ERSERVER
In this section we go over what the Electoral Roll Server does providing a general overview of the classes.
|
What it does |
ERServer receives ER check packets from FreeClient. The contents of these are generally some kind of identification with a password or biometric data. These are verified against entries in a database, if ok then an all clear is sent back to FreeClient along with a secure + single-use AuthKey, additionally the entry in the database is marked as having been checked (it is confirmed as voted once the RTServer sends a copy of the AuthKey to the ERServer). Otherwise FreeClient is advised of an unauthorised user.
ERServer is seperate to the other software to protect voters' identities. This is the only place which knows who the voter is, all it tells FreeClient is whether a voter is valid or not. Thus a validated voter then sends a vote to RTServer which, being seperate from ERServer, does not have the information to resolve who the voter was. Privacy is protected for another day!
|
AuthKey.java |
Contains algorithms to build unique single-use Authorisation Keys which are issued to valid voters when they have been authorised. Also contains logic to encrypt and decrypt data using keys built by the FreeInstall program.
|
DBase.java |
Includes JDBC code for initialising, storing and retrieving data Hypersonic SQL databases which connects through the Free.DBPool cache drivers. Since 1.5 this class also encrypts/decrypts all data in the database.
|
ERFRame1.java |
A standard AWT frame which includes a scrollabe TextPane to allow the user to be informed of server events.
|
ERFrame2.java |
AWT frame which provides a console for executing SQL queries on the Hypersonic SQL database.
|
ERServer.java |
The main class, which must be executed for the program to launch. It creates the splash screen, initialises the server and launches the user interface.
|
ERServerProtocol.java |
This class contains the logic that reacts to each packet according to a) its type, and then b) the contents of its data.
|
hsql.jar |
Archive containing all the classes for the Hypersonic SQL database. NOTE: This has been recompiled to use the version that supports Java 1.1.x and is not the same as the .jar file included with the HSQL download.
|
freeawt.jar |
Contains files supporting the AWT GUI.
|
freedbpool.jar |
Holds wrapper drivers and methods for supporting a method of database cacheing called connection pooling which focusses on preventing the constant creation of new JDBC connections which are known to be the major overhead of JDBC communication.
|
freeutil.jar |
Stores utility files such as the Packet data structure, MAC methods and optimise String <-> Byte conversion algorithms.
|
log4j.jar |
The archive file holding all the classes for the log4j logging system used.
Two logging categories are currently used: NORM & DEV. NORM encompasses messages of Info level and higher. DEV is for debug and higher where the hierarchy is Error > Warn > Info > Debug.
DEV provides detailed debugging log messages which could be left enabled for more complete security logs however this does risk privacy if ERServer and RTServer logs can be brought together. The logs are by default written to rtserver.log and erserver.log respectively. This and other properties are set in log4j.rtserver.properties and log4j.erserver.properties which, by default, make log4j roll over log files when they hit 10Mb leaving a maximum of 3 files on disk.
|
SecureAppender.java |
Implements the log4j.Appender interface. This class provides a secure chain of message digests. Every log entry is appended with the previous entry and then the digest of this is written to rtserver.sec.log . Thus altering one line of the log creates a chain reaction of detection which can be detected with a tool in the GNU.FREE Testing Suite.
|
ScreenAppender.java |
Implements the log4j.Appender interface. This allows the class to be added to the logging categories as a valid appender thus meaning that a single command will write to the log files and the output screen dramatically improving performance.
|
TCPServer.java |
A threaded implementation of a TCP/IP server that listens on freePort for client connections. When a connection is accepted it is spun off into a new thread. All data received is then fed to ERServerProtocol for processing.
- Dev Home -
|