/// <summary>
/// Get new aggregation hash chain based on the root signature aggregation hash chain.
/// </summary>
/// <param name="existingChain"></param>
/// <param name="node"></param>
/// <param name="chainIndex"></param>
/// <returns></returns>
private AggregationHashChain GetAggregationHashChain(AggregationHashChain existingChain, TreeNode node, ulong[] chainIndex)
{
AggregationHashChain.Link[] chainLinks = CreateAggregationHashChainLinks(node);
chainIndex[chainIndex.Length - 1] = AggregationHashChain.CalcLocationPointer(chainLinks);
return(new AggregationHashChain(existingChain.AggregationTime, chainIndex, node.Hash, _hashAlgorithm.Id, chainLinks));
}
public void ToStringTest()
{
Assembly assembly = typeof(AggregationHashChain).Assembly;
Type linkType = assembly.GetType("Guardtime.KSI.Signature.AggregationHashChain+Link");
Type metadataType = assembly.GetType("Guardtime.KSI.Signature.AggregationHashChain+Metadata");
AggregationHashChain tag = TestUtil.GetCompositeTag <AggregationHashChain>(Constants.AggregationHashChain.TagType,
new ITlvTag[]
{
new IntegerTag(Constants.AggregationHashChain.AggregationTimeTagType, false, false, 1),
new IntegerTag(Constants.AggregationHashChain.ChainIndexTagType, false, false, 0),
new RawTag(Constants.AggregationHashChain.InputDataTagType, false, false, new byte[] { 0x1 }),
new ImprintTag(Constants.AggregationHashChain.InputHashTagType, false, false,
new DataHash(HashAlgorithm.Sha2256,
new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 })),
new IntegerTag(Constants.AggregationHashChain.AggregationAlgorithmIdTagType, false, false, 1),
TestUtil.GetCompositeTag(linkType, (uint)LinkDirection.Left,
new ITlvTag[]
{
new IntegerTag(Constants.AggregationHashChain.Link.LevelCorrectionTagType, false, false, 0),
TestUtil.GetCompositeTag(metadataType, Constants.AggregationHashChain.Metadata.TagType,
new ITlvTag[]
{
new StringTag(Constants.AggregationHashChain.Metadata.ClientIdTagType, false, false, "Test ClientId"),
new StringTag(Constants.AggregationHashChain.Metadata.MachineIdTagType, false, false, "Test Machine Id"),
new IntegerTag(Constants.AggregationHashChain.Metadata.SequenceNumberTagType, false, false, 1),
new IntegerTag(Constants.AggregationHashChain.Metadata.RequestTimeTagType, false, false, 2)
})
})
});
AggregationHashChain tag2 = new AggregationHashChain(new RawTag(tag.Type, tag.NonCritical, tag.Forward, tag.EncodeValue()));
Assert.AreEqual(tag.ToString(), tag2.ToString());
}
public void TestCreateAggregationHashChainOk()
{
AggregationHashChain aggregationHashChain = GetAggregationHashChainFromFile(Resources.AggregationHashChain_Ok);
Assert.AreEqual(9, aggregationHashChain.Count, "Invalid amount of child TLV objects");
Assert.IsNotNull(aggregationHashChain.GetInputData(), "Unexpected input data.");
}
/// <summary>
/// Prepare chain index. Leave element is filled later.
/// </summary>
/// <param name="existingChain"></param>
/// <returns></returns>
private static ulong[] PrepareChainIndex(AggregationHashChain existingChain)
{
ulong[] existingChainIndex = existingChain.GetChainIndex();
ulong[] chainIndex = new ulong[existingChainIndex.Length + 1];
Array.Copy(existingChainIndex, chainIndex, existingChainIndex.Length);
return(chainIndex);
}
/// <summary>
/// Create uni-signatures based on the root signature.
/// </summary>
/// <returns></returns>
private IEnumerable <IKsiSignature> CreateUniSignatures(IKsiSignature rootSignature)
{
Logger.Debug("Start creating uni-signatures.");
AggregationHashChain existingAggregationHashChain = rootSignature.GetAggregationHashChains()[0];
byte[] rootSignatureData = rootSignature.EncodeValue();
ulong[] chainIndex = PrepareChainIndex(existingAggregationHashChain);
foreach (TreeNode node in _leafNodes)
{
using (MemoryStream stream = new MemoryStream())
{
AggregationHashChain aggregationHashChain = GetAggregationHashChain(existingAggregationHashChain, node, chainIndex);
aggregationHashChain.WriteTo(stream);
// Take root node signature data and add aggregation hash chain.
byte[] signatureData = new byte[rootSignatureData.Length + stream.Length];
Array.Copy(stream.ToArray(), signatureData, stream.Length);
Array.Copy(rootSignatureData, 0, signatureData, stream.Length, rootSignatureData.Length);
// Create new signature from the signature data.
yield return(_signatureFactory.CreateByContent(signatureData, node.Hash));
}
}
Logger.Debug("End creating uni-signatures.");
}
public void TestGetOutputHash()
{
AggregationHashChain aggregationHashChain = GetAggregationHashChainFromFile(Resources.AggregationHashChain_Ok);
AggregationHashChainResult result = new AggregationHashChainResult(1, aggregationHashChain.InputHash);
result = aggregationHashChain.GetOutputHash(result);
Assert.AreEqual(new DataHash(Base16.Decode("0116FF519501549E59F94952234BEAE90D1AB708901AF7B3F92B88B6A441969541")), result.Hash, "Unexpected output hash.");
Assert.AreEqual(29, result.Level, "Unexpected level.");
}
public void TestGetOutputHashWithoutResult()
{
AggregationHashChain aggregationHashChain = GetAggregationHashChainFromFile(Resources.AggregationHashChain_Ok);
ArgumentNullException ex = Assert.Throws <ArgumentNullException>(delegate
{
aggregationHashChain.GetOutputHash(null);
});
Assert.AreEqual("result", ex.ParamName);
}
public void TestCreateAggregationHashChainWithLinksOk()
{
ReadOnlyCollection <AggregationHashChain.Link> links = GetAggregationHashChainFromFile(Resources.AggregationHashChain_Ok).GetChainLinks();
AggregationHashChain newAggregationHashChain = new AggregationHashChain(1, new ulong[] { 1 },
new DataHash(Base16.Decode("01404572B3A03FCBB57D265903A153B24237F277723D1B24A199F9F009A4EB23BE")),
1, links.ToArray());
Assert.AreEqual(links.Count, newAggregationHashChain.GetChainLinks().Count, "Unexpected links count");
Assert.AreEqual(LinkDirection.Left, links[0].Direction, "Unexpected link direction");
Assert.AreEqual(new DataHash(Base16.Decode("01E8EE4A17C22DFA36839998F24DEC73E78DA7B0A92FF3530570AF98117F406DDF")), links[0].SiblingHash, "Unexpected sibling hash");
Assert.IsNull(links[0].Metadata, "Unexpected metadata");
}
public void TestGetLocationPointerWithMixedAggregationChains()
{
IKsiSignature signature = TestUtil.GetSignature(Resources.KsiSignature_Ok_With_Mixed_Aggregation_Chains);
ReadOnlyCollection <AggregationHashChain> hashChains = signature.GetAggregationHashChains();
ulong[] index = hashChains[0].GetChainIndex();
int i = index.Length - 1;
foreach (AggregationHashChain chain in hashChains)
{
ReadOnlyCollection <AggregationHashChain.Link> links = chain.GetChainLinks();
Assert.AreEqual(index[i--], AggregationHashChain.CalcLocationPointer(links.ToArray()), "Location pointers do not match.");
}
}
public void TestGetLocationPointer()
{
Assert.AreEqual(63,
AggregationHashChain.CalcLocationPointer(new List <AggregationHashChain.Link>
{
new AggregationHashChain.Link(LinkDirection.Left, new AggregationHashChain.Metadata("test client", "test machine id")),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("01404572B3A03FCBB57D265903A153B24237F277723D1B24A199F9F009A4EB23BE"))),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("0160D25FD6F2A962B41F20CFC2DD9CC62C9C802EADB08E8F15E60D0316E778ACDC"))),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("01F2960B44B6846AE20FD4169D599D9F1C405A6CB1CBAA5B3179A06B3D1DB92166"))),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("01F2960B44B6846AE20FD4169D599D9F1C405A6CB1CBAA5B3179A06B3D1DB92166"))),
}.ToArray()), "Invalid location pointer.");
Assert.AreEqual(51,
AggregationHashChain.CalcLocationPointer(new List <AggregationHashChain.Link>
{
new AggregationHashChain.Link(LinkDirection.Left, "test client", "test machine id"),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("01404572B3A03FCBB57D265903A153B24237F277723D1B24A199F9F009A4EB23BE"))),
new AggregationHashChain.Link(LinkDirection.Right, new DataHash(Base16.Decode("0160D25FD6F2A962B41F20CFC2DD9CC62C9C802EADB08E8F15E60D0316E778ACDC"))),
new AggregationHashChain.Link(LinkDirection.Right, new DataHash(Base16.Decode("01F2960B44B6846AE20FD4169D599D9F1C405A6CB1CBAA5B3179A06B3D1DB92166"))),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("01F2960B44B6846AE20FD4169D599D9F1C405A6CB1CBAA5B3179A06B3D1DB92166"))),
}.ToArray()), "Invalid location pointer.");
Assert.AreEqual(23, AggregationHashChain.CalcLocationPointer(new List <AggregationHashChain.Link>
{
new AggregationHashChain.Link(LinkDirection.Left, new AggregationHashChain.Metadata("test client", "test machine id")),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("01404572B3A03FCBB57D265903A153B24237F277723D1B24A199F9F009A4EB23BE"))),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("0160D25FD6F2A962B41F20CFC2DD9CC62C9C802EADB08E8F15E60D0316E778ACDC"))),
new AggregationHashChain.Link(LinkDirection.Right, new DataHash(Base16.Decode("01F2960B44B6846AE20FD4169D599D9F1C405A6CB1CBAA5B3179A06B3D1DB92166"))),
}.ToArray()), "Invalid location pointer.");
Assert.AreEqual(21, AggregationHashChain.CalcLocationPointer(new List <AggregationHashChain.Link>
{
new AggregationHashChain.Link(LinkDirection.Left, new AggregationHashChain.Metadata("test client", "test machine id")),
new AggregationHashChain.Link(LinkDirection.Right, new DataHash(Base16.Decode("01404572B3A03FCBB57D265903A153B24237F277723D1B24A199F9F009A4EB23BE"))),
new AggregationHashChain.Link(LinkDirection.Left, new DataHash(Base16.Decode("0160D25FD6F2A962B41F20CFC2DD9CC62C9C802EADB08E8F15E60D0316E778ACDC"))),
new AggregationHashChain.Link(LinkDirection.Right, new DataHash(Base16.Decode("01F2960B44B6846AE20FD4169D599D9F1C405A6CB1CBAA5B3179A06B3D1DB92166"))),
}.ToArray()), "Invalid location pointer.");
Assert.AreEqual(9, AggregationHashChain.CalcLocationPointer(new List <AggregationHashChain.Link>
{
new AggregationHashChain.Link(LinkDirection.Left, new AggregationHashChain.Metadata("test client", "test machine id")),
new AggregationHashChain.Link(LinkDirection.Right, new DataHash(Base16.Decode("01404572B3A03FCBB57D265903A153B24237F277723D1B24A199F9F009A4EB23BE"))),
new AggregationHashChain.Link(LinkDirection.Right, new DataHash(Base16.Decode("0160D25FD6F2A962B41F20CFC2DD9CC62C9C802EADB08E8F15E60D0316E778ACDC"))),
}.ToArray()), "Invalid location pointer.");
}
/// <see cref="VerificationRule.Verify" />
public override VerificationResult Verify(IVerificationContext context)
{
IKsiSignature signature = GetSignature(context);
if (!signature.IsRfc3161Signature)
{
return(new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
AggregationHashChain aggregationHashChain = GetAggregationHashChains(signature, false)[0];
HashAlgorithm hashAlgorithm = aggregationHashChain.InputHash.Algorithm;
ulong aggregationTime = aggregationHashChain.AggregationTime;
if (hashAlgorithm.IsDeprecated(aggregationTime))
{
Logger.Debug("RFC3161 output hash algorithm was deprecated at aggregation time. Algorithm: {0}; Aggregation time: {1}", hashAlgorithm.Name, aggregationTime);
return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Int17));
}
return(new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
public void TestCreateAggregationHashChainFromChildTags()
{
AggregationHashChain aggregationHashChain = new AggregationHashChain(false, false, GetAggregationHashChainFromFile(Resources.AggregationHashChain_Ok).ToArray());
Assert.AreEqual(9, aggregationHashChain.Count, "Invalid amount of child TLV objects");
}
public void TestAggregationHashChainOkMissingOptionals()
{
AggregationHashChain aggregationHashChain = GetAggregationHashChainFromFile(Resources.AggregationHashChain_Ok_Missing_Optionals);
Assert.AreEqual(8, aggregationHashChain.Count, "Invalid amount of child TLV objects");
}
private static void VerifyChainAlgorithm(IKsiSignature ksiSignature, HashAlgorithm expectedAlgorithm)
{
AggregationHashChain aggregationHashChain = ksiSignature.GetAggregationHashChains()[0];
Assert.AreEqual(expectedAlgorithm.Id, aggregationHashChain.AggregationAlgorithm.Id, "Aggregation hash chain hash algorithm should match");
}
