static void Main()
{
// Initialize & Check if the given signer cert is issued by root CA
try
{
// Check launch settings and display it
CheckInputAndDisplayLaunchSettings();
// Verify certificate chaining
if (!VerifyCertificate())
{
throw new Exception("Please provide a signer cert issued by the given root CA");
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
Environment.Exit(0);
}
// Read the deployment manifest file and get signature of each modules's desired properties
try
{
var manifestFileHandle = File.OpenText(DeploymentManifestFilePath);
var deploymentManifestContentJson = JObject.Parse(manifestFileHandle.ReadToEnd());
if (deploymentManifestContentJson["modulesContent"] != null)
{
// Get the DSA and SHA algorithm
KeyValuePair <string, HashAlgorithmName> algoResult = SignatureValidator.ParseAlgorithm(DsaAlgorithm.ToString());
// Read the signer certificate and manifest version number and create integrity header object
var header = GetIntegrityHeader(SignerCertPath);
// Read each module's content and its desired properties
var modulesContentJson = deploymentManifestContentJson["modulesContent"];
JObject modulesContentJobject = JObject.Parse(modulesContentJson.ToString());
foreach (JProperty property in modulesContentJobject.Properties())
{
if (modulesContentJson[property.Name] != null)
{
if (modulesContentJson[property.Name]["properties.desired"] != null)
{
var modulesDesired = modulesContentJson[property.Name]["properties.desired"];
var moduleName = property.Name.ToString();
if (moduleName != "$edgeAgent" && moduleName != "$edgeHub")
{
Console.WriteLine($"Do you want to sign the desired properties of the module - {moduleName}? - Type Y or N to continue");
Console.WriteLine("!!! Important Note !!! - If the module's desired properties are signed then the module's application code has to be rewritten to verify signatures");
string userSigningChoice = Console.ReadLine();
if (userSigningChoice != "Y" && userSigningChoice != "y")
{
Console.WriteLine($"{moduleName} will not be signed");
continue;
}
}
Console.WriteLine($"Signing Module: {property.Name}");
object signature = new
{
bytes = CertificateUtil.GetJsonSignature(algoResult.Key, algoResult.Value, modulesDesired.ToString(), header, SignerPrivateKeyPath),
algorithm = DsaAlgorithm
};
deploymentManifestContentJson["modulesContent"][property.Name]["properties.desired"]["integrity"] = JObject.FromObject(new { header, signature });
}
else
{
throw new Exception($"Could not find {property.Name}'s desired properties in the manifest file");
}
}
else
{
throw new Exception($"Could not find {property.Name} in the manifest file");
}
}
using var signedDeploymentfile = File.CreateText(SignedDeploymentManifestFilePath);
signedDeploymentfile.Write(deploymentManifestContentJson);
}
else
{
throw new Exception("Could not find modulesContent in the manifest file");
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
Environment.Exit(0);
}
}
