public void Agree(EncryptionHandshake handshake, Packet ack) { handshake.AckPacket = ack; try { byte[] plaintextOld = _eciesCipher.Decrypt(_privateKey, ack.Data); AckMessage ackMessage = _messageSerializationService.Deserialize <AckMessage>(plaintextOld); _logger.Debug($"Received ACK old"); handshake.RemoteEphemeralPublicKey = ackMessage.EphemeralPublicKey; handshake.RecipientNonce = ackMessage.Nonce; } catch (Exception) { byte[] sizeData = ack.Data.Slice(0, 2); byte[] plaintext = _eciesCipher.Decrypt(_privateKey, ack.Data.Slice(2), sizeData); AckEip8Message ackMessage = _messageSerializationService.Deserialize <AckEip8Message>(plaintext); _logger.Debug($"Received ACK v{ackMessage.Version}"); handshake.RemoteEphemeralPublicKey = ackMessage.EphemeralPublicKey; handshake.RecipientNonce = ackMessage.Nonce; } SetSecrets(handshake, EncryptionHandshakeRole.Initiator); }
public void Agree(EncryptionHandshake handshake, Packet ack) { handshake.AckPacket = ack; bool isOld = false; byte[] plainText = null; try { (isOld, plainText) = _eciesCipher.Decrypt(_privateKey, ack.Data); } catch (Exception ex) { if (_logger.IsTrace) { _logger.Trace($"Exception when decrypting agree {ex.Message}"); } } if (isOld) { AckMessage ackMessage = _messageSerializationService.Deserialize <AckMessage>(plainText); if (_logger.IsTrace) { _logger.Trace("Received ACK old"); } handshake.RemoteEphemeralPublicKey = ackMessage.EphemeralPublicKey; handshake.RecipientNonce = ackMessage.Nonce; } else { byte[] sizeData = ack.Data.Slice(0, 2); (_, plainText) = _eciesCipher.Decrypt(_privateKey, ack.Data.Slice(2), sizeData); AckEip8Message ackEip8Message = _messageSerializationService.Deserialize <AckEip8Message>(plainText); if (_logger.IsTrace) { _logger.Trace($"Received ACK v{ackEip8Message.Version}"); } handshake.RemoteEphemeralPublicKey = ackEip8Message.EphemeralPublicKey; handshake.RecipientNonce = ackEip8Message.Nonce; } SetSecrets(handshake, HandshakeRole.Initiator); }
public void Agree(EncryptionHandshake handshake, Packet ack) { handshake.AckPacket = ack; bool preEip8Format = false; byte[] plainText = null; try { (preEip8Format, plainText) = _eciesCipher.Decrypt(_privateKey, ack.Data); } catch (Exception ex) { if (_logger.IsTrace) { _logger.Trace($"Exception when decrypting agree {ex.Message}"); } } if (preEip8Format) { AckMessage ackMessage = _messageSerializationService.Deserialize <AckMessage>(plainText); if (_logger.IsTrace) { _logger.Trace("Received ACK old"); } handshake.RemoteEphemeralPublicKey = ackMessage.EphemeralPublicKey; handshake.RecipientNonce = ackMessage.Nonce; } else { byte[] sizeData = ack.Data.Slice(0, 2); (_, plainText) = _eciesCipher.Decrypt(_privateKey, ack.Data.Slice(2), sizeData); AckEip8Message ackEip8Message = _messageSerializationService.Deserialize <AckEip8Message>(plainText); if (_logger.IsTrace) { _logger.Trace($"Received ACK v{ackEip8Message.Version}"); } handshake.RemoteEphemeralPublicKey = ackEip8Message.EphemeralPublicKey; handshake.RecipientNonce = ackEip8Message.Nonce; } SetSecrets(handshake, HandshakeRole.Initiator); if (_logger.IsTrace) { _logger.Trace($"Agreed secrets with {handshake.RemoteNodeId}"); } #if DEBUG if (_logger.IsTrace) { _logger.Trace($"{handshake.RemoteNodeId} ephemeral private key {handshake.EphemeralPrivateKey}"); _logger.Trace($"{handshake.RemoteNodeId} initiator nonce {handshake.InitiatorNonce.ToHexString()}"); _logger.Trace($"{handshake.RemoteNodeId} recipient nonce {handshake.RecipientNonce.ToHexString()}"); _logger.Trace($"{handshake.RemoteNodeId} remote ephemeral public key {handshake.RemoteEphemeralPublicKey}"); _logger.Trace($"{handshake.RemoteNodeId} remote public key {handshake.RemoteNodeId}"); _logger.Trace($"{handshake.RemoteNodeId} auth packet {handshake.AuthPacket.Data.ToHexString()}"); _logger.Trace($"{handshake.RemoteNodeId} ack packet {handshake.AckPacket.Data.ToHexString()}"); } #endif }
public Packet Ack(EncryptionHandshake handshake, Packet auth) { handshake.AuthPacket = auth; AuthMessageBase authMessage; bool preEip8Format = false; byte[] plainText = null; try { if (_logger.IsTrace) { _logger.Trace($"Trying to decrypt an old version of {nameof(AuthMessage)}"); } (preEip8Format, plainText) = _eciesCipher.Decrypt(_privateKey, auth.Data); } catch (Exception ex) { if (_logger.IsTrace) { _logger.Trace($"Exception when decrypting ack {ex.Message}"); } } if (preEip8Format) { authMessage = _messageSerializationService.Deserialize <AuthMessage>(plainText); } else { if (_logger.IsTrace) { _logger.Trace($"Trying to decrypt version 4 of {nameof(AuthEip8Message)}"); } byte[] sizeData = auth.Data.Slice(0, 2); (_, plainText) = _eciesCipher.Decrypt(_privateKey, auth.Data.Slice(2), sizeData); authMessage = _messageSerializationService.Deserialize <AuthEip8Message>(plainText); } var nodeId = authMessage.PublicKey; if (_logger.IsTrace) { _logger.Trace($"Received AUTH v{authMessage.Version} from {nodeId}"); } handshake.RemoteNodeId = nodeId; handshake.RecipientNonce = _cryptoRandom.GenerateRandomBytes(32); handshake.EphemeralPrivateKey = _ephemeralGenerator.Generate(); handshake.InitiatorNonce = authMessage.Nonce; byte[] staticSharedSecret = Proxy.EcdhSerialized(handshake.RemoteNodeId.Bytes, _privateKey.KeyBytes); byte[] forSigning = staticSharedSecret.Xor(handshake.InitiatorNonce); handshake.RemoteEphemeralPublicKey = _ecdsa.RecoverPublicKey(authMessage.Signature, new Keccak(forSigning)); byte[] data; if (preEip8Format) { if (_logger.IsTrace) { _logger.Trace($"Building an {nameof(AckMessage)}"); } AckMessage ackMessage = new AckMessage(); ackMessage.EphemeralPublicKey = handshake.EphemeralPrivateKey.PublicKey; ackMessage.Nonce = handshake.RecipientNonce; var ackData = _messageSerializationService.Serialize(ackMessage); data = _eciesCipher.Encrypt(handshake.RemoteNodeId, ackData, Array.Empty <byte>()); } else { if (_logger.IsTrace) { _logger.Trace($"Building an {nameof(AckEip8Message)}"); } AckEip8Message ackMessage = new AckEip8Message(); ackMessage.EphemeralPublicKey = handshake.EphemeralPrivateKey.PublicKey; ackMessage.Nonce = handshake.RecipientNonce; var ackData = _messageSerializationService.Serialize(ackMessage); int size = ackData.Length + 32 + 16 + 65; // data + MAC + IV + pub byte[] sizeBytes = size.ToBigEndianByteArray().Slice(2, 2); data = Bytes.Concat(sizeBytes, _eciesCipher.Encrypt(handshake.RemoteNodeId, ackData, sizeBytes)); } handshake.AckPacket = new Packet(data); SetSecrets(handshake, HandshakeRole.Recipient); return(handshake.AckPacket); }
public Packet Ack(EncryptionHandshake handshake, Packet auth) { handshake.AuthPacket = auth; AuthMessageBase authMessage; bool isOld = false; try { _logger.Info($"Trying to decrypt an old version of {nameof(AuthMessage)}"); byte[] plaintextOld = _eciesCipher.Decrypt(_privateKey, auth.Data); authMessage = _messageSerializationService.Deserialize <AuthMessage>(plaintextOld); isOld = true; } catch (Exception) { _logger.Info($"Trying to decrypt version 4 of {nameof(AuthEip8Message)}"); byte[] sizeData = auth.Data.Slice(0, 2); byte[] plaintext = _eciesCipher.Decrypt(_privateKey, auth.Data.Slice(2), sizeData); authMessage = _messageSerializationService.Deserialize <AuthEip8Message>(plaintext); } var nodeId = new NodeId(authMessage.PublicKey); _logger.Debug($"Received AUTH v{authMessage.Version} from {nodeId}"); handshake.RemoteNodeId = nodeId; handshake.RecipientNonce = _cryptoRandom.GenerateRandomBytes(32); handshake.EphemeralPrivateKey = new PrivateKey(_cryptoRandom.GenerateRandomBytes(32)); handshake.InitiatorNonce = authMessage.Nonce; byte[] staticSharedSecret = BouncyCrypto.Agree(_privateKey, handshake.RemoteNodeId.PublicKey); byte[] forSigning = staticSharedSecret.Xor(handshake.InitiatorNonce); handshake.RemoteEphemeralPublicKey = _signer.RecoverPublicKey(authMessage.Signature, new Keccak(forSigning)); byte[] ackData; if (isOld) // what was the difference? shall I really include ephemeral public key in v4? { _logger.Debug($"Building an {nameof(AckMessage)}"); AckMessage ackMessage = new AckMessage(); ackMessage.EphemeralPublicKey = handshake.EphemeralPrivateKey.PublicKey; ackMessage.Nonce = handshake.RecipientNonce; ackData = _messageSerializationService.Serialize(ackMessage); } else { _logger.Debug($"Building an {nameof(AckEip8Message)}"); AckEip8Message ackMessage = new AckEip8Message(); ackMessage.EphemeralPublicKey = handshake.EphemeralPrivateKey.PublicKey; ackMessage.Nonce = handshake.RecipientNonce; ackData = _messageSerializationService.Serialize(ackMessage); } int size = ackData.Length + 32 + 16 + 65; // data + MAC + IV + pub byte[] sizeBytes = size.ToBigEndianByteArray().Slice(2, 2); byte[] packetData = _eciesCipher.Encrypt(handshake.RemoteNodeId.PublicKey, ackData, sizeBytes); handshake.AckPacket = new Packet(Bytes.Concat(sizeBytes, packetData)); SetSecrets(handshake, EncryptionHandshakeRole.Recipient); return(handshake.AckPacket); }