diff --git a/README.md b/README.md index 4134b4e..12cc456 100644 --- a/README.md +++ b/README.md @@ -1,30 +1,29 @@ # Project - TODO: -[ ] implement SendMessage at the server +[x] implement SendMessage at the server [ ] implement Login [ ] client [ ] server -[ ] Figure out how to do the messages themselves -[ ] implement sending messages properly -[ ] implement message acks +[x] Figure out how to do the messages themselves +[x] Figure out how to pass the signature (i think it must be as a second packet) +[x] implement sending messages properly +[x] implement message acks ## Protocol todo: -[ ] Figure out how a message and message ack payload will look -[ ] Figure out server responses (hopefully manages to be stuck in a 512 bit block as well) - +[x] Figure out how a message and message ack payload will look ## Misc todo: -[ ] Create a Request to String function for easy printing and debugging +[x] Create a Request to String function for easy printing and debugging ## client todo: [ ] Check for key when turned on [x] generate key and register if no key is preset, and save it after registration is done [ ] if key is present, start by establishing connection (which makes sure we are signed in) -[ ] use AES to get basic packets from the server -[ ] use RSA private key to read normal messages +[x] use AES to get basic packets from the server +[x] use RSA private key to read normal messages ## Server todo: @@ -32,9 +31,9 @@ [x] use RSA key to get first message and extract AES key [ ] verify the user using its public RSA key [x] if it was a register session save the key into the BIG DATA STRUCTURE -[ ] Keep lists of incoming messages +[x] Keep lists of incoming messages (doesnt need to know from who, they are just big blobs of shlomp) -[ ] When user asks for incoming messages, make basic packet and append the incoming messages +[x] When user asks for incoming messages, make basic packet and append the incoming messages - last byte is the "how many messages are left" byte - each byte in the extra data will be the length of the next message, so if there are 3 messages of length 128, 200, 300 bytes it will be diff --git a/client/Message.cs b/client/Message.cs index 34eef94..afc65c8 100644 --- a/client/Message.cs +++ b/client/Message.cs @@ -27,8 +27,8 @@ public class Message Id = BitConverter.ToUInt32(bytes, 0); Sender = Utils.BytesToNumber(bytes[4..12]); IsAck = bytes[12] != 0; - Content = Encoding.UTF8.GetString(bytes[13..(bytes.Length - 32)]); - Signature = bytes[(bytes.Length - 32)..]; + Content = Encoding.UTF8.GetString(bytes[13..bytes.Length]); + Signature = []; } public Message(uint Id, string Sender, bool IsAck, string Content) @@ -42,15 +42,15 @@ public class Message public void CalculateSignature(RSA key) { - Signature = key.SignData(Bytes(false), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); + Signature = key.SignData(Bytes(), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); } public bool IsSignatureValid(RSA key) { - return key.VerifyData(Bytes(false), Signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); + return key.VerifyData(Bytes(), Signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); } - public byte[] Bytes(bool IncludeSignature = true) + public byte[] Bytes() { List msg = []; // 0..4 @@ -61,11 +61,6 @@ public class Message msg.Add((byte)(IsAck ? 1 : 0)); // 13..(len - 32) msg.AddRange(Encoding.UTF8.GetBytes(Content)); - // (len - 32).. - if (IncludeSignature) // we dont want to include the signature when we sign/verify the data - { - msg.AddRange(Signature); - } return [0, .. msg]; } diff --git a/client/Program.cs b/client/Program.cs index a2b6765..ec82ba3 100644 --- a/client/Program.cs +++ b/client/Program.cs @@ -1,12 +1,14 @@ using System; using System.Collections.Generic; +using System.Globalization; using System.IO; using System.Linq; using System.Net.Sockets; -using System.Runtime.CompilerServices; using System.Security.Cryptography; using System.Text; +using System.Text.Json; using System.Threading.Tasks; +using client; using lib; namespace Client; @@ -14,10 +16,12 @@ namespace Client; public class Program { static byte counter = 0; + static string User = ""; + static readonly Random Rand = new(); static async Task Main(string[] args) { - string user = args + User = args .SkipWhile(a => !new[] { "-p", "--phone" }.Contains(a)) // search for the option .Skip(1) // skip the `-u/--user` itself to get the value .FirstOrDefault() ?? "0000"; // get the value or deafult if it doesnt exist @@ -25,10 +29,10 @@ public class Program // On boot, check if a key is available RSA? serverKey = LoadRSAFromFile("server_key.pem"); if (serverKey == null) { Console.WriteLine("Could not find server key, please run server before clients!"); return; } - RSA pubKey = LoadRSAFromFile($"pubkey_{user}.pem") ?? RSA.Create(2048); - RSA privKey = LoadRSAFromFile($"privkey_{user}.pem") ?? pubKey; + RSA pubKey = LoadRSAFromFile($"pubkey_{User}.pem") ?? RSA.Create(2048); + RSA privKey = LoadRSAFromFile($"privkey_{User}.pem") ?? pubKey; - SaveRSAKeys(user, pubKey, privKey); + SaveRSAKeys(User, pubKey, privKey); using TcpClient client = new("127.0.0.1", 12345); var stream = client.GetStream(); @@ -40,7 +44,7 @@ public class Program { try { - await RegisterClient(user, pubKey, privKey, serverKey, sk, stream); + await RegisterClient(User, pubKey, privKey, serverKey, sk, stream); } catch (Exception ex) { @@ -212,8 +216,10 @@ public class Program } else if (publicKeys.TryGetValue(currentChat!, out RSA? key)) { - // TODO: add signature and origin please yes thank you - byte[] userMsg = key.Encrypt(Encoding.UTF8.GetBytes(input), RSAEncryptionPadding.OaepSHA256); + // Pick the id as a random uint, good enough for the sake of testing + Message m = new((uint)Rand.Next(), User, false, input); + m.CalculateSignature(privKey); + byte[] userMsg = [.. key.Encrypt(m.Bytes(), RSAEncryptionPadding.OaepSHA256), .. m.Signature]; byte[] req = Request.CreateRequest( RequestType.SendMessage, ref counter, @@ -257,31 +263,64 @@ public class Program byte[] req = Request.CreateRequest(RequestType.GetMessages, ref counter, []); req = sk.EncryptCfb(req, sk.IV, PaddingMode.None); // no need for padding this is exactly 128 bytes await stream.WriteAsync(req); - byte[] buffer = new byte[1024]; + byte[] buffer = new byte[4096]; int len = await stream.ReadAsync(buffer); byte[] lengths = buffer[..16]; lengths = sk.DecryptCfb(lengths, sk.IV, PaddingMode.None); + Console.ForegroundColor = ConsoleColor.Cyan; + Console.WriteLine($"Got messages: {string.Join(", ", lengths)}"); + Console.ResetColor(); byte[] msg = new byte[1024]; // msg buffer int start = 16; // skip the first 16 bytes since its the lengths message - foreach (byte l in lengths.Take(15)) + for (int i = 0; i < lengths.Length - 1; i += 2) { + int l = (lengths[i] << 8) | (lengths[i + 1]); + Console.WriteLine($"got message of length: {l}"); if (l == 0) { break; } // a 0 means we are done actually, as empty messages shouldn't be allowed // get the msg int end = start + l; if (end > len) { - // we need to read more as there was use of more than 1024 overall - // todo for now - // TODO: read more incoming bytes when messages exceed the 1024 buffer + // TODO: properly handle it as a buffered stream and properly buffer it } - Console.WriteLine($"got ecnryped message: {Convert.ToBase64String(buffer[start..end])}"); + + WriteColor($"got ecnryped message: {Convert.ToBase64String(buffer[start..end])}", ConsoleColor.Green); // decrypt the message - if (privKey.TryDecrypt(buffer.AsSpan()[start..end], msg, RSAEncryptionPadding.OaepSHA256, out int written)) + int msgLen = privKey.KeySize / 8; + if (privKey.TryDecrypt(buffer.AsSpan()[start..(msgLen + start)], msg, RSAEncryptionPadding.OaepSHA256, out int written)) { byte[] dec = msg[..written]; - Console.WriteLine($"decrypted message: {Convert.ToBase64String(dec)}"); - Console.WriteLine($"Message: {Encoding.UTF8.GetString(dec)}"); + Message m = new(dec) + { + Signature = buffer[(start + msgLen)..end] + }; + + bool sigValid = false; + if (publicKeys.TryGetValue(m.Sender, out RSA? pk) || (pk = await GetPublicKey(stream, sk, m.Sender)) != null) + { + publicKeys[m.Sender] = pk; // update the key value stored in case it was requested for in GetPublicKey + sigValid = m.IsSignatureValid(pk); + } + else + { + Console.WriteLine("Failed getting sender's public key"); + } + WriteColor($"decrypted message: {Convert.ToBase64String(dec)}", ConsoleColor.Green); + Console.WriteLine($"Got message from {m.Sender} (id: {m.Id}) (valid: {sigValid}): " + (m.IsAck ? "ACK" : m.Content)); + // if the signature is valid we also want to send back a message ack for the same id :) + if (sigValid) + { + Message mAck = new(m.Id, User, true, ""); + mAck.CalculateSignature(privKey); + byte[] userMsg = [.. publicKeys[m.Sender].Encrypt(mAck.Bytes(), RSAEncryptionPadding.OaepSHA256), .. mAck.Signature]; + byte[] reqAck = Request.CreateRequest( + RequestType.SendMessage, + ref counter, + [.. Utils.NumberToBytes(m.Sender), .. BitConverter.GetBytes(userMsg.Length)]); + reqAck = sk.EncryptCfb(reqAck, sk.IV); + stream.Write([.. reqAck, .. userMsg]); + } } else { @@ -292,9 +331,19 @@ public class Program // supposedly the sender will notice the lack of response and send it again Console.WriteLine("Incoming message failed to decrypt, unknown sender"); } + start = end; } - bool hasMoreMessages = lengths[15] != 0; + Console.WriteLine($"hasMoreMessages: {hasMoreMessages}"); } -} \ No newline at end of file + + static void WriteColor(string Line, ConsoleColor Color, ConsoleColor Background = ConsoleColor.Black) + { + Console.ForegroundColor = Color; + Console.BackgroundColor = Background; + Console.WriteLine(Line); + Console.ResetColor(); + } +} + diff --git a/server/Data.cs b/server/Data.cs index e31512f..e64f33e 100644 --- a/server/Data.cs +++ b/server/Data.cs @@ -37,6 +37,26 @@ public class Data } } + public bool AddMessage(string Phone, byte[] Message) + { + if (Keys.ContainsKey(Phone)) + { + if (Messages.TryGetValue(Phone, out var value)) + { + value.Enqueue(Message); + } + else + { + Messages[Phone] = new Queue([Message]); + } + return true; + } + else + { + return false; + } + } + public bool PeekMessages(string Phone) { return Messages.TryGetValue(Phone, out Queue? value) && value.TryPeek(out var _); diff --git a/server/Program.cs b/server/Program.cs index 0028f5d..ff8225f 100644 --- a/server/Program.cs +++ b/server/Program.cs @@ -200,22 +200,22 @@ public class Program switch ((RequestType)msg[1]) { case RequestType.GetMessages: - byte[] msgsLens = new byte[16]; // 128 bits + byte[] msgsLens = Enumerable.Repeat(0, 16).ToArray(); // 128 bits // get 15 messages, last byte will indicate if there are more - List msgs = Data.GetMessages(clientPhone, 15) ?? []; + List msgs = Data.GetMessages(clientPhone, 7) ?? []; + Write(id, $"Got {msgs.Count} messages"); byte[] msgsBytes = new byte[msgs.Select(m => m.Length).Sum()]; int msgsbytesIndex = 0; - for (int i = 0; i < msgsLens.Length - 1; i += 1) + for (int i = 0; i < msgs.Count; i += 1) { - // it is expected that all messages will be less than 255 bytes, hence a single byte to - // denote length is sufficient, but a simple update to the protocol can allow up to 7 messages - // per request (instead of 15), and use an ushort (u16) instead - msgsLens[i] = (byte)(msgs.Count > i ? msgs[i].Length : 0); - if (i < msgs.Count) - { - // copy the message to the msgsBytes array - Array.Copy(msgs[i], 0, msgsBytes, msgsbytesIndex, msgs[i].Length); - } + // messages are encrypted blocks of (currently) 1024 RSA keys, so it would be 256 bytes + // meaning we need a short at least (technically we need 9 bytes, but using a full short will allow for + // bigger key sizes without much hassle, until a certain length) + msgsLens[2 * i] = (byte)(msgs[i].Length >> 8); + msgsLens[(2 * i) + 1] = (byte)msgs[i].Length; + // copy the message to the msgsBytes array + Array.Copy(msgs[i], 0, msgsBytes, msgsbytesIndex, msgs[i].Length); + msgsbytesIndex += msgs[i].Length; } msgsLens[15] = Data.PeekMessages(clientPhone) ? (byte)1 : (byte)0; // only need to encrypt the lengths of the messages, as the messages themselves are encrypted @@ -242,7 +242,14 @@ public class Program case RequestType.SendMessage: string recv = Utils.BytesToNumber(msg[3..11]); int msgLen = BitConverter.ToInt32(msg, 11); - + if (msgLen != (len - MSG_LEN)) + { + Write(id, $"Got message to {recv} of length {len - MSG_LEN} but expected {msgLen}"); + } + byte[] clientMsg = buffer[MSG_LEN..(msgLen + MSG_LEN)]; + // simply add the clientMsg to the "Data" + bool added = Data.AddMessage(recv, clientMsg); + Write(id, $"Added message to {recv} of length {msgLen}: {added}"); break; default: msg = sk.EncryptCfb(Encoding.UTF8.GetBytes("INVALID REQUEST"), sk.IV, PaddingMode.PKCS7);