public static byte[] AssocToUtf8Bytes(Dictionary <string, byte[]> assoc) { string output = ""; foreach (KeyValuePair <string, byte[]> kp in assoc) { output += ExtensionsString.Base64Encode(kp.Key.GetUtf8Bytes()) + ":" + ExtensionsString.Base64Encode(kp.Value) + "\n"; } return(System.Text.Encoding.UTF8.GetBytes(output)); }
// This is the only method about exchange data between this software and AirVPN infrastructure. // We don't use SSL. Useless layer in our case, and we need to fetch hostname and direct IP that don't permit common-name match. // 'S' is the AES 256 bit one-time session key, crypted with a RSA 4096 public-key. // 'D' is the data from the client to our server, crypted with the AES. // The server answer is XML decrypted with the same AES session. public XmlDocument FetchUrl(string authPublicKey, string url, Dictionary <string, string> parameters) { // AES using (RijndaelManaged rijAlg = new RijndaelManaged()) { rijAlg.KeySize = 256; rijAlg.GenerateKey(); rijAlg.GenerateIV(); // Generate S // Bug workaround: Xamarin 6.1.2 macOS throw an 'Default constructor not found for type System.Diagnostics.FilterElement' error. // in 'new System.Xml.Serialization.XmlSerializer', so i avoid that. /* * StringReader sr = new System.IO.StringReader(authPublicKey); * System.Xml.Serialization.XmlSerializer xs = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters)); * RSAParameters publicKey = (RSAParameters)xs.Deserialize(sr); */ RSAParameters publicKey = new RSAParameters(); XmlDocument docAuthPublicKey = new XmlDocument(); docAuthPublicKey.LoadXml(authPublicKey); publicKey.Modulus = Convert.FromBase64String(docAuthPublicKey.DocumentElement["Modulus"].InnerText); publicKey.Exponent = Convert.FromBase64String(docAuthPublicKey.DocumentElement["Exponent"].InnerText); Dictionary <string, byte[]> assocParamS = new Dictionary <string, byte[]>(); assocParamS["key"] = rijAlg.Key; assocParamS["iv"] = rijAlg.IV; byte[] bytesParamS = null; using (RSACryptoServiceProvider csp = new RSACryptoServiceProvider()) { csp.ImportParameters(publicKey); bytesParamS = csp.Encrypt(UtilsCore.AssocToUtf8Bytes(assocParamS), false); } // Generate D byte[] aesDataIn = UtilsCore.AssocToUtf8Bytes(parameters); byte[] bytesParamD = null; { MemoryStream aesCryptStream = null; CryptoStream aesCryptStream2 = null; try { aesCryptStream = new MemoryStream(); using (ICryptoTransform aesEncryptor = rijAlg.CreateEncryptor()) { aesCryptStream2 = new CryptoStream(aesCryptStream, aesEncryptor, CryptoStreamMode.Write); aesCryptStream2.Write(aesDataIn, 0, aesDataIn.Length); aesCryptStream2.FlushFinalBlock(); bytesParamD = aesCryptStream.ToArray(); } } finally { if (aesCryptStream2 != null) { aesCryptStream2.Dispose(); } else if (aesCryptStream != null) { aesCryptStream.Dispose(); } } } // HTTP Fetch HttpRequest request = new HttpRequest(); request.Url = url; request.Parameters["s"] = ExtensionsString.Base64Encode(bytesParamS); request.Parameters["d"] = ExtensionsString.Base64Encode(bytesParamD); HttpResponse response = Engine.Instance.FetchUrl(request); try { byte[] fetchResponse = response.BufferData; byte[] fetchResponsePlain = null; MemoryStream aesDecryptStream = null; CryptoStream aesDecryptStream2 = null; // Decrypt answer try { aesDecryptStream = new MemoryStream(); using (ICryptoTransform aesDecryptor = rijAlg.CreateDecryptor()) { aesDecryptStream2 = new CryptoStream(aesDecryptStream, aesDecryptor, CryptoStreamMode.Write); aesDecryptStream2.Write(fetchResponse, 0, fetchResponse.Length); aesDecryptStream2.FlushFinalBlock(); fetchResponsePlain = aesDecryptStream.ToArray(); } } finally { if (aesDecryptStream2 != null) { aesDecryptStream2.Dispose(); } else if (aesDecryptStream != null) { aesDecryptStream.Dispose(); } } string finalData = System.Text.Encoding.UTF8.GetString(fetchResponsePlain); XmlDocument doc = new XmlDocument(); doc.LoadXml(finalData); return(doc); } catch (Exception ex) { string message = ""; if (response.GetHeader("location") != "") { message = LanguageManager.GetText("ProviderRefreshFailUnexpected302", Title, response.GetHeader("location")); } else { message = ex.Message + " - " + response.GetLineReport(); } throw new Exception(message); } } }