RustyStriker/online_security_project
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

got login working

Browse source
This commit is contained in:
Rusty Striker 2025-01-02 18:49:58 +02:00
parent 04a4f7ece8
commit 2aa4a86e5f
Signed by: RustyStriker
GPG key ID: 87E4D691632DFF15
5 changed files with 108 additions and 100 deletions
Download patch file Download diff file Expand all files Collapse all files

52
client/Program.cs
View file

@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Globalization;
using System.IO;
using System.Linq;
@ -15,9 +16,9 @@ namespace Client;
public class Program
{
static byte counter = 0;
static string User = "";
static readonly Random Rand = new();
static readonly Random Rand = new((int)DateTime.Now.Ticks);
static byte counter = (byte)Rand.Next();
static async Task Main(string[] args)
{
@ -40,11 +41,17 @@ public class Program
// First contact init
bool needsRegister = pubKey == privKey || args.Any(a => new[] { "-fr", "--force-register" }.Contains(a));
Aes sk = Aes.Create(); // creates an AES-256 key
// establish secure connection
byte[] skEnc = serverKey.Encrypt([.. sk.Key, .. sk.IV], RSAEncryptionPadding.OaepSHA256);
await stream.WriteAsync(skEnc);
// wait for the server to confirm it recieved the keys
await stream.ReadExactlyAsync(new byte[1]);
if (needsRegister)
{
try
{
await RegisterClient(User, pubKey, privKey, serverKey, sk, stream);
await RegisterClient(User, pubKey, privKey, sk, stream);
}
catch (Exception ex)
{
@ -56,25 +63,46 @@ public class Program
}
else
{
// attempt to login here
// start login process
byte[] msg = Request.CreateRequest(RequestType.Login, ref counter, Utils.NumberToBytes(User));
msg = sk.EncryptCfb(msg, sk.IV, PaddingMode.PKCS7);
await stream.WriteAsync(msg);
byte[] toSign = new byte[16];
await stream.ReadExactlyAsync(toSign, 0, 16);
toSign = sk.DecryptCfb(toSign, sk.IV, PaddingMode.None);
byte[] signed = privKey.SignData(toSign, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
msg = Request.CreateRequest(RequestType.ConfirmLogin, ref counter, BitConverter.GetBytes(signed.Length));
msg = sk.EncryptCfb(msg, sk.IV, PaddingMode.None);
WriteColor($"Sending sig: {Convert.ToBase64String(signed)}", ConsoleColor.Green);
msg = [.. msg, .. signed];
await stream.WriteAsync(msg);
byte[] buffer = new byte[512];
int len = await stream.ReadAsync(buffer);
byte[] dec = sk.DecryptCfb(buffer[..len], sk.IV, PaddingMode.PKCS7);
string r = Encoding.UTF8.GetString(dec);
if (r == "OK")
{
Console.WriteLine("Login successful");
}
else
{
Console.WriteLine($"Failed login: {r}");
client.Dispose();
return;
}
}
await HandleUserInput(client, stream, sk, privKey);
}
async static Task RegisterClient(string user, RSA pub, RSA priv, RSA server, Aes sk, NetworkStream stream)
async static Task RegisterClient(string user, RSA pub, RSA priv, Aes sk, NetworkStream stream)
{
Console.WriteLine("Attempting to register with public key:");
Console.WriteLine(pub.ExportRSAPublicKeyPem());
// Generate aes key and send it forward
Console.WriteLine($"Session key: {string.Join(' ', sk.Key)}");
Console.WriteLine($"Session IV: {string.Join(' ', sk.IV)}");
byte[] skEnc = server.Encrypt([.. sk.Key, .. sk.IV], RSAEncryptionPadding.OaepSHA256);
await stream.WriteAsync(skEnc);
// wait for the server to confirm it recieved the keys
await stream.ReadExactlyAsync(new byte[1]);
// Generate the Register msg
Console.WriteLine("Sending rsa public key thing");
@ -130,6 +158,10 @@ public class Program
Console.WriteLine("Registration process complete");
break;
}
else
{
Console.WriteLine("Failed reigstreation: " + r);
}
}
}