private void InitializeConnectionReceiveCallback(IAsyncResult ar)
{
if (!Disposed)
{
BaseSocketConnection connection = null;
MessageBuffer readMessage = null;
try
{
CallbackData callbackData = (CallbackData)ar.AsyncState;
connection = callbackData.Connection;
readMessage = callbackData.Buffer;
if (connection.Active)
{
bool readSocket = true;
bool completed = false;
int readBytes = connection.Socket.EndReceive(ar);
if (readBytes > 0)
{
readMessage.PacketOffSet += readBytes;
byte[] message = null;
try
{
message = Convert.FromBase64String(Encoding.GetEncoding(1252).GetString(readMessage.PacketBuffer, 0, readMessage.PacketOffSet));
}
catch (FormatException)
{
//----- Base64 transformation error!
}
if ((message != null) && (Encoding.GetEncoding(1252).GetString(message).Contains("</AuthMessage>")))
{
//----- Get RSA provider!
RSACryptoServiceProvider serverPrivateKey;
RSACryptoServiceProvider clientPublicKey = new RSACryptoServiceProvider();
byte[] signMessage;
FCryptoService.OnSymmetricAuthenticate(connection, out serverPrivateKey, out signMessage);
//----- Deserialize authentication message!
MemoryStream m = new MemoryStream();
m.Write(message, 0, message.Length);
m.Position = 0;
XmlSerializer xml = new XmlSerializer(typeof(AuthMessage));
AuthMessage am = (AuthMessage)xml.Deserialize(m);
//----- Generates symmetric algoritm!
SymmetricAlgorithm sa = CryptUtils.CreateSymmetricAlgoritm(connection.EncryptType);
sa.Key = serverPrivateKey.Decrypt(am.SessionKey, false);
sa.IV = serverPrivateKey.Decrypt(am.SessionIV, false);
//----- Adjust connection cryptors!
connection.Encryptor = sa.CreateEncryptor();
connection.Decryptor = sa.CreateDecryptor();
//----- Verify sign!
clientPublicKey.FromXmlString(Encoding.UTF8.GetString(CryptUtils.DecryptDataForAuthenticate(sa, am.SourceKey, PaddingMode.ISO10126)));
m.SetLength(0);
m.Write(am.SourceKey, 0, am.SourceKey.Length);
m.Write(am.SessionKey, 0, am.SessionKey.Length);
m.Write(signMessage, 0, signMessage.Length);
if (clientPublicKey.VerifyData(CryptUtils.EncryptDataForAuthenticate(sa, m.ToArray(), PaddingMode.PKCS7), new SHA1CryptoServiceProvider(), am.Sign))
{
completed = true;
}
readSocket = false;
m.Close();
am.SessionIV.Initialize();
am.SessionKey.Initialize();
serverPrivateKey.Clear();
clientPublicKey.Clear();
readMessage = null;
callbackData = null;
if (!completed)
{
throw new SymmetricAuthenticationException("Symmetric sign error.");
}
FHost.FireOnConnected(connection);
}
if (readSocket)
{
connection.Socket.BeginReceive(readMessage.PacketBuffer, readMessage.PacketOffSet, readMessage.PacketRemaining, SocketFlags.None, new AsyncCallback(InitializeConnectionReceiveCallback), callbackData);
}
}
else
{
throw new SymmetricAuthenticationException("Symmetric authentication error.");
}
}
}
catch (Exception ex)
{
FHost.FireOnException(connection, ex);
}
}
}
protected void InitializeCryptService(BaseSocketConnection connection)
{
//----- None!
if (connection.EncryptType == EncryptType.etNone || connection.EncryptType == EncryptType.etBase64)
{
FHost.FireOnConnected(connection);
}
//----- Symmetric!
if (connection.EncryptType == EncryptType.etRijndael || connection.EncryptType == EncryptType.etTripleDES)
{
if (FHost.HostType == HostType.htClient)
{
//----- Get RSA provider!
RSACryptoServiceProvider serverPublicKey;
RSACryptoServiceProvider clientPrivateKey = new RSACryptoServiceProvider();
byte[] signMessage;
FCryptoService.OnSymmetricAuthenticate(connection, out serverPublicKey, out signMessage);
//----- Generates symmetric algoritm!
SymmetricAlgorithm sa = CryptUtils.CreateSymmetricAlgoritm(connection.EncryptType);
sa.GenerateIV();
sa.GenerateKey();
//----- Adjust connection cryptors!
connection.Encryptor = sa.CreateEncryptor();
connection.Decryptor = sa.CreateDecryptor();
//----- Create authenticate structure!
AuthMessage am = new AuthMessage();
am.SessionIV = serverPublicKey.Encrypt(sa.IV, false);
am.SessionKey = serverPublicKey.Encrypt(sa.Key, false);
am.SourceKey = CryptUtils.EncryptDataForAuthenticate(sa, Encoding.UTF8.GetBytes(clientPrivateKey.ToXmlString(false)), PaddingMode.ISO10126);
//----- Sign message with am.SourceKey, am.SessionKey and signMessage!
//----- Need to use PaddingMode.PKCS7 in sign!
MemoryStream m = new MemoryStream();
m.Write(am.SourceKey, 0, am.SourceKey.Length);
m.Write(am.SessionKey, 0, am.SessionKey.Length);
m.Write(signMessage, 0, signMessage.Length);
am.Sign = clientPrivateKey.SignData(CryptUtils.EncryptDataForAuthenticate(sa, m.ToArray(), PaddingMode.PKCS7), new SHA1CryptoServiceProvider());
//----- Serialize authentication message!
XmlSerializer xml = new XmlSerializer(typeof(AuthMessage));
m.SetLength(0);
xml.Serialize(m, am);
//----- Send structure!
MessageBuffer mb = new MessageBuffer(0);
mb.PacketBuffer = Encoding.GetEncoding(1252).GetBytes(Convert.ToBase64String(m.ToArray()));
connection.Socket.BeginSend(mb.PacketBuffer, mb.PacketOffSet, mb.PacketRemaining, SocketFlags.None, new AsyncCallback(InitializeConnectionSendCallback), new CallbackData(connection, mb));
m.Close();
am.SessionIV.Initialize();
am.SessionKey.Initialize();
serverPublicKey.Clear();
clientPrivateKey.Clear();
}
else
{
//----- Create empty authenticate structure!
MessageBuffer mb = new MessageBuffer(8192);
//----- Start receive structure!
connection.Socket.BeginReceive(mb.PacketBuffer, mb.PacketOffSet, mb.PacketRemaining, SocketFlags.None, new AsyncCallback(InitializeConnectionReceiveCallback), new CallbackData(connection, mb));
}
}
//----- Asymmetric!
if (connection.EncryptType == EncryptType.etSSL)
{
if (FHost.HostType == HostType.htClient)
{
//----- Get SSL items!
X509Certificate2Collection certs = null;
string serverName = null;
bool checkRevocation = true;
FCryptoService.OnSSLClientAuthenticate(connection, out serverName, ref certs, ref checkRevocation);
//----- Authneticate SSL!
SslStream ssl = new SslStream(new NetworkStream(connection.Socket), true, new RemoteCertificateValidationCallback(ValidateServerCertificateCallback));
if (certs == null)
{
ssl.BeginAuthenticateAsClient(serverName, new AsyncCallback(SslAuthenticateCallback), new AuthenticateCallbackData(connection, ssl, HostType.htClient));
}
else
{
ssl.BeginAuthenticateAsClient(serverName, certs, System.Security.Authentication.SslProtocols.Default, checkRevocation, new AsyncCallback(SslAuthenticateCallback), new AuthenticateCallbackData(connection, ssl, HostType.htClient));
}
}
else
{
//----- Get SSL items!
X509Certificate2 cert = null;
bool clientAuthenticate = false;
bool checkRevocation = true;
FCryptoService.OnSSLServerAuthenticate(connection, out cert, out clientAuthenticate, ref checkRevocation);
//----- Authneticate SSL!
SslStream ssl = new SslStream(new NetworkStream(connection.Socket));
ssl.BeginAuthenticateAsServer(cert, clientAuthenticate, System.Security.Authentication.SslProtocols.Default, checkRevocation, new AsyncCallback(SslAuthenticateCallback), new AuthenticateCallbackData(connection, ssl, HostType.htServer));
}
}
}
protected void InitializeCryptService(BaseSocketConnection connection)
{
//----- None!
if (connection.EncryptType == EncryptType.etNone || connection.EncryptType == EncryptType.etBase64)
{
FHost.FireOnConnected(connection);
}
//----- Symmetric!
if (connection.EncryptType == EncryptType.etRijndael || connection.EncryptType == EncryptType.etTripleDES)
{
if (FHost.HostType == HostType.htClient)
{
//----- Get RSA provider!
RSACryptoServiceProvider serverPublicKey;
RSACryptoServiceProvider clientPrivateKey = new RSACryptoServiceProvider();
byte[] signMessage;
FCryptoService.OnSymmetricAuthenticate(connection, out serverPublicKey, out signMessage);
//----- Generates symmetric algoritm!
SymmetricAlgorithm sa = CryptUtils.CreateSymmetricAlgoritm(connection.EncryptType);
sa.GenerateIV();
sa.GenerateKey();
//----- Adjust connection cryptors!
connection.Encryptor = sa.CreateEncryptor();
connection.Decryptor = sa.CreateDecryptor();
//----- Create authenticate structure!
AuthMessage am = new AuthMessage();
am.SessionIV = serverPublicKey.Encrypt(sa.IV, false);
am.SessionKey = serverPublicKey.Encrypt(sa.Key, false);
am.SourceKey = CryptUtils.EncryptDataForAuthenticate(sa, Encoding.UTF8.GetBytes(clientPrivateKey.ToXmlString(false)), PaddingMode.ISO10126);
//----- Sign message with am.SourceKey, am.SessionKey and signMessage!
//----- Need to use PaddingMode.PKCS7 in sign!
MemoryStream m = new MemoryStream();
m.Write(am.SourceKey, 0, am.SourceKey.Length);
m.Write(am.SessionKey, 0, am.SessionKey.Length);
m.Write(signMessage, 0, signMessage.Length);
am.Sign = clientPrivateKey.SignData(CryptUtils.EncryptDataForAuthenticate(sa, m.ToArray(), PaddingMode.PKCS7), new SHA1CryptoServiceProvider());
//----- Serialize authentication message!
XmlSerializer xml = new XmlSerializer(typeof(AuthMessage));
m.SetLength(0);
xml.Serialize(m, am);
//----- Send structure!
MessageBuffer mb = new MessageBuffer(0);
mb.PacketBuffer = Encoding.GetEncoding(1252).GetBytes(Convert.ToBase64String(m.ToArray()));
connection.Socket.BeginSend(mb.PacketBuffer, mb.PacketOffSet, mb.PacketRemaining, SocketFlags.None, new AsyncCallback(InitializeConnectionSendCallback), new CallbackData(connection, mb));
m.Close();
am.SessionIV.Initialize();
am.SessionKey.Initialize();
serverPublicKey.Clear();
clientPrivateKey.Clear();
}
else
{
//----- Create empty authenticate structure!
MessageBuffer mb = new MessageBuffer(8192);
//----- Start receive structure!
connection.Socket.BeginReceive(mb.PacketBuffer, mb.PacketOffSet, mb.PacketRemaining, SocketFlags.None, new AsyncCallback(InitializeConnectionReceiveCallback), new CallbackData(connection, mb));
}
}
//----- Asymmetric!
if (connection.EncryptType == EncryptType.etSSL)
{
if (FHost.HostType == HostType.htClient)
{
//----- Get SSL items!
X509Certificate2Collection certs = null;
string serverName = null;
bool checkRevocation = true;
FCryptoService.OnSSLClientAuthenticate(connection, out serverName, ref certs, ref checkRevocation);
//----- Authneticate SSL!
SslStream ssl = new SslStream(new NetworkStream(connection.Socket), true, new RemoteCertificateValidationCallback(ValidateServerCertificateCallback));
if (certs == null)
{
ssl.BeginAuthenticateAsClient(serverName, new AsyncCallback(SslAuthenticateCallback), new AuthenticateCallbackData(connection, ssl, HostType.htClient));
}
else
{
ssl.BeginAuthenticateAsClient(serverName, certs, System.Security.Authentication.SslProtocols.Default, checkRevocation, new AsyncCallback(SslAuthenticateCallback), new AuthenticateCallbackData(connection, ssl, HostType.htClient));
}
}
else
{
//----- Get SSL items!
X509Certificate2 cert = null;
bool clientAuthenticate = false;
bool checkRevocation = true;
FCryptoService.OnSSLServerAuthenticate(connection, out cert, out clientAuthenticate, ref checkRevocation);
//----- Authneticate SSL!
SslStream ssl = new SslStream(new NetworkStream(connection.Socket));
ssl.BeginAuthenticateAsServer(cert, clientAuthenticate, System.Security.Authentication.SslProtocols.Default, checkRevocation, new AsyncCallback(SslAuthenticateCallback), new AuthenticateCallbackData(connection, ssl, HostType.htServer));
}
}
}