public static void StartCheckKeysTask(NodeKeysDto paramNodeKeys, KeyLength keyLength, uint lifeTime)
{
Task.Run(async() =>
{
while (true)
{
try
{
NodeKeysDto nodeKeys = await AppServiceProvider.Instance.KeysService.GetActualNodeKeysAsync(NodeSettings.Configs.Node.Id).ConfigureAwait(false);
if (nodeKeys == null ||
(nodeKeys.ExpirationTime - DateTime.UtcNow.ToUnixTime()) <= TimeSpan.FromDays(5).TotalSeconds)
{
nodeKeys = await AppServiceProvider.Instance.KeysService.CreateNewNodeKeysAsync(NodeSettings.Configs.Node.Id, keyLength, lifeTime).ConfigureAwait(false);
if (paramNodeKeys == null)
{
paramNodeKeys = nodeKeys;
}
Console.WriteLine($"New keys was generated. KeyId: {nodeKeys.KeyId}");
await NodeData.NodeNoticeService.SendNewNodeKeysNodeNoticeAsync(nodeKeys.PublicKey, nodeKeys.SignPublicKey, nodeKeys.KeyId, nodeKeys.ExpirationTime).ConfigureAwait(false);
await LicensorClient.Instance.AddNewKeyAsync(nodeKeys.PublicKey, nodeKeys.SignPublicKey, nodeKeys.KeyId, nodeKeys.ExpirationTime, nodeKeys.GenerationTime, true).ConfigureAwait(false);
}
paramNodeKeys = nodeKeys;
}
catch (Exception ex)
{
Logger.WriteLog(ex);
}
finally
{
await Task.Delay(TimeSpan.FromSeconds(60)).ConfigureAwait(true);
}
}
}).Wait(TimeSpan.FromSeconds(5));
}
public ConnectNodeRequest(byte[] encryptedKey, byte[] data, NodeKeysDto keys)
{
EncryptedKey = encryptedKey;
Data = data;
Keys = keys;
RequestType = NodeRequestType.Connect;
}
private bool TryDecryptPrivateData <T>(BlockSegmentVm segment, out T decryptedObject)
{
if (segment.PrivateData != null && segment.KeyId != null && segment.NodeId == NodeSettings.Configs.Node.Id)
{
try
{
NodeKeysDto nodeKeys = null;
if (Convert.ToInt64(segment.KeyId) != NodeData.Instance.NodeKeys.KeyId)
{
nodeKeys = _keysService.GetNodeKeysAsync(Convert.ToInt64(segment.KeyId)).Result;
}
else
{
nodeKeys = NodeData.Instance.NodeKeys;
}
if (nodeKeys != null)
{
byte[] password = NodeData.Instance.NodeKeys.Password;
var decryptedData = Encryptor.SymmetricDataDecrypt(
segment.PrivateData,
nodeKeys.PublicKey,
nodeKeys.SymmetricKey,
password).DecryptedData;
decryptedObject = ObjectSerializer.JsonToObject <T>(Encoding.UTF8.GetString(decryptedData), new BitArrayJsonConverter());
return(true);
}
}
catch (Exception ex)
{
Logger.WriteLog(ex);
decryptedObject = default;
return(false);
}
}
decryptedObject = default;
return(false);
}
private NodeData()
{
RoutedMessagesId = new List <Guid>();
Task.Run(async() =>
{
while (true)
{
try
{
NodeKeysDto nodeKeys = await AppServiceProvider.Instance.KeysService.GetActualNodeKeysAsync(NodeSettings.Configs.Node.Id).ConfigureAwait(false);
if (nodeKeys == null ||
(nodeKeys.ExpirationTime - DateTime.UtcNow.ToUnixTime()) <= TimeSpan.FromDays(5).TotalSeconds)
{
nodeKeys = await AppServiceProvider.Instance.KeysService.CreateNewNodeKeysAsync(NodeSettings.Configs.Node.Id, HttpServer.Models.CreateNewKeysModel.KeyLength.Long, 10 * 24 * 3600).ConfigureAwait(false);
if (NodeKeys == null)
{
NodeKeys = nodeKeys;
}
await NodeNoticeService.SendNewNodeKeysNodeNoticeAsync(nodeKeys.PublicKey, nodeKeys.SignPublicKey, nodeKeys.KeyId, nodeKeys.ExpirationTime).ConfigureAwait(false);
await LicensorClient.Instance.AddNewKeyAsync(nodeKeys.PublicKey, nodeKeys.SignPublicKey, nodeKeys.KeyId, nodeKeys.ExpirationTime, nodeKeys.GenerationTime, true).ConfigureAwait(false);
}
NodeKeys = nodeKeys;
}
catch (Exception ex)
{
Logger.WriteLog(ex);
}
finally
{
await Task.Delay(TimeSpan.FromSeconds(60)).ConfigureAwait(false);
}
}
}).Wait(TimeSpan.FromSeconds(5));
TasksHelper.StartRemoveExpiredMessagesTask();
}
public async void SendConnectRequestAsync(NodeConnection nodeConnection)
{
NodeKeysDto publicKey = null;
try
{
if (nodeConnection.Node == null ||
nodeConnection.Node.NodeKey == null ||
nodeConnection.Node.NodeKey.EncPublicKey.IsNullOrEmpty() ||
nodeConnection.Node.NodeKey.SignPublicKey.IsNullOrEmpty() ||
nodeConnection.Node.NodeKey.ExpiredAt < DateTime.UtcNow.ToUnixTime())
{
publicKey = await GetNodePublicKeyAsync(nodeConnection).ConfigureAwait(false);
}
if (publicKey == null)
{
publicKey = new NodeKeysDto
{
ExpirationTime = nodeConnection.Node.NodeKey.ExpiredAt,
KeyId = nodeConnection.Node.NodeKey.KeyId,
PublicKey = nodeConnection.Node.NodeKey.EncPublicKey,
SignPublicKey = nodeConnection.Node.NodeKey.SignPublicKey
};
}
byte[] symmetricKey;
byte[] encryptedKey = null;
if (nodeConnection.IsEncryptedConnection)
{
symmetricKey = nodeConnection.SymmetricKey;
}
else
{
symmetricKey = Encryptor.GetSymmetricKey(256, RandomExtensions.NextInt64(), uint.MaxValue, NodeData.Instance.NodeKeys.Password);
}
encryptedKey = Encryptor.AsymmetricDataEncrypt(
symmetricKey,
publicKey.PublicKey,
NodeData.Instance.NodeKeys.SignPrivateKey,
NodeData.Instance.NodeKeys.Password);
ConnectData connectData = new ConnectData
{
License = NodeSettings.Configs.License,
LicensorSign = NodeSettings.Configs.LicensorSign.Sign,
Node = NodeSettings.Configs.Node,
SymmetricKey = symmetricKey
};
byte[] encryptedRequestData = Encryptor.SymmetricDataEncrypt(
ObjectSerializer.ObjectToByteArray(connectData),
NodeData.Instance.NodeKeys.SignPrivateKey,
symmetricKey,
MessageDataType.Binary,
NodeData.Instance.NodeKeys.Password);
NodeRequest request = new ConnectNodeRequest(encryptedKey, encryptedRequestData, NodeData.Instance.PublicKeys);
SendRequest(nodeConnection, request);
NodeResponse response = await GetResponseAsync(request, (int)TimeSpan.FromSeconds(30).TotalMilliseconds).ConfigureAwait(false);
if (response is NodesInformationResponse informationResponse)
{
ConnectData responseData = informationResponse.GetConnectData(symmetricKey, publicKey.SignPublicKey, NodeData.Instance.NodeKeys.Password);
responseData.Node.StartDay = responseData.Node.StartDay.ToUniversalTime();
var nodeJson = ObjectSerializer.ObjectToJson(responseData.Node);
var isValid = Encryptor.CheckSign(
responseData.LicensorSign,
LicensorClient.Instance.GetSignPublicKey(),
Encoding.UTF8.GetBytes(nodeJson),
NodeData.Instance.NodeKeys.Password);
if (!isValid)
{
return;
}
LicenseVm license = responseData.License;
long currentTime = DateTime.UtcNow.ToUnixTime();
if (license.ExpiredAt <= currentTime)
{
return;
}
foreach (LicenseSegmentVm segment in license.LicenseSegments)
{
if (segment.StartAt <= currentTime && segment.LicensorSign != null && segment.LicensorSign.Sign != null)
{
var jsonData = ObjectSerializer.ObjectToJson(segment.GetSignObject());
bool isSegmentValid = Encryptor.CheckSign(
segment.LicensorSign.Sign,
LicensorClient.Instance.GetSignPublicKey(),
Encoding.UTF8.GetBytes(jsonData),
NodeData.Instance.NodeKeys.Password);
if (!isSegmentValid)
{
return;
}
}
}
nodeConnection.Node = responseData.Node;
nodeConnection.Uri = new Uri($"wss://{responseData.Node.Domains.FirstOrDefault()}:{responseData.Node.NodesPort}");
nodeConnection.PublicKey = publicKey.PublicKey;
nodeConnection.SymmetricKey = symmetricKey;
nodeConnection.PublicKeyId = publicKey.KeyId;
nodeConnection.PublicKeyExpirationTime = publicKey.ExpirationTime;
nodeConnection.SignPublicKey = publicKey.SignPublicKey;
nodesService.CreateOrUpdateNodeInformationAsync(responseData.Node);
connectionsService.AddOrUpdateNodeConnection(nodeConnection.Node.Id, nodeConnection);
await nodeNoticeService.SendPendingMessagesAsync(nodeConnection.Node.Id).ConfigureAwait(false);
}
else if (response is ResultNodeResponse resultResponse)
{
if (nodeConnection?.Uri != null)
{
Console.WriteLine($"Node URI: {nodeConnection.Uri.AbsoluteUri} Message: {resultResponse.Message}");
}
else
{
Console.WriteLine(resultResponse.Message);
}
}
}
catch (Exception ex)
{
if (publicKey != null)
{
Console.WriteLine($"PublicKey Id:{publicKey.KeyId}, Expired at: {publicKey.ExpirationTime.ToDateTime().ToString()}, Generated at: {publicKey.GenerationTime.ToDateTime().ToString()}, NodeId:{publicKey.NodeId}");
}
Logger.WriteLog(ex);
nodeConnection.NodeWebSocket.Abort();
}
}
public void SetNodeKeys(NodeKeysDto nodeKeys)
{
NodeKeys = nodeKeys ?? throw new ArgumentNullException(nameof(nodeKeys));
}
