public bool CreateSecretUsingBundle(IKeyBundleModel <TSignedKeyModelType> OtherClientBundle)
{
// we want to create a shared secret between us and another client so we can send messages back and fourth
// make sure the bundle that we got contains ONLY keys from the identity key inside the bundle
if (VerifySignedKey(OtherClientBundle.PublicKey, OtherClientBundle.X509IdentityKey) is false)
{
bool clientNull = (OtherClientBundle is null);
logger.LogWarning("Failed to verify bundle provided Null?:{BudleIsNull} Possible MIM attack:{BundleFailedSigning}", clientNull, !clientNull);
return(false);
}
if (dhRatchet.TryCreateSharedSecret
(
OtherClientBundle.X509IdentityKey,
OtherClientBundle.PublicKey.PublicKey,
OtherClientBundle.PublicKey.Signature
)
)
{
// make sure to set the seed key for the ratchets or else we wont be able to send or receive any messages
senderKDF.Reset(dhRatchet.PrivateKey);
receiverKDF.Reset(dhRatchet.PrivateKey);
return(true);
}
return(false);
}
public async Task <bool> CreateSecretAndSendBundle(string SenderId, string RecipientId)
{
// check to see if we have a bundle waiting from the other party
IKeyBundleModel <TSignedKeyModelType> bundle = await bundleHandler.GetBundle(SenderId, RecipientId);
if (bundle != null)
{
// since the other person sent us a bundle we should generate our own and send it to them
if (await SendBundle(SenderId, RecipientId))
{
// since sendBundle generates new keys and saves the state of the encryption client on this object it should be assumed that we can create a secret immediately
string state = await clientStateHandler.GetState(SenderId, RecipientId);
encryptionClient.ImportState(state);
if (encryptionClient.CreateSecretUsingBundle(bundle))
{
logger.LogInformation("Created secret for {Id}, using {OtherId}'s bundle", SenderId, RecipientId);
// if we were able to sucessfully create a secret save our encryption state and remove the budle from our bundles
string clientState = encryptionClient.ExportState();
if (await clientStateHandler.SetState(SenderId, RecipientId, clientState))
{
logger.LogInformation("Set Client State for {Id}", SenderId);
// since we saved the state of our encryption client we can delete the bundle from the server
if (await bundleHandler.RemoveBundle(SenderId, RecipientId))
{
logger.LogInformation("Sucessfully created secret and removed bundle from server for {Id}", SenderId);
return(true);
}
else
{
logger.LogError("Failed to remove bundle for friend {FriendId} for {Id}", RecipientId, SenderId);
}
}
else
{
logger.LogError("Failed to set encryption client state for {Id}", SenderId);
}
}
else
{
logger.LogError("Failed to create secret using Bundle for {Id}", SenderId);
}
}
else
{
logger.LogError("Failed to generate bundle for other party {Id}", SenderId);
}
}
else
{
logger.LogError("Failed to retrieve bundle for other party for {Id}", SenderId);
}
return(false);
}
