private String AskQuestions(String userID, String email)
{
Core core = new Core(Server.passphrase);
DatabaseConnection connection = new DatabaseConnection();
String dbUserid = connection.getUserID(email);
connection.close();
if (userID == null)
{
ErrorLog_Write(email + ": Email does not exist!");
Console.WriteLine(email + ": Email does not exist!");
throw new Exception("Invalid user");
}
if (userID != dbUserid)
{
ErrorLog_Write(email + ": User id does not exist!");
Console.WriteLine(email + ": User id does not exist!");
throw new Exception("Invalid user");
}
String questions = core.ReadSettingsFile();
Message result = new Message(questions);
result.Sign(core.PrivateKey);
return(result.ToString());
}
private bool SendQuery(String userID, String email, String message, String macValue)
{
DatabaseConnection connection = new DatabaseConnection();
String dbUserid = connection.getUserID(email);
// connection.close();
if (userID == null)
{
ErrorLog_Write("Error - " + email + ": Email does not exist!");
Console.WriteLine("Error - " + email + ": Email does not exist!");
throw new Exception("Invalid user");
}
if (userID != dbUserid)
{
ErrorLog_Write("Error - " + email + ": User id does not exist!");
Console.WriteLine("Error - " + email + ": User id does not exist!");
throw new Exception("Invalid user");
}
// connection = new DatabaseConnection();
String dbMACPass = connection.getMACPass(email);
// connection.close();
if (dbMACPass == null)
{
ErrorLog_Write("Error: MacPass does not exist!");
Console.WriteLine("Error: MacPass does not exist!");
throw new Exception("Invalid Mac Pass");
}
HMAC hmac = HMACSHA1.Create();
hmac.Key = Convert.FromBase64String(dbMACPass);
byte[] hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(message));
if (Util.Compare(hash, Convert.FromBase64String(macValue)))
{
connection.removeMACPass(email);
connection.close();
return(true);
}
connection.close();
ErrorLog_Write("Error - " + email + ": MAC value is tampered, public key is not set.");
Console.WriteLine("Error - " + email + ": MAC value is tampered, public key is not set.");
throw new Exception("MAC value is tampered, public key is not set");
}
private bool EnvelopeAnswers(String userID, String email, String answersEnveloped, String bodyMsg)
{
DatabaseConnection connection = new DatabaseConnection();
String dbUserid = connection.getUserID(email);
//connection.close();
if (userID == null)
{
ErrorLog_Write(email + ": Email does not exist!");
Console.WriteLine(email + ": Email does not exist!");
throw new Exception("Invalid user");
}
if (userID != dbUserid)
{
ErrorLog_Write(email + ": User id does not exist!");
Console.WriteLine(email + ": User id does not exist!");
throw new Exception("Invalid user");
}
Core core = new Core(Server.passphrase);
String privateKey = core.PrivateKey;
Rijndael aes = Rijndael.Create();
AESInfo aesInfo = Crypto.Destruct(answersEnveloped, privateKey);
String answers = Encoding.UTF8.GetString(Crypto.AESDecrypt(aesInfo.message, aes.CreateDecryptor(aesInfo.key, aesInfo.IV)));
// connection = new DatabaseConnection();
String dbAnswers = connection.getAnswers(email);
connection.close();
if (answers == dbAnswers)
{
SendMail(email, aesInfo, bodyMsg);
return(true);
}
else
{
//protocol stops and socket is closed.
ErrorMail(email);
ErrorLog_Write("Error - " + email + ": Answers are not correct!");
Console.WriteLine("Error - " + email + ": Answers are not correct!");
throw new Exception("Answers are not correct");
}
}
private bool SendQuery(String userID, String email, String message, String macValue)
{
DatabaseConnection connection = new DatabaseConnection();
String dbUserid = connection.getUserID(email);
// connection.close();
if (userID == null)
{
ErrorLog_Write("Error - " + email + ": Email does not exist!");
Console.WriteLine("Error - " + email + ": Email does not exist!");
throw new Exception("Invalid user");
}
if (userID != dbUserid)
{
ErrorLog_Write("Error - " + email + ": User id does not exist!");
Console.WriteLine("Error - " + email + ": User id does not exist!");
throw new Exception("Invalid user");
}
// connection = new DatabaseConnection();
String dbMACPass = connection.getMACPass(email);
// connection.close();
if (dbMACPass == null)
{
ErrorLog_Write("Error: MacPass does not exist!");
Console.WriteLine("Error: MacPass does not exist!");
throw new Exception("Invalid Mac Pass");
}
HMAC hmac = HMACSHA1.Create();
hmac.Key = Convert.FromBase64String(dbMACPass);
byte[] hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(message));
if (Util.Compare(hash, Convert.FromBase64String(macValue)))
{
connection.removeMACPass(email);
connection.close();
return true;
}
connection.close();
ErrorLog_Write("Error - " + email + ": MAC value is tampered, public key is not set.");
Console.WriteLine("Error - " + email + ": MAC value is tampered, public key is not set.");
throw new Exception("MAC value is tampered, public key is not set");
}
private bool EnvelopeAnswers(String userID, String email, String answersEnveloped, String bodyMsg)
{
DatabaseConnection connection = new DatabaseConnection();
String dbUserid = connection.getUserID(email);
//connection.close();
if (userID == null)
{
ErrorLog_Write(email + ": Email does not exist!");
Console.WriteLine(email + ": Email does not exist!");
throw new Exception("Invalid user");
}
if (userID != dbUserid)
{
ErrorLog_Write(email + ": User id does not exist!");
Console.WriteLine(email + ": User id does not exist!");
throw new Exception("Invalid user");
}
Core core = new Core(Server.passphrase);
String privateKey = core.PrivateKey;
Rijndael aes = Rijndael.Create();
AESInfo aesInfo = Crypto.Destruct(answersEnveloped, privateKey);
String answers = Encoding.UTF8.GetString(Crypto.AESDecrypt(aesInfo.message, aes.CreateDecryptor(aesInfo.key, aesInfo.IV)));
// connection = new DatabaseConnection();
String dbAnswers = connection.getAnswers(email);
connection.close();
if (answers == dbAnswers)
{
SendMail(email, aesInfo, bodyMsg);
return true;
}
else
{
//protocol stops and socket is closed.
ErrorMail(email);
ErrorLog_Write("Error - " + email + ": Answers are not correct!");
Console.WriteLine("Error - " + email + ": Answers are not correct!");
throw new Exception("Answers are not correct");
}
}
private String AskQuestions(String userID, String email)
{
Core core = new Core(Server.passphrase);
DatabaseConnection connection = new DatabaseConnection();
String dbUserid = connection.getUserID(email);
connection.close();
if (userID == null)
{
ErrorLog_Write(email + ": Email does not exist!");
Console.WriteLine(email + ": Email does not exist!");
throw new Exception("Invalid user");
}
if (userID != dbUserid)
{
ErrorLog_Write(email + ": User id does not exist!");
Console.WriteLine(email + ": User id does not exist!");
throw new Exception("Invalid user");
}
String questions = core.ReadSettingsFile();
Message result = new Message(questions);
result.Sign(core.PrivateKey);
return result.ToString();
}