public async void ShouldInValidateChallengeNotValidCertificateSignature()
{
var incorrectowner = new Nethereum.Web3.Accounts.Account("0xb1939d6c8c73d6aa5ad97873c2f99a2dfc2b4c356acfd5338caff20392d7960d");
var signer = new Nethereum.Web3.Accounts.Account("0xa83369462189d7cc3d2aed78614d0df89f4d9651770fef9fc64b05acf7464a7f");
//var guardian = new Nethereum.Web3.Accounts.Account("0xa0f2dd3adc8b79603f92736ac50843f1c5344514505b042369efdab105e9442b");
var immunityCertificate = new ImmunityCertificate();
immunityCertificate.OwnerAddress = signer.Address; //owner is the signer so the ow
immunityCertificate.SignerAddress = signer.Address;
immunityCertificate.TestKitId = "TestKit1";
immunityCertificate.PhotoId = "QmbtqAxAnEqumx9k8wx8yxyANpC5vVwvQsdSWUQof9NP2o".DecodeBase58();
immunityCertificate.TestCentreId = "100";
// no guardians
// immunityCertificate.Guardians = new System.Collections.Generic.List<string> { guardian.Address };
immunityCertificate.SetExpiryDate(DateTime.Now.AddDays(1000));
var signature = new EthereumMessageSigner().Sign(immunityCertificate.GetHashCertificate(), new EthECKey(signer.PrivateKey));
var signedCertificate = new SignedImmunityCertificate(immunityCertificate, signature);
var web3 = _ethereumClientIntegrationFixture.GetWeb3();
var tokenService = await Covid19CertificationService.DeployContractAndGetServiceAsync(web3, new Covid19CertificationDeployment());
var challenge = "testtest";
var challengeSigner = new EthereumMessageSigner();
var signatureOwner = challengeSigner.EncodeUTF8AndSign(challenge, new EthECKey(incorrectowner.PrivateKey));
Assert.False(await tokenService.VerifyCertificateChallengeSignatureQueryAsync(signedCertificate, challenge, signatureOwner.HexToByteArray()));
}
public void ShouldCreateAFullCertificate()
{
var immunityCertificate = new ImmunityCertificate();
immunityCertificate.OwnerAddress = "0x12890d2cce102216644c59daE5baed380d84830c";
immunityCertificate.SignerAddress = "0x12890d2cce102216644c59daE5baed380d84830c";
immunityCertificate.TestKitId = "TestKit1";
immunityCertificate.PhotoId = "QmbtqAxAnEqumx9k8wx8yxyANpC5vVwvQsdSWUQof9NP2o".DecodeBase58();
immunityCertificate.TestCentreId = "100";
immunityCertificate.Guardians = new System.Collections.Generic.List <string> {
"0x12890d2cce102216644c59daE5baed380d84830c"
};
immunityCertificate.ExpiryDate = 10000;
var signature = new EthereumMessageSigner().Sign(immunityCertificate.GetHashCertificate(), new EthECKey("0xb5b1870957d373ef0eeffecc6e4812c0fd08f554b37b233526acc331bf1544f7"));
var signedCertificate = new SignedImmunityCertificate(immunityCertificate, signature);
Assert.True(signedCertificate.IsCertificateSignatureValid());
var fullCertificate = signedCertificate.GenerateFullCertificate();
Assert.Equal("0x12890d2cce102216644c59daE5baed380d84830c,0x12890d2cce102216644c59daE5baed380d84830c,100,QmbtqAxAnEqumx9k8wx8yxyANpC5vVwvQsdSWUQof9NP2o,10000,TestKit1,0x12890d2cce102216644c59daE5baed380d84830c,a557275c55368d1ce2a2c7a0009de2bc8945eada0a6590b1b61de83c10b1a6507e5abbf3291e4527c180d3917f96f4b2fed3b26f69918130eba1dc25c79d69361b", fullCertificate);
var signedCertificate2 = new SignedImmunityCertificate(fullCertificate);
Assert.True(signedCertificate2.IsCertificateSignatureValid());
Assert.Equal("0x12890d2cce102216644c59daE5baed380d84830c,0x12890d2cce102216644c59daE5baed380d84830c,100,QmbtqAxAnEqumx9k8wx8yxyANpC5vVwvQsdSWUQof9NP2o,10000,TestKit1,0x12890d2cce102216644c59daE5baed380d84830c,a557275c55368d1ce2a2c7a0009de2bc8945eada0a6590b1b61de83c10b1a6507e5abbf3291e4527c180d3917f96f4b2fed3b26f69918130eba1dc25c79d69361b", signedCertificate2.GenerateFullCertificate());
}
public const char ResponseSeparator = '|'; // Different for the certificate separator to make our lives easier
//0xdc0ee0c7cd4928ab9604bc42f37ee9a2566940f7
//0x472A2Df4dF03EBC4a722175C3C6EaB66f0c017B8,0xc780A52cD48112053409f202454E555669C7e425,100,QmbtqAxAnEqumx9k8wx8yxyANpC5vVwvQsdSWUQof9NP2o,1673858445,TestKit1,0x934453B2b5169b538D47fb52D05819e9e1Ad77D3,c1dd24dbb24c79846679a8a37010c37c66b834a00afbe6274df17f651d0cb3d55338c52c11035f606af6d76b0531e3a1fe1bf2f7b9841221e163397037dbbd701c
/// <summary>
/// Validates the signature matches the users in certificate,
/// Validates the certificate signer is including in the smart contract registry
/// Validates the certificate is still valid (ie not in the expired certificates)
/// </summary>
public async Task <SignedImmunityCertificate> ValidateCertificateAsync(string challenge, string response)
{
var responseValues = response.Split(ResponseSeparator);
var fullCertificate = responseValues[0];
var signature = responseValues[1];
var certificate = new SignedImmunityCertificate(fullCertificate);
if (!certificate.IsCertificateSignatureValid())
{
return(null); // Invalid certificate
}
if (!ValidChallengeSignature(challenge, signature, certificate.ImmunityCertificate.OwnerAddress))
{
return(null); //Signature does not match certificates signature
}
var web3 = new Nethereum.Web3.Web3("https://ropsten.infura.io/v3/7238211010344719ad14a89db874158c");
var tokenService = new Covid19CertificationService(web3, "0xdc0ee0c7cd4928ab9604bc42f37ee9a2566940f7");
try
{
var ethereumCheck = await tokenService.FullVerificationCertificateChallengeWithSignatureQueryAsync(certificate, challenge, signature.HexToByteArray(), DateTimeOffset.Now.ToUnixTimeSeconds()).ConfigureAwait(false);
if (!ethereumCheck)
{
return(null);
}
}
catch
{
return(null);
}
return(await Task.FromResult(certificate));
}
public async void ShouldDoFullValidation()
{
var owner = new Nethereum.Web3.Accounts.Account("0xb1939d6c8c73d6aa5ad97873c2f99a2dfc2b4c356acfd5338caff20392d7960d");
var signer = new Nethereum.Web3.Accounts.Account("0xa83369462189d7cc3d2aed78614d0df89f4d9651770fef9fc64b05acf7464a7f");
var guardian = new Nethereum.Web3.Accounts.Account("0xa0f2dd3adc8b79603f92736ac50843f1c5344514505b042369efdab105e9442b");
var immunityCertificate = new ImmunityCertificate();
immunityCertificate.OwnerAddress = owner.Address;
immunityCertificate.SignerAddress = signer.Address;
immunityCertificate.TestKitId = "TestKit1";
immunityCertificate.PhotoId = "QmbtqAxAnEqumx9k8wx8yxyANpC5vVwvQsdSWUQof9NP2o".DecodeBase58();
immunityCertificate.TestCentreId = "100";
immunityCertificate.Guardians = new System.Collections.Generic.List <string> {
guardian.Address
};
immunityCertificate.SetExpiryDate(DateTime.Now.AddDays(1000));
var signature = new EthereumMessageSigner().Sign(immunityCertificate.GetHashCertificate(), new EthECKey(signer.PrivateKey));
var signedCertificate = new SignedImmunityCertificate(immunityCertificate, signature);
var web3 = _ethereumClientIntegrationFixture.GetWeb3();
//admin deployer
var account = AccountFactory.GetAccount();
//simple deployment
//var web3 = new Nethereum.Web3.Web3(new Nethereum.Web3.Accounts.Account("0xb5b1870957d373ef0eeffecc6e4812c0fd08f554b37b233526acc331bf1544f7"), "https://ropsten.infura.io/v3/7238211010344719ad14a89db874158c");
var tokenService = await Covid19CertificationService.DeployContractAndGetServiceAsync(web3, new Covid19CertificationDeployment());
var address = tokenService.ContractHandler.ContractAddress;
//Add Test Centre
var receiptAddTestCentre = await tokenService.UpsertTestCentreRequestAndWaitForReceiptAsync(new TestCentre()
{
TestCentreId = "100", Invalid = false
});
//Add Test Centre Owner
var receiptAddTestCentreOwner = await tokenService.UpsertTestCentreOwnerRequestAndWaitForReceiptAsync("100".ToUTF8Bytes(), account.Address, true);
//Add Test Centre Certificate Signer
var receiptAddTestCentreSigner = await tokenService.UpsertTestCentreCertSignerRequestAndWaitForReceiptAsync(new TestCentreCertSigner()
{
TestCentreId = "100", SignerAddress = signer.Address, Invalid = false, ExpiryDate = 0
});
var challenge = "testtest";
var challengeSigner = new EthereumMessageSigner();
var signatureOwner = challengeSigner.EncodeUTF8AndSign(challenge, new EthECKey(owner.PrivateKey));
var certificateText = signedCertificate.GenerateFullCertificate();
Assert.True(await tokenService.FullVerificationCertificateChallengeWithSignatureQueryAsync(signedCertificate, challenge, signatureOwner.HexToByteArray(), DateTimeOffset.Now.ToUnixTimeSeconds()));
var signatureGuardian = challengeSigner.EncodeUTF8AndSign(challenge, new EthECKey(guardian.PrivateKey));
Assert.True(await tokenService.FullVerificationCertificateChallengeWithSignatureQueryAsync(signedCertificate, challenge, signatureGuardian.HexToByteArray(), DateTimeOffset.Now.ToUnixTimeSeconds()));
}
public Task <bool> VerifyCertificateSignatureQueryAsync(SignedImmunityCertificate signedCertificate, BlockParameter blockParameter = null)
{
var verifyCertificateSignatureFunction = new VerifyCertificateSignatureFunction();
verifyCertificateSignatureFunction.SignedCertificate = signedCertificate;
return(ContractHandler.QueryAsync <VerifyCertificateSignatureFunction, bool>(verifyCertificateSignatureFunction, blockParameter));
}
public Task <bool> VerifyCertificateChallengeSignatureQueryAsync(SignedImmunityCertificate certificate, string challenge, byte[] challengeSignature, BlockParameter blockParameter = null)
{
var verifyCertificateChallengeSignatureFunction = new VerifyCertificateChallengeSignatureFunction();
verifyCertificateChallengeSignatureFunction.Certificate = certificate;
verifyCertificateChallengeSignatureFunction.Challenge = challenge;
verifyCertificateChallengeSignatureFunction.ChallengeSignature = challengeSignature;
return(ContractHandler.QueryAsync <VerifyCertificateChallengeSignatureFunction, bool>(verifyCertificateChallengeSignatureFunction, blockParameter));
}
public const char ResponseSeparator = '|'; // Different for the certificate separator to make our lives easier
/// <summary>
/// Validates the signature matches the users in certificate,
/// Validates the certificate signer is including in the smart contract registry
/// Validates the certificate is still valid (ie not in the expired certificates)
/// </summary>
public async Task <SignedImmunityCertificate> ValidateCertificateAsync(string challenge, string response)
{
var responseValues = response.Split(ResponseSeparator);
var fullCertificate = responseValues[0];
var signature = responseValues[1];
var certificate = new SignedImmunityCertificate(fullCertificate);
if (!certificate.IsCertificateSignatureValid())
{
return(null); // Invalid certificate
}
if (!ValidChallengeSignature(challenge, signature, certificate.ImmunityCertificate.OwnerAddress))
{
return(null); //Signature does not match certificates signature
}
//Smart contract registry validation
return(await Task.FromResult(certificate));
}
public async void ShouldValidateCertificateSignature()
{
var immunityCertificate = new ImmunityCertificate();
immunityCertificate.OwnerAddress = "0x12890d2cce102216644c59daE5baed380d84830c";
immunityCertificate.SignerAddress = "0x12890d2cce102216644c59daE5baed380d84830c";
immunityCertificate.TestKitId = "TestKit1";
immunityCertificate.PhotoId = "QmbtqAxAnEqumx9k8wx8yxyANpC5vVwvQsdSWUQof9NP2o".DecodeBase58();
immunityCertificate.TestCentreId = "100";
immunityCertificate.Guardians = new System.Collections.Generic.List <string> {
"0x12890d2cce102216644c59daE5baed380d84830c"
};
immunityCertificate.SetExpiryDate(DateTime.Now.AddDays(1000));
var signature = new EthereumMessageSigner().Sign(immunityCertificate.GetHashCertificate(), new EthECKey("0xb5b1870957d373ef0eeffecc6e4812c0fd08f554b37b233526acc331bf1544f7"));
var signedCertificate = new SignedImmunityCertificate(immunityCertificate, signature);
var web3 = _ethereumClientIntegrationFixture.GetWeb3();
var tokenService = await Covid19CertificationService.DeployContractAndGetServiceAsync(web3, new Covid19CertificationDeployment());
Assert.True(await tokenService.VerifyCertificateSignatureQueryAsync(signedCertificate));
}
public Task <bool> FullVerificationCertificateChallengeWithSignatureQueryAsync(SignedImmunityCertificate certificate, string challenge, byte[] challengeSignature, long date, BlockParameter blockParameter = null)
{
var fullVerificationCertificateChallengeWithSignatureFunction = new FullVerificationCertificateChallengeWithSignatureFunction();
fullVerificationCertificateChallengeWithSignatureFunction.Certificate = certificate;
fullVerificationCertificateChallengeWithSignatureFunction.Challenge = challenge;
fullVerificationCertificateChallengeWithSignatureFunction.ChallengeSignature = challengeSignature;
fullVerificationCertificateChallengeWithSignatureFunction.Date = date;
return(ContractHandler.QueryAsync <FullVerificationCertificateChallengeWithSignatureFunction, bool>(fullVerificationCertificateChallengeWithSignatureFunction, blockParameter));
}
