public Form1() { Control.CheckForIllegalCrossThreadCalls = false; this.FormClosing += new FormClosingEventHandler(Form1_FormClosing); InitializeComponent(); ServerConsol.AppendText("Please enter the password to start server"); }
private void ReceiveFunc(Client c, byte[] aesEncDecKey, byte[] authentKey) // SESSION KEY PARAMETRE OLARAK ALINMALI ?? { Socket s = c.Socket; bool myThreadTerminating = false; while (!myThreadTerminating) { try { string myMessage = receiveMessage(s); // After Received message from Client, Server decrypte it then try to verify it with HMAC byte[] byteIV = new byte[16]; using (var rng = new RNGCryptoServiceProvider()) // Generate 128Bit random number for IV { rng.GetBytes(byteIV); } byte[] decryptedAES128 = decryptWithAES128(myMessage, aesEncDecKey, byteIV); // Broadcast Message to the other clients, foreach (Client client in socketList) { if (client != c) // Mesaj kriptik bir şekilde gitmeli { sendMessage(myMessage, client.Socket); } } } catch { ServerConsol.AppendText("A problem occured while receiving message\n"); myThreadTerminating = true; } } }
private void Accept() { while (listening) { try { Client newClient = new Client { Socket = serverSocket.Accept() }; string loginOrEnroll = ""; try { loginOrEnroll = receiveMessage(newClient.Socket); // client enroll mu olmak istiyor login } catch { ServerConsol.AppendText("an error occured while receiving message ERROR_1_\n"); } byte[] loginOrEnrollBytes = decryptWithRSA(loginOrEnroll, 3072, RSAkeyPair); loginOrEnroll = Encoding.Default.GetString(loginOrEnrollBytes); string databasePath = @"C:\database.txt"; if (loginOrEnroll == "enroll") // if the request is enroll { Enroll(newClient, databasePath); } else if (loginOrEnroll == "login") // if the request is login request { Login(newClient, databasePath); } } catch { if (terminating) { listening = false; } else { ServerConsol.AppendText("The socket stopped working \n"); } } } }
private void button_startServer_Click(object sender, EventArgs e) { string EncDecPubText, SignKeyText; //byte[] deneme = hashWithSHA256("123"); //byte[] parolayarım = new byte[16]; //Array.Copy(deneme, 0, parolayarım, 0, 16); //string parolayarıHex = generateHexStringFromByteArray(parolayarım); string password = "******"; byte[] sha256 = hashWithSHA256(password); string key128 = "0123456789ABCDEF"; byte[] byteKey128 = Encoding.Default.GetBytes(key128); Array.Copy(sha256, 16, byteKey128, 0, 16); // Determine the Key from least significant bit of hashed password string IV = "0123456789ABCDEF"; byte[] byteIV = Encoding.Default.GetBytes(IV); Array.Copy(sha256, 0, byteIV, 0, 16); // Determine the IV from most significant bit of hashed password using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\encrypted_server_enc_dec_pub_prv.txt")) { EncDecPubText = Encoding.Default.GetString(hexStringToByteArray(fileReader.ReadLine())); // Do decryption operation here into decryptedByteArray byte[] decryptedAES128 = decryptWithAES128(EncDecPubText, byteKey128, byteIV); RSAkeyPair = Encoding.Default.GetString(decryptedAES128); } using (System.IO.StreamReader fileReader = new System.IO.StreamReader(@"C:\encrypted_server_signing_verification_pub_prv.txt")) { SignKeyText = Encoding.Default.GetString(hexStringToByteArray(fileReader.ReadLine())); // Do decryption operation here into decryptedByteArray byte[] decryptedAES128 = decryptWithAES128(SignKeyText, byteKey128, byteIV); SignKeyPair = Encoding.Default.GetString(decryptedAES128); } int serverPort; Thread acceptThread; if (Int32.TryParse(textBox_Port.Text, out serverPort)) { serverSocket.Bind(new IPEndPoint(IPAddress.Any, serverPort)); serverSocket.Listen(3); listening = true; button_startServer.Enabled = false; acceptThread = new Thread(new ThreadStart(Accept)); acceptThread.Start(); ServerConsol.AppendText("\nStarted listening on port: " + serverPort + "\n"); } else { ServerConsol.AppendText("Please check port number \n"); } }
private void Login(Client newClient, string databasePath) { ServerConsol.AppendText("A client tries to login to the server\n"); string authenticationRequest = ""; try { authenticationRequest = receiveMessage(newClient.Socket); //Authentication request message RECEIVE } catch { ServerConsol.AppendText("A problem occured while receiving message ERROR_2_\n"); } byte[] authenticationRequestByte = decryptWithRSA(authenticationRequest, 3072, RSAkeyPair); // Decyrpte username and it's hash value byte[] hashOfUsernameByte = new Byte[32]; Array.Copy(authenticationRequestByte, 0, hashOfUsernameByte, 0, 32); // Get first 16 byte to find the hash of the username byte[] usernameByte = new Byte[authenticationRequestByte.Length - 32]; Array.Copy(authenticationRequestByte, 32, usernameByte, 0, ((authenticationRequestByte.Length - 32))); // Parse the rest of it, to find username string username = Encoding.Default.GetString(usernameByte); // convert byte to string for username bool usernameFound = false; byte[] usernameHashdeneme = hashWithSHA256(username); if (Encoding.Default.GetString(usernameHashdeneme) == Encoding.Default.GetString(hashOfUsernameByte)) // eğer yollanan kullanıcı adıyla hash value su birbirlerini tutuyorsa { // Generate 128Bit random number byte[] random128BitNumber = new byte[16]; using (var rng = new RNGCryptoServiceProvider()) { rng.GetBytes(random128BitNumber); } ////////////////// byte[] hashOfRandumNum = hashWithSHA256(Encoding.Default.GetString(random128BitNumber)); byte[] concatenatedByte = new byte[48]; Array.Copy(hashOfRandumNum, 0, concatenatedByte, 0, 32); Array.Copy(random128BitNumber, 0, concatenatedByte, 32, 16); try { sendMessage(concatenatedByte, newClient.Socket); // send random number to the client SEND RANDOM NUMBER SEEEEND } catch { ServerConsol.AppendText("A problem occured while sending message ERROR_3_\n"); } string HMACclient = receiveMessage(newClient.Socket); // receive HMAC value from client //RECEIIIVEEEE if (System.IO.File.Exists(databasePath)) // If txt file exists { using (System.IO.StreamReader sr = System.IO.File.OpenText(databasePath)) // read file { string line = ""; while ((line = sr.ReadLine()) != null) { if (line == username) // if username is found in database ***TRY TO VERIFY HMAC*** { usernameFound = true; string pass = sr.ReadLine(); byte[] HMACserver = applyHMACwithSHA256(Encoding.Default.GetString(random128BitNumber), Encoding.Default.GetBytes(pass)); // IF SERVER CAN VERIFY THE HMAC OF THE CLIENT if (Encoding.Default.GetString(HMACserver) == HMACclient) { bool allreadyInServer = false; foreach (Client client in socketList) { if (client.Name == username) // Verify edildikten sonra Client aynı username ile halihazırda Server a bağlı mı ?? { allreadyInServer = true; //send signed succesfully verified message to the client byte[] passwordSuccessSignedByte = signWithRSA("Succesfully Verified But You are Allready In Server", 3072, SignKeyPair); // sign message byte[] message = Encoding.Default.GetBytes("Succesfully Verified But You are Allready In Server"); byte[] HMACacknowledgementByte = new byte[384 + message.Length]; Array.Copy(passwordSuccessSignedByte, 0, HMACacknowledgementByte, 0, 384); Array.Copy(message, 0, HMACacknowledgementByte, 384, message.Length); sendMessage(HMACacknowledgementByte, newClient.Socket); // send message ServerConsol.AppendText("Username found But User is Allready In Server\n"); newClient.Socket.Close(); break; // Verify edildi ama serverda sın zaten } } if (allreadyInServer == false) { //send signed succesfully verified message to the client byte[] passwordSuccessSignedByte = signWithRSA("Succesfully Verified", 3072, SignKeyPair); // sign message byte[] message = Encoding.Default.GetBytes("Succesfully Verified"); byte[] HMACacknowledgementByte = new byte[384 + message.Length]; Array.Copy(passwordSuccessSignedByte, 0, HMACacknowledgementByte, 0, 384); Array.Copy(message, 0, HMACacknowledgementByte, 384, message.Length); sendMessage(HMACacknowledgementByte, newClient.Socket); // send message ServerConsol.AppendText("Username found\n"); //*******************************************/* //BURADA CLIENT Secure Bir Şekilde SERVERA BAGLANICAK //**********************************************/ // SESSION KEY GENERATION //***************************************** // Generate 128Bit random number byte[] SymEncDec128BitNum = new byte[16]; using (var rng = new RNGCryptoServiceProvider()) { rng.GetBytes(SymEncDec128BitNum); } byte[] SessionKey128BitNum = new byte[16]; using (var rng = new RNGCryptoServiceProvider()) { rng.GetBytes(SessionKey128BitNum); } byte[] sessionKeyMesByte = new byte[32]; Array.Copy(SymEncDec128BitNum, 0, sessionKeyMesByte, 0, 16); Array.Copy(SessionKey128BitNum, 0, sessionKeyMesByte, 16, 16); byte[] sessionKeyDecryptedAES128 = decryptWithAES128(Encoding.Default.GetString(sessionKeyMesByte), Encoding.Default.GetBytes(pass), random128BitNumber); byte[] OK = Encoding.Default.GetBytes("OK"); sessionKeyMesByte = new byte[32 + OK.Length]; Array.Copy(sessionKeyDecryptedAES128, 0, sessionKeyMesByte, 0, 32); Array.Copy(OK, 0, sessionKeyMesByte, 32, OK.Length); //************************** SIGN THE SESSION KEY MESSAGE ****************************** byte[] sessionKeyMesSignedByte = signWithRSA(Encoding.Default.GetString(sessionKeyMesByte), 3072, SignKeyPair); // sign message byte[] tempMessage = new byte[3072 + sessionKeyMesByte.Length]; Array.Copy(sessionKeyMesByte, 0, tempMessage, 0, sessionKeyMesByte.Length); Array.Copy(sessionKeyMesSignedByte, 0, tempMessage, sessionKeyMesByte.Length, 3072); // concanated the session keys and sign sendMessage(tempMessage, newClient.Socket); // send session key message //************************************************************************************* newClient.Name = username; newClient.authenticationKey = SessionKey128BitNum; newClient.aesKey = SymEncDec128BitNum; Thread thread = new Thread(() => ReceiveFunc(newClient, SymEncDec128BitNum, SessionKey128BitNum)); thread.Start(); socketList.Add(newClient); } } else // send negatif acknowledgement message about Unsuccesfull HMAC Verification { byte[] passwordSuccessSignedByte = signWithRSA("You CAN'T Verified", 3072, SignKeyPair); // sign message byte[] message = Encoding.Default.GetBytes("You CAN'T Verified"); byte[] HMACacknowledgementByte = new byte[384 + message.Length]; Array.Copy(passwordSuccessSignedByte, 0, HMACacknowledgementByte, 0, 384); Array.Copy(message, 0, HMACacknowledgementByte, 384, message.Length); sendMessage(HMACacknowledgementByte, newClient.Socket); // send message } } } sr.Close(); if (usernameFound == false) { ServerConsol.AppendText("In login username not fouund\n"); } } } } }
private void Enroll(Client newClient, string databasePath) { // LOGIN TUSU INAKTIF EDİLSİN ServerConsol.AppendText("A client tries to Enroll to the server\n"); string usernamePass = receiveMessage(newClient.Socket); // decryption with RSA 3072 byte[] usernamePW = decryptWithRSA(usernamePass, 3072, RSAkeyPair); // Decyrpte password and username byte[] passwordHalfByte = new Byte[16]; Array.Copy(usernamePW, 0, passwordHalfByte, 0, 16); // Parse half of the password byte[] usernameByte = new Byte[usernamePW.Length - 16]; Array.Copy(usernamePW, 16, usernameByte, 0, ((usernamePW.Length - 16))); // Parse the rest of it, to find username string usernameHex = Encoding.Default.GetString(usernameByte); // convert byte to string for username string passwordHalfHex = Encoding.Default.GetString(passwordHalfByte); // convert byte to string for password string line = ""; bool trueMatch = false, usernameFound = false; try { if (System.IO.File.Exists(databasePath)) // If txt file exists { ServerConsol.AppendText("Database file found\n"); using (System.IO.StreamReader sr = System.IO.File.OpenText(databasePath)) // read file { databaseValues = ""; while ((line = sr.ReadLine()) != null) { databaseValues += line + "\n"; if (line == usernameHex) // if username is found in database { ServerConsol.AppendText("Username already exist\n"); usernameFound = true; byte[] passwordErrorSignedByte = signWithRSA("Error!Username Exists", 3072, SignKeyPair); byte[] message = Encoding.Default.GetBytes("Error!Username Exists"); byte[] concatenatedByte = new byte[384 + message.Length]; Array.Copy(passwordErrorSignedByte, 0, concatenatedByte, 0, 384); Array.Copy(message, 0, concatenatedByte, 384, message.Length); sendMessage(concatenatedByte, newClient.Socket); // send signed error message newClient.Socket.Close(); break; } } sr.Close(); if (usernameFound == false) // if username couldn't be founded at database , add user to the database aka Enrollment { newClient.Name = usernameHex; // After connection the username of the client added to connected client List socketList.Add(newClient); ServerConsol.AppendText("Saving user to the database\n"); StreamWriter sw = new StreamWriter(databasePath); databaseValues += usernameHex + "\n" + passwordHalfHex + "\n"; sw.Write(databaseValues); ServerConsol.AppendText("A user successfully enrolled to the database\n"); sw.Close(); byte[] passwordSuccessSignedByte = signWithRSA("Succesfully Enrolled", 3072, SignKeyPair); byte[] message = Encoding.Default.GetBytes("Succesfully Enrolled"); byte[] concatenatedByte = new byte[384 + message.Length]; Array.Copy(passwordSuccessSignedByte, 0, concatenatedByte, 0, 384); Array.Copy(message, 0, concatenatedByte, 384, message.Length); sendMessage(concatenatedByte, newClient.Socket); // send signed success message newClient.Socket.Close(); } } } else // if txt file doesn't exist { ServerConsol.AppendText("database file created\n"); File.Create(databasePath); // create new one using (System.IO.TextWriter sw = new System.IO.StreamWriter(databasePath)) { sw.WriteLine(usernameHex); sw.WriteLine(passwordHalfHex); } byte[] passwordSuccessSignedByte = signWithRSA("Succesfully Enrolled", 3072, SignKeyPair); byte[] message = Encoding.Default.GetBytes("Succesfully Enrolled"); byte[] concatenatedByte = new byte[384 + message.Length]; Array.Copy(passwordSuccessSignedByte, 0, concatenatedByte, 0, 384); Array.Copy(message, 0, concatenatedByte, 384, message.Length); //socketList.Add(newClient); sendMessage(concatenatedByte, newClient.Socket); // send signed success message newClient.Socket.Close(); //Thread receiveThread = new Thread( // o => // { // ReceiveFunc((Client)o); // } //); //receiveThread.Start(newClient); } } catch { ServerConsol.AppendText("A problem occured while a client tries to Enroll\n"); } }