/// <summary> /// Creates an offline escrow entry for the master keys in the profile. /// </summary> /// <param name="Profile">The profile to create offline escrow entries for.</param> /// <param name="Shares">The total number of key shares to be created.</param> /// <param name="Quorum">The number of key shares required to recover the keys.</param> /// <returns></returns> public OfflineEscrowEntry(PersonalProfile Profile, int Shares, int Quorum) { var Master = Profile.PersonalMasterProfile; var EscrowedKeySet = new EscrowedKeySet(); EscrowedKeySet.PrivateKeys = new List<Key>(); EscrowedKeySet.PrivateKeys.Add(GetEscrow( Profile.PersonalMasterProfile.MasterSignatureKey.UDF)); foreach (var Escrow in Profile.PersonalMasterProfile.MasterEscrowKeys) { EscrowedKeySet.PrivateKeys.Add(GetEscrow (Escrow.UDF)); } var Encryptor = CryptoCatalog.Default.GetEncryption( CryptoAlgorithmID.AES128CBC); var Secret = new Secret(Encryptor.Size); _KeyShares = Secret.Split(Shares, Quorum); //Trace.WriteHex("MasterKey", Secret.Key); //foreach (var share in _KeyShares) { // Trace.WriteHex("Share", share.Key); // } Encryptor.Key = Secret.Key; EncryptedData = new JoseWebEncryption (EscrowedKeySet.GetBytes(), Encryptor); Identifier = UDF.ToString (UDF.FromEscrowed(Secret.Key, 150)); }
public void JoseWebEncryptionTest() { var Plaintext = CryptoCatalog.GetBytes(2000); var Encrypted = new JoseWebEncryption(Plaintext); var Recovered = Encrypted.Decrypt(); Trace.AssertEqual("Check Testvector", Plaintext, Recovered); }
/// <summary> /// Encrypt the private data and create a decryption key for each device. /// </summary> public virtual void EncryptPrivate() { if (ApplicationProfileEntry == null) throw new Throw("Broken"); if (ApplicationProfileEntry.DecryptID == null) throw new Throw("Broken"); EncryptedData = new JoseWebEncryption(GetPrivateData); foreach (var Recipient in ApplicationProfileEntry.DecryptID) { // extract the device profile from the personal profile var SignedDeviceProfile = PersonalProfile.GetDeviceProfile(Recipient); var DeviceProfile = SignedDeviceProfile.Data; var EncryptionKey = DeviceProfile.DeviceEncryptiontionKey; // create a recipient entry EncryptedData.Add(EncryptionKey.KeyPair); } //Trace.NYI("Add entry here for the escrow key for this application"); }
/// <summary> /// Construct an instance from the specified tagged JSONReader stream. /// </summary> public static void Deserialize(JSONReader JSONReader, out JSONObject Out) { JSONReader.StartObject (); if (JSONReader.EOR) { Out = null; return; } string token = JSONReader.ReadToken (); Out = null; switch (token) { case "JoseWebSignature" : { var Result = new JoseWebSignature (); Result.Deserialize (JSONReader); Out = Result; break; } case "JoseWebEncryption" : { var Result = new JoseWebEncryption (); Result.Deserialize (JSONReader); Out = Result; break; } case "Signed" : { var Result = new Signed (); Result.Deserialize (JSONReader); Out = Result; break; } case "Encrypted" : { var Result = new Encrypted (); Result.Deserialize (JSONReader); Out = Result; break; } case "KeyData" : { var Result = new KeyData (); Result.Deserialize (JSONReader); Out = Result; break; } case "Header" : { var Result = new Header (); Result.Deserialize (JSONReader); Out = Result; break; } case "Key" : { var Result = new Key (); Result.Deserialize (JSONReader); Out = Result; break; } case "Recipient" : { var Result = new Recipient (); Result.Deserialize (JSONReader); Out = Result; break; } case "PublicKeyRSA" : { var Result = new PublicKeyRSA (); Result.Deserialize (JSONReader); Out = Result; break; } case "PrivateKeyRSA" : { var Result = new PrivateKeyRSA (); Result.Deserialize (JSONReader); Out = Result; break; } default : { throw new Exception ("Not supported"); } } JSONReader.EndObject (); }
/// <summary> /// Deserialize a tagged stream /// </summary> /// <param name="JSONReader"></param> public static new JoseWebEncryption FromTagged (JSONReader JSONReader) { JoseWebEncryption Out = null; JSONReader.StartObject (); if (JSONReader.EOR) { return null; } string token = JSONReader.ReadToken (); switch (token) { case "JoseWebEncryption" : { var Result = new JoseWebEncryption (); Result.Deserialize (JSONReader); Out = Result; break; } default : { //Ignore the unknown data //throw new Exception ("Not supported"); break; } } JSONReader.EndObject (); return Out; }
/// <summary> /// Having read a tag, process the corresponding value data. /// </summary> /// <param name="JSONReader">The input stream</param> /// <param name="Tag">The tag</param> public override void DeserializeToken (JSONReader JSONReader, string Tag) { switch (Tag) { case "EncryptedData" : { // An untagged structure EncryptedData = new JoseWebEncryption (JSONReader); break; } default : { base.DeserializeToken(JSONReader, Tag); break; } } // check up that all the required elements are present }