public bool AppCertificateValidation(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors.Equals(SslPolicyErrors.RemoteCertificateNotAvailable))
{
logger.Log(this, "Remote certificate not available.", true);
return(false);
}
if (!X509Certificate2Utils.ExportToPem(certificate).Equals(acceptedPublicKey))
{
logger.Log(this, $"Remote certificate has other public key.\n{X509Certificate2Utils.ExportToPem(certificate)}", true);
return(false);
}
return(true);
}
public static void Register(out Connection connection, out SettingsCapsula settings, Logger logger, Action <String> log,
String serverAddress, X509Certificate2 clientCert, IClientDatabaseConfig config,
String userName, SettingsLoader settingsLoader, ServerInfo info)
{
IConnectionVerificator verificator = new ConnectionVerificator(logger, info.PublicCertificate);
connection = new Connection(logger, verificator, serverAddress, clientCert, config, userName);
connection.Connect();
log("Saving settings.");
settingsLoader.Create(clientCert, connection.UserId, connection.UserName, info.Name, serverAddress, info.PublicCertificate, (int)connection.ClientId);
settings = settingsLoader.GetSettingsCapsula();
log("Saving the self AES key.");
//The only user outside of the chain
using (Context context = new Context(config))
{
context.Contacts.Add(new Contacts()
{
PublicId = connection.UserId,
UserName = connection.UserName,
AlarmPermission = 1,
BlobMessagesId = null,
NickName = null,
Trusted = 1,
ReceiveAesKey = connection.SelfAesPassword?.Password,
SendAesKey = connection.SelfAesPassword?.Password,
PublicCertificate = X509Certificate2Utils.ExportToPem(clientCert)
});
context.SaveChanges();
}
log("Self-trustification begin.");
connection.TrustContact(connection.UserId);
log("Self-trustification done.");
log("Updating.");
connection.Pull();
connection.Push();
log("Updating done.");
}
public static HandshakeReturnCapsula Login(Logger logger, Stream stream, X509Certificate2 cert, string password, string userName = null, int?clientId = null)
{
ClientHandshake clientHandshake = new ClientHandshake()
{
PemCertificate = X509Certificate2Utils.ExportToPem(cert),
UserName = userName,
ClientId = clientId,
ServerPassword = password
};
if (userName != null && userName.Length > DataConstants.USER_NAME_MAX_LENGHT)
{
throw new Exception("Username is too long.");
}
TextEncoder.SendJson(stream, clientHandshake);
byte[] encrypted = BinaryEncoder.ReceiveBytes(stream);
byte[] decrypted = RSAEncoder.Decrypt(encrypted, cert);
BinaryEncoder.SendBytes(stream, decrypted);
ServerHandshake serverHandshake = TextEncoder.ReadJson <ServerHandshake>(stream);
logger.Log("Handshake", "Handshake", serverHandshake.Errors, false);
if (!serverHandshake.Succeeded)
{
throw new Exception($"Handshake failed\n{serverHandshake.Errors}");
}
return(new HandshakeReturnCapsula()
{
UserId = serverHandshake.UserId,
UserName = serverHandshake.UserName,
ClientId = serverHandshake.ClientId,
SelfAesPassword = serverHandshake.SelfAesKey == null ? null : new AESPassword(RSAEncoder.DecryptAndVerify(serverHandshake.SelfAesKey, cert, cert))
});
}
public ServerInfo GetServerInfo()
{
String publicKey = X509Certificate2Utils.ExportToPem(cert);
return(new ServerInfo(config.ServerName, publicKey, config.Password != null));
}