Exemplo n.º 1
0
        static void Main(string[] args)
        {
            try
            {
                Logger.Initialize();

                byte[] data = "Hello world".GetBytes();

                SignKeys signKeys = DataSigner.GenerateSignKeyPair();

                byte[] signature = DataSigner.Sign(data, signKeys.PublicAndPrivate);

                bool valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly);
                Console.WriteLine(valid ? "Valid" : "NOT Valid");

                data[0] = 41;

                valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly);
                Console.WriteLine(valid ? "Valid" : "NOT Valid");

                data[0] = "H".GetBytes()[0];

                valid = DataSigner.IsSignatureValid(data, signature, signKeys.PublicOnly);
                Console.WriteLine(valid ? "Valid" : "NOT Valid");
            }
            catch (Exception e)
            {
                Logger.LogError("Unhandled exception", e);
                Console.WriteLine("Error: " + e.Message);
            }

            Console.WriteLine("Press a key to exit");
            Console.ReadKey();
        }
Exemplo n.º 2
0
        public bool VerifyIntegrity(Guid userId, Guid dataEntityId)
        {
            AssertSystemIsInitialized();

            User user = GetAssertUser(userId);

            IList <Role> roles = this.storage.GetRolesForUser(user.Id);

            bool userHasRoleWhichHasDataEntity = roles.Any(role => role.DataEntities.Contains(dataEntityId));

            if (!userHasRoleWhichHasDataEntity)
            {
                throw new InvalidOperationException("You do not have a role which gives access to the requested data entity");
            }


            DataEntity dataEntity = this.storage.GetDataEntityFromId(dataEntityId);

            if (dataEntity == null)
            {
                throw new InvalidOperationException("Data entity with specified id was not found");
            }

            Guid authorId = this.storage.GetAuthorOfDataEntity(dataEntityId);

            User authoringUser = this.storage.GetUser(authorId);

            dataEntity.Payload.Content = this.storage.GetDataEntityPayloadFromId(dataEntityId);

            return(DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, authoringUser.SignPublicKey));
        }
Exemplo n.º 3
0
        public void Insert(Guid userId, DataEntity dataEntity)
        {
            if (userId == Guid.Empty)
            {
                throw new ArgumentException("userId");
            }
            CheckDataEntity(dataEntity);

            GetDelegationKey(userId);   // check that the user has a key (is still valid)

            byte[] signPublicKey = this.tokenStorage.FindSignPublicKey(userId);
            if (signPublicKey == null)
            {
                throw new InvalidOperationException("Cannot insert data as no sign key is registered for the user");
            }

            if (!DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, signPublicKey))
            {
                throw new InvalidOperationException("The data signature is not valid");
            }

            // TODO: check access rights)

            this.dataEntityStorage.InsertDataEntity(userId, dataEntity);
        }
Exemplo n.º 4
0
        public void CreateDataEntities(Guid userId, IList <Guid> roleIds, IList <DataEntity> dataEntities)
        {
            if (dataEntities == null)
            {
                throw new ArgumentNullException("dataEntities");
            }
            if (userId == Guid.Empty)
            {
                throw new ArgumentException("userId");
            }

            AssertSystemIsInitialized();

            User user = GetAssertUser(userId);

            IList <Role> checkedRoles = new List <Role>();

            foreach (Guid roleId in roleIds)
            {
                Role r = GetAssertRole(roleId);

                AssertUserHasRoleOrAncestorOfRole(user, roleId);

                if (r.DataEntityPermission == DataEntityPermission.ReadContent)
                {
                    throw new InvalidOperationException("You cannot create data using one of the specified roles");
                }

                checkedRoles.Add(r);
            }

            AssertRolesHasSameRoot(checkedRoles);

            foreach (DataEntity dataEntity in dataEntities)
            {
                CheckDataEntity(dataEntity);

                if (!DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, user.SignPublicKey))
                {
                    throw new InvalidOperationException("A data signature is not valid");
                }
            }

            foreach (DataEntity entity in dataEntities)
            {
                this.storage.CreateDataEntity(userId, entity);
            }

            foreach (Role role in checkedRoles)
            {
                AddDataEntitiesToRoleAndAllParentsRoles(this.storage.GetDataOwnerRole(), role, dataEntities);
            }
        }
Exemplo n.º 5
0
        public bool VerifyIntegrity(Guid userId, Guid dataEntityId)
        {
            GetDelegationKey(userId); // to check that the user is still valid and has not been revoked

            DataEntity dataEntity = this.dataEntityStorage.FindDataEntityMetadataFromId(dataEntityId);

            if (dataEntity == null)
            {
                throw new InvalidOperationException("Data entity with specified id was not found");
            }

            Guid authorId = this.dataEntityStorage.FindAuthorOfDataEntity(dataEntityId);

            byte[] signPublicKey = this.tokenStorage.FindSignPublicKey(authorId);

            dataEntity.Payload.Content = this.dataEntityStorage.FindDataEntityPayloadFromId(dataEntityId);

            return(DataSigner.IsSignatureValid(dataEntity, dataEntity.Signature, signPublicKey));
        }