AddCACertificate() public method

Adds CA certificate to this CH.
public AddCACertificate ( Mono.Security.X509.X509Certificate cert ) : bool
cert Mono.Security.X509.X509Certificate
return bool
        public void ValidityTest()
        {
            CertificateHandler       ch  = new CertificateHandler();
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(512);

            byte[] blob = rsa.ExportCspBlob(false);
            RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();

            rsa_pub.ImportCspBlob(blob);
            string           ID = "brunet:node:PXYSWDL5SZDHDDXJKZCLFENOP2KZDMBU";
            CertificateMaker cm = new CertificateMaker("US", "UFL", "ACIS", "David Wolinsky",
                                                       "*****@*****.**", rsa_pub, ID);
            Certificate cert_0 = cm.Sign(cm, rsa);

            ch.AddSignedCertificate(cert_0.X509);
            ch.AddCACertificate(cert_0.X509);
            rsa = new RSACryptoServiceProvider(1024);
            rsa_pub.ImportCspBlob(rsa.ExportCspBlob(false));
            cm = new CertificateMaker("US", "UFL", "ACIS", "David Wolinsky",
                                      "*****@*****.**", rsa_pub, ID);
            Certificate cert_1 = cm.Sign(cm, rsa);

            Assert.IsTrue(ch.Verify(cert_0.X509, null, ID), "Valid");
            bool success = false;

            try {
                success = ch.Verify(cert_1.X509, null, ID);
            } catch { }
            Assert.IsTrue(!success, "Valid cert2");
        }
        public void AddBadLocalCert()
        {
            CertificateHandler       ch  = new CertificateHandler("certs", "12345");
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(512);

            byte[] blob = rsa.ExportCspBlob(false);
            RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();

            rsa_pub.ImportCspBlob(blob);
            string           ID = "brunet:node:PXYSWDL5SZDHDDXJKZCLFENOP2KZDMBU";
            CertificateMaker cm = new CertificateMaker("US", "UFL", "ACIS", "David Wolinsky",
                                                       "*****@*****.**", rsa_pub, ID);
            Certificate cert_0 = cm.Sign(cm, rsa);

            ch.AddCACertificate(cert_0.X509);
            try {
                ch.AddSignedCertificate(cert_0.X509);
                Assert.IsTrue(false, "Shouldn't add this certificate!");
            } catch {
            }

            CertificateMaker cm0 = new CertificateMaker("US", "UFL", "ACIS", "David Wolinsky",
                                                        "*****@*****.**", rsa_pub, "12345");
            Certificate cert_1 = cm0.Sign(cm, rsa);

            ch.AddSignedCertificate(cert_1.X509);
        }
        public void FindCertificateTest()
        {
            CertificateHandler ch = new CertificateHandler();

            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(512);

            byte[] blob = rsa.ExportCspBlob(false);
            RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();

            rsa_pub.ImportCspBlob(blob);

            List <Brunet.Util.MemBlock> supported   = new List <Brunet.Util.MemBlock>();
            List <Brunet.Util.MemBlock> unsupported = new List <Brunet.Util.MemBlock>();

            for (int i = 0; i < 20; i++)
            {
                CertificateMaker cm = new CertificateMaker("US", "UFL", "ACIS", "David Wolinsky",
                                                           "*****@*****.**" + i, rsa_pub, i.ToString());
                Certificate cert = cm.Sign(cm, rsa);
                if (i % 2 == 0)
                {
                    ch.AddCACertificate(cert.X509);
                    ch.AddSignedCertificate(cert.X509);
                    supported.Add(cert.SerialNumber);
                }
                else
                {
                    unsupported.Add(cert.SerialNumber);
                }
            }

            Assert.IsNotNull(ch.FindCertificate(supported), "Should find a certificate");

            bool success = false;

            try {
                success = ch.FindCertificate(unsupported) != null;
            } catch { }

            Assert.IsTrue(!success, "Should not find a certificate");

            List <Brunet.Util.MemBlock> mixed = new List <Brunet.Util.MemBlock>(unsupported);

            mixed.Insert(4, supported[1]);
            Assert.AreEqual(supported[1],
                            Brunet.Util.MemBlock.Reference(ch.FindCertificate(mixed).SerialNumber),
                            "Only one supported");
        }
Example #4
0
        protected SecurityOverlord CreateInvalidSO(string name, int level)
        {
            if (rsa == null)
            {
                rsa = new RSACryptoServiceProvider();
                byte[] blob = rsa.ExportCspBlob(false);
                RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();
                rsa_pub.ImportCspBlob(blob);
                CertificateMaker cm = new CertificateMaker("United States", "UFL",
                                                           "ACIS", "David Wolinsky", "*****@*****.**", rsa_pub,
                                                           "brunet:node:abcdefghijklmnopqrs");
                Certificate cert = cm.Sign(cm, rsa);
                x509 = cert.X509;
            }

            CertificateHandler ch = new CertificateHandler();

            if (level == 2 || level == 0)
            {
                ch.AddCACertificate(x509);
            }
            if (level == 3 || level == 0)
            {
                ch.AddSignedCertificate(x509);
            }
            ReqrepManager rrm = new ReqrepManager("so" + name);

            _timeout += rrm.TimeoutChecker;
            SecurityOverlord so = new SecurityOverlord(rsa_safe, rrm, ch);

            so.AnnounceSA += AnnounceSA;
            RoutingDataHandler rdh = new RoutingDataHandler();

            rrm.Subscribe(so, null);
            so.Subscribe(rdh, null);
            rdh.Subscribe(rrm, null);
            return(so);
        }
Example #5
0
    protected virtual StructuredNode PrepareNode(int id, AHAddress address)
    {
      if(TakenIDs.Contains(id)) {
        throw new Exception("ID already taken");
      }

      StructuredNode node = new StructuredNode(address, BrunetNamespace);

      NodeMapping nm = new NodeMapping();
      TakenIDs[id] = nm.ID = id;
      nm.Node = node;
      Nodes.Add((Address) address, nm);

      EdgeListener el = CreateEdgeListener(nm.ID);

      if(SecureEdges || SecureSenders) {
        byte[] blob = SEKey.ExportCspBlob(true);
        RSACryptoServiceProvider rsa_copy = new RSACryptoServiceProvider();
        rsa_copy.ImportCspBlob(blob);

        CertificateMaker cm = new CertificateMaker("United States", "UFL", 
          "ACIS", "David Wolinsky", "*****@*****.**", rsa_copy,
          address.ToString());
        Certificate cert = cm.Sign(CACert, SEKey);

        CertificateHandler ch = new CertificateHandler();
        ch.AddCACertificate(CACert.X509);
        ch.AddSignedCertificate(cert.X509);

        ProtocolSecurityOverlord so = new ProtocolSecurityOverlord(node, rsa_copy, node.Rrm, ch);
        so.Subscribe(node, null);
        node.GetTypeSource(SecurityOverlord.Security).Subscribe(so, null);
        nm.BSO = so;
        node.HeartBeatEvent += so.Heartbeat;
      }

      if(SecureEdges) {
        node.EdgeVerifyMethod = EdgeVerify.AddressInSubjectAltName;
        el = new SecureEdgeListener(el, nm.BSO);
      }

      node.AddEdgeListener(el);

      node.RemoteTAs = GetRemoteTAs();

      ITunnelOverlap ito = null;
      if(NCEnable) {
        nm.NCService = new NCService(node, new Point());
// My evaluations show that when this is enabled the system sucks
//        (node as StructuredNode).Sco.TargetSelector = new VivaldiTargetSelector(node, ncservice);
        ito = new NCTunnelOverlap(nm.NCService);
      } else {
        ito = new SimpleTunnelOverlap();
      }

      if(Broken != 0) {
        el = new Tunnel.TunnelEdgeListener(node, ito);
        node.AddEdgeListener(el);
      }
      // Enables Dht data store
      new TableServer(node);
      return node;
    }