in src/ccf/ccf-provider-client/Controllers/NetworksController.cs [249:321]
public async Task<IActionResult> SubmitRecoveryShare(
[FromRoute] string networkName,
[FromBody] SubmitRecoveryShareInput content)
{
var error = ValidateSubmitRecoveryShareInput();
if (error != null)
{
return error;
}
var signingConfig = await this.ccfClientManager.GetSigningConfig();
CcfNetworkProvider ccfNetworkProvider = this.GetNetworkProvider(content.InfraType);
using RSA rsaEncKey = !string.IsNullOrEmpty(content.EncryptionPrivateKey) ?
Utils.ToRSAKey(content.EncryptionPrivateKey) :
await Utils.ToRSAKey(new Uri(content.EncryptionKeyId!));
JsonObject result = await ccfNetworkProvider.SubmitRecoveryShare(
networkName,
signingConfig.CoseSignKey,
rsaEncKey,
content.ProviderConfig);
return this.Ok(result);
IActionResult? ValidateSubmitRecoveryShareInput()
{
if (string.IsNullOrEmpty(content.EncryptionPrivateKey) &&
string.IsNullOrEmpty(content.EncryptionKeyId))
{
return this.BadRequest(new ODataError(
code: "InvalidEncryptionKey",
message: "Either encryptionPrivateKey or encryptionKeyId must be specified."));
}
if (!string.IsNullOrEmpty(content.EncryptionPrivateKey) &&
!string.IsNullOrEmpty(content.EncryptionKeyId))
{
return this.BadRequest(new ODataError(
code: "InvalidEncryptionKey",
message: "Only one of encryptionPrivateKey or encryptionKeyId must be specified."));
}
if (!string.IsNullOrEmpty(content.EncryptionPrivateKey))
{
try
{
using var rsa = RSA.Create();
rsa.ImportFromPem(content.EncryptionPrivateKey);
}
catch (Exception e)
{
return this.BadRequest(new ODataError(
code: "InvalidEncryptionPrivateKey",
message: e.Message));
}
}
else
{
try
{
new Uri(content.EncryptionKeyId!);
}
catch (Exception e)
{
return this.BadRequest(new ODataError(
code: "InvalidEncryptionKeyId",
message: e.Message));
}
}
return null;
}
}