public CmsAuthenticatedData(
ContentInfo contentInfo)
{
this.contentInfo = contentInfo;
AuthenticatedData authData = AuthenticatedData.GetInstance(contentInfo.Content);
//
// read the recipients
//
Asn1Set recipientInfos = authData.RecipientInfos;
this.macAlg = authData.MacAlgorithm;
//
// read the authenticated content info
//
ContentInfo encInfo = authData.EncapsulatedContentInfo;
CmsReadable readable = new CmsProcessableByteArray(
Asn1OctetString.GetInstance(encInfo.Content).GetOctets());
CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsAuthenticatedSecureReadable(
this.macAlg, readable);
//
// build the RecipientInformationStore
//
this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(
recipientInfos, secureReadable);
this.authAttrs = authData.AuthAttrs;
this.mac = authData.Mac.GetOctets();
this.unauthAttrs = authData.UnauthAttrs;
}
public ListAliasesResult ListAliases(AuthenticatedData data)
{
try
{
if (!data.Authenticate())
{
return(null);
}
ListAliasesResult result = new ListAliasesResult();
using (var db = new CSSDataContext())
{
result.Aliases = Alias.ListDecoratedAliases(db, data.Username, true);
result.AvailableAliasCount = Alias.GetAliasCount(db, data.Username);
}
return(result);
}
catch (Exception error)
{
Error.Write(error);
throw;
}
}
public CmsAuthenticatedData(
ContentInfo contentInfo)
{
this.contentInfo = contentInfo;
AuthenticatedData authData = AuthenticatedData.GetInstance(contentInfo.Content);
//
// read the encapsulated content info
//
ContentInfo encInfo = authData.EncapsulatedContentInfo;
this.macAlg = authData.MacAlgorithm;
this.mac = authData.Mac.GetOctets();
//
// load the RecipientInfoStore
//
byte[] contentOctets = Asn1OctetString.GetInstance(encInfo.Content).GetOctets();
IList infos = CmsEnvelopedHelper.ReadRecipientInfos(
authData.RecipientInfos, contentOctets, null, macAlg, null);
this.authAttrs = authData.AuthAttrs;
this.recipientInfoStore = new RecipientInformationStore(infos);
this.unauthAttrs = authData.UnauthAttrs;
}
public ListMessageResult ListMessages(AuthenticatedData data)
{
try
{
if (!data.Authenticate())
{
return(null);
}
using (var db = new CSSDataContext())
{
var messages = new List <IMessage>();
messages.AddRange(GroupMessage.GetGroupMessages(db, data.Username));
messages.AddRange(PersonalMessage.GetPrivateMessages(db, data.Username));
messages.AddRange(GroupMessage.GetGlobalMessages(db, data.Username));
//Re-insert messages into list since windows services
//don't seem to be able to handle objects wrapped in a baseclass.
//var result = messages
// .OrderByDescending(p => p.DateToSend)
// .Select(p => new BaseMessage()
//{
// Id = p.Id,
// Sender = p.Sender,
// Subject = p.Subject,
// Message = p.Message,
// DateCreated = p.DateToSend, //User doesn't actually have to know the date the message was created - only sent.
// DateToSend = p.DateToSend,
// DateExpires = p.DateExpires,
//}).ToList();
//return result;
ListMessageResult returnValue = new ListMessageResult();
returnValue.Messages = new List <ListMessageResult.ListMessage>();
messages.ForEach(p => returnValue.Messages.Add(new ListMessageResult.ListMessage()
{
DateCreated = p.DateCreated,
DateExpires = p.DateExpires,
DateToSend = p.DateToSend,
Id = p.Id,
Sender = p.Sender,
Subject = p.Subject,
Message = p.Message
}));
return(returnValue);
}
}
catch (Exception error)
{
Error.Write(error);
throw;
}
}
protected Stream Open(Stream outStr, AlgorithmIdentifier macAlgId, ICipherParameters cipherParameters, Asn1EncodableVector recipientInfos)
{
//IL_011d: Expected O, but got Unknown
try
{
BerSequenceGenerator berSequenceGenerator = new BerSequenceGenerator(outStr);
berSequenceGenerator.AddObject(CmsObjectIdentifiers.AuthenticatedData);
BerSequenceGenerator berSequenceGenerator2 = new BerSequenceGenerator(berSequenceGenerator.GetRawOutputStream(), 0, isExplicit: true);
berSequenceGenerator2.AddObject(new DerInteger(AuthenticatedData.CalculateVersion(null)));
Stream rawOutputStream = berSequenceGenerator2.GetRawOutputStream();
Asn1Generator asn1Generator = (_berEncodeRecipientSet ? ((Asn1Generator) new BerSetGenerator(rawOutputStream)) : ((Asn1Generator) new DerSetGenerator(rawOutputStream)));
global::System.Collections.IEnumerator enumerator = recipientInfos.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
Asn1Encodable obj = (Asn1Encodable)enumerator.get_Current();
asn1Generator.AddObject(obj);
}
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
asn1Generator.Close();
berSequenceGenerator2.AddObject(macAlgId);
BerSequenceGenerator berSequenceGenerator3 = new BerSequenceGenerator(rawOutputStream);
berSequenceGenerator3.AddObject(CmsObjectIdentifiers.Data);
Stream output = CmsUtilities.CreateBerOctetOutputStream(berSequenceGenerator3.GetRawOutputStream(), 0, isExplicit: false, _bufferSize);
IMac mac = MacUtilities.GetMac(macAlgId.Algorithm);
mac.Init(cipherParameters);
Stream macStream = (Stream)(object)new TeeOutputStream(output, (Stream)(object)new MacOutputStream(mac));
return((Stream)(object)new CmsAuthenticatedDataOutputStream(macStream, mac, berSequenceGenerator, berSequenceGenerator2, berSequenceGenerator3));
}
catch (SecurityUtilityException e)
{
throw new CmsException("couldn't create cipher.", e);
}
catch (InvalidKeyException e2)
{
throw new CmsException("key invalid in message.", e2);
}
catch (IOException val)
{
IOException e3 = val;
throw new CmsException("exception decoding algorithm parameters.", (global::System.Exception)(object) e3);
}
}
public CmsAuthenticatedData(ContentInfo contentInfo)
{
this.contentInfo = contentInfo;
AuthenticatedData instance = AuthenticatedData.GetInstance(contentInfo.Content);
Asn1Set recipientInfos = instance.RecipientInfos;
macAlg = instance.MacAlgorithm;
ContentInfo encapsulatedContentInfo = instance.EncapsulatedContentInfo;
CmsReadable readable = new CmsProcessableByteArray(Asn1OctetString.GetInstance(encapsulatedContentInfo.Content).GetOctets());
CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsAuthenticatedSecureReadable(macAlg, readable);
recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(recipientInfos, secureReadable);
authAttrs = instance.AuthAttrs;
mac = instance.Mac.GetOctets();
unauthAttrs = instance.UnauthAttrs;
}
public List <Poll> ListPolls(AuthenticatedData data)
{
try
{
if (!data.Authenticate())
{
return(null);
}
return(Poll.FindActivePolls(data.Username));
}
catch (Exception error)
{
Error.Write(error);
throw;
}
}
public void Logout(AuthenticatedData data)
{
try
{
if (!data.Authenticate())
{
return;
}
Validation.EndSession(data.Username, data.Password);
}
catch (Exception error)
{
Error.Write(error);
throw;
}
}
public List <Ban> ListBans(AuthenticatedData data, string alias)
{
try
{
if (!data.Authenticate(RoleType.Moderator, RoleType.ZoneLeader, RoleType.Administrator, RoleType.SuperAdministrator))
{
throw new AuthenticationException();
}
return(BanData.ListBans(alias));
}
catch (Exception error)
{
Error.Write(error);
throw;
}
}
public async Task <ActionResult> LoginUser(LoginViewModel loginData)
{
var user = await this.db.Users.FirstOrDefaultAsync(f => f.Username == loginData.Username);
if (user == null)
{
return(BadRequest(new { Message = "User does not exist" }));
}
var verificationResult = new PasswordHasher <User>().VerifyHashedPassword(user, user.HashedPassword, loginData.Password);
if (verificationResult == PasswordVerificationResult.Success)
{
var expirationTime = DateTime.UtcNow.AddHours(10);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim("id", user.Id.ToString())
}),
Expires = expirationTime,
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(Encoding.ASCII.GetBytes("bRhYJRlZvBj2vW4MrV5HVdPgIE6VMtCFB0kTtJ1m")),
SecurityAlgorithms.HmacSha256Signature
)
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor));
var rv = new AuthenticatedData
{
FullName = user.FullName,
Token = token,
UserId = user.Id,
Username = user.Username
};
return(Ok(rv));
}
else
{
return(BadRequest(new { message = "Wrong password" }));
}
}
public List <BanType> ListInfractionTypes(AuthenticatedData data)
{
try
{
if (!data.Authenticate(RoleType.Administrator, RoleType.ZoneLeader, RoleType.Moderator, RoleType.SuperAdministrator))
{
throw new AuthenticationException();
}
using (var db = new CSSDataContext())
{
return(db.BanTypes.ToList());
}
}
catch (Exception error)
{
Error.Write(error);
throw;
}
}
public List <Alias> ListAliases(AuthenticatedData data, string alias)
{
try
{
if (!data.Authenticate(RoleType.Administrator, RoleType.ZoneLeader, RoleType.SuperAdministrator))
{
throw new AuthenticationException();
}
using (var db = new CSSDataContext())
{
return(Alias.ListAliases(db, alias));
}
}
catch (Exception error)
{
Error.Write(error);
throw;
}
}
protected Stream Open(Stream outStr, AlgorithmIdentifier macAlgId, ICipherParameters cipherParameters, Asn1EncodableVector recipientInfos)
{
Stream result;
try
{
BerSequenceGenerator berSequenceGenerator = new BerSequenceGenerator(outStr);
berSequenceGenerator.AddObject(CmsObjectIdentifiers.AuthenticatedData);
BerSequenceGenerator berSequenceGenerator2 = new BerSequenceGenerator(berSequenceGenerator.GetRawOutputStream(), 0, true);
berSequenceGenerator2.AddObject(new DerInteger(AuthenticatedData.CalculateVersion(null)));
Stream rawOutputStream = berSequenceGenerator2.GetRawOutputStream();
Asn1Generator asn1Generator = this._berEncodeRecipientSet ? new BerSetGenerator(rawOutputStream) : new DerSetGenerator(rawOutputStream);
foreach (Asn1Encodable obj in recipientInfos)
{
asn1Generator.AddObject(obj);
}
asn1Generator.Close();
berSequenceGenerator2.AddObject(macAlgId);
BerSequenceGenerator berSequenceGenerator3 = new BerSequenceGenerator(rawOutputStream);
berSequenceGenerator3.AddObject(CmsObjectIdentifiers.Data);
Stream output = CmsUtilities.CreateBerOctetOutputStream(berSequenceGenerator3.GetRawOutputStream(), 0, false, this._bufferSize);
IMac mac = MacUtilities.GetMac(macAlgId.ObjectID);
mac.Init(cipherParameters);
Stream macStream = new TeeOutputStream(output, new MacOutputStream(mac));
result = new CmsAuthenticatedDataStreamGenerator.CmsAuthenticatedDataOutputStream(macStream, mac, berSequenceGenerator, berSequenceGenerator2, berSequenceGenerator3);
}
catch (SecurityUtilityException e)
{
throw new CmsException("couldn't create cipher.", e);
}
catch (InvalidKeyException e2)
{
throw new CmsException("key invalid in message.", e2);
}
catch (IOException e3)
{
throw new CmsException("exception decoding algorithm parameters.", e3);
}
return(result);
}
protected Stream Open(
Stream outStr,
AlgorithmIdentifier macAlgId,
ICipherParameters cipherParameters,
Asn1EncodableVector recipientInfos)
{
try
{
//
// ContentInfo
//
BerSequenceGenerator cGen = new BerSequenceGenerator(outStr);
cGen.AddObject(CmsObjectIdentifiers.AuthenticatedData);
//
// Authenticated Data
//
BerSequenceGenerator authGen = new BerSequenceGenerator(
cGen.GetRawOutputStream(), 0, true);
authGen.AddObject(new DerInteger(AuthenticatedData.CalculateVersion(null)));
Stream authRaw = authGen.GetRawOutputStream();
Asn1Generator recipGen = _berEncodeRecipientSet
? (Asn1Generator) new BerSetGenerator(authRaw)
: new DerSetGenerator(authRaw);
foreach (Asn1Encodable ae in recipientInfos)
{
recipGen.AddObject(ae);
}
recipGen.Close();
authGen.AddObject(macAlgId);
BerSequenceGenerator eiGen = new BerSequenceGenerator(authRaw);
eiGen.AddObject(CmsObjectIdentifiers.Data);
Stream octetOutputStream = CmsUtilities.CreateBerOctetOutputStream(
eiGen.GetRawOutputStream(), 0, false, _bufferSize);
IMac mac = MacUtilities.GetMac(macAlgId.ObjectID);
// TODO Confirm no ParametersWithRandom needed
mac.Init(cipherParameters);
Stream mOut = new TeeOutputStream(octetOutputStream, new MacOutputStream(mac));
return new CmsAuthenticatedDataOutputStream(mOut, mac, cGen, authGen, eiGen);
}
catch (SecurityUtilityException e)
{
throw new CmsException("couldn't create cipher.", e);
}
catch (InvalidKeyException e)
{
throw new CmsException("key invalid in message.", e);
}
catch (IOException e)
{
throw new CmsException("exception decoding algorithm parameters.", e);
}
}
static void Main()
{
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
//Application.Run(new MainForm());
// for the prototype, we're accepting untrusted server certificates
ServicePointManager.ServerCertificateValidationCallback
= new RemoteCertificateValidationCallback(ValidateServerCertificate);
AuthenticatedData.SetLogin("Orion", Hash("Test"));
using (var auth = new ClientService())
{
//Retrieve AutoUpdate data
AutoUpdateClient.Check(auth);
//Login, and then perform initial check-in
Console.WriteLine("Logging in. {0}", DateTime.Now);
Assembly blackbox = null;
var loginResult = auth.Login(new LoginData()
{
Alias = "Orion"
});
Console.WriteLine("Login Status: {0} - {1}", loginResult.Status, DateTime.Now);
if (loginResult.Status != LoginStatus.Authenticated)
{
return;
}
//Retrieve all messages for this login
ReceiveMessages();
ReceivePolls();
blackbox = Assembly.Load(loginResult.BlackboxData);
var validatorType = blackbox.GetType("Allegiance.CommunitySecuritySystem.Blackbox.Validator");
var machineInfoType = blackbox.GetType("Allegiance.CommunitySecuritySystem.Blackbox.MachineInformation");
var machineInfo = Activator.CreateInstance(machineInfoType);
GatherMachineInfo(machineInfoType, machineInfo);
var method = validatorType.GetMethod("Check", BindingFlags.Static | BindingFlags.Public);
var results = method.Invoke(null, new object[] { machineInfo }) as byte[];
var checkInResult = auth.CheckIn(new CheckInData()
{
SessionIdSpecified = false,
EncryptedData = results,
});
Console.WriteLine("Initial Check-In Status: {0} - {1}", checkInResult.Status, DateTime.Now);
}
}
/// <summary>
/// Checks to see if the user's credentials are stored from a previous session
/// </summary>
public static bool CheckLogin()
{
//Initialize LoginData
return(AuthenticatedData.CheckLoginData());
}
/// <summary>
/// Verifies that the input username and password are correct
/// </summary>
public static void LauncherSignIn(string username, string password, LauncherSignInCompleteDelegate finished)
{
bool updatePersistedCredentials = String.IsNullOrEmpty(username) == false && String.IsNullOrEmpty(password) == false;
if (updatePersistedCredentials == true)
{
AuthenticatedData.SetLogin(username, password);
}
TaskHandler.RunTask(delegate() {
LauncherSignInResult result = new LauncherSignInResult();
try
{
LoginResult blackBoxData = Service.GetBlackBoxForUser(new LoginData()
{
Alias = AuthenticatedData.PersistedUser,
LobbyId = null,
LobbyIdSpecified = false,
Password = AuthenticatedData.PersistedPass,
SessionId = 0,
SessionIdSpecified = false,
Username = AuthenticatedData.PersistedUser
});
if (blackBoxData.Status == LoginStatus.Authenticated)
{
Log.Write("ServiceHandler::LauncherSignIn() - Data received for: " + AuthenticatedData.PersistedUser + ", data length: " + blackBoxData.BlackboxData.Length);
string message = null;
string ticket = null;
var checkInStatus = SessionNegotiator.ValidateLogin(blackBoxData.BlackboxData, ref message, ref ticket);
if (checkInStatus != CheckInStatus.Ok && checkInStatus != CheckInStatus.AccountLinked)
{
result.Status = checkInStatus;
result.StatusSpecified = true;
result.LinkedAccount = String.Empty;
}
else
{
// Attempt to verify the login credentials
result = Service.LauncherSignIn(new LauncherSignInData());
}
}
else
{
switch (blackBoxData.Status)
{
case LoginStatus.AccountLocked:
result.Status = CheckInStatus.AccountLocked;
break;
case LoginStatus.InvalidCredentials:
result.Status = CheckInStatus.InvalidCredentials;
break;
case LoginStatus.PermissionDenied:
result.Status = CheckInStatus.PermissionDenied;
break;
default:
throw new NotSupportedException(blackBoxData.Status.ToString());
}
result.StatusSpecified = true;
result.LinkedAccount = String.Empty;
}
}
catch (Exception error)
{
result = new LauncherSignInResult()
{
Status = CheckInStatus.Timeout,
StatusSpecified = false
};
Log.Write(error);
}
if (result.StatusSpecified == true && result.Status == CheckInStatus.Ok)
{
DataStore.Callsigns = null;
if (updatePersistedCredentials == true)
{
AuthenticatedData.PersistLogin(username, AuthenticatedData.PersistedPass);
}
}
finished(result);
});
}
