private bool PerformHandshakeStage2(InputStream inputBuffer, bool encrypted)
{
if (encrypted || _pProtocolHandler.ValidateHandshake)
{
if (!VerifyServer(inputBuffer))
{
Logger.FATAL("Unable to verify server");
return(false);
}
}
var pBuffer = new BufferWithOffset(inputBuffer);
pBuffer.Offset++;
var serverDHOffset = GetDHOffset(pBuffer, _usedScheme);
if (_pDHWrapper == null)
{
Logger.FATAL("dh wrapper not initialized");
return(false);
}
var pubKey = new byte[128];
Buffer.BlockCopy(pBuffer.Buffer, (pBuffer.Offset + (int)serverDHOffset), pubKey, 0, 128);
var secretKey = _pDHWrapper.CreateSharedKey(pubKey);
if (encrypted)
{
_pKeyIn = new RC4_KEY();
_pKeyOut = new RC4_KEY();
var pubKeyIn = new byte[128];
Buffer.BlockCopy(pBuffer.Buffer, (int)(pBuffer.Offset + serverDHOffset), pubKeyIn, 0, 128);
Utils.InitRC4Encryption(secretKey, pubKeyIn, _pClientPublicKey, _pKeyIn, _pKeyOut);
}
var serverDigestOffset = GetDigestOffset(pBuffer, _usedScheme);
_pOutputBuffer = Utils.GenerateRandomBytes(1536);
pBuffer.Offset += (int)serverDigestOffset;
var pChallangeKey = HMACsha256(pBuffer, 32, GenuineFpKey, 62);//Hmacsha256.ComputeHash(pBuffer.Buffer, pBuffer.Offset, 32);
var pDigest = new HMACSHA256(pChallangeKey).ComputeHash(_pOutputBuffer, 0, 1536 - 32);
Buffer.BlockCopy(pDigest, 0, _pOutputBuffer, 1536 - 32, 32);
OutputBuffer.Write(_pOutputBuffer, 0, 1536);
_pOutputBuffer = null;
_rtmpState = RTMPState.RTMP_STATE_DONE;
return(true);
}
public void Run()
{
if (DH == null)
{
DH = RtmfpUtils.BeginDiffieHellman(ref Nonce);
return;
}
// Compute Diffie-Hellman secret
SharedSecret = DH.CreateSharedKey(InitiatorKey);
// Compute Keys
RtmfpUtils.ComputeAsymetricKeys(SharedSecret, InitiatorNonce, Nonce, out DecryptKey, out EncryptKey);
var pSession = _handshake?.CreateSession(Value);
if (pSession != null)
{
pSession.Peer.UserState = this;
}
}
public override void PacketHandler(N2HBinaryReader reader)
{
if (Checked)
{
lock (Writer)
{
base.PacketHandler(reader);
}
return;
}
var marker = reader.ReadByte();
if (marker != 0x0b)
{
Logger.FATAL("Marker hand shake wrong:should be 0b and not {0:X}", marker);
return;
}
var time = reader.ReadUInt16();
var type = reader.ReadByte();
var length = reader.ReadUInt16();
byte[] tag;
Logger.Debug("handshake {0:X} len:{1}", type, length);
Debug.WriteLine("handshake {0:X} len:{1}", type, length);
switch (type)
{
case 0x70:
tag = reader.ReadBytes(reader.ReadByte());
var cookieBytes = reader.ReadBytes(reader.ReadByte());
var targetCertificat = reader.ReadBytes((int)reader.BaseStream.GetAvaliableByteCounts());
var nonce = new byte[0];
_dh = RtmfpUtils.BeginDiffieHellman(ref nonce, true);
Peer.Id = Target.Sha256.ComputeHash(nonce, 0, nonce.Length);
HandShake38(cookieBytes, nonce);
_handshake = () => HandShake38(cookieBytes, nonce);
break;
case 0x71:
tag = reader.ReadBytes(reader.ReadByte());
var flag = reader.ReadByte();
var address = new IPEndPoint(new IPAddress(reader.ReadBytes(4)), reader.ReadInt16());
Target.Address.Port = address.Port;
Logger.Debug("redirect to {0}", address.ToString());
Handler.FarProtocol.IOHandler.Socket.Connect(Target.Address);
_handshake();
break;
case 0x78:
FarId = reader.ReadUInt32();
var targetNonce = reader.ReadBytes((int)reader.Read7BitLongValue());
var must58 = reader.ReadByte();
Debug.WriteLineIf(must58 != 0x58, $"must58!{must58}");
var key = new byte[RtmfpUtils.KEY_SIZE];
Buffer.BlockCopy(targetNonce, targetNonce.Length - RtmfpUtils.KEY_SIZE, key, 0, RtmfpUtils.KEY_SIZE);
var sharedSecret = _dh.CreateSharedKey(key);
byte[] decryptKey;
byte[] encryptKey;
RtmfpUtils.ComputeAsymetricKeys(sharedSecret, _certificat, targetNonce, out encryptKey, out decryptKey);
Checked = true;
_handshakeTimeoutTimer.Stop();
AesEncrypt = new AESEngine(encryptKey, AESEngine.Direction.ENCRYPT);
AesDecrypt = new AESEngine(decryptKey);
PrevAesType = AESEngine.AESType.DEFAULT;
Application = Handler.Application;
Handler.CreateSession(Peer, null);
break;
default:
break;
}
}
bool PerformHandshake(InputStream buffer, bool encrypted)
{
if (!ValidateClient(buffer))
{
if (encrypted || _pProtocolHandler.ValidateHandshake)
{
Logger.FATAL("Unable to validate client");
return(false);
}
else
{
Logger.WARN("Client not validated");
_validationScheme = 0;
}
}
_pOutputBuffer = Utils.GenerateRandomBytes(3072);
_pOutputBuffer.Write(0, (uint)DateTime.Now.SecondsFrom1970());
_pOutputBuffer.Write(0, (uint)0);
var serverBytes = Encoding.ASCII.GetBytes(Defines.HTTP_HEADERS_SERVER_US);
for (var i = 0; i < 10; i++)
{
var index = Utils.Random.Next(0, 3072 - Defines.HTTP_HEADERS_SERVER_US_LEN);
Buffer.BlockCopy(serverBytes, 0, _pOutputBuffer, index, serverBytes.Length);
}
var _pOutputBufferWithOffset = new BufferWithOffset(_pOutputBuffer);
var pInputBuffer = new BufferWithOffset(buffer);
var serverDHOffset = GetDHOffset(_pOutputBufferWithOffset, _validationScheme);
var clientDHOffset = GetDHOffset(pInputBuffer, _validationScheme);
var dhWrapper = new DHWrapper();
var pubKeyIn = new byte[128];
Buffer.BlockCopy(buffer.GetBuffer(), (int)(buffer.Position + clientDHOffset), pubKeyIn, 0, 128);
var sharedkey = dhWrapper.CreateSharedKey(pubKeyIn);
var pubKeyOut = dhWrapper.PublicKey;
Buffer.BlockCopy(pubKeyOut, 0, _pOutputBuffer, (int)serverDHOffset, 128);
if (encrypted)
{
_pKeyIn = new RC4_KEY();
_pKeyOut = new RC4_KEY();
Utils.InitRC4Encryption(sharedkey, pubKeyIn, pubKeyOut, _pKeyIn, _pKeyOut);
var data = new byte[1536];
Utils.RC4(data, _pKeyIn, 1536);
Utils.RC4(data, _pKeyOut, 1536);
}
var serverDigestOffset = GetDigestOffset(_pOutputBufferWithOffset, _validationScheme);
var pTempBuffer = new byte[1536 - 32];
Buffer.BlockCopy(_pOutputBuffer, 0, pTempBuffer, 0, (int)serverDigestOffset);
Buffer.BlockCopy(_pOutputBuffer, (int)serverDigestOffset + 32, pTempBuffer, (int)serverDigestOffset, (int)(1536 - serverDigestOffset - 32));
var pTempHash = HMACsha256(pTempBuffer, 1536 - 32, GenuineFmsKey, 36);
Buffer.BlockCopy(pTempHash, 0, _pOutputBuffer, (int)serverDigestOffset, 32);
var keyChallengeIndex = GetDigestOffset(pInputBuffer, _validationScheme);
pInputBuffer.Offset += (int)keyChallengeIndex;
pTempHash = HMACsha256(pInputBuffer, 32, GenuineFmsKey, 68);
Buffer.BlockCopy(_pOutputBuffer, 1536, pTempBuffer, 0, 1536 - 32);
pTempBuffer = new HMACSHA256(pTempHash).ComputeHash(pTempBuffer, 0, 1536 - 32);
Buffer.BlockCopy(pTempBuffer, 0, _pOutputBuffer, 1536 * 2 - 32, 32);
OutputBuffer.WriteByte((byte)(encrypted ? 6 : 3));
OutputBuffer.Write(_pOutputBuffer, 0, 3072);
buffer.Recycle(true);
if (!EnqueueForOutbound(OutputBuffer))
{
Logger.FATAL("Unable to signal outbound data");
return(false);
}
_rtmpState = RTMPState.RTMP_STATE_SERVER_RESPONSE_SENT;
return(true);
}
