internal byte[] DecryptAndVerify(byte[] encryptedNullable, byte[] hmacNullable, int id, EncryptedFieldIds fieldId)
{
if (encryptedNullable == null || hmacNullable == null)
{
return(null);
}
GetIVandKeys(id, fieldId, out var iv, out var aesKey, out var hmacKey);
var hmac = _cryptoLibrary.GetSha256HMAC(hmacKey, encryptedNullable);
if (!MiscProcedures.EqualByteArrays(hmacNullable, hmac))
{
throw new BadSignatureException();
}
var decrypted = new byte[encryptedNullable.Length];
_cryptoLibrary.ProcessAesCbcBlocks(false, aesKey, iv, encryptedNullable, decrypted);
using var reader = BinaryProcedures.CreateBinaryReader(decrypted, 0);
var dataLength = reader.ReadUInt16();
return(reader.ReadBytes(dataLength));
}
public override bool Equals(object obj)
{
var obj2 = (HMAC)obj;
if (obj2.Flags != this.Flags)
{
return(false);
}
return(MiscProcedures.EqualByteArrays(obj2.hmacSha256, this.hmacSha256));
}
void ProcessClientHello1(ICcpRemoteEndpoint clientEndpoint, BinaryReader reader, byte[] payloadData) // packets processor thread
{
var snonce0 = _snonce0Table.TryGetSnonce0(clientEndpoint);
if (snonce0 == null)
{
HandleBadSnonce0(clientEndpoint);
return;
}
var packet = new ClientHelloPacket1(reader, payloadData);
// check snonce0
if (!MiscProcedures.EqualByteArrays(packet.Snonce0, snonce0.Snonce0))
{
HandleBadSnonce0(clientEndpoint);
return;
}
///check stateful PoW result
var hash = _cryptoLibrary.GetHashSHA256(packet.OriginalPacketPayload);
// calculate hash, considering entire packet data (including stateful PoW result)
// verify hash result
if (!StatefulPowHashIsOK(hash))
{
HandleBadStatefulPowPacket(clientEndpoint);
// no response
return;
}
// questionable: hello1IPlimit table: limit number of requests per 1 minute from every IPv4 block: max 100? requests per 1 minute from 1 block
// ------------ possible attack on hello1IPlimit table???
var response = new ServerHelloPacket1 {
Status = ServerHello1Status.OKready, Cnonce1 = packet.StatefulProofOfWorkResponseData
};
var responseBytes = response.Encode();
_ccpTransport.SendPacket(clientEndpoint, responseBytes);
}
public override bool Equals(object obj)
{
var obj2 = (RegistrationId)obj;
return(MiscProcedures.EqualByteArrays(obj2.Ed25519publicKey, this.Ed25519publicKey));
}
Contact GetUnconfirmedContactByToken(byte[] contactInvitationToken)
{
return(Contacts.Values.FirstOrDefault(x => x.LocallyInitiatedIke1Invitation != null && MiscProcedures.EqualByteArrays(x.LocallyInitiatedIke1Invitation.ContactInvitationToken, contactInvitationToken) == true));
}
public override bool Equals(object obj)
{
var obj2 = (RequestKey)obj;
return(obj2.RequesterEndpoint.Equals(this.RequesterEndpoint) && MiscProcedures.EqualByteArrays(obj2.RequestData, this.RequestData));
}