private static Guid GetGuidForName(string name, Guid nsGuid, int version)
{
if (version != 3 && version != 5)
{
return(Guid.Empty);
}
var nameAsBytes = Encoding.UTF8.GetBytes(name);
var nsBytes = nsGuid.ToByteArray();
CU.GuidSwitchNetworkOrder(nsBytes);
byte[] canonicalName = new byte[nsBytes.Length + nameAsBytes.Length];
nsBytes.CopyTo(canonicalName, 0);
nameAsBytes.CopyTo(canonicalName, nsBytes.Length);
var hashAlg = version == 5 ? (HashAlgorithm)SHA1.Create() : MD5.Create();// HMACSHA1(Encoding.UTF8.GetBytes(sha1key));
var machineNumberHash = hashAlg.ComputeHash(canonicalName);
byte[] nameGuidBytes = machineNumberHash.Take(16).ToArray();
nameGuidBytes[8] &= 0x3F; // Clear RFC4122 Variant bits
nameGuidBytes[8] |= 0x80; // RFC4122 Standard Variant
nameGuidBytes[6] &= 0x0F; // Clear RFC4122 Version bits
nameGuidBytes[6] |= (byte)(version << 4); // RFC4122 Version 5 - Name-based SHA1
CU.GuidSwitchNetworkOrder(nameGuidBytes);
var nameGuid = new Guid(nameGuidBytes);
return(nameGuid);
}
/// <summary>
/// Creates a hash for a password
/// </summary>
/// <param name="inPW">incoming password</param>
/// <returns></returns>
public string CreatePasswordHash(string inPW)
{
if (string.IsNullOrEmpty(inPW))
{
return("");
}
var hashedPassword = HashWithSHA256(CU.CUTF8String2Array(inPW));
return(Convert.ToBase64String(hashedPassword));
}
/// <summary>
/// This function allows to override the cdeAK with a custom "key"
/// TODO: Create your own cdeAK Keyset from the incoming cleartext Key
/// </summary>
/// <param name="pMySecretKey"></param>
public bool SatKays(string pMySecretKey)
{
if (string.IsNullOrEmpty(pMySecretKey) || pMySecretKey.Length < 5)
{
return(false);
}
ApID5 = pMySecretKey.Substring(0, 5); //SECURITY-REVIEW: We must not store the full AppID in the CDE. We need the first 5 Digits as salt for the connect
var tKeyBytes = CU.CUTF8String2Array(pMySecretKey);
for (int i = 0; i < tKeyBytes.Length && i < 16; i++)
{
cdeAK[i] = tKeyBytes[i];
}
return(true);
}
/// <summary>
/// This function allows to override the cdeAK with a custom "key"
/// TODO: Create your own cdeAK Keyset from the incoming cleartext Key
/// </summary>
/// <param name="pMySecretKey"></param>
public bool SatKays(string pMySecretKey)
{
if (string.IsNullOrEmpty(pMySecretKey) || pMySecretKey.Length < 5)
{
return(false);
}
ApID5 = pMySecretKey.Substring(0, 5);
var tKeyBytes = CU.CUTF8String2Array(pMySecretKey);
for (int i = 0; i < tKeyBytes.Length && i < 16; i++)
{
cdeAK[i] = tKeyBytes[i];
}
return(true);
}
public override void UpdateServiceHostInfo(TheServiceHostInfo shi)
{
shi.Title = "My-Relay";
shi.ApplicationTitle = "My Relay Portal";
shi.ApplicationName = "My-Relay";
shi.SiteName = "https://www.my-relay.com";
shi.VendorName = "C-Labs";
shi.VendorUrl = "http://www.mycompany.com";
shi.Description = "The My-Relay Service";
shi.ISMMainExecutable = "SampleWorkerService";
shi.cdeMID = CU.CGuid("{AA2cde02-413B-401A-80BC-BAA04814145D}"); //Unique SHI cdeMID for TLS
shi.VendorID = CU.CGuid("{7B8ED692-DD7D-40BD-9B98-2266CB0C645F}"); //Vendor Guid for TLS/SVS
shi.AddManifestFiles(new List <string>
{
});
StartupLog?.Log("SHI was Updated by Host");
}
static int Main(string[] args)
{
if (args.Count() == 0)
{
Usage();
return(0);
}
switch (args[0].ToUpper())
{
// Create Activation Key
// GenerateActivationKey A450A7E9-8510-4312-89C5-A1471A73DAE6 asdfasdfsadf 0 ..\..\testfiles\licensecontainers
case "GENERATEACTIVATIONKEY":
{
if (args.Length < 4 || args.Length > 6)
{
GenerateActivationKeyUsage();
return(-1);
}
Guid deviceId;
if (!Guid.TryParse(args[1], out deviceId))
{
GenerateActivationKeyUsage();
return(-1);
}
string signingKey = args[2];
int flags;
if (!int.TryParse(args[3], out flags))
{
GenerateActivationKeyUsage();
return(-1);
}
string licensePublicKeyFilePath;
if (args.Length > 4)
{
licensePublicKeyFilePath = args[4];
}
else
{
GenerateActivationKeyUsage();
return(-1);
}
string licenseDirectory;
if (args.Length > 5)
{
licenseDirectory = args[5];
}
else
{
licenseDirectory = Environment.CurrentDirectory;
}
string activationKeyFile = null;
if (args.Length > 6)
{
activationKeyFile = args[6];
}
// TODO Add expirationDate as command line parameter
DateTime expirationDate = DateTime.UtcNow + new TimeSpan(365, 0, 0, 0);
byte[] licenseSignerPublicKey = null;
try
{
licenseSignerPublicKey = File.ReadAllBytes(licensePublicKeyFilePath);
}
catch (Exception ee)
{
Console.WriteLine("Failed to load public key for validating licenses:" + ee.ToString());
return(-1);
}
List <TheLicense> licenses = new List <TheLicense>();
try
{
if (!TheActivationKeyGenerator.ReadLicensesForActivationKey(licenseDirectory, new List <byte[]> {
licenseSignerPublicKey
}, out licenses))
{
throw new Exception("Error reading licenses");
}
}
catch (Exception ee)
{
Console.WriteLine("Failed to extract license:" + ee.ToString());
return(-1);
}
List <TheLicenseParameter> parameters;
List <TheLicense> licenseForParameters;
if (TheActivationKeyGenerator.GetParametersForActivationKey(licenses, out parameters, out licenseForParameters))
{
string activationKey = TheActivationKeyGenerator.GenerateActivationKey(deviceId, signingKey, expirationDate, licenses.ToArray(), parameters, (ActivationFlags)0);
if (activationKeyFile != null)
{
try
{
File.WriteAllText(activationKeyFile, activationKey);
Console.WriteLine("Wrote activation key to file {0}", activationKeyFile);
}
catch (Exception e)
{
Console.WriteLine("Error writing actication key to file {0}: {1}", activationKeyFile, e.ToString());
}
}
else
{
Console.WriteLine("Activation Key: {0}", activationKey);
}
}
}
break;
// Sign license file / create .cdex file
// CreateLicense ..\..\testfiles\licenses ..\..\testfiles\test.snk mylicense.cdex
case "CREATELICENSE":
{
if (args.Length < 4 || args.Length > 4)
{
CreateLicenseUsage();
return(-1);
}
try
{
string licenseDirectory = args[1];
string rsaPrivateKeyFile = args[2];
string licenseOutputFile = args[3];
byte[] rsaPrivateKeyBytes = File.ReadAllBytes(rsaPrivateKeyFile);
bool useZip = licenseOutputFile.EndsWith(".cdex");
List <TheLicense> licenses = new List <TheLicense>();
var licenseTemplateFilePaths = Directory.EnumerateFiles(licenseDirectory, "*.cdelt");
ZipArchive zip = null;
if (useZip)
{
zip = new ZipArchive(new FileStream(licenseOutputFile, FileMode.Create, FileAccess.ReadWrite), ZipArchiveMode.Create);
}
foreach (var licenseTemplateFilePath in licenseTemplateFilePaths)
{
var licenseFileName = $"{Path.GetFileNameWithoutExtension(licenseTemplateFilePath)}.cdel";
string licenseJson = File.ReadAllText(licenseTemplateFilePath);
licenseJson = ReplaceVersionVariables(licenseJson);
var license = CUJS.DeserializeJSONStringToObject <TheLicense>(licenseJson);
license.AddSignature(rsaPrivateKeyBytes);
// TODO add additional signatures
var signedLicenseJson = CUJS.SerializeObjectToJSONString(license);
var signedLicenseBytes = CU.CUTF8String2Array(signedLicenseJson);
if (!license.ValidateSignature(new List <byte[]> {
rsaPrivateKeyBytes
}))
{
Console.WriteLine("Error validating signatures on file {0}", licenseFileName);
return(-1);
}
if (!useZip)
{
File.WriteAllBytes(Path.Combine(licenseOutputFile, licenseFileName), signedLicenseBytes);
}
else
{
var zipEntry = zip.CreateEntry(Path.GetFileName(licenseFileName));
using (var zipStream = zipEntry.Open())
{
zipStream.Write(signedLicenseBytes, 0, signedLicenseBytes.Length);
zipStream.Close();
}
}
}
if (zip != null)
{
zip.Dispose();
}
}
catch (Exception e)
{
Console.WriteLine("Error creating license: {0}", e.ToString());
}
}
break;
default:
Usage();
return(-1);
}
return(0);
}