/// <summary>
/// Initializes a new instance of the RijndaelUnmanagedTransform class.
/// </summary>
/// <param name="algorithm">One of the <see cref="CryptoAlgorithm"/> values.</param>
/// <param name="method">One of the <see cref="CryptoMethod"/> values.</param>
/// <param name="key">The key to use.</param>
/// <param name="iv">The IV to use.</param>
/// <param name="mode">One of the <see cref="CipherMode"/> values.</param>
/// <param name="feedback">The feedback size of the cryptographic operation in bits.</param>
/// <param name="padding">One of the <see cref="PaddingMode"/> values.</param>
public RijndaelUnmanagedTransform(CryptoAlgorithm algorithm, CryptoMethod method, byte[] key, byte[] iv, CipherMode mode, int feedback, PaddingMode padding) {
m_Key = new SymmetricKey(CryptoProvider.RsaAes, algorithm, key);
m_Key.IV = iv;
m_Key.Mode = mode;
if (mode == CipherMode.CFB)
m_Key.FeedbackSize = feedback;
m_Key.Padding = padding;
m_BlockSize = 128;
m_Method = method;
}
/// <summary>
/// Initializes a new instance of the RijndaelUnmanagedTransform class.
/// </summary>
/// <param name="algorithm">One of the <see cref="CryptoAlgorithm"/> values.</param>
/// <param name="method">One of the <see cref="CryptoMethod"/> values.</param>
/// <param name="key">The key to use.</param>
/// <param name="iv">The IV to use.</param>
/// <param name="mode">One of the <see cref="CipherMode"/> values.</param>
/// <param name="feedback">The feedback size of the cryptographic operation in bits.</param>
/// <param name="padding">One of the <see cref="PaddingMode"/> values.</param>
public RijndaelUnmanagedTransform(CryptoAlgorithm algorithm, CryptoMethod method, byte[] key, byte[] iv, CipherMode mode, int feedback, PaddingMode padding)
{
m_Key = new SymmetricKey(CryptoProvider.RsaAes, algorithm, key);
m_Key.IV = iv;
m_Key.Mode = mode;
if (mode == CipherMode.CFB)
{
m_Key.FeedbackSize = feedback;
}
m_Key.Padding = padding;
m_BlockSize = 128;
m_Method = method;
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var checkuser = CheckUser.IsUserExist(context.UserName);
if (checkuser != null)
{
var password = CryptoMethod.Hash(context.Password);
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
if (context.UserName == checkuser.user_name && password == checkuser.Password)
{
if (checkuser.role_name == "admin" && checkuser.isEmailVerified == true)
{
identity.AddClaim(new Claim(ClaimTypes.Role, checkuser.role_name));
identity.AddClaim(new Claim(checkuser.user_name, checkuser.role_name));
identity.AddClaim(new Claim(ClaimTypes.Name, checkuser.first_name));
identity.AddClaim(new Claim(ClaimTypes.Sid, checkuser.user_id.ToString()));
identity.AddClaim(new Claim(ClaimTypes.Email, checkuser.email_id));
try
{
context.Validated(identity);
}
catch (Exception e)
{
throw e;
}
}
else if (checkuser.role_name == "customers" && checkuser.isEmailVerified == true)
{
identity.AddClaim(new Claim(ClaimTypes.Role, checkuser.role_name));
identity.AddClaim(new Claim(checkuser.user_name, checkuser.role_name));
identity.AddClaim(new Claim(ClaimTypes.Name, checkuser.first_name + " " + checkuser.last_name));
identity.AddClaim(new Claim(ClaimTypes.Sid, checkuser.user_id.ToString()));
identity.AddClaim(new Claim(ClaimTypes.Email, checkuser.email_id));
context.Validated(identity);
}
}
}
else
{
context.SetError("Invalid Grant Check", "Provided username and password is incorrect");
}
}
public string UserRegistration(UserViewModel model)
{
var emailExist = IsExistEmail(model.email_id);
if (!emailExist)
{
var user = new UserViewModel()
{
user_name = model.user_name,
first_name = model.first_name,
last_name = model.last_name,
email_id = model.email_id,
//dateofbirth = model.dateofbirth,
Password = CryptoMethod.Hash(model.Password),
ActivationCode = Guid.NewGuid(),
isEmailVerified = model.isEmailVerified
};
string FriendList = "insert into users(user_name,first_name,last_name,email_id,password,isEmailVerified,ActivationCode) select '" + model.user_name + "','" + model.first_name + "','" + model.last_name + "','" + model.email_id + "','" + user.Password + "',0,'" + user.ActivationCode + "'";
var conn = db.ConnStrg();
int rowsAffected = conn.Execute(FriendList);
if (rowsAffected > 0)
{
SendVerificationLinkEmail(user.email_id, user.ActivationCode.ToString(), scheme, host, port);
return("Registration has been done,And Account activation link has been sent your email id:" + user.email_id);
}
else
{
return("Registration has been Faild");
}
}
// model.ActivationCode = Guid.NewGuid();
// model.IsEmailVerified = true; //TODO
//verify.SendVerificationLinkEmail("ok", "ok");
return("ok");
}
static SslStream OpenSslStream(Socket socket, string remoteHost, CryptoMethod cryptomethod)
{
var sslstream = new SslStream(new NetworkStream(socket, System.IO.FileAccess.ReadWrite, false), false,
null, //(sender, certificate, chain, sslPolicyErrors) => true,
null, //(sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers) => ??,
EncryptionPolicy.AllowNoEncryption);
// TODO: cryptomethod -> SslProtocols
try
{
sslstream.AuthenticateAsClient(remoteHost); // , , SslProtocols, );
}
catch (AuthenticationException ex)
{
PhpException.Throw(PhpError.Warning, ex.Message);
return(null);
}
return(sslstream);
}
private static byte[] Crypt(byte[] bytesToBeCryptography, byte[] passwordBytes, CryptoMethod method)
{
using (var ms = new MemoryStream())
{
using (var aes = new RijndaelManaged())
{
var key = new Rfc2898DeriveBytes(passwordBytes, SaltBytes, 1000);
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Key = key.GetBytes(aes.KeySize / 8);
aes.IV = key.GetBytes(aes.BlockSize / 8);
aes.Mode = CipherMode.CBC;
using (var cs = new CryptoStream(ms, method == CryptoMethod.Encrypt ? aes.CreateEncryptor() : aes.CreateDecryptor(), CryptoStreamMode.Write))
{
cs.Write(bytesToBeCryptography, 0, bytesToBeCryptography.Length);
cs.Close();
}
return(ms.ToArray());
}
}
}
/// <summary>
/// Turns encryption on/off on an already connected socket
/// </summary>
/// <param name="stream">The stream resource.</param>
/// <param name="enable">Enable/disable cryptography on the stream.</param>
/// <param name="crypto_method">Encryption on the stream. If omitted, the <c>crypto_method</c> context option on the stream's SSL context will be used instead.</param>
/// <param name="session_stream">Seed the stream with settings from session_stream.</param>
/// <returns>Returns TRUE on success, FALSE if negotiation has failed or 0 if there isn't enough data and you should try again (only for non-blocking sockets).</returns>
public static PhpValue /*int|bool*/ stream_socket_enable_crypto(PhpResource stream, bool enable, CryptoMethod crypto_method = default, PhpResource session_stream = null)
{
var s = SocketStream.GetValid(stream);
if (s == null)
{
return(false);
}
if (enable && s.SslStream == null)
{
s.SslStream = OpenSslStream(s.Socket, s.OpenedPath /*=RemoteHost*/, crypto_method);
return(s.SslStream != null);
}
else if (!enable && s.SslStream != null)
{
s.CloseSslStream();
return(true);
}
//
return(false);
}
public CryptoAttribute(CryptoMethod method)
{
Method = method;
}
public CryptoAttribute()
{
Method = CryptoMethod.MD5;
}
/// <summary>
/// Determine the set of keys to be used for encryption or decryption
/// </summary>
/// <param name="ciaHeader">NCSD header representing the 3DS CIA file</param>
/// <param name="ncchHeader">NCCH header representing the partition</param>
private void SetEncryptionKeys(CIAHeader ciaHeader, NCCHHeader ncchHeader)
{
ncchHeader.KeyX = 0;
ncchHeader.KeyX2C = decryptArgs.Development ? decryptArgs.DevKeyX0x2C : decryptArgs.KeyX0x2C;
// Backup headers can't have a KeyY value set
if (ncchHeader.RSA2048Signature != null)
{
ncchHeader.KeyY = new BigInteger(ncchHeader.RSA2048Signature.Take(16).Reverse().ToArray());
}
else
{
ncchHeader.KeyY = new BigInteger(0);
}
ncchHeader.NormalKey = 0;
ncchHeader.NormalKey2C = RotateLeft((RotateLeft(ncchHeader.KeyX2C, 2, 128) ^ ncchHeader.KeyY) + decryptArgs.AESHardwareConstant, 87, 128);
// TODO: Figure out what sane defaults for these values are
// Set the header to use based on mode
BitMasks masks = BitMasks.NoCrypto;
CryptoMethod method = CryptoMethod.Original;
if (decryptArgs.Encrypt)
{
// TODO: Can we actually re-encrypt a CIA?
//masks = ciaHeader.BackupHeader.Flags.BitMasks;
//method = ciaHeader.BackupHeader.Flags.CryptoMethod;
}
else
{
masks = ncchHeader.Flags.BitMasks;
method = ncchHeader.Flags.CryptoMethod;
}
if (masks.HasFlag(BitMasks.FixedCryptoKey))
{
ncchHeader.NormalKey = 0x00;
ncchHeader.NormalKey2C = 0x00;
Console.WriteLine("Encryption Method: Zero Key");
}
else
{
if (method == CryptoMethod.Original)
{
ncchHeader.KeyX = decryptArgs.Development ? decryptArgs.DevKeyX0x2C : decryptArgs.KeyX0x2C;
Console.WriteLine("Encryption Method: Key 0x2C");
}
else if (method == CryptoMethod.Seven)
{
ncchHeader.KeyX = decryptArgs.Development ? decryptArgs.DevKeyX0x25 : decryptArgs.KeyX0x25;
Console.WriteLine("Encryption Method: Key 0x25");
}
else if (method == CryptoMethod.NineThree)
{
ncchHeader.KeyX = decryptArgs.Development ? decryptArgs.DevKeyX0x18 : decryptArgs.KeyX0x18;
Console.WriteLine("Encryption Method: Key 0x18");
}
else if (method == CryptoMethod.NineSix)
{
ncchHeader.KeyX = decryptArgs.Development ? decryptArgs.DevKeyX0x1B : decryptArgs.KeyX0x1B;
Console.WriteLine("Encryption Method: Key 0x1B");
}
ncchHeader.NormalKey = RotateLeft((RotateLeft(ncchHeader.KeyX, 2, 128) ^ ncchHeader.KeyY) + decryptArgs.AESHardwareConstant, 87, 128);
}
}
