/// <summary>Create a new revocation message.</summary>
public UserRevocationMessage(RSACryptoServiceProvider private_key, string username)
{
Username = username;
int signature_length = private_key.KeySize / 8;
byte[] data = null;
using (MemoryStream ms = new MemoryStream()) {
AdrConverter.Serialize(Username, ms);
Random rand = new Random();
NumberSerializer.WriteInt(rand.Next(), ms);
NumberSerializer.WriteLong(DateTime.UtcNow.Ticks, ms);
data = new byte[ms.Length + signature_length];
ms.Position = 0;
ms.Read(data, 0, (int)ms.Length);
}
SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
Hash = sha1.ComputeHash(data, 0, data.Length - signature_length);
Signature = private_key.SignHash(Hash, CryptoConfig.MapNameToOID("SHA1"));
Signature.CopyTo(data, data.Length - signature_length);
_data = MemBlock.Reference(data);
}
public void Test()
{
CertificateHandler ch = new CertificateHandler();
ch.AddCACertificate(_ca_cert.X509);
ch.AddCertificateVerification(this);
ArrayList revoked_users = new ArrayList();
revoked_users.Add("joker");
revoked_users.Add("bad_guy");
revoked_users.Add("adversary");
revoked_users.Add("noobs");
// create revocation list
byte[] to_sign = null;
using (MemoryStream ms = new MemoryStream()) {
NumberSerializer.WriteLong(DateTime.UtcNow.Ticks, ms);
AdrConverter.Serialize(revoked_users, ms); to_sign = ms.ToArray();
}
// sign revocation list
SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
byte[] hash = sha1.ComputeHash(to_sign);
byte[] signature = _private_key.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));
byte[] data = new byte[4 + to_sign.Length + signature.Length];
NumberSerializer.WriteInt(to_sign.Length, data, 0);
to_sign.CopyTo(data, 4);
signature.CopyTo(data, 4 + to_sign.Length);
UpdateRl(data);
X509Certificate likable_guy = CreateCert("likable_guy");
X509Certificate joker = CreateCert("joker");
X509Certificate bad_guy = CreateCert("bad_guy");
X509Certificate good_guy = CreateCert("good_guy");
X509Certificate adversary = CreateCert("adversary");
X509Certificate noobs = CreateCert("noobs");
X509Certificate friendly_guy = CreateCert("friendly_guy");
Assert.IsTrue(ch.Verify(likable_guy, null, _remote_id), "Likable guy");
bool success = false;
try {
success = ch.Verify(adversary, null, _remote_id);
} catch { }
Assert.AreEqual(success, false, "adversary");
try {
success = ch.Verify(joker, null, _remote_id);
} catch { }
Assert.AreEqual(success, false, "joker");
Assert.IsTrue(ch.Verify(friendly_guy, null, _remote_id), "friendly guy");
try {
success = ch.Verify(noobs, null, _remote_id);
} catch { }
Assert.AreEqual(success, false, "noobs");
try {
success = ch.Verify(bad_guy, null, _remote_id);
} catch { }
Assert.AreEqual(success, false, "bad_guy");
Assert.IsTrue(ch.Verify(good_guy, null, _remote_id), "good guy");
}