private static ErrorCode SetupEncryption(AuthenticationToken token, out string errorMsg, ClientPeer peer, InitRequest initRequest)
{
if (log.IsDebugEnabled)
{
log.DebugFormat("setting up encryption. p:{0}", peer);
}
var encryptionDataDict = token.EncryptionData;
errorMsg = string.Empty;
if (encryptionDataDict == null)
{
if (log.IsWarnEnabled)
{
log.WarnFormat(logSetupCountGuard, "AuthOnInitHandler: expected encryption data not provided. appId:{0}/{1}, p:{2}",
token.ApplicationId, token.ApplicationVersion, peer);
}
errorMsg = string.Format(ErrorMessages.InvalidEncryptionData, "expected encryption data not provided");
return(ErrorCode.InvalidEncryptionParameters);
}
var encryptionData = new EncryptionData(peer.Protocol, encryptionDataDict);
if (!encryptionData.IsValid)
{
if (log.IsWarnEnabled)
{
log.WarnFormat(logSetupCountGuard,
"AuthOnInitHandler: Invalid encryption data. ErrorMsg:{4}. appId:{0}/{1}, data:{2}, p:{3}",
token.ApplicationId, token.ApplicationVersion, JsonConvert.SerializeObject(encryptionDataDict), peer, encryptionData.GetErrorMessage());
}
errorMsg = string.Format(ErrorMessages.InvalidEncryptionData, encryptionData.GetErrorMessage());
return(ErrorCode.InvalidEncryptionParameters);
}
var mode = (EncryptionModes)encryptionData.EncryptionMode;
try
{
switch (mode)
{
case EncryptionModes.PayloadEncryption:
case EncryptionModes.PayloadEncryptionWithIV:
case EncryptionModes.PayloadEncryptionWithIVHMAC:
SetupUserDataEncryptionWithoutDH(encryptionData, peer);
break;
case EncryptionModes.DatagramEncyption:
case EncryptionModes.DatagramEncyptionWithRandomInitialNumbers:
case EncryptionModes.DatagramEncyptionGCMWithRandomInitialNumbers:
if (peer.NetworkProtocol != NetworkProtocolType.Udp)
{
errorMsg = ErrorMessages.EncryptionModeMismatch;
return(ErrorCode.InvalidEncryptionParameters);
}
SetupUdpEncryption(encryptionData, peer, initRequest);
break;
default:
{
if (log.IsWarnEnabled)
{
log.WarnFormat(logSetupCountGuard,
$"AuthOnInitHandler: Unknown encryption mode: '{mode}'. appId:{0}/{1}, data:{2}, p:{3}",
token.ApplicationId, token.ApplicationVersion, JsonConvert.SerializeObject(encryptionDataDict), peer);
}
errorMsg = string.Format(ErrorMessages.InvalidEncryptionData, $"Unknown Encryption mode {mode}");
return(ErrorCode.InvalidEncryptionParameters);
}
}
}
catch (Exception e)
{
errorMsg = e.ToString();
var msg = string.Format("AuthOnInitHandler: Exception during encryption setup. appId:{0}/{1}, Data: {2}, p:{3}",
token.ApplicationId, token.ApplicationVersion, JsonConvert.SerializeObject(encryptionDataDict), peer);
log.Error(logExceptionCountGuard, msg, e);
return(ErrorCode.InvalidEncryptionParameters);
}
return(ErrorCode.Ok);
}