public CallResult UserAuthVerify_server(string username, string userAuthKey)
{
//check if username and authkey (derived from password) are correct
bool verified = ((username.ToLower() == this.ClientConnection.ConnectionManager.WolpertingerUsername.ToLower())
&& checkUserAuthKey(userAuthKey, userAuthToken, this.ClientConnection.ConnectionManager.WolpertingerPassword));
//delete issued userAuthToken (token may only be used once)
userAuthToken = null;
ResponseResult result = new ResponseResult();
//increase Trust level if credentilas were correct
if (verified)
{
this.ClientConnection.TrustLevel = 4;
//result.PostProcessingAction = new Action(delegate { AwardTrustLevel(4); });
}
else
{
result.PostProcessingAction = new Action(delegate { this.ClientConnection.ResetConnection(true); });
}
result.ResponseValue = verified;
//Return if client was verified or not
return result;
}
public CallResult KeyExchange_server(string publicKey, string iv)
{
//Initialize a new key provides
this.keyProvider = AuthenticationComponent.getNewKeyProvider();
ECDiffieHellmanPublicKey otherKey = ECDiffieHellmanCngPublicKey.FromByteArray(publicKey.GetBytesBase64(), CngKeyBlobFormat.EccPublicBlob);
//derive connection key from target's public key
var key = keyProvider.DeriveKeyMaterial(otherKey);
ClientConnection.WtlpClient.EncryptionKey = key;
var initVector = iv.GetBytesBase64();
ClientConnection.WtlpClient.EncryptionIV = iv.GetBytesBase64();
//Increase Trust level (connection is now encrypted)
this.ClientConnection.TrustLevel = 2;
this.ClientConnection.MyTrustLevel = 2;
//Send back our own public key so target can derive connection key, too
CallResult result = new ResponseResult(keyProvider.PublicKey.ToByteArray().ToStringBase64());
//once the response has been sent, enable encryption for all following messages
result.PostProcessingAction += delegate { this.ClientConnection.WtlpClient.EncryptMessages = true; };
//Reset key provider
keyProvider = null;
return result;
}
