private void EnrollPhase() { clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); string IP = textBox_IP.Text; textBox_IP.Text = ""; int port; string EncDecPublic; string signVerPublic; ConsoleServer.AppendText("Connecting\n"); using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\server_enc_dec_pub.txt")) { EncDecPublic = fileReader.ReadLine(); } using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\server_signing_verification_pub.txt")) { signVerPublic = fileReader.ReadLine(); } //if(string.IsNullOrWhiteSpace(textBox_IP.Text) && string) if (Int32.TryParse(textBox_Port.Text, out port)) { try { clientSocket.Connect(IP, port); } catch { ConsoleServer.AppendText("Connection is not succesfull\nRe-enter Port and IP\n"); } ConsoleServer.AppendText("Connected to the server\n"); /* * ENROLLMENT * sending username and password with sha * * */ ConsoleServer.AppendText("Enrolling to the server\n"); byte[] loginReqByte = Encoding.Default.GetBytes("enroll"); byte[] loginReqEncByte = encryptWithRSA(Encoding.Default.GetString(loginReqByte), 3072, EncDecPublic); sendMessage(Encoding.Default.GetString(loginReqEncByte)); // sends ENROLL request to the server byte[] passwordHash = hashWithSHA256(textBox_Password.Text); // Girilen PASSWORD byte[] usernameByte = Encoding.Default.GetBytes(textBox_UserName.Text); // Girilen USERNAME byte[] concatenatedByte = new byte[16 + textBox_UserName.Text.Length]; Array.Copy(passwordHash, 0, concatenatedByte, 0, 16); Array.Copy(usernameByte, 0, concatenatedByte, 16, textBox_UserName.Text.Length); byte[] encryptedRSA = encryptWithRSA(Encoding.Default.GetString(concatenatedByte), 3072, EncDecPublic); sendMessage(Encoding.Default.GetString(encryptedRSA)); // Girilen PASSWORD ve USERNAME ikilisi birleştirilip yollanır
private void LoginPhase() { clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); string IP = textBox_IP.Text; textBox_IP.Text = ""; int port; string EncDecPublic; string signVerPublic; bool verificationResult = false; ConsoleServer.AppendText("Connecting to the server"); using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\server_enc_dec_pub.txt")) { EncDecPublic = fileReader.ReadLine(); } using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\server_signing_verification_pub.txt")) { signVerPublic = fileReader.ReadLine(); } //if(string.IsNullOrWhiteSpace(textBox_IP.Text) && string) if (Int32.TryParse(textBox_Port.Text, out port)) { try { clientSocket.Connect(IP, port); } catch { ConsoleServer.AppendText("Connection is not succesfull\nRe-enter Port and IP\n"); } /* * LOGING * sending username and password with sha * * */ byte[] loginReqEncByte = encryptWithRSA("login", 3072, EncDecPublic); try { sendMessage(Encoding.Default.GetString(loginReqEncByte)); // sends login request to the server } catch { ConsoleServer.AppendText("A problem occured sending message ERROR0.001\n"); } //byte[] sha256 = hashWithSHA256(textBox_Password.Text); /********** AUTHENTICATION REQUEST TO THE SERVER TOGETHER WITH USERNAME **************/ byte[] hashOfUsername = hashWithSHA256(textBox_UserName.Text); byte[] usernameByte = Encoding.Default.GetBytes(textBox_UserName.Text); byte[] concatenatedByte = new byte[32 + usernameByte.Length]; Array.Copy(hashOfUsername, 0, concatenatedByte, 0, 32); Array.Copy(usernameByte, 0, concatenatedByte, 32, usernameByte.Length); byte[] authenticationRequest = encryptWithRSA(Encoding.Default.GetString(concatenatedByte), 3072, EncDecPublic); try { sendMessage(Encoding.Default.GetString(authenticationRequest)); //sends Challange Response protochols result SEEEND } catch { ConsoleServer.AppendText("A problem occured sending message ERROR0.002\n"); } /*******************************************************************************/ //Server sends the 128bit random number string serversMessage = ""; try { serversMessage = receiveMessage(); } catch { ConsoleServer.AppendText("A problem occured while Receiving message ERROR0.003\n"); } byte[] receivedBytes = Encoding.Default.GetBytes(serversMessage); byte[] hashOfRandomNum = new byte[32]; byte[] random128BitNum = new byte[16]; Array.Copy(receivedBytes, 0, hashOfRandomNum, 0, 32); Array.Copy(receivedBytes, 32, random128BitNum, 0, 16); if (Encoding.Default.GetString(hashWithSHA256(Encoding.Default.GetString(random128BitNum))) == Encoding.Default.GetString(hashOfRandomNum)) // Yollanan random number kazasız belasız ulaşmış mı ? { byte[] hashOfPassword = hashWithSHA256(textBox_Password.Text); byte[] upperhalfOfPassword = new byte[16]; Array.Copy(hashOfPassword, 0, upperhalfOfPassword, 0, 16); byte[] hmacsha256 = applyHMACwithSHA256(Encoding.Default.GetString(random128BitNum), upperhalfOfPassword); try { sendMessage(Encoding.Default.GetString(hmacsha256)); } catch { ConsoleServer.AppendText("A problem occured while Sending message ERROR0.004\n"); } // SIGNED ACKNOWLEDGEMENT RECEIVED FROM SERVER AFTER HMAC AUTHENTICATION try { serversMessage = receiveMessage(); } catch { ConsoleServer.AppendText("A problem occured while receiving message ERROR0.005\n"); } receivedBytes = Encoding.Default.GetBytes(serversMessage); byte[] signOfAcknowledgement = new byte[384]; byte[] acknowledgementMessage = new byte[receivedBytes.Length - 384]; Array.Copy(receivedBytes, 0, signOfAcknowledgement, 0, 384); Array.Copy(receivedBytes, 384, acknowledgementMessage, 0, receivedBytes.Length - 384); //TRY TO VERIFY SIGNED MESSAGE WHETHER THE SERVER IS VALID verificationResult = verifyWithRSA(Encoding.Default.GetString(acknowledgementMessage), 3072, signVerPublic, signOfAcknowledgement); if (verificationResult == true) { ConsoleServer.AppendText("Login Acknowledgement Comes From VALID Server\n"); if (Encoding.Default.GetString(acknowledgementMessage) == "Succesfully Verified") { //***************** ARTIK GİRİS YAPABİLİRSİN DOSTUM ******************// ConsoleServer.AppendText("You are SUCCESFULLY Connectected to the Server\n"); ConsoleServer.AppendText("You are now Logged in\n"); button_connect.Enabled = false; button_Enroll.Enabled = false; connected = true; //GET SESSION KEYS FROM SERVER PHASE serversMessage = receiveMessage(); receivedBytes = Encoding.Default.GetBytes(serversMessage); byte[] sessionKeyMesSign = new byte[384]; byte[] sessionKeyMes = new byte[receivedBytes.Length - 384]; Array.Copy(receivedBytes, 0, sessionKeyMes, 0, receivedBytes.Length - 384); Array.Copy(receivedBytes, 384, sessionKeyMesSign, receivedBytes.Length - 384, 384); verificationResult = verifyWithRSA(serversMessage, 3072, signVerPublic, sessionKeyMesSign); if (verificationResult == true) { byte[] SessionkeysEncrypted = new byte[32]; Array.Copy(SessionkeysEncrypted, 0, sessionKeyMes, 0, 32); // Seperate session key from "OK" byte[] Sessionkeys = decryptWithAES128(Encoding.Default.GetString(SessionkeysEncrypted), upperhalfOfPassword, random128BitNum); // Decrypte session key using AES128 byte[] SymEncDec128BitNum = new byte[16]; // First 128Bit is AES keys byte[] SessionKey128BitNum = new byte[16]; // Second 128Bit is Authentcation Key for Session Array.Copy(Sessionkeys, 0, SymEncDec128BitNum, 0, 16); Array.Copy(Sessionkeys, 16, SessionKey128BitNum, 0, 16); Thread thread = new Thread(() => ReceiveFunc(SymEncDec128BitNum, SessionKey128BitNum)); // Serverın yollayacakları için ReceiveFunc Thread i başlatılıyor thread.Start(); } } else if (Encoding.Default.GetString(acknowledgementMessage) == "Succesfully Verified But You are Allready In Server") { //************ VERIFY EDİLEN KULLANICI ZATEN SERVER DA DOSTUM ********// ConsoleServer.AppendText("You are SUCCESFULLY Verified by the Server but BRO You are Allready In the Server \n Please Try again\n"); } else if (Encoding.Default.GetString(acknowledgementMessage) == "You CAN'T Verified") { ConsoleServer.AppendText("You CAN'T Login The System \n Please Try again\n"); } } else { ConsoleServer.AppendText("Login Acknowledgement Comes From INVALID Server\n"); } } } else { textBox_Port.Text = ""; ConsoleServer.AppendText("Check the port\n"); } }