public void ChainTest()
{
CertificateStorage storage = new CertificateStorage();
CACertificate root = new CACertificate(null, "Root");
root.CreateSelfSignature();
Assert.AreEqual(CertificateValidationResult.NoSignature, root.Validate(storage));
storage.AddRoot(root.OnlyPublicPart);
Assert.AreEqual(CertificateValidationResult.Valid, root.Validate(storage));
var rootCrl = new RevocationList(root.Id, DateTime.Now, DateTime.Now.AddDays(1), new Guid[]{});
var signedRootCrl = new Signed<RevocationList>(rootCrl, root);
storage.AddRevocationList(signedRootCrl);
CACertificate intermediate = new CACertificate(null, "Intermediate");
intermediate.CreateSelfSignature();
Assert.AreEqual(CertificateValidationResult.NoSignature, intermediate.Validate(storage));
intermediate.AddSignature(root, DateTime.Now.AddDays(1));
storage.Add(intermediate.OnlyPublicPart);
Assert.AreEqual(CertificateValidationResult.Valid, intermediate.Validate(storage));
var intermediateCrl = new RevocationList(intermediate.Id, DateTime.Now, DateTime.Now.AddDays(1), new Guid[] { });
var signedIntermediateCrl = new Signed<RevocationList>(intermediateCrl, intermediate);
storage.AddRevocationList(signedIntermediateCrl);
AdminCertificate test = new AdminCertificate(Language.English, null, "Test");
test.CreateSelfSignature();
Assert.AreEqual(CertificateValidationResult.NoSignature, test.Validate(storage));
test.AddSignature(intermediate, DateTime.Now.AddDays(1));
Assert.AreEqual(CertificateValidationResult.Valid, test.Validate(storage));
}
public void RpcTest()
{
TcpRpcServer server = new TcpRpcServer(new EchoServer());
server.Start();
CertificateStorage storage = new CertificateStorage();
TcpRpcClient client = new TcpRpcClient();
client.Connect(new IPEndPoint(IPAddress.Loopback, 4242));
Assert.IsTrue(client.Connected);
var request = new EchoRequest(Guid.NewGuid(), "hello");
var responseData = client.Execute(request.ToBinary());
var response = Serializable.FromBinary<EchoResponse>(responseData);
Assert.AreEqual(request.RequestId, response.RequestId);
Assert.AreEqual("hello", response.Message);
client.Disconnect();
Assert.IsFalse(client.Connected);
server.Stop();
}
public void MyTestInitialize()
{
this.storage = new CertificateStorage();
this.root = new CACertificate(null, "Root");
this.root.CreateSelfSignature();
this.storage.AddRoot(this.root.OnlyPublicPart);
var rootCrl = new RevocationList(this.root.Id, DateTime.Now, DateTime.Now.AddDays(1), new Guid[] { });
var signedRootCrl = new Signed<RevocationList>(rootCrl, this.root);
this.storage.AddRevocationList(signedRootCrl);
this.intermediate = new CACertificate(null, "Intermediate");
this.intermediate.CreateSelfSignature();
this.intermediate.AddSignature(this.root, DateTime.Now.AddDays(1));
this.storage.Add(intermediate.OnlyPublicPart);
var intermediateCrl = new RevocationList(this.intermediate.Id, DateTime.Now, DateTime.Now.AddDays(1), new Guid[] { });
var signedIntermediateCrl = new Signed<RevocationList>(intermediateCrl, this.intermediate);
this.storage.AddRevocationList(signedIntermediateCrl);
this.admin = new AdminCertificate(Language.English, null, "Test");
this.admin.CreateSelfSignature();
this.admin.AddSignature(this.intermediate, DateTime.Now.AddDays(1));
this.eve = new AdminCertificate(Language.English, null, "Eve");
this.eve.CreateSelfSignature();
this.eve.AddSignature(this.intermediate, DateTime.Now.AddDays(1));
}
public void Display(CertificateAuthorityEntry entry, CertificateStorage storage, Certificate caCertificate)
{
Certificate certificate = entry.Certificate;
SignatureRequest request = entry.RequestValue(caCertificate);
this.idTextBox.Text = certificate.Id.ToString();
this.typeTextBox.Text = certificate.TypeText;
this.nameTextBox.Text = certificate.FullName;
this.emailAddressTextBox.Text = request.EmailAddress;
this.cantonTextBox.Text = certificate is VoterCertificate ? GroupList.GetGroupName(((VoterCertificate)certificate).GroupId) : "N/A";
this.fingerprintTextBox.Text = certificate.Fingerprint;
this.language = certificate.Language;
this.certificate = entry.Certificate;
LibraryResources.Culture = Language.English.ToCulture();
this.reasonComboBox.Items.Add(LibraryResources.RevokedMoved);
this.reasonComboBox.Items.Add(LibraryResources.RevokedStolen);
this.reasonComboBox.Items.Add(LibraryResources.RevokedLost);
this.reasonComboBox.Items.Add(LibraryResources.RevokedForgotten);
this.reasonComboBox.Items.Add(LibraryResources.RevokedError);
if (entry.Certificate is VoterCertificate)
{
this.reasonComboBox.Items.Add(LibraryResources.RevokedNoLonger);
}
else
{
this.reasonComboBox.Items.Add(LibraryResources.RevokedNoMoreFx);
}
}
protected PiVoteAction(IrcBot botMethods, VotingClient client, CertificateStorage certificateStorage, IrcEventArgs eventArgs)
{
BotMethods = botMethods;
Client = client;
CertificateStorage = certificateStorage;
EventArgs = eventArgs;
}
public KioskServer(CertificateStorage certificateStorage, Certificate serverCertificate)
{
Requests = new Queue<RequestContainer>();
this.certificateStorageBinary = certificateStorage.ToBinary();
this.serverCertificateBinary = serverCertificate.ToBinary();
this.tcpServer = new TcpServer(this);
}
public static void ShowCertificate(Certificate certificate, CertificateStorage certificateStorage, DateTime validationDate)
{
CertificateForm form = new CertificateForm();
form.SetLanguage();
form.certificateControl.ValidationDate = validationDate;
form.certificateControl.CertificateStorage = certificateStorage;
form.certificateControl.Certificate = certificate;
form.ShowDialog();
}
public BadShareProof(int complainingAuthorityIndex, CertificateStorage certificateStorage, Signed<VotingParameters> signedParameters, AllShareParts allShareParts, IDictionary<int, TrapDoor> trapDoors, IDictionary<int, Certificate> authorities)
{
ComplainingAuthorityIndex = complainingAuthorityIndex;
CertificateStorage = certificateStorage;
SignedParameters = signedParameters;
AllShareParts = allShareParts;
TrapDoors = new Dictionary<int, TrapDoor>(trapDoors);
Authorities = new Dictionary<int, Certificate>(authorities);
}
private void Master_Load(object sender, EventArgs e)
{
CenterToScreen();
this.certificateStorage = new CertificateStorage();
if (!this.certificateStorage.TryLoadRoot())
{
MessageForm.Show("Root certificate not found.", "Certificate Prover", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
public void Set(Signature signature, CertificateStorage certificateStorage)
{
this.caIdTextBox.Text = signature.SignerId.ToString();
this.validFromTextBox.Text = signature.ValidFrom.ToString();
this.validUntilTextBox.Text = signature.ValidUntil.ToString();
if (certificateStorage.Has(signature.SignerId))
{
this.caNameTextBox.Text = ((CACertificate)certificateStorage.Get(signature.SignerId)).FullName;
}
else
{
this.caNameTextBox.Text = "N/A";
}
}
public TallyAction(IrcBot botMethods, VotingClient client, CertificateStorage certificateStorage, IrcEventArgs eventArgs)
: base(botMethods, client, certificateStorage, eventArgs)
{
if (eventArgs.Data.MessageArray.Length == 2)
{
int votingNumberTemp;
if (int.TryParse(eventArgs.Data.MessageArray[1], out votingNumberTemp))
{
if (votingNumberTemp >= 0)
{
votingNumber = votingNumberTemp;
}
}
}
}
public void Set(CACertificate certificate, CertificateStorage certificateStorage)
{
this.caInfo.Certificate = certificate;
int index = 0;
Height = this.caPanel.Height + this.okPanel.Height + 30;
foreach (Signature signature in certificate.Signatures)
{
SignatureInfoControl signatureInfo = new SignatureInfoControl();
signatureInfo.Title = string.Format("Parent #{0} Authority", index);
signatureInfo.Set(signature, certificateStorage);
signatureInfo.Left = this.caInfo.Left;
signatureInfo.Top = index * (signatureInfo.Height + 10);
this.parentsPanel.Controls.Add(signatureInfo);
Height = (index + 1) * (signatureInfo.Height + 10) + this.caPanel.Height + this.okPanel.Height + 30;
index++;
}
}
public void VotingServerTest()
{
TcpRpcServer server = new TcpRpcServer(new VotingRpcServer());
server.Start();
CertificateStorage storage = new CertificateStorage();
TcpRpcClient client = new TcpRpcClient();
client.Connect(new IPEndPoint(IPAddress.Loopback, 4242));
Assert.IsTrue(client.Connected);
VotingRpcProxy proxy = new VotingRpcProxy(client);
proxy.Start();
var ids = proxy.FetchVotingIds();
proxy.Stop();
client.Disconnect();
Assert.IsFalse(client.Connected);
server.Stop();
}
/// <summary>
/// Create a new voter client.
/// </summary>
/// <param name="certificateStorage">Certificate storage</param>
public VotingClient(CertificateStorage certificateStorage)
{
this.certificateStorage = certificateStorage;
this.client = new TcpRpcClient();
this.operations = new Queue<Operation>();
this.run = true;
this.masterThread = new Thread(RunMaster);
this.masterThread.Start();
}
/// <summary>
/// Creates a new authority entity, loading data from file.
/// </summary>
/// <param name="certificateStorage">Certificate storage.</param>
/// <param name="certificate">Certificate of the authority.</param>
/// <param name="authorityFileName">File name to load data from.</param>
public AuthorityEntity(CertificateStorage certificateStorage, AuthorityCertificate certificate, string authorityFileName)
{
this.certificate = certificate;
this.certificateStorage = certificateStorage;
Load(authorityFileName);
}
/// <summary>
/// Get voting list from server.
/// </summary>
/// <param name="certificateStorage">Certificate storage.</param>
/// <param name="dataPath">Path where program data is stored.</param>
/// <param name="callBack">Callback upon completion.</param>
public void GetVotingList(CertificateStorage certificateStorage, string dataPath, GetVotingListCallBack callBack)
{
lock (this.operations)
{
this.operations.Enqueue(new GetVotingListOperation(certificateStorage, dataPath, callBack));
}
}
/// <summary>
/// Set a certificate storage on the server.
/// </summary>
/// <param name="certificateStorage">Certificate storage to add to the server's data.</param>
/// <param name="callBack">Callback upon completion</param>
public void SetCertificateStorage(CertificateStorage certificateStorage, SetCertificateStorageCallBack callBack)
{
lock (this.operations)
{
this.operations.Enqueue(new SetCertificateStorageOperation(certificateStorage, callBack));
}
}
private bool LoadFiles()
{
this.dataPath = Path.Combine(Application.StartupPath, DataPathPart);
if (!Directory.Exists(this.dataPath))
{
Directory.CreateDirectory(this.dataPath);
}
if (File.Exists(DataPath(CaCertFileName)))
{
CaCertificate = Serializable.Load<CACertificate>(DataPath(CaCertFileName));
if (!DecryptCaKeyDialog.TryUnlock(CaCertificate))
{
return false;
}
}
if (File.Exists(DataPath(StorageFileName)))
{
CertificateStorage = Serializable.Load<CertificateStorage>(DataPath(StorageFileName));
}
else
{
CertificateStorage = new CertificateStorage();
CertificateStorage.Save(DataPath(StorageFileName));
}
foreach (Signed<RevocationList> signedRevocationList in CertificateStorage.SignedRevocationLists.Where(list => list.Certificate.IsIdentic(CaCertificate)))
{
AddRevocationList(signedRevocationList.Value);
}
return true;
}
/// <summary>
/// Push certificate storage to the server.
/// </summary>
/// <param name="certificateStorage">Certificate storage to add to the server's data.</param>
public void PushCertificateStorage(CertificateStorage certificateStorage)
{
var request = new PushCertificateStorageRequest(Guid.NewGuid(), certificateStorage);
var response = Execute<PushCertificateStorageResponse>(request);
}
private bool ConnectToServer()
{
table.AddHeaderRow(2, "Pi-Vote Server");
string fileName = Path.Combine(Request.PhysicalApplicationPath, "server.pi-cert");
if (File.Exists(fileName))
{
this.serverCertificate = Serializable.Load<ServerCertificate>(fileName);
}
else
{
table.AddRow("Connection:", "N/A");
table.AddRow(string.Empty, "Server certifcate not found.");
table.AddSpaceRow(2, 32);
return false;
}
try
{
this.client = new TcpRpcClient();
this.client.Connect(new IPEndPoint(IPAddress.Loopback, 4242));
this.proxy = new VotingRpcProxy(client);
}
catch
{
table.AddRow("Connection:", "Failed");
table.AddRow(string.Empty, "Pi-Vote server connection failed.");
table.AddSpaceRow(2, 32);
return false;
}
try
{
var result = proxy.FetchCertificateStorage();
this.certificateStorage = new CertificateStorage();
this.certificateStorage.TryLoadRoot(Request.PhysicalApplicationPath);
this.certificateStorage.Add(result.First);
}
catch
{
table.AddRow("Connection:", "Failed");
table.AddRow(string.Empty, "Cannot download certificate storage.");
table.AddSpaceRow(2, 32);
return false;
}
table.AddRow("Connection:", "Ok");
table.AddSpaceRow(2, 32);
return true;
}
/// <summary>
/// Creates a new summation of votes.
/// </summary>
/// <param name="parameters">Voting parameters.</param>
/// <param name="certificateStorage">Certificate storage to verify against.</param>
/// <param name="publicKey">Public key with which the votes where encrypted.</param>
public Tally(
VotingParameters parameters,
CertificateStorage certificateStorage,
BigInt publicKey,
int checkProofCount)
{
this.rng = RandomNumberGenerator.Create();
this.parameters = parameters;
this.proofCheckCount = Math.Min(parameters.ProofCount, checkProofCount);
this.certificateStorage = certificateStorage;
this.publicKey = publicKey;
this.voteSums = new Vote[this.parameters.Questions.Count()][];
for (int questionIndex = 0; questionIndex < this.parameters.Questions.Count(); questionIndex++)
{
Question question = this.parameters.Questions.ElementAt(questionIndex);
this.voteSums[questionIndex] = new Vote[question.Options.Count()];
}
this.result = new VotingResult(this.parameters.VotingId, this.parameters);
this.partialDeciphers = new List<PartialDecipher>();
this.countedVoters = new List<Guid>();
this.nextEnvelopeIndex = 0;
this.envelopeSequencerList = new Dictionary<int, Tuple<Signed<Envelope>, bool>>();
EnvelopeHash = new byte[] { };
EnvelopeCount = 0;
ValidEnvelopeCount = 0;
CryptoLog.Begin(CryptoLogLevel.Summary, "Begin tallying");
CryptoLog.Add(CryptoLogLevel.Summary, "Voting id", parameters.VotingId);
CryptoLog.Add(CryptoLogLevel.Summary, "Voting title", parameters.Title.Text);
CryptoLog.Add(CryptoLogLevel.Detailed, "ProofCount", parameters.ProofCount);
CryptoLog.Add(CryptoLogLevel.Detailed, "Thereshold", parameters.Thereshold);
CryptoLog.Add(CryptoLogLevel.Numeric, "P", parameters.P);
CryptoLog.Add(CryptoLogLevel.Numeric, "G", parameters.G);
CryptoLog.Add(CryptoLogLevel.Numeric, "F", parameters.F);
CryptoLog.Add(CryptoLogLevel.Numeric, "Q", parameters.Q);
CryptoLog.EndWrite();
}
public void DataTest()
{
CertificateStorage storage = new CertificateStorage();
CACertificate root = new CACertificate(null, "Root");
root.CreateSelfSignature();
storage.AddRoot(root.OnlyPublicPart);
var rootCrl = new RevocationList(root.Id, DateTime.Now, DateTime.Now.AddDays(1), new Guid[] { });
var signedRootCrl = new Signed<RevocationList>(rootCrl, root);
storage.AddRevocationList(signedRootCrl);
CACertificate intermediate = new CACertificate(null, "Intermediate");
intermediate.CreateSelfSignature();
intermediate.AddSignature(root, DateTime.Now.AddDays(1));
storage.Add(intermediate.OnlyPublicPart);
var intermediateCrl = new RevocationList(intermediate.Id, DateTime.Now, DateTime.Now.AddDays(1), new Guid[] { });
var signedIntermediateCrl = new Signed<RevocationList>(intermediateCrl, intermediate);
storage.AddRevocationList(signedIntermediateCrl);
AdminCertificate test = new AdminCertificate(Language.English, null, "Test");
test.CreateSelfSignature();
test.AddSignature(intermediate, DateTime.Now.AddDays(1));
byte[] data = test.ToBinary();
data[data.Length - 3]++;
AdminCertificate other = Serializable.FromBinary<AdminCertificate>(data);
Assert.AreEqual(CertificateValidationResult.SelfsignatureInvalid, other.Validate(storage));
}
/// <summary>
/// Create a new signature responses set operation.
/// </summary>
/// <param name="certificateStorage">Certificate storage to add to the server's data.</param>
/// <param name="callBack">Callback upon completion.</param>
public SetCertificateStorageOperation(CertificateStorage certificateStorage, SetCertificateStorageCallBack callBack)
{
this.certificateStorage = certificateStorage;
this.callBack = callBack;
}
/// <summary>
/// Create a new voting list get operation.
/// </summary>
/// <param name="certificateStorage">Certificate storage to check against.</param>
/// <param name="dataPath">Path where program data is stored.</param>
/// <param name="callBack">Callback upon completion.</param>
public GetVotingListOperation(CertificateStorage certificateStorage, string dataPath, GetVotingListCallBack callBack)
{
this.certificateStorage = certificateStorage;
this.dataPath = dataPath;
this.callBack = callBack;
}
public void RevocationTest()
{
CertificateStorage storage = new CertificateStorage();
CACertificate root = new CACertificate(null, "Root");
root.CreateSelfSignature();
storage.AddRoot(root.OnlyPublicPart);
var rootCrl = new RevocationList(root.Id, DateTime.Now, DateTime.Now.AddYears(10), new Guid[] { });
var signedRootCrl = new Signed<RevocationList>(rootCrl, root);
storage.AddRevocationList(signedRootCrl);
CACertificate intermediate = new CACertificate(null, "Intermediate");
intermediate.CreateSelfSignature();
intermediate.AddSignature(root, DateTime.Now.AddYears(10));
storage.Add(intermediate.OnlyPublicPart);
AdminCertificate test = new AdminCertificate(Language.English, null, "Test");
test.CreateSelfSignature();
test.AddSignature(intermediate, DateTime.Now.AddYears(10));
for (int startDay = 0; startDay < 10; startDay += 2)
{
DateTime validFrom = DateTime.Now.AddDays(startDay);
DateTime validUntil = validFrom.AddDays(1);
IEnumerable<Guid> revoked = startDay > 5 ? new Guid[] { test.Id } : new Guid[] { };
var intermediateCrl = new RevocationList(intermediate.Id, validFrom, validUntil, revoked);
var signedIntermediateCrl = new Signed<RevocationList>(intermediateCrl, intermediate);
storage.AddRevocationList(signedIntermediateCrl);
}
Assert.AreEqual(CertificateValidationResult.Valid, test.Validate(storage, DateTime.Now));
Assert.AreEqual(CertificateValidationResult.Valid, test.Validate(storage, DateTime.Now.AddDays(1)));
Assert.AreEqual(CertificateValidationResult.Valid, test.Validate(storage, DateTime.Now.AddDays(2)));
Assert.AreEqual(CertificateValidationResult.Valid, test.Validate(storage, DateTime.Now.AddDays(3)));
Assert.AreEqual(CertificateValidationResult.Valid, test.Validate(storage, DateTime.Now.AddDays(4)));
Assert.AreEqual(CertificateValidationResult.Valid, test.Validate(storage, DateTime.Now.AddDays(5)));
Assert.AreEqual(CertificateValidationResult.Revoked, test.Validate(storage, DateTime.Now.AddDays(6)));
Assert.AreEqual(CertificateValidationResult.Revoked, test.Validate(storage, DateTime.Now.AddDays(7)));
Assert.AreEqual(CertificateValidationResult.Revoked, test.Validate(storage, DateTime.Now.AddDays(8)));
Assert.AreEqual(CertificateValidationResult.Revoked, test.Validate(storage, DateTime.Now.AddDays(9)));
Assert.AreEqual(CertificateValidationResult.CrlMissing, test.Validate(storage, DateTime.Now.AddDays(10)));
Assert.AreEqual(CertificateValidationResult.CrlMissing, test.Validate(storage, DateTime.Now.AddDays(11)));
Assert.AreEqual(CertificateValidationResult.CrlMissing, test.Validate(storage, DateTime.Now.AddDays(12)));
Assert.AreEqual(CertificateValidationResult.CrlMissing, test.Validate(storage, DateTime.Now.AddDays(30)));
Assert.AreEqual(CertificateValidationResult.CrlMissing, test.Validate(storage, DateTime.Now.AddYears(1)));
Assert.AreEqual(CertificateValidationResult.CrlMissing, test.Validate(storage, DateTime.Now.AddYears(5)));
}
/// <summary>
/// Clones only CA certificates and CRLs.
/// </summary>
/// <remarks>
/// Does NOT copy root property of certificates.
/// </remarks>
/// <returns>Memory copy of certificate storage.</returns>
public CertificateStorage CloneOnlyCA()
{
CertificateStorage certificateStorage = new CertificateStorage();
certificateStorage.AddOnlyCA(this);
return certificateStorage;
}
public VoterEntity(CertificateStorage certificateStorage)
{
CertificateStorage = certificateStorage;
}
/// <summary>
/// Create a new authority entity.
/// </summary>
/// <param name="certificate">Certificate of authority.</param>
public AuthorityEntity(CertificateStorage certificateStorage, AuthorityCertificate certificate)
{
this.certificate = certificate;
this.certificateStorage = certificateStorage;
}
/// <summary>
/// Add a certificate storage to the server's data.
/// </summary>
/// <remarks>
/// Used to add new CRLs.
/// </remarks>
/// <param name="certificateStorage">Certificate storage to add.</param>
public void AddCertificateStorage(
IRpcConnection connection,
CertificateStorage certificateStorage)
{
if (!certificateStorage.SignedRevocationLists.All(crl => crl.Certificate is CACertificate &&
crl.Value.IssuerId.Equals(crl.Certificate.Id) &&
crl.Verify(CertificateStorage)))
{
Logger.Log(LogLevel.Warning,
"Connection {0}: Add certificate storage failed; Signature on CRL or issuer not valid.",
connection.Id);
throw new PiSecurityException(ExceptionCode.InvalidSignature, "Signature on CRL or issuer not valid.");
}
CertificateStorage.Add(certificateStorage.SignedRevocationLists);
var validCertificates = certificateStorage.Certificates
.Where(certificate => certificate.Validate(CertificateStorage) == CertificateValidationResult.Valid &&
certificate.AllSignaturesValid(CertificateStorage));
CertificateStorage.Add(validCertificates);
Logger.Log(LogLevel.Info,
"Connection {0}: Certificate storage added.",
connection.Id);
}
public override void Activate()
{
actionQueue = new Queue<PiVoteAction>();
certificateStorage = new CertificateStorage();
if (!certificateStorage.TryLoadRoot("./root.pi-cert"))
{
throw new Exception("Cannot find root certificate file.");
}
client = new VotingClient(certificateStorage);
var serverIpAddress = Dns.GetHostEntry(PiVoteServerAddress).AddressList.First();
var serverIpEndPoint = new IPEndPoint(serverIpAddress, PiVoteServerPort);
client.Connect(serverIpEndPoint);
BotMethods.AddCommand(new Commandlet(CommandListVotings, CommandListVotingsDescription, ListVotingsHandler, this));
BotMethods.AddCommand(new Commandlet(CommandTally, CommandTallyDescription, TallyHandler, this));
BotMethods.AddCommand(new Commandlet(CommandStatus, CommandStatusDescription, StatusHandler, this));
base.Activate();
}
