public VerificationMessage Deserialize(Omnix.Serialization.RocketPack.RocketPackReader r, int rank)
{
if (rank > 256)
{
throw new System.FormatException();
}
// Read property count
uint propertyCount = r.GetUInt32();
ProfileMessage p_profileMessage = ProfileMessage.Empty;
OmniAgreementPublicKey p_agreementPublicKey = OmniAgreementPublicKey.Empty;
for (; propertyCount > 0; propertyCount--)
{
uint id = r.GetUInt32();
switch (id)
{
case 0: // ProfileMessage
{
p_profileMessage = ProfileMessage.Formatter.Deserialize(r, rank + 1);
break;
}
case 1: // AgreementPublicKey
{
p_agreementPublicKey = OmniAgreementPublicKey.Formatter.Deserialize(r, rank + 1);
break;
}
}
}
return(new VerificationMessage(p_profileMessage, p_agreementPublicKey));
}
public VerificationMessage(ProfileMessage profileMessage, OmniAgreementPublicKey agreementPublicKey)
{
if (profileMessage is null)
{
throw new System.ArgumentNullException("profileMessage");
}
if (agreementPublicKey is null)
{
throw new System.ArgumentNullException("agreementPublicKey");
}
this.ProfileMessage = profileMessage;
this.AgreementPublicKey = agreementPublicKey;
{
var __h = new System.HashCode();
if (this.ProfileMessage != default)
{
__h.Add(this.ProfileMessage.GetHashCode());
}
if (this.AgreementPublicKey != default)
{
__h.Add(this.AgreementPublicKey.GetHashCode());
}
__hashCode = __h.ToHashCode();
}
}
public static byte[] GetSecret(OmniAgreementPublicKey publicKey, OmniAgreementPrivateKey privateKey)
{
if (publicKey.AlgorithmType == OmniAgreementAlgorithmType.EcDh_P521_Sha2_256 &&
privateKey.AlgorithmType == OmniAgreementAlgorithmType.EcDh_P521_Sha2_256)
{
return(EcDh_P521_Sha2_256.GetSecret(publicKey.PublicKey, privateKey.PrivateKey));
}
throw new NotSupportedException();
}
public static ReadOnlyMemory <byte> GetSecret(OmniAgreementPublicKey publicKey, OmniAgreementPrivateKey privateKey)
{
if (publicKey.AlgorithmType == OmniAgreementAlgorithmType.EcDh_P521_Sha2_256 &&
privateKey.AlgorithmType == OmniAgreementAlgorithmType.EcDh_P521_Sha2_256)
{
return(EcDh_P521_Sha2_256.GetSecret(publicKey.PublicKey, privateKey.PrivateKey));
}
return(null);
}
private byte[] ComputeHash(ProfileMessage profileMessage, OmniAgreementPublicKey agreementPublicKey, HashAlgorithmType hashAlgorithm)
{
var verificationMessage = new VerificationMessage(profileMessage, agreementPublicKey);
if (hashAlgorithm == HashAlgorithmType.Sha2_256)
{
using var bytesPipe = new BytesPipe();
verificationMessage.Export(bytesPipe.Writer, _bytesPool);
return(Sha2_256.ComputeHash(bytesPipe.Reader.GetSequence()));
}
throw new NotSupportedException(nameof(hashAlgorithm));
}
private async ValueTask <OmniAgreementPublicKey> ExchangeAgreementPublicKeyAsync(OmniAgreementPublicKey myAgreementPublicKey, CancellationToken cancellationToken = default)
{
var enqueueTask = _connection.Sender.SendAsync(myAgreementPublicKey, cancellationToken).AsTask();
var dequeueTask = _connection.Receiver.ReceiveAsync <OmniAgreementPublicKey>(cancellationToken).AsTask();
await Task.WhenAll(enqueueTask, dequeueTask);
var otherAgreementPublicKey = dequeueTask.Result;
if (otherAgreementPublicKey is null)
{
throw new NullReferenceException();
}
if ((DateTime.UtcNow - otherAgreementPublicKey.CreationTime.ToDateTime()).TotalMinutes > 30)
{
throw new OmniSecureConnectionException("Agreement public key has Expired.");
}
return(otherAgreementPublicKey);
}
public async ValueTask Handshake(CancellationToken cancellationToken = default)
{
ProfileMessage myProfileMessage;
ProfileMessage?otherProfileMessage = null;
{
{
var sessionId = new byte[32];
using (var randomNumberGenerator = RandomNumberGenerator.Create())
{
randomNumberGenerator.GetBytes(sessionId);
}
myProfileMessage = new ProfileMessage(
sessionId,
(_passwords.Count == 0) ? AuthenticationType.None : AuthenticationType.Password,
new[] { KeyExchangeAlgorithm.EcDh_P521_Sha2_256 },
new[] { KeyDerivationAlgorithm.Pbkdf2 },
new[] { CryptoAlgorithm.Aes_Gcm_256 },
new[] { HashAlgorithm.Sha2_256 });
}
var enqueueTask = _connection.EnqueueAsync((bufferWriter) => myProfileMessage.Export(bufferWriter, _bytesPool), cancellationToken);
var dequeueTask = _connection.DequeueAsync((sequence) => otherProfileMessage = ProfileMessage.Import(sequence, _bytesPool), cancellationToken);
await ValueTaskHelper.WhenAll(enqueueTask, dequeueTask);
if (otherProfileMessage is null)
{
throw new NullReferenceException();
}
if (myProfileMessage.AuthenticationType != otherProfileMessage.AuthenticationType)
{
throw new OmniSecureConnectionException("AuthenticationType does not match.");
}
}
var keyExchangeAlgorithm = GetOverlapMaxEnum(myProfileMessage.KeyExchangeAlgorithms, otherProfileMessage.KeyExchangeAlgorithms);
var keyDerivationAlgorithm = GetOverlapMaxEnum(myProfileMessage.KeyDerivationAlgorithms, otherProfileMessage.KeyDerivationAlgorithms);
var cryptoAlgorithm = GetOverlapMaxEnum(myProfileMessage.CryptoAlgorithms, otherProfileMessage.CryptoAlgorithms);
var hashAlgorithm = GetOverlapMaxEnum(myProfileMessage.HashAlgorithms, otherProfileMessage.HashAlgorithms);
if (!EnumHelper.IsValid(keyExchangeAlgorithm))
{
throw new OmniSecureConnectionException("key exchange algorithm does not match.");
}
if (!EnumHelper.IsValid(keyDerivationAlgorithm))
{
throw new OmniSecureConnectionException("key derivation algorithm does not match.");
}
if (!EnumHelper.IsValid(cryptoAlgorithm))
{
throw new OmniSecureConnectionException("Crypto algorithm does not match.");
}
if (!EnumHelper.IsValid(hashAlgorithm))
{
throw new OmniSecureConnectionException("Hash algorithm does not match.");
}
ReadOnlyMemory <byte> secret = null;
if (keyExchangeAlgorithm.HasFlag(KeyExchangeAlgorithm.EcDh_P521_Sha2_256))
{
var myAgreement = OmniAgreement.Create(OmniAgreementAlgorithmType.EcDh_P521_Sha2_256);
OmniAgreementPrivateKey myAgreementPrivateKey;
OmniAgreementPublicKey? otherAgreementPublicKey = null;
{
{
myAgreementPrivateKey = myAgreement.GetOmniAgreementPrivateKey();
var enqueueTask = _connection.EnqueueAsync((bufferWriter) => myAgreement.GetOmniAgreementPublicKey().Export(bufferWriter, _bytesPool), cancellationToken);
var dequeueTask = _connection.DequeueAsync((sequence) => otherAgreementPublicKey = OmniAgreementPublicKey.Import(sequence, _bytesPool), cancellationToken);
await ValueTaskHelper.WhenAll(enqueueTask, dequeueTask);
if (otherAgreementPublicKey is null)
{
throw new NullReferenceException();
}
if ((DateTime.UtcNow - otherAgreementPublicKey.CreationTime.ToDateTime()).TotalMinutes > 30)
{
throw new OmniSecureConnectionException("Agreement public key has Expired.");
}
}
if (_passwords.Count > 0)
{
AuthenticationMessage myAuthenticationMessage;
AuthenticationMessage?otherAuthenticationMessage = null;
{
{
var myHashAndPasswordList = this.GetHashes(myProfileMessage, myAgreement.GetOmniAgreementPublicKey(), hashAlgorithm).ToList();
_random.Shuffle(myHashAndPasswordList);
myAuthenticationMessage = new AuthenticationMessage(myHashAndPasswordList.Select(n => n.Item1).ToArray());
}
var enqueueTask = _connection.EnqueueAsync((bufferWriter) => myAuthenticationMessage.Export(bufferWriter, _bytesPool), cancellationToken);
var dequeueTask = _connection.DequeueAsync((sequence) => otherAuthenticationMessage = AuthenticationMessage.Import(sequence, _bytesPool), cancellationToken);
await ValueTaskHelper.WhenAll(enqueueTask, dequeueTask);
if (otherAuthenticationMessage is null)
{
throw new NullReferenceException();
}
var matchedPasswords = new List <string>();
{
var equalityComparer = new CustomEqualityComparer <ReadOnlyMemory <byte> >((x, y) => BytesOperations.Equals(x.Span, y.Span), (x) => Fnv1_32.ComputeHash(x.Span));
var receiveHashes = new HashSet <ReadOnlyMemory <byte> >(otherAuthenticationMessage.Hashes, equalityComparer);
foreach (var(hash, password) in this.GetHashes(otherProfileMessage, otherAgreementPublicKey, hashAlgorithm))
{
if (receiveHashes.Contains(hash))
{
matchedPasswords.Add(password);
}
}
}
if (matchedPasswords.Count == 0)
{
throw new OmniSecureConnectionException("Password does not match.");
}
_matchedPasswords = matchedPasswords.ToArray();
}
}
}
if (hashAlgorithm.HasFlag(HashAlgorithm.Sha2_256))
{
secret = OmniAgreement.GetSecret(otherAgreementPublicKey, myAgreementPrivateKey);
}
}
byte[] myCryptoKey;
byte[] otherCryptoKey;
byte[] myNonce;
byte[] otherNonce;
if (keyDerivationAlgorithm.HasFlag(KeyDerivationAlgorithm.Pbkdf2))
{
byte[] xorSessionId = new byte[Math.Max(myProfileMessage.SessionId.Length, otherProfileMessage.SessionId.Length)];
BytesOperations.Xor(myProfileMessage.SessionId.Span, otherProfileMessage.SessionId.Span, xorSessionId);
int cryptoKeyLength = 0;
int nonceLength = 0;
if (cryptoAlgorithm.HasFlag(CryptoAlgorithm.Aes_Gcm_256))
{
cryptoKeyLength = 32;
nonceLength = 12;
}
myCryptoKey = new byte[cryptoKeyLength];
otherCryptoKey = new byte[cryptoKeyLength];
myNonce = new byte[nonceLength];
otherNonce = new byte[nonceLength];
var kdfResult = new byte[(cryptoKeyLength + nonceLength) * 2];
if (hashAlgorithm.HasFlag(HashAlgorithm.Sha2_256))
{
Pbkdf2_Sha2_256.TryComputeHash(secret.Span, xorSessionId, 1024, kdfResult);
}
using (var stream = new MemoryStream(kdfResult))
{
if (_type == OmniSecureConnectionType.Connected)
{
stream.Read(myCryptoKey, 0, myCryptoKey.Length);
stream.Read(otherCryptoKey, 0, otherCryptoKey.Length);
stream.Read(myNonce, 0, myNonce.Length);
stream.Read(otherNonce, 0, otherNonce.Length);
}
else if (_type == OmniSecureConnectionType.Accepted)
{
stream.Read(otherCryptoKey, 0, otherCryptoKey.Length);
stream.Read(myCryptoKey, 0, myCryptoKey.Length);
stream.Read(otherNonce, 0, otherNonce.Length);
stream.Read(myNonce, 0, myNonce.Length);
}
}
}
else
{
throw new NotSupportedException(nameof(keyDerivationAlgorithm));
}
_state = new State(cryptoAlgorithm, hashAlgorithm, myCryptoKey, otherCryptoKey, myNonce, otherNonce);
}
private IEnumerable <(ReadOnlyMemory <byte>, string)> GetHashesV1(V1.Internal.ProfileMessage profileMessage, OmniAgreementPublicKey agreementPublicKey, V1.Internal.HashAlgorithm hashAlgorithm)
{
var results = new Dictionary <ReadOnlyMemory <byte>, string>();
byte[] verificationMessageHash;
{
var verificationMessage = new V1.Internal.VerificationMessage(profileMessage, agreementPublicKey);
if (hashAlgorithm == V1.Internal.HashAlgorithm.Sha2_256)
{
var hub = new Hub();
verificationMessage.Export(hub.Writer, _bufferPool);
verificationMessageHash = Sha2_256.ComputeHash(hub.Reader.GetSequence());
}
else
{
throw new NotSupportedException(nameof(hashAlgorithm));
}
}
foreach (var password in _passwords)
{
if (hashAlgorithm.HasFlag(V1.Internal.HashAlgorithm.Sha2_256))
{
results.Add(Hmac_Sha2_256.ComputeHash(verificationMessageHash, Sha2_256.ComputeHash(password)), password);
}
}
return(results.Select(item => (item.Key, item.Value)));
}
