Automatic certificate generation & bug fixes

Author: ReferenceType

Benchmarks/RelayBenchmark/Program.cs

@@ -189,11 +189,11 @@ private static void RelayTest()
 
             var cert = new X509Certificate2("client.pfx", "greenpass");
             var scert = new X509Certificate2("server.pfx", "greenpass");
-            var server = new SecureProtoRelayServer(20020, scert);
-            server.StartServer();
+            //var server = new SecureProtoRelayServer(20020, scert);
+            //server.StartServer();
             //Task.Run(async () => { while (true) { await Task.Delay(10000); server.GetTcpStatistics(out var generalStats, out _); Console.WriteLine(generalStats.ToString()); } });
             var clients = new List<RelayClient>();
-            int numclients = 2;
+            int numclients = 30;
             var pending = new Task[numclients];
             Task.Run(async () => { while (true) { await Task.Delay(1000); Console.WriteLine(Interlocked.Exchange(ref sumsum, 0).ToString("N0")); } });
 
@@ -208,7 +208,7 @@ private static void RelayTest()
                 try
                 {
                     pending[i] = client.ConnectAsync(ip, 20020);
-                    //client.StartPingService();
+                    client.StartPingService();
                     // client.Connect(ip, 20011);
                     clients.Add(client);
                     //client.StartPingService();
@@ -235,10 +235,10 @@ private static void RelayTest()
                         if (peer.Key == Guid.Empty)
                             throw new Exception();
 
-                        // var a = client.RequestTcpHolePunchAsync(peer.Key);
-                        // pndg.Add(a);
-                        var aa = client.RequestHolePunchAsync(peer.Key, 10000, false);
-                        pndg.Add(aa);
+                         var a = client.RequestTcpHolePunchAsync(peer.Key);
+                         pndg.Add(a);
+                       // var aa = client.RequestHolePunchAsync(peer.Key, 10000, false);
+                        //pndg.Add(aa);
                         //client.TestHP(peer.Key, 10000, false);
                         //  Console.WriteLine(peer.Key+" cnt=> "+ ++cc);
                     }
@@ -258,7 +258,7 @@ private static void RelayTest()
                 var testMessage = new MessageEnvelope()
                 {
                     Header = "Test",
-                    Payload = new byte[320000]
+                    Payload = new byte[320]
                 };
                 for (int i = 0; i < testMessage.PayloadCount; i++)
                 {
@@ -270,8 +270,8 @@ private static void RelayTest()
                     foreach (var peer in client.Peers.Keys)
                     {
                         //await client.SendRequestAndWaitResponse(peer, testMessage,1000);
-                      //  client.SendAsyncMessage(peer, testMessage);
-                      client.SendUdpMessage(peer, testMessage);
+                        client.SendAsyncMessage(peer, testMessage);
+                      //client.SendUdpMessage(peer, testMessage);
                       // client.SendRudpMessage(peer, testMessage);
                         //  client.BroadcastMessage(testMessage);
                         //client.BroadcastUdpMessage(testMessage);

Benchmarks/SslBenchmark/Program.cs

@@ -1,4 +1,5 @@
-using NetworkLibrary.Components.Statistics;
+using NetworkLibrary.Components.Crypto.Certificate;
+using NetworkLibrary.Components.Statistics;
 using NetworkLibrary.TCP.SSL.ByteMessage;
 using NetworkLibrary.Utils;
 using System.Diagnostics;
@@ -88,7 +89,7 @@ private static void InitializeClients()
         {
             clientMessage = new byte[messageSize];
             clients = new List<SslByteMessageClient>();
-            var ccert = new X509Certificate2("client.pfx", "greenpass");
+            var ccert = CertificateGenerator.GenerateSelfSignedCertificate();//new X509Certificate2("client.pfx", "greenpass");
 
             for (int i = 0; i < numClients; i++)
             {
@@ -133,7 +134,7 @@ private static void InitializeServer()
             fixedMessage = isFixedMessage ? new byte[fixedMessageSize] : new byte[0];
             var scert = new X509Certificate2("server.pfx", "greenpass");
 
-            server = new SslByteMessageServer(port, scert);
+            server = new SslByteMessageServer(port);
             server.RemoteCertificateValidationCallback
                 += ValidateCertAsClient;
 

NetworkLibrary/Components/ConcurrentAesAlgorithm.cs

@@ -34,6 +34,7 @@ private byte[] GenerateIV(byte[] key)
         {
             SHA256 sHA = SHA256.Create();
             var hash = sHA.ComputeHash(key);
+            sHA.Dispose();
             return ByteCopy.ToArray(hash, 0, 16);
         }
 

NetworkLibrary/Components/Crypto/AesManager.cs

@@ -2,6 +2,7 @@
 using System.Collections.Concurrent;
 using System.Collections.Generic;
 using System.Drawing;
+using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using NetworkLibrary.Components.Crypto.Algorithms;
 using NetworkLibrary.Utils;
@@ -19,6 +20,7 @@ internal class AesManager:IAesEngine
 
         public AesManager(byte[] Key,byte[] IV, AesMode mode) 
         {
+
             this.Key = Key;
             this.IV = IV;
             this.AesMode = mode;
@@ -46,10 +48,7 @@ private IAesAlgorithm Create()
                     return new AesCbcRandIVAlgorithm(Key, IV);
                 case AesMode.GCM:
                     //return new AesGcmManagedAlgorithm(Key, IV);
-#if NETSTANDARD2_1_OR_GREATER
-                    return new AesGcmAlgorithm(Key,IV);
-
-#elif NET5_0_OR_GREATER
+#if NETSTANDARD2_1_OR_GREATER || NET5_0_OR_GREATER
                     return new AesGcmAlgorithm(Key,IV);
 #endif
                     return new AesGcmManagedAlgorithm(Key,IV);

NetworkLibrary/Components/Crypto/Algorithms/AesGcmAlgorithm.cs

@@ -9,217 +9,8 @@
 
 namespace NetworkLibrary.Components.Crypto.Algorithms
 {
-#if NETSTANDARD2_1_OR_GREATER
-    internal class AesGcmAlgorithm : IAesAlgorithm
-    {
-
-        public int DecryptorInputBlockSize => 16;
-
-        public int DecryptorOutputBlockSize => 16;
-
-        public int EncryptorInputBlockSize => 16;
-
-        public int EncryptorOutputBlockSize => 16;
-        byte[] iv;
-
-        private AesGcm aes;
-        private AesGcm aes2;
-        const int nonceSize = 12;
-        const int tagSize = 14;
-        public AesGcmAlgorithm(byte[] Key, byte[] IV)
-        {
-            aes = new AesGcm(Key);
-            aes2 = new AesGcm(Key);
-            iv = IV;
-        }
-
-        public byte[] Decrypt(byte[] message)
-        {
-            return Decrypt(message, 0, message.Length);
-        }
-
-        public byte[] Decrypt(byte[] buffer, int offset, int count)
-        {
-            var buff = BufferPool.RentBuffer(count + 256);
-            int am = DecryptInto(buffer, offset, count, buff, 0);
-            var res = ByteCopy.ToArray(buff, 0, am);
-            BufferPool.ReturnBuffer(buff);
-            return res;
-        }
-
-        public void Dispose()
-        {
-            aes?.Dispose();
-            aes2?.Dispose();
-        }
-
-        public byte[] Encrypt(byte[] message)
-        {
-            return Encrypt(message, 0, message.Length);
-        }
-
-        public byte[] Encrypt(byte[] buffer, int offset, int count)
-        {
-            var buff = BufferPool.RentBuffer(count + 256);
-            int am = EncryptInto(buffer, offset, count, buff, 0);
-            var res = ByteCopy.ToArray(buff, 0, am);
-            BufferPool.ReturnBuffer(buff);
-            return res;
-        }
-
-        public int GetEncriptorOutputSize(int inputSize)
-        {
-            return nonceSize + tagSize + inputSize;
-        }
-
-        public int EncryptInto(byte[] data, int offset, int count, byte[] output, int outputOffset)
-        {
-            int cipherSize = count;
-            var non = GenerateNextNonce(out int nonceSize);
-
-            int encryptedDataLength = nonceSize + tagSize + cipherSize;
-            Span<byte> encryptedData;
-            unsafe
-            {
-                fixed (byte* buffer = &output[outputOffset])
-                {
-                    encryptedData = new Span<byte>(buffer, encryptedDataLength);
-                }
-            }
-            Buffer.BlockCopy(non, 4, output, outputOffset, nonceSize);
-
-            var nonce = encryptedData.Slice(0, nonceSize);
-            var tag = encryptedData.Slice(nonceSize + cipherSize, tagSize);
-            var cipherBytes = encryptedData.Slice(nonceSize, cipherSize);
-
-            // RandomNumberGenerator.Fill(nonce);
-
-            unsafe
-            {
-                fixed (byte* buffer = &data[offset])
-                    aes.Encrypt(non, new ReadOnlySpan<byte>(buffer, count), cipherBytes, tag);
-            }
-
-            return encryptedDataLength;
-        }
-        public int EncryptInto(byte[] data, int offset, int count,
-         byte[] data1, int offset1, int count1, byte[] output, int outputOffset)
-        {
-            {
-                var non = GenerateNextNonce(out int nonceSize);
-
-                int cipherSize = count + count1;
-
-                int encryptedDataLength = tagSize + nonceSize + cipherSize;
-                Span<byte> encryptedData = new Span<byte>(output);
-                unsafe
-                {
-                    fixed (byte* buffer = &output[outputOffset])
-                    {
-                        encryptedData = new Span<byte>(buffer, encryptedDataLength);
-                    }
-                }
-                Buffer.BlockCopy(non, 4, output, outputOffset, nonceSize);
-
-                var nonce = encryptedData.Slice(0, nonceSize);
-                var tag = encryptedData.Slice(nonceSize + cipherSize, tagSize);
-                var cipherBytes = encryptedData.Slice(nonceSize, cipherSize);
-
-                byte[] b = BufferPool.RentBuffer(cipherSize);
-                Buffer.BlockCopy(data, offset, b, 0, count);
-                Buffer.BlockCopy(data1, offset1, b, count, count1);
-                // Generate secure nonce
-
-                unsafe
-                {
-                    fixed (byte* buffer = &b[0])
-                        aes.Encrypt(non, new ReadOnlySpan<byte>(buffer, cipherSize), cipherBytes, tag);
-
-                }
-                BufferPool.ReturnBuffer(b);
-                return encryptedDataLength;
-            }
-        }
-        public int DecryptInto(byte[] data, int offset, int count, byte[] output, int outputOffset)
-        {
-            Span<byte> encryptedData;
-            unsafe
-            {
-                fixed (byte* buffer = &data[offset])
-                {
-                    encryptedData = new Span<byte>(buffer, count);
-                }
-            }
-
-            int oldOff = offset;
-            var nonce = ParseNonce(data, ref offset, ref count).AsSpan();
-            int nonceSize = offset - oldOff;
-
-            int cipherSize = encryptedData.Length - nonceSize - tagSize;
-
-            // var nonce = encryptedData.Slice(0, nonceSize);
-            var tag = encryptedData.Slice(nonceSize + cipherSize, tagSize);
-            var cipherBytes = encryptedData.Slice(nonceSize, cipherSize);
-
-            unsafe
-            {
-                fixed (byte* buffer = &output[outputOffset])
-                {
-                    aes2.Decrypt(nonce, cipherBytes, tag, new Span<byte>(buffer, cipherSize));
-                }
-            }
-
-            return cipherSize;
-        }
-
-
-        [ThreadStatic]
-        static byte[] nonce;
-        long ctr = 0;
-
-        private byte[] GetEmptyNonceArray()
-        {
-            if (true || nonce == null)
-            {
-                nonce = new byte[12];
-                nonce[0] = iv[0];
-                nonce[1] = iv[1];
-                nonce[2] = iv[2];
-                nonce[3] = iv[3];
-                return nonce;
-
-            }
-            int off = 4;
-            PrimitiveEncoder.WriteFixedInt64(nonce, ref off, 0);
-            return nonce;
-        }
-        private byte[] GenerateNextNonce(out int encodedCount)
-        {
-            long n = Interlocked.Increment(ref ctr);
-            var nonce = GetEmptyNonceArray();// fill random 4 in begining and 8 0s after
-            int off = 4;
-
-            PrimitiveEncoder.WriteInt64(nonce, ref off, n);// encode counter
-            encodedCount = off - 4;
-            return nonce;
-        }
-        private byte[] ParseNonce(byte[] source, ref int sourceOffset, ref int sourceCount)
-        {
-            var nonce = GetEmptyNonceArray();
-            int oldOff = sourceOffset;
-            PrimitiveEncoder.ReadInt64(source, ref sourceOffset);
-
-            int n = sourceOffset - oldOff;
-            Buffer.BlockCopy(source, oldOff, nonce, 4, n);
-            sourceCount -= n;
 
-            return nonce;
-        }
-
-    }
-
-#endif
-#if NET5_0_OR_GREATER
+#if NET5_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
     internal class AesGcmAlgorithm : IAesAlgorithm
     {