public void TrustContact(int contactId) { Pull(); Log("Sending TRUST_CONTACT command."); TextEncoder.SendCommand(stream, ConnectionCommand.TRUST_CONTACT); TextEncoder.SendInt(stream, contactId); using (Context context = new Context(config)) { var contact = context.Contacts .Where(u => u.PublicId == contactId) .SingleOrDefault(); contact.Trusted = 1; context.SaveChanges(); if (contact.SendAesKey == null) { AESPassword password = AESPassword.GenerateAESPassword(); JAESKey key = new JAESKey(contactId, password); PushOperations.SendIJType(context, key, UserId, UserId); X509Certificate2 cert = X509Certificate2Utils.ImportFromPem( context.Contacts .Where(u => u.PublicId == contactId) .Select(u => u.PublicCertificate) .SingleOrDefault()); BinaryEncoder.SendBytes(stream, RSAEncoder.Encrypt(password.Password, cert)); context.SaveChanges(); } } Push(); }
public static ConnectionInfo Run(Stream stream, Action <string> log, ServerConfig config) { ClientHandshake clientHandshake = TextEncoder.ReadJson <ClientHandshake>(stream); X509Certificate2 clientCertificate = X509Certificate2Utils.ImportFromPem(clientHandshake.PemCertificate); log($"Logging user sent username {clientHandshake.UserName}\n Certificate:\n {clientHandshake.PemCertificate}"); ServerHandshake errorHandshake = new ServerHandshake() { Errors = "", NewUser = false, Succeeded = false, UserId = -1, UserName = "" }; if (config.Password != null && !config.Password.Equals(clientHandshake.ServerPassword)) { errorHandshake.Errors = "Server password is wrong."; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } log("Generating random bytes"); byte[] randomBytes = LUtils.GenerateRandomBytes(TcpConstants.HANDSHAKE_LENGHT); log("Sending encrypted bytes"); BinaryEncoder.SendBytes(stream, RSAEncoder.Encrypt(randomBytes, clientCertificate)); byte[] received = BinaryEncoder.ReceiveBytes(stream); if (!randomBytes.SequenceEqual(received)) { log("Client's certificate verification failed."); errorHandshake.Errors = "Client's certificate verification failed."; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } log("Certificate verification succeeded."); Users user; String message; Clients client; byte[] aesKey = null; bool newUser = false; using (Context context = new Context(config)) { byte[] hash = SHA256Utils.ComputeByteSha256Hash(clientCertificate); user = context.Users.SingleOrDefault(u => u.PublicCertificateSha256.SequenceEqual(hash)); if (user == null) { log("User doesn't exist yet. I'll try to create him."); newUser = true; log("Checking the uniquity of username."); String userName = clientHandshake.UserName; if (context.Users.SingleOrDefault(u => u.UserName.Equals(userName)) != null) { errorHandshake.Errors = "Username isn't unique."; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } else if (userName.Length > 45) { errorHandshake.Errors = "Username is too long (max. 45 chars)"; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } else if (userName.Length < 4) { errorHandshake.Errors = "Username is too short (min. 4 chars)"; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } else if (!Validators.ValidateRegexUserName(userName)) { errorHandshake.Errors = "Username must match this regex ^[a-zA-Z][-a-zA-Z0-9_]+$ (Vaguely can't contain special chars and spaces)"; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } log("Creating user."); user = new Users() { PublicCertificate = clientHandshake.PemCertificate, PublicCertificateSha256 = hash, UserName = clientHandshake.UserName }; context.Users.Add(user); context.SaveChanges(); message = "User successfully created."; log("User successfully created."); } else { message = "User exists."; log("User exists."); } client = new Clients() { UserId = user.Id }; if (clientHandshake.ClientId == null) { log($"Loading self-aes key."); aesKey = context.UsersKeys .Where(u => u.RecepientId == user.Id) .Where(u => u.SenderId == user.Id) .Select(u => u.AesKey) .SingleOrDefault(); context.Add(client); context.SaveChanges(); log($"Added client with Id {client.Id}."); } else { client.Id = (int)clientHandshake.ClientId; if (context.Clients.Where(u => u.Id == client.Id).Single().UserId != user.Id) { errorHandshake.Errors = "This client id isn't owned by this user."; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } log($"Client with Id {client.Id} has logged in."); } } ServerHandshake toSend = new ServerHandshake() { Errors = message, NewUser = newUser, Succeeded = true, UserId = user.Id, UserName = user.UserName, ClientId = client.Id, SelfAesKey = aesKey }; TextEncoder.SendJson(stream, toSend); ConnectionInfo ret = new ConnectionInfo(user, clientCertificate, client.Id); log($"Handshake successeded. User {ret.UserName} with id {ret.UserId} has logged in. Client has id {client.Id}."); return(ret); }
public void TrustContact(int contactId) { ThrowExceptionIfNotConnected(); Pull(); lock (mutex) { Log("Sending TRUST_CONTACT command."); BinaryEncoder.SendCommand(stream, ConnectionCommand.TRUST_CONTACT); BinaryEncoder.SendInt(stream, contactId); using (Context context = new Context(config)) { var contact = new UContact(context.Contacts .Where(u => u.PublicId == contactId) .SingleOrDefault()) { Trusted = true }; if (contact.SendAesKey == null) { Log("Sending new key."); BinaryEncoder.SendInt(stream, 1); AESPassword password = AESPassword.GenerateAESPassword(); contact.SendAesKey = password.Password; X509Certificate2 recepientCert = X509Certificate2Utils.ImportFromPem( context.Contacts .Where(u => u.PublicId == contactId) .Select(u => u.PublicCertificate) .SingleOrDefault()); byte[] toSend = RSAEncoder.EncryptAndSign(password.Password, recepientCert, MyCertificate); BinaryEncoder.SendBytes(stream, toSend); } else { Log("No new key will be sended."); BinaryEncoder.SendInt(stream, 0); } if (contactId != this.UserId) { PushOperations.SendJsonCapsula(context, contact.GetSelfUpdate(), UserId, UserId); } else { var me = context.Contacts .Where(u => u.PublicId == UserId) .Single(); me.SendAesKey = contact.SendAesKey; me.ReceiveAesKey = contact.ReceiveAesKey; } context.SaveChanges(); } Log("Trustification has been done."); } Push(); }
public int Pull() { int changes = 0; ThrowExceptionIfNotConnected(); lock (mutex) { Log("Sending PULL command."); BinaryEncoder.SendCommand(stream, ConnectionCommand.PULL); #if (DEBUG) Log("Sending ClientPullCapsula."); #endif ClientPullCapsula clientCapsula; using (Context context = new Context(config)) { clientCapsula = new ClientPullCapsula() { AesKeysUserIds = context.Contacts .Where(u => u.ReceiveAesKey == null) .Select(u => u.PublicId) .ToArray() }; } TextEncoder.SendJson(stream, clientCapsula); ServerPullCapsula capsula = TextEncoder.ReadJson <ServerPullCapsula>(stream); #if (DEBUG) Log("Received ServerPullCapsula."); #endif changes += capsula.AesKeysUserIds.Count; changes += capsula.Messages.Count; using (Context context = new Context(config)) { #if (DEBUG) Log("Receiving and saving AES keys."); #endif foreach (var id in capsula.AesKeysUserIds) { var user = new UContact(context.Contacts.Where(con => con.PublicId == id).SingleOrDefault()); try { user.ReceiveAesKey = RSAEncoder.DecryptAndVerify(BinaryEncoder.ReceiveBytes(stream), MyCertificate, X509Certificate2Utils.ImportFromPem(user.PublicCertificate)); } catch (Exception ex) { Log($"Loading of Receive AESKey from {user.PublicId} has failed."); logger.LogException(this, ex); } PushOperations.Update(context, user, UserId, UserId); } context.SaveChanges(); #if (DEBUG) Log("Receiving and saving messages."); #endif foreach (PullMessage metaMessage in capsula.Messages) { BlobMessages metaBlob = new BlobMessages() { PublicId = metaMessage.PublicId, SenderId = metaMessage.SenderId, Failed = 0, DoDelete = 0 }; context.BlobMessages.Add(metaBlob); context.SaveChanges(); try { PullMessageParser.ParseEncryptedMessage(context, BinaryEncoder.ReceiveBytes(stream), metaBlob.SenderId, metaBlob.Id, UserId); } catch (Exception ex) { Log($"Loading of message {metaMessage.PublicId} has failed."); metaBlob.Failed = 1; logger.LogException(this, ex); } context.SaveChanges(); } } Log("Pull have been done."); } return(changes); }
public static UserCapsula Run(Stream stream, Action <string> log, ServerConfig config) { ClientHandshake clientHandshake = TextEncoder.ReadClientHandshake(stream); X509Certificate2 clientCertificate = X509Certificate2Utils.ImportFromPem(clientHandshake.PemCertificate); log($"Logging user sent username {clientHandshake.UserName}\n Certificate:\n {clientHandshake.PemCertificate}"); log("Generating random bytes"); byte[] randomBytes = LUtils.GenerateRandomBytes(TcpConstants.HANDSHAKE_LENGHT); log("Sending encrypted bytes"); BinaryEncoder.SendBytes(stream, RSAEncoder.Encrypt(randomBytes, clientCertificate)); ServerHandshake errorHandshake = new ServerHandshake() { Errors = "", NewUser = false, Succeeded = false, UserId = -1, UserName = "" }; byte[] received = BinaryEncoder.ReceiveBytes(stream); if (!randomBytes.SequenceEqual(received)) { log("Sending error to client."); errorHandshake.Errors = "Client's certificate verification failed."; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } log("Certificate verification succeeded."); Users user; String message; Clients client; bool newUser = false; using (Context context = new Context(config)) { SHA1 sha = new SHA1CryptoServiceProvider(); byte[] hash = sha.ComputeHash(clientCertificate.RawData); user = context.Users.SingleOrDefault(u => u.PublicCertificateSha1.SequenceEqual(hash)); if (user == null) { log("User doesn't exist yet. I'll try to create him."); newUser = true; log("Checking the uniquity of username."); String userName = clientHandshake.UserName; if (context.Users.SingleOrDefault(u => u.UserName.Equals(userName)) != null) { log("Username isn't unique."); errorHandshake.Errors = "Username isn't unique."; TextEncoder.SendJson(stream, errorHandshake); throw new Exception(errorHandshake.Errors); } log("Creating user."); user = new Users() { PublicCertificate = clientHandshake.PemCertificate, PublicCertificateSha1 = hash, UserName = clientHandshake.UserName }; context.Users.Add(user); context.SaveChanges(); message = "User successfully created."; log("User successfully created."); } else { message = "User exists."; log("User exists."); } client = new Clients() { UserId = user.Id }; if (clientHandshake.ClientId == null) { context.Add(client); context.SaveChanges(); log($"Added client with Id {client.Id}."); } else { log($"Client with Id {client.Id} has logged in."); } } ServerHandshake toSend = new ServerHandshake() { Errors = message, NewUser = newUser, Succeeded = true, UserId = user.Id, UserName = user.UserName, ClientId = client.Id }; TextEncoder.SendJson(stream, toSend); UserCapsula ret = new UserCapsula(user, clientCertificate); log($"Handshake successeded. User {ret.UserName} with id {ret.UserId} has logged in"); return(ret); }