Пример #1
0
 protected override void SetItems(IReadOnlyList <byte[]> data)
 {
     VuId     = new Guid(data[0]);
     CvkPub   = data[1].Length != 0 ? C25519Key.Parse(data[1]) : null;
     CVKi     = new BigInteger(data[2], true, true);
     CvkiAuth = AesKey.Parse(data[3]);
 }
        public async Task <TideResponse> Add([FromRoute] Guid uid, [FromRoute] string prism, [FromRoute] string cmk, [FromRoute] string prismAuth, [FromRoute] string cmkAuth, [FromRoute] string email)
        {
            _logger.LogInformation($"New registration for {uid}", uid);
            var account = new CmkVault
            {
                UserId     = uid,
                Prismi     = GetBigInteger(prism),
                Cmki       = GetBigInteger(cmk),
                PrismiAuth = AesKey.Parse(FromBase64(prismAuth)),
                CmkiAuth   = AesKey.Parse(FromBase64(cmkAuth)),
                Email      = HttpUtility.UrlDecode(email)
            };

            var resp = await _manager.SetOrUpdate(account);

            if (!resp.Success)
            {
                return(resp);
            }

            var m = Encoding.UTF8.GetBytes(_config.UserName + uid.ToString());
            //TODO: The ork should not send the orkid because the client should already know
            var signature = Convert.ToBase64String(_config.PrivateKey.Sign(m));

            resp.Content = new { orkid = _config.UserName, sign = signature };

            return(resp);
        }
        public async Task <ActionResult> ChangePrism([FromRoute] Guid uid, [FromRoute] string prism, [FromRoute] string prismAuth, [FromRoute] string token, [FromQuery] bool withCmk = false)
        {
            var tran    = TranToken.Parse(FromBase64(token));
            var toCheck = uid.ToByteArray().Concat(FromBase64(prism)).Concat(FromBase64(prismAuth)).ToArray();

            var account = await _manager.GetById(uid);

            if (account == null)
            {
                return(_logger.Log(Unauthorized($"Unsuccessful change password for {uid}"),
                                   $"Unsuccessful change password for {uid}. Account was not found"));
            }

            var authKey = withCmk ? account.CmkiAuth : account.PrismiAuth;

            if (!tran.Check(authKey, toCheck))
            {
                return(_logger.Log(Unauthorized($"Unsuccessful change password for {uid}"),
                                   $"Unsuccessful change password for {uid} with {token}"));
            }

            _logger.LogInformation($"Change password for {uid}", uid);

            account.Prismi     = GetBigInteger(prism);
            account.PrismiAuth = AesKey.Parse(FromBase64(prismAuth));

            await _manager.SetOrUpdate(account);

            return(Ok());
        }
Пример #4
0
 public VendorConfig CreateVendorConfig()
 {
     return(new VendorConfig
     {
         PrivateKey = C25519Key.Parse(Convert.FromBase64String(PrivateKey)),
         SecretKey = AesKey.Parse(SecretKey)
     });
 }
Пример #5
0
 protected override void SetItems(IReadOnlyList <byte[]> data)
 {
     UserId     = new Guid(data[0]);
     Prismi     = new BigInteger(data[1], true, true);
     Cmki       = new BigInteger(data[2], true, true);
     PrismiAuth = AesKey.Parse(data[3]);
     CmkiAuth   = AesKey.Parse(data[4]);
     Email      = Encoding.UTF8.GetString(data[5]);
 }
        public async Task <ActionResult <SignupRsponse> > SignUp([FromRoute] Guid vuid, [FromBody] SignupRequest data)
        {
            var authKey = AesKey.Parse(data.Auth);
            var guids   = await data.GetUrlIds();

            var signatures = guids.Select(orkId => orkId.ToByteArray().Concat(vuid.ToByteArray()))
                             .Select(msg => Config.PrivateKey.Sign(msg.ToArray())).ToList();

            await Repo.CreateUser(vuid, authKey, data.OrkUrls);

            Logger.LogInformation($"Account created for {vuid}", vuid);
            return(new SignupRsponse {
                Token = TranToken.Generate(Config.SecretKey, vuid.ToByteArray()).ToByteArray(),
                Signatures = signatures
            });
        }
        public async Task <ActionResult <TideResponse> > Add([FromRoute] Guid vuid, [FromRoute] Guid keyId, [FromBody] string[] data)
        {
            var signature = FromBase64(data[3]);
            var account   = new CvkVault
            {
                VuId     = vuid,
                CvkPub   = C25519Key.Parse(FromBase64(data[0])),
                CVKi     = GetBigInteger(data[1]),
                CvkiAuth = AesKey.Parse(FromBase64(data[2]))
            };

            if (_features.Voucher)
            {
                var signer = await _keyIdManager.GetById(keyId);

                if (signer == null)
                {
                    return(BadRequest("Signer's key must be defined"));
                }

                if (!signer.Key.Verify(_config.Guid.ToByteArray().Concat(vuid.ToByteArray()).ToArray(), signature))
                {
                    return(BadRequest("Signature is not valid"));
                }
            }

            _logger.LogInformation("New cvk for {0} with pub {1}", vuid, data[0]);

            var resp = await _managerCvk.SetOrUpdate(account);

            if (!resp.Success)
            {
                return(resp);
            }

            var m = Encoding.UTF8.GetBytes(_config.UserName + vuid.ToString());
            //TODO: The ork should not send the orkid because the client should already know
            var signOrk = Convert.ToBase64String(_config.PrivateKey.Sign(m));

            resp.Content = new { orkid = _config.UserName, sign = signOrk };

            return(resp);
        }
Пример #8
0
 public static string Encrypt(string plainText, string key)
 {
     return(AesKey.Parse(key).EncryptStr(plainText));
 }
Пример #9
0
 public static string Decrypt(string cipherText, string key)
 {
     return(AesKey.Parse(key).DecryptStr(cipherText));
 }
Пример #10
0
 public AesKey GetSecretKey() => AesKey.Parse(SecretKey);