private void SetupConnection(EnvironmentProfile profile)
{
var tcpStream = new TcpClient(profile.EndpointHostname, profile.EndpointPort);
_stream = new SslStream(tcpStream.GetStream(), false);
try
{
_stream.AuthenticateAsClient(profile.EndpointHostname);
}
catch (Exception ex)
{
DisposeStream();
throw new ApiException("unable to connect to backend", ex);
}
_reader = new StreamReader(_stream, Encoding.UTF8);
_xmlReader = XmlReader.Create(_reader, new XmlReaderSettings
{
Async = true,
CloseInput = true,
ConformanceLevel = ConformanceLevel.Fragment,
IgnoreComments = true,
IgnoreWhitespace = true,
ValidationType = ValidationType.None,
});
_writer = new StreamWriter(_stream, Encoding.UTF8);
_writer.AutoFlush = true;
}
public static string HashWithHMAC(EnvironmentProfile profile, string data)
{
Contract.Requires(profile != null);
Contract.Requires(data != null);
var hmacAlgo = HMAC.Create();
hmacAlgo.Key = CreateHmacKey(profile);
byte[] hmacHash = hmacAlgo.ComputeHash(Encoding.UTF8.GetBytes(data));
string result = Hexify(hmacHash);
return(result);
}
public static string RsaSign(EnvironmentProfile profile, string data)
{
Contract.Requires(profile != null);
Contract.Requires(data != null);
var signatureSource = Encoding.UTF8.GetBytes(data);
using (var reader = new StringReader(profile.EncryptionPrivateKeyPem))
{
AsymmetricCipherKeyPair keyPair = (AsymmetricCipherKeyPair) new PemReader(reader).ReadObject();
ISigner sig = SignerUtilities.GetSigner("SHA256withRSA");
sig.Init(true, keyPair.Private);
sig.BlockUpdate(signatureSource, 0, signatureSource.Length);
byte[] signatureBytes = sig.GenerateSignature();
string signature = Convert.ToBase64String(signatureBytes).Replace("+", "-").Replace("/", "_");
return(signature);
}
}
public static byte[] CreateHmacKey(EnvironmentProfile profile)
{
Contract.Requires(profile != null);
Contract.Ensures(Contract.Result <byte[]>() != null);
byte[] versionBytes = Encoding.UTF8.GetBytes(profile.Version);
byte[] apkSignature = Unhexify(
"308203843082026CA00302010202044C23D625300D06092A864886F70D0101050500308183310B3009060355" +
"0406130243413110300E060355040813074F6E746172696F3111300F0603550407130857617465726C6F6F31" +
"1D301B060355040A13144B696B20496E74657261637469766520496E632E311B3019060355040B13124D6F62" +
"696C6520446576656C6F706D656E74311330110603550403130A43687269732042657374301E170D31303036" +
"32343232303331375A170D3337313130393232303331375A308183310B30090603550406130243413110300E" +
"060355040813074F6E746172696F3111300F0603550407130857617465726C6F6F311D301B060355040A1314" +
"4B696B20496E74657261637469766520496E632E311B3019060355040B13124D6F62696C6520446576656C6F" +
"706D656E74311330110603550403130A4368726973204265737430820122300D06092A864886F70D01010105" +
"000382010F003082010A0282010100E2B94E5561E9A2378B657E66507809FB8E58D9FBDC35AD2A2381B8D4B5" +
"1FCF50360482ECB31677BD95054FAAEC864D60E233BFE6B4C76032E5540E5BC195EBF5FF9EDFE3D99DAE8CA9" +
"A5266F36404E8A9FCDF2B09605B089159A0FFD4046EC71AA11C7639E2AE0D5C3E1C2BA8C2160AFA30EC8A0CE" +
"4A7764F28B9AE1AD3C867D128B9EAF02EF0BF60E2992E75A0D4C2664DA99AC230624B30CEA3788B23F5ABB61" +
"173DB476F0A7CF26160B8C51DE0970C63279A6BF5DEF116A7009CA60E8A95F46759DD01D91EFCC670A467166" +
"A9D6285F63F8626E87FBE83A03DA7044ACDD826B962C26E627AB1105925C74FEB77743C13DDD29B55B31083F" +
"5CF38FC29242390203010001300D06092A864886F70D010105050003820101009F89DD384926764854A4A641" +
"3BA98138CCE5AD96BF1F4830602CE84FEADD19C15BAD83130B65DC4A3B7C8DE8968ACA5CDF89200D6ACF2E75" +
"30546A0EE2BCF19F67340BE8A73777836728846FAD7F31A3C4EEAD16081BED288BB0F0FDC735880EBD8634C9" +
"FCA3A6C505CEA355BD91502226E1778E96B0C67D6A3C3F79DE6F594429F2B6A03591C0A01C3F14BB6FF56D75" +
"15BB2F38F64A00FF07834ED3A06D70C38FC18004F85CAB3C937D3F94B366E2552558929B98D088CF1C45CDC0" +
"340755E4305698A7067F696F4ECFCEEAFBD720787537199BCAC674DAB54643359BAD3E229D588E324941941E" +
"0270C355DC38F9560469B452C36560AD5AB9619B6EB33705");
byte[] classesDexSha1Digest = Encoding.UTF8.GetBytes("aCDhFLsmALSyhwi007tvowZkUd0=");
var sourceBytes = Encoding.UTF8.GetBytes("hello")
.Concat(apkSignature)
.Concat(versionBytes)
.Concat(classesDexSha1Digest)
.Concat(Encoding.UTF8.GetBytes("bar")).ToArray();
var bytes = SHA1.Create().ComputeHash(sourceBytes);
string base64 = Convert.ToBase64String(bytes);
return(Encoding.UTF8.GetBytes(base64));
}
public void Connect(EnvironmentProfile profile)
{
Contract.Requires <ArgumentNullException>(profile != null);
Contract.Requires <InvalidOperationException>(!IsConnected, "already connected");
Contract.Ensures(IsConnected);
Contract.Ensures(Profile == profile);
Contract.EnsuresOnThrow <ArgumentException>(!IsConnected);
Contract.EnsuresOnThrow <ApiException>(!IsConnected);
SetupConnection(profile);
Write("<k anon=\"\">");
var response = Read();
if (response != "<k ok=\"1\">")
{
DisposeStream();
throw new ApiException("server did not ok the connection");
}
Profile = profile;
}