EonaCat
/
EonaCat.Connections
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added AesPassword

This commit is contained in:
Jeroen Saey 2025-08-21 07:45:14 +02:00
parent bdf2d1b935
commit 9564e2002d
6 changed files with 696 additions and 683 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
EonaCat.Connections.Client/Program.cs
View File

@ -52,7 +52,8 @@ namespace EonaCat.Connections.Client.Example
Host = "127.0.0.1", Host = "127.0.0.1",
Port = 1111, Port = 1111,
UseSsl = false, UseSsl = false,
UseAesEncryption = false, UseAesEncryption = true,
AesPassword = "p@ss",
//ServerCertificate = new System.Security.Cryptography.X509Certificates.X509Certificate2("client.pfx", "p@ss"), //ServerCertificate = new System.Security.Cryptography.X509Certificates.X509Certificate2("client.pfx", "p@ss"),
}; };

3
EonaCat.Connections.Server/Program.cs
View File

@ -37,8 +37,9 @@ namespace EonaCat.Connections.Server.Example
Protocol = ProtocolType.TCP, Protocol = ProtocolType.TCP,
Port = 1111, Port = 1111,
UseSsl = false, UseSsl = false,
UseAesEncryption = false, UseAesEncryption = true,
MaxConnections = 100000, MaxConnections = 100000,
AesPassword = "p@ss",
//ServerCertificate = new System.Security.Cryptography.X509Certificates.X509Certificate2("server.pfx", "p@ss"), //ServerCertificate = new System.Security.Cryptography.X509Certificates.X509Certificate2("server.pfx", "p@ss"),
}; };

20
EonaCat.Connections/Helpers/AesKeyExchange.cs
View File

@ -13,7 +13,7 @@ namespace EonaCat.Connections.Helpers
/// <param name="stream"></param> /// <param name="stream"></param>
/// <param name="aes"></param> /// <param name="aes"></param>
/// <returns></returns> /// <returns></returns>
public static async Task<Aes> SendAesKeyAsync(Stream stream, Aes aes) public static async Task<Aes> SendAesKeyAsync(Stream stream, Aes aes, string password = null)
{ {
var rawKey = aes.Key; var rawKey = aes.Key;
var iv = aes.IV; var iv = aes.IV;
@ -29,8 +29,12 @@ namespace EonaCat.Connections.Helpers
await WriteBytesWithLengthAsync(stream, salt); await WriteBytesWithLengthAsync(stream, salt);
await stream.FlushAsync(); await stream.FlushAsync();
// Derive stronger key using PBKDF2-SHA256 + salt + pepper // Derive key using PBKDF2-SHA256 + salt + password + pepper
var derivedKey = PBKDF2_SHA256(Combine(rawKey, Encoding.UTF8.GetBytes(Pepper)), salt, 100_000, 32); if (string.IsNullOrEmpty(password))
{
password = "EonaCat.Connections";
}
var derivedKey = PBKDF2_SHA256(Combine(Combine(rawKey, Encoding.UTF8.GetBytes(password)), Encoding.UTF8.GetBytes(Pepper)), salt, 100_000, 32);
aes.Key = derivedKey; aes.Key = derivedKey;
return aes; return aes;
@ -41,13 +45,19 @@ namespace EonaCat.Connections.Helpers
/// </summary> /// </summary>
/// <param name="stream"></param> /// <param name="stream"></param>
/// <returns></returns> /// <returns></returns>
public static async Task<Aes> ReceiveAesKeyAsync(Stream stream) public static async Task<Aes> ReceiveAesKeyAsync(Stream stream, string password = null)
{ {
var rawKey = await ReadBytesWithLengthAsync(stream); var rawKey = await ReadBytesWithLengthAsync(stream);
var iv = await ReadBytesWithLengthAsync(stream); var iv = await ReadBytesWithLengthAsync(stream);
var salt = await ReadBytesWithLengthAsync(stream); var salt = await ReadBytesWithLengthAsync(stream);
var derivedKey = PBKDF2_SHA256(Combine(rawKey, Encoding.UTF8.GetBytes(Pepper)), salt, 100_000, 32); if (string.IsNullOrEmpty(password))
{
password = "EonaCat.Connections";
}
// Derived key using PBKDF2-SHA256 + salt + password + pepper
var derivedKey = PBKDF2_SHA256(Combine(Combine(rawKey, Encoding.UTF8.GetBytes(password)), Encoding.UTF8.GetBytes(Pepper)), salt, 100_000, 32);
Aes _aesEncryption = Aes.Create(); Aes _aesEncryption = Aes.Create();
_aesEncryption.Key = derivedKey; _aesEncryption.Key = derivedKey;

1
EonaCat.Connections/Models/Configuration.cs
View File

@ -23,5 +23,6 @@ namespace EonaCat.Connections.Models
// For testing purposes, allow self-signed certificates // For testing purposes, allow self-signed certificates
public bool IsSelfSignedEnabled { get; set; } = true; public bool IsSelfSignedEnabled { get; set; } = true;
public string AesPassword { get; set; }
} }
} }

2
EonaCat.Connections/NetworkClient.cs
View File

@ -79,7 +79,7 @@ namespace EonaCat.Connections
{ {
try try
{ {
_aesEncryption = await AesKeyExchange.ReceiveAesKeyAsync(stream); _aesEncryption = await AesKeyExchange.ReceiveAesKeyAsync(stream, _config.AesPassword);
} }
catch (Exception ex) catch (Exception ex)
{ {

2
EonaCat.Connections/NetworkServer.cs
View File

@ -160,7 +160,7 @@ namespace EonaCat.Connections
client.IsEncrypted = true; client.IsEncrypted = true;
// Securely send raw AES key + IV + salt // Securely send raw AES key + IV + salt
await AesKeyExchange.SendAesKeyAsync(stream, client.AesEncryption); await AesKeyExchange.SendAesKeyAsync(stream, client.AesEncryption, _config.AesPassword);
} }
catch (Exception ex) catch (Exception ex)
{ {