public static EncryptedTokenValidationStatus ValidateEncryptedToken(NameValueCollection headers, string plainPost, bool usePkcsPadding = false)
{
SecureSession session = SecureSession.Get(headers);
EncryptedValidationToken token = ReadEncryptedValidationToken(headers);
return(ValidateEncryptedToken(session, token, plainPost, usePkcsPadding));
}
public static EncryptedTokenValidationStatus ValidateEncryptedToken(SecureSession session, EncryptedValidationToken token, string plainPost, bool usePkcsPadding = false)
{
Args.ThrowIfNull(session, "session");
Args.ThrowIfNull(token, "token");
return(ValidateEncrtypedToken(session, token.HashCipher, token.NonceCipher, plainPost, usePkcsPadding));
}
private static SecureSession CreateSession(string identifier, Instant instant = null)
{
if (instant == null)
{
instant = new Instant();
}
DateTime now = DateTime.UtcNow;
SecureSession result = new SecureSession();
result.Identifier = identifier;
result.CreationDate = now;
result.LastActivity = now;
result.TimeOffset = instant.DiffInMilliseconds(now);
result.IsActive = true;
AsymmetricCipherKeyPair keys = RsaKeyGen.GenerateKeyPair(DefaultKeySize);
result.AsymmetricKey = keys.ToPem();
AesKeyVectorPair kvp = new AesKeyVectorPair();
result.SymmetricKey = kvp.Key.EncryptWithPublicKey(keys.Public);
result.SymmetricIV = kvp.IV.EncryptWithPublicKey(keys.Public);
result.Save();
return(result);
}
public void EndSession(string sessionIdentifier)
{
SecureSession session = SecureSession.Get(sessionIdentifier);
session.Delete();
Log.AddEntry("EndSession: Session {0} was deleted", sessionIdentifier);
}
private void SetSessionCookie(SecureSession session)
{
Cookie sessionCookie = HttpContext.Response.Cookies[SecureSession.CookieName];
if (sessionCookie == null)
{
HttpContext.Response.Cookies.Add(new Cookie(SecureSession.CookieName, session.Identifier));
}
}
/// <summary>
/// Establish a secure session
/// </summary>
/// <returns></returns>
public SecureChannelMessage <ClientSessionInfo> InitSession(Instant instant)
{
SecureSession session = SecureSession.Get(HttpContext, instant);
ClientSessionInfo result = GetClientSessionInfo(session);
SetSessionCookie(session);
return(new SecureChannelMessage <ClientSessionInfo>(result));
}
internal static ClientSessionInfo GetClientSessionInfo(SecureSession session)
{
ClientSessionInfo result = new ClientSessionInfo()
{
SessionId = session.Id.Value,
ClientIdentifier = session.Identifier,
PublicKey = session.PublicKey
};
return(result);
}
/// <summary>
/// Gets a SecureSession with the specified sessionIdentifier creating it
/// if necessary
/// </summary>
/// <param name="sessionIdentifier"></param>
/// <returns></returns>
public static SecureSession Get(string sessionIdentifier, Instant instant = null)
{
SecureSession result = SecureSession.OneWhere(c => c.Identifier == sessionIdentifier);
if (result == null)
{
result = CreateSession(sessionIdentifier, instant);
}
return(result);
}
public ActionResult Update(Bam.Net.ServiceProxy.Secure.SecureSession dao)
{
try
{
dao.Save();
return(Json(new { Success = true, Message = "", Dao = dao.ToJsonSafe() }));
}
catch (Exception ex)
{
return(GetErrorResult(ex));
}
}
private static SecureSession CreateFromFilter(IQueryFilter filter, Database database = null)
{
Database db = database ?? Db.For <SecureSession>();
var dao = new SecureSession();
filter.Parameters.Each(p =>
{
dao.Property(p.ColumnName, p.Value);
});
dao.Save(db);
return(dao);
}
public static SecureSession Get(Cookie secureSessionCookie, Instant instant = null)
{
Args.ThrowIfNull(secureSessionCookie, "cookie");
SecureSession result = null;
if (secureSessionCookie != null && secureSessionCookie.Name.Equals(CookieName))
{
result = Get(secureSessionCookie.Value, instant);
}
return(result);
}
public SecureChannelMessage SetSessionKey(SetSessionKeyRequest request)
{
SecureChannelMessage result = new SecureChannelMessage(true);
try
{
SecureSession session = SecureSession.Get(HttpContext);
session.SetSymmetricKey(request);
}
catch (Exception ex)
{
result = new SecureChannelMessage(ex);
}
return(result);
}
public static EncryptedTokenValidationStatus ValidateEncrtypedToken(SecureSession session, string hashCipher, string nonceCipher, string plainPost, bool usePkcsPadding = false)
{
string hash = session.DecryptWithPrivateKey(hashCipher, usePkcsPadding);
string nonce = session.DecryptWithPrivateKey(nonceCipher, usePkcsPadding);
int offset = session.TimeOffset.Value;
EncryptedTokenValidationStatus result = ValidateNonce(nonce, offset);
if (result == EncryptedTokenValidationStatus.Success)
{
result = ValidateHash(nonce, hash, plainPost);
}
return(result);
}
public string TestSessionKey(string cipher)
{
string result = "";
try
{
SecureSession session = SecureSession.Get(HttpContext);
result = session.Decrypt(cipher);
}
catch (Exception ex)
{
result = ex.Message;
}
return(result);
}
/// <summary>
/// Gets a SecureSession with the specified sessionIdentifier creating it
/// if necessary
/// </summary>
/// <param name="sessionIdentifier"></param>
/// <returns></returns>
public static SecureSession Get(string sessionIdentifier, Instant instant = null)
{
SecureSession result = null;
if (_secureSessions.ContainsKey(sessionIdentifier))
{
result = _secureSessions[sessionIdentifier];
}
else
{
result = OneWhere(c => c.Identifier == sessionIdentifier);
if (result == null)
{
result = CreateSession(sessionIdentifier, instant);
}
_secureSessions.TryAdd(sessionIdentifier, result);
}
return(result);
}
public ActionResult Delete(long id)
{
try
{
string msg = "";
Bam.Net.ServiceProxy.Secure.SecureSession dao = Bam.Net.ServiceProxy.Secure.SecureSession.OneWhere(c => c.KeyColumn == id);
if (dao != null)
{
dao.Delete();
}
else
{
msg = string.Format("The specified id ({0}) was not found in the table (SecureSession)", id);
}
return(Json(new { Success = true, Message = msg, Dao = "" }));
}
catch (Exception ex)
{
return(GetErrorResult(ex));
}
}
public SecureSession ReloadSession()
{
_session = null;
return(Session);
}
public static EncryptedValidationToken CreateEncryptedValidationToken(string postString, SecureSession session)
{
return(CreateEncryptedValidationToken(postString, session.PublicKey));
}
public ActionResult Create(Bam.Net.ServiceProxy.Secure.SecureSession dao)
{
return(Update(dao));
}
