예제 #1
0
        public static void SendMessage(Message msg, KeyStore ks)
        {
            byte[] convAesKey  = null;
            int    recipientId = -1;

            using (DataContext db = new DataContext())
            {
                var conv = GetConversation(msg.SenderId, msg.RecipientId, db);
                msg.ConversationId = conv.ConId;

                // Non-blocking execution of setting unread
                Task.Run(() => SetUnread(conv.ConId, msg.RecipientId));

                if (msg.SenderId == conv.UserAId)
                {
                    convAesKey  = Crypt.Instance.DecryptRsa(conv.KeyA, ks.rsaPrivate);
                    recipientId = conv.UserBId;
                }
                else if (msg.SenderId == conv.UserBId)
                {
                    convAesKey  = Crypt.Instance.DecryptRsa(conv.KeyB, ks.rsaPrivate);
                    recipientId = conv.UserAId;
                }

                SecureMessage dbMsg = msg.ToDatabase(recipientId, convAesKey);

                if (convAesKey == null || recipientId == -1)
                {
                    throw new ChatException("Recipient invalid or message could not be encrypted");
                }

                // Add to database
                db.SecureMessage.Add(dbMsg);
                db.SaveChanges();
            }
        }
예제 #2
0
        /// <summary>
        /// Validate the user's password
        /// </summary>
        /// <param name="password">The user's password</param>
        /// <param name="checkEmailValidity">Whether to check if the email address is verified</param>
        /// <returns></returns>
        internal AuthResult ValidateLogin(string password, bool checkEmailValidity = true)
        {
            using (DataContext db = new DataContext())
            {
                Users user = Users.FindByEmail(this.Email, db);

                if (user == null)
                {
                    AuthLogger.Instance.UserNotFound(Email);
                    return(AuthResult.UserNotFound);
                }

                // Check IP
                string userip = GetIP();
                if (UserIPList.CheckUserIPList(userip, user, db))
                {
                    Debug.WriteLine("CHK TRUE");
                    MailClient m = new MailClient(Email);
                    m.Subject = "Unrecognised login from IP Address " + userip;
                    m.AddLine("An unrecognised login has been found");
                    m.AddLine("If this wasn't you, please contact us.");
                    m.Send(user.FullName, "Contact Us", "https://haxnet.azurewebsites.net/Contact");
                }
                else
                {
                    Debug.WriteLine("CHK FALSE");
                }

                if (checkEmailValidity && !EmailConfirm.IsEmailValidated(user))
                {
                    EmailConfirm.SendEmailForConfirmation(user, db);

                    return(AuthResult.EmailNotVerified);
                }

                byte[] bPassword = Encoding.UTF8.GetBytes(password);
                byte[] bSalt     = user.Salt;
                byte[] bHash     = Crypt.Instance.Hash(bPassword, bSalt);

                if (user.Hash.SequenceEqual(bHash))
                {
                    AuthLogger.Instance.PasswordSuccess(user.Email, user.UserID);
                }
                else
                {
                    AuthLogger.Instance.PasswordFail(user.Email, user.UserID);
                    return(AuthResult.PasswordIncorrect);
                }

                try
                {
                    db.Entry(user).Reference(usr => usr.UserKeyStore).Load();
                    if (user.UserKeyStore == null)
                    {
                        user.UserKeyStore = KeyStore.DefaultDbKeyStore(password, bSalt, user.UserID);
                        db.SaveChanges();
                    }
                    TempKeyStore = new KeyStore(user.UserKeyStore, password, bSalt);
                    return(AuthResult.Success);
                } catch (KeyStoreException) {
                    return(AuthResult.KeyStoreInvalid);
                }
            }
            throw new AuthException("Login has no result, database failure might have occured.");
        }
예제 #3
0
        public static ICollection <Message> RetrieveMessages(int retriever, int other, KeyStore ks, int amount = -1)
        {
            ICollection <Message> decryptedMessages = new List <Message>();
            List <SecureMessage>  dbMsgList         = null;

            byte[] convAesKey = null;

            Stopwatch sw = new Stopwatch();

            sw.Start();
            using (DataContext db = new DataContext())
            {
                var dbConv = GetConversation(retriever, other, db);

                if (dbConv == null)
                {
                    throw new ChatException("Message could not be retrieved");
                }

                if (retriever == dbConv.UserAId)
                {
                    convAesKey = Crypt.Instance.DecryptRsa(dbConv.KeyA, ks.rsaPrivate);
                    if (dbConv.UnreadForA == true)
                    {
                        dbConv.UnreadForA = false;
                        db.SaveChanges();
                    }
                }
                else if (retriever == dbConv.UserBId)
                {
                    convAesKey = Crypt.Instance.DecryptRsa(dbConv.KeyB, ks.rsaPrivate);
                    if (dbConv.UnreadForB == true)
                    {
                        dbConv.UnreadForB = false;
                        db.SaveChanges();
                    }
                }

                if (convAesKey == null)
                {
                    throw new ChatException("Message could not be decrypted (AES from RSA)");
                }

                // DB Query for messages that match query
                var dbMsgQueryable = db.SecureMessage
                                     .Where(m => (m.ConId == dbConv.ConId))
                                     .OrderByDescending(m => m.MsgId);

                int rows = dbMsgQueryable.Count();

                // If the number of rows exceeds the number of rows, return all the rows
                if (amount > rows)
                {
                    amount = -1;
                }

                // Get the specified number of rows from the database
                if (amount > 0)
                {
                    dbMsgList = dbMsgQueryable.Take(amount).ToList();
                }
                else
                {
                    dbMsgList = dbMsgQueryable.ToList();
                }

                // Convert each message into decrypted form
                foreach (SecureMessage dbMsg in dbMsgList)
                {
                    decryptedMessages.Add(new Message(dbMsg, convAesKey));
                }

                sw.Stop();
                Debug.WriteLine("Messages retrieval & decryption took: " + sw.ElapsedMilliseconds + "ms");
            }
            return(decryptedMessages.Reverse().ToList());
        }