Comments (10)
Hey @LostSoulFly - I've had a lot on lately but will try get back to you on this ASAP.
from networker.
Hey @LostSoulFly
Thanks for your interest in the library, would love to see any contributions others have to make.
Haven't given the encryption much thought as I haven't had a requirement for it yet.
A few thoughts..
- Should encryption be done per packet type or for the whole instance of the server? Or both are optional?
- Use interfaces for code around encryption rather than concrete Inferno implementation.
- I see here that .NET standard support for Inferno is still being worked on. To be merged into the main repo the implementation will need to support .NET standard.
from networker.
I see that .Net Standard added some nice additions, so while I haven't implemented it before, I don't think it would be too tough.
I would, personally, opt to encrypt everything rather than individual packet types. I would likely use RSA to create key pairs, sign the public keys, exchange them, create an AES key on one side, sign and encrypt it with RSA, send it to the other user, verify it, then use AES for the rest of the encryption. At this point, I would look at saving the public key on both ends for future use as well. This could probably be expanded to support other crypto providers for exchange, signing, and encryption. However, those are the two I've been researching the most.
from networker.
I've done some research and found NETCore.Encrypt. It looks like it should support the same targets as Networker.
I've added the ability to encrypt/decrypt Byte arrays in NETCore.Encrypt, where it previously only handled strings, so that should make things even easier and more performant without constant conversion to strings and back.
I've never used Interfaces in C# but I believe I understand how they work. I don't, however, know how I should use them to implement encryption. I'd like the encryption to be as transparent as possible so whether you call Send, SendAndHandleResponse or Broadcast while encryption is enabled and setup on both ends that it just works.
I'm still trying to figure out how best to implement it with minimal changes to existing methods. I'm thinking about creating Networker.Common.AesHandler and adding it to each TcpConnection and setting up AesHandler for each socket with unique keys/IVs, and then adding a new Packet De/Serializer methods to do the encryption/decryption before deserialization and after serialization, which would require passing connection-specific Key/IV. This would mean I'd need to prepend some data onto each packet, like whether the packet was encrypted (which would also need to be applied to the original De/Serializer methods), and the encrypted length. This could be expanded to include a unique identifier for each endpoint to solve some UDP encryption issues.
Adding the encryption to UDP adds some challenges such as determining which decryption key must be used prior to decrypting and seeing who it's from unless all clients are using the same key. Also packet segmentation?
Any insight or advice on how best to proceed to ensure this can be merged down the road is most appreciated. I could certainly do it my own way and hack it together but I'd really like to contribute in a meaningful way so others can benefit.
from networker.
NETCore.Encrypt looks like a solid library which will be suitable. Let's assume for now that if encryption is enabled then every packet going through the library will be encrypted.
There are various benefits to using interfaces. We can use dependency injection to register our encryption handlers and hopefully we can support multiple encryption types.
For example, we might have an interface such as IPacketEncryptor.
public interface IPacketEncryptor
{
byte[] Encrypt(NetworkerPacketBase packetBase);
}
From this, we can create an MD5PacketEncryptor class and an AESPacketEncryptor class. Then inside the NetworkerServerBuilder class we can add new methods such as UseMd5Encryption() and UseAesEncryption(). These methods will register the encryption implementation with the IOC container.
We can create a factory class for providing the packet encryptor and decryptor.
public interface IPacketEncryption
{
IPacketEncryptor GetEncryptor();
IPacketDecryptor GetDecryptor();
byte[] GenerateKey();
void SetKey(byte[] key);
}
I think the best place to deserialize the packets will be before they are passed to the packet handlers, such as in NetworkerServerBase.HandlePacket method. This means the IPacketEncryption needs to be injected into the NetworkerServerBase class so we can call them.
IPacketEncryption will probably have to be injected into TcpConnection and UdpConnection as that is also where packets are sent. Each time we inject the IPacketEncryption the dependency injection library will create a new instance, so we can set the key for each connection.
As far as UDP goes, I think we can make the assumption for now that the user already knows the key and there is one global key for the whole instance of Networker. This means hard-coding or adding as configuration. We can revisit this in the future.
from networker.
I've done a bunch of reading on IoC and it's currently above my skill level to implement it as you've laid out above, unfortunately. I'm not sure how to inject/resolve it into the TcpConnection and UdpConnection instances.
from networker.
@LostSoulFly I'll try and take a look at this soon and see if I can add some stubbed code in for you.
from networker.
from networker.
I pulled those changes into my repo and started expanding on it here: bf7890e
Still work to do but hopefully that gives you a bit more insight.
See the "encryption" branch.
from networker.
Closing this now as it would no longer be compatible with v3.
from networker.
Related Issues (20)
- Use Microsoft.Extensions.Logging for Logging HOT 2
- Allow ServiceCollection To Be Shared By Multiple Client/Server Instances
- Support Transient DI Registration For Packet Handlers
- How to use with Unity? HOT 2
- License Considerations HOT 1
- Suggestion: Decouple packet handler from packet serializer HOT 3
- Support multiple RegisterTypes calls on one IBuilder instance HOT 1
- Packet Handler Decorators HOT 3
- Semaphore does't get the release event on client disconnect.
- Not working with Unity :( HOT 3
- Work without a serializer HOT 2
- SendUdp not work HOT 2
- ArgumentOutOfRangeException HOT 1
- How to register handler and packet automatically
- Server Send does not work HOT 2
- How to use with unity3d?
- Errors with unity HOT 1
- ServerPacketProcessor处理无长度数据包时陷入循环
- udp数据传输长度为0
- UdpClientListener中监听强制使用了127.0.0.1,不适用于多网卡环境
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from networker.