Websocket Sec-WebSocket-Key is invalid #100

.appveyor.yml

@@ -1,5 +1,5 @@
 # Specify version format
-version: "5.0.2.{build}"
+version: "5.0.3.{build}"
 
 # Image to use
 image: Visual Studio 2019

examples/WsChatClient/Program.cs

@@ -25,7 +25,7 @@ public override void OnWsConnecting(HttpRequest request)
             request.SetHeader("Origin", "http://localhost");
             request.SetHeader("Upgrade", "websocket");
             request.SetHeader("Connection", "Upgrade");
-            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(Encoding.UTF8.GetBytes(Id.ToString())));
+            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(WsNonce));
             request.SetHeader("Sec-WebSocket-Protocol", "chat, superchat");
             request.SetHeader("Sec-WebSocket-Version", "13");
         }

examples/WssChatClient/Program.cs

@@ -27,7 +27,7 @@ public override void OnWsConnecting(HttpRequest request)
             request.SetHeader("Origin", "http://localhost");
             request.SetHeader("Upgrade", "websocket");
             request.SetHeader("Connection", "Upgrade");
-            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(Encoding.UTF8.GetBytes(Id.ToString())));
+            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(WsNonce));
             request.SetHeader("Sec-WebSocket-Protocol", "chat, superchat");
             request.SetHeader("Sec-WebSocket-Version", "13");
         }

performance/WsEchoClient/Program.cs

@@ -22,7 +22,7 @@ public override void OnWsConnecting(HttpRequest request)
             request.SetHeader("Origin", "http://localhost");
             request.SetHeader("Upgrade", "websocket");
             request.SetHeader("Connection", "Upgrade");
-            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(Encoding.UTF8.GetBytes(Id.ToString())));
+            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(WsNonce));
             request.SetHeader("Sec-WebSocket-Protocol", "chat, superchat");
             request.SetHeader("Sec-WebSocket-Version", "13");
         }

performance/WsMulticastClient/Program.cs

@@ -21,7 +21,7 @@ public override void OnWsConnecting(HttpRequest request)
             request.SetHeader("Origin", "http://localhost");
             request.SetHeader("Upgrade", "websocket");
             request.SetHeader("Connection", "Upgrade");
-            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(Encoding.UTF8.GetBytes(Id.ToString())));
+            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(WsNonce));
             request.SetHeader("Sec-WebSocket-Protocol", "chat, superchat");
             request.SetHeader("Sec-WebSocket-Version", "13");
         }

performance/WssEchoClient/Program.cs

@@ -24,7 +24,7 @@ public override void OnWsConnecting(HttpRequest request)
             request.SetHeader("Origin", "http://localhost");
             request.SetHeader("Upgrade", "websocket");
             request.SetHeader("Connection", "Upgrade");
-            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(Encoding.UTF8.GetBytes(Id.ToString())));
+            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(WsNonce));
             request.SetHeader("Sec-WebSocket-Protocol", "chat, superchat");
             request.SetHeader("Sec-WebSocket-Version", "13");
         }

performance/WssMulticastClient/Program.cs

@@ -23,7 +23,7 @@ public override void OnWsConnecting(HttpRequest request)
             request.SetHeader("Origin", "http://localhost");
             request.SetHeader("Upgrade", "websocket");
             request.SetHeader("Connection", "Upgrade");
-            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(Encoding.UTF8.GetBytes(Id.ToString())));
+            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(WsNonce));
             request.SetHeader("Sec-WebSocket-Protocol", "chat, superchat");
             request.SetHeader("Sec-WebSocket-Version", "13");
         }

source/NetCoreServer/NetCoreServer.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net5.0</TargetFramework>
-    <Version>5.0.2.0</Version>
+    <Version>5.0.3.0</Version>
     <Authors>Ivan Shynkarenka</Authors>
     <Copyright>Copyright (c) 2019-2021 Ivan Shynkarenka</Copyright>
     <RepositoryUrl>https://github.com/chronoxor/NetCoreServer</RepositoryUrl>

source/NetCoreServer/WebSocket.cs

@@ -12,7 +12,7 @@ public class WebSocket : IWebSocket
     {
         private readonly IWebSocket _wsHandler;
 
-        public WebSocket(IWebSocket wsHandler) { _wsHandler = wsHandler; ClearWsBuffers(); }
+        public WebSocket(IWebSocket wsHandler) { _wsHandler = wsHandler; ClearWsBuffers(); InitWsNonce(); }
 
         /// <summary>
         /// Final frame
@@ -87,7 +87,7 @@ public bool PerformClientUpgrade(HttpResponse response, Guid id)
                 else if (string.Compare(key, "Sec-WebSocket-Accept", StringComparison.OrdinalIgnoreCase) == 0)
                 {
                     // Calculate the original WebSocket hash
-                    string wskey = Convert.ToBase64String(Encoding.UTF8.GetBytes(id.ToString())) + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
+                    string wskey = Convert.ToBase64String(WsNonce) + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
                     string wshash;
                     using (SHA1Managed sha1 = new SHA1Managed())
                     {
@@ -119,8 +119,7 @@ public bool PerformClientUpgrade(HttpResponse response, Guid id)
 
             // WebSocket successfully handshaked!
             WsHandshaked = true;
-            Random rnd = new Random();
-            rnd.NextBytes(WsSendMask);
+            WsRandom.NextBytes(WsSendMask);
             _wsHandler.OnWsConnected(response);
 
             return true;
@@ -500,6 +499,11 @@ public void ClearWsBuffers()
             }
         }
 
+        /// <summary>
+        /// Initialize WebSocket random nonce
+        /// </summary>
+        public void InitWsNonce() => WsRandom.NextBytes(WsNonce);
+
         /// <summary>
         /// Handshaked flag
         /// </summary>
@@ -542,5 +546,14 @@ public void ClearWsBuffers()
         /// Send mask
         /// </summary>
         internal readonly byte[] WsSendMask = new byte[4];
+
+        /// <summary>
+        /// WebSocket random generator
+        /// </summary>
+        internal readonly Random WsRandom = new Random();
+        /// <summary>
+        /// WebSocket random nonce of 16 bytes
+        /// </summary>
+        internal readonly byte[] WsNonce = new byte[16];
     }
 }

source/NetCoreServer/WsClient.cs

@@ -30,6 +30,11 @@ public class WsClient : HttpClient, IWebSocket
         /// <param name="endpoint">IP endpoint</param>
         public WsClient(IPEndPoint endpoint) : base(endpoint) { WebSocket = new WebSocket(this); }
 
+        /// <summary>
+        /// WebSocket random nonce
+        /// </summary>
+        public byte[] WsNonce => WebSocket.WsNonce;
+
         #region WebSocket connection methods
 
         public override bool Connect() { _syncConnect = true; return base.Connect(); }
@@ -340,6 +345,9 @@ protected override void OnDisconnected()
 
             // Clear WebSocket send/receive buffers
             WebSocket.ClearWsBuffers();
+
+            // Initialize new WebSocket random nonce
+            WebSocket.InitWsNonce();
         }
 
         protected override void OnReceived(byte[] buffer, long offset, long size)

source/NetCoreServer/WsSession.cs

@@ -299,6 +299,9 @@ protected override void OnDisconnected()
 
             // Clear WebSocket send/receive buffers
             WebSocket.ClearWsBuffers();
+
+            // Initialize new WebSocket random nonce
+            WebSocket.InitWsNonce();
         }
 
         protected override void OnReceived(byte[] buffer, long offset, long size)

source/NetCoreServer/WssClient.cs

@@ -33,6 +33,11 @@ public class WssClient : HttpsClient, IWebSocket
         /// <param name="endpoint">IP endpoint</param>
         public WssClient(SslContext context, IPEndPoint endpoint) : base(context, endpoint) { WebSocket = new WebSocket(this); }
 
+        /// <summary>
+        /// WebSocket random nonce
+        /// </summary>
+        public byte[] WsNonce => WebSocket.WsNonce;
+
         #region WebSocket connection methods
 
         public override bool Connect() { _syncConnect = true; return base.Connect(); }
@@ -343,6 +348,9 @@ protected override void OnDisconnected()
 
             // Clear WebSocket send/receive buffers
             WebSocket.ClearWsBuffers();
+
+            // Initialize new WebSocket random nonce
+            WebSocket.InitWsNonce();
         }
 
         protected override void OnReceived(byte[] buffer, long offset, long size)

source/NetCoreServer/WssSession.cs

@@ -299,6 +299,9 @@ protected override void OnDisconnected()
 
             // Clear WebSocket send/receive buffers
             WebSocket.ClearWsBuffers();
+
+            // Initialize new WebSocket random nonce
+            WebSocket.InitWsNonce();
         }
 
         protected override void OnReceived(byte[] buffer, long offset, long size)

tests/WsTests.cs

@@ -26,7 +26,7 @@ public override void OnWsConnecting(HttpRequest request)
             request.SetHeader("Origin", "http://localhost");
             request.SetHeader("Upgrade", "websocket");
             request.SetHeader("Connection", "Upgrade");
-            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(Encoding.UTF8.GetBytes(Id.ToString())));
+            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(WsNonce));
             request.SetHeader("Sec-WebSocket-Protocol", "chat, superchat");
             request.SetHeader("Sec-WebSocket-Version", "13");
         }

tests/WssTests.cs

@@ -33,7 +33,7 @@ public override void OnWsConnecting(HttpRequest request)
             request.SetHeader("Origin", "http://localhost");
             request.SetHeader("Upgrade", "websocket");
             request.SetHeader("Connection", "Upgrade");
-            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(Encoding.UTF8.GetBytes(Id.ToString())));
+            request.SetHeader("Sec-WebSocket-Key", Convert.ToBase64String(WsNonce));
             request.SetHeader("Sec-WebSocket-Protocol", "chat, superchat");
             request.SetHeader("Sec-WebSocket-Version", "13");
         }