private static TServerDHInnerData DeserializeResponse(TServerDHParamsOk serverDhParams, AesKeyData aesKeyData)
        {
            var answerWithHash = AES.DecryptAes(aesKeyData, serverDhParams.EncryptedAnswerAsBinary);

            var answerWithHashBuffer = PooledByteBufferAllocator.Default.Buffer();

            try
            {
                answerWithHashBuffer.WriteBytes(answerWithHash);

                // var serverHashsum = answerWithHashBuffer.ToArray(20);
                answerWithHashBuffer.SkipBytes(20);

                var serverDhInnerData = (TServerDHInnerData)Serializer.Deserialize(answerWithHashBuffer);

                // var clearAnswer = Serializer.Serialize(serverDhInnerData);
                // var hashsum = SHA1Helper.ComputeHashsum(clearAnswer);
                // Guard.That(serverHashsum).IsItemsEquals(hashsum);

                return(serverDhInnerData);
            }
            finally
            {
                answerWithHashBuffer.SafeRelease();
            }
        }
Beispiel #2
0
        public void ValidateTest()
        {
            var paramsOk = new TServerDHParamsOk
            {
                EncryptedAnswerAsBinary = _encryptedData,
                Nonce       = _nonce,
                ServerNonce = _serverNonce
            };

            var packageBuffer = Serializer.Serialize(paramsOk);
            var packageData   = packageBuffer.ToArray();

            var completeDhExchange = new Step3CompleteDhExchange();
            var oldResponse        = completeDhExchange.ToBytes(_nonce, _serverNonce, _newNonce, _encryptedData);


            var response = Step3ClientHelper.GetRequest(paramsOk, _newNonce, out var clientAgree, out var serviceTime);
        }
        public static RequestSetClientDHParams GetRequest(TServerDHParamsOk serverDhParams, byte[] newNonce, out byte[] clientAgree, out int serverTime)
        {
            AesHelper.ComputeAesParameters(newNonce, serverDhParams.ServerNonce, out var aesKeyData);

            var dhInnerData = DeserializeResponse(serverDhParams, aesKeyData);

            serverTime = dhInnerData.ServerTime;

            var p = new BigInteger(1, dhInnerData.DhPrimeAsBinary);
            var g = BigInteger.ValueOf(dhInnerData.G);

            var dhParameters            = new DHParameters(p, g);
            KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), dhParameters);
            var keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");

            keyGen.Init(kgp);

            var clientKeyPair = keyGen.GenerateKeyPair();
            var publicKey     = ((DHPublicKeyParameters)clientKeyPair.Public);

            var y = new BigInteger(1, dhInnerData.GAAsBinary);

            Guard.That(y).IsValidDhPublicKey(dhParameters.P);

            var serverPublicKey = new DHPublicKeyParameters(y, dhParameters);
            var clientKeyAgree  = AgreementUtilities.GetBasicAgreement("DH");

            clientKeyAgree.Init(clientKeyPair.Private);
            clientAgree = clientKeyAgree.CalculateAgreement(serverPublicKey).ToByteArrayUnsigned();

            var clientDhInnerData = new TClientDHInnerData
            {
                RetryId     = 0,
                Nonce       = serverDhParams.Nonce,
                ServerNonce = serverDhParams.ServerNonce,
                GBAsBinary  = publicKey.Y.ToByteArray()
            };

            return(SerializeRequest(clientDhInnerData, aesKeyData));
        }