public UserSignedVoteDTO CastVote(Guid voterId, Guid candidateId, byte[] caPublicKey)
{
(var key, var iv) = CryptoService.GenerateSymmetricKeys();
var encryptedVote = CryptoService.EncryptSymmetric(candidateId.ToByteArray(), key, iv);
var encryptedKey = CryptoService.EncryptAsymmetric(key, caPublicKey);
var encryptedIV = CryptoService.EncryptAsymmetric(iv, caPublicKey);
var voterHash = CryptoService.HmacItem(voterId.ToByteArray(), _privateKey);
var vote = new Vote()
{
VoterId = voterHash,
EncryptedKey = encryptedKey,
EncryptedIV = encryptedIV,
EncryptedVote = encryptedVote
};
var signature = CryptoService.SignItem(Converters.ConvertToByteArray(vote), _privateKey);
var userSignedVote = new UserSignedVoteDTO()
{
Vote = vote,
Signature = signature
};
return(userSignedVote);
}
public async Task <IActionResult> CastVote(UserSignedVoteDTO userSignedVoteDto)
{
var user = await _userManager.FindByNameAsync(userSignedVoteDto.UserName);
// var result = await _userManager.VerifyUserTokenAsync(user, "EVoting", "Vote", userSignedVoteDto.Token);
// if (!result) return Unauthorized();
var userDetail = await _context.UserDetails.FirstOrDefaultAsync(x => x.UserId == user.Id);
var voteToCheck = new Vote()
{
EncryptedIV = userSignedVoteDto.Vote.EncryptedIV,
EncryptedKey = userSignedVoteDto.Vote.EncryptedKey,
EncryptedVote = userSignedVoteDto.Vote.EncryptedVote,
VoterId = userSignedVoteDto.Vote.VoterId
};
var userSignatureCheck = CryptoService.VerifySignature(Converters.ConvertToByteArray(voteToCheck),
userSignedVoteDto.Signature, userDetail.PublicKey);
if (!userSignatureCheck)
{
return(Unauthorized());
}
var authPrivateKey = _authService.GetPrivateKey();
var authSignedVoteDto = new AuthSignedVoteDTO()
{
Vote = userSignedVoteDto.Vote,
Signature = CryptoService.SignItem(Converters.ConvertToByteArray(userSignedVoteDto.Vote), authPrivateKey)
};
//////////////////////// NODE PART TODO: Move to real nodes ////////////////////////////////////
var authPublicKey = _authService.GetPublicKey();
var authSignatureCheck = CryptoService.VerifySignature(Converters.ConvertToByteArray(authSignedVoteDto.Vote)
, authSignedVoteDto.Signature, authPublicKey);
if (!authSignatureCheck)
{
return(Unauthorized());
}
var nodePrivateKey = _nodeService.GetPrivateKey();
var nodeSignature = CryptoService.SignItem(Converters.ConvertToByteArray(authSignedVoteDto.Vote), nodePrivateKey);
var transaction = new Transaction()
{
EncryptedIV = authSignedVoteDto.Vote.EncryptedIV,
EncryptedKey = authSignedVoteDto.Vote.EncryptedKey,
EncryptedVote = authSignedVoteDto.Vote.EncryptedVote,
VoterId = authSignedVoteDto.Vote.VoterId,
Signature = nodeSignature
};
var nodePublicKey = _nodeService.GetPublicKey();
_blockchain.AddPublicKey("node", nodePublicKey);
var transactionAddCheck = _blockchain.AddTransaction(transaction);
if (!transactionAddCheck)
{
return(Unauthorized());
}
_blockchain.MineBlock();
return(Ok(new BaseResponseDTO()
{
Success = true,
Message = "Vote registered succesfully."
}));
}
