public override MazeErrorCode onReceiveData(byte[] Data, ref byte[] ResponseData)
{
ResponseData = new byte[0];
switch (base.Step)
{
case 1:
{
if (Data.Length != 32)
{
SysLogger.Log("[MazeHandShake][Server] Receive Length missmatch", SysLogType.Debug);
return MazeErrorCode.Error;
}
wopEx = base.GetWopEncryption();
wopEx.Decrypt(Data, 0, Data.Length);
BigInteger server_prime = new BigInteger(Data);
if (server_prime.isProbablePrime())
{
//verify the prime from the server
BigInteger server_Prime_test = BigInteger.genPseudoPrime(256, 50, new Random(BitConverter.ToInt32(wopEx.Key, 0)));
if (server_prime != server_Prime_test)
{
//Attacker detected ?
SysLogger.Log("[MazeHandShake][Server] Man-In-The-Middle detected", SysLogType.Debug);
return MazeErrorCode.Error;
}
//successful
//generate another prime and send it back
BigInteger client_Prime = BigInteger.genPseudoPrime(256, 50, new Random(server_prime.IntValue()));
byte[] primeData = client_Prime.getBytes();
wopEx.Encrypt(primeData, 0, primeData.Length);
ResponseData = primeData;
BigInteger key = base.ModKey(server_prime, client_Prime);
//apply key to encryption
ApplyKey(wopEx, key);
base.FinalKey = wopEx.Key;
base.FinalSalt = wopEx.Salt;
Step++;
return MazeErrorCode.Finished;
}
else
{
//connection failed, using old keys ?
SysLogger.Log("[MazeHandShake][Server] Invalid received data", SysLogType.Debug);
return MazeErrorCode.Error;
}
}
}
return MazeErrorCode.Success;
}
/// <summary>
/// Agressively scan the algorithm for weakness
/// </summary>
/// <param name="EncryptCode"></param>
/// <param name="DecryptCode"></param>
/// <returns></returns>
private static bool IsAlgorithmWeak(byte[] EncryptCode, byte[] DecryptCode, int Seed)
{
FastRandom rnd = new FastRandom(Seed);
byte[] RandData = new byte[513];
rnd.NextBytes(RandData);
byte[] Key = new byte[] { 1, 1, 1, 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, 3, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 5, 5, 5, 5, 5 };
byte[] Salt = new byte[] { 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1 };
byte[] IV = new byte[] { 100, 132, 194, 103, 165, 222, 64, 110, 144, 217, 202, 129, 54, 97, 230, 25, 34, 58, 100, 79, 80, 124, 14, 61, 191, 5, 174, 94, 194, 10, 222, 215 };
WopEx wop = new WopEx(Key, Salt, IV, EncryptCode, DecryptCode, WopEncMode.Simple, 1, true);
//test it 50 times if it's safe to use
for (int x = 0; x < 50; x++)
{
byte[] crypted = new byte[RandData.Length];
Array.Copy(RandData, crypted, RandData.Length);
wop.Encrypt(crypted, 0, crypted.Length);
double Equals = 0;
for (int i = 0; i < crypted.Length; i++)
{
if (RandData[i] == crypted[i])
{
Equals++;
}
}
wop.Decrypt(crypted, 0, crypted.Length);
//check if decryption went successful
if (RandData.Length != crypted.Length)
{
return(true);
}
for (int i = 0; i < RandData.Length; i++)
{
if (RandData[i] != crypted[i])
{
//the decryption-routine failed
return(true);
}
}
double Pertentage = (Equals / (double)RandData.Length) * 100D;
bool isWeak = Pertentage > 5; //if >5 % is the same as original it's a weak algorithm
if (isWeak)
{
return(true);
}
}
return(false);
}
public void Test_WopEx_GenerateNewAlgorithm()
{
byte[] Key = new byte[] { 1, 1, 1, 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, 3, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 5, 5, 5, 5, 5 };
byte[] Salt = new byte[] { 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1 };
byte[] encCode = new byte[0];
byte[] decCode = new byte[0];
WopEx.GenerateCryptoCode(123456, 15, ref encCode, ref decCode);
WopEx wopEx = new WopEx(TestKey, TestSalt, TestIV, encCode, decCode, SecureSocketProtocol3.WopEncMode.GenerateNewAlgorithm, 1, false);
Random rnd = new Random(12345678);
for (int j = 1; j < 1024; j++) //test 1024 bytes
{
for (int k = 0; k < 100; k++) //test the encryption / decryption 100x
{
//test the byte a 100x
byte[] TestData = new byte[j];
byte[] TestOrgData = new byte[j];
rnd.NextBytes(TestData);
Array.Copy(TestData, TestOrgData, TestOrgData.Length);
wopEx.Encrypt(TestData, 0, TestData.Length);
wopEx.Decrypt(TestData, 0, TestData.Length);
if(TestOrgData.Length != TestData.Length)
throw new Exception("Size did not match after decryption");
for (int x = 0; x < TestData.Length; x++)
{
if(TestData[x] != TestOrgData[x])
throw new Exception("Decryption failed, j=" + j + ", k=" + k);
}
}
}
}
public override MazeErrorCode onReceiveData(byte[] Data, ref byte[] ResponseData)
{
ResponseData = new byte[0];
if (LastErrorCode != MazeErrorCode.Success)
{
//don't continue if the client/server messed something up
return LastErrorCode;
}
switch (base.Step)
{
case 1:
{
//step 2
if (Data.Length != Mazing.ByteCode.Length)
{
SysLogger.Log("[MazeHandShake][Server] ByteCode Length Missmatch", SysLogType.Debug);
return MazeErrorCode.WrongByteCode;
}
for (int i = 0; i < Mazing.ByteCode.Length; i++)
{
if (Mazing.ByteCode[i] != Data[i])
{
SysLogger.Log("[MazeHandShake][Server] WrongByteCode from client", SysLogType.Debug);
return MazeErrorCode.WrongByteCode;
}
}
Step++;
break;
}
case 2:
{
if (onFindKeyInDatabase == null) //programmer error
{
SysLogger.Log("[MazeHandShake][Server] onFindKeyInDatabase is null", SysLogType.Debug);
ResponseData = GetFailResponseData(); //not encrypted, client knows this will fail
return MazeErrorCode.Error;
}
string EncHashedMsg = BitConverter.ToString(SHA512Managed.Create().ComputeHash(Data, 0, Data.Length)).Replace("-", "");
byte[] _key = new byte[0];
byte[] _salt = new byte[0];
byte[] _publicKey = new byte[0];
string _userName = "";
if (onFindKeyInDatabase(EncHashedMsg, ref _key, ref _salt, ref _publicKey, ref _userName))
{
this.PublicKeyData = TrimArray(_publicKey, Mazing.MAX_KEY_SIZE);
this.wopEx = base.GetWopEncryption(_key, _salt);
base.FinalKey = _key;
base.FinalSalt = _salt;
//let's try to decrypt the data, should go successful
wopEx.Decrypt(Data, 0, Data.Length);
if (Data.Length != _publicKey.Length)
{
SysLogger.Log("[MazeHandShake][Server] Public key length missmatch", SysLogType.Debug);
//key size not the same... strange
ResponseData = GetFailResponseData();
return MazeErrorCode.Error;
}
for (int i = 0; i < _publicKey.Length; i++)
{
if (Data[i] != _publicKey[i])
{
SysLogger.Log("[MazeHandShake][Server] Public key missmatch", SysLogType.Debug);
//public key did not match... strange
ResponseData = GetFailResponseData();
return MazeErrorCode.Error;
}
}
//encryption / public key went successful for now
this.server_Prime = BigInteger.genPseudoPrime(256, 50, new Random(BitConverter.ToInt32(_key, 0)));
byte[] primeData = server_Prime.getBytes();
wopEx.Encrypt(primeData, 0, primeData.Length);
ResponseData = primeData;
this.Username = _userName;
Step++;
}
else
{
SysLogger.Log("[MazeHandShake][Server] No user key found in database", SysLogType.Debug);
ResponseData = GetFailResponseData();
return MazeErrorCode.UserKeyNotFound;
}
break;
}
case 3:
{
//response back from client with his prime number
wopEx.Decrypt(Data, 0, Data.Length);
this.client_Prime = new BigInteger(Data);
if (this.client_Prime.isProbablePrime())
{
//verify the prime from the client
BigInteger client_Prime_test = BigInteger.genPseudoPrime(256, 50, new Random(this.server_Prime.IntValue()));
if (this.client_Prime != client_Prime_test)
{
//Attacker detected ?
SysLogger.Log("[MazeHandShake][Server] Man-In-The-Middle detected", SysLogType.Debug);
return MazeErrorCode.Error;
}
BigInteger key = base.ModKey(server_Prime, client_Prime);
//apply key to encryption
ApplyKey(wopEx, key);
return MazeErrorCode.Finished;
}
else
{
SysLogger.Log("[MazeHandShake][Server] Invalid response", SysLogType.Debug);
return MazeErrorCode.Error;
}
}
}
return MazeErrorCode.Success;
}
public void Test_WopEx_Simple()
{
byte[] encCode = new byte[0];
byte[] decCode = new byte[0];
WopEx.GenerateCryptoCode(123456, 15, ref encCode, ref decCode);
WopEx wopEx = new WopEx(TestKey, TestSalt, TestIV, encCode, decCode, SecureSocketProtocol3.WopEncMode.Simple, 1, false);
Random rnd = new Random(DateTime.Now.Millisecond);
for (int j = 1; j < 1024; j++) //test 1024 bytes
{
for(int k = 0; k < 100; k++) //test the encryption / decryption 100x
{
//test the byte a 100x
byte[] TestData = new byte[j];
byte[] TestOrgData = new byte[j];
rnd.NextBytes(TestData);
Array.Copy(TestData, TestOrgData, TestOrgData.Length);
wopEx.Encrypt(TestOrgData, 0, TestData.Length);
wopEx.Decrypt(TestOrgData, 0, TestData.Length);
Assert.IsTrue(TestOrgData.Length == TestData.Length, "Size did not match after decryption");
for (int x = 0; x < TestData.Length; x++)
{
Assert.IsTrue(TestData[x] == TestOrgData[x], "Decryption failed");
}
}
}
}
/// <summary>
/// Agressively scan the algorithm for weakness
/// </summary>
/// <param name="EncryptCode"></param>
/// <param name="DecryptCode"></param>
/// <returns></returns>
private static bool IsAlgorithmWeak(byte[] EncryptCode, byte[] DecryptCode, int Seed)
{
FastRandom rnd = new FastRandom(Seed);
byte[] RandData = new byte[513];
rnd.NextBytes(RandData);
byte[] Key = new byte[] { 1, 1, 1, 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, 3, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 5, 5, 5, 5, 5 };
byte[] Salt = new byte[] { 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1 };
byte[] IV = new byte[] { 100, 132, 194, 103, 165, 222, 64, 110, 144, 217, 202, 129, 54, 97, 230, 25, 34, 58, 100, 79, 80, 124, 14, 61, 191, 5, 174, 94, 194, 10, 222, 215 };
WopEx wop = new WopEx(Key, Salt, IV, EncryptCode, DecryptCode, WopEncMode.Simple, 1, true);
//test it 50 times if it's safe to use
for (int x = 0; x < 50; x++)
{
byte[] crypted = new byte[RandData.Length];
Array.Copy(RandData, crypted, RandData.Length);
wop.Encrypt(crypted, 0, crypted.Length);
double Equals = 0;
for (int i = 0; i < crypted.Length; i++)
{
if (RandData[i] == crypted[i])
{
Equals++;
}
}
wop.Decrypt(crypted, 0, crypted.Length);
//check if decryption went successful
if (RandData.Length != crypted.Length)
return true;
for (int i = 0; i < RandData.Length; i++)
{
if (RandData[i] != crypted[i])
{
//the decryption-routine failed
return true;
}
}
double Pertentage = (Equals / (double)RandData.Length) * 100D;
bool isWeak = Pertentage > 5; //if >5 % is the same as original it's a weak algorithm
if (isWeak)
return true;
}
return false;
}
