WTelegramClient/src/Session.cs

using System;
using System.Buffers.Binary;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Security.Cryptography;
using System.Text.Json;

namespace WTelegram
{
	internal class Session
	{
		public int ApiId;
		public long UserId;
		public int MainDC;
		public Dictionary<int, DCSession> DCSessions = new();
		public TL.DcOption[] DcOptions;

		public class DCSession
		{
			public long Id;
			public long AuthKeyID;
			public byte[] AuthKey;      // 2048-bit = 256 bytes
			public long UserId;
			public long Salt;
			public int Seqno;
			public long ServerTicksOffset;
			public long LastSentMsgId;
			public TL.DcOption DataCenter;

			internal Client Client;
			internal int DcID => DataCenter?.id ?? 0;
			internal IPEndPoint EndPoint => DataCenter == null ? null : new(IPAddress.Parse(DataCenter.ip_address), DataCenter.port);
			internal void Renew() { Helpers.Log(3, $"Renewing session on DC {DcID}..."); Id = Helpers.RandomLong(); Seqno = 0; LastSentMsgId = 0; }
		}

		public DateTime SessionStart => _sessionStart;
		private readonly DateTime _sessionStart = DateTime.UtcNow;
		private readonly SHA256 _sha256 = SHA256.Create();
		private Stream _store;
		private byte[] _rgbKey;	// 32-byte encryption key
		private static readonly Aes aes = Aes.Create();

		internal static Session LoadOrCreate(Stream store, byte[] rgbKey)
		{
			try
			{
				var length = (int)store.Length;
				if (length > 0)
				{
					var input = new byte[length];
					if (store.Read(input, 0, length) != length)
						throw new ApplicationException($"Can't read session block ({store.Position}, {length})");
					var session = Load(input, rgbKey);
					session._store = store;
					session._rgbKey = rgbKey;
					Helpers.Log(2, "Loaded previous session");
					return session;
				}
			}
			catch (Exception ex)
			{
				store.Dispose();
				throw new ApplicationException($"Exception while reading session file: {ex.Message}\nDelete the file to start a new session", ex);
			}
			return new Session { _store = store, _rgbKey = rgbKey };
		}

		internal void Dispose() => _store.Dispose();

		internal static Session Load(byte[] input, byte[] rgbKey)
		{
			using var sha256 = SHA256.Create();
			using var decryptor = aes.CreateDecryptor(rgbKey, input[0..16]);
			var utf8Json = decryptor.TransformFinalBlock(input, 16, input.Length - 16);
			if (!sha256.ComputeHash(utf8Json, 32, utf8Json.Length - 32).SequenceEqual(utf8Json[0..32]))
				throw new ApplicationException("Integrity check failed in session loading");
			return JsonSerializer.Deserialize<Session>(utf8Json.AsSpan(32), Helpers.JsonOptions);
		}

		internal void Save()
		{
			var utf8Json = JsonSerializer.SerializeToUtf8Bytes(this, Helpers.JsonOptions);
			var finalBlock = new byte[16];
			var output = new byte[(16 + 32 + utf8Json.Length + 16) & ~15];
			Encryption.RNG.GetBytes(output, 0, 16);
			using var encryptor = aes.CreateEncryptor(_rgbKey, output[0..16]);
			encryptor.TransformBlock(_sha256.ComputeHash(utf8Json), 0, 32, output, 16);
			encryptor.TransformBlock(utf8Json, 0, utf8Json.Length & ~15, output, 48);
			utf8Json.AsSpan(utf8Json.Length & ~15).CopyTo(finalBlock);
			encryptor.TransformFinalBlock(finalBlock, 0, utf8Json.Length & 15).CopyTo(output.AsMemory(48 + utf8Json.Length & ~15));
			lock (_store)
			{
				_store.Position = 0;
				_store.Write(output, 0, output.Length);
				_store.SetLength(output.Length);
			}
		}
	}

	internal class SessionStore : FileStream
	{
		public override long Length { get; }
		private readonly byte[] _header = new byte[8];
		private int _nextPosition = 8;
		public override long Position { get => base.Position; set { } }
		public override void SetLength(long value) { }

		public SessionStore(string pathname)
			: base(pathname, FileMode.OpenOrCreate, FileAccess.ReadWrite, FileShare.None, 1) // no buffering
		{
			if (base.Read(_header, 0, 8) == 8)
			{
				var position = BinaryPrimitives.ReadInt32LittleEndian(_header);
				var length = BinaryPrimitives.ReadInt32LittleEndian(_header.AsSpan(4));
				if (position < 0 || length < 0 || position >= 65536 || length >= 32768) { position = 0; length = (int)base.Length; }
				base.Position = position;
				Length = length;
				_nextPosition = position + length;
			}
		}

		public override void Write(byte[] buffer, int offset, int count)
		{
			if (_nextPosition > count * 3) _nextPosition = 8;
			base.Position = _nextPosition;
			base.Write(buffer, offset, count);
			BinaryPrimitives.WriteInt32LittleEndian(_header, _nextPosition);
			BinaryPrimitives.WriteInt32LittleEndian(_header.AsSpan(4), count);
			_nextPosition += count;
			base.Position = 0;
			base.Write(_header, 0, 8);
		}
	}
}
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+								using System;
-												Improved session file writes

											
										
										
											2022-01-23 01:28:10 +01:00
+								using System.Buffers.Binary;
-												Support multi-DC sessions

											
										
										
											2021-09-23 09:27:52 +02:00
+								using System.Collections.Generic;
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+								using System.IO;
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+								using System.Linq;
-												Support multi-DC sessions

											
										
										
											2021-09-23 09:27:52 +02:00
+								using System.Net;
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+								using System.Security.Cryptography;
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+								using System.Text.Json;
 								namespace WTelegram
 								{
 									internal class Session
 									{
-												store api_id in session file. optional session_key (=api_hash by default) as encryption key

											
										
										
											2022-01-25 16:37:09 +01:00
+										public int ApiId;
-												We don't need to store full User in session file anymore

											
										
										
											2021-11-07 09:09:15 +01:00
+										public long UserId;
-												Support multi-DC sessions

											
										
										
											2021-09-23 09:27:52 +02:00
+										public int MainDC;
 										public Dictionary<int, DCSession> DCSessions = new();
-												Better IPv6 support/fallback. Support RpcError in response to an API returning an array

											
										
										
											2021-10-01 02:22:26 +02:00
+										public TL.DcOption[] DcOptions;
-												Support multi-DC sessions

											
										
										
											2021-09-23 09:27:52 +02:00
 										public class DCSession
 										{
-												MULTIPLE-CONNECTION! First version that implement parallel active connections to DCs (through Client instances dependent of the main Client instance)
Also improved on:
- reconnection/retry/resent strategy
- start of multiple parallel downloads triggering a new DC connection

											
										
										
											2021-09-28 16:12:20 +02:00
+											public long Id;
-												Support multi-DC sessions

											
										
										
											2021-09-23 09:27:52 +02:00
+											public long AuthKeyID;
 											public byte[] AuthKey;      // 2048-bit = 256 bytes
-												Avoid unnecessary Auth_ExportAuthorization. More reliable DownloadFileAsync

											
										
										
											2021-09-25 19:43:39 +02:00
+											public long UserId;
-												Support multi-DC sessions

											
										
										
											2021-09-23 09:27:52 +02:00
+											public long Salt;
 											public int Seqno;
 											public long ServerTicksOffset;
 											public long LastSentMsgId;
 											public TL.DcOption DataCenter;
-												MULTIPLE-CONNECTION! First version that implement parallel active connections to DCs (through Client instances dependent of the main Client instance)
Also improved on:
- reconnection/retry/resent strategy
- start of multiple parallel downloads triggering a new DC connection

											
										
										
											2021-09-28 16:12:20 +02:00
+											internal Client Client;
 											internal int DcID => DataCenter?.id ?? 0;
-												Support multi-DC sessions

											
										
										
											2021-09-23 09:27:52 +02:00
+											internal IPEndPoint EndPoint => DataCenter == null ? null : new(IPAddress.Parse(DataCenter.ip_address), DataCenter.port);
-												Handle BadMsgNotification 32/33 by renewing session

											
										
										
											2021-12-04 00:14:15 +01:00
+											internal void Renew() { Helpers.Log(3, $"Renewing session on DC {DcID}..."); Id = Helpers.RandomLong(); Seqno = 0; LastSentMsgId = 0; }
-												Support multi-DC sessions

											
										
										
											2021-09-23 09:27:52 +02:00
+										}
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
 										public DateTime SessionStart => _sessionStart;
 										private readonly DateTime _sessionStart = DateTime.UtcNow;
-												Fix SHA corruption due to concurrent use of static instance

											
										
										
											2021-09-29 04:38:39 +02:00
+										private readonly SHA256 _sha256 = SHA256.Create();
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+										private Stream _store;
-												some renaming

											
										
										
											2022-01-25 23:16:28 +01:00
+										private byte[] _rgbKey;	// 32-byte encryption key
-												reduce allocations for encryption

											
										
										
											2022-01-07 01:14:16 +01:00
+										private static readonly Aes aes = Aes.Create();
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+										internal static Session LoadOrCreate(Stream store, byte[] rgbKey)
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+										{
-												fix #25: possible NullReferenceException with Document.LargestThumbSize
fix undisposed FileStream on broken session file.

											
										
										
											2022-01-26 11:08:33 +01:00
+											try
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+											{
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+												var length = (int)store.Length;
 												if (length > 0)
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+												{
-												Improved session file writes

											
										
										
											2022-01-23 01:28:10 +01:00
+													var input = new byte[length];
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+													if (store.Read(input, 0, length) != length)
 														throw new ApplicationException($"Can't read session block ({store.Position}, {length})");
-												some renaming

											
										
										
											2022-01-25 23:16:28 +01:00
+													var session = Load(input, rgbKey);
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+													session._store = store;
-												some renaming

											
										
										
											2022-01-25 23:16:28 +01:00
+													session._rgbKey = rgbKey;
-												Added logger system

											
										
										
											2021-08-04 10:11:07 +02:00
+													Helpers.Log(2, "Loaded previous session");
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+													return session;
 												}
-												fix #25: possible NullReferenceException with Document.LargestThumbSize
fix undisposed FileStream on broken session file.

											
										
										
											2022-01-26 11:08:33 +01:00
+											}
 											catch (Exception ex)
 											{
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+												store.Dispose();
-												fix #25: possible NullReferenceException with Document.LargestThumbSize
fix undisposed FileStream on broken session file.

											
										
										
											2022-01-26 11:08:33 +01:00
+												throw new ApplicationException($"Exception while reading session file: {ex.Message}\nDelete the file to start a new session", ex);
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+											}
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+											return new Session { _store = store, _rgbKey = rgbKey };
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+										}
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+										internal void Dispose() => _store.Dispose();
-												Improved session file writes

											
										
										
											2022-01-23 01:28:10 +01:00
-												some renaming

											
										
										
											2022-01-25 23:16:28 +01:00
+										internal static Session Load(byte[] input, byte[] rgbKey)
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+										{
-												Fix SHA corruption due to concurrent use of static instance

											
										
										
											2021-09-29 04:38:39 +02:00
+											using var sha256 = SHA256.Create();
-												some renaming

											
										
										
											2022-01-25 23:16:28 +01:00
+											using var decryptor = aes.CreateDecryptor(rgbKey, input[0..16]);
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+											var utf8Json = decryptor.TransformFinalBlock(input, 16, input.Length - 16);
-												Fix SHA corruption due to concurrent use of static instance

											
										
										
											2021-09-29 04:38:39 +02:00
+											if (!sha256.ComputeHash(utf8Json, 32, utf8Json.Length - 32).SequenceEqual(utf8Json[0..32]))
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+												throw new ApplicationException("Integrity check failed in session loading");
-												We don't need to store full User in session file anymore

											
										
										
											2021-11-07 09:09:15 +01:00
+											return JsonSerializer.Deserialize<Session>(utf8Json.AsSpan(32), Helpers.JsonOptions);
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+										}
 										internal void Save()
 										{
-												We don't need to store full User in session file anymore

											
										
										
											2021-11-07 09:09:15 +01:00
+											var utf8Json = JsonSerializer.SerializeToUtf8Bytes(this, Helpers.JsonOptions);
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+											var finalBlock = new byte[16];
-												Added 2FA support

											
										
										
											2021-08-10 08:25:37 +02:00
+											var output = new byte[(16 + 32 + utf8Json.Length + 16) & ~15];
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+											Encryption.RNG.GetBytes(output, 0, 16);
-												some renaming

											
										
										
											2022-01-25 23:16:28 +01:00
+											using var encryptor = aes.CreateEncryptor(_rgbKey, output[0..16]);
-												Fix SHA corruption due to concurrent use of static instance

											
										
										
											2021-09-29 04:38:39 +02:00
+											encryptor.TransformBlock(_sha256.ComputeHash(utf8Json), 0, 32, output, 16);
-												Implemented several of the TODOs:
- Encrypt session file
- Export/Import user authorization on DC migration.
- Implemented SignUpRequired
- function requests moved to class Fn, generation fix

											
										
										
											2021-08-06 07:28:54 +02:00
+											encryptor.TransformBlock(utf8Json, 0, utf8Json.Length & ~15, output, 48);
 											utf8Json.AsSpan(utf8Json.Length & ~15).CopyTo(finalBlock);
 											encryptor.TransformFinalBlock(finalBlock, 0, utf8Json.Length & 15).CopyTo(output.AsMemory(48 + utf8Json.Length & ~15));
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+											lock (_store)
-												Fix System.IO.IOException: 'Unable to remove the file to be replaced. ' #10
Based on: https://github.com/gitextensions/gitextensions/pull/4252/commits/00416bc92f642c4aff81b6cbcc5a1df38bf4990a

											
										
										
											2021-12-13 08:15:37 +01:00
+											{
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
+												_store.Position = 0;
 												_store.Write(output, 0, output.Length);
 												_store.SetLength(output.Length);
-												Fix System.IO.IOException: 'Unable to remove the file to be replaced. ' #10
Based on: https://github.com/gitextensions/gitextensions/pull/4252/commits/00416bc92f642c4aff81b6cbcc5a1df38bf4990a

											
										
										
											2021-12-13 08:15:37 +01:00
+											}
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+										}
 									}
-												Support for custom sessionStore

											
										
										
											2022-01-26 22:00:52 +01:00
 									internal class SessionStore : FileStream
 									{
 										public override long Length { get; }
 										private readonly byte[] _header = new byte[8];
 										private int _nextPosition = 8;
 										public override long Position { get => base.Position; set { } }
 										public override void SetLength(long value) { }
 										public SessionStore(string pathname)
 											: base(pathname, FileMode.OpenOrCreate, FileAccess.ReadWrite, FileShare.None, 1) // no buffering
 										{
 											if (base.Read(_header, 0, 8) == 8)
 											{
 												var position = BinaryPrimitives.ReadInt32LittleEndian(_header);
 												var length = BinaryPrimitives.ReadInt32LittleEndian(_header.AsSpan(4));
 												if (position < 0 || length < 0 || position >= 65536 || length >= 32768) { position = 0; length = (int)base.Length; }
 												base.Position = position;
 												Length = length;
 												_nextPosition = position + length;
 											}
 										}
 										public override void Write(byte[] buffer, int offset, int count)
 										{
 											if (_nextPosition > count * 3) _nextPosition = 8;
 											base.Position = _nextPosition;
 											base.Write(buffer, offset, count);
 											BinaryPrimitives.WriteInt32LittleEndian(_header, _nextPosition);
 											BinaryPrimitives.WriteInt32LittleEndian(_header.AsSpan(4), count);
 											_nextPosition += count;
 											base.Position = 0;
 											base.Write(_header, 0, 8);
 										}
 									}
-												Add project files.

											
										
										
											2021-08-04 00:40:09 +02:00
+								}