using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Newtonsoft.Json; using System; using System.Collections.Generic; using System.Linq; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using System.Security.Policy; using System.Text; using System.Threading.Tasks; namespace EVCB_OCPP.WSServer.Service { public class EnvCheckService { public EnvCheckService( IConfiguration configuration, ILogger logger) { this.configuration = configuration; this.logger = logger; CheckVariable(); } private readonly IConfiguration configuration; private readonly ILogger logger; private const string certPath = "/run/secrets"; private const string certFileName1 = "cert1"; private const string certFileName2 = "cert2"; private const string certFileName3 = "licence"; private const string key1 = "MYkGePq3yYw0w4FYKXSl2KP4erMVos+WtkZS+SKnD+E=/BhbnUz7mYSSzr8xfSFp3Q=="; private const string key2 = "MIIBCgKCAQEAnsVwgEb9IVBDZrYE42KOMuI5RWAgnk4OsUWMu/UuHLbQyUxv9cNTSQqWnUgEU4J1Dys8cbRT+qsND9eJHFkxnGE1vpXO04ADDCTBBPn1b3J6Wj6lp5Wy/feREg6oiCGJB7nAK1SzmFLKQxKmJX09vbveE02JNvU3KqmFuOthuNqzCCjht8o58+68as3tldskrGy2OjQwBp5rPL0lT9x2tBStm6xiBKPmG87WBjBqPL9LwXI+lmGnfJOABmbddjMp746RCUjzTr/40tXSjL1LZKEA/4vv5qnqIWz+peHfyu8L+XjJjipQ8OKATB6vUWAVrDBH6uHPvpU3G5eNq/o5TQIDAQAB"; //private const string key3 = "MIIEpAIBAAKCAQEAnsVwgEb9IVBDZrYE42KOMuI5RWAgnk4OsUWMu/UuHLbQyUxv9cNTSQqWnUgEU4J1Dys8cbRT+qsND9eJHFkxnGE1vpXO04ADDCTBBPn1b3J6Wj6lp5Wy/feREg6oiCGJB7nAK1SzmFLKQxKmJX09vbveE02JNvU3KqmFuOthuNqzCCjht8o58+68as3tldskrGy2OjQwBp5rPL0lT9x2tBStm6xiBKPmG87WBjBqPL9LwXI+lmGnfJOABmbddjMp746RCUjzTr/40tXSjL1LZKEA/4vv5qnqIWz+peHfyu8L+XjJjipQ8OKATB6vUWAVrDBH6uHPvpU3G5eNq/o5TQIDAQABAoIBAAmZ0NrA8C+iheDhItyJKiYjjekHDhHkkHjhxsfa5KXx3CBAEgkffZrOHBt4rmJKYj+/kpEhoW5oB4sssmrXbeuR6UkUEAS0GfsTAeUGJHRPzNxGK4g9wiwfW1NnNYO922ZvMhKstYuBfh+eMhPURfaCNMSgDKsZGvPmemKbQTaHUqaAFkmUCpvnd8DLTatj5dwmqW6ZFX8LA9nYE/6GqCyxjIdLLD0pX5QWqEugstB1fqtL4hX3AQKolL5CTrCKv8UOCufoBC2GwEVeYgu10puF5rw34zXKPNq3g0FpPyRk+hIfnWRfJlyP34DepNhpBSxkfbB3wNEJJvR9dGOP9JUCgYEAzmg960uy3mKXCxAnTf1zrrEIHWIdYZIunQ94wpfFnbQ4YsjhcvVYuqML+P4VQjWp5zytIHog5GTZahG5TgsvlFhqXjKCi1mcJ3VkBgwlTrc42TpzsWFtoOAnsjCMVBwj1eRpLXRehZC9plfZUDlLhqDXa17Pz73B1w2Cj0tcUHcCgYEAxOsw3u4rXu4qC2LZ4kee3o/u/ewlRS1IJjt7sQlwqFW6flFbyqtzbkziXLj5ePVMnYHT0jfUkBUa07BlJlPcGFk0WbrfuQ6YjwP/0nBz68uKgSpHX2viY62kQkHAveXz0CQRYpwebpFJmmgmQPz1QYApP3LZQ9ghmnlqqGWiGVsCgYEAjqVkBXTvTNl94Vtsjm2WwSf/n67q9z97j3fd0T3qiK7AOSTzCeudQn7kC1QthPBpVzGLxGIi0TURPEi7c8AvRapE+IyXw45OaMasNbG3JsthMl8/DVtz1DaVuIPst0QrT+rm9U7y9AOvzYHw4Yx3Mbd+qOmBXOSbTfA8RqOiTMkCgYAnpZ7KU7OhwlvuvPFXcMoYz2vz7fa3Dd3n7LQDuf3XtqL8yc6saIauH4a32npIE0NgtwH54knG1Kj5FBvZcqrusA8tPcXLkZe/u7NnIEMGp410YhnKqYMERLK8sFZpJYJIVuq1Ku+pnVDvaKbDEOskS/SCFNKPqVVir618yDGx3wKBgQDI6aMMQ8o6ALi4HGandjlt70sSJtVq2+TLnclX3r6Er3zKfwMu8M4WRmMVrtp79Si471DoJ2f4xQRTR3IaySZ0x2Fxxt9x/t6UjJPX54x0hjI+WVt0N5BwEzhQ357H0HlzpL/u0mIDcFrjjpsp2MCcggV3TqwXZ6kyaUf9uzo1OA=="; public void CheckVariable() { var connectionSectionString = JsonConvert.SerializeObject(configuration.GetSection("ConnectionStrings").AsEnumerable()); var dbSn = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(connectionSectionString))); if (!CheckIsInDocker() || CheckIsInAzureAppService() || CheckVariable(dbSn, key1, key2) ) { return; } Console.WriteLine($"Error:{dbSn}"); Environment.Exit(401); } private static bool CheckVariable(string dbSn ,string key1, string key2) { if (!File.Exists(Path.Combine(certPath, certFileName1)) || !File.Exists(Path.Combine(certPath, certFileName2)) ) { return false; } var cert1 = File.ReadAllText(Path.Combine(certPath, certFileName1)); var cert2 = File.ReadAllText(Path.Combine(certPath, certFileName2)); string keySn = GetSn(cert1, key1); //if (string.IsNullOrEmpty(dbSn) || // !keySn.StartsWith(dbSn)) //{ // return false; //} return CheckSn(keySn, cert2, key2); } private static string GetSn(string cert, string key) { var aesDecrept = Aes.Create(); (byte[] aesKey, byte[] aesIv) = GetAesKey(key); aesDecrept.Key = aesKey; aesDecrept.IV = aesIv; var toDecryptStream = new MemoryStream(Convert.FromBase64String(cert)); CryptoStream deCryptoStream = new CryptoStream( toDecryptStream, aesDecrept.CreateDecryptor(), CryptoStreamMode.Read); StreamReader sr = new StreamReader(deCryptoStream); var deceypedString = sr.ReadToEnd(); return deceypedString; } private static bool CheckSn(string sn, string cert2, string key) { var encryptor = new System.Security.Cryptography.RSACryptoServiceProvider(); encryptor.ImportRSAPublicKey(Convert.FromBase64String(key), out var bytesRead); var isValid = encryptor.VerifyData(Encoding.UTF8.GetBytes(sn), SHA1.Create(), Convert.FromBase64String(cert2)); return isValid; } private static (byte[] key, byte[] iv) GetAesKey(string key) { var keyString = key.Substring(0, 44); var ivString = key.Substring(44); return (Convert.FromBase64String(keyString), Convert.FromBase64String(ivString)); } private bool CheckEnv() { return !CheckIsInDocker() || CheckIsInAzureAppService(); } private bool CheckIsInAzureAppService() { return !String.IsNullOrEmpty(configuration["WEBSITE_SITE_NAME"]); } private bool CheckIsInDocker() { return !String.IsNullOrEmpty(configuration["RUNNING_IN_CONTAINER"]); } } }