public AuthKeyNegotiator(
[NotNull] IClientTransportConfig clientTransportConfig,
[NotNull] IMTProtoClientBuilder mtProtoBuilder,
[NotNull] TLRig tlRig,
[NotNull] INonceGenerator nonceGenerator,
[NotNull] IHashServices hashServices,
[NotNull] IEncryptionServices encryptionServices,
[NotNull] IKeyChain keyChain)
{
Argument.IsNotNull(() => clientTransportConfig);
Argument.IsNotNull(() => mtProtoBuilder);
Argument.IsNotNull(() => tlRig);
Argument.IsNotNull(() => nonceGenerator);
Argument.IsNotNull(() => hashServices);
Argument.IsNotNull(() => encryptionServices);
Argument.IsNotNull(() => keyChain);
_clientTransportConfig = clientTransportConfig;
_mtProtoBuilder = mtProtoBuilder;
_tlRig = tlRig;
_nonceGenerator = nonceGenerator;
_hashServices = hashServices;
_encryptionServices = encryptionServices;
_keyChain = keyChain;
}
public JsonNode GenerateJsonObject(IEncryptionServices encryptionServices, string filePath, string pathSeparator)
{
JsonNode root = new JsonNode();
GenerateJsonObjectRecursive(root, filePath, this, encryptionServices, pathSeparator, pathSeparator);
return(root);
}
//private readonly ISignalRServices _signalRServices;
public UsersService(IUnitOfWork unitOfWork,
IMapper mapper,
IStringLocalizer stringLocalizer,
ISecurityService securityService,
IOptions <AppSettings> appSettings,
IEncryptionServices encryptionServices,
IHttpContextAccessor contextAccessor,
ICompatibleFrontendEncryption CompatibleFrontendEncryption,
ISessionServices sessionServices /*, ISignalRServices signalRServices*/) : base(unitOfWork, mapper, stringLocalizer, sessionServices)
{
_AppSettings = appSettings.Value;
_uow = base._UnitOfWork;
_uow.CheckArgumentIsNull(nameof(_uow));
_users = _uow.Repository <User>() as IUserRepository;
_userRoles = _uow.Repository <UserRole>() as IUserRoleRepository;
_securityService = securityService;
_securityService.CheckArgumentIsNull(nameof(_securityService));
_compatibleFrontendEncryption = CompatibleFrontendEncryption;
_compatibleFrontendEncryption.CheckArgumentIsNull(nameof(_compatibleFrontendEncryption));
_encryptionServices = encryptionServices;
_encryptionServices.CheckArgumentIsNull(nameof(_encryptionServices));
//_signalRServices = signalRServices;
//_signalRServices.CheckArgumentIsNull(nameof(_signalRServices));
_contextAccessor = contextAccessor;
_contextAccessor.CheckArgumentIsNull(nameof(_contextAccessor));
}
private static void ExtractFromJsonNodeRecursive(
IEncryptionServices encryptionServices,
List <FileNode> fileNodesList,
JsonNode jsonNodeParent,
string accumulatedPath,
string fileSeparator)
{
if (jsonNodeParent.isFile) //is a file node
{
fileNodesList.Add(new FileNode
{
RelativePath = accumulatedPath,
FileName = encryptionServices.DecryptToString(jsonNodeParent.name),
FileBytes = encryptionServices.DecryptToBytes(jsonNodeParent.file)
});
}
else // this is a directory.
{
foreach (var jsonNodeChild in jsonNodeParent.children)
{
ExtractFromJsonNodeRecursive(
encryptionServices,
fileNodesList,
jsonNodeChild,
$"{accumulatedPath}{encryptionServices.DecryptToString(jsonNodeParent.name)}{fileSeparator}",
fileSeparator);
}
}
}
public LoanServices(EmailManagerContext context, IEncryptionServices securityEncrypt,
IDecryptionServices decrypt, IEncryptionServices encrypt, IEmailService emailService)
{
this._context = context;
this._decrypt = decrypt;
this._encrypt = encrypt;
this._emailService = emailService;
}
public MembershipServices(IEntityBaseRepository <User> userRepository, IEntityBaseRepository <Role> roleRepository, IEntityBaseRepository <UserRole> userRoleRepository, IEncryptionServices encryptionServices, IUnitOfWork unitOfWork)
{
_userRepository = userRepository;
_roleRepository = roleRepository;
_userRoleRepository = userRoleRepository;
_encryptionServices = encryptionServices;
_unitOfWork = unitOfWork;
}
public FileServiceFactory(IHostingEnvironment env,
IEncryptionServices encryptionService,
AppDbContext context)
{
_env = env;
_encryptionService = encryptionService;
_context = context;
}
public AuthenticationServices(IBaseRepository <User> userRepository, IBaseRepository <UserRole> roleRepository,
IBaseRepository <UserRole> userRoleRepository, IEncryptionServices encryptionService)
{
_userRepository = userRepository;
_roleRepository = roleRepository;
_userRoleRepository = userRoleRepository;
_encryptionService = encryptionService;
}
/// <summary>
/// Initializes a new instance of the <see cref="EncryptedMessage" /> class from a whole message bytes, which contain
/// encrypted data.
/// </summary>
/// <param name="authKey">
/// Authorization Key a 2048-bit key shared by the client device and the server, created upon user
/// registration directly on the client device be exchanging Diffie-Hellman keys, and never transmitted over a network.
/// Each authorization key is user-specific. There is nothing that prevents a user from having several keys (that
/// correspond to “permanent sessions” on different devices), and some of these may be locked forever in the event the
/// device is lost.
/// </param>
/// <param name="messageBytes">Whole message bytes, which contain encrypted data.</param>
/// <param name="sender">Sender of the message.</param>
/// <param name="hashServices">Hash services.</param>
/// <param name="encryptionServices">Encryption services.</param>
public EncryptedMessage([NotNull] byte[] authKey, [NotNull] byte[] messageBytes, Sender sender, [NotNull] IHashServices hashServices,
[NotNull] IEncryptionServices encryptionServices)
{
Argument.IsNotNull(() => authKey);
Argument.IsNotNull(() => messageBytes);
Argument.IsNotNull(() => hashServices);
Argument.IsNotNull(() => encryptionServices);
ulong authKeyId = ComputeAuthKeyId(authKey, hashServices);
_messageBytes = messageBytes;
_length = _messageBytes.Length;
var encryptedData = new byte[_length - OuterHeaderLength];
using (var streamer = new TLStreamer(_messageBytes))
{
// Reading header.
_authKeyId = streamer.ReadUInt64();
if (_authKeyId != authKeyId)
{
throw new InvalidAuthKey(string.Format("Message encrypted with auth key with id={0}, but auth key provided for decryption with id={1}.", _authKeyId,
authKeyId));
}
_msgKey = streamer.ReadInt128();
// Reading encrypted data.
streamer.Read(encryptedData, 0, encryptedData.Length);
}
// Decrypting.
byte[] aesKey, aesIV;
ComputeAesKeyAndIV(authKey, _msgKey, out aesKey, out aesIV, hashServices, sender);
byte[] innerDataWithPadding = encryptionServices.Aes256IgeDecrypt(encryptedData, aesKey, aesIV);
using (var streamer = new TLStreamer(innerDataWithPadding))
{
_salt = streamer.ReadUInt64();
_sessionId = streamer.ReadUInt64();
_messageId = streamer.ReadUInt64();
_seqNumber = streamer.ReadUInt32();
_messageDataLength = streamer.ReadInt32();
_messageData = streamer.ReadBytes(_messageDataLength);
}
int innerDataLength = InnerHeaderLength + _messageDataLength;
// When an encrypted message is received, it must be checked that
// msg_key is in fact equal to the 128 lower-order bits
// of the SHA1 hash of the previously encrypted portion.
var msgKey = ComputeMsgKey(new ArraySegment <byte>(innerDataWithPadding, 0, innerDataLength), hashServices);
if (_msgKey != msgKey)
{
throw new InvalidMessageException(string.Format("Expected message key to be {0}, but actual is {1}.", _msgKey, msgKey));
}
}
/// <summary>
/// Initializes a new instance of the <see cref="EncryptedMessage" /> class from a plain inner message data.
/// </summary>
/// <param name="authKey">
/// Authorization Key a 2048-bit key shared by the client device and the server, created upon user
/// registration directly on the client device be exchanging Diffie-Hellman keys, and never transmitted over a network.
/// Each authorization key is user-specific. There is nothing that prevents a user from having several keys (that
/// correspond to “permanent sessions” on different devices), and some of these may be locked forever in the event the
/// device is lost.
/// </param>
/// <param name="salt">
/// Server Salt is a (random) 64-bit number periodically (say, every 24 hours) changed (separately for
/// each session) at the request of the server. All subsequent messages must contain the new salt (although, messages
/// with the old salt are still accepted for a further 300 seconds). Required to protect against replay attacks and
/// certain tricks associated with adjusting the client clock to a moment in the distant future.
/// </param>
/// <param name="sessionId">
/// Session is a (random) 64-bit number generated by the client to distinguish between individual sessions (for
/// example, between different instances of the application, created with the same authorization key). The session in
/// conjunction with the key identifier corresponds to an application instance. The server can maintain session state.
/// Under no circumstances can a message meant for one session be sent into a different session. The server may
/// unilaterally forget any client sessions; clients should be able to handle this.
/// </param>
/// <param name="messageId">
/// Message Identifier is a (time-dependent) 64-bit number used uniquely to identify a message within a session. Client
/// message identifiers are divisible by 4, server message identifiers modulo 4 yield 1 if the message is a response to
/// a client message, and 3 otherwise. Client message identifiers must increase monotonically (within a single
/// session), the same as server message identifiers, and must approximately equal unixtime*2^32. This way, a message
/// identifier points to the approximate moment in time the message was created. A message is rejected over 300 seconds
/// after it is created or 30 seconds before it is created (this is needed to protect from replay attacks). In this
/// situation, it must be re-sent with a different identifier (or placed in a container with a higher identifier). The
/// identifier of a message container must be strictly greater than those of its nested messages.
/// </param>
/// <param name="seqNumber">
/// Message Sequence Number is a 32-bit number equal to twice the number of “content-related” messages (those requiring
/// acknowledgment, and in particular those that are not containers) created by the sender prior to this message and
/// subsequently incremented by one if the current message is a content-related message. A container is always
/// generated after its entire contents; therefore, its sequence number is greater than or equal to the sequence
/// numbers of the messages contained in it.
/// </param>
/// <param name="messageData">Plain inner message data.</param>
/// <param name="sender">Sender of the message.</param>
/// <param name="hashServices">Hash services.</param>
/// <param name="encryptionServices">Encryption services.</param>
public EncryptedMessage([NotNull] byte[] authKey, ulong salt, ulong sessionId, ulong messageId, uint seqNumber, [NotNull] byte[] messageData, Sender sender,
[NotNull] IHashServices hashServices, [NotNull] IEncryptionServices encryptionServices)
{
Argument.IsNotNull(() => authKey);
Argument.IsNotNull(() => messageData);
Argument.IsNotNull(() => hashServices);
Argument.IsNotNull(() => encryptionServices);
_authKeyId = ComputeAuthKeyId(authKey, hashServices);
_salt = salt;
_sessionId = sessionId;
_messageId = messageId;
_seqNumber = seqNumber;
_messageData = (byte[])messageData.Clone();
_messageDataLength = _messageData.Length;
int innerDataLength = InnerHeaderLength + _messageDataLength;
int mod = innerDataLength % Alignment;
int paddingLength = mod > 0 ? Alignment - mod : 0;
int innerDataWithPaddingLength = innerDataLength + paddingLength;
_length = OuterHeaderLength + innerDataWithPaddingLength;
// Writing inner data.
var innerDataWithPadding = new byte[innerDataWithPaddingLength];
using (var streamer = new TLStreamer(innerDataWithPadding))
{
streamer.WriteUInt64(_salt);
streamer.WriteUInt64(_sessionId);
streamer.WriteUInt64(_messageId);
streamer.WriteUInt32(_seqNumber);
streamer.WriteInt32(_messageDataLength);
streamer.Write(_messageData);
streamer.WriteRandomData(paddingLength);
}
_msgKey = ComputeMsgKey(new ArraySegment <byte>(innerDataWithPadding, 0, innerDataLength), hashServices);
// Encrypting.
byte[] aesKey, aesIV;
ComputeAesKeyAndIV(authKey, _msgKey, out aesKey, out aesIV, hashServices, sender);
byte[] encryptedData = encryptionServices.Aes256IgeEncrypt(innerDataWithPadding, aesKey, aesIV);
Debug.Assert(encryptedData.Length == innerDataWithPaddingLength, "Wrong encrypted data length.");
_messageBytes = new byte[_length];
using (var streamer = new TLStreamer(_messageBytes))
{
// Writing header.
streamer.WriteUInt64(_authKeyId);
streamer.WriteInt128(_msgKey);
// Writing encrypted data.
streamer.Write(encryptedData, 0, innerDataWithPaddingLength);
}
}
public static List <FileNode> ExtractFromJsonNode(
IEncryptionServices encryptionServices,
JsonNode jsonNode,
string fileSeparator)
{
List <FileNode> answer = new List <FileNode>();
ExtractFromJsonNodeRecursive(encryptionServices, answer, jsonNode, string.Empty, fileSeparator);
return(answer);
}
public VerifyAuthFilter(IConfiguration configuration, IEncryptionServices encryptionServices)
{
_encryptionServices = encryptionServices;
var user = configuration[_userFieldName];
_user = string.IsNullOrEmpty(user) ? _defaultUser : user;
var password = configuration[_passwordFieldName];
_password = string.IsNullOrEmpty(password) ? _defaultPassword : password;
}
/// <summary>
/// Initializes a new instance of the <see cref="MessageCodec" /> class.
/// </summary>
/// <exception cref="System.ArgumentNullException">The <paramref name="tlRig" /> is <c>null</c>.</exception>
/// <exception cref="System.ArgumentNullException">The <paramref name="hashServices" /> is <c>null</c>.</exception>
/// <exception cref="System.ArgumentNullException">The <paramref name="encryptionServices" /> is <c>null</c>.</exception>
public MessageCodec([NotNull] TLRig tlRig, [NotNull] IHashServices hashServices, [NotNull] IEncryptionServices encryptionServices,
IRandomGenerator randomGenerator)
{
Argument.IsNotNull(() => tlRig);
Argument.IsNotNull(() => hashServices);
Argument.IsNotNull(() => encryptionServices);
_tlRig = tlRig;
_hashServices = hashServices;
_encryptionServices = encryptionServices;
_randomGenerator = randomGenerator;
}
public DocumentsCommandHandler(
IMediator mediator,
AppDbContext context,
IEncryptionServices encryptionService,
IFileServiceFactory fileFactory,
IOptionsMonitor <StorageOptions> storageOption
)
{
_mediator = mediator;
_context = context;
_encryptionService = encryptionService;
_storageOption = storageOption.CurrentValue;
_fileService = fileFactory.Create();
}
public UploadFilesController(
IFileManagementServices fileManagementServices,
IZipServices zipServices,
IEncryptionServices encryptionServices,
IDataManagementSystemCallerServices dataManagementSystemCallerServices,
IConfiguration configuration)
{
_fileManagementServices = fileManagementServices;
_zipServices = zipServices;
_encryptionServices = encryptionServices;
_dataManagementSystemCallerServices = dataManagementSystemCallerServices;
//get constants from conf
var defaultFileManagementServiceUrl = configuration[_fileManagementServiceUrlFieldName];
_fileManagementServiceUrl = string.IsNullOrEmpty(defaultFileManagementServiceUrl) ? _defaultFileManagementServiceUrl : defaultFileManagementServiceUrl;
}
public AuthKeyNegotiator(
[NotNull] IClientTransportConfig clientTransportConfig,
[NotNull] IMTProtoClientBuilder mtProtoBuilder,
[NotNull] TLRig tlRig,
[NotNull] INonceGenerator nonceGenerator,
[NotNull] IHashServices hashServices,
[NotNull] IEncryptionServices encryptionServices,
[NotNull] IKeyChain keyChain)
{
_clientTransportConfig = clientTransportConfig;
_mtProtoBuilder = mtProtoBuilder;
_tlRig = tlRig;
_nonceGenerator = nonceGenerator;
_hashServices = hashServices;
_encryptionServices = encryptionServices;
_keyChain = keyChain;
}
public ReceiveController(
IEncryptionServices encryptionServices,
IZipServices zipServices,
IFileManagementServices fileManagementServices,
IPersistenceServices persistenceServices,
IConfiguration configuration)
{
_encryptionServices = encryptionServices;
_zipServices = zipServices;
_fileManagementServices = fileManagementServices;
_persistenceServices = persistenceServices;
_configuration = configuration;
var persistFiles = configuration[_persistFilesFieldName];
persistFiles = string.IsNullOrEmpty(persistFiles) ? _defaultPersistFiles : persistFiles; // if not in conf, defautl 'default key'
_persistFiles = bool.Parse(persistFiles);
}
public MTProtoClientBuilder(
[NotNull] IClientTransportFactory clientTransportFactory,
[NotNull] TLRig tlRig,
[NotNull] IMessageIdGenerator messageIdGenerator,
[NotNull] IMessageCodec messageCodec,
[NotNull] IHashServices hashServices,
[NotNull] IEncryptionServices encryptionServices,
[NotNull] INonceGenerator nonceGenerator,
[NotNull] IKeyChain keyChain)
{
_clientTransportFactory = clientTransportFactory;
_tlRig = tlRig;
_messageIdGenerator = messageIdGenerator;
_messageCodec = messageCodec;
_hashServices = hashServices;
_encryptionServices = encryptionServices;
_nonceGenerator = nonceGenerator;
_keyChain = keyChain;
}
public MTProtoClientBuilder(
[NotNull] IClientTransportFactory clientTransportFactory,
[NotNull] TLRig tlRig,
[NotNull] IMessageIdGenerator messageIdGenerator,
[NotNull] IMessageCodec messageCodec,
[NotNull] IHashServices hashServices,
[NotNull] IEncryptionServices encryptionServices,
[NotNull] INonceGenerator nonceGenerator,
[NotNull] IKeyChain keyChain)
{
_clientTransportFactory = clientTransportFactory;
_tlRig = tlRig;
_messageIdGenerator = messageIdGenerator;
_messageCodec = messageCodec;
_hashServices = hashServices;
_encryptionServices = encryptionServices;
_nonceGenerator = nonceGenerator;
_keyChain = keyChain;
}
public AuthKeyNegotiator([NotNull] IMTProtoConnectionFactory connectionFactory, [NotNull] TLRig tlRig, [NotNull] INonceGenerator nonceGenerator,
[NotNull] IHashServices hashServices, [NotNull] IEncryptionServices encryptionServices, [NotNull] IKeyChain keyChain,
[NotNull] ITransportConfigProvider transportConfigProvider)
{
Argument.IsNotNull(() => connectionFactory);
Argument.IsNotNull(() => tlRig);
Argument.IsNotNull(() => nonceGenerator);
Argument.IsNotNull(() => hashServices);
Argument.IsNotNull(() => encryptionServices);
Argument.IsNotNull(() => keyChain);
Argument.IsNotNull(() => transportConfigProvider);
_connectionFactory = connectionFactory;
_tlRig = tlRig;
_nonceGenerator = nonceGenerator;
_hashServices = hashServices;
_encryptionServices = encryptionServices;
_keyChain = keyChain;
_transportConfigProvider = transportConfigProvider;
}
public MTProtoConnection(TransportConfig transportConfig, [NotNull] ITransportFactory transportFactory, [NotNull] TLRig tlRig,
[NotNull] IMessageIdGenerator messageIdGenerator, [NotNull] IHashServices hashServices, [NotNull] IEncryptionServices encryptionServices)
{
Argument.IsNotNull(() => transportFactory);
Argument.IsNotNull(() => tlRig);
Argument.IsNotNull(() => messageIdGenerator);
Argument.IsNotNull(() => hashServices);
Argument.IsNotNull(() => encryptionServices);
_transportFactory = transportFactory;
_tlRig = tlRig;
_messageIdGenerator = messageIdGenerator;
_hashServices = hashServices;
_encryptionServices = encryptionServices;
DefaultRpcTimeout = Defaults.RpcTimeout;
DefaultConnectTimeout = Defaults.ConnectTimeout;
_tlRig.PrepareSerializersForAllTLObjectsInAssembly(typeof(ITLAsyncMethods).GetAssemblyEx());
_sessionId = GetNextSessionId();
// Init transport.
_transport = _transportFactory.CreateTransport(transportConfig);
// History of messages in/out.
_inMessages.ObserveOn(DefaultScheduler.Instance).Subscribe(_inMessagesHistory);
_outMessages.ObserveOn(DefaultScheduler.Instance).Subscribe(_outMessagesHistory);
// Connector in/out.
_transport.ObserveOn(DefaultScheduler.Instance).Do(bytes => LogMessageInOut(bytes, "IN")).Subscribe(ProcessIncomingMessageBytes);
_outMessages.ObserveOn(DefaultScheduler.Instance)
.Do(message => LogMessageInOut(message.MessageBytes, "OUT"))
.Subscribe(message => _transport.Send(message.MessageBytes));
_inMessages.ObserveOn(DefaultScheduler.Instance).Subscribe(ProcessIncomingMessage);
}
public GmailAPIService(EmailManagerContext context, IEncryptionServices encrypt)
{
this._context = context;
this._encrypt = encrypt;
}
public SessionServices(IHttpContextAccessor httpContextAccessor, IEncryptionServices encryptionServices)
{
_HttpContextAccessor = httpContextAccessor;
_EncryptionServices = encryptionServices;
}
private void GenerateJsonObjectRecursive(JsonNode jsonNode, string filePath, NodeCollection nodeCollection, IEncryptionServices encryptionServices, string accumulatedPath, string pathSeparator)
{
foreach (KeyValuePair <string, Node> keyValuePair in nodeCollection)
{
if (keyValuePair.Value.Children.Count == 0) //is a file
{
string fullFilePath = $"{filePath}{accumulatedPath}{keyValuePair.Key}";
byte[] array = File.ReadAllBytes(fullFilePath);
jsonNode.children.Add(new JsonNode(
name: encryptionServices.EncryptToString(keyValuePair.Key),
isFile: true,
file: encryptionServices.EncryptToString(array)));
}
else // is a folder
{
var dirNode = new JsonNode(name: encryptionServices.EncryptToString(keyValuePair.Key));
jsonNode.children.Add(dirNode);
GenerateJsonObjectRecursive(dirNode, filePath, keyValuePair.Value.Children, encryptionServices, $"{accumulatedPath}{keyValuePair.Key}{pathSeparator}", pathSeparator);
}
}
}
/// <summary>
/// Initializes a new instance of the <see cref="MessageCodec" /> class.
/// </summary>
/// <exception cref="System.ArgumentNullException">The <paramref name="tlRig" /> is <c>null</c>.</exception>
/// <exception cref="System.ArgumentNullException">The <paramref name="hashServices" /> is <c>null</c>.</exception>
/// <exception cref="System.ArgumentNullException">The <paramref name="encryptionServices" /> is <c>null</c>.</exception>
public MessageCodec([NotNull] TLRig tlRig, [NotNull] IHashServices hashServices, [NotNull] IEncryptionServices encryptionServices,
IRandomGenerator randomGenerator)
{
Argument.IsNotNull(() => tlRig);
Argument.IsNotNull(() => hashServices);
Argument.IsNotNull(() => encryptionServices);
_tlRig = tlRig;
_hashServices = hashServices;
_encryptionServices = encryptionServices;
_randomGenerator = randomGenerator;
}
