public BitChatNetwork(MailAddress peerEmailAddress, string sharedSecret, BinaryID networkID, Certificate[] knownPeerCerts, IBitChatNetworkManager networkManager, ISecureChannelSecurityManager securityManager) { _type = BitChatNetworkType.PrivateChat; _peerEmailAddress = peerEmailAddress; _sharedSecret = sharedSecret; _networkManager = networkManager; _securityManager = securityManager; LoadPeers(knownPeerCerts); if (knownPeerCerts.Length > 0) _peerName = knownPeerCerts[0].IssuedTo.Name; if (networkID == null) { //compute network id HashAlgorithm hash = HashAlgorithm.Create("SHA1"); byte[] peerEmailAddressHash = hash.ComputeHash(Encoding.UTF8.GetBytes(_peerEmailAddress.Address.ToLower())); byte[] selfEmailAddressHash = hash.ComputeHash(Encoding.UTF8.GetBytes(networkManager.GetLocalCredentials().Certificate.IssuedTo.EmailAddress.Address.ToLower())); byte[] salt = new byte[20]; for (int i = 0; i < 20; i++) { salt[i] = (byte)(peerEmailAddressHash[i] ^ selfEmailAddressHash[i]); } _networkID = new BinaryID(PBKDF2.CreateHMACSHA1(_sharedSecret, salt, 200000).GetBytes(20)); } else { _networkID = networkID; } }
public SecureChannelClientStream(Stream stream, IPEndPoint remotePeerEP, CertificateStore clientCredentials, Certificate[] trustedRootCertificates, ISecureChannelSecurityManager manager, SecureChannelCryptoOptionFlags supportedOptions, int reNegotiateOnBytesSent, int reNegotiateAfterSeconds, string preSharedKey = null) : base(remotePeerEP, reNegotiateOnBytesSent, reNegotiateAfterSeconds) { _clientCredentials = clientCredentials; _trustedRootCertificates = trustedRootCertificates; _manager = manager; _supportedOptions = supportedOptions; _preSharedKey = preSharedKey; try { //read server protocol version _version = stream.ReadByte(); switch (_version) { case 4: //send supported client version stream.WriteByte(4); ProtocolV4(stream, clientCredentials, trustedRootCertificates, manager, preSharedKey, supportedOptions); break; default: throw new SecureChannelException(SecureChannelCode.ProtocolVersionNotSupported, _remotePeerEP, _remotePeerCert, "SecureChannel protocol version '" + _version + "' not supported."); } } catch (SecureChannelException ex) { try { if (_baseStream == null) { SecureChannelPacket.WritePacket(stream, ex.Code); } else { SecureChannelPacket.WritePacket(this, ex.Code); } } catch { } throw new SecureChannelException(ex.Code, _remotePeerEP, _remotePeerCert, ex.Message, ex.InnerException); } }
public SecureChannelClientStream(Stream stream, IPEndPoint remotePeerEP, CertificateStore clientCredentials, Certificate[] trustedRootCertificates, ISecureChannelSecurityManager manager, SecureChannelCryptoOptionFlags supportedOptions, int reNegotiateOnBytesSent, int reNegotiateAfterSeconds, string preSharedKey = null) : base(remotePeerEP, reNegotiateOnBytesSent, reNegotiateAfterSeconds) { _clientCredentials = clientCredentials; _trustedRootCertificates = trustedRootCertificates; _manager = manager; _supportedOptions = supportedOptions; _preSharedKey = preSharedKey; try { //read server protocol version _version = stream.ReadByte(); switch (_version) { case 4: //send supported client version stream.WriteByte(4); ProtocolV4(stream, clientCredentials, trustedRootCertificates, manager, preSharedKey, supportedOptions); break; default: throw new SecureChannelException(SecureChannelCode.ProtocolVersionNotSupported, _remotePeerEP, _remotePeerCert, "SecureChannel protocol version '" + _version + "' not supported."); } } catch (SecureChannelException ex) { try { if (_baseStream == null) SecureChannelPacket.WritePacket(stream, ex.Code); else SecureChannelPacket.WritePacket(this, ex.Code); } catch { } throw new SecureChannelException(ex.Code, _remotePeerEP, _remotePeerCert, ex.Message, ex.InnerException); } }
public BitChatNetwork(string networkName, string sharedSecret, BinaryID networkID, Certificate[] knownPeerCerts, IBitChatNetworkManager networkManager, ISecureChannelSecurityManager securityManager) { _type = BitChatNetworkType.GroupChat; _networkName = networkName; _sharedSecret = sharedSecret; _networkManager = networkManager; _securityManager = securityManager; LoadPeers(knownPeerCerts); if (networkID == null) { //compute network id _networkID = new BinaryID(PBKDF2.CreateHMACSHA1(_sharedSecret, Encoding.UTF8.GetBytes(_networkName.ToLower()), 200000).GetBytes(20)); } else { _networkID = networkID; } }
public BitChatNetwork(MailAddress peerEmailAddress, string sharedSecret, BinaryID networkID, Certificate[] knownPeerCerts, IBitChatNetworkManager networkManager, ISecureChannelSecurityManager securityManager) { _type = BitChatNetworkType.PrivateChat; _peerEmailAddress = peerEmailAddress; _sharedSecret = sharedSecret; _networkManager = networkManager; _securityManager = securityManager; LoadPeers(knownPeerCerts); if (knownPeerCerts.Length > 0) { _peerName = knownPeerCerts[0].IssuedTo.Name; } if (networkID == null) { //compute network id HashAlgorithm hash = HashAlgorithm.Create("SHA1"); byte[] peerEmailAddressHash = hash.ComputeHash(Encoding.UTF8.GetBytes(_peerEmailAddress.Address.ToLower())); byte[] selfEmailAddressHash = hash.ComputeHash(Encoding.UTF8.GetBytes(networkManager.GetLocalCredentials().Certificate.IssuedTo.EmailAddress.Address.ToLower())); byte[] salt = new byte[20]; for (int i = 0; i < 20; i++) { salt[i] = (byte)(peerEmailAddressHash[i] ^ selfEmailAddressHash[i]); } _networkID = new BinaryID(PBKDF2.CreateHMACSHA1(_sharedSecret, salt, 200000).GetBytes(20)); } else { _networkID = networkID; } }
public SecureChannelServerStream(Stream stream, IPEndPoint remotePeerEP, CertificateStore serverCredentials, Certificate[] trustedRootCertificates, ISecureChannelSecurityManager manager, SecureChannelCryptoOptionFlags supportedOptions, int reNegotiateOnBytesSent, int reNegotiateAfterSeconds, byte[] preSharedKey) : base(remotePeerEP, reNegotiateOnBytesSent, reNegotiateAfterSeconds) { _serverCredentials = serverCredentials; _trustedRootCertificates = trustedRootCertificates; _manager = manager; _supportedOptions = supportedOptions; _preSharedKey = preSharedKey; try { //send server protocol version stream.WriteByte(4); //read client protocol version _version = stream.ReadByte(); switch (_version) { case 4: ProtocolV4(stream); break; case -1: throw new EndOfStreamException(); default: throw new SecureChannelException(SecureChannelCode.ProtocolVersionNotSupported, _remotePeerEP, _remotePeerCert, "SecureChannel protocol version '" + _version + "' not supported."); } } catch (SecureChannelException ex) { if (ex.Code == SecureChannelCode.RemoteError) { throw new SecureChannelException(ex.Code, _remotePeerEP, _remotePeerCert, ex.Message, ex); } else { try { if (_baseStream == null) { SecureChannelPacket.WritePacket(stream, ex.Code); } else { SecureChannelPacket.WritePacket(this, ex.Code); } } catch { } throw; } } catch (IOException) { throw; } catch { try { if (_baseStream == null) { SecureChannelPacket.WritePacket(stream, SecureChannelCode.UnknownException); } else { SecureChannelPacket.WritePacket(this, SecureChannelCode.UnknownException); } } catch { } throw; } }
private void ProtocolV4(Stream stream, CertificateStore clientCredentials, Certificate[] trustedRootCertificates, ISecureChannelSecurityManager manager, string preSharedKey, SecureChannelCryptoOptionFlags supportedOptions) { #region 1. hello handshake //send client hello SecureChannelPacket.Hello clientHello = new SecureChannelPacket.Hello(BinaryID.GenerateRandomID256(), supportedOptions); SecureChannelPacket.WritePacket(stream, clientHello); //read server hello SecureChannelPacket.Hello serverHello = (new SecureChannelPacket(stream)).GetHello(); //read selected crypto option _selectedCryptoOption = supportedOptions & serverHello.CryptoOptions; if (_selectedCryptoOption == SecureChannelCryptoOptionFlags.None) { throw new SecureChannelException(SecureChannelCode.NoMatchingCryptoAvailable, _remotePeerEP, _remotePeerCert); } #endregion #region 2. key exchange //read server key exchange data SecureChannelPacket.KeyExchange serverKeyExchange = (new SecureChannelPacket(stream)).GetKeyExchange(); SymmetricEncryptionAlgorithm encAlgo; string hashAlgo; KeyAgreement keyAgreement; switch (_selectedCryptoOption) { case SecureChannelCryptoOptionFlags.DHE2048_RSA_WITH_AES256_CBC_HMAC_SHA256: encAlgo = SymmetricEncryptionAlgorithm.Rijndael; hashAlgo = "SHA256"; keyAgreement = new DiffieHellman(DiffieHellmanGroupType.RFC3526, 2048, KeyAgreementKeyDerivationFunction.Hmac, KeyAgreementKeyDerivationHashAlgorithm.SHA256); break; case SecureChannelCryptoOptionFlags.ECDHE256_RSA_WITH_AES256_CBC_HMAC_SHA256: encAlgo = SymmetricEncryptionAlgorithm.Rijndael; hashAlgo = "SHA256"; keyAgreement = new TechnitiumLibrary.Security.Cryptography.ECDiffieHellman(256, KeyAgreementKeyDerivationFunction.Hmac, KeyAgreementKeyDerivationHashAlgorithm.SHA256); break; default: throw new SecureChannelException(SecureChannelCode.NoMatchingCryptoAvailable, _remotePeerEP, _remotePeerCert); } //send client key exchange data SecureChannelPacket.KeyExchange clientKeyExchange = new SecureChannelPacket.KeyExchange(keyAgreement.GetPublicKeyXML(), clientCredentials.PrivateKey, hashAlgo); SecureChannelPacket.WritePacket(stream, clientKeyExchange); //generate master key byte[] masterKey = GenerateMasterKey(clientHello, serverHello, _preSharedKey, keyAgreement, serverKeyExchange.PublicKeyXML); //verify master key using HMAC authentication { SecureChannelPacket.Authentication clientAuthentication = new SecureChannelPacket.Authentication(serverHello, masterKey); SecureChannelPacket.WritePacket(stream, clientAuthentication); SecureChannelPacket.Authentication serverAuthentication = (new SecureChannelPacket(stream)).GetAuthentication(); if (!serverAuthentication.IsValid(clientHello, masterKey)) { throw new SecureChannelException(SecureChannelCode.ProtocolAuthenticationFailed, _remotePeerEP, _remotePeerCert); } } //enable channel encryption switch (encAlgo) { case SymmetricEncryptionAlgorithm.Rijndael: //using MD5 for generating AES IV of 128bit block size HashAlgorithm md5Hash = HashAlgorithm.Create("MD5"); byte[] eIV = md5Hash.ComputeHash(clientHello.Nonce.ID); byte[] dIV = md5Hash.ComputeHash(serverHello.Nonce.ID); //create encryption and decryption objects SymmetricCryptoKey encryptionKey = new SymmetricCryptoKey(SymmetricEncryptionAlgorithm.Rijndael, masterKey, eIV, PaddingMode.None); SymmetricCryptoKey decryptionKey = new SymmetricCryptoKey(SymmetricEncryptionAlgorithm.Rijndael, masterKey, dIV, PaddingMode.None); //enable encryption EnableEncryption(stream, encryptionKey, decryptionKey, new HMACSHA256(masterKey), new HMACSHA256(masterKey)); break; default: throw new SecureChannelException(SecureChannelCode.NoMatchingCryptoAvailable, _remotePeerEP, _remotePeerCert); } //channel encryption is ON! #endregion #region 3. exchange & verify certificates & signatures if (!_reNegotiating) { //send client certificate SecureChannelPacket.WritePacket(this, clientCredentials.Certificate); //read server certificate _remotePeerCert = (new SecureChannelPacket(this)).GetCertificate(); //verify server certificate try { _remotePeerCert.Verify(trustedRootCertificates); } catch (Exception ex) { throw new SecureChannelException(SecureChannelCode.InvalidRemoteCertificate, _remotePeerEP, _remotePeerCert, "Invalid remote certificate.", ex); } } //verify key exchange signature switch (_selectedCryptoOption) { case SecureChannelCryptoOptionFlags.DHE2048_RSA_WITH_AES256_CBC_HMAC_SHA256: case SecureChannelCryptoOptionFlags.ECDHE256_RSA_WITH_AES256_CBC_HMAC_SHA256: if (_remotePeerCert.PublicKeyEncryptionAlgorithm != AsymmetricEncryptionAlgorithm.RSA) { throw new SecureChannelException(SecureChannelCode.InvalidRemoteCertificateAlgorithm, _remotePeerEP, _remotePeerCert); } if (!serverKeyExchange.IsSignatureValid(_remotePeerCert, "SHA256")) { throw new SecureChannelException(SecureChannelCode.InvalidRemoteKeyExchangeSignature, _remotePeerEP, _remotePeerCert); } break; default: throw new SecureChannelException(SecureChannelCode.NoMatchingCryptoAvailable, _remotePeerEP, _remotePeerCert); } if ((manager != null) && !manager.ProceedConnection(_remotePeerCert)) { throw new SecureChannelException(SecureChannelCode.SecurityManagerDeclinedAccess, _remotePeerEP, _remotePeerCert, "Security manager declined access."); } #endregion }
private void ProtocolV4(Stream stream, CertificateStore clientCredentials, Certificate[] trustedRootCertificates, ISecureChannelSecurityManager manager, string preSharedKey, SecureChannelCryptoOptionFlags supportedOptions) { #region 1. hello handshake //send client hello SecureChannelPacket.Hello clientHello = new SecureChannelPacket.Hello(BinaryID.GenerateRandomID256(), supportedOptions); SecureChannelPacket.WritePacket(stream, clientHello); //read server hello SecureChannelPacket.Hello serverHello = (new SecureChannelPacket(stream)).GetHello(); //read selected crypto option _selectedCryptoOption = supportedOptions & serverHello.CryptoOptions; if (_selectedCryptoOption == SecureChannelCryptoOptionFlags.None) throw new SecureChannelException(SecureChannelCode.NoMatchingCryptoAvailable, _remotePeerEP, _remotePeerCert); #endregion #region 2. key exchange //read server key exchange data SecureChannelPacket.KeyExchange serverKeyExchange = (new SecureChannelPacket(stream)).GetKeyExchange(); SymmetricEncryptionAlgorithm encAlgo; string hashAlgo; KeyAgreement keyAgreement; switch (_selectedCryptoOption) { case SecureChannelCryptoOptionFlags.DHE2048_RSA_WITH_AES256_CBC_HMAC_SHA256: encAlgo = SymmetricEncryptionAlgorithm.Rijndael; hashAlgo = "SHA256"; keyAgreement = new DiffieHellman(DiffieHellmanGroupType.RFC3526, 2048, KeyAgreementKeyDerivationFunction.Hmac, KeyAgreementKeyDerivationHashAlgorithm.SHA256); break; case SecureChannelCryptoOptionFlags.ECDHE256_RSA_WITH_AES256_CBC_HMAC_SHA256: encAlgo = SymmetricEncryptionAlgorithm.Rijndael; hashAlgo = "SHA256"; keyAgreement = new TechnitiumLibrary.Security.Cryptography.ECDiffieHellman(256, KeyAgreementKeyDerivationFunction.Hmac, KeyAgreementKeyDerivationHashAlgorithm.SHA256); break; default: throw new SecureChannelException(SecureChannelCode.NoMatchingCryptoAvailable, _remotePeerEP, _remotePeerCert); } //send client key exchange data SecureChannelPacket.KeyExchange clientKeyExchange = new SecureChannelPacket.KeyExchange(keyAgreement.GetPublicKeyXML(), clientCredentials.PrivateKey, hashAlgo); SecureChannelPacket.WritePacket(stream, clientKeyExchange); //generate master key byte[] masterKey = GenerateMasterKey(clientHello, serverHello, _preSharedKey, keyAgreement, serverKeyExchange.PublicKeyXML); //verify master key using HMAC authentication { SecureChannelPacket.Authentication clientAuthentication = new SecureChannelPacket.Authentication(serverHello, masterKey); SecureChannelPacket.WritePacket(stream, clientAuthentication); SecureChannelPacket.Authentication serverAuthentication = (new SecureChannelPacket(stream)).GetAuthentication(); if (!serverAuthentication.IsValid(clientHello, masterKey)) throw new SecureChannelException(SecureChannelCode.ProtocolAuthenticationFailed, _remotePeerEP, _remotePeerCert); } //enable channel encryption switch (encAlgo) { case SymmetricEncryptionAlgorithm.Rijndael: //using MD5 for generating AES IV of 128bit block size HashAlgorithm md5Hash = HashAlgorithm.Create("MD5"); byte[] eIV = md5Hash.ComputeHash(clientHello.Nonce.ID); byte[] dIV = md5Hash.ComputeHash(serverHello.Nonce.ID); //create encryption and decryption objects SymmetricCryptoKey encryptionKey = new SymmetricCryptoKey(SymmetricEncryptionAlgorithm.Rijndael, masterKey, eIV, PaddingMode.None); SymmetricCryptoKey decryptionKey = new SymmetricCryptoKey(SymmetricEncryptionAlgorithm.Rijndael, masterKey, dIV, PaddingMode.None); //enable encryption EnableEncryption(stream, encryptionKey, decryptionKey, new HMACSHA256(masterKey), new HMACSHA256(masterKey)); break; default: throw new SecureChannelException(SecureChannelCode.NoMatchingCryptoAvailable, _remotePeerEP, _remotePeerCert); } //channel encryption is ON! #endregion #region 3. exchange & verify certificates & signatures if (!_reNegotiating) { //send client certificate SecureChannelPacket.WritePacket(this, clientCredentials.Certificate); //read server certificate _remotePeerCert = (new SecureChannelPacket(this)).GetCertificate(); //verify server certificate try { _remotePeerCert.Verify(trustedRootCertificates); } catch (Exception ex) { throw new SecureChannelException(SecureChannelCode.InvalidRemoteCertificate, _remotePeerEP, _remotePeerCert, "Invalid remote certificate.", ex); } } //verify key exchange signature switch (_selectedCryptoOption) { case SecureChannelCryptoOptionFlags.DHE2048_RSA_WITH_AES256_CBC_HMAC_SHA256: case SecureChannelCryptoOptionFlags.ECDHE256_RSA_WITH_AES256_CBC_HMAC_SHA256: if (_remotePeerCert.PublicKeyEncryptionAlgorithm != AsymmetricEncryptionAlgorithm.RSA) throw new SecureChannelException(SecureChannelCode.InvalidRemoteCertificateAlgorithm, _remotePeerEP, _remotePeerCert); if (!serverKeyExchange.IsSignatureValid(_remotePeerCert, "SHA256")) throw new SecureChannelException(SecureChannelCode.InvalidRemoteKeyExchangeSignature, _remotePeerEP, _remotePeerCert); break; default: throw new SecureChannelException(SecureChannelCode.NoMatchingCryptoAvailable, _remotePeerEP, _remotePeerCert); } if ((manager != null) && !manager.ProceedConnection(_remotePeerCert)) throw new SecureChannelException(SecureChannelCode.SecurityManagerDeclinedAccess, _remotePeerEP, _remotePeerCert, "Security manager declined access."); #endregion }