Unity-Technologies
diff --git a/‎MLAPI/Data/MLAPIConstants.cs
Lines changed: 18 additions & 3 deletions b/‎MLAPI/Data/MLAPIConstants.cs
Lines changed: 18 additions & 3 deletions
diff --git a/‎MLAPI/Data/SecuritySendFlags.cs
Lines changed: 12 additions & 0 deletions b/‎MLAPI/Data/SecuritySendFlags.cs
Lines changed: 12 additions & 0 deletions
diff --git a/‎MLAPI/MLAPI.csproj
Lines changed: 1 addition & 1 deletion b/‎MLAPI/MLAPI.csproj
Lines changed: 1 addition & 1 deletion
diff --git a/‎MLAPI/MonoBehaviours/Core/NetworkedBehaviour.cs
Lines changed: 7 additions & 7 deletions b/‎MLAPI/MonoBehaviours/Core/NetworkedBehaviour.cs
Lines changed: 7 additions & 7 deletions
diff --git a/‎MLAPI/MonoBehaviours/Core/NetworkingManager.cs
Lines changed: 41 additions & 39 deletions b/‎MLAPI/MonoBehaviours/Core/NetworkingManager.cs
Lines changed: 41 additions & 39 deletions
diff --git a/‎MLAPI/NetworkingManagerComponents/Core/InternalMessageHandler.Receive.cs
Lines changed: 2 additions & 2 deletions b/‎MLAPI/NetworkingManagerComponents/Core/InternalMessageHandler.Receive.cs
Lines changed: 2 additions & 2 deletions
@@ -28,9 +28,10 @@ public static class MLAPIConstants
         public const byte MLAPI_SERVER_RPC = 16;
         public const byte MLAPI_CLIENT_RPC = 17;
         public const byte MLAPI_CUSTOM_MESSAGE = 18;
+        public const byte INVALID = 32;
 
         public static readonly string[] MESSAGE_NAMES = {
-            "MLAPI_CERTIFICATE_HAIL",
+            "MLAPI_CERTIFICATE_HAIL", // 0
             "MLAPI_CERTIFICATE_HAIL_RESPONSE",
             "MLAPI_GREETINGS",
             "MLAPI_CONNECTION_REQUEST",
@@ -46,9 +47,23 @@ public static class MLAPIConstants
             "MLAPI_TIME_SYNC",
             "MLAPI_NETWORKED_VAR_DELTA",
             "MLAPI_NETWORKED_VAR_UPDATE",
-            "MLAPI_SERVER_RPC",
+            "MLAPI_SERVER_RPC", // 16
             "MLAPI_CLIENT_RPC",
-            "MLAPI_CUSTOM_MESSAGE"
+            "MLAPI_CUSTOM_MESSAGE",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "INVALID" // 32
         };
 #pragma warning restore CS1591 // Missing XML comment for publicly visible type or member
     }
 
@@ -0,0 +1,12 @@
+using System;
+
+namespace MLAPI.Data
+{
+    [Flags]
+    public enum SecuritySendFlags
+    {
+        None = 0x0,
+        Encrypted = 0x1,
+        Authenticated = 0x2
+    }
+}
@@ -91,6 +91,7 @@
     <Compile Include="Data\NetworkedVar.cs" />
     <Compile Include="Data\NetworkedVarMeta.cs" />
     <Compile Include="Data\PendingClient.cs" />
+    <Compile Include="Data\SecuritySendFlags.cs" />
     <Compile Include="Data\Transports\ChannelType.cs" />
     <Compile Include="Data\FixedQueue.cs" />
     <Compile Include="Data\Transports\DefaultTransport.cs" />
@@ -119,7 +120,6 @@
     <Compile Include="NetworkingManagerComponents\Binary\IBitWritable.cs" />
     <Compile Include="NetworkingManagerComponents\Binary\ResourcePool.cs" />
     <Compile Include="NetworkingManagerComponents\Binary\UIntFloat.cs" />
-    <Compile Include="NetworkingManagerComponents\Core\InternalSecuritySendOptions.cs" />
     <Compile Include="NetworkingManagerComponents\Core\LogHelper.cs" />
     <Compile Include="NetworkingManagerComponents\Cryptography\CryptographyHelper.cs" />
     <Compile Include="NetworkingManagerComponents\Cryptography\DiffieHellman.cs" />
 
@@ -313,9 +313,9 @@ internal void NetworkedVarUpdate()
                             if (writtenAny)
                             {
                                 if (isServer)
-                                    InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_NETWORKED_VAR_DELTA, channelsForVarGroups[j], stream, new InternalSecuritySendOptions(false, false));
+                                    InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_NETWORKED_VAR_DELTA, channelsForVarGroups[j], stream, SecuritySendFlags.None);
                                 else
-                                    InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_NETWORKED_VAR_DELTA, channelsForVarGroups[j], stream, new InternalSecuritySendOptions(false, false));   
+                                    InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_NETWORKED_VAR_DELTA, channelsForVarGroups[j], stream, SecuritySendFlags.None);   
                             }
                         }
                     }
@@ -691,7 +691,7 @@ internal void SendServerRPCPerformance(ulong hash, Stream messageStream)
                     }
                     else
                     {
-                        InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_SERVER_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));
+                        InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_SERVER_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);
                     }
                 }
             }
@@ -727,7 +727,7 @@ internal void SendClientRPCPerformance(ulong hash,  List<uint> clientIds, Stream
                             }
                             else
                             {
-                                InternalMessageHandler.Send(NetworkingManager.singleton.ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));
+                                InternalMessageHandler.Send(NetworkingManager.singleton.ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);
                             }
                         }
                     }
@@ -742,7 +742,7 @@ internal void SendClientRPCPerformance(ulong hash,  List<uint> clientIds, Stream
                             }
                             else
                             {
-                                InternalMessageHandler.Send(clientIds[i], MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));
+                                InternalMessageHandler.Send(clientIds[i], MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);
                             }
                         }
                     }
@@ -781,7 +781,7 @@ internal void SendClientRPCPerformance(ulong hash, Stream messageStream, uint cl
                         }
                         else
                         {
-                            InternalMessageHandler.Send(NetworkingManager.singleton.ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));
+                            InternalMessageHandler.Send(NetworkingManager.singleton.ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);
                         }
                     }
                 }
@@ -814,7 +814,7 @@ internal void SendClientRPCPerformance(ulong hash, uint clientId, Stream message
                     }
                     else
                     {
-                        InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));
+                        InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);
                     }
                 }
             }
 
@@ -171,14 +171,14 @@ public void SendCustomMessage(List<uint> clientIds, Stream stream, string channe
             {
                 for (int i = 0; i < ConnectedClientsList.Count; i++)
                 {
-                    InternalMessageHandler.Send(ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, new InternalSecuritySendOptions(false, false));
+                    InternalMessageHandler.Send(ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, SecuritySendFlags.None);
                 }
             }
             else
             {
                 for (int i = 0; i < clientIds.Count; i++)
                 {
-                    InternalMessageHandler.Send(clientIds[i], MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, new InternalSecuritySendOptions(false, false));
+                    InternalMessageHandler.Send(clientIds[i], MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, SecuritySendFlags.None);
                 }
             }
         }
@@ -191,7 +191,7 @@ public void SendCustomMessage(List<uint> clientIds, Stream stream, string channe
         /// <param name="channel">The channel tos end the data on</param>
         public void SendCustomMessage(uint clientId, Stream stream, string channel = "MLAPI_DEFAULT_MESSAGE")
         {
-            InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, new InternalSecuritySendOptions(false, false));
+            InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, SecuritySendFlags.None);
         }
 
         internal byte[] clientAesKey;
@@ -721,7 +721,7 @@ private void Update()
                                                 }
                                             }
                                             // Send the hail
-                                            InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CERTIFICATE_HAIL, "MLAPI_INTERNAL", hailStream, new InternalSecuritySendOptions(false, false), true);
+                                            InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CERTIFICATE_HAIL, "MLAPI_INTERNAL", hailStream, SecuritySendFlags.None, true);
                                         }
                                     }
                                     else
@@ -811,7 +811,7 @@ internal void SendConnectionRequest()
                         writer.WriteByteArray(NetworkConfig.ConnectionData);
                 }
 
-                InternalMessageHandler.Send(ServerClientId, MLAPIConstants.MLAPI_CONNECTION_REQUEST, "MLAPI_INTERNAL", stream, new InternalSecuritySendOptions(true, false), true);
+                InternalMessageHandler.Send(ServerClientId, MLAPIConstants.MLAPI_CONNECTION_REQUEST, "MLAPI_INTERNAL", stream, SecuritySendFlags.Encrypted | SecuritySendFlags.Authenticated, true);
             }
         }
 
@@ -848,48 +848,50 @@ private void HandleIncomingData(uint clientId, byte[] data, int channelId, int t
                         byte messageType;
                         bool encrypted = headerReader.ReadBit();
                         bool authenticated = headerReader.ReadBit();
-                        if (encrypted && NetworkConfig.EnableEncryption)
+                        if ((encrypted || authenticated) && NetworkConfig.EnableEncryption)
                         {
                             headerReader.SkipPadBits();
-                            headerReader.ReadByteArray(IVBuffer, 16);
-                            stream = new BitStream(encryptionBuffer);
-                            using (RijndaelManaged rijndael = new RijndaelManaged())
+
+                            if (authenticated)
                             {
-                                rijndael.Padding = PaddingMode.PKCS7;
-                                rijndael.Key = isServer ? (ConnectedClients.ContainsKey(clientId) ? ConnectedClients[clientId].AesKey : PendingClients[clientId].AesKey) : clientAesKey;
-                                rijndael.IV = IVBuffer;
-                                using (CryptoStream cryptoStream = new CryptoStream(bitStream, rijndael.CreateDecryptor(), CryptoStreamMode.Read))
+                                using (HMACSHA256 hmac = new HMACSHA256(isServer ? ConnectedClients[clientId].AesKey : clientAesKey))
                                 {
-                                    int readByte = 0;
-                                    while ((readByte = cryptoStream.ReadByte()) != -1)
-                                        stream.WriteByte((byte)readByte);
+                                    headerReader.ReadByteArray(HMACBuffer, 32);
+                                    // 32 is the size of the hmac. The IV is also included in the HMAC if the message is also encrypted.
+                                    byte[] hmacBytes = hmac.ComputeHash(bitStream.GetBuffer(), (32 + 1), totalSize - (32 + 1));
+                                    for (int i = 0; i < hmacBytes.Length; i++)
+                                    {
+                                        if (hmacBytes[i] != HMACBuffer[i])
+                                        {
+                                            if (LogHelper.CurrentLogLevel <= LogLevel.Normal) LogHelper.LogWarning("HMAC authentication code did not match");
+                                            return;
+                                        }
+                                    }
                                 }
                             }
-
-                            using (PooledBitReader reader = PooledBitReader.Get(stream))
-                            {
-                                messageType = reader.ReadByteDirect();
-                            }
-                        }
-                        else if (authenticated && NetworkConfig.EnableEncryption)
-                        {
-                            headerReader.SkipPadBits();
-                            using (HMACSHA256 hmac = new HMACSHA256(isServer ? ConnectedClients[clientId].AesKey : clientAesKey))
+                            
+                            if (encrypted)
                             {
-                                headerReader.ReadByteArray(HMACBuffer, 32);
-                                // 1 is the size of the header. 32 is the size of the hmac
-                                byte[] hmacBytes = hmac.ComputeHash(bitStream.GetBuffer(), 1 + 32, totalSize - (1 + 32));
-                                for (int i = 0; i < hmacBytes.Length; i++)
+                                headerReader.ReadByteArray(IVBuffer, 16);
+                                stream = new BitStream(encryptionBuffer);
+                                using (RijndaelManaged rijndael = new RijndaelManaged())
                                 {
-                                    if (hmacBytes[i] != HMACBuffer[i])
+                                    rijndael.Padding = PaddingMode.PKCS7;
+                                    rijndael.Key = isServer ? (ConnectedClients.ContainsKey(clientId) ? ConnectedClients[clientId].AesKey : PendingClients[clientId].AesKey) : clientAesKey;
+                                    rijndael.IV = IVBuffer;
+                                    using (CryptoStream cryptoStream = new CryptoStream(bitStream, rijndael.CreateDecryptor(), CryptoStreamMode.Read))
                                     {
-                                        if (LogHelper.CurrentLogLevel <= LogLevel.Normal) LogHelper.LogWarning("HMAC authentication code did not match");
-                                        return;
+                                        int readByte = 0;
+                                        while ((readByte = cryptoStream.ReadByte()) != -1)
+                                            stream.WriteByte((byte) readByte);
                                     }
                                 }
                             }
-
-                            messageType = headerReader.ReadByteDirect();
+                            
+                            using (PooledBitReader bodyReader = PooledBitReader.Get(stream))
+                            {
+                                messageType = bodyReader.ReadByteDirect();
+                            }
                         }
                         else
                         {
@@ -1047,7 +1049,7 @@ internal void OnClientDisconnectFromServer(uint clientId)
                     using (PooledBitWriter writer = PooledBitWriter.Get(stream))
                     {
                         writer.WriteUInt32Packed(clientId);
-                        InternalMessageHandler.Send(MLAPIConstants.MLAPI_CLIENT_DISCONNECT, "MLAPI_INTERNAL", clientId, stream, new InternalSecuritySendOptions(false, false));
+                        InternalMessageHandler.Send(MLAPIConstants.MLAPI_CLIENT_DISCONNECT, "MLAPI_INTERNAL", clientId, stream, SecuritySendFlags.None);
                     }
                 }
             }
@@ -1063,7 +1065,7 @@ private void SyncTime()
                     writer.WriteSinglePacked(NetworkTime);
                     int timestamp = NetworkConfig.NetworkTransport.GetNetworkTimestamp();
                     writer.WriteInt32Packed(timestamp);
-                    InternalMessageHandler.Send(MLAPIConstants.MLAPI_TIME_SYNC, "MLAPI_TIME_SYNC", stream, new InternalSecuritySendOptions(false, false));
+                    InternalMessageHandler.Send(MLAPIConstants.MLAPI_TIME_SYNC, "MLAPI_TIME_SYNC", stream, SecuritySendFlags.None);
                 }
             }
         }
@@ -1141,7 +1143,7 @@ internal void HandleApproval(uint clientId, int prefabId, bool approved, Vector3
                             }
                         }
 
-                        InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CONNECTION_APPROVED, "MLAPI_INTERNAL", stream, new InternalSecuritySendOptions(true, false), true);
+                        InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CONNECTION_APPROVED, "MLAPI_INTERNAL", stream, SecuritySendFlags.Encrypted | SecuritySendFlags.Authenticated, true);
 
                         if (OnClientConnectedCallback != null)
                             OnClientConnectedCallback.Invoke(clientId);
@@ -1183,7 +1185,7 @@ internal void HandleApproval(uint clientId, int prefabId, bool approved, Vector3
                             {
                                 writer.WriteUInt32Packed(clientId);
                             }
-                            InternalMessageHandler.Send(clientPair.Key, MLAPIConstants.MLAPI_ADD_OBJECT, "MLAPI_INTERNAL", stream, new InternalSecuritySendOptions(false, false));
+                            InternalMessageHandler.Send(clientPair.Key, MLAPIConstants.MLAPI_ADD_OBJECT, "MLAPI_INTERNAL", stream, SecuritySendFlags.None);
                         }
                     }
                 }
 
@@ -116,7 +116,7 @@ internal static void HandleHailRequest(uint clientId, Stream stream, int channel
                     }
                 }
                 // Send HailResponse
-                InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_CERTIFICATE_HAIL_RESPONSE, "MLAPI_INTERNAL", outStream, new InternalSecuritySendOptions(false, false), true);
+                InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_CERTIFICATE_HAIL_RESPONSE, "MLAPI_INTERNAL", outStream, SecuritySendFlags.None, true);
             }
         }
 
@@ -176,7 +176,7 @@ internal static void HandleHailResponse(uint clientId, Stream stream, int channe
                 {
                     writer.WriteInt64Packed(DateTime.Now.Ticks); // This serves no purpose.
                 }
-                InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_GREETINGS, "MLAPI_INTERNAL", outStream, new InternalSecuritySendOptions(false, false), true);
+                InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_GREETINGS, "MLAPI_INTERNAL", outStream, SecuritySendFlags.None, true);
             }
         }
Original file line number	Diff line number	Diff line change
`@@ -313,9 +313,9 @@ internal void NetworkedVarUpdate()`
`313`	`313`	`if (writtenAny)`
`314`	`314`	`{`
`315`	`315`	`if (isServer)`
`316`		`- InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_NETWORKED_VAR_DELTA, channelsForVarGroups[j], stream, new InternalSecuritySendOptions(false, false));`
	`316`	`+ InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_NETWORKED_VAR_DELTA, channelsForVarGroups[j], stream, SecuritySendFlags.None);`
`317`	`317`	`else`
`318`		`- InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_NETWORKED_VAR_DELTA, channelsForVarGroups[j], stream, new InternalSecuritySendOptions(false, false));`
	`318`	`+ InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_NETWORKED_VAR_DELTA, channelsForVarGroups[j], stream, SecuritySendFlags.None);`
`319`	`319`	`}`
`320`	`320`	`}`
`321`	`321`	`}`
`@@ -691,7 +691,7 @@ internal void SendServerRPCPerformance(ulong hash, Stream messageStream)`
`691`	`691`	`}`
`692`	`692`	`else`
`693`	`693`	`{`
`694`		`- InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_SERVER_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));`
	`694`	`+ InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_SERVER_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);`
`695`	`695`	`}`
`696`	`696`	`}`
`697`	`697`	`}`
`@@ -727,7 +727,7 @@ internal void SendClientRPCPerformance(ulong hash, List<uint> clientIds, Stream`
`727`	`727`	`}`
`728`	`728`	`else`
`729`	`729`	`{`
`730`		`- InternalMessageHandler.Send(NetworkingManager.singleton.ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));`
	`730`	`+ InternalMessageHandler.Send(NetworkingManager.singleton.ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);`
`731`	`731`	`}`
`732`	`732`	`}`
`733`	`733`	`}`
`@@ -742,7 +742,7 @@ internal void SendClientRPCPerformance(ulong hash, List<uint> clientIds, Stream`
`742`	`742`	`}`
`743`	`743`	`else`
`744`	`744`	`{`
`745`		`- InternalMessageHandler.Send(clientIds[i], MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));`
	`745`	`+ InternalMessageHandler.Send(clientIds[i], MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);`
`746`	`746`	`}`
`747`	`747`	`}`
`748`	`748`	`}`
`@@ -781,7 +781,7 @@ internal void SendClientRPCPerformance(ulong hash, Stream messageStream, uint cl`
`781`	`781`	`}`
`782`	`782`	`else`
`783`	`783`	`{`
`784`		`- InternalMessageHandler.Send(NetworkingManager.singleton.ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));`
	`784`	`+ InternalMessageHandler.Send(NetworkingManager.singleton.ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);`
`785`	`785`	`}`
`786`	`786`	`}`
`787`	`787`	`}`
`@@ -814,7 +814,7 @@ internal void SendClientRPCPerformance(ulong hash, uint clientId, Stream message`
`814`	`814`	`}`
`815`	`815`	`else`
`816`	`816`	`{`
`817`		`- InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, new InternalSecuritySendOptions(false, false));`
	`817`	`+ InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CLIENT_RPC, "MLAPI_DEFAULT_MESSAGE", stream, SecuritySendFlags.None);`
`818`	`818`	`}`
`819`	`819`	`}`
`820`	`820`	`}`
Original file line number	Diff line number	Diff line change
`@@ -171,14 +171,14 @@ public void SendCustomMessage(List<uint> clientIds, Stream stream, string channe`
`171`	`171`	`{`
`172`	`172`	`for (int i = 0; i < ConnectedClientsList.Count; i++)`
`173`	`173`	`{`
`174`		`- InternalMessageHandler.Send(ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, new InternalSecuritySendOptions(false, false));`
	`174`	`+ InternalMessageHandler.Send(ConnectedClientsList[i].ClientId, MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, SecuritySendFlags.None);`
`175`	`175`	`}`
`176`	`176`	`}`
`177`	`177`	`else`
`178`	`178`	`{`
`179`	`179`	`for (int i = 0; i < clientIds.Count; i++)`
`180`	`180`	`{`
`181`		`- InternalMessageHandler.Send(clientIds[i], MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, new InternalSecuritySendOptions(false, false));`
	`181`	`+ InternalMessageHandler.Send(clientIds[i], MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, SecuritySendFlags.None);`
`182`	`182`	`}`
`183`	`183`	`}`
`184`	`184`	`}`
`@@ -191,7 +191,7 @@ public void SendCustomMessage(List<uint> clientIds, Stream stream, string channe`
`191`	`191`	`/// <param name="channel">The channel tos end the data on</param>`
`192`	`192`	`public void SendCustomMessage(uint clientId, Stream stream, string channel = "MLAPI_DEFAULT_MESSAGE")`
`193`	`193`	`{`
`194`		`- InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, new InternalSecuritySendOptions(false, false));`
	`194`	`+ InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CUSTOM_MESSAGE, channel, stream, SecuritySendFlags.None);`
`195`	`195`	`}`
`196`	`196`
`197`	`197`	`internal byte[] clientAesKey;`
`@@ -721,7 +721,7 @@ private void Update()`
`721`	`721`	`}`
`722`	`722`	`}`
`723`	`723`	`// Send the hail`
`724`		`- InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CERTIFICATE_HAIL, "MLAPI_INTERNAL", hailStream, new InternalSecuritySendOptions(false, false), true);`
	`724`	`+ InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CERTIFICATE_HAIL, "MLAPI_INTERNAL", hailStream, SecuritySendFlags.None, true);`
`725`	`725`	`}`
`726`	`726`	`}`
`727`	`727`	`else`
`@@ -811,7 +811,7 @@ internal void SendConnectionRequest()`
`811`	`811`	`writer.WriteByteArray(NetworkConfig.ConnectionData);`
`812`	`812`	`}`
`813`	`813`
`814`		`- InternalMessageHandler.Send(ServerClientId, MLAPIConstants.MLAPI_CONNECTION_REQUEST, "MLAPI_INTERNAL", stream, new InternalSecuritySendOptions(true, false), true);`
	`814`	`+ InternalMessageHandler.Send(ServerClientId, MLAPIConstants.MLAPI_CONNECTION_REQUEST, "MLAPI_INTERNAL", stream, SecuritySendFlags.Encrypted \| SecuritySendFlags.Authenticated, true);`
`815`	`815`	`}`
`816`	`816`	`}`
`817`	`817`
`@@ -848,48 +848,50 @@ private void HandleIncomingData(uint clientId, byte[] data, int channelId, int t`
`848`	`848`	`byte messageType;`
`849`	`849`	`bool encrypted = headerReader.ReadBit();`
`850`	`850`	`bool authenticated = headerReader.ReadBit();`
`851`		`- if (encrypted && NetworkConfig.EnableEncryption)`
	`851`	`+ if ((encrypted \|\| authenticated) && NetworkConfig.EnableEncryption)`
`852`	`852`	`{`
`853`	`853`	`headerReader.SkipPadBits();`
`854`		`- headerReader.ReadByteArray(IVBuffer, 16);`
`855`		`- stream = new BitStream(encryptionBuffer);`
`856`		`- using (RijndaelManaged rijndael = new RijndaelManaged())`
	`854`	`+`
	`855`	`+ if (authenticated)`
`857`	`856`	`{`
`858`		`- rijndael.Padding = PaddingMode.PKCS7;`
`859`		`- rijndael.Key = isServer ? (ConnectedClients.ContainsKey(clientId) ? ConnectedClients[clientId].AesKey : PendingClients[clientId].AesKey) : clientAesKey;`
`860`		`- rijndael.IV = IVBuffer;`
`861`		`- using (CryptoStream cryptoStream = new CryptoStream(bitStream, rijndael.CreateDecryptor(), CryptoStreamMode.Read))`
	`857`	`+ using (HMACSHA256 hmac = new HMACSHA256(isServer ? ConnectedClients[clientId].AesKey : clientAesKey))`
`862`	`858`	`{`
`863`		`- int readByte = 0;`
`864`		`- while ((readByte = cryptoStream.ReadByte()) != -1)`
`865`		`- stream.WriteByte((byte)readByte);`
	`859`	`+ headerReader.ReadByteArray(HMACBuffer, 32);`
	`860`	`+ // 32 is the size of the hmac. The IV is also included in the HMAC if the message is also encrypted.`
	`861`	`+ byte[] hmacBytes = hmac.ComputeHash(bitStream.GetBuffer(), (32 + 1), totalSize - (32 + 1));`
	`862`	`+ for (int i = 0; i < hmacBytes.Length; i++)`
	`863`	`+ {`
	`864`	`+ if (hmacBytes[i] != HMACBuffer[i])`
	`865`	`+ {`
	`866`	`+ if (LogHelper.CurrentLogLevel <= LogLevel.Normal) LogHelper.LogWarning("HMAC authentication code did not match");`
	`867`	`+ return;`
	`868`	`+ }`
	`869`	`+ }`
`866`	`870`	`}`
`867`	`871`	`}`
`868`		`-`
`869`		`- using (PooledBitReader reader = PooledBitReader.Get(stream))`
`870`		`- {`
`871`		`- messageType = reader.ReadByteDirect();`
`872`		`- }`
`873`		`- }`
`874`		`- else if (authenticated && NetworkConfig.EnableEncryption)`
`875`		`- {`
`876`		`- headerReader.SkipPadBits();`
`877`		`- using (HMACSHA256 hmac = new HMACSHA256(isServer ? ConnectedClients[clientId].AesKey : clientAesKey))`
	`872`	`+`
	`873`	`+ if (encrypted)`
`878`	`874`	`{`
`879`		`- headerReader.ReadByteArray(HMACBuffer, 32);`
`880`		`- // 1 is the size of the header. 32 is the size of the hmac`
`881`		`- byte[] hmacBytes = hmac.ComputeHash(bitStream.GetBuffer(), 1 + 32, totalSize - (1 + 32));`
`882`		`- for (int i = 0; i < hmacBytes.Length; i++)`
	`875`	`+ headerReader.ReadByteArray(IVBuffer, 16);`
	`876`	`+ stream = new BitStream(encryptionBuffer);`
	`877`	`+ using (RijndaelManaged rijndael = new RijndaelManaged())`
`883`	`878`	`{`
`884`		`- if (hmacBytes[i] != HMACBuffer[i])`
	`879`	`+ rijndael.Padding = PaddingMode.PKCS7;`
	`880`	`+ rijndael.Key = isServer ? (ConnectedClients.ContainsKey(clientId) ? ConnectedClients[clientId].AesKey : PendingClients[clientId].AesKey) : clientAesKey;`
	`881`	`+ rijndael.IV = IVBuffer;`
	`882`	`+ using (CryptoStream cryptoStream = new CryptoStream(bitStream, rijndael.CreateDecryptor(), CryptoStreamMode.Read))`
`885`	`883`	`{`
`886`		`- if (LogHelper.CurrentLogLevel <= LogLevel.Normal) LogHelper.LogWarning("HMAC authentication code did not match");`
`887`		`- return;`
	`884`	`+ int readByte = 0;`
	`885`	`+ while ((readByte = cryptoStream.ReadByte()) != -1)`
	`886`	`+ stream.WriteByte((byte) readByte);`
`888`	`887`	`}`
`889`	`888`	`}`
`890`	`889`	`}`
`891`		`-`
`892`		`- messageType = headerReader.ReadByteDirect();`
	`890`	`+`
	`891`	`+ using (PooledBitReader bodyReader = PooledBitReader.Get(stream))`
	`892`	`+ {`
	`893`	`+ messageType = bodyReader.ReadByteDirect();`
	`894`	`+ }`
`893`	`895`	`}`
`894`	`896`	`else`
`895`	`897`	`{`
`@@ -1047,7 +1049,7 @@ internal void OnClientDisconnectFromServer(uint clientId)`
`1047`	`1049`	`using (PooledBitWriter writer = PooledBitWriter.Get(stream))`
`1048`	`1050`	`{`
`1049`	`1051`	`writer.WriteUInt32Packed(clientId);`
`1050`		`- InternalMessageHandler.Send(MLAPIConstants.MLAPI_CLIENT_DISCONNECT, "MLAPI_INTERNAL", clientId, stream, new InternalSecuritySendOptions(false, false));`
	`1052`	`+ InternalMessageHandler.Send(MLAPIConstants.MLAPI_CLIENT_DISCONNECT, "MLAPI_INTERNAL", clientId, stream, SecuritySendFlags.None);`
`1051`	`1053`	`}`
`1052`	`1054`	`}`
`1053`	`1055`	`}`
`@@ -1063,7 +1065,7 @@ private void SyncTime()`
`1063`	`1065`	`writer.WriteSinglePacked(NetworkTime);`
`1064`	`1066`	`int timestamp = NetworkConfig.NetworkTransport.GetNetworkTimestamp();`
`1065`	`1067`	`writer.WriteInt32Packed(timestamp);`
`1066`		`- InternalMessageHandler.Send(MLAPIConstants.MLAPI_TIME_SYNC, "MLAPI_TIME_SYNC", stream, new InternalSecuritySendOptions(false, false));`
	`1068`	`+ InternalMessageHandler.Send(MLAPIConstants.MLAPI_TIME_SYNC, "MLAPI_TIME_SYNC", stream, SecuritySendFlags.None);`
`1067`	`1069`	`}`
`1068`	`1070`	`}`
`1069`	`1071`	`}`
`@@ -1141,7 +1143,7 @@ internal void HandleApproval(uint clientId, int prefabId, bool approved, Vector3`
`1141`	`1143`	`}`
`1142`	`1144`	`}`
`1143`	`1145`
`1144`		`- InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CONNECTION_APPROVED, "MLAPI_INTERNAL", stream, new InternalSecuritySendOptions(true, false), true);`
	`1146`	`+ InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_CONNECTION_APPROVED, "MLAPI_INTERNAL", stream, SecuritySendFlags.Encrypted \| SecuritySendFlags.Authenticated, true);`
`1145`	`1147`
`1146`	`1148`	`if (OnClientConnectedCallback != null)`
`1147`	`1149`	`OnClientConnectedCallback.Invoke(clientId);`
`@@ -1183,7 +1185,7 @@ internal void HandleApproval(uint clientId, int prefabId, bool approved, Vector3`
`1183`	`1185`	`{`
`1184`	`1186`	`writer.WriteUInt32Packed(clientId);`
`1185`	`1187`	`}`
`1186`		`- InternalMessageHandler.Send(clientPair.Key, MLAPIConstants.MLAPI_ADD_OBJECT, "MLAPI_INTERNAL", stream, new InternalSecuritySendOptions(false, false));`
	`1188`	`+ InternalMessageHandler.Send(clientPair.Key, MLAPIConstants.MLAPI_ADD_OBJECT, "MLAPI_INTERNAL", stream, SecuritySendFlags.None);`
`1187`	`1189`	`}`
`1188`	`1190`	`}`
`1189`	`1191`	`}`
Original file line number	Diff line number	Diff line change
`@@ -116,7 +116,7 @@ internal static void HandleHailRequest(uint clientId, Stream stream, int channel`
`116`	`116`	`}`
`117`	`117`	`}`
`118`	`118`	`// Send HailResponse`
`119`		`- InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_CERTIFICATE_HAIL_RESPONSE, "MLAPI_INTERNAL", outStream, new InternalSecuritySendOptions(false, false), true);`
	`119`	`+ InternalMessageHandler.Send(NetworkingManager.singleton.ServerClientId, MLAPIConstants.MLAPI_CERTIFICATE_HAIL_RESPONSE, "MLAPI_INTERNAL", outStream, SecuritySendFlags.None, true);`
`120`	`120`	`}`
`121`	`121`	`}`
`122`	`122`
`@@ -176,7 +176,7 @@ internal static void HandleHailResponse(uint clientId, Stream stream, int channe`
`176`	`176`	`{`
`177`	`177`	`writer.WriteInt64Packed(DateTime.Now.Ticks); // This serves no purpose.`
`178`	`178`	`}`
`179`		`- InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_GREETINGS, "MLAPI_INTERNAL", outStream, new InternalSecuritySendOptions(false, false), true);`
	`179`	`+ InternalMessageHandler.Send(clientId, MLAPIConstants.MLAPI_GREETINGS, "MLAPI_INTERNAL", outStream, SecuritySendFlags.None, true);`
`180`	`180`	`}`
`181`	`181`	`}`
`182`	`182`