From 89604531438652bfacb93622e53a85eaaf014bf9 Mon Sep 17 00:00:00 2001 From: Malloc of Kuzkycyziklistan Date: Tue, 30 May 2017 12:44:27 -0500 Subject: [PATCH] rc4 done also client restructure woom oom om m --- client/src/{ => gl}/RenderContext.ts | 0 client/src/{ => sock}/Connection.ts | 19 ++++++++++++---- client/src/{ => sock}/Crypto.ts | 26 +++++++++++++++++----- client/src/{ => sock}/Packet.ts | 0 client/src/{ => util}/Extensions.ts | 0 client/src/{ => util}/Utilities.ts | 0 server/Encryption/KeyExchange.cs | 7 +++--- server/Libraries/Square/ArrayExtensions.cs | 2 +- server/Socks/ActiveConnection.cs | 8 +++++++ server/Socks/PendingConnection.cs | 7 ++++-- 10 files changed, 53 insertions(+), 16 deletions(-) rename client/src/{ => gl}/RenderContext.ts (100%) rename client/src/{ => sock}/Connection.ts (77%) rename client/src/{ => sock}/Crypto.ts (73%) rename client/src/{ => sock}/Packet.ts (100%) rename client/src/{ => util}/Extensions.ts (100%) rename client/src/{ => util}/Utilities.ts (100%) diff --git a/client/src/RenderContext.ts b/client/src/gl/RenderContext.ts similarity index 100% rename from client/src/RenderContext.ts rename to client/src/gl/RenderContext.ts diff --git a/client/src/Connection.ts b/client/src/sock/Connection.ts similarity index 77% rename from client/src/Connection.ts rename to client/src/sock/Connection.ts index 41bdf6d..67e5aa5 100644 --- a/client/src/Connection.ts +++ b/client/src/sock/Connection.ts @@ -34,14 +34,24 @@ class Connection { private static onMessage(event: any): void { var raw = new Uint8Array(event.data); - var msg = Packet.fromBytes(raw); - console.log(msg); + var msg: Packet; + try { + msg = !Cipher.ready ? Packet.fromBytes(raw) + : Packet.fromBytes(Cipher.parse(raw)); + } catch(e) { + close(); + return; + } + console.log(msg); switch(msg.id) { case kPacketId.KeyExchange: var response = Key.generateResponsePacket(msg); - Connection.send(response); - console.log(response); + if(Key.succeeded) { + Cipher.init(Key.privateKey); + Connection.send(response); + } else + CriticalStop.redirect("Could not establish an encrypted connection with the server."); break; case kPacketId.LoginAttempt: @@ -54,6 +64,7 @@ class Connection { private static onClose(event: any): void { Connection._isOpen = false; + Cipher.close(); if(Connection.onCloseFunc) Connection.onCloseFunc(); diff --git a/client/src/Crypto.ts b/client/src/sock/Crypto.ts similarity index 73% rename from client/src/Crypto.ts rename to client/src/sock/Crypto.ts index 09a5b72..b1e5252 100644 --- a/client/src/Crypto.ts +++ b/client/src/sock/Crypto.ts @@ -1,7 +1,7 @@ class Key { private static secret: bigInt; private static _privateKey: bigInt = new bigInt(0); - private static get privateKey(): bigInt { + public static get privateKey(): bigInt { return Key._privateKey; } @@ -17,9 +17,10 @@ class Key { var generator = new bigInt(request[0].toString(), 16); var modulus = new bigInt(request[1].toString(), 16); var serverKey = new bigInt(request[2].toString(), 16); + var clientKey = generator.modPow(Key.secret, modulus); - Key._privateKey = serverKey.modPow(serverKey, modulus); - return Packet.create(kPacketId.KeyExchange, [generator.modPow(Key.secret, modulus).toString(16)]); + Key._privateKey = serverKey.modPow(Key.secret, modulus); + return Packet.create(kPacketId.KeyExchange, [clientKey.toString(16)]); } } @@ -27,12 +28,17 @@ class Cipher { private static key: Uint8Array; private static state: Uint8Array; + private static _ready: boolean = false; + public static get ready(): boolean { + return Cipher._ready; + } + public static init(key: bigInt) { Cipher.key = key.toByteArray(512 / 8); Cipher.state = new Uint8Array(256); - Cipher.state.map((value: number, index: number): number => { - return index; - }); + + for(var stateIndex = 0; stateIndex < Cipher.state.length; ++stateIndex) + Cipher.state[stateIndex] = stateIndex; var i, j = 0, t; for(i = 0; i < 256; ++i) { @@ -44,6 +50,7 @@ class Cipher { } Cipher.generateStream(1024); + Cipher._ready = true; } private static generateStream(length: number): Uint8Array { @@ -65,10 +72,17 @@ class Cipher { } public static parse(data: Uint8Array): Uint8Array { + if(!Cipher._ready) + return null; + var stream = Cipher.generateStream(data.length); for(var i = 0; i < data.length; ++i) data[i] = data[i] ^ stream[i]; return data; } + + public static close(): void { + Cipher._ready = false; + } } \ No newline at end of file diff --git a/client/src/Packet.ts b/client/src/sock/Packet.ts similarity index 100% rename from client/src/Packet.ts rename to client/src/sock/Packet.ts diff --git a/client/src/Extensions.ts b/client/src/util/Extensions.ts similarity index 100% rename from client/src/Extensions.ts rename to client/src/util/Extensions.ts diff --git a/client/src/Utilities.ts b/client/src/util/Utilities.ts similarity index 100% rename from client/src/Utilities.ts rename to client/src/util/Utilities.ts diff --git a/server/Encryption/KeyExchange.cs b/server/Encryption/KeyExchange.cs index f45c3db..3c3b2d0 100644 --- a/server/Encryption/KeyExchange.cs +++ b/server/Encryption/KeyExchange.cs @@ -5,6 +5,7 @@ using System.Text; using System.Threading.Tasks; using System.Numerics; using Square; +using System.Globalization; namespace CircleScape.Encryption { class Key { @@ -31,12 +32,12 @@ namespace CircleScape.Encryption { } public BigInteger ParseResponsePacket(Packet packet) { - if(packet.Id == Packet.kId.KeyExchange && packet.RegionCount != 1) + if(packet.Id != Packet.kId.KeyExchange || packet.RegionCount != 1) return -1; - if(!BigInteger.TryParse(packet[0], out BigInteger ClientKey)) + if(!BigInteger.TryParse(packet[0], NumberStyles.HexNumber, NumberFormatInfo.InvariantInfo, out BigInteger ClientKey)) return -1; - + return (PrivateKey = BigInteger.ModPow(ClientKey, Secret, Modulus)); } } diff --git a/server/Libraries/Square/ArrayExtensions.cs b/server/Libraries/Square/ArrayExtensions.cs index daeac73..1c991c6 100644 --- a/server/Libraries/Square/ArrayExtensions.cs +++ b/server/Libraries/Square/ArrayExtensions.cs @@ -27,7 +27,7 @@ namespace Square { => Convert.ToBase64String(bytes); public static string ToHexString(this byte[] bytes) - => BitConverter.ToString(bytes).Replace("-", ""); + => BitConverter.ToString(bytes).Replace("-", " "); public static string GetString(this byte[] bytes, bool isUtf8 = true) => isUtf8 ? Encoding.UTF8.GetString(bytes) diff --git a/server/Socks/ActiveConnection.cs b/server/Socks/ActiveConnection.cs index c3b475a..04a2279 100644 --- a/server/Socks/ActiveConnection.cs +++ b/server/Socks/ActiveConnection.cs @@ -4,9 +4,17 @@ using System.Linq; using System.Net.Sockets; using System.Text; using System.Threading.Tasks; +using Kneesocks; +using CircleScape.Encryption; namespace CircleScape { class ActiveConnection : Kneesocks.Connection { + private Cipher Encryptor; + public void Initialize(PendingConnection conn) { + Initialize(conn, false); + Encryptor = conn.Encryptor; + + } } } diff --git a/server/Socks/PendingConnection.cs b/server/Socks/PendingConnection.cs index 7cfb839..948cfb8 100644 --- a/server/Socks/PendingConnection.cs +++ b/server/Socks/PendingConnection.cs @@ -12,7 +12,7 @@ namespace CircleScape { class PendingConnection : Connection { private DateTime ConnectionOpened; private Key Key; - private Cipher Encryptor; + public Cipher Encryptor { get; private set; } = null; protected override void OnOpen() { ConnectionOpened = DateTime.UtcNow; @@ -28,7 +28,10 @@ namespace CircleScape { } protected override void OnReceive(byte[] data) { - var packet = Packet.FromBytes(data); + Packet packet = + Encryptor == null ? Packet.FromBytes(data) + : Packet.FromBytes(Encryptor.Parse(data)); + if(!packet.IsLegal) { Disconnect(Frame.kClosingReason.ProtocolError, "Packet received was not legal."); return;