private static TServerDHInnerData DeserializeResponse(TServerDHParamsOk serverDhParams, AesKeyData aesKeyData)
{
var answerWithHash = AES.DecryptAes(aesKeyData, serverDhParams.EncryptedAnswerAsBinary);
var answerWithHashBuffer = PooledByteBufferAllocator.Default.Buffer();
try
{
answerWithHashBuffer.WriteBytes(answerWithHash);
// var serverHashsum = answerWithHashBuffer.ToArray(20);
answerWithHashBuffer.SkipBytes(20);
var serverDhInnerData = (TServerDHInnerData)Serializer.Deserialize(answerWithHashBuffer);
// var clearAnswer = Serializer.Serialize(serverDhInnerData);
// var hashsum = SHA1Helper.ComputeHashsum(clearAnswer);
// Guard.That(serverHashsum).IsItemsEquals(hashsum);
return(serverDhInnerData);
}
finally
{
answerWithHashBuffer.SafeRelease();
}
}
public void ValidateTest()
{
var paramsOk = new TServerDHParamsOk
{
EncryptedAnswerAsBinary = _encryptedData,
Nonce = _nonce,
ServerNonce = _serverNonce
};
var packageBuffer = Serializer.Serialize(paramsOk);
var packageData = packageBuffer.ToArray();
var completeDhExchange = new Step3CompleteDhExchange();
var oldResponse = completeDhExchange.ToBytes(_nonce, _serverNonce, _newNonce, _encryptedData);
var response = Step3ClientHelper.GetRequest(paramsOk, _newNonce, out var clientAgree, out var serviceTime);
}
public static RequestSetClientDHParams GetRequest(TServerDHParamsOk serverDhParams, byte[] newNonce, out byte[] clientAgree, out int serverTime)
{
AesHelper.ComputeAesParameters(newNonce, serverDhParams.ServerNonce, out var aesKeyData);
var dhInnerData = DeserializeResponse(serverDhParams, aesKeyData);
serverTime = dhInnerData.ServerTime;
var p = new BigInteger(1, dhInnerData.DhPrimeAsBinary);
var g = BigInteger.ValueOf(dhInnerData.G);
var dhParameters = new DHParameters(p, g);
KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), dhParameters);
var keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
keyGen.Init(kgp);
var clientKeyPair = keyGen.GenerateKeyPair();
var publicKey = ((DHPublicKeyParameters)clientKeyPair.Public);
var y = new BigInteger(1, dhInnerData.GAAsBinary);
Guard.That(y).IsValidDhPublicKey(dhParameters.P);
var serverPublicKey = new DHPublicKeyParameters(y, dhParameters);
var clientKeyAgree = AgreementUtilities.GetBasicAgreement("DH");
clientKeyAgree.Init(clientKeyPair.Private);
clientAgree = clientKeyAgree.CalculateAgreement(serverPublicKey).ToByteArrayUnsigned();
var clientDhInnerData = new TClientDHInnerData
{
RetryId = 0,
Nonce = serverDhParams.Nonce,
ServerNonce = serverDhParams.ServerNonce,
GBAsBinary = publicKey.Y.ToByteArray()
};
return(SerializeRequest(clientDhInnerData, aesKeyData));
}