public RequestContainer(SignatureRequest request,
Secure<SignatureRequest> secureRequest,
Secure<SignatureRequestInfo> secureRequestInfo)
{
Request = request;
SecureRequest = secureRequest;
SecureRequestInfo = secureRequestInfo;
}
public ListEntry(string fileName, CertificateAuthorityEntry entry, CACertificate caCertificate)
{
FileName = fileName;
this.entry = entry;
this.certificate = this.entry.Request.Certificate;
this.request = this.entry.RequestValue(caCertificate);
if (this.entry.Response != null)
{
this.response = this.entry.Response.Value;
}
}
public ListEntry(string fileName, CACertificate caCertificate)
{
FileName = fileName;
this.entry = Serializable.Load<CertificateAuthorityEntry>(FileName);
this.certificate = this.entry.Request.Certificate;
this.request = this.entry.RequestValue(caCertificate);
if (this.entry.Response != null)
{
this.response = this.entry.Response.Value;
}
}
public SignatureRequestDocument(SignatureRequest signatureRequest, Certificate certificate, GetGroupNameHandler getGroupName)
{
if (signatureRequest == null)
throw new ArgumentNullException("signatureRequest");
if (certificate == null)
throw new ArgumentNullException("certificate");
this.signatureRequest = signatureRequest;
this.certificate = certificate;
this.getGroupName = getGroupName;
var fontPath = Path.Combine(System.Windows.Forms.Application.StartupPath, FontFilename);
var fontData = File.ReadAllBytes(fontPath);
XPrivateFontCollection.Global.AddFont(fontData, "Dejavu Sans");
}
public static void TestSignatureRequestDocument()
{
VoterCertificate voterCert = new VoterCertificate(Language.English, null, 0);
voterCert.CreateSelfSignature();
SignatureRequest request = new SignatureRequest("Hans", "Müller", "*****@*****.**");
SignatureRequestInfo requestInfo = new SignatureRequestInfo("*****@*****.**", request.Encrypt());
SignatureRequestDocument document = new SignatureRequestDocument(request, voterCert, GetGroupName);
////PrintDialog dialog = new PrintDialog();
////dialog.Document = document;
////if (dialog.ShowDialog() == DialogResult.OK)
////{
//// document.Print();
////}
}
private void sendButton_Click(object sender, EventArgs e)
{
SetEnable(false);
this.run = true;
OnUpdateWizard();
SignatureRequest signatureRequest
= new SignatureRequest(
this.firstNameTextBox.Text,
this.familyNameTextBox.Text,
this.emailAddressTextBox.Text);
SignatureRequestInfo signatureRequestInfo
= new SignatureRequestInfo(
this.emailAddressTextBox.Text,
signatureRequest.Encrypt());
SignatureRequestDocument document = new SignatureRequestDocument(
signatureRequest,
Status.Certificate,
Status.GetGroupName);
SaveFileDialog dialog = new SaveFileDialog();
dialog.Title = GuiResources.SaveDocumentDialogTitle;
dialog.Filter = Files.PdfFileFilter;
if (dialog.ShowDialog() == DialogResult.OK)
{
document.Create(dialog.FileName);
Secure<SignatureRequest> secureSignatureRequest =
new Secure<SignatureRequest>(signatureRequest, Status.CaCertificate, Status.Certificate);
Secure<SignatureRequestInfo> secureSignatureRequestInfo =
new Secure<SignatureRequestInfo>(signatureRequestInfo, Status.ServerCertificate, Status.Certificate);
Status.VotingClient.SetSignatureRequest(secureSignatureRequest, secureSignatureRequestInfo, SetSignatureRequestComplete);
while (this.run)
{
Status.UpdateProgress();
Thread.Sleep(10);
}
Status.UpdateProgress();
if (this.exception == null)
{
Status.SetMessage(Resources.CreateCertificateDone, MessageType.Success);
}
else
{
Status.SetMessage(this.exception.Message, MessageType.Error);
}
}
else
{
SetEnable(true);
this.run = false;
}
OnUpdateWizard();
}
private void createButton_Click(object sender, EventArgs e)
{
this.run = true;
OnUpdateWizard();
SetEnable(false);
var encryptResult = EncryptPrivateKeyDialog.ShowSetPassphrase();
if (encryptResult.First == DialogResult.OK)
{
string passphrase = encryptResult.Second;
Status.Certificate = new VoterCertificate(Resources.Culture.ToLanguage(), passphrase, this.groupComboBox.Value.Id);
Status.Certificate.CreateSelfSignature();
Status.CertificateFileName = Path.Combine(Status.DataPath, Status.Certificate.Id.ToString() + Files.CertificateExtension);
Status.Certificate.Save(Status.CertificateFileName);
Certificate parentCertificate = TryFindValidParentCertificate();
if (parentCertificate != null)
{
DateTime parentValidUntil = parentCertificate.ExpectedValidUntil(Status.CertificateStorage, DateTime.Now);
DialogResult result = DialogResult.Yes;
while (result == DialogResult.Yes)
{
result = MessageForm.Show(
string.Format(Resources.AskToSignSignatureRequestWithParent, parentValidUntil),
GuiResources.MessageBoxTitle,
MessageBoxButtons.YesNo,
MessageBoxIcon.Question,
DialogResult.Yes);
if (result == DialogResult.Yes &&
DecryptPrivateKeyDialog.TryDecryptIfNessecary(parentCertificate, string.Empty))
{
this.signatureRequest = new SignatureRequest2(this.firstNameTextBox.Text, this.familyNameTextBox.Text, this.emailAddressTextBox.Text, parentCertificate);
result = DialogResult.OK;
}
parentCertificate.Lock();
}
}
if (this.signatureRequest == null)
{
this.signatureRequest = new SignatureRequest(this.firstNameTextBox.Text, this.familyNameTextBox.Text, this.emailAddressTextBox.Text);
}
this.signatureRequestInfo = new SignatureRequestInfo(
this.emailNotificationCheckBox.Checked ? this.emailAddressTextBox.Text : string.Empty,
this.signatureRequest.Encrypt());
this.secureSignatureRequest = new Secure<SignatureRequest>(this.signatureRequest, Status.CaCertificate, Status.Certificate);
this.secureSignatureRequestInfo = new Secure<SignatureRequestInfo>(this.signatureRequestInfo, Status.ServerCertificate, Status.Certificate);
string signatureRequestDataFileName = Path.Combine(Status.DataPath, Status.Certificate.Id.ToString() + Files.SignatureRequestDataExtension);
this.signatureRequest.Save(signatureRequestDataFileName);
this.run = false;
OnUpdateWizard();
if (this.signatureRequest is SignatureRequest2)
{
this.uploadButton.Enabled = true;
}
else
{
this.printButton.Enabled = true;
}
}
else
{
this.run = false;
OnUpdateWizard();
SetEnable(true);
}
}
private bool ReadRequestData()
{
table.AddHeaderRow(2, "Signature request");
try
{
string idString = Request.Params["id"];
this.certificateId = new Guid(idString);
}
catch
{
table.AddRow(string.Empty, "Certificate id invalid.");
table.AddSpaceRow(2, 32);
return false;
}
try
{
if (!Request.Params.AllKeys.Contains("k"))
{
table.AddRow(string.Empty, "Request key missing.");
table.AddSpaceRow(2, 32);
return false;
}
string data = Request.Params["k"]
.Replace(" ", string.Empty)
.Replace("-", string.Empty)
.ToLowerInvariant();
this.signatureRequestKey = HexToBytes(data);
if (this.signatureRequestKey.Length != 32)
{
table.AddRow(string.Empty, "Request key length invalid.");
table.AddSpaceRow(2, 32);
return false;
}
}
catch
{
table.AddRow(string.Empty, "Cannot parse request key.");
table.AddSpaceRow(2, 32);
return false;
}
try
{
var request = proxy.FetchSignatureRequest(this.certificateId);
this.certificate = request.Certificate;
if (!this.certificate.Id.Equals(this.certificateId))
{
table.AddRow(string.Empty, "Certificate id does not match.");
table.AddSpaceRow(2, 32);
return false;
}
}
catch
{
table.AddRow(string.Empty, "Cannot retrieve signature request.");
table.AddSpaceRow(2, 32);
return false;
}
byte[] encryptedSignatureRequestData;
try
{
var result = proxy.FetchSignCheckList(this.certificateId); ;
this.signChecks = result.First;
if (result.Second.Length <= 32)
{
table.AddRow(string.Empty, "Encrypted signature request data invalid.");
table.AddSpaceRow(2, 32);
return false;
}
else
{
encryptedSignatureRequestData = result.Second;
}
}
catch
{
table.AddRow(string.Empty, "Cannot download sign checks.");
table.AddSpaceRow(2, 32);
return false;
}
try
{
this.request = SignatureRequest.Decrypt(encryptedSignatureRequestData, this.signatureRequestKey);
}
catch
{
table.AddRow(string.Empty, "Cannot decrypt signature request data.");
table.AddSpaceRow(2, 32);
return false;
}
try
{
Signed<SignatureResponse> signedResponse = null;
this.status = proxy.FetchSignatureResponse(this.certificateId, out signedResponse);
switch (this.status)
{
case SignatureResponseStatus.Pending:
break;
case SignatureResponseStatus.Declined:
table.AddRow(string.Empty, "Signature request already declined.");
table.AddSpaceRow(2, 32);
return false;
case SignatureResponseStatus.Accepted:
table.AddRow(string.Empty, "Signature request already accepted.");
table.AddSpaceRow(2, 32);
return false;
case SignatureResponseStatus.Unknown:
default:
table.AddRow(string.Empty, "Cannot find signature request.");
table.AddSpaceRow(2, 32);
return false;
}
}
catch
{
table.AddRow(string.Empty, "Cannot determine response status.");
table.AddSpaceRow(2, 32);
return false;
}
return true;
}
private void signatureRequestToolStripMenuItem_Click(object sender, EventArgs e)
{
SaveFileDialog dialog = new SaveFileDialog();
dialog.Title = "Save Signature Request";
dialog.CheckPathExists = true;
dialog.Filter = Files.SignatureRequestFileFilter;
if (dialog.ShowDialog() == DialogResult.OK)
{
SignatureRequest request = new SignatureRequest(CaCertificate.FullName, "CA", string.Empty);
Signed<SignatureRequest> signedRequest = new Signed<SignatureRequest>(request, CaCertificate);
signedRequest.Save(dialog.FileName);
}
}
private void createServerCertifiToolStripMenuItem_Click(object sender, EventArgs e)
{
CreateServerDialog dialog = new CreateServerDialog();
if (dialog.ShowDialog() == DialogResult.OK)
{
SaveFileDialog saveDialog = new SaveFileDialog();
saveDialog.Title = "Save Server Certificate";
saveDialog.CheckPathExists = true;
saveDialog.Filter = Files.CertificateFileFilter;
if (saveDialog.ShowDialog() == DialogResult.OK)
{
ServerCertificate certificate = new ServerCertificate(dialog.FullName);
certificate.CreateSelfSignature();
SignatureRequest request = new SignatureRequest(dialog.FullName, string.Empty, string.Empty);
Secure<SignatureRequest> signedRequest = new Secure<SignatureRequest>(request, CaCertificate, certificate);
CertificateAuthorityEntry entry = new CertificateAuthorityEntry(signedRequest);
entry.Sign(CaCertificate, DateTime.Now, dialog.ValidUntil);
certificate.AddSignature(entry.Response.Value.Signature);
string entryFileName = DataPath(entry.Certificate.Id.ToString() + ".pi-ca-entry");
entry.Save(DataPath(entryFileName));
ListEntry listEntry = new ListEntry(entryFileName, entry, CaCertificate);
Entries.Add(listEntry);
this.entryListView.Items.Add(listEntry.CreateItem(CaCertificate));
certificate.Save(saveDialog.FileName);
}
}
}
private void createAdminCertificateToolStripMenuItem_Click(object sender, EventArgs e)
{
CreateAdminDialog dialog = new CreateAdminDialog();
if (dialog.ShowDialog() == DialogResult.OK)
{
SaveFileDialog saveDialog = new SaveFileDialog();
saveDialog.Title = "Save Admin Certificate";
saveDialog.CheckPathExists = true;
saveDialog.Filter = Files.CertificateFileFilter;
if (saveDialog.ShowDialog() == DialogResult.OK)
{
string fullName = string.Format("{0} {1}, {2}", dialog.FirstName, dialog.FamilyName, dialog.Function);
AdminCertificate certificate = new AdminCertificate(Language.English, dialog.Passphrase, fullName);
certificate.CreateSelfSignature();
SignatureRequest request = new SignatureRequest(dialog.FirstName, dialog.FamilyName, dialog.EmailAddress);
Secure<SignatureRequest> signedRequest = new Secure<SignatureRequest>(request, CaCertificate, certificate);
CertificateAuthorityEntry entry = new CertificateAuthorityEntry(signedRequest);
entry.Sign(CaCertificate, DateTime.Now, dialog.ValidUntil);
certificate.AddSignature(entry.Response.Value.Signature);
string entryFileName = DataPath(entry.Certificate.Id.ToString() + ".pi-ca-entry");
entry.Save(DataPath(entryFileName));
ListEntry listEntry = new ListEntry(entryFileName, entry, CaCertificate);
Entries.Add(listEntry);
this.entryListView.Items.Add(listEntry.CreateItem(CaCertificate));
certificate.Save(saveDialog.FileName);
}
}
}
private void Work()
{
switch (State)
{
case ClientControllerState.Start:
CertificateStorage = this.client.FetchCertificateStroage();
if (CertificateStorage != null)
{
State = ClientControllerState.GotCertificateStorage;
}
break;
case ClientControllerState.GotCertificateStorage:
ServerCertificate = this.client.FetchServerCertificate();
if (ServerCertificate != null)
{
State = ClientControllerState.GotServerCertificate;
}
break;
case ClientControllerState.GotServerCertificate:
UserData = this.client.FetchUserData();
if (UserData != null)
{
State = ClientControllerState.GotUserData;
}
break;
case ClientControllerState.GotUserData:
// Pull user data in case it has changed
var userData = this.client.FetchUserData();
if (userData != null)
{
UserData = userData;
}
// Wait for user data and do nothing
if (RequestContainer != null)
{
State = ClientControllerState.GotUserInput;
}
break;
case ClientControllerState.GotUserInput:
if (this.client.PushSignaturRequest(RequestContainer))
{
UserData = null;
RequestContainer = null;
State = ClientControllerState.Done;
}
break;
case ClientControllerState.Done:
// Wait for reboot and do nothing
break;
default:
throw new InvalidOperationException("Unknown client controller state.");
}
}
public void Display(ListEntry listEntry, CertificateStorage storage, Certificate caCertificate, IEnumerable<ListEntry> allListEntries)
{
this.certificate = listEntry.Certificate;
this.request = listEntry.Request;
this.idTextBox.Text = this.certificate.Id.ToString();
this.typeTextBox.Text = this.certificate.TypeText;
this.nameTextBox.Text = this.request.FullName;
this.emailAddressTextBox.Text = this.request.EmailAddress;
this.cantonTextBox.Text = this.certificate is VoterCertificate ? GroupList.GetGroupName(((VoterCertificate)this.certificate).GroupId) : "N/A";
this.fingerprintTextBox.Text = this.certificate.Fingerprint;
this.language = this.certificate.Language;
this.validFromPicker.MinDate = DateTime.Now;
this.validFromPicker.MaxDate = DateTime.Now.AddMonths(6);
this.validFromPicker.Value = DateTime.Now;
bool requestValid = true;
if (this.request is SignatureRequest2)
{
SignatureRequest2 request2 = (SignatureRequest2)this.request;
ListEntry signingListEntry = allListEntries.Where(le => le.Certificate.IsIdentic(request2.SigningCertificate)).FirstOrDefault();
requestValid &= signingListEntry != null;
this.signedByIdTextBox.Text = request2.SigningCertificate.Id.ToString();
this.signedByTypeTextBox.Text = request2.SigningCertificate.TypeText;
this.signedByCantonTextBox.Text = request2.SigningCertificate is VoterCertificate ? GroupList.GetGroupName(((VoterCertificate)request2.SigningCertificate).GroupId) : "N/A";
this.signedByFingerprintTextBox.Text = request2.SigningCertificate.Fingerprint;
if (signingListEntry != null)
{
requestValid &= signingListEntry.Certificate.Fingerprint == request2.SigningCertificate.Fingerprint;
this.signedByNameTextBox.Text = signingListEntry.Request.FullName;
this.signedByEmailAddressTextBox.Text = signingListEntry.Request.EmailAddress;
this.validUntilPicker.Value = request2.SigningCertificate.ExpectedValidUntil(storage, DateTime.Now);
this.validUntilPicker.MinDate = DateTime.Now;
this.validUntilPicker.MaxDate = this.validUntilPicker.Value;
this.printButton.Enabled = true;
}
else
{
this.signedByNameTextBox.Text = "N/A";
this.signedByEmailAddressTextBox.Text = "N/A";
this.validUntilPicker.MinDate = DateTime.Now;
this.validUntilPicker.MaxDate = DateTime.Now.AddYears(3).AddMonths(6);
this.printButton.Enabled = false;
}
var result = request2.SigningCertificate.Validate(storage);
requestValid &= result == CertificateValidationResult.Valid;
this.signedByStatusTextBox.Text = result.ToString();
this.signedByStatusTextBox.BackColor = result == CertificateValidationResult.Valid ? Color.Green : Color.Red;
bool signatureValid = request2.IsSignatureValid();
requestValid &= signatureValid;
this.signedBySignatureTextBox.Text = signatureValid ? "Valid" : "Invalid";
this.signedBySignatureTextBox.BackColor = signatureValid ? Color.Green : Color.Red;
}
else
{
this.signedByIdTextBox.Text = "N/A";
this.signedByFingerprintTextBox.Text = "N/A";
this.signedByNameTextBox.Text = "N/A";
this.signedByEmailAddressTextBox.Text = "N/A";
this.signedByStatusTextBox.Text = "N/A";
this.signedBySignatureTextBox.Text = "N/A";
this.signedByCantonLabel.Text = "N/A";
this.signedByTypeLabel.Text = "N/A";
this.printButton.Enabled = false;
this.validUntilPicker.Value = DateTime.Now.AddYears(3);
}
if (requestValid && listEntry.VerifyRequestSimple())
{
LibraryResources.Culture = Language.English.ToCulture();
this.reasonComboBox.Items.Add(LibraryResources.RefusedFingerprintNoMatch);
this.reasonComboBox.Items.Add(LibraryResources.RefusedPersonHasAlready);
this.reasonComboBox.Items.Add(LibraryResources.RefusedRequestForgotten);
this.reasonComboBox.Items.Add(LibraryResources.RefusedRequestLost);
this.reasonComboBox.Items.Add(LibraryResources.RefusedRequestNotValid);
if (certificate is VoterCertificate)
{
this.reasonComboBox.Items.Add(LibraryResources.RefusedPersonNoPirate);
}
else
{
this.reasonComboBox.Items.Add(LibraryResources.RefusedPersonNotInOffice);
}
}
else
{
this.refuseRadioButton.Checked = true;
this.acceptSignRadioButton.Enabled = false;
}
CheckValid();
}
public override void Begin()
{
if (Status.Certificate == null)
{
SetEnable(true);
this.printButton.Enabled = false;
this.uploadButton.Enabled = false;
this.done = false;
}
else if (Status.Certificate.Validate(Status.CertificateStorage) == CertificateValidationResult.Valid)
{
SetEnable(false);
this.printButton.Enabled = false;
this.uploadButton.Enabled = false;
this.done = true;
Status.SetMessage(Resources.CheckCertificateReady, MessageType.Info);
}
else
{
string signatureRequestDataFileName = Path.Combine(Status.DataPath, Status.Certificate.Id.ToString() + Files.SignatureRequestDataExtension);
if (File.Exists(signatureRequestDataFileName))
{
if (DecryptPrivateKeyDialog.TryDecryptIfNessecary(Status.Certificate, GuiResources.UnlockActionSignRequest))
{
this.signatureRequest = Serializable.Load<SignatureRequest>(signatureRequestDataFileName);
this.signatureRequestInfo = new SignatureRequestInfo(
this.signatureRequest.EmailAddress,
this.signatureRequest.Encrypt());
this.secureSignatureRequest = new Secure<SignatureRequest>(this.signatureRequest, Status.CaCertificate, Status.Certificate);
this.secureSignatureRequestInfo = new Secure<SignatureRequestInfo>(this.signatureRequestInfo, Status.ServerCertificate, Status.Certificate);
if (Status.Certificate is VoterCertificate)
{
this.typeComboBox.SelectedIndex = 0;
}
else if (Status.Certificate is AuthorityCertificate)
{
this.typeComboBox.SelectedIndex = 1;
}
else if (Status.Certificate is AdminCertificate)
{
this.typeComboBox.SelectedIndex = 2;
}
this.firstNameTextBox.Text = this.signatureRequest.FirstName;
this.familyNameTextBox.Text = this.signatureRequest.FamilyName;
this.emailAddressTextBox.Text = this.signatureRequest.EmailAddress;
if (Status.Certificate is VoterCertificate)
{
this.groupComboBox.Value = Status.Groups.Where(group => group.Id == ((VoterCertificate)Status.Certificate).GroupId).Single();
}
SetEnable(false);
this.printButton.Enabled = true;
this.uploadButton.Enabled = true;
this.done = false;
}
else
{
Status.CertificateFileName = null;
Status.Certificate = null;
SetEnable(true);
this.printButton.Enabled = false;
this.uploadButton.Enabled = false;
this.done = false;
Status.SetMessage(Resources.SimpleCreateCertificateSigningCanceled, MessageType.Info);
}
}
else
{
File.Move(Status.CertificateFileName, Status.CertificateFileName + Files.BakExtension);
Status.CertificateFileName = null;
Status.Certificate = null;
SetEnable(true);
this.printButton.Enabled = false;
this.uploadButton.Enabled = false;
this.done = false;
Status.SetMessage(Resources.SimpleCreateCertificateFileMissing, MessageType.Error);
}
}
OnUpdateWizard();
}
private void setButton_Click(object sender, EventArgs e)
{
var userData = new SignatureRequest(this.givenNameTextBox.Text, this.surnameTextBox.Text, this.emailAddressTextBox.Text);
if (userData.Valid)
{
this.server.UserData = userData;
this.setGivennameTextBox.Text = userData.FirstName;
this.setSurnameTextBox.Text = userData.FamilyName;
this.setEmailAddressTextBox.Text = userData.EmailAddress;
}
else
{
MessageBox.Show("Invalid user data.", "Pi-Vote Kisok - Control", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
}
