public void GeneratesValidSignatureXml() { //Arrange var signatureGenerator = DomainUtility.GetSignature(); var xml = signatureGenerator.Xml().InnerXml; var signatureValidator = new SignatureValidator(); //Act var isValidSignatureXml = signatureValidator.Validate(xml); var signatureLength = xml.Length; //Assert Assert.True(isValidSignatureXml); Assert.True(signatureLength > 3200); }
static bool Validate(byte[] tbsCertificate, byte[] subjectPublicKeyInfo, byte[] signatureAlgorithm, byte[] signatureValue) { SignedData signedData = new SignedData(); signedData.subjectPublicKeyInfo = subjectPublicKeyInfo; signedData.signedData = tbsCertificate; signedData.signatureAlgorithm = signatureAlgorithm; signedData.signatureValue = signatureValue; return(SignatureValidator.Validate(signedData)); //todo: Signature will be validated using parameter fields //now always return signature is valid //todo: add real implementation code return(true); }
protected JupyterRequestHandlerTestBase(ITestOutputHelper output) { _disposables.Add(output.SubscribeToPocketLogger()); Kernel = new CompositeKernel { new CSharpKernel() }.UseDefaultMagicCommands(); _disposables.Add(Kernel.LogEventsToPocketLogger()); var signatureValidator = new SignatureValidator("key", "HMACSHA256"); ServerRecordingSocket = new RecordingSocket(); ServerChannel = new MessageSender(ServerRecordingSocket, signatureValidator); IoRecordingSocket = new RecordingSocket(); IoPubChannel = new MessageSender(IoRecordingSocket, signatureValidator); }
public async Task CreatedSignature_FromRequestWithNoContent_CanBeValidated() { var sut = new SignatureCreator(); IEnumerable <KeyValuePair <string, IEnumerable <string> > > headers = new List <KeyValuePair <string, IEnumerable <string> > >(); var signature = sut.CreateWithoutContent(HttpMethod.Get, headers, _applicationUri, DateTime.UtcNow.ToTimeStamp(), new Nonce(), _scope, _apiKey); var validator = new SignatureValidator(); var request = new HttpRequestMessage(HttpMethod.Get, _applicationUri) { Content = new StringContent(string.Empty) }; request.Headers.Add("Authorization", signature); (await validator.Validate(request, _scope, _apiKey)).ShouldBe(true); }
private static bool ValidateRevokeSubCaCertificateRequestSignature(Certificate subCACertificate, byte[] signature) { Logger.log("Starting Validate Revoke SubCA Certificate Request Signature"); Logger.log("Request Signature"); Logger.log(signature); Logger.log("Checking Revoke SubCA Certificate Request Signature with SubCA Certificate Public Key"); bool verified = SignatureValidator.CheckRevokeSubCACertificateRequestSignature(signature, subCACertificate, subCACertificate); if (verified) { Logger.log("Verified Revoke SubCA Certificate Request Signature with SubCA Certificate Public Key"); return(true); } Certificate issuerCACertificate = CertificateChainValidator.FindIssuerCaCertificate(subCACertificate); if (!issuerCACertificate.IsLoaded) { Logger.log("Can not find issuer certificate, so returning signature verification failed"); return(false); } verified = SignatureValidator.CheckRevokeSubCACertificateRequestSignature(signature, subCACertificate, issuerCACertificate); if (verified) { Logger.log( "Verified Revoke SubCA Certificate Request Signature with SubCA Certificate Issuer Public Key"); return(true); } Logger.log("Finished Validate Revoke SubCA Certificate Request Signature. Result :", verified); return(verified); }
public static void Main(string[] args) { if (args == null || args.Length != 1) { throw new ArgumentException("Expected 1 argument with zmq connection information file"); } var conn = GetConnectionInformation(args[0]); var signatureAlgorithm = conn.SignatureScheme.Replace("-", "").ToUpperInvariant(); var signatureValidator = new SignatureValidator(conn.Key, signatureAlgorithm); MessageSender.Initialize(signatureValidator); // Start the shell new Thread(() => StartShellLoop(conn.ShellAddress, conn.IoPubAddress)).Start(); Log.Info("Shell started"); // Start the heartbeat new Thread(() => StartHeartbeatLoop(conn.HeartbeatAddress)).Start(); Log.Info("Heartbeat started"); StopEvent.Wait(); Thread.Sleep(60000); }
internal bool ExtractHubTwinAndVerify(TwinCollection twinDesiredProperties) { try { // Extract Desired properties JObject desiredProperties = new JObject(); JObject twinJobject = JObject.Parse(twinDesiredProperties.ToString()); desiredProperties["routes"] = twinJobject["routes"]; desiredProperties["schemaVersion"] = twinJobject["schemaVersion"]; desiredProperties["storeAndForwardConfiguration"] = twinJobject["storeAndForwardConfiguration"]; if (desiredProperties["mqttBroker"] != null) { desiredProperties["mqttBroker"] = twinJobject["mqttBroker"]; } // Check if Manifest Trust Bundle is configured X509Certificate2 manifestTrustBundleRootCertificate; if (!this.manifestTrustBundle.HasValue && twinJobject["integrity"] == null) { // Actual code path would never get here as we check enablement before this. Added for Unit test purpose only. Events.ManifestSigningIsNotEnabled(); throw new ManifestSigningIsNotEnabledProperly("Manifest Signing is Disabled."); } else if (!this.manifestTrustBundle.HasValue && twinJobject["integrity"] != null) { Events.ManifestTrustBundleIsNotConfigured(); throw new ManifestSigningIsNotEnabledProperly("Deployment manifest is signed but the Manifest Trust bundle is not configured. Please configure in config.toml"); } else if (this.manifestTrustBundle.HasValue && twinJobject["integrity"] == null) { Events.DeploymentManifestIsNotSigned(); throw new ManifestSigningIsNotEnabledProperly("Manifest Trust bundle is configured but the Deployment manifest is not signed. Please sign it."); } else { // deployment manifest is signed and also the manifest trust bundle is configured manifestTrustBundleRootCertificate = this.manifestTrustBundle.OrDefault(); } // Extract Integrity header section JToken integrity = twinJobject["integrity"]; JToken header = integrity["header"]; // Extract Signer Cert section JToken signerCertJtoken = integrity["header"]["signercert"]; string signerCombinedCert = signerCertJtoken.Aggregate(string.Empty, (res, next) => res + next); X509Certificate2 signerCert = new X509Certificate2(Convert.FromBase64String(signerCombinedCert)); // Extract Intermediate CA Cert section JToken intermediatecacertJtoken = integrity["header"]["intermediatecacert"]; string intermediatecacertCombinedCert = signerCertJtoken.Aggregate(string.Empty, (res, next) => res + next); X509Certificate2 intermediatecacert = new X509Certificate2(Convert.FromBase64String(intermediatecacertCombinedCert)); // Extract Signature bytes and algorithm section JToken signature = integrity["signature"]["bytes"]; byte[] signatureBytes = Convert.FromBase64String(signature.ToString()); JToken algo = integrity["signature"]["algorithm"]; string algoStr = algo.ToString(); KeyValuePair <string, HashAlgorithmName> algoResult = SignatureValidator.ParseAlgorithm(algoStr); // Extract the manifest trust bundle certificate and verify chaining bool signatureVerified = false; using (IDisposable verificationTimer = Metrics.StartTwinSignatureTimer()) { // Currently not verifying the chaining as Manifest signer client already does that. // There is known bug in which the certs are not processed correctly which breaks the chaining verification. signatureVerified = SignatureValidator.VerifySignature(desiredProperties.ToString(), header.ToString(), signatureBytes, signerCert, algoResult.Key, algoResult.Value); } Metrics.ReportTwinSignatureResult(signatureVerified, algoStr); if (signatureVerified) { Events.ExtractHubTwinSucceeded(); } return(signatureVerified); } catch (Exception ex) { Metrics.ReportTwinSignatureResult(false); Events.ExtractHubTwinAndVerifyFailed(ex); throw ex; } }
public void testEncoding() { var tuple = new StringTuple("user[email]", "*****@*****.**"); var result = new SignatureValidator().PercentEncode(tuple); Assert.AreEqual("user%5Bemail%5D", result.Key); Assert.AreEqual("fred%40example.com", result.Value); }
internal bool ExtractHubTwinAndVerify(TwinCollection twinDesiredProperties) { try { // Extract Desired properties JObject desiredProperties = new JObject(); JObject twinJobject = JObject.Parse(twinDesiredProperties.ToString()); desiredProperties["routes"] = twinJobject["routes"]; desiredProperties["schemaVersion"] = twinJobject["schemaVersion"]; desiredProperties["storeAndForwardConfiguration"] = twinJobject["storeAndForwardConfiguration"]; if (desiredProperties["mqttBroker"] != null) { desiredProperties["mqttBroker"] = twinJobject["mqttBroker"]; } // Check if Manifest Trust Bundle is configured X509Certificate2 manifestTrustBundleRootCertificate; if (!this.manifestTrustBundle.HasValue && twinJobject["integrity"] == null) { // Actual code path would never get here as we check enablement before this. Added for Unit test purpose only. Events.ManifestSigningIsNotEnabled(); throw new ManifestSigningIsNotEnabledProperly("Manifest Signing is Disabled."); } else if (!this.manifestTrustBundle.HasValue && twinJobject["integrity"] != null) { Events.ManifestTrustBundleIsNotConfigured(); throw new ManifestSigningIsNotEnabledProperly("Deployment manifest is signed but the Manifest Trust bundle is not configured. Please configure in config.toml"); } else if (this.manifestTrustBundle.HasValue && twinJobject["integrity"] == null) { Events.DeploymentManifestIsNotSigned(); throw new ManifestSigningIsNotEnabledProperly("Manifest Trust bundle is configured but the Deployment manifest is not signed. Please sign it."); } else { // deployment manifest is signed and also the manifest trust bundle is configured manifestTrustBundleRootCertificate = this.manifestTrustBundle.OrDefault(); } // Extract Integrity header section JToken integrity = twinJobject["integrity"]; JToken header = integrity["header"]; // Extract Signer Cert section JToken signerCertJtoken = integrity["header"]["signercert"]; string signerCombinedCert = signerCertJtoken.Aggregate(string.Empty, (res, next) => res + next); X509Certificate2 signerCert = new X509Certificate2(Convert.FromBase64String(signerCombinedCert)); // Extract Intermediate CA Cert section JToken intermediatecacertJtoken = integrity["header"]["intermediatecacert"]; string intermediatecacertCombinedCert = signerCertJtoken.Aggregate(string.Empty, (res, next) => res + next); X509Certificate2 intermediatecacert = new X509Certificate2(Convert.FromBase64String(intermediatecacertCombinedCert)); // Extract the manifest trust bundle certificate and verify chaining if (!CertificateHelper.VerifyManifestTrustBunldeCertificateChaining(signerCert, intermediatecacert, manifestTrustBundleRootCertificate)) { throw new ManifestTrustBundleChainingFailedException("The signer cert with or without the intermediate CA cert in the twin does not chain up to the Manifest Trust Bundle Root CA configured in the device"); } // Extract Signature bytes and algorithm section JToken signature = integrity["signature"]["bytes"]; byte[] signatureBytes = Convert.FromBase64String(signature.ToString()); JToken algo = integrity["signature"]["algorithm"]; KeyValuePair <string, HashAlgorithmName> algoResult = SignatureValidator.ParseAlgorithm(algo.ToString()); Events.ExtractHubTwinSucceeded(); return(SignatureValidator.VerifySignature(desiredProperties.ToString(), header.ToString(), signatureBytes, signerCert, algoResult.Key, algoResult.Value)); } catch (Exception ex) { Events.ExtractHubTwinAndVerifyFailed(ex); throw ex; } }
public void Validate_SignatureValid_ThrowsNoException() { SignatureValidator validator = new SignatureValidator(TestConfiguration.Create()); validator.Validate(new byte[] { 42 }, "aajPtaEL8oyiitLlTbSzkFCTDQ7Lr0m/89eDhe6tFx4="); }
public SignatureValidatorIntegrationTests(CertificateIntegrationTestFixture fixture, ITestOutputHelper output) { _fixture = fixture ?? throw new ArgumentNullException(nameof(fixture)); _output = output ?? throw new ArgumentNullException(nameof(output)); _validationEntitiesContext = new Mock <IValidationEntitiesContext>(); _validationEntitiesContext .Setup(x => x.PackageSigningStates) .Returns(DbSetMockFactory.Create <PackageSigningState>()); _validationEntitiesContext .Setup(x => x.ParentCertificates) .Returns(DbSetMockFactory.Create <ParentCertificate>()); _validationEntitiesContext .Setup(x => x.EndCertificates) .Returns(DbSetMockFactory.Create <EndCertificate>()); _validationEntitiesContext .Setup(x => x.CertificateChainLinks) .Returns(DbSetMockFactory.Create <CertificateChainLink>()); _validationEntitiesContext .Setup(x => x.PackageSignatures) .Returns(DbSetMockFactory.Create <PackageSignature>()); _validationEntitiesContext .Setup(x => x.TrustedTimestamps) .Returns(DbSetMockFactory.Create <TrustedTimestamp>()); var loggerFactory = new LoggerFactory(); loggerFactory.AddXunit(output); _packageSigningStateService = new PackageSigningStateService( _validationEntitiesContext.Object, loggerFactory.CreateLogger <PackageSigningStateService>()); _certificateStore = new Mock <ICertificateStore>(); _signaturePartsExtractor = new SignaturePartsExtractor( _certificateStore.Object, _validationEntitiesContext.Object, loggerFactory.CreateLogger <SignaturePartsExtractor>()); _packageFileService = new Mock <IProcessorPackageFileService>(); _nupkgUri = new Uri("https://example-storage/TestProcessor/b777135f-1aac-4ec2-a3eb-1f64fe1880d5/nuget.versioning.4.3.0.nupkg"); _packageFileService .Setup(x => x.GetReadAndDeleteUriAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <Guid>())) .ReturnsAsync(() => _nupkgUri); _packageFileService .Setup(x => x.SaveAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <Guid>(), It.IsAny <Stream>())) .Returns(Task.CompletedTask) .Callback <string, string, Guid, Stream>((_, __, ___, s) => { using (var memoryStream = new MemoryStream()) { s.Position = 0; s.CopyTo(memoryStream); _savedPackageBytes = memoryStream.ToArray(); } }); _corePackageService = new Mock <ICorePackageService>(); // These dependencies are concrete. _minimalPackageSignatureVerifier = PackageSignatureVerifierFactory.CreateMinimal(); _fullPackageSignatureVerifier = PackageSignatureVerifierFactory.CreateFull(); _telemetryClient = new Mock <ITelemetryClient>(); _telemetryService = new TelemetryService(_telemetryClient.Object); _logger = new RecordingLogger <SignatureValidator>(loggerFactory.CreateLogger <SignatureValidator>()); // Initialize data. _packageKey = 23; _message = new SignatureValidationMessage( "SomePackageId", "1.2.3", new Uri("https://example/validation/somepackageid.1.2.3.nupkg"), new Guid("8eb5affc-2d0e-4315-9b79-5a194d39ebd1")); _token = CancellationToken.None; // Initialize the subject of testing. _target = new SignatureValidator( _packageSigningStateService, _minimalPackageSignatureVerifier, _fullPackageSignatureVerifier, _signaturePartsExtractor, _packageFileService.Object, _corePackageService.Object, _telemetryService, _logger); }
private static bool AreSignaturesValidatorsEqual(SignatureValidator validator1, SignatureValidator validator2, CompareContext context) { var localContext = new CompareContext(context); ContinueCheckingEquality(validator1, validator2, context); return(context.Merge(localContext)); }
public ValidateAsync(ITestOutputHelper output) { _packageStream = TestResources.GetResourceStream(TestResources.UnsignedPackage); _packageKey = 42; _message = new SignatureValidationMessage( "NuGet.Versioning", "4.3.0", new Uri("https://example/nuget.versioning.4.3.0.nupkg"), new Guid("b777135f-1aac-4ec2-a3eb-1f64fe1880d5")); _cancellationToken = CancellationToken.None; _packageSigningStateService = new Mock <IPackageSigningStateService>(); _formatValidator = new Mock <ISignatureFormatValidator>(); _minimalVerifyResult = new VerifySignaturesResult(isValid: true, isSigned: true); _formatValidator .Setup(x => x.ValidateMinimalAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <CancellationToken>())) .ReturnsAsync(() => _minimalVerifyResult); _fullVerifyResult = new VerifySignaturesResult(isValid: true, isSigned: true); _formatValidator .Setup(x => x.ValidateAllSignaturesAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <bool>(), It.IsAny <CancellationToken>())) .ReturnsAsync(() => _fullVerifyResult); _authorSignatureVerifyResult = new VerifySignaturesResult(isValid: true, isSigned: true); _formatValidator .Setup(x => x.ValidateAuthorSignatureAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <CancellationToken>())) .ReturnsAsync(() => _authorSignatureVerifyResult); _repositorySignatureVerifyResult = new VerifySignaturesResult(isValid: true, isSigned: true); _formatValidator .Setup(x => x.ValidateRepositorySignatureAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <CancellationToken>())) .ReturnsAsync(() => _repositorySignatureVerifyResult); _signaturePartsExtractor = new Mock <ISignaturePartsExtractor>(); _corePackageService = new Mock <ICorePackageService>(); var loggerFactory = new LoggerFactory().AddXunit(output); _logger = loggerFactory.CreateLogger <SignatureValidator>(); _packageFileService = new Mock <IProcessorPackageFileService>(); _nupkgUri = new Uri("https://example-storage/TestProcessor/b777135f-1aac-4ec2-a3eb-1f64fe1880d5/nuget.versioning.4.3.0.nupkg"); _packageFileService .Setup(x => x.GetReadAndDeleteUriAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <Guid>())) .ReturnsAsync(() => _nupkgUri); _optionsSnapshot = new Mock <IOptionsSnapshot <ProcessSignatureConfiguration> >(); _configuration = new ProcessSignatureConfiguration { AllowedRepositorySigningCertificates = new List <string> { "fake-thumbprint" }, V3ServiceIndexUrl = TestResources.V3ServiceIndexUrl, StripValidRepositorySignatures = false, }; _optionsSnapshot.Setup(x => x.Value).Returns(() => _configuration); _telemetryService = new Mock <ITelemetryService>(); _target = new SignatureValidator( _packageSigningStateService.Object, _formatValidator.Object, _signaturePartsExtractor.Object, _packageFileService.Object, _corePackageService.Object, _optionsSnapshot.Object, _telemetryService.Object, _logger); }
static void Main() { // Initialize & Check if the given signer cert is issued by root CA try { // Check launch settings and display it CheckInputAndDisplayLaunchSettings(); // Verify certificate chaining if (!VerifyCertificate()) { throw new Exception("Please provide a signer cert issued by the given root CA"); } } catch (Exception e) { Console.WriteLine(e.ToString()); Environment.Exit(0); } // Read the deployment manifest file and get signature of each modules's desired properties try { var manifestFileHandle = File.OpenText(DeploymentManifestFilePath); var deploymentManifestContentJson = JObject.Parse(manifestFileHandle.ReadToEnd()); if (deploymentManifestContentJson["modulesContent"] != null) { // Get the DSA and SHA algorithm KeyValuePair <string, HashAlgorithmName> algoResult = SignatureValidator.ParseAlgorithm(DsaAlgorithm.ToString()); // Read the signer certificate and manifest version number and create integrity header object var header = GetIntegrityHeader(SignerCertPath); // Read each module's content and its desired properties var modulesContentJson = deploymentManifestContentJson["modulesContent"]; JObject modulesContentJobject = JObject.Parse(modulesContentJson.ToString()); foreach (JProperty property in modulesContentJobject.Properties()) { if (modulesContentJson[property.Name] != null) { if (modulesContentJson[property.Name]["properties.desired"] != null) { var modulesDesired = modulesContentJson[property.Name]["properties.desired"]; var moduleName = property.Name.ToString(); if (moduleName != "$edgeAgent" && moduleName != "$edgeHub") { Console.WriteLine($"Do you want to sign the desired properties of the module - {moduleName}? - Type Y or N to continue"); Console.WriteLine("!!! Important Note !!! - If the module's desired properties are signed then the module's application code has to be rewritten to verify signatures"); string userSigningChoice = Console.ReadLine(); if (userSigningChoice != "Y" && userSigningChoice != "y") { Console.WriteLine($"{moduleName} will not be signed"); continue; } } Console.WriteLine($"Signing Module: {property.Name}"); object signature = new { bytes = CertificateUtil.GetJsonSignature(algoResult.Key, algoResult.Value, modulesDesired.ToString(), header, SignerPrivateKeyPath), algorithm = DsaAlgorithm }; deploymentManifestContentJson["modulesContent"][property.Name]["properties.desired"]["integrity"] = JObject.FromObject(new { header, signature }); } else { throw new Exception($"Could not find {property.Name}'s desired properties in the manifest file"); } } else { throw new Exception($"Could not find {property.Name} in the manifest file"); } } using var signedDeploymentfile = File.CreateText(SignedDeploymentManifestFilePath); signedDeploymentfile.Write(deploymentManifestContentJson); } else { throw new Exception("Could not find modulesContent in the manifest file"); } } catch (Exception e) { Console.WriteLine(e.ToString()); Environment.Exit(0); } }
public static void Initialize(SignatureValidator signatureValidator) { _signatureValidator = signatureValidator; }
public static void VerifySignatureTest(bool expectedResult, string payload, string header, byte[] signatureBytes, X509Certificate2 signerCert, string algorithmScheme, HashAlgorithmName hashAlgorithm) { var actualResult = SignatureValidator.VerifySignature(payload, header, signatureBytes, signerCert, algorithmScheme, hashAlgorithm); Assert.Equal(actualResult, expectedResult); }
protected async Task RunTest(BlockchainTest test, Stopwatch stopwatch = null) { Assert.IsNull(test.LoadFailure, "test data loading failure"); // TODO: not supported in .NET Core, need to replace? // LoggingTraceListener traceListener = new LoggingTraceListener(); // Debug.Listeners.Clear(); // Debug.Listeners.Add(traceListener); ISnapshotableDb stateDb = new StateDb(); ISnapshotableDb codeDb = new StateDb(); IDb traceDb = new MemDb(); StateTree stateTree = new StateTree(stateDb); ISpecProvider specProvider; if (test.NetworkAfterTransition != null) { specProvider = new CustomSpecProvider( (0, Frontier.Instance), (1, test.Network), (test.TransitionBlockNumber, test.NetworkAfterTransition)); } else { specProvider = new CustomSpecProvider( (0, Frontier.Instance), // TODO: this thing took a lot of time to find after it was removed!, genesis block is always initialized with Frontier (1, test.Network)); } if (specProvider.GenesisSpec != Frontier.Instance) { Assert.Fail("Expected genesis spec to be Frontier for blockchain tests"); } DifficultyCalculator.Wrapped = new DifficultyCalculator(specProvider); IRewardCalculator rewardCalculator = new RewardCalculator(specProvider); IEthereumSigner signer = new EthereumSigner(specProvider, _logManager); ITransactionPool transactionPool = new TransactionPool(NullTransactionStorage.Instance, new PendingTransactionThresholdValidator(), new Timestamp(), signer, _logManager); IReceiptStorage receiptStorage = NullReceiptStorage.Instance; IBlockTree blockTree = new BlockTree(new MemDb(), new MemDb(), specProvider, transactionPool, _logManager); IBlockhashProvider blockhashProvider = new BlockhashProvider(blockTree); ISignatureValidator signatureValidator = new SignatureValidator(ChainId.MainNet); ITransactionValidator transactionValidator = new TransactionValidator(signatureValidator); IHeaderValidator headerValidator = new HeaderValidator(blockTree, SealEngine, specProvider, _logManager); IOmmersValidator ommersValidator = new OmmersValidator(blockTree, headerValidator, _logManager); IBlockValidator blockValidator = new BlockValidator(transactionValidator, headerValidator, ommersValidator, specProvider, _logManager); IStateProvider stateProvider = new StateProvider(stateTree, codeDb, _logManager); IStorageProvider storageProvider = new StorageProvider(stateDb, stateProvider, _logManager); IVirtualMachine virtualMachine = new VirtualMachine( stateProvider, storageProvider, blockhashProvider, _logManager); IBlockProcessor blockProcessor = new BlockProcessor( specProvider, blockValidator, rewardCalculator, new TransactionProcessor( specProvider, stateProvider, storageProvider, virtualMachine, _logManager), stateDb, codeDb, traceDb, stateProvider, storageProvider, transactionPool, receiptStorage, _logManager); IBlockchainProcessor blockchainProcessor = new BlockchainProcessor( blockTree, blockProcessor, new TxSignaturesRecoveryStep(signer, NullTransactionPool.Instance), _logManager, false, false); InitializeTestState(test, stateProvider, storageProvider, specProvider); List <(Block Block, string ExpectedException)> correctRlpsBlocks = new List <(Block, string)>(); for (int i = 0; i < test.Blocks.Length; i++) { try { TestBlockJson testBlockJson = test.Blocks[i]; var rlpContext = Bytes.FromHexString(testBlockJson.Rlp).AsRlpContext(); Block suggestedBlock = Rlp.Decode <Block>(rlpContext); suggestedBlock.Header.SealEngineType = test.SealEngineUsed ? SealEngineType.Ethash : SealEngineType.None; Assert.AreEqual(new Keccak(testBlockJson.BlockHeader.Hash), suggestedBlock.Header.Hash, "hash of the block"); for (int ommerIndex = 0; ommerIndex < suggestedBlock.Ommers.Length; ommerIndex++) { Assert.AreEqual(new Keccak(testBlockJson.UncleHeaders[ommerIndex].Hash), suggestedBlock.Ommers[ommerIndex].Hash, "hash of the ommer"); } correctRlpsBlocks.Add((suggestedBlock, testBlockJson.ExpectedException)); } catch (Exception) { _logger?.Info($"Invalid RLP ({i})"); } } if (correctRlpsBlocks.Count == 0) { Assert.AreEqual(new Keccak(test.GenesisBlockHeader.Hash), test.LastBlockHash); return; } if (test.GenesisRlp == null) { test.GenesisRlp = Rlp.Encode(new Block(Convert(test.GenesisBlockHeader))); } Block genesisBlock = Rlp.Decode <Block>(test.GenesisRlp.Bytes); Assert.AreEqual(new Keccak(test.GenesisBlockHeader.Hash), genesisBlock.Header.Hash, "genesis header hash"); ManualResetEvent genesisProcessed = new ManualResetEvent(false); blockTree.NewHeadBlock += (sender, args) => { if (args.Block.Number == 0) { Assert.AreEqual(genesisBlock.Header.StateRoot, stateTree.RootHash, "genesis state root"); genesisProcessed.Set(); } }; blockchainProcessor.Start(); blockTree.SuggestBlock(genesisBlock); genesisProcessed.WaitOne(); for (int i = 0; i < correctRlpsBlocks.Count; i++) { stopwatch?.Start(); try { if (correctRlpsBlocks[i].ExpectedException != null) { _logger.Info($"Expecting block exception: {correctRlpsBlocks[i].ExpectedException}"); } if (correctRlpsBlocks[i].Block.Hash == null) { throw new Exception($"null hash in {test.Name} block {i}"); } // TODO: mimic the actual behaviour where block goes through validating sync manager? if (!test.SealEngineUsed || blockValidator.ValidateSuggestedBlock(correctRlpsBlocks[i].Block)) { blockTree.SuggestBlock(correctRlpsBlocks[i].Block); } else { Console.WriteLine("Invalid block"); } } catch (InvalidBlockException) { } catch (Exception ex) { _logger?.Info(ex.ToString()); } } await blockchainProcessor.StopAsync(true); stopwatch?.Stop(); List <string> differences = RunAssertions(test, blockTree.RetrieveHeadBlock(), storageProvider, stateProvider); // if (differences.Any()) // { // BlockTrace blockTrace = blockchainProcessor.TraceBlock(blockTree.BestSuggested.Hash); // _logger.Info(new UnforgivingJsonSerializer().Serialize(blockTrace, true)); // } Assert.Zero(differences.Count, "differences"); }
protected async Task RunTest(BlockchainTest test, Stopwatch stopwatch = null) { LoggingTraceListener traceListener = new LoggingTraceListener(); // TODO: not supported in .NET Core, need to replace? // Debug.Listeners.Clear(); // Debug.Listeners.Add(traceListener); IDbProvider dbProvider = new MemDbProvider(_logManager); StateTree stateTree = new StateTree(dbProvider.GetOrCreateStateDb()); ISpecProvider specProvider; if (test.NetworkAfterTransition != null) { specProvider = new CustomSpecProvider( (0, Frontier.Instance), (1, test.Network), (test.TransitionBlockNumber, test.NetworkAfterTransition)); } else { specProvider = new CustomSpecProvider( (0, Frontier.Instance), // TODO: this thing took a lot of time to find after it was removed!, genesis block is always initialized with Frontier (1, test.Network)); } if (specProvider.GenesisSpec != Frontier.Instance) { Assert.Fail("Expected genesis spec to be Frontier for blockchain tests"); } IDifficultyCalculator difficultyCalculator = new DifficultyCalculator(specProvider); IRewardCalculator rewardCalculator = new RewardCalculator(specProvider); IBlockTree blockTree = new BlockTree(new MemDb(), new MemDb(), new MemDb(), specProvider, _logManager); IBlockhashProvider blockhashProvider = new BlockhashProvider(blockTree); ISignatureValidator signatureValidator = new SignatureValidator(ChainId.MainNet); ITransactionValidator transactionValidator = new TransactionValidator(signatureValidator); IHeaderValidator headerValidator = new HeaderValidator(difficultyCalculator, blockTree, SealEngine, specProvider, _logManager); IOmmersValidator ommersValidator = new OmmersValidator(blockTree, headerValidator, _logManager); IBlockValidator blockValidator = new BlockValidator(transactionValidator, headerValidator, ommersValidator, specProvider, _logManager); IStateProvider stateProvider = new StateProvider(stateTree, dbProvider.GetOrCreateCodeDb(), _logManager); IStorageProvider storageProvider = new StorageProvider(dbProvider, stateProvider, _logManager); IVirtualMachine virtualMachine = new VirtualMachine( stateProvider, storageProvider, blockhashProvider, _logManager); ISealEngine sealEngine = new EthashSealEngine(new Ethash(_logManager), _logManager); ITransactionStore transactionStore = new TransactionStore(); IEthereumSigner signer = new EthereumSigner(specProvider, _logManager); IBlockProcessor blockProcessor = new BlockProcessor( specProvider, blockValidator, rewardCalculator, new TransactionProcessor( specProvider, stateProvider, storageProvider, virtualMachine, NullTracer.Instance, _logManager), dbProvider, stateProvider, storageProvider, transactionStore, _logManager); IBlockchainProcessor blockchainProcessor = new BlockchainProcessor(blockTree, sealEngine, transactionStore, difficultyCalculator, blockProcessor, signer, _logManager); InitializeTestState(test, stateProvider, storageProvider, specProvider); List <(Block Block, string ExpectedException)> correctRlpsBlocks = new List <(Block, string)>(); for (int i = 0; i < test.Blocks.Length; i++) { try { TestBlockJson testBlockJson = test.Blocks[i]; var rlpContext = Hex.ToBytes(testBlockJson.Rlp).AsRlpContext(); Block suggestedBlock = Rlp.Decode <Block>(rlpContext); Assert.AreEqual(new Keccak(testBlockJson.BlockHeader.Hash), suggestedBlock.Header.Hash, "hash of the block"); for (int ommerIndex = 0; ommerIndex < suggestedBlock.Ommers.Length; ommerIndex++) { Assert.AreEqual(new Keccak(testBlockJson.UncleHeaders[ommerIndex].Hash), suggestedBlock.Ommers[ommerIndex].Hash, "hash of the ommer"); } correctRlpsBlocks.Add((suggestedBlock, testBlockJson.ExpectedException)); } catch (Exception e) { _logger?.Info($"Invalid RLP ({i})"); } } if (correctRlpsBlocks.Count == 0) { Assert.AreEqual(new Keccak(test.GenesisBlockHeader.Hash), test.LastBlockHash); return; } if (test.GenesisRlp == null) { test.GenesisRlp = Rlp.Encode(new Block(Convert(test.GenesisBlockHeader))); } Block genesisBlock = Rlp.Decode <Block>(test.GenesisRlp.Bytes); Assert.AreEqual(new Keccak(test.GenesisBlockHeader.Hash), genesisBlock.Header.Hash, "genesis header hash"); blockTree.NewHeadBlock += (sender, args) => { if (args.Block.Number == 0) { Assert.AreEqual(genesisBlock.Header.StateRoot, stateTree.RootHash, "genesis state root"); } }; blockchainProcessor.Start(); blockTree.SuggestBlock(genesisBlock); for (int i = 0; i < correctRlpsBlocks.Count; i++) { stopwatch?.Start(); try { if (correctRlpsBlocks[i].ExpectedException != null) { _logger.Info($"Expecting block exception: {correctRlpsBlocks[i].ExpectedException}"); } if (correctRlpsBlocks[i].Block.Hash == null) { throw new Exception($"null hash in {test.Name} block {i}"); } // TODO: mimic the actual behaviour where block goes through validating sync manager? if (blockValidator.ValidateSuggestedBlock(correctRlpsBlocks[i].Block)) { blockTree.SuggestBlock(correctRlpsBlocks[i].Block); } else { Console.WriteLine("Invalid block"); } } catch (InvalidBlockException ex) { } catch (Exception ex) { _logger?.Info(ex.ToString()); } } await blockchainProcessor.StopAsync(true); stopwatch?.Stop(); RunAssertions(test, blockTree.RetrieveHeadBlock(), storageProvider, stateProvider); }
public void ShouldNotThrowExceptionWhenSignatureIsValid() { SignatureValidator validator = new SignatureValidator(TestConfiguration.Create()); validator.Validate(new byte[] { 42 }, "aajPtaEL8oyiitLlTbSzkFCTDQ7Lr0m/89eDhe6tFx4="); }
public static bool ReportFraud(byte[] fraudId, byte[] fakeButValidCertificateBytes, byte[] fakeButValidCertificateHash, byte[] signerCertificateBytes, byte[] signerCertificateBytesHash, byte[] signature) { Certificate fakeButValidCertificate = CertificateParser.Parse(fakeButValidCertificateBytes); if (!fakeButValidCertificate.IsLoaded) { Logger.log("Can not parse Fake But Valid SSL Certificate"); return(false); } EndEntityCertificateEntry fakeButValidCertificateEntry = CertificateStorageManager.RetrieveEndEntityCertificateFromStorage(fakeButValidCertificateHash); if (fakeButValidCertificateEntry.CertificateValue == null) { Logger.log("Can not find Fake But Valid SSL Certificate"); return(false); } if (fakeButValidCertificateEntry.IsRevoked) { Logger.log("Fake But Valid SSL Certificate is revoked before"); return(false); } Certificate signerCertificate = CertificateParser.Parse(signerCertificateBytes); if (!signerCertificate.IsLoaded) { Logger.log("Can not parse Signer Certificate"); return(false); } var signerCertificateContainFakeButValidCertificateDnsEntry = checkDnsValues(fakeButValidCertificate, signerCertificate); if (!signerCertificateContainFakeButValidCertificateDnsEntry) { Logger.log("Signer Certificate Does not contain required DNS value"); return(false); } Logger.log("Starting Validate Signature For Report Fraud Request"); bool signatureValidationResult = SignatureValidator.CheckReportFraudRequestSignature(signature, fakeButValidCertificate, signerCertificate); if (!signatureValidationResult) { Logger.log("Report Fraud Request signature Invalid"); return(false); } Logger.log("Validated Signature For Report Fraud Request"); FraudStorageManager.AddFraudReportToStorage(fraudId, signerCertificateBytes, fakeButValidCertificateHash); //todo: add fraud notification after log infrastructure fixed return(true); }