-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSSL Certificate Authority Management.sol
313 lines (248 loc) · 12.6 KB
/
SSL Certificate Authority Management.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
pragma solidity 0.5.2; /*
___________________________________________________________________
_ _ ______
| | / / /
--|-/|-/-----__---/----__----__---_--_----__-------/-------__------
|/ |/ /___) / / ' / ) / / ) /___) / / )
__/__|____(___ _/___(___ _(___/_/_/__/_(___ _____/______(___/__o_o_
██████╗ █████╗ ██████╗ █████╗ ████████╗ █████╗
██╔════╝██╔══██╗ ██╔══██╗██╔══██╗╚══██╔══╝██╔══██╗
██║ ███████║ █████╗ ██║ ██║███████║ ██║ ███████║
██║ ██╔══██║ ╚════╝ ██║ ██║██╔══██║ ██║ ██╔══██║
╚██████╗██║ ██║ ██████╔╝██║ ██║ ██║ ██║ ██║
╚═════╝╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝
THE MAIN LOGIC:
Certificate Authorities (CAs) will be triggered when a 3 type of Process Type (Revoked, Hold, Unhold) is occurred.
All CAs needs to have a blockchain access in order to write/read data to/from blockchain network.
A user certificate can be revoked, holded and unholded if user request it from CA (It’s not our business).
Our project is starts on this point. When CA triggered for “revoked, holded and unholded” certificate status, CAs will send some information to the Blockchain Platform.
THE MAIN COMPONENT OF THE DATA
(1) CA ID: This value will hold CA Certificate ID. It shows that which CA sended this data to the blockchain.
(2) Certificate Serial No: This value represent serial number for certificate owner.
(3) Date:Process Date
(4) Process Type: 4 type of certificates will be hold on the blockchain. We will hold a number on this colomn.
1 => Revoke
2 => Hold
3 => Unhold
4 => Initia certificate issue
(5) Process Reason: This colomn represents process reason. We will hold a number on this column.
0 => Unknown
1 => Stolen
2 => Information Change
3 => CA Key Stolen
4 => Get Instead
5 => Break for a while
6 => Hold
7 => Unhold
8 => Claims
9 => Initial certificate issue
*/
//*******************************************************************//
//------------------ Contract to Manage Ownership -------------------//
//*******************************************************************//
contract owned {
address public owner;
constructor () public {
owner = msg.sender;
}
modifier onlyOwner {
require(msg.sender == owner);
_;
}
function transferOwnership(address newOwner) onlyOwner public {
owner = newOwner;
}
}
//*********************************************************************//
//------------------ CA Data Contract Starts Here -------------------//
//*********************************************************************//
contract CA_Data is owned {
/****************************************/
/* Public Variables of CA Data */
/****************************************/
/* Mapping which will hold CA wallet address and return if they are true or false */
mapping(address => bool) public caWallets;
/* An array which will hold wallet addresses of all the CAs, as well as mapping which holds index of each array element */
address[] public caWalletsList;
mapping(address => uint256) public caWalletsListIndex;
mapping(address => string) public caWalletToID;
/* Struct which holds Certificate Data for any particular certificate ID */
struct CertificateDataIndividual {
uint256 certificateID;
string domainName;
address caWallet;
string caID;
uint256 date;
uint256 processType;
uint256 processReason;
}
/* Mapping that maps particular CA ID to certificate ID with struct CertificateDataIndividual */
mapping (string => mapping(uint256 => CertificateDataIndividual)) certificateDataAll;
/* Events which logs all the transaction data and display to GUI */
event CertificateData(
uint256 certificateID,
string domainName,
address indexed caWallet,
string caID,
uint256 date,
uint256 processType,
uint256 processReason
);
/* Modifier which requires only CA Caller */
modifier onlyCA {
require(caWallets[msg.sender]);
_;
}
/**
* @dev constructor function which will run only once while deploying the contract
* @dev we will assign all three CA wallet addresses now, which later can be removed by owner if required
*/
constructor() public {
/* updating mapping caWallets */
caWallets[0xef9EcD8a0A2E4b31d80B33E243761f4D93c990a8] = true;
caWallets[0x0086f09Bb9902839bFcE136F8D3c23794dcfDF40] = true;
caWallets[0x7eF8A233AC746Ea398DED8B0536C83F55FcfCa1F] = true;
/* adding all those addresses in caWalletsList Array */
caWalletsList.push(0xef9EcD8a0A2E4b31d80B33E243761f4D93c990a8);
caWalletsList.push(0x0086f09Bb9902839bFcE136F8D3c23794dcfDF40);
caWalletsList.push(0x7eF8A233AC746Ea398DED8B0536C83F55FcfCa1F);
/* Updating caWalletsListIndex mapping to index all those array element */
caWalletsListIndex[0xef9EcD8a0A2E4b31d80B33E243761f4D93c990a8] = 0;
caWalletsListIndex[0x0086f09Bb9902839bFcE136F8D3c23794dcfDF40] = 1;
caWalletsListIndex[0x7eF8A233AC746Ea398DED8B0536C83F55FcfCa1F] = 2;
/* adding IDs of respective CA Wallet address */
caWalletToID[0xef9EcD8a0A2E4b31d80B33E243761f4D93c990a8] = "CAID1";
caWalletToID[0x0086f09Bb9902839bFcE136F8D3c23794dcfDF40] = "CAID2";
caWalletToID[0x7eF8A233AC746Ea398DED8B0536C83F55FcfCa1F] = "CAID3";
}
/****************************************/
/* CA Only Functions */
/****************************************/
/**
* @dev This function called by CA only to issue certificate for very first time
* @dev CA provides following details
*
* @param certificateID_ Unique numeric ID of the certificate
* @param domainName_ Name of the domain for which certificate to be issued
* @param issueDate_ Date of initial issue
*
* @return bool Returns true for successful transaction
*/
function issueCertificate(
uint256 certificateID_,
string memory domainName_,
uint256 issueDate_
) onlyCA public returns(bool) {
string storage caID = caWalletToID[msg.sender];
require(certificateDataAll[caID][certificateID_].certificateID == 0, 'Certificate ID is already used');
certificateDataAll[caID][certificateID_] = CertificateDataIndividual({
certificateID: certificateID_,
domainName: domainName_,
caWallet: msg.sender,
caID: caID,
date: issueDate_,
processType: 4, // 4 is default status code for initial issue of certificate
processReason: 9 // 9 is default reason code for initial issue of certificate
});
emit CertificateData(
certificateID_,
domainName_,
msg.sender,
caWalletToID[msg.sender],
issueDate_,
4,
9
);
return true;
}
/**
* @dev This function called by CA only to update certificate for any domain
* @dev CA provides following details
*
* @param processType_ Type of transaction. It would be from 1-9 as status code
* @return bool Returns true for successful transaction
*/
function updateCertificate(
uint256 certificateID_,
uint256 processType_,
uint256 processReason_
) onlyCA public returns(bool) {
string storage caID = caWalletToID[msg.sender];
require(certificateDataAll[caID][certificateID_].certificateID == certificateID_, 'Certificate ID does not exist');
require(certificateDataAll[caID][certificateID_].caWallet == msg.sender, 'Caller is not authorised CA');
certificateDataAll[caID][certificateID_].date = now;
certificateDataAll[caID][certificateID_].processType = processType_;
certificateDataAll[caID][certificateID_].processReason = processReason_;
emit CertificateData(
certificateID_,
certificateDataAll[caID][certificateID_].domainName,
certificateDataAll[caID][certificateID_].caWallet,
certificateDataAll[caID][certificateID_].caID,
certificateDataAll[caID][certificateID_].date,
certificateDataAll[caID][certificateID_].processType,
certificateDataAll[caID][certificateID_].processReason
);
return true;
}
/****************************************/
/* Users read only functions */
/****************************************/
/**
* @dev Users can loop up for any certificate information using its certificate ID
* @param certificateID_ The certificate ID
* @return All the information of struct for that particular certificate ID
*
*/
function lookUpCertificate(uint256 certificateID_, string memory _caID) public view returns(uint256, string memory, string memory, uint256, uint256, uint256){
return (
certificateDataAll[_caID][certificateID_].certificateID,
certificateDataAll[_caID][certificateID_].domainName,
certificateDataAll[_caID][certificateID_].caID,
certificateDataAll[_caID][certificateID_].date,
certificateDataAll[_caID][certificateID_].processType,
certificateDataAll[_caID][certificateID_].processReason
);
}
/**
* @dev Function to see all the CAs authorised to write in the smart contract
* @return address[] An array of all the CA addresses
*/
function seeALLCA() public view returns (address[] memory){
return caWalletsList;
}
/****************************************/
/* Owner only functions */
/****************************************/
/**
* @dev Owner can add new CA wallet, who then can write data in the smart contract
* @dev It will check if CA already exist or not
* @param caWalletAddress New wallet address of the CA
* @return bool Returns true for successful transaction
*/
function addNewCA(address caWalletAddress, string memory caID) onlyOwner public returns(bool){
require(caWalletAddress != address(0), 'Address is invalid');
require(!caWallets[caWalletAddress], 'CA is already exist');
caWallets[caWalletAddress] = true;
caWalletToID[caWalletAddress] = caID;
caWalletsList.push(caWalletAddress);
caWalletsListIndex[caWalletAddress] = caWalletsList.length-1;
return true;
}
/**
* @dev Owner can remove any CA from the system
* @dev It will remove CA address from the mapping as well as from the Array along with its index mapping
* @param caWalletAddress The wallet address of the CA
* @return bool Returns true for successful transaction
*/
function removeAnyCA(address caWalletAddress) onlyOwner public returns(bool){
require(caWalletAddress != address(0), 'Address is invalid');
require(caWallets[caWalletAddress], 'CA does not exist');
caWallets[caWalletAddress] = false;
caWalletToID[caWalletAddress] = "";
caWalletsList[caWalletsListIndex[caWalletAddress]] = caWalletsList[caWalletsList.length-1];
caWalletsListIndex[caWalletsList[caWalletsList.length-1]] = caWalletsListIndex[caWalletAddress];
caWalletsListIndex[caWalletAddress]=0;
caWalletsList.length--;
return true;
}
}