UserProfile, MailAccountInfo MailAccountInfo) // : base(UserProfile, "MailProfile", MailAccountInfo.AccountName) { // _Private = new MailProfilePrivate(MailAccountInfo); // } ///// <summary> ///// Construct an empty MailProfile for the specified account. ///// </summary> ///// <param name="UserProfile">The Personal Profile to link the MailProfile to.</param> ///// <param name="Account">The mail account name.</param> //public MailProfile(PersonalProfile UserProfile, string Account) // : base(UserProfile, "MailProfile", Account) { // //_Private = new MailProfilePrivate(Account); // } /// <summary> /// Get the default mail profile from the specified personal profile. /// </summary> /// <param name="UserProfile">The user profile</param> /// <returns>The default mail profile.</returns> public static MailProfile Get(PersonalProfile UserProfile) { //return UserProfile.GetApplication(typeof(MailProfile)) as MailProfile; return null; }
public bool Calculate() { if (NewDeviceProfile) { var NewProfile = new SignedDeviceProfile(DeviceName, DeviceDescription); _DeviceProfile = NewProfile; } else { _DeviceProfile = ProfileManager.RegistrationMachine.Device.Device; } _PersonalProfile = new PersonalProfile(_DeviceProfile); // Have got the profile, escrow the key if (EscrowKeys) { var OfflineEscrowEntry = new OfflineEscrowEntry(_PersonalProfile, EscrowShares, EscrowQuorum); EscrowKeyShares = new List<Goedel.Trojan.Object>(); int Index = 1; foreach (var KeyShare in OfflineEscrowEntry.KeyShares) { var Share = new Share(); Share.Number.Value = Index++; Share.Value.Value = KeyShare.Text; EscrowKeyShares.Add(Share); } } if (WebApplicationProfile) { PasswordProfile = new PasswordProfile(PersonalProfile); PasswordProfile.AddDevice(_DeviceProfile); } // Mail profiles here /* foreach (var MailAccountInfo in MailAccountInfos) { // Add in the S/MIME parameters and update the profile //if (!MailAccountInfo.GotSMIME) { MailAccountInfo.GenerateSMIME(); MailAccountInfo.Update(); //} var MailProfile = new MailProfile(UserProfile, MailAccountInfo); MailProfile.AddDevice(ThisDevice); //var SignedMailProfile = new SignedApplicationProfile(MailProfile); MeshClient.Publish(MailProfile.Signed); } * */ // Network profiles here /* var NetworkProfile = new NetworkProfile(UserProfile); NetworkProfile.AddDevice(ThisDevice); MeshClient.Publish(NetworkProfile.Signed); */ // SSH profiles here SignedPasswordProfile = PasswordProfile.Signed; _SignedPersonalProfile = new SignedPersonalProfile(PersonalProfile); return true; }
/// <summary> /// Construct an instance from the specified tagged JSONReader stream. /// </summary> /// <param name="JSONReader">Input stream</param> /// <param name="Out">The created object</param> public static void Deserialize(JSONReader JSONReader, out JSONObject Out) { JSONReader.StartObject (); if (JSONReader.EOR) { Out = null; return; } string token = JSONReader.ReadToken (); Out = null; switch (token) { case "PublicKey" : { var Result = new PublicKey (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedData" : { var Result = new SignedData (); Result.Deserialize (JSONReader); Out = Result; break; } case "EncryptedData" : { var Result = new EncryptedData (); Result.Deserialize (JSONReader); Out = Result; break; } case "Connection" : { var Result = new Connection (); Result.Deserialize (JSONReader); Out = Result; break; } case "Entry" : { var Result = new Entry (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedProfile" : { var Result = new SignedProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "Profile" : { Out = null; throw new Exception ("Can't create abstract type"); } case "SignedDeviceProfile" : { var Result = new SignedDeviceProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "DeviceProfile" : { var Result = new DeviceProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "DevicePrivateProfile" : { var Result = new DevicePrivateProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedMasterProfile" : { var Result = new SignedMasterProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "MasterProfile" : { var Result = new MasterProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedPersonalProfile" : { var Result = new SignedPersonalProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "PersonalProfile" : { var Result = new PersonalProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedApplicationProfile" : { var Result = new SignedApplicationProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "EncryptedProfile" : { var Result = new EncryptedProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "ApplicationProfile" : { var Result = new ApplicationProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "ApplicationProfilePrivate" : { var Result = new ApplicationProfilePrivate (); Result.Deserialize (JSONReader); Out = Result; break; } case "ApplicationProfileEntry" : { var Result = new ApplicationProfileEntry (); Result.Deserialize (JSONReader); Out = Result; break; } case "EscrowEntry" : { var Result = new EscrowEntry (); Result.Deserialize (JSONReader); Out = Result; break; } case "OfflineEscrowEntry" : { var Result = new OfflineEscrowEntry (); Result.Deserialize (JSONReader); Out = Result; break; } case "OnlineEscrowEntry" : { var Result = new OnlineEscrowEntry (); Result.Deserialize (JSONReader); Out = Result; break; } case "EscrowedKeySet" : { var Result = new EscrowedKeySet (); Result.Deserialize (JSONReader); Out = Result; break; } case "ConnectionRequest" : { var Result = new ConnectionRequest (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedConnectionRequest" : { var Result = new SignedConnectionRequest (); Result.Deserialize (JSONReader); Out = Result; break; } case "ConnectionResult" : { var Result = new ConnectionResult (); Result.Deserialize (JSONReader); Out = Result; break; } case "SignedConnectionResult" : { var Result = new SignedConnectionResult (); Result.Deserialize (JSONReader); Out = Result; break; } default : { throw new Exception ("Not supported"); } } JSONReader.EndObject (); }
/// <summary> /// Deserialize a tagged stream /// </summary> /// <param name="JSONReader">The input stream</param> /// <returns>The created object.</returns> public static new PersonalProfile FromTagged (JSONReader JSONReader) { PersonalProfile Out = null; JSONReader.StartObject (); if (JSONReader.EOR) { return null; } string token = JSONReader.ReadToken (); switch (token) { case "PersonalProfile" : { var Result = new PersonalProfile (); Result.Deserialize (JSONReader); Out = Result; break; } default : { //Ignore the unknown data //throw new Exception ("Not supported"); break; } } JSONReader.EndObject (); return Out; }
/// <summary> /// Deserialize a tagged stream /// </summary> /// <param name="JSONReader">The input stream</param> /// <returns>The created object.</returns> public static new Profile FromTagged (JSONReader JSONReader) { Profile Out = null; JSONReader.StartObject (); if (JSONReader.EOR) { return null; } string token = JSONReader.ReadToken (); switch (token) { case "Profile" : { Out = null; throw new Exception ("Can't create abstract type"); } case "DeviceProfile" : { var Result = new DeviceProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "MasterProfile" : { var Result = new MasterProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "PersonalProfile" : { var Result = new PersonalProfile (); Result.Deserialize (JSONReader); Out = Result; break; } case "ApplicationProfile" : { var Result = new ApplicationProfile (); Result.Deserialize (JSONReader); Out = Result; break; } default : { //Ignore the unknown data //throw new Exception ("Not supported"); break; } } JSONReader.EndObject (); return Out; }
public void MeshStorem() { File.Delete(Store); File.Delete(Portal); Mesh = new Mesh(Service, Store, Portal); Mesh.CheckAccount(AccountID); var DevProfile = new SignedDeviceProfile(Device1, Device1Description); var UserProfile = new PersonalProfile(DevProfile); var SignedProfile = UserProfile.Signed; Mesh.CreateAccount(UserName, SignedProfile); Mesh.GetAccount(UserName); var PasswordProfile = new PasswordProfile(true); var SignedPasswordProfile = PasswordProfile.Signed; SignedProfile = UserProfile.Signed; Mesh.AddProfile(SignedPasswordProfile); Mesh.UpdateProfile(SignedProfile); }
public void MeshStore () { File.Delete(Store); File.Delete(Portal); Mesh = new Mesh(Service, Store, Portal); Mesh.CheckAccount(AccountID); var DevProfile = new SignedDeviceProfile(Device1, Device1Description); var UserProfile = new PersonalProfile(DevProfile); var SignedProfile = UserProfile.Signed; Mesh.CreateAccount(AccountID, SignedProfile); // Add the device to the profile entry in the parent. var PasswordProfile = new PasswordProfile(true); var SignedPasswordProfile = PasswordProfile.Signed; SignedProfile = UserProfile.Signed; Mesh.AddProfile(SignedPasswordProfile); Mesh.UpdateProfile(SignedProfile); // ok now pull the profile as a client. var Account = Mesh.GetAccount(AccountID); var AccountPersonalProfile = Mesh.GetPersonalProfile(Account.UserProfileUDF); AccountPersonalProfile.SignedDeviceProfile = DevProfile; var PasswordEntry = AccountPersonalProfile.GetPasswordProfile(); var SignedPasswordProfile2 = Mesh.GetProfile(PasswordEntry.Identifier) as SignedProfile; var AccountPasswordProfile = PasswordProfile.Get( SignedPasswordProfile2, AccountPersonalProfile); AccountPasswordProfile.Add(PWDSite, PWDUser, PWDPassword); // Implement the second way to do things, cleaner. //var AccountSignedPassword = new SignedPasswordProfile(AccountPasswordProfile); var AccountSignedPassword = AccountPasswordProfile.Signed; Mesh.UpdateProfile(AccountSignedPassword); // Now add a new device var DevProfile2 = new SignedDeviceProfile(Device2, Device2Description); // Post Connect Request Mesh.GetChainToken(); var ConnectionRequest = new ConnectionRequest(Account, DevProfile2); Mesh.PostConnectionRequest(ConnectionRequest.Signed, Account.UniqueID); // Get list of pending requests Mesh.GetPendingRequests(Account.AccountID); // Accept pending request var ConnectionResult = new ConnectionResult(); ConnectionResult.Result = "Accept"; ConnectionResult.Device = DevProfile2; var SignedConnectionResult = new SignedConnectionResult(ConnectionResult, AccountPersonalProfile.GetAdministrationKey()); Mesh.CloseConnectionRequest(Account.AccountID, SignedConnectionResult); // Pull password data Mesh.GetRequestStatus(Account.AccountID, DevProfile2.UDF); // decrypt using device2 credential var SignedPasswordProfile3 = Mesh.GetProfile(PasswordEntry.Identifier) as SignedProfile; var PP3 = PasswordProfile.Get(SignedPasswordProfile3, AccountPersonalProfile); var PasswordPrivate = PP3.Private; }
public void CheckValid () { var DevProfile = new SignedDeviceProfile(Device1, Device1Description); var UserProfile = new PersonalProfile(DevProfile); var PasswordProfile = new PasswordProfile(UserProfile); var SignedProfile = new SignedPersonalProfile(UserProfile); //PasswordProfile.AddDevice(DevProfile); Mesh.AddProfile(SignedProfile); var UserProfile2 = Mesh.GetPersonalProfile(UserName); }
/// <summary> /// Create a new personal profile /// </summary> /// <param name="Options">Command line parameters</param> public override void Personal(Personal Options) { SetReporting(Options.Report, Options.Verbose); var Address = Options.Portal.Value; Utils.Assert((Address != null & Address != ""), "Must specify account"); // See if the portal exists and will accept the specified account name. GetMeshClient(Address); var AccountAvailable = MeshClient.Validate(AccountID); if (!AccountAvailable.Valid) { if (Options.Next.Value) { GetNextAccount(); } else { Utils.Error("Portal refused account {0} because {1}", Address, AccountAvailable.Reason); } } // Get / create the device profile if required RegistrationDevice RegistrationDevice = null; bool Generate = false; if (Options.DeviceNew.Value) { Generate = true; } else if (Options.DeviceUDF.Value != null) { // use the profile with the specified fingerprint var Found = Machine.GetUDF(Options.DeviceUDF.Value, out RegistrationDevice); Utils.Assert(Found, "Could not find profile " + Options.DeviceUDF.Value); } else if (Options.DeviceID.Value != null) { // use the profile with the specified ID var Found = Machine.GetID(Options.DeviceID.Value, out RegistrationDevice); Utils.Assert(Found, "Could not find profile " + Options.DeviceID.Value); } else if (Machine.Device != null) { RegistrationDevice = Machine.Device; } else { Generate = true; } // Generate a new device profile if (Generate) { var DeviceID = Utils.Default(Options.DeviceID.Value, "Default"); var DeviceDescription = Utils.Default(Options.DeviceDescription.Value, "Unknown"); var NewProfileDevice = new SignedDeviceProfile(DeviceID, DeviceDescription); RegistrationDevice = Machine.Add(NewProfileDevice); } var ProfileDevice = RegistrationDevice.Device; var PersonalProfile = new PersonalProfile(ProfileDevice); var SignedPersonalProfile = PersonalProfile.Signed; // add to the machine registry Machine.Add(SignedPersonalProfile, PortalID); // Register with the Mesh portal var PublishResult = MeshClient.Publish(SignedPersonalProfile); Utils.Assert(PublishResult.Status.StatusSuccess(), "Portal refused profile publication request"); Report("Created new personal profile {0}", SignedPersonalProfile.UDF); Report("Device profile is {0}", ProfileDevice.UDF); Report("Profile registered to {0}", PortalID); }
/// <summary> /// Connect an application profile read from store to a PersonalProfile object. /// </summary> /// <param name="PersonalProfile">Personal profile to link</param> /// <param name="ApplicationProfileEntry">Profile entry to link to</param> public void Link(PersonalProfile PersonalProfile, ApplicationProfileEntry ApplicationProfileEntry) { this.PersonalProfile = PersonalProfile; this.ApplicationProfileEntry = ApplicationProfileEntry; ApplicationProfileEntry.ApplicationProfile = this; }
/// <summary> /// Create from a current personal profile. /// </summary> /// <param name="Data">The current profile to sign</param> /// <exception cref="Exception">The administration key could not be found.</exception> public SignedPersonalProfile(PersonalProfile Data) { // Locate the administration key for this device. var AdminKey = Data.GetAdministrationKey(); Throw.If(AdminKey == null, "Device not authorized for administration."); // Make sure all the data is properly registered Data.Package(); Identifier = Data.Identifier; //Goedel.Debug.Trace.WriteLine("Data to be signed {0}", Data.ToString()); SignedData = new JoseWebSignature(Data.GetBytes(), AdminKey); _Signed = Data; }
///// <summary> ///// Create a new application profile and add it to the UserProfile. ///// </summary> ///// <param name="PersonalProfile">The personal profile to attach to.</param> ///// <param name="Type">Application type</param> ///// <param name="Tag">Friendly name</param> //public ApplicationProfile(PersonalProfile PersonalProfile, // string Type, string Tag) { // this.PersonalProfile = PersonalProfile; // Identifier = Goedel.Cryptography.UDF.Random(); // } /// <summary> /// Connect an application profile read from store to a PersonalProfile object. /// </summary> /// <param name="PersonalProfile">Personal profile to link</param> public void Link(PersonalProfile PersonalProfile) { ApplicationProfileEntry = PersonalProfile.GetApplicationEntry(Identifier); if (ApplicationProfileEntry == null) throw new Throw("Not found"); Link(PersonalProfile, ApplicationProfileEntry); ApplicationProfileEntry.ApplicationProfile = this; }
//private void CheckSignedAdmin(PersonalProfile Unpacked) { // // Get the UDF of the signing key. // var SignatureKeyUDF = SignedData.ParsedHeader.kid; // // Get the corresponding device key parameters. // var SignedDevice = SignedDeviceProfile.FindSignatureKey(Unpacked.Devices, SignatureKeyUDF); // // Is the device authorized for admin? // bool Found = false; // foreach (var Entry in Unpacked.AdministrationProfile.Entries) { // if (Entry.UDF == SignedDevice.UDF) { // Found = true; // } // } // Throw.IfNot(Found, "Device not authorized to sign administration profile"); // // Check the signature. // var SigningKey = SignedDevice.Signed.DeviceSignatureKey.KeyPair; // var Verify = SignedData.Verify(SignatureKeyUDF, SigningKey); // Throw.IfNot(Verify, "Profile signature does not verify"); // } private void CheckSignedPOSK(PersonalProfile Unpacked) { //// Get the UDF of the signing key. //var SignatureKeyUDF = Unpacked.SignedAdministrationProfile.SignedData.ParsedHeader.kid; //PublicKey SigningKey = null; //foreach (var Key in Unpacked.PersonalMasterProfile.OnlineSignatureKeys) { // if (Key.UDF == SignatureKeyUDF) { // Throw.IfNot(Key.Verify(), "Invalid key"); // SigningKey = Key; // } // } //Throw.If(SigningKey == null, "Administration profile not signed"); //// Check the signature. //var Verify = Unpacked.SignedAdministrationProfile.SignedData.Verify(SignatureKeyUDF, SigningKey.KeyPair); //Throw.IfNot(Verify, "Profile signature does not verify"); }
///// <summary> ///// Construct an empty network profile for the specified personal profile. ///// </summary> ///// <param name="UserProfile"></param> //public NetworkProfile (PersonalProfile UserProfile) // : base(UserProfile, "NetworkProfile", null) { // _Private = new NetworkProfilePrivate (); // } /// <summary> /// Get the default password profile in the specified personal profile. /// </summary> /// <param name="UserProfile">Presonal profile to search.</param> /// <returns>Password application profile if found, null otherwise.</returns> public static NetworkProfile Get(PersonalProfile UserProfile) { //return UserProfile.GetApplication(typeof(PersonalProfile)) as NetworkProfile; return null; }
public static void Dump(PersonalProfile Item) { if (Item == null) return; Console.WriteLine(Item.ToString ()); }
public void TestRegistry() { RegistrationMachine.Erase(); var MeshAddress = "Testing@wherever"; var Machine = RegistrationMachine.Current; var NewProfileDevice = new SignedDeviceProfile("Test", "Test Device"); Machine.Add(NewProfileDevice); var PersonalProfile = new PersonalProfile(NewProfileDevice); var SignedPersonalProfile = PersonalProfile.Signed; Machine.Add(SignedPersonalProfile, MeshAddress); }
/// <summary> /// Add a device to an application profile /// </summary> /// <param name="Entry">Applicationprofile entry to update</param> /// <param name="PersonalProfile">Personal profile to link to</param> /// <param name="Device">Signed device profile.</param> public void AddDevice(ApplicationProfileEntry Entry, PersonalProfile PersonalProfile, SignedDeviceProfile Device) { // Add an entry into the application profile // This is not required for profile maintenance but // is needed for navigation (it seems. //Entry.ApplicationProfile.AddDevice(Device); // Add entries into the application profile entry // This sets up the permissions. Entry.AddDevice(Device); var SignedAppProfile = MeshClient.GetApplicationProfile(Entry.Identifier); if (SignedAppProfile == null) return; var AppProfile = SignedAppProfile.Signed; AppProfile.Link(PersonalProfile); AppProfile.EncryptPrivate(); var NewSignedAppProfile = new SignedApplicationProfile(AppProfile); MeshClient.Publish(NewSignedAppProfile); }
public void MeshStoreAPI() { if (DoLocal) { File.Delete(Store); File.Delete(Portal); MeshPortal.Default = new MeshPortalDirect(Store, Portal); } else { JPCProvider.LocalLoopback = false; var Portal = new MeshPortalRemote(); MeshPortal.Default = Portal; } MeshClient1 = new MeshClient(Service); var valid = MeshClient1.Validate(AccountID); if (!valid.Status.StatusSuccess()) { Console.WriteLine("Validate failed"); } var DevProfile = new SignedDeviceProfile(Device1, Device1Description); var UserProfile = new PersonalProfile(DevProfile); var SignedProfile = UserProfile.Signed; MeshClient1.CreatePersonalProfile(AccountID, SignedProfile); // Create a password profile //var PasswordProfile = new PasswordProfile(UserProfile); //var SignedPasswordProfile = PasswordProfile.Signed; //SignedProfile = UserProfile.Signed; //MeshClient1.Publish(SignedPasswordProfile); //MeshClient1.Publish(SignedProfile); MeshClient2 = new MeshClient(Service, AccountID); MeshClient2.SignedDeviceProfile = DevProfile; MeshClient2.GetPersonalProfile(); // Read back the password profile and add entry var AccountPasswordProfile = MeshClient2.GetPasswordProfile(); AccountPasswordProfile.Add(PWDSite, PWDUser, PWDPassword); var AccountSignedPassword = AccountPasswordProfile.Signed; // Publish updates to both profiles. MeshClient2.Publish(AccountSignedPassword); // Create a new device profile. var DevProfile2 = new SignedDeviceProfile(Device2, Device2Description); MeshClient3 = new MeshClient(Service, AccountID); MeshClient3.ConnectRequest(DevProfile2); MeshClient2.ConnectStatus(DevProfile2.UniqueID); var PendingResponse = MeshClient1.ConnectPending(); foreach (var Request in PendingResponse.Pending) { MeshClient1.ConnectClose(Request, ConnectionStatus.Accepted); } MeshClient3.ConnectStatus(DevProfile2.UniqueID); MeshClient3.GetPasswordProfile(); }