private void EnrollPhase()
{
clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
string IP = textBox_IP.Text;
textBox_IP.Text = "";
int port;
string EncDecPublic;
string signVerPublic;
ConsoleServer.AppendText("Connecting\n");
using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\server_enc_dec_pub.txt"))
{
EncDecPublic = fileReader.ReadLine();
}
using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\server_signing_verification_pub.txt"))
{
signVerPublic = fileReader.ReadLine();
}
//if(string.IsNullOrWhiteSpace(textBox_IP.Text) && string)
if (Int32.TryParse(textBox_Port.Text, out port))
{
try
{
clientSocket.Connect(IP, port);
}
catch
{
ConsoleServer.AppendText("Connection is not succesfull\nRe-enter Port and IP\n");
}
ConsoleServer.AppendText("Connected to the server\n");
/*
* ENROLLMENT
* sending username and password with sha
*
* */
ConsoleServer.AppendText("Enrolling to the server\n");
byte[] loginReqByte = Encoding.Default.GetBytes("enroll");
byte[] loginReqEncByte = encryptWithRSA(Encoding.Default.GetString(loginReqByte), 3072, EncDecPublic);
sendMessage(Encoding.Default.GetString(loginReqEncByte)); // sends ENROLL request to the server
byte[] passwordHash = hashWithSHA256(textBox_Password.Text); // Girilen PASSWORD
byte[] usernameByte = Encoding.Default.GetBytes(textBox_UserName.Text); // Girilen USERNAME
byte[] concatenatedByte = new byte[16 + textBox_UserName.Text.Length];
Array.Copy(passwordHash, 0, concatenatedByte, 0, 16);
Array.Copy(usernameByte, 0, concatenatedByte, 16, textBox_UserName.Text.Length);
byte[] encryptedRSA = encryptWithRSA(Encoding.Default.GetString(concatenatedByte), 3072, EncDecPublic);
sendMessage(Encoding.Default.GetString(encryptedRSA)); // Girilen PASSWORD ve USERNAME ikilisi birleştirilip yollanır
private void LoginPhase()
{
clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
string IP = textBox_IP.Text;
textBox_IP.Text = "";
int port;
string EncDecPublic;
string signVerPublic;
bool verificationResult = false;
ConsoleServer.AppendText("Connecting to the server");
using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\server_enc_dec_pub.txt"))
{
EncDecPublic = fileReader.ReadLine();
}
using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\server_signing_verification_pub.txt"))
{
signVerPublic = fileReader.ReadLine();
}
//if(string.IsNullOrWhiteSpace(textBox_IP.Text) && string)
if (Int32.TryParse(textBox_Port.Text, out port))
{
try
{
clientSocket.Connect(IP, port);
}
catch
{
ConsoleServer.AppendText("Connection is not succesfull\nRe-enter Port and IP\n");
}
/*
* LOGING
* sending username and password with sha
*
* */
byte[] loginReqEncByte = encryptWithRSA("login", 3072, EncDecPublic);
try
{
sendMessage(Encoding.Default.GetString(loginReqEncByte)); // sends login request to the server
}
catch
{
ConsoleServer.AppendText("A problem occured sending message ERROR0.001\n");
}
//byte[] sha256 = hashWithSHA256(textBox_Password.Text);
/********** AUTHENTICATION REQUEST TO THE SERVER TOGETHER WITH USERNAME **************/
byte[] hashOfUsername = hashWithSHA256(textBox_UserName.Text);
byte[] usernameByte = Encoding.Default.GetBytes(textBox_UserName.Text);
byte[] concatenatedByte = new byte[32 + usernameByte.Length];
Array.Copy(hashOfUsername, 0, concatenatedByte, 0, 32);
Array.Copy(usernameByte, 0, concatenatedByte, 32, usernameByte.Length);
byte[] authenticationRequest = encryptWithRSA(Encoding.Default.GetString(concatenatedByte), 3072, EncDecPublic);
try
{
sendMessage(Encoding.Default.GetString(authenticationRequest)); //sends Challange Response protochols result SEEEND
}
catch
{
ConsoleServer.AppendText("A problem occured sending message ERROR0.002\n");
}
/*******************************************************************************/
//Server sends the 128bit random number
string serversMessage = "";
try
{
serversMessage = receiveMessage();
}
catch
{
ConsoleServer.AppendText("A problem occured while Receiving message ERROR0.003\n");
}
byte[] receivedBytes = Encoding.Default.GetBytes(serversMessage);
byte[] hashOfRandomNum = new byte[32];
byte[] random128BitNum = new byte[16];
Array.Copy(receivedBytes, 0, hashOfRandomNum, 0, 32);
Array.Copy(receivedBytes, 32, random128BitNum, 0, 16);
if (Encoding.Default.GetString(hashWithSHA256(Encoding.Default.GetString(random128BitNum))) == Encoding.Default.GetString(hashOfRandomNum)) // Yollanan random number kazasız belasız ulaşmış mı ?
{
byte[] hashOfPassword = hashWithSHA256(textBox_Password.Text);
byte[] upperhalfOfPassword = new byte[16];
Array.Copy(hashOfPassword, 0, upperhalfOfPassword, 0, 16);
byte[] hmacsha256 = applyHMACwithSHA256(Encoding.Default.GetString(random128BitNum), upperhalfOfPassword);
try
{
sendMessage(Encoding.Default.GetString(hmacsha256));
}
catch
{
ConsoleServer.AppendText("A problem occured while Sending message ERROR0.004\n");
}
// SIGNED ACKNOWLEDGEMENT RECEIVED FROM SERVER AFTER HMAC AUTHENTICATION
try
{
serversMessage = receiveMessage();
}
catch
{
ConsoleServer.AppendText("A problem occured while receiving message ERROR0.005\n");
}
receivedBytes = Encoding.Default.GetBytes(serversMessage);
byte[] signOfAcknowledgement = new byte[384];
byte[] acknowledgementMessage = new byte[receivedBytes.Length - 384];
Array.Copy(receivedBytes, 0, signOfAcknowledgement, 0, 384);
Array.Copy(receivedBytes, 384, acknowledgementMessage, 0, receivedBytes.Length - 384);
//TRY TO VERIFY SIGNED MESSAGE WHETHER THE SERVER IS VALID
verificationResult = verifyWithRSA(Encoding.Default.GetString(acknowledgementMessage), 3072, signVerPublic, signOfAcknowledgement);
if (verificationResult == true)
{
ConsoleServer.AppendText("Login Acknowledgement Comes From VALID Server\n");
if (Encoding.Default.GetString(acknowledgementMessage) == "Succesfully Verified")
{
//***************** ARTIK GİRİS YAPABİLİRSİN DOSTUM ******************//
ConsoleServer.AppendText("You are SUCCESFULLY Connectected to the Server\n");
ConsoleServer.AppendText("You are now Logged in\n");
button_connect.Enabled = false;
button_Enroll.Enabled = false;
connected = true;
//GET SESSION KEYS FROM SERVER PHASE
serversMessage = receiveMessage();
receivedBytes = Encoding.Default.GetBytes(serversMessage);
byte[] sessionKeyMesSign = new byte[384];
byte[] sessionKeyMes = new byte[receivedBytes.Length - 384];
Array.Copy(receivedBytes, 0, sessionKeyMes, 0, receivedBytes.Length - 384);
Array.Copy(receivedBytes, 384, sessionKeyMesSign, receivedBytes.Length - 384, 384);
verificationResult = verifyWithRSA(serversMessage, 3072, signVerPublic, sessionKeyMesSign);
if (verificationResult == true)
{
byte[] SessionkeysEncrypted = new byte[32];
Array.Copy(SessionkeysEncrypted, 0, sessionKeyMes, 0, 32); // Seperate session key from "OK"
byte[] Sessionkeys = decryptWithAES128(Encoding.Default.GetString(SessionkeysEncrypted), upperhalfOfPassword, random128BitNum); // Decrypte session key using AES128
byte[] SymEncDec128BitNum = new byte[16]; // First 128Bit is AES keys
byte[] SessionKey128BitNum = new byte[16]; // Second 128Bit is Authentcation Key for Session
Array.Copy(Sessionkeys, 0, SymEncDec128BitNum, 0, 16);
Array.Copy(Sessionkeys, 16, SessionKey128BitNum, 0, 16);
Thread thread = new Thread(() => ReceiveFunc(SymEncDec128BitNum, SessionKey128BitNum)); // Serverın yollayacakları için ReceiveFunc Thread i başlatılıyor
thread.Start();
}
}
else if (Encoding.Default.GetString(acknowledgementMessage) == "Succesfully Verified But You are Allready In Server")
{
//************ VERIFY EDİLEN KULLANICI ZATEN SERVER DA DOSTUM ********//
ConsoleServer.AppendText("You are SUCCESFULLY Verified by the Server but BRO You are Allready In the Server \n Please Try again\n");
}
else if (Encoding.Default.GetString(acknowledgementMessage) == "You CAN'T Verified")
{
ConsoleServer.AppendText("You CAN'T Login The System \n Please Try again\n");
}
}
else
{
ConsoleServer.AppendText("Login Acknowledgement Comes From INVALID Server\n");
}
}
}
else
{
textBox_Port.Text = "";
ConsoleServer.AppendText("Check the port\n");
}
}
