/**
* Constructor that takes an X509 certificate.
* @param cert X509 certificate.
*/
public SocialUser(Certificate cert)
{
Uid = cert.Subject.Email;
Name = cert.Subject.Name;
PCID = cert.Subject.OrganizationalUnit;
Address = cert.NodeAddress;
Version = cert.Subject.Organization;
Fingerprint = SocialUtils.GetSHA256(cert.X509.RawData);
DhtKey = "svpn:" + Uid + ":" + Fingerprint;
Country = cert.Subject.Country;
Access = AccessTypes.Block.ToString();
Time = TIMEDEFAULT;
IP = IPDEFAULT;
Alias = ALIASDEFAULT;
Pic = PICDEFAULT;
}
/**
* Constructor.
* @param brunetConfig configuration file for Brunet P2P library.
* @param ipopConfig configuration file for IP over P2P app.
*/
public SocialNode(string brunetConfig, string ipopConfig,
string certDir, string port)
: base(brunetConfig, ipopConfig)
{
_friends = new Dictionary<string, SocialUser>();
_cert_dir = certDir;
string cert_path = Path.Combine(certDir, CERTFILENAME);
_local_cert = new Certificate(SocialUtils.ReadFileBytes(cert_path));
_local_user = new SocialUser(_local_cert);
_local_cert_b64 = Convert.ToBase64String(_local_cert.X509.RawData);
_bso.CertificateHandler.AddCACertificate(_local_cert.X509);
_bso.CertificateHandler.AddSignedCertificate(_local_cert.X509);
_snp = new SocialNetworkProvider(this.Dht, _local_user);
_srh = new SocialRpcHandler(_node, _local_user, _friends);
_scm = new SocialConnectionManager(this, _snp, _snp, port, _friends,
_srh);
}
/**
* Add a friend to socialvpn from an X509 certificate.
* @param certData the X509 certificate as a byte array.
* @param key the dht_key containing fingerprint.
*/
public void AddCertificate(byte[] certData, string key)
{
Certificate cert = new Certificate(certData);
SocialUser friend = new SocialUser(cert);
string[] parts = key.Split(':');
string uid = parts[1];
string fingerprint = parts[2];
// Verification on the certificate by email and fingerprint
if(friend.DhtKey == _local_user.DhtKey ||
_friends.ContainsKey(friend.DhtKey)) {
ProtocolLog.Write(SocialLog.SVPNLog, "ADD CERT KEY FOUND: " +
key);
}
else if(fingerprint != friend.Fingerprint || uid != friend.Uid) {
ProtocolLog.Write(SocialLog.SVPNLog, "ADD CERT KEY MISMATCH: " +
key + " " + friend.DhtKey);
}
else {
friend.Alias = CreateAlias(friend.Uid, friend.PCID);
// Save certificate to file system
SocialUtils.SaveCertificate(cert, _cert_dir);
// Add certificates to handler
_bso.CertificateHandler.AddCACertificate(cert.X509);
// Add friend to list
_friends.Add(friend.DhtKey, friend);
// Temporary
AddFriend(friend);
// RPC ping to newly added friend
_srh.PingFriend(friend);
ProtocolLog.Write(SocialLog.SVPNLog,"ADD CERT KEY SUCCESS: " +
friend.DhtKey + " " + friend.IP + " " +
friend.Alias);
}
}
/// <summary>This method is called by a CA to sign the provided Certificate
/// with our RSA key.</summary>
public Certificate Sign(Certificate Signer, RSA PrivateKey)
{
X509CertificateBuilder x509_builder = new X509CertificateBuilder(3);
x509_builder.IssuerName = Signer.Subject.DN;
x509_builder.SubjectName = Subject.DN;
SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
// I guess this is reversed for network order or something...
byte[] tmp = sha1.ComputeHash(Signer.UnsignedData);
for(int i = 0; i < tmp.Length / 2; i++) {
int j = tmp.Length - i - 1;
byte tmpb = tmp[i];
tmp[i] = tmp[j];
tmp[j] = tmpb;
}
x509_builder.SerialNumber = tmp;
x509_builder.NotBefore = System.DateTime.MinValue;
x509_builder.NotAfter = System.DateTime.MaxValue;
x509_builder.SubjectPublicKey = _public_key;
SubjectAltNameExtension sane = new SubjectAltNameExtension(null, null, null, new string[] {NodeAddress});
x509_builder.Extensions.Add(sane);
byte[] cert_data = x509_builder.Sign(PrivateKey);
return new Certificate(cert_data);
}
