Пример #1
0
        /// <summary>
        /// Decrypts a packet
        /// </summary>
        public static byte[] DecryptPacket(Packet p)
        {
            int packetID = p.ID;

            byte[] encryptedPayload = p.Payload;
            byte[] decryptedPayload;

            if (packetID == 10100 || packetID == 20100)
            {
                // Both Session (10100) and SessionOk (20100) packets are not encrypted
                // Thus.. just return the encrypted payload
                return(encryptedPayload);
            }
            else if (packetID == 10101)
            {
                // The decrypted Login (10101) requires a nonce being calculated by the PK & the modded PK
                _10101_PublicKey = encryptedPayload.Take(32).ToArray();
                Blake2b.Init();
                Blake2b.Update(_10101_PublicKey);
                Blake2b.Update(Keys.ModdedPublicKey);
                var tmpNonce = Blake2b.Finish();

                // Decrypt the payload the custom NaCl
                decryptedPayload  = CustomNaCl.OpenPublicBox(encryptedPayload.Skip(32).ToArray(), tmpNonce, Keys.GeneratedPrivateKey, _10101_PublicKey);
                _10101_SessionKey = decryptedPayload.Take(24).ToArray();
                _10101_Nonce      = decryptedPayload.Skip(24).Take(24).ToArray();
                decryptedPayload  = decryptedPayload.Skip(48).ToArray();
            }
            else if (packetID == 20103 || packetID == 20104)
            {
                // The decrypted LoginFailed / LoginOk (20103/20104) requires a nonce being calculated by the nonce from 10101, the custom PK & the original PK
                Blake2b.Init();
                Blake2b.Update(_10101_Nonce);
                Blake2b.Update(CustomKeyPair.PublicKey);
                Blake2b.Update(Keys.OriginalPublicKey);
                var tmpNonce = Blake2b.Finish();

                // Decrypt the payload with the custom NaCl
                decryptedPayload       = CustomNaCl.OpenPublicBox(encryptedPayload, tmpNonce, CustomKeyPair.SecretKey, Keys.OriginalPublicKey);
                _20103_20104_Nonce     = decryptedPayload.Take(24).ToArray();
                _20103_20104_SharedKey = decryptedPayload.Skip(24).Take(32).ToArray();
                decryptedPayload       = decryptedPayload.Skip(56).ToArray();
            }
            else
            {
                if (p.Destination == DataDestination.DATA_FROM_CLIENT)
                {
                    _10101_Nonce.Increment();
                    decryptedPayload = CustomNaCl.OpenSecretBox(new byte[16].Concat(encryptedPayload).ToArray(), _10101_Nonce, _20103_20104_SharedKey);
                }
                else
                {
                    _20103_20104_Nonce.Increment();
                    decryptedPayload = CustomNaCl.OpenSecretBox(new byte[16].Concat(encryptedPayload).ToArray(), _20103_20104_Nonce, _20103_20104_SharedKey);
                }
            }
            return(decryptedPayload);
        }
Пример #2
0
        /// <summary>
        /// Encrypts a client/server packet
        /// </summary>
        /// <param name="p">Packet to encrypt</param>
        /// <returns>Encrypted payload</returns>
        public static byte[] EncryptPacket(Packet p)
        {
            int packetID = p.ID;

            byte[] decryptedPayload = p.DecryptedPayload;
            byte[] encryptedPayload;

            if (packetID == 10100 || packetID == 20100)
            {
                // Both Session (10100) and SessionOk (20100) packets are not encrypted
                // Thus.. just return the decrypted payload
                return(decryptedPayload);
            }
            else if (packetID == 10101)
            {
                // The encrypted Login (10101) requires a nonce being calculated by the custom PK & the original PK
                Blake2b.Init();
                Blake2b.Update(CustomKeyPair.PublicKey);
                Blake2b.Update(Keys.OriginalPublicKey);
                var tmpNonce = Blake2b.Finish();

                // The decrypted payload has to be prefixed with the nonce from plain 10101
                decryptedPayload = _10101_SessionKey.Concat(_10101_Nonce).Concat(decryptedPayload).ToArray();
                // Encrypt the payload with the custom NaCl
                encryptedPayload = CustomNaCl.CreatePublicBox(decryptedPayload, tmpNonce, CustomKeyPair.SecretKey, Keys.OriginalPublicKey);
                // The encrypted payload has to be prefixed with the custom PK
                encryptedPayload = CustomKeyPair.PublicKey.Concat(encryptedPayload).ToArray();
            }
            else if (packetID == 20103 || packetID == 20104)
            {
                // The encrypted LoginFailed / LoginOk (20103/20104) requires a nonce being calculated by the nonce from 10101, the PK from 10101 and the client PK
                Blake2b.Init();
                Blake2b.Update(_10101_Nonce);
                Blake2b.Update(_10101_PublicKey);
                Blake2b.Update(Keys.ModdedPublicKey);
                var tmpNonce = Blake2b.Finish();

                // The decrypted payload has to be prefixed with the nonce from 20103/20104 and the sharedkey from 20103/20104
                decryptedPayload = _20103_20104_Nonce.Concat(_20103_20104_SharedKey).Concat(decryptedPayload).ToArray();
                // Encrypt the payload with the custom NaCl
                encryptedPayload = CustomNaCl.CreatePublicBox(decryptedPayload, tmpNonce, Keys.GeneratedPrivateKey, _10101_PublicKey);
            }
            else
            {
                // We're dealing with another packet. Depends whether it's a client packet or not.
                if (p.Destination == DataDestination.DATA_FROM_CLIENT)
                {
                    encryptedPayload = CustomNaCl.CreateSecretBox(decryptedPayload, _10101_Nonce, _20103_20104_SharedKey).Skip(16).ToArray();
                }
                else
                {
                    encryptedPayload = CustomNaCl.CreateSecretBox(decryptedPayload, _20103_20104_Nonce, _20103_20104_SharedKey).Skip(16).ToArray();
                }
            }
            return(encryptedPayload);
        }