public void OnPostSearch() { String Search_User = Request.Form["Search_User"]; String Exception = ""; Boolean CheckConnection = MyOwnMySQLConnectionClass.LoadConnection(ref Exception); MySqlCommand MySQLQuery = new MySqlCommand(); MySqlDataReader RecordReader; String Requestor_1 = ""; String Current_User = HttpContext.Session.GetString("User_Name"); OtherUserList = new List <String> { }; IDList = new List <String> { }; if (Search_User != null) { MySQLQuery.CommandText = "SELECT `Requestor_1`,`ID` FROM `DF_Public_Key` WHERE `Requestor_1`=@Current_User AND `Status`=@Status AND `Requestor_2` LIKE '%@Search_User%' LIMIT 50"; MySQLQuery.Parameters.Add("@Search_User", MySqlDbType.Text).Value = Search_User; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Parameters.Add("@Status", MySqlDbType.Text).Value = "R1 & R2 had established keys respectively"; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); RecordReader = MySQLQuery.ExecuteReader(); while (RecordReader.Read()) { Requestor_1 = RecordReader.GetValue(0).ToString(); OtherUserList.Add(Requestor_1); IDList.Add(RecordReader.GetValue(1).ToString()); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); CheckConnection = MyOwnMySQLConnectionClass.LoadConnection(ref Exception); MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT `Requestor_2`,`ID` FROM `DF_Public_Key` WHERE `Requestor_2`=@Current_User AND `Status`=@Status AND `Requestor_1` LIKE '%@Search_User%' LIMIT 50"; MySQLQuery.Parameters.Add("@Search_User", MySqlDbType.Text).Value = Search_User; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Parameters.Add("@Status", MySqlDbType.Text).Value = "R1 & R2 had established keys respectively"; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); RecordReader = MySQLQuery.ExecuteReader(); while (RecordReader.Read()) { Requestor_1 = RecordReader.GetValue(0).ToString(); OtherUserList.Add(Requestor_1); IDList.Add(RecordReader.GetValue(1).ToString()); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); HttpContext.Session.SetString("Search_User", Search_User); HttpContext.Session.SetString("Chat_OFFSET", (50).ToString()); } }
public void OnGet() { String Exception = ""; Boolean CheckConnection = MyOwnMySQLConnectionClass.LoadConnection(ref Exception); MySqlCommand MySQLQuery = new MySqlCommand(); MySqlDataReader RecordReader; String Requestor_1 = ""; String Current_User = HttpContext.Session.GetString("User_Name"); MySQLQuery.CommandText = "SELECT COUNT(*) FROM `DF_Public_Key` WHERE `Requestor_1`=@Current_User OR `Requestor_2`=@Current_User AND `Status`=@Status"; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Parameters.Add("@Status", MySqlDbType.Text).Value = "R1 & R2 had established keys respectively"; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); OtherUserCount = int.Parse(MySQLQuery.ExecuteScalar().ToString()); MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT `Requestor_1`,`Requestor_2`,`ID` FROM `DF_Public_Key` WHERE `Requestor_1`=@Current_User OR `Requestor_2`=@Current_User AND `Status`=@Status LIMIT 50"; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Parameters.Add("@Status", MySqlDbType.Text).Value = "R1 & R2 had established keys respectively"; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); RecordReader = MySQLQuery.ExecuteReader(); while (RecordReader.Read()) { Requestor_1 = RecordReader.GetValue(0).ToString(); if (Requestor_1.CompareTo(Current_User) != 0) { OtherUserList.Add(Requestor_1); } else { OtherUserList.Add(RecordReader.GetValue(1).ToString()); } IDList.Add(RecordReader.GetValue(2).ToString()); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); }
public void OnGet() { String PrivateKeyString = HttpContext.Session.GetString("PrivateKeyString"); String PublicKeyString = ""; String ID = HttpContext.Session.GetString("Chat_ID"); String Exception = ""; Boolean CheckConnection = MyOwnMySQLConnectionClass.LoadConnection(ref Exception); MySqlCommand MySQLQuery = new MySqlCommand(); MySqlDataReader RecordReader; List <BigInteger> MessageIntList = new List <BigInteger> { }; List <BigInteger> SaltIntList = new List <BigInteger> { }; List <BigInteger> NonceIntList = new List <BigInteger> { }; Byte[] CurrentMessageByte = new Byte[] { }; Byte[] CurrentSaltByte = new Byte[] { }; Byte[] CurrentNonceByte = new Byte[] { }; Byte[] PrivateKeyByte = new Byte[] { }; Byte[] PublicKeyByte = new Byte[] { }; Byte[] SharedSecretByte = new Byte[] { }; Byte[] DerivedKeyByte = new Byte[] { }; Byte[] DecryptedMessageByte = new Byte[] { }; BigInteger PrivateKey = 0; BigInteger PublicKey = 0; BigInteger DerivedKeyInt = 0; int Loop = 0; int Checker = 0; long OUTPUT_LENGTH = 32; Current_User = HttpContext.Session.GetString("User_Name"); if (PrivateKeyString != null && ID != null && Current_User != null) { MySQLQuery.CommandText = "SELECT COUNT(*) FROM `DF_Public_Key` WHERE `Requestor_1`=@Current_User AND `ID`=@ID"; MySQLQuery.Parameters.Add("@ID", MySqlDbType.Text).Value = ID; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); Checker = int.Parse(MySQLQuery.ExecuteScalar().ToString()); if (Checker == 1) { MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT `Requestor_2_PK`,`Requestor_2` FROM `DF_Public_Key` WHERE `Requestor_1`=@Current_User AND `ID`=@ID"; MySQLQuery.Parameters.Add("@ID", MySqlDbType.Text).Value = ID; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); RecordReader = MySQLQuery.ExecuteReader(); while (RecordReader.Read()) { PublicKeyString = RecordReader.GetValue(0).ToString(); Other_User = RecordReader.GetValue(1).ToString(); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); } else { MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT `Requestor_1_PK`,`Requestor_1` FROM `DF_Public_Key` WHERE `Requestor_2`=@Current_User AND `ID`=@ID"; MySQLQuery.Parameters.Add("@ID", MySqlDbType.Text).Value = ID; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); RecordReader = MySQLQuery.ExecuteReader(); while (RecordReader.Read()) { PublicKeyString = RecordReader.GetValue(0).ToString(); Other_User = RecordReader.GetValue(1).ToString(); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); } CheckConnection = MyOwnMySQLConnectionClass.LoadConnection(ref Exception); PublicKey = BigInteger.Parse(PublicKeyString); PublicKeyByte = PublicKey.ToByteArray(); PrivateKey = BigInteger.Parse(PrivateKeyString); PrivateKeyByte = PrivateKey.ToByteArray(); SharedSecretByte = ScalarMult.Mult(PrivateKeyByte, PublicKeyByte); MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT COUNT(*) FROM `Chat_Message` WHERE `FK_ID`=@FK_ID"; MySQLQuery.Parameters.Add("@FK_ID", MySqlDbType.Text).Value = ID; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); Current_Count = int.Parse(MySQLQuery.ExecuteScalar().ToString()); MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "UPDATE `Chat_Message` SET `Receiver_Status`=@Receiver_Status WHERE `FK_ID`=@FK_ID AND `Receiver_Status`!=@Receiver_Status AND `Sender_Name`!=@Current_User"; MySQLQuery.Parameters.Add("@FK_ID", MySqlDbType.Text).Value = ID; MySQLQuery.Parameters.Add("@Receiver_Status", MySqlDbType.Text).Value = "Received"; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); MySQLQuery.ExecuteNonQuery(); MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT `Salt`,`Nonce`,`Message`,`Sender_Name`,`Receiver_Status` FROM `Chat_Message` WHERE `FK_ID`=@FK_ID"; MySQLQuery.Parameters.Add("@FK_ID", MySqlDbType.Text).Value = ID; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); RecordReader = MySQLQuery.ExecuteReader(); while (RecordReader.Read()) { SaltIntList.Add(BigInteger.Parse(RecordReader.GetValue(0).ToString())); NonceIntList.Add(BigInteger.Parse(RecordReader.GetValue(1).ToString())); MessageIntList.Add(BigInteger.Parse(RecordReader.GetValue(2).ToString())); Sender_NameList.Add(RecordReader.GetValue(3).ToString()); Receiver_StatusList.Add(RecordReader.GetValue(4).ToString()); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); Loop = 0; while (Loop < SaltIntList.Count) { CurrentSaltByte = SaltIntList[Loop].ToByteArray(); CurrentNonceByte = NonceIntList[Loop].ToByteArray(); CurrentMessageByte = MessageIntList[Loop].ToByteArray(); if (Loop == 0) { DerivedKeyByte = PasswordHash.ArgonHashBinary(SharedSecretByte, CurrentSaltByte, PasswordHash.StrengthArgon.Medium, OUTPUT_LENGTH, PasswordHash.ArgonAlgorithm.Argon_2ID13); } else { DerivedKeyByte = PasswordHash.ArgonHashBinary(DerivedKeyByte, CurrentSaltByte, PasswordHash.StrengthArgon.Medium, OUTPUT_LENGTH, PasswordHash.ArgonAlgorithm.Argon_2ID13); } DecryptedMessageByte = SecretBox.Open(CurrentMessageByte, CurrentNonceByte, DerivedKeyByte); Message_List.Add(Encoding.UTF8.GetString(DecryptedMessageByte)); Loop += 1; } HttpContext.Session.SetString("CurrentCount", Current_Count.ToString()); if (aTimer == null) { SetRefreshTimer(); } } }
public void OnPost() { String PrivateKeyString = HttpContext.Session.GetString("PrivateKeyString"); String ID = HttpContext.Session.GetString("Chat_ID"); String Current_User = HttpContext.Session.GetString("User_Name"); String Chat_Message = Request.Form["Chat_Message"]; String Exception = ""; Boolean CheckConnection = MyOwnMySQLConnectionClass.LoadConnection(ref Exception); MySqlCommand MySQLQuery = new MySqlCommand(); MySqlDataReader PublicKeyStringReader; MySqlDataReader RecordReader; String PublicKeyString = ""; BigInteger PrivateKey = 0; BigInteger Nonce = 0; BigInteger PublicKey = 0; BigInteger MessageInt = 0; BigInteger SaltInt = 0; Byte[] NonceByte = new Byte[] { }; Byte[] PrivateKeyByte = new Byte[] { }; Byte[] PublicKeyByte = new Byte[] { }; Byte[] SharedSecretByte = new Byte[] { }; Byte[] MessageByte = new Byte[] { }; Byte[] SaltByte = new Byte[] { }; Byte[] NewKeyByte = new Byte[] { }; int Checker = 0; int Count = 1; long OUTPUT_LENGTH = 32; if (Chat_Message != null) { MySQLQuery.CommandText = "SELECT COUNT(*) FROM `DF_Public_Key` WHERE `Requestor_1`=@Current_User AND `ID`=@ID"; MySQLQuery.Parameters.Add("@ID", MySqlDbType.Text).Value = ID; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); Checker = int.Parse(MySQLQuery.ExecuteScalar().ToString()); if (Checker == 1) { MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT `Requestor_2_PK` FROM `DF_Public_Key` WHERE `Requestor_1`=@Current_User AND `ID`=@ID"; MySQLQuery.Parameters.Add("@ID", MySqlDbType.Text).Value = ID; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); PublicKeyStringReader = MySQLQuery.ExecuteReader(); while (PublicKeyStringReader.Read()) { PublicKeyString = PublicKeyStringReader.GetValue(0).ToString(); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); } else { MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT `Requestor_1_PK` FROM `DF_Public_Key` WHERE `Requestor_2`=@Current_User AND `ID`=@ID"; MySQLQuery.Parameters.Add("@ID", MySqlDbType.Text).Value = ID; MySQLQuery.Parameters.Add("@Current_User", MySqlDbType.Text).Value = Current_User; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); PublicKeyStringReader = MySQLQuery.ExecuteReader(); while (PublicKeyStringReader.Read()) { PublicKeyString = PublicKeyStringReader.GetValue(0).ToString(); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); } CheckConnection = MyOwnMySQLConnectionClass.LoadConnection(ref Exception); PublicKey = BigInteger.Parse(PublicKeyString); PublicKeyByte = PublicKey.ToByteArray(); PrivateKey = BigInteger.Parse(PrivateKeyString); PrivateKeyByte = PrivateKey.ToByteArray(); SharedSecretByte = ScalarMult.Mult(PrivateKeyByte, PublicKeyByte); MySQLQuery = new MySqlCommand(); Checker = 0; MySQLQuery.CommandText = "SELECT COUNT(*) FROM `Chat_Message` WHERE `FK_ID`=@ID"; MySQLQuery.Parameters.Add("@ID", MySqlDbType.Text).Value = ID; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); Checker = int.Parse(MySQLQuery.ExecuteScalar().ToString()); if (Checker != 0) { MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "SELECT `Salt` FROM `Chat_Message` WHERE `FK_ID`=@ID"; MySQLQuery.Parameters.Add("@ID", MySqlDbType.Text).Value = ID; MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); RecordReader = MySQLQuery.ExecuteReader(); while (RecordReader.Read()) { SaltInt = BigInteger.Parse(RecordReader.GetValue(0).ToString()); SaltByte = SaltInt.ToByteArray(); if (Count == 1) { NewKeyByte = PasswordHash.ArgonHashBinary(SharedSecretByte, SaltByte, PasswordHash.StrengthArgon.Medium, OUTPUT_LENGTH, PasswordHash.ArgonAlgorithm.Argon_2ID13); } else { NewKeyByte = PasswordHash.ArgonHashBinary(NewKeyByte, SaltByte, PasswordHash.StrengthArgon.Medium, OUTPUT_LENGTH, PasswordHash.ArgonAlgorithm.Argon_2ID13); } Count += 1; } } if (NewKeyByte.Length == 0) { SaltByte = PasswordHash.ArgonGenerateSalt(); NewKeyByte = PasswordHash.ArgonHashBinary(SharedSecretByte, SaltByte, PasswordHash.StrengthArgon.Medium, OUTPUT_LENGTH, PasswordHash.ArgonAlgorithm.Argon_2ID13); SaltInt = new BigInteger(SaltByte); NonceByte = SecretBox.GenerateNonce(); MessageByte = SecretBox.Create(Encoding.UTF8.GetBytes(Chat_Message), NonceByte, NewKeyByte); MessageInt = new BigInteger(MessageByte); Nonce = new BigInteger(NonceByte); } else { SaltByte = PasswordHash.ArgonGenerateSalt(); NewKeyByte = PasswordHash.ArgonHashBinary(NewKeyByte, SaltByte, PasswordHash.StrengthArgon.Medium, OUTPUT_LENGTH, PasswordHash.ArgonAlgorithm.Argon_2ID13); SaltInt = new BigInteger(SaltByte); NonceByte = SecretBox.GenerateNonce(); MessageByte = SecretBox.Create(Encoding.UTF8.GetBytes(Chat_Message), NonceByte, NewKeyByte); MessageInt = new BigInteger(MessageByte); Nonce = new BigInteger(NonceByte); } MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); CheckConnection = MyOwnMySQLConnectionClass.LoadConnection(ref Exception); MySQLQuery = new MySqlCommand(); MySQLQuery.CommandText = "INSERT INTO `Chat_Message`(`FK_ID`,`Message`,`Sender_Name`,`Receiver_Status`,`Salt`,`Nonce`) VALUES (@FK_ID,@Message,@Sender_Name,@Receiver_Status,@Salt,@Nonce)"; MySQLQuery.Parameters.Add("@FK_ID", MySqlDbType.Text).Value = ID; MySQLQuery.Parameters.Add("@Message", MySqlDbType.Text).Value = MessageInt.ToString(); MySQLQuery.Parameters.Add("@Sender_Name", MySqlDbType.Text).Value = Current_User; MySQLQuery.Parameters.Add("@Receiver_Status", MySqlDbType.Text).Value = "Sent"; MySQLQuery.Parameters.Add("@Salt", MySqlDbType.Text).Value = SaltInt.ToString(); MySQLQuery.Parameters.Add("@Nonce", MySqlDbType.Text).Value = Nonce.ToString(); MySQLQuery.Connection = MyOwnMySQLConnectionClass.MyMySQLConnection; MySQLQuery.Prepare(); MySQLQuery.ExecuteNonQuery(); MyOwnMySQLConnectionClass.MyMySQLConnection.Close(); Determiner = 0; if (Determiner == 0 && ConfirmationTimer == null) { SetConfirmationTimer(); } } }