DtronixMessageQueue utilizes a custom transport protocol which utilizes several of the technologies used in the TLS protocol. A full blown TLS protocol is a little overkill since authentication and encryption type negotiation is not required. Forward-security is a corner stone of this transport protocol. To facilitate that functionality the Diffie–Hellman key exchange methods are used with ephemeral keys generated for each connection.
Once the key echance occurs, the chanels are encrypted with AES-256.
All transmissions are sent in blocks of 16 bytes. This aligns with the 16 byte blocks utilized by 128 bit AES encryption.
| Client | Direction | Server | Notes |
|---|---|---|---|
| CONNECT | -> | - | Initial connection from server |
| EncryptChannel | -> | - | Contains the first half of the D-H key exchange |
| - | <- | EncryptChannel | Contains the second half of the D-H key exchange |
| Name | Frame bytes | MqFrameType (byte) |
Body Length (ushort?) |
Payload (byte[]?) |
Description |
|---|---|---|---|---|---|
| Unset | 1 | 0 | - | - | Initial state for all headers. |
| BodyPayload | 3 | 1 | ushort [2 bytes] | byte[] | Contains a body. |
| Padding | 1 | 2 | - | - | Single byte header. Used to pad to reach 16 byte blocks. |
| ConnectionClose | 2 | 3 | - | - | Contains a byte stating the reason the seesion closed. |
| EncryptChannel | 1 | 4 | byte[140] | - | DH Key exchange process. |
| 0 | 1 | 2 | |||||||||||||||||||||
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 1 (byte) [8] | Body Length (uint16) [16] | ||||||||||||||||||||||
| Body Data (byte[]) [...] | |||||||||||||||||||||||
| 0 | |||||||
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 2 (byte) [8] | |||||||
| 0 | 1 | ||||||||||||||||||||||
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | ||||||||
| 3 (byte) [8] | CloseReason(byte) [8] | ||||||||||||||||||||||
| 0 | |||||||
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 4 (byte) [8] | |||||||
| DH public key (byte) [140] | |||||||