public async Task <TideResponse> Add([FromRoute] Guid uid, [FromRoute] string prism, [FromRoute] string cmk, [FromRoute] string prismAuth, [FromRoute] string cmkAuth, [FromRoute] string email)
{
_logger.LogInformation($"New registration for {uid}", uid);
var account = new CmkVault
{
UserId = uid,
Prismi = GetBigInteger(prism),
Cmki = GetBigInteger(cmk),
PrismiAuth = AesKey.Parse(FromBase64(prismAuth)),
CmkiAuth = AesKey.Parse(FromBase64(cmkAuth)),
Email = HttpUtility.UrlDecode(email)
};
var resp = await _manager.SetOrUpdate(account);
if (!resp.Success)
{
return(resp);
}
var m = Encoding.UTF8.GetBytes(_config.UserName + uid.ToString());
//TODO: The ork should not send the orkid because the client should already know
var signature = Convert.ToBase64String(_config.PrivateKey.Sign(m));
resp.Content = new { orkid = _config.UserName, sign = signature };
return(resp);
}
public async Task <ActionResult <TideResponse> > Add([FromRoute] Guid vuid, [FromRoute] Guid keyId, [FromBody] string[] data)
{
var signature = FromBase64(data[3]);
var account = new CvkVault
{
VuId = vuid,
CvkPub = C25519Key.Parse(FromBase64(data[0])),
CVKi = GetBigInteger(data[1]),
CvkiAuth = AesKey.Parse(FromBase64(data[2]))
};
if (_features.Voucher)
{
var signer = await _keyIdManager.GetById(keyId);
if (signer == null)
{
return(BadRequest("Signer's key must be defined"));
}
if (!signer.Key.Verify(_config.Guid.ToByteArray().Concat(vuid.ToByteArray()).ToArray(), signature))
{
return(BadRequest("Signature is not valid"));
}
}
_logger.LogInformation("New cvk for {0} with pub {1}", vuid, data[0]);
var resp = await _managerCvk.SetOrUpdate(account);
if (!resp.Success)
{
return(resp);
}
var m = Encoding.UTF8.GetBytes(_config.UserName + vuid.ToString());
//TODO: The ork should not send the orkid because the client should already know
var signOrk = Convert.ToBase64String(_config.PrivateKey.Sign(m));
resp.Content = new { orkid = _config.UserName, sign = signOrk };
return(resp);
}