/// <summary>Parse a revocation message.</summary>
public UserRevocationMessage(Certificate cacert, MemBlock data)
{
_data = data;
int pos = 0;
int length = 0;
Username = AdrConverter.Deserialize(data, pos, out length) as string;
pos += length;
// Random number to reduce likelihood of malicious duplication of messages
NumberSerializer.ReadInt(data, pos);
pos += 4;
// Verify that there is a date contained therein, perhaps we should verify the time
new DateTime(NumberSerializer.ReadLong(data, pos));
pos += 8;
Signature = new byte[data.Length - pos];
data.Slice(pos).CopyTo(Signature, 0);
// hash the data
SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
Hash = sha1.ComputeHash(data, 0, data.Length - Signature.Length);
if(!cacert.PublicKey.VerifyHash(Hash,
CryptoConfig.MapNameToOID("SHA1"), Signature))
{
throw new Exception("Invalid UserRevocationMessage signature");
}
}
/// <summary>True upon a non-revoked certificate, an exception otherwise.</summary>
public bool Verify(X509Certificate x509, Brunet.Messaging.ISender sender)
{
Certificate cert = new Certificate(x509.RawData);
if(!_revoked_users.Contains(cert.Subject.Name)) {
return true;
}
throw new Exception("User has been revoked!");
}
public SocialUser(string certificate, string ip, string status) : this() {
byte[] certBytes = Convert.FromBase64String(certificate);
_certificate = certificate;
_cert = new Certificate(certBytes);
_fingerprint = SocialUtils.GetSHA1HashString(certBytes);
_pic = PICPREFIX + SocialUtils.GetMD5HashString(Uid) + PICSUFFIX;
_ip = ip;
_status = status;
}
public Simulator(Parameters parameters, bool do_not_start)
{
_parameters = parameters;
StartingNetworkSize = parameters.Size;
CurrentNetworkSize = 0;
Nodes = new SortedList<Address, NodeMapping>();
TakenIDs = new SortedList<int, NodeMapping>();
SimBroadcastHandler = new SimpleFilter();
if(parameters.Seed != -1) {
_rand = new Random(parameters.Seed);
} else {
_rand = new Random();
}
BrunetNamespace = "testing" + _rand.Next();
_broken = parameters.Broken;
_secure_edges = parameters.SecureEdges;
_secure_senders = parameters.SecureSenders;
_pathing = parameters.Pathing;
_dtls = parameters.Dtls;
if(_secure_edges || _secure_senders) {
_se_key = new RSACryptoServiceProvider();
byte[] blob = _se_key.ExportCspBlob(false);
RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();
rsa_pub.ImportCspBlob(blob);
CertificateMaker cm = new CertificateMaker("United States", "UFL",
"ACIS", "David Wolinsky", "*****@*****.**", rsa_pub,
"brunet:node:abcdefghijklmnopqrs");
Certificate cert = cm.Sign(cm, _se_key);
_ca_cert = cert;
}
if(parameters.LatencyMap != null) {
SimulationEdgeListener.LatencyMap = parameters.LatencyMap;
}
_start = parameters.Evaluation;
if(!do_not_start) {
Start();
}
_start = false;
}
public BroadcastRevocationHandler (Certificate ca_cert, SecurityOverlord so)
{
_revoked_users = new Hashtable();
_ca_cert = ca_cert;
_so = so;
}
public void SecureStartup()
{
if(SEKey != null) {
return;
}
SEKey = new RSACryptoServiceProvider();
byte[] blob = SEKey.ExportCspBlob(false);
RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();
rsa_pub.ImportCspBlob(blob);
CertificateMaker cm = new CertificateMaker("United States", "UFL",
"ACIS", "David Wolinsky", "*****@*****.**", rsa_pub,
"brunet:node:abcdefghijklmnopqrs");
Certificate cert = cm.Sign(cm, SEKey);
CACert = cert;
}