public SendMessageRequest(string gid, string text, string senderId) : base(true)
{
SecureMessage = new EncryptedMessage();
SecureMessage.PlainText = text;
SecureMessage.GroupId = gid;
SecureMessage.SenderId = senderId;
}
public async Task SendAsync(EncryptedMessage encryptedMessage)
{
if (!_mapConnectionsToPublicKey.Any(p => p.Value == encryptedMessage.To))
{
return;
}
var decryptedMessage = _messageDecryptor.Decrypt(encryptedMessage, GetPrivateKeyFromPublicKey(encryptedMessage.To), true);
var internalMessage = _mapper.Map <InternalMessage>(decryptedMessage);
internalMessage.DateTime = DateTimeOffset.FromUnixTimeSeconds(internalMessage.Timestamp).ToString();
internalMessage.Title = internalMessage.Title;
internalMessage.Content = internalMessage.Content;
internalMessage.Id = internalMessage.Id.GetHashCode().ToString();
var connections = GetConnections(internalMessage.To);
var tasks = connections.Select(async(connId) =>
{
WebSocket webSocket;
if (!_connections.TryGetValue(connId, out webSocket))
{
throw new Exception("Not expected behaviour");
}
await _internalMessageSender.SendAsync(new WebSocketConnection(webSocket, connId), new WebSocketMessageContract()
{
Type = WebSocketMessageResponseTypes.INTERNAL_MESSAGE,
Data = internalMessage
});
});
await Task.WhenAll(tasks);
}
protected async Task handleLocalCommand(NetworkStream stream, Guid remoteId)
{
string command;
var emc = EncryptedMessage.FromStream(stream);
command = decryptMessage(emc);
_log.Debug($"Got command \"{command.Truncate(10)}\".");
var crea = new CommandReceivedEventArgs()
{
Command = command,
NodeId = remoteId,
ResultSource = new TaskCompletionSource <string>()
};
CommandReceived(this, crea);
var response = await crea.ResultSource.Task;
try {
var emr = encryptMessage(response, remoteId);
emr.WriteToStream(stream);
}
catch (Exception x)
{
_log.Warn($"Could not send response: {x.Message}");
throw x;
}
stream.Close();
}
private void BTNChangeEmail_Click(object sender, EventArgs e)
{
TcpClient client = new TcpClient(Form1.ServerIP, 25634);
NetworkStream networkStream = client.GetStream();
BinaryFormatter formatter = new BinaryFormatter();
EncryptedMessage msg = new EncryptedMessage();
msg.EncryptObject(new ChangeEmailMessage()
{
Username = username, Password = ClearTextPassword, NewEmail = TBEmail.Text
}, Properties.Resources.serverPublicKey);
formatter.Serialize(networkStream, msg);
object obj = formatter.Deserialize(networkStream);
client.Close();
if (obj is string && ((string)obj) == "OK")
{
MessageBox.Show(this, "Email changed successfully", "Success");
}
else if (obj is ErrorMessage)
{
MessageBox.Show(this, ((ErrorMessage)obj).MSG, "Error");
}
else
{
MessageBox.Show(this, "Unknown response recieved from server.", "Error");
}
}
public ulong GetDecryptionKeyFromFile(string strPath)
{
System.IO.FileStream fsIn = new FileStream(strPath, FileMode.Open);
System.IO.BinaryReader brIn = new BinaryReader(fsIn);
byte[] bData = new byte[fsIn.Length];
brIn.Read(bData, 0, bData.Length);
try {
string strMessage = System.Text.Encoding.UTF8.GetString(bData);
return(GetDecryptionKey(strMessage));
} catch (Exception) {
EncryptedMessage emMessage = new EncryptedMessage();
Packet[] pPackets = Packet.ParsePackets(bData);
emMessage.ParseMessage(pPackets);
if (!emMessage.SymmetricallyEncrypted)
{
return(emMessage.GetFittingKeyID(skrKeyRing));
}
else
{
return(0ul);
}
}
}
public ulong GetDecryptionKey(string strMessage)
{
ArmorTypes atType = new ArmorTypes();
string strRest = "";
string strRadix64 = Armor.RemoveArmor(strMessage, ref atType, ref strRest);
if (strRadix64.Length == 0)
{
throw new Exception("This is not a valid OpenPGP message!");
}
EncryptedMessage emMessage = new EncryptedMessage();
Packet[] pPackets = Packet.ParsePackets(strRadix64);
emMessage.ParseMessage(pPackets);
if (!emMessage.SymmetricallyEncrypted)
{
ulong lKeyID = emMessage.GetFittingKeyID(skrKeyRing);
return(lKeyID);
}
else
{
return(0ul);
}
}
private static Message CreateMessage(Guid chatID, string messageString)
{
var messageBytes = Encoding.UTF8.GetBytes(messageString);
var encryptedMessage = new EncryptedMessage(messageBytes, Client.SERVER_PASS);
return(new Message(chatID, encryptedMessage));
}
public void Encrypt(byte[] message)
{
Data data = new Data(message, _blockSize);
for (int i = 0; i < data.NumberOfBlocks; ++i)
{
try
{
byte[] block = data.GetNBlock(i);
block = InitialPermutation(block);
for (byte round = 0; round < 16; ++round)
{
byte[] subkey = _key.Subkeys.ElementAt(round);
byte[] left = block.Take(4).ToArray();
byte[] right = block.Skip(4).Take(4).ToArray();
block = Round(left, right, subkey);
}
block = ReverseLeftAndRight(block);
block = ReversedInitialPermutation(block);
EncryptedMessage = EncryptedMessage.Concat(block).ToArray();
}
catch
{
throw;
}
}
}
public EncryptedMessage EncryptData(Message email, RSAEncryption rsaEncryption,
DigitalSignature signature)
{
byte[] message = Encoding.ASCII.GetBytes(email.Text);
var sessionKey = _aes.GenerateRandomNumber(32);
var encryptedPacket = new EncryptedMessage
{
ReceiveDate = DateTime.Now,
Iv = _aes.GenerateRandomNumber(16),
SenderEmail = email.EmailSender,
ReceiverEmail = email.EmailReceiver
};
encryptedPacket.EncryptedData = _aes.Encrypt(message, sessionKey, encryptedPacket.Iv);
encryptedPacket.EncryptedSessionKey = rsaEncryption.EncryptData(sessionKey);
using (var hmac = new HMACSHA256(sessionKey))
{
encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
}
encryptedPacket.Signature = signature.SignData(encryptedPacket.Hmac);
_dbContext.EncryptedMessages.Add(encryptedPacket);
_dbContext.SaveChanges();
return(encryptedPacket);
}
private IEnumerable <Combinator> Exchange(Combinator combinator)
{
_session.Salt = _settings.NonceNewNonceXor;
var oc = new SessionContainer(_session.SessionId, combinator);
EncryptedMessage encMessage = _session.PrepareRpcCall(oc);
var call = new TcpTransport(_connection.PacketNumber++, encMessage.Serialize());
_connection.Write(call.Serialize());
Trace.TraceInformation("#Send: {0}", combinator);
var buffer = _connection.Read();
if (buffer.Length == 0)
{
throw new DecodeException("Response is empty");
}
var result = new List <Combinator>();// ReSharper disable once LoopCanBeConvertedToQuery
foreach (SessionContainer container in ProcessInputBuffer(buffer))
{
Combinator c = Unwrap(container.Combinator, container.SessionId, _session.SessionId, combinator.Descriptor.type);
if (c != null)
{
result.Add(c);
}
}
return(result);
}
private void BTNLogin_Click(object sender, EventArgs e)
{
TcpClient client = new TcpClient(Form1.ServerIP, 25634);
NetworkStream networkStream = client.GetStream();
BinaryFormatter formatter = new BinaryFormatter();
EncryptedMessage msg = new EncryptedMessage();
msg.EncryptObject(new CheckPasswordMessage()
{
Username = TBUsername.Text, Password = TBPassword.Text
}, Properties.Resources.serverPublicKey);
formatter.Serialize(networkStream, msg);
object obj = formatter.Deserialize(networkStream);
client.Close();
if (obj is string && ((string)obj) == "OK")
{
return;
}
DialogResult = DialogResult.None;
if (obj is ErrorMessage)
{
MessageBox.Show(this, ((ErrorMessage)obj).MSG, "Error");
}
else
{
MessageBox.Show(this, "Unable to verify username and password.", "Error");
}
}
public async Task PublishAsync(
IPaymentStatusRepository paymentStatusRepository,
EncryptedMessage message,
CancellationToken cancellationToken = default)
{
// decrypt the message
var decryptedMessage = message.GetMessage <PaymentRequestMessage>(_cipherService);
// save the payment status
var paymentStatus = new PaymentStatus
{
Status = PaymentStatusEnum.Scheduled.ToString(),
RequestId = decryptedMessage.RequestId,
PaymentId = decryptedMessage.PaymentRequestId
};
try
{
await paymentStatusRepository.AddPaymentStatus(paymentStatus);
}
catch (Exception e)
{
_logger.LogWarning($"Probable duplicated Id: {e.Message}");
}
await _writer.WriteAsync(message, cancellationToken);
_logger.LogInformation($"Producer > published message {message.Id} '{message.TopicName}'");
}
private void BTNNext2_Click(object sender, EventArgs e)
{
TcpClient client = new TcpClient(Form1.ServerIP, 25634);
NetworkStream networkStream = client.GetStream();
BinaryFormatter formatter = new BinaryFormatter();
EncryptedMessage msg = new EncryptedMessage();
msg.EncryptObject(new ResetPasswordMessage()
{
Username = TBResetUsername.Text, NewPassword = TBNewPassword.Text, ResetCode = TBResetCode.Text
}, Properties.Resources.serverPublicKey);
formatter.Serialize(networkStream, msg);
object obj = formatter.Deserialize(networkStream);
client.Close();
if (obj is string && ((string)obj) == "OK")
{
MessageBox.Show(this, "Password changed successfully", "Success");
PReset.Visible = false;
PLogin.Visible = true;
}
else if (obj is ErrorMessage)
{
MessageBox.Show(this, ((ErrorMessage)obj).MSG, "Error");
}
else
{
MessageBox.Show(this, "Unknown response recieved from server.", "Error");
}
}
public bool Validate(EncryptedMessage message)
{
var senderPublicKey = Convert.FromBase64String(message.From);
using (var rsa = new RSACryptoServiceProvider(KeysConfiguration.RSAKeysBits))
{
rsa.ImportCspBlob(senderPublicKey);
rsa.PersistKeyInCsp = false;
var dataToVerify = new StringBuilder();
dataToVerify.Append(message.IV);
dataToVerify.Append(message.ToKey);
dataToVerify.Append(message.Timestamp);
dataToVerify.Append(message.Title);
dataToVerify.Append(message.Content);
dataToVerify.Append(message.To);
dataToVerify.Append(message.From);
var dataToVerifyBytes = Encoding.UTF8.GetBytes(dataToVerify.ToString());
var isCorrect = rsa.VerifyData(dataToVerifyBytes,
new SHA256CryptoServiceProvider(),
Convert.FromBase64String(message.Id)
);
return(isCorrect);
}
}
// 1400.02.14
// send encrypted message and get encrypted message
public async static Task <Response <TResponse> > EncryptedHttpPostAsync <TResponse>(string url, object parameter, WebProxy proxy, string encPubKey, string decPriKey) where TResponse : class
{
try
{
var message = EncryptedMessage.Create(parameter, encPubKey);
//var response = await NetHelper.HttpPostAsync<EncryptedMessage>(url, message, null, proxy);
var response = await NetHelper.HttpPostAsync <EncryptedMessage>(new HttpParameters()
{
Address = url, Data = message, Proxy = proxy
});
if (response.HasNotNullResult())
{
return(ResponseFactory.Create <TResponse>(response.Result.Decrypt <TResponse>(decPriKey)));
}
else
{
return(ResponseFactory.CreateError <TResponse>(response.ErrorMessage));
}
}
catch (Exception ex)
{
return(ResponseFactory.CreateError <TResponse>(ex.Message));
}
}
public HiddenMessage Hide(string message, Image src, int[] selectedBits, string encrypt)
{
Bitmap originalImage = CreateNonIndexedImage(src);
Bitmap finalImage;
string key = "";
if (encrypt.Equals("true"))
{
EncryptedMessage encryptedMessage = Encryptor.Encrypt(message);
string encryptedData = Convert.ToBase64String(encryptedMessage.Message);
key = Convert.ToBase64String(encryptedMessage.Key);
finalImage = MergeText(encryptedData, originalImage, selectedBits);
}
else
{
finalImage = MergeText(message, originalImage, selectedBits);
}
MemoryStream memoryStream = new MemoryStream();
finalImage.Save(memoryStream, ImageFormat.Bmp);
byte[] bitmapRecord = memoryStream.ToArray();
return(new HiddenMessage(bitmapRecord, key, message.Length, (message.Length * 8) / (3 * selectedBits.Length), finalImage.Width, finalImage.Height));
}
public void EncryptFile(IFormFile fileform, EncryptedMessage encryptedMessage, RSAEncryption rsaEncryption, DigitalSignature signature)
{
var sessionKey = _aes.GenerateRandomNumber(32);
var encryptedPacket = new EncryptedFile
{
Iv = _aes.GenerateRandomNumber(16),
SenderEmail = encryptedMessage.SenderEmail,
ReceiverEmail = encryptedMessage.ReceiverEmail,
EncryptedMessageId = encryptedMessage.EncryptedMessageId,
FileName = fileform.FileName,
};
byte[] fileInBytes;
using (var stream = new MemoryStream())
{
fileform.CopyToAsync(stream);
fileInBytes = stream.ToArray();
}
encryptedPacket.EncryptedData = _aes.Encrypt(fileInBytes, sessionKey, encryptedPacket.Iv);
encryptedPacket.EncryptedSessionKey = rsaEncryption.EncryptData(sessionKey);
using (var hmac = new HMACSHA256(sessionKey))
{
encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
}
encryptedPacket.Signature = signature.SignData(encryptedPacket.Hmac);
_dbContext.EncryptedFiles.Add(encryptedPacket);
_dbContext.SaveChanges();
}
public async Task Should_send_encrypted_message_and_wait_for_response()
{
byte[] authKey =
"752BC8FC163832CB2606F7F3DC444D39A6D725761CA2FC984958E20EB7FDCE2AA1A65EB92D224CEC47EE8339AA44DF3906D79A01148CB6AACF70D53F98767EBD7EADA5A63C4229117EFBDB50DA4399C9E1A5D8B2550F263F3D43B936EF9259289647E7AAC8737C4E007C0C9108631E2B53C8900C372AD3CCA25E314FBD99AFFD1B5BCB29C5E40BB8366F1DFD07B053F1FBBBE0AA302EEEE5CF69C5A6EA7DEECDD965E0411E3F00FE112428330EBD432F228149FD2EC9B5775050F079C69CED280FE7E13B968783E3582B9C58CEAC2149039B3EF5A4265905D661879A41AF81098FBCA6D0B91D5B595E1E27E166867C155A3496CACA9FD6CF5D16DB2ADEBB2D3E"
.HexToBytes();
ulong salt = 100500;
IServiceLocator serviceLocator = new ServiceLocator();
serviceLocator.RegisterType <IHashServices, HashServices>();
serviceLocator.RegisterType <IEncryptionServices, EncryptionServices>();
var request = new TestRequest {
TestId = 9
};
var expectedResponse = new TestResponse {
TestId = 9, TestText = "Number 1"
};
var expectedResponseMessage = new EncryptedMessage(authKey, salt, 2, 0x0102030405060708, 3, TLRig.Default.Serialize(expectedResponse), Sender.Server,
serviceLocator.ResolveType <IHashServices>(), serviceLocator.ResolveType <IEncryptionServices>());
var inConnector = new Subject <byte[]>();
var mockTransport = new Mock <ITransport>();
mockTransport.Setup(transport => transport.Subscribe(It.IsAny <IObserver <byte[]> >())).Callback <IObserver <byte[]> >(observer => inConnector.Subscribe(observer));
mockTransport.Setup(transport => transport.Send(It.IsAny <byte[]>())).Callback(() => inConnector.OnNext(expectedResponseMessage.MessageBytes));
var mockTransportFactory = new Mock <ITransportFactory>();
mockTransportFactory.Setup(manager => manager.CreateTransport(It.IsAny <TransportConfig>())).Returns(() => mockTransport.Object).Verifiable();
serviceLocator.RegisterInstance(mockTransportFactory.Object);
serviceLocator.RegisterInstance(Mock.Of <TransportConfig>());
serviceLocator.RegisterInstance(TLRig.Default);
serviceLocator.RegisterInstance <IMessageIdGenerator>(new TestMessageIdsGenerator());
serviceLocator.RegisterType <IMTProtoConnection, MTProtoConnection>(RegistrationType.Transient);
using (var connection = serviceLocator.ResolveType <IMTProtoConnection>())
{
connection.SetupEncryption(authKey, salt);
await connection.Connect();
// Testing sending a plain message.
TestResponse response = await connection.SendEncryptedMessage <TestResponse>(request, TimeSpan.FromSeconds(5));
response.Should().NotBeNull();
response.ShouldBeEquivalentTo(expectedResponse);
await Task.Delay(100); // Wait while internal sender processes the message.
IMessage inMessageTask = await connection.OutMessagesHistory.FirstAsync().ToTask();
mockTransport.Verify(transport => transport.Send(inMessageTask.MessageBytes), Times.Once);
await connection.Disconnect();
}
}
public static string EncryptedToString(EncryptedMessage entrada)
{
string ret;
ret = entrada.iv + entrada.encryptedText;
return(ret);
}
public void AddIncomingMessage(EncryptedMessage m)
{
lock (Lock)
{
Messages[MessageCounter] = m;
MessageCounter += 1;
}
}
public void TestMessageParsingSingleValue1()
{
string cypherText = "A";
var cryptoMessage = new EncryptedMessage(cypherText);
cryptoMessage.GetValues().Should().Equal(1);
}
public void TestMessageParsingTwoValues()
{
string cypherText = "AZ";
var cryptoMessage = new EncryptedMessage(cypherText);
cryptoMessage.GetValues().Should().Equal(1, 26);
}
public static EncryptedMessage StringToEncrypted(string entrada)
{
EncryptedMessage ret = new EncryptedMessage();
ret.encryptedText = entrada.Substring(ReadOnlyParam.ivSize);
ret.iv = entrada.Substring(0, ReadOnlyParam.ivSize);
return(ret);
}
public string Decrypt()
{
foreach (var ch in EncryptedMessage.Trim().Split(' '))
{
var res = BigInteger.ModPow(int.Parse(ch), D, N);
DecryptedMessage += Alphabet.GetCharRSA(((int)res + N) % N);
}
return(DecryptedMessage);
}
public void MessageValidator_ValidSignature_Should_Return_True_When_Has_Valid_Signature()
{
EncryptedMessage msg = MessageHelper.GetTestEncryptedMessage();
var md = new MessageSignatureValidator();
var result = md.Validate(msg);
Assert.True(result == true);
}
private void ManageUserForm_Load(object sender, EventArgs e)
{
LoginForm loginForm = new LoginForm();
if (loginForm.ShowDialog(this) == DialogResult.Cancel)
{
Close();
return;
}
username = loginForm.TBUsername.Text;
password = new SecureString();
foreach (char c in loginForm.TBPassword.Text)
{
password.AppendChar(c);
}
password.MakeReadOnly();
loginForm.TBPassword.Text = "";
LUsername.Text = username;
TcpClient client = new TcpClient(Form1.ServerIP, 25634);
NetworkStream networkStream = client.GetStream();
BinaryFormatter formatter = new BinaryFormatter();
EncryptedMessage msg = new EncryptedMessage();
byte[] AESKey = msg.EncryptObject(new GetUserDataMessage()
{
Username = username, Password = ClearTextPassword
}, Properties.Resources.serverPublicKey);
formatter.Serialize(networkStream, msg);
object obj = formatter.Deserialize(networkStream);
client.Close();
if (obj is EncryptedMessage)
{
msg = (EncryptedMessage)obj;
obj = msg.DecryptObject(AESKey);
data = (GetUserDataReturnMessage)obj;
TBEmail.Text = data.Email;
foreach (string lib in data.Libraries.Keys)
{
LBLibraries.Items.Add(lib);
}
return;
}
if (obj is ErrorMessage)
{
MessageBox.Show(this, ((ErrorMessage)obj).MSG, "Error");
}
else
{
MessageBox.Show(this, "Unknown response recieved from server.", "Error");
}
Close();
}
private void BTNCreate_Click(object sender, EventArgs e)
{
string username = TBUsername.Text.Trim();
string password = TBPassword.Text;
string email = TBEmail.Text;
if (username == "")
{
MessageBox.Show(this, "You need to specify a username.");
return;
}
if (password == "")
{
MessageBox.Show(this, "You need to specify a password.");
return;
}
BinaryFormatter formatter = new BinaryFormatter();
RegisterUserMessage msg = new RegisterUserMessage()
{
Name = username, Password = password, Email = email
};
//Encrypt
MemoryStream stream = new MemoryStream();
formatter.Serialize(stream, msg);
EncryptedMessage encrMsg = new EncryptedMessage();
encrMsg.Encrypt(stream.ToArray(), Properties.Resources.serverPublicKey);
stream.Close();
//Send it
TcpClient client = new TcpClient(Form1.ServerIP, 25634);
NetworkStream networkStream = client.GetStream();
formatter.Serialize(networkStream, encrMsg);
object obj = formatter.Deserialize(networkStream);
client.Close();
if (obj is string && ((string)obj) == "OK")
{
MessageBox.Show(this, "Account created successfully", "Success");
Close();
}
else if (obj is ErrorMessage)
{
MessageBox.Show(this, ((ErrorMessage)obj).MSG, "Error");
}
else
{
MessageBox.Show(this, "Unknown response recieved from server.", "Error");
}
}
// ===================
// ===== Message =====
// ===================
public static string CreateMessage(EncryptedMessage message)
{
HttpResponseMessage response = Client.PostAsJsonAsync("api/message", message).Result;
response.EnsureSuccessStatusCode();
// Deserialize the added message from the response body.
message = response.Content.ReadAsAsync <EncryptedMessage>().Result;
return(message.Guid);
}
protected override void encryptKey(ref EncryptedMessage em, Guid remoteId)
{
if (KeyEncryption is NoKey)
{
return;
}
em.Key = KeyEncryption.EncryptData(em.Key, HubPublicKey?.Key);
em.KeyType = KeyEncryption.Type;
}
public void Does_throw_on_replayed_messages()
{
var client = CreateClient();
var request = new HelloSecure {
Name = "World"
};
AesUtils.CreateKeyAndIv(out var cryptKey, out var iv);
byte[] authKey = AesUtils.CreateKey();
var cryptAuthKeys = cryptKey.Combine(authKey);
var rsaEncCryptAuthKeys = RsaUtils.Encrypt(cryptAuthKeys, SecureConfig.PublicKeyXml);
var authRsaEncCryptAuthKeys = HmacUtils.Authenticate(rsaEncCryptAuthKeys, authKey, iv);
var timestamp = DateTime.UtcNow.ToUnixTime();
var requestBody = timestamp + " POST " + nameof(HelloSecure) + " " + request.ToJson();
var encryptedBytes = AesUtils.Encrypt(requestBody.ToUtf8Bytes(), cryptKey, iv);
var authEncryptedBytes = HmacUtils.Authenticate(encryptedBytes, authKey, iv);
var encryptedMessage = new EncryptedMessage
{
EncryptedSymmetricKey = Convert.ToBase64String(authRsaEncCryptAuthKeys),
EncryptedBody = Convert.ToBase64String(authEncryptedBytes),
};
var encResponse = client.Post(encryptedMessage);
try
{
client.Post(encryptedMessage);
Assert.Fail("Should throw");
}
catch (WebServiceException ex)
{
ex.StatusDescription.Print();
var errorResponse = (EncryptedMessageResponse)ex.ResponseDto;
authEncryptedBytes = Convert.FromBase64String(errorResponse.EncryptedBody);
if (!HmacUtils.Verify(authEncryptedBytes, authKey))
{
throw new Exception("EncryptedBody is Invalid");
}
var responseBytes = HmacUtils.DecryptAuthenticated(authEncryptedBytes, cryptKey);
var responseJson = responseBytes.FromUtf8Bytes();
var response = responseJson.FromJson <ErrorResponse>();
Assert.That(response.ResponseStatus.Message, Is.EqualTo("Nonce already seen"));
}
}
public object Any(EncryptedMessage request)
{
throw new NotImplementedException("EncryptedMessages Service cannot be called directly");
}
private static void DecryptAndVerify(SecretKeyRing skrSecretKeyRing, PublicKeyRing pkrPublicKeyRing, byte[] bData)
{
string strMessage = System.Text.Encoding.UTF8.GetString(bData);
ArmorTypes atType = new ArmorTypes();
string strRest = "";
string strRadix64 = Armor.RemoveArmor(strMessage, ref atType, ref strRest);
if (strRadix64.Length > 0)
bData = Radix64.Decode(strRadix64);
SharpPrivacy.OpenPGP.Messages.Message mContent = null;
if (atType == ArmorTypes.OpenPGPSignature) {
string strSignature = "";
string strSignedMessage = Armor.RemoveClearSignatureArmor(strMessage, ref atType, ref strSignature);
strSignedMessage = Radix64.DashUnescape(strSignedMessage);
strSignedMessage = Radix64.TrimMessage(strSignedMessage);
SignedMessage smMessage = new SignedMessage();
Packet[] pPackets = Packet.ParsePackets(strSignature);
if (!(pPackets[0] is SignaturePacket)) {
MessageBox.Show("Not a valid cleartext signature!");
return;
}
smMessage.Signature = (SignaturePacket)pPackets[0];
LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Text);
lmMessage.Text = strSignedMessage;
smMessage.MessageSigned = lmMessage;
mContent = smMessage;
} else {
// let us see what kind of message this is
EncryptedMessage emMessage = new EncryptedMessage();
try {
Packet[] pPackets = Packet.ParsePackets(bData);
emMessage.ParseMessage(pPackets);
if (emMessage.SymmetricallyEncrypted) {
// Query passphrase for symmetrically encrypted message
QueryPassphrase qpPassphrase = new QueryPassphrase();
qpPassphrase.ShowMyDialog();
string strPassphrase = qpPassphrase.Passphrase;
mContent = emMessage.Decrypt(strPassphrase);
} else {
ulong lKeyID = emMessage.GetFittingKeyID(skrSecretKeyRing);
QueryPassphrase qpPassphrase = new QueryPassphrase();
qpPassphrase.ShowMyDialog(skrSecretKeyRing.Find(lKeyID));
string strPassphrase = qpPassphrase.Passphrase;
mContent = emMessage.Decrypt(skrSecretKeyRing, strPassphrase);
}
while ((!(mContent is LiteralMessage)) && (!(mContent is SignedMessage))) {
if (mContent is CompressedMessage) {
mContent = ((CompressedMessage)mContent).Uncompress();
} else {
MessageBox.Show("This is not a valid OpenPGP message!");
return;
}
}
} catch (Exception ee) {
MessageBox.Show("There was an error decrypting your message: " + ee.Message);
return;
}
}
LiteralMessage lmContent = new LiteralMessage();
string strDisplay = "";
if (mContent is SignedMessage) {
SignedMessage smContent = (SignedMessage)mContent;
lmContent = smContent.MessageSigned;
strDisplay += "*** OpenPGP Signed Message ***\r\n";
strDisplay += "*** Signature Status: " + smContent.Verify(pkrPublicKeyRing) + " ***\r\n";
strDisplay += "*** Signing Key: " + smContent.Signature.KeyID.ToString("x") + " ***\r\n";
strDisplay += "*** Signing Date: " + smContent.Signature.TimeCreated.ToString() + "***\r\n\r\n";
} else if (mContent is LiteralMessage) {
lmContent = (LiteralMessage)mContent;
strDisplay += "*** OpenPGP Encrypted Message ***\r\n\r\n";
} else {
MessageBox.Show("An error occured: Could not find an encrypted or signed message!", "Error...");
return;
}
if (lmContent.DataFormat == DataFormatTypes.Text) {
strDisplay += lmContent.Text;
strDisplay += "\r\n\r\n*** End OpenPGP Message ***\r\n";
PlaintextViewer pvViewer = new PlaintextViewer();
pvViewer.MessageText = strDisplay;
pvViewer.Show();
} else {
if (MessageBox.Show(strDisplay, "Signature Status...", MessageBoxButtons.OKCancel, MessageBoxIcon.Asterisk, MessageBoxDefaultButton.Button1) == DialogResult.OK) {
System.Windows.Forms.SaveFileDialog sfdSave = new SaveFileDialog();
sfdSave.OverwritePrompt = true;
sfdSave.Filter = "All Files (*.*)|*.*";
sfdSave.FileName = lmContent.Filename;
sfdSave.ShowDialog();
if (sfdSave.FileName.Length > 0) {
System.IO.FileStream fsOut = new FileStream(sfdSave.FileName, FileMode.CreateNew);
System.IO.BinaryWriter bwOut = new BinaryWriter(fsOut);
bwOut.Write(lmContent.Binary);
bwOut.Close();
fsOut.Close();
}
}
}
}
public void Can_Send_Encrypted_Message()
{
var client = CreateClient();
var request = new HelloSecure { Name = "World" };
var aes = new AesManaged { KeySize = AesUtils.KeySize };
var aesKeyBytes = aes.Key.Combine(aes.IV);
var rsaEncAesKeyBytes = RsaUtils.Encrypt(aesKeyBytes, SecureConfig.PublicKeyXml);
var timestamp = DateTime.UtcNow.ToUnixTime();
var requestBody = timestamp + " POST " + typeof(HelloSecure).Name + " " + request.ToJson();
var encryptedMessage = new EncryptedMessage
{
EncryptedSymmetricKey = Convert.ToBase64String(rsaEncAesKeyBytes),
EncryptedBody = AesUtils.Encrypt(requestBody, aes.Key, aes.IV)
};
var encResponse = client.Post(encryptedMessage);
var responseJson = AesUtils.Decrypt(encResponse.EncryptedBody, aes.Key, aes.IV);
var response = responseJson.FromJson<HelloSecureResponse>();
Assert.That(response.Result, Is.EqualTo("Hello, World!"));
}
// in background thread
public void ReceiveMessage(EncryptedMessage encryptedMessage) {
try {
if(encryptedMessage.Constructor == Constructor.encryptedMessage) {
logger.info("simple encrypted message");
EncryptedMessageConstructor encryptedMessageConstructor = (EncryptedMessageConstructor) encryptedMessage;
byte[] data = encryptedMessageConstructor.bytes;
byte[] msgKey;
long keyFingerprint;
logger.info("encrypted message data: {0}", BitConverter.ToString(data).Replace("-", "").ToLower());
using(MemoryStream memory = new MemoryStream(data)) {
using(BinaryReader reader = new BinaryReader(memory)) {
keyFingerprint = reader.ReadInt64();
msgKey = reader.ReadBytes(16);
data = reader.ReadBytes(data.Length - 16 - 8);
}
}
if(fingerprint != keyFingerprint) {
logger.error("invalid key fingerprint");
return;
}
logger.info("ciphertext data: {0}", BitConverter.ToString(data).Replace("-", "").ToLower());
AESKeyData aesKey = Helpers.CalcKey(key, msgKey, true);
data = AES.DecryptAES(aesKey, data);
byte[] data2 = AES.EncryptAES(aesKey, data);
byte[] data3 = AES.DecryptAES(aesKey, data2);
logger.info("aes equals: {0}", data.SequenceEqual(data3));
logger.info("plaintext data: {0}", BitConverter.ToString(data).Replace("-", "").ToLower());
logger.info("two-transformed plaintext: {0}", BitConverter.ToString(data3).Replace("-", "").ToLower());
byte[] calculatedMsgKey;
using(MemoryStream memory = new MemoryStream(data)) {
using(BinaryReader reader = new BinaryReader(memory)) {
int len = reader.ReadInt32();
logger.info("readed len = {0}, actual len = {1}", len, data.Length - 4);
if(len < 0 || len > data.Length - 4) {
return;
}
calculatedMsgKey = Helpers.CalcMsgKey(data, 0, 4 + len);
data = reader.ReadBytes(len);
}
}
if(!msgKey.SequenceEqual(calculatedMsgKey)) {
logger.info("incalid msg key: data {0}, sha1 {1}, received msg key {2}", BitConverter.ToString(data), BitConverter.ToString(Helpers.sha1(data)), BitConverter.ToString(msgKey));
return;
}
DecryptedMessage decryptedMessage;
using(MemoryStream memory = new MemoryStream(data)) {
using(BinaryReader reader = new BinaryReader(memory)) {
//DecryptedMessageLayerConstructor layer = (DecryptedMessageLayerConstructor) TL.Parse<DecryptedMessageLayer>(reader);
// if(layer.layer > 8) {
// logger.info("encrypted message layer {0} - need upgrade", layer.layer);
// // TODO: notify - need upgrade
// return;
// }
decryptedMessage = TL.Parse<DecryptedMessage>(reader);
}
}
logger.info("decrypted message: {0}", decryptedMessage);
if(decryptedMessage.Constructor == Constructor.decryptedMessageService) {
DecryptedMessageAction action = ((DecryptedMessageServiceConstructor) decryptedMessage).action;
if(action.Constructor == Constructor.decryptedMessageActionSetMessageTTL) {
DecryptedMessageActionSetMessageTTLConstructor actionttl = (DecryptedMessageActionSetMessageTTLConstructor) action;
UpdateTTL(actionttl.ttl_seconds);
}
}
MessageModel messageModel = new MessageModelEncryptedDelivered(OpponentId, TelegramSession.Instance.SelfId, encryptedMessageConstructor.date, false, true, decryptedMessage, encryptedMessageConstructor.file);
Deployment.Current.Dispatcher.BeginInvoke(() => {
messages.Add(messageModel);
if (this == TelegramSession.Instance.Dialogs.OpenedDialog) {
OpenedRead();
}
});
}
} catch(Exception e) {
logger.error("dialog model receive encrypted message exception: {0}", e);
}
}
public void ReceiveMessage(EncryptedMessage encryptedMessage) {
int id;
switch(encryptedMessage.Constructor) {
case Constructor.encryptedMessage:
id = ((EncryptedMessageConstructor) encryptedMessage).chat_id;
break;
case Constructor.encryptedMessageService:
id = ((EncryptedMessageServiceConstructor) encryptedMessage).chat_id;
break;
default:
logger.error("invalid constructor");
return;
}
logger.info("receivong encrypted message in chat");
DialogModelEncrypted targetDialog = null;
foreach (var dialog in from dialogModel in model.Dialogs where dialogModel is DialogModelEncrypted && ((DialogModelEncrypted)dialogModel).Id == id select (DialogModelEncrypted)dialogModel) {
targetDialog = dialog;
break;
}
if(targetDialog != null) {
targetDialog.ReceiveMessage(encryptedMessage);
Deployment.Current.Dispatcher.BeginInvoke(() => model.UpDialog(targetDialog));
} else {
logger.warning("encrypted message to unknown dialog");
}
/*
Deployment.Current.Dispatcher.BeginInvoke(() => {
});*/
}
public void Does_throw_on_replayed_messages()
{
var client = CreateClient();
var request = new HelloSecure { Name = "World" };
byte[] cryptKey, iv;
AesUtils.CreateKeyAndIv(out cryptKey, out iv);
byte[] authKey = AesUtils.CreateKey();
var cryptAuthKeys = cryptKey.Combine(authKey);
var rsaEncCryptAuthKeys = RsaUtils.Encrypt(cryptAuthKeys, SecureConfig.PublicKeyXml);
var authRsaEncCryptAuthKeys = HmacUtils.Authenticate(rsaEncCryptAuthKeys, authKey, iv);
var timestamp = DateTime.UtcNow.ToUnixTime();
var requestBody = timestamp + " POST " + typeof(HelloSecure).Name + " " + request.ToJson();
var encryptedBytes = AesUtils.Encrypt(requestBody.ToUtf8Bytes(), cryptKey, iv);
var authEncryptedBytes = HmacUtils.Authenticate(encryptedBytes, authKey, iv);
var encryptedMessage = new EncryptedMessage
{
EncryptedSymmetricKey = Convert.ToBase64String(authRsaEncCryptAuthKeys),
EncryptedBody = Convert.ToBase64String(authEncryptedBytes),
};
var encResponse = client.Post(encryptedMessage);
try
{
client.Post(encryptedMessage);
Assert.Fail("Should throw");
}
catch (WebServiceException ex)
{
ex.StatusDescription.Print();
var errorResponse = (EncryptedMessageResponse)ex.ResponseDto;
authEncryptedBytes = Convert.FromBase64String(errorResponse.EncryptedBody);
if (!HmacUtils.Verify(authEncryptedBytes, authKey))
throw new Exception("EncryptedBody is Invalid");
var responseBytes = HmacUtils.DecryptAuthenticated(authEncryptedBytes, cryptKey);
var responseJson = responseBytes.FromUtf8Bytes();
var response = responseJson.FromJson<ErrorResponse>();
Assert.That(response.ResponseStatus.Message, Is.EqualTo("Nonce already seen"));
}
}
public void Can_Send_Encrypted_Message()
{
var client = CreateClient();
var request = new HelloSecure { Name = "World" };
byte[] cryptKey, authKey, iv;
AesUtils.CreateCryptAuthKeysAndIv(out cryptKey, out authKey, out iv);
var cryptAuthKeys = cryptKey.Combine(authKey);
var rsaEncCryptAuthKeys = RsaUtils.Encrypt(cryptAuthKeys, SecureConfig.PublicKeyXml);
var authRsaEncCryptAuthKeys = HmacUtils.Authenticate(rsaEncCryptAuthKeys, authKey, iv);
var timestamp = DateTime.UtcNow.ToUnixTime();
var requestBody = timestamp + " POST " + typeof(HelloSecure).Name + " " + request.ToJson();
var encryptedBytes = AesUtils.Encrypt(requestBody.ToUtf8Bytes(), cryptKey, iv);
var authEncryptedBytes = HmacUtils.Authenticate(encryptedBytes, authKey, iv);
var encryptedMessage = new EncryptedMessage
{
EncryptedSymmetricKey = Convert.ToBase64String(authRsaEncCryptAuthKeys),
EncryptedBody = Convert.ToBase64String(authEncryptedBytes),
};
var encResponse = client.Post(encryptedMessage);
authEncryptedBytes = Convert.FromBase64String(encResponse.EncryptedBody);
if (!HmacUtils.Verify(authEncryptedBytes, authKey))
throw new Exception("Invalid EncryptedBody");
var decryptedBytes = HmacUtils.DecryptAuthenticated(authEncryptedBytes, cryptKey);
var responseJson = decryptedBytes.FromUtf8Bytes();
var response = responseJson.FromJson<HelloSecureResponse>();
Assert.That(response.Result, Is.EqualTo("Hello, World!"));
}
public void Does_throw_on_replayed_messages()
{
var client = CreateClient();
var request = new HelloSecure { Name = "World" };
var aes = new AesManaged { KeySize = AesUtils.KeySize };
var aesKeyBytes = aes.Key.Combine(aes.IV);
var rsaEncAesKeyBytes = RsaUtils.Encrypt(aesKeyBytes, SecureConfig.PublicKeyXml);
var timestamp = DateTime.UtcNow.ToUnixTime();
var requestBody = timestamp + " POST " + typeof(HelloSecure).Name + " " + request.ToJson();
var encryptedMessage = new EncryptedMessage
{
EncryptedSymmetricKey = Convert.ToBase64String(rsaEncAesKeyBytes),
EncryptedBody = AesUtils.Encrypt(requestBody, aes.Key, aes.IV)
};
var encResponse = client.Post(encryptedMessage);
try
{
client.Post(encryptedMessage);
Assert.Fail("Should throw");
}
catch (WebServiceException ex)
{
ex.StatusDescription.Print();
var errorResponse = (EncryptedMessageResponse)ex.ResponseDto;
var responseJson = AesUtils.Decrypt(errorResponse.EncryptedBody, aes.Key, aes.IV);
var response = responseJson.FromJson<ErrorResponse>();
Assert.That(response.ResponseStatus.Message, Is.EqualTo("Nonce already seen"));
}
}
public void Can_Send_Encrypted_Message()
{
var client = new JsonServiceClient(Config.AbsoluteBaseUri);
var request = new HelloSecure { Name = "World" };
var aes = new AesManaged { KeySize = AesUtils.KeySize };
var aesKeyBytes = aes.Key.Combine(aes.IV);
var rsaEncAesKeyBytes = RsaUtils.Encrypt(aesKeyBytes, SecureConfig.PublicKeyXml);
var requestBody = typeof(HelloSecure).Name + " " + request.ToJson();
var encryptedMessage = new EncryptedMessage
{
SymmetricKeyEncrypted = Convert.ToBase64String(rsaEncAesKeyBytes),
EncryptedBody = AesUtils.Encrypt(requestBody, aes.Key, aes.IV)
};
var encResponse = client.Post(encryptedMessage);
var responseJson = AesUtils.Decrypt(encResponse.EncryptedBody, aes.Key, aes.IV);
var response = responseJson.FromJson<HelloSecureResponse>();
Assert.That(response.Result, Is.EqualTo("Hello, World!"));
}
