Encryption

[zbalkan]

Solves #1

• CryptoFormatter is a wrapper around any Formatter. So it can be extended. The formatted is provided as a parameter.

• CryptoFormatter utilizes Diffie-Hellman Key Exchange Algorithm for key Exchange and SuiteB class of SecurityDriven.Inferno for encryption. Integrity is provided by hashing.

1. When connected to a server, the client creates a KeyPair and sends the public key to the server.
2. When a client is connected, the server creates a KeyPair and sends the public key to the client.
3. Each pair generates a shared key based on their private keys and the other side's public keys.
4. Until this step, the communication is plain text. When each side generates the shared key and assigns it to the CryptoFormatter's Key property, the connection starts to be encrypted.
5. For encryption SecurityDriven.Inferno library provides AEAD. I also create an HMACSHA384 hash and concatenate it with the encrypted messages. The receiver validates the message by first splitting the ciphertext and message, calculating the hash of ciphertext, and comparing them. Both confidentiality and integrity are provided.
6. When the server or client is disconnected, the KeyPair is null'ed. Since each named pipe connection has a separate KeyPair, there is no threat of a lateral movement.

[zbalkan]

By the way, the sample console app probably needs some refactoring. Pending your review.

[HavenDV]

Thank you for the 2 PR. I will consider and accept this a little later.