Neuron®
The Neuron® is the basis for the creation of open and secure federated networks for smart societies.
Loading...
Searching...
No Matches
SignData.cs
1using System;
2using System.Collections.Generic;
3using System.Text;
4using System.Threading.Tasks;
5using System.Xml;
6using Waher.Content;
7using Waher.Networking.HTTP;
8using Waher.Networking.XMPP.P2P.E2E;
9using Waher.Persistence;
10using Waher.Persistence.Filters;
11using Waher.Script;
12using Waher.Script.Abstraction.Elements;
13using Waher.Security;
14using Waher.Service.IoTBroker.DataStorage;
15using Waher.Service.IoTBroker.Legal;
16using Waher.Service.IoTBroker.Legal.Identity;
17using Waher.Service.IoTBroker.WebServices.Agent.Crypto;
18
19namespace Waher.Service.IoTBroker.WebServices.Agent.Legal
20{
24 public class SignData : AgentPostResource
25 {
29 public SignData()
30 : base("Legal/SignData",
31 new KeyValuePair<Type, Expression>(typeof(Dictionary<string, object>), new Expression(jsonPattern)),
32 new KeyValuePair<Type, Expression>(typeof(XmlDocument), new Expression(xmlPattern)))
33 {
34 }
35
36 private static readonly string jsonPattern = Resources.LoadResourceAsText(typeof(SignData).Namespace + ".JSON.SignData.req");
37 private static readonly string xmlPattern = Resources.LoadResourceAsText(typeof(SignData).Namespace + ".XML.SignData.req");
38
43 public override bool Synchronous => false;
44
53 public override async Task POST(HttpRequest Request, HttpResponse Response, Dictionary<string, IElement> Parameters)
54 {
55 AccountUser User = AssertUserAuthenticated(Request);
56
57 string KeyId = (string)Parameters["PKeyId"].AssociatedObjectValue;
58 CaseInsensitiveString LegalId = (string)Parameters["PLegalId"].AssociatedObjectValue;
59 string DataBase64 = (string)Parameters["PDataBase64"].AssociatedObjectValue;
60 string KeySignature = (string)Parameters["PKeySignature"].AssociatedObjectValue;
61 string RequestSignature = (string)Parameters["PRequestSignature"].AssociatedObjectValue;
62 byte[] Data;
63
64 if (string.IsNullOrEmpty(KeyId))
65 throw new BadRequestException("Key ID cannot be empty.");
66
67 try
68 {
69 Data = Convert.FromBase64String(DataBase64);
70 }
71 catch (Exception)
72 {
73 throw new BadRequestException("Invalid base64-encoded data.");
74 }
75
76 LegalIdentity Identity = await LegalComponent.GetLocalLegalIdentity(LegalId)
77 ?? throw new NotFoundException("Legal identity not found.");
78
79 if (Identity.Account != User.UserName)
80 throw new ForbiddenException("Only allowed to add attachments to your own legal identities.");
81
82 if (Identity.State != IdentityState.Approved)
83 throw new ForbiddenException("Legal Identity not approved.");
84
85 AgentKey AgentKey = await Database.FindFirstDeleteRest<AgentKey>(new FilterAnd(
86 new FilterFieldEqualTo("Account", User.UserName),
87 new FilterFieldEqualTo("Id", KeyId)))
88 ?? throw new NotFoundException("Key not found.");
89
90 StringBuilder sb = new StringBuilder();
91
92 sb.Append(User.UserName);
93 sb.Append(':');
94 sb.Append(Request.Header.Host.Value);
95 sb.Append(':');
96 sb.Append(AgentKey.LocalName);
97 sb.Append(':');
98 sb.Append(AgentKey.Namespace);
99 sb.Append(':');
100 sb.Append(KeyId);
101
102 //string s1 = sb.ToString();
103
104 sb.Append(':');
105 sb.Append(KeySignature);
106
107 string s2 = sb.ToString();
108
109 sb.Append(':');
110 sb.Append(DataBase64);
111 sb.Append(':');
112 sb.Append(LegalId);
113
114 string s3 = sb.ToString();
115
116 string s = Convert.ToBase64String(
117 Hashes.ComputeHMACSHA256Hash(
118 Encoding.UTF8.GetBytes(User.Account.Password),
119 Encoding.UTF8.GetBytes(s3)));
120
121 if (s != RequestSignature)
122 {
123 string Msg = "Request Signature invalid.";
124 throw new ForbiddenException(Msg);
125 }
126
127 EllipticCurveEndpoint KeyEndpoint = ApplyId.GetEndpoint(AgentKey, s2);
128 byte[] Signature = KeyEndpoint.Sign(Data);
129
130 await Response.Return(new NamedDictionary<string, object>("SignatureResponse", AgentNamespace)
131 {
132 { "Signature", Convert.ToBase64String(Signature) }
133 });
134 }
135
136 }
137}
Waher.Content.NamedDictionary
A Named dictionary is a dictionary, with a local name and a namespace. Use it to return content that ...
Definition: NamedDictionary.cs:13
Waher.Content.Resources
Static class managing loading of resources stored as embedded resources or in content files.
Definition: Resources.cs:15
Waher.Content.Resources.LoadResourceAsText
static string LoadResourceAsText(string ResourceName)
Loads a text resource from an embedded resource.
Definition: Resources.cs:96
Waher.Networking.HTTP.BadRequestException
The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repe...
Definition: BadRequestException.cs:9
Waher.Networking.HTTP.ForbiddenException
The server understood the request, but is refusing to fulfill it. Authorization will not help and the...
Definition: ForbiddenException.cs:13
Waher.Networking.HTTP.HttpRequestHeader.Host
HttpFieldHost Host
Host HTTP Field header. (RFC 2616, §14.23)
Definition: HttpRequestHeader.cs:302
Waher.Networking.HTTP.HttpRequest
Represents an HTTP request.
Definition: HttpRequest.cs:18
Waher.Networking.HTTP.HttpRequest.Header
HttpRequestHeader Header
Request header.
Definition: HttpRequest.cs:134
Waher.Networking.HTTP.HttpResponse
Represets a response of an HTTP client request.
Definition: HttpResponse.cs:21
Waher.Networking.HTTP.HttpResponse.Return
async Task Return(object Object)
Returns an object to the client. This method can only be called once per response,...
Definition: HttpResponse.cs:895
Waher.Networking.HTTP.NotFoundException
The server has not found anything matching the Request-URI. No indication is given of whether the con...
Definition: NotFoundException.cs:9
Waher.Networking.XMPP.P2P.E2E.EllipticCurveEndpoint
Abstract base class for Elliptic Curve endpoints.
Definition: EllipticCurveEndpoint.cs:13
Waher.Networking.XMPP.P2P.E2E.EllipticCurveEndpoint.Sign
override byte[] Sign(byte[] Data)
Signs binary data using the local private key.
Definition: EllipticCurveEndpoint.cs:114
Waher.Persistence.CaseInsensitiveString
Represents a case-insensitive string.
Definition: CaseInsensitiveString.cs:10
Waher.Persistence.Database
Static interface for database persistence. In order to work, a database provider has to be assigned t...
Definition: Database.cs:19
Waher.Persistence.Filters.FilterAnd
This filter selects objects that conform to all child-filters provided.
Definition: FilterAnd.cs:10
Waher.Persistence.Filters.FilterFieldEqualTo
This filter selects objects that have a named field equal to a given value.
Definition: FilterFieldEqualTo.cs:7
Waher.Script.Expression
Class managing a script expression.
Definition: Expression.cs:39
Waher.Security.Hashes
Contains methods for simple hash calculations.
Definition: Hashes.cs:59
Waher.Security.Hashes.ComputeHMACSHA256Hash
static byte[] ComputeHMACSHA256Hash(byte[] Key, byte[] Data)
Computes the HMAC-SHA-256 hash of a block of binary data.
Definition: Hashes.cs:585
Waher.Service.IoTBroker.DataStorage.Account.Password
string Password
Password of account
Definition: Account.cs:109
Waher.Service.IoTBroker.WebServices.Agent.AgentPostResource
Abstract base class for agent resources supporting the POST method.
Definition: AgentPostResource.cs:15
Waher.Service.IoTBroker.WebServices.Agent.AgentResource.AssertUserAuthenticated
static AccountUser AssertUserAuthenticated(HttpRequest Request)
Makes sure the request is made by an authenticated API user.
Definition: AgentResource.cs:211
Waher.Service.IoTBroker.WebServices.Agent.AgentResource.AgentNamespace
const string AgentNamespace
https://waher.se/Schema/BrokerAgent.xsd
Definition: AgentResource.cs:28
Waher.Service.IoTBroker.WebServices.Agent.Crypto.AgentKey
Contains an encrypted key for an agent.
Definition: AgentKey.cs:13
Waher.Content
Definition: Array.cs:6