Beispiel #1
0
        public void Should_EnrollNewRecord_When_PasswordSpecified()
        {
            var rngMock = Substitute.For <IPheRandomGenerator>();
            var offset  = 0;

            rngMock.GenerateNonce(16).Returns(x =>
            {
                offset += 16;
                return(((Span <byte>) this.mockedRandomBytes).Slice(offset - 16, 16).ToArray());
            });
            rngMock.GenerateNonce(32).Returns(x =>
            {
                offset += 32;
                return(((Span <byte>) this.mockedRandomBytes).Slice(offset - 32, 32).ToArray());
            });

            var crypto = new PheCrypto();

            crypto.Rng = rngMock;

            var enrollmentRecordRight = EnrollmentRecord.Parser.ParseFrom(Google.Protobuf.ByteString.CopyFrom(this.enrollmentRecord));
            var appSecretKey          = crypto.DecodeSecretKey(this.clientPrivate);

            var servicePublicKey = crypto.DecodePublicKey(this.serverPublic);
            var pheClient        = new PheClient(appSecretKey, servicePublicKey);

            pheClient.Crypto = crypto;

            var(enrollmentRec, key) = pheClient.EnrollAccount(this.password, this.enrollmentResponse);
            var enrollmentRecordGot = EnrollmentRecord.Parser.ParseFrom(Google.Protobuf.ByteString.CopyFrom(enrollmentRec));

            Assert.Equal(Bytes.ToString(this.enrollmentRecord, StringEncoding.BASE64), Bytes.ToString(enrollmentRec, StringEncoding.BASE64));
            Assert.Equal(Bytes.ToString(this.recordKey, StringEncoding.BASE64), Bytes.ToString(key, StringEncoding.BASE64));
        }
Beispiel #2
0
        public void Should_ProveTheProofOfSuccess_For_SpecifiedListOfParameters()
        {
            var phe = new PheCrypto();

            var skS = phe.DecodeSecretKey(Bytes.FromString("I4ETKFzr3QmUu+Olhp1L2KvRgjfseO530R/A+aQ80Go=", StringEncoding.BASE64));
            var c0  = Bytes.FromString("BKAH5Rww+a9+8lzO3oYE8zfz2Oxp3+Xrv2jp9EFGRlS7bWU5iYoWQHZqrkM+UYq2TYON3Gz8w3mzLSy3yS0XlJw=", StringEncoding.BASE64);
            var c1  = Bytes.FromString("BOkgpxdavc+CYqmeKboBPhEjgXCEKbb5HxFeJ1+rVoOm006Jbu5a/Ol4rK5bVbkhzGAT+gUZaodUsnEuucfIbJc=", StringEncoding.BASE64);

            var proof = new ProofOfSuccess
            {
                Term1  = Bytes.FromString("BJkkIassffljoINliNRNcR7J/PmYcAl9PPUBeIT2I6oBy6wKb5gZsIOchWEN5pNfLVPH1V0BuhhlTi7MZeBlPOY=", StringEncoding.BASE64),
                Term2  = Bytes.FromString("BIiZfmmzuffwmJmibNnpws9D5SkgkPMBYxbgaWS1274kbJKC7WakUp1Mzk9BWvah0kDomJhqzyV7/8ZBX1rGX9I=", StringEncoding.BASE64),
                Term3  = Bytes.FromString("BCBcx9GsjQcoKI0pW4t49WWS/Z1bmg62KlCjAzB1IsKVDYQAT4213UuIMBthNnxSOVUUHikZCUw01mX5XKGQD5A=", StringEncoding.BASE64),
                BlindX = Bytes.FromString("KFiLnVVliWdm3fdYcuFK1sTiw1hvbKSesy4sGlYO8Rs=", StringEncoding.BASE64)
            };

            var skC = phe.DecodeSecretKey(Bytes.FromString("gPdKsQRz9Vmc/DnbfxCHUioU6omEa0Sg7pncSHOhA7I=", StringEncoding.BASE64));

            var nS  = Bytes.FromString("POKVRG0nmZc9062v41TNFngibsgMKzt/BY6lZ/5pcZg=", StringEncoding.BASE64);
            var pkS = phe.ExtractPublicKey(skS);

            var isValid = phe.ValidateProofOfSuccess(proof, pkS, nS, c0, c1);

            Assert.True(isValid);
        }
Beispiel #3
0
        public void SwuHashToPoint_Should_ReturnExpectedPoint()
        {
            var data = new byte[]
            {
                0x02, 0x6c, 0x68, 0xba, 0x79, 0x9b, 0x95, 0x8d,
                0xa1, 0xdd, 0xec, 0x47, 0xcf, 0x77, 0xb6, 0x1a,
                0x68, 0xe3, 0x27, 0xbb, 0x16, 0xdd, 0x04, 0x6f,
                0x90, 0xfe, 0x2d, 0x7e, 0x46, 0xc7, 0x86, 0x1b,
                0xf9, 0x7a, 0xdb, 0xda, 0x15, 0xef, 0x5c, 0x13,
                0x63, 0xe7, 0x0d, 0x7c, 0xfa, 0x78, 0x24, 0xca,
                0xb9, 0x29, 0x74, 0x96, 0x09, 0x47, 0x15, 0x4d,
                0x34, 0xc4, 0x38, 0xe3, 0xeb, 0xcf, 0xfc, 0xbc,
            };
            var phe       = new PheCrypto();
            var a         = phe.Curve;
            var expectedX = "41644486759784367771047752285976210905566569374059610763941558650382638987514";
            var expectedY = "47123545766650584118634862924645280635136629360149764686957339607865971771956";

            // var curveParams = NistNamedCurves.GetByName("P-256");
            var swu = new Swu(phe.Curve.Q, phe.Curve.B.ToBigInteger());

            var(x, y) = swu.DataToPoint(data);
            Assert.Equal(expectedX, x.ToString());
            Assert.Equal(expectedY, y.ToString());
        }
Beispiel #4
0
        public void TestEncryptVector()
        {
            var rnd = new byte[]
            {
                0x2b, 0x1a, 0x49, 0xe2, 0x6c, 0xcc, 0x33, 0xfe,
                0x5e, 0x7d, 0x0e, 0x57, 0x3b, 0xc4, 0x02, 0xf0,
                0x04, 0xa0, 0x1c, 0x60, 0x35, 0xaf, 0x42, 0x16,
                0xcb, 0xd0, 0x1f, 0x1a, 0x98, 0x24, 0x7a, 0xaa,
            };

            var key = new byte[]
            {
                0x87, 0xeb, 0x2b, 0xc9, 0x09, 0xac, 0x86, 0x9a,
                0xdc, 0xb2, 0x17, 0x72, 0x2f, 0x3f, 0x56, 0xa6,
                0xf7, 0x0f, 0xb7, 0x47, 0x3b, 0x1b, 0x6b, 0x36,
                0xf0, 0xae, 0x0a, 0x14, 0x5b, 0x45, 0xae, 0xe2,
            };

            var plainText = new byte[]
            {
                0x05, 0xa1, 0x06, 0x74, 0xa5, 0xba, 0xd0, 0x38,
                0x50, 0x7b, 0x2d, 0x9f, 0x80, 0x06, 0x45, 0x4b,
                0x0f, 0xbe, 0xf0, 0xd4, 0x0f, 0x62, 0x1b, 0x3c,
                0x35, 0x16, 0xef, 0xdd, 0x70, 0xd1, 0xef, 0x1d,
                0x3a, 0x6b, 0x8d, 0x50, 0xbe, 0xdb, 0x25, 0x57,
                0x3c, 0x26, 0x86, 0x43, 0x86, 0xa1, 0x39, 0x69,
                0xf7, 0xe9, 0x40, 0x00, 0xf0, 0x02, 0xd0, 0x0f,
                0xae, 0x86, 0x84, 0x37, 0x77, 0x0d, 0x9a, 0xfa,
            };

            var expectedCipherText = new byte[]
            {
                0x2b, 0x1a, 0x49, 0xe2, 0x6c, 0xcc, 0x33, 0xfe,
                0x5e, 0x7d, 0x0e, 0x57, 0x3b, 0xc4, 0x02, 0xf0,
                0x04, 0xa0, 0x1c, 0x60, 0x35, 0xaf, 0x42, 0x16,
                0xcb, 0xd0, 0x1f, 0x1a, 0x98, 0x24, 0x7a, 0xaa,
                0x61, 0x95, 0x05, 0xda, 0x9c, 0xbf, 0x32, 0x5b,
                0x79, 0x2a, 0x31, 0xce, 0x87, 0x71, 0x6e, 0x89,
                0xc0, 0x0c, 0xe9, 0x32, 0x14, 0xb1, 0x5c, 0x59,
                0x6b, 0x30, 0xe6, 0xe5, 0x1a, 0xed, 0x8a, 0x3c,
                0xdd, 0x83, 0x1e, 0xbf, 0x0e, 0xa7, 0x7f, 0x59,
                0x4d, 0xae, 0xed, 0x9c, 0xa0, 0xb8, 0xe6, 0x28,
                0x0c, 0x73, 0x60, 0xbc, 0x8c, 0x0f, 0xd7, 0xb9,
                0x2d, 0x09, 0x40, 0x0c, 0x8d, 0x63, 0x36, 0x19,
                0x32, 0x04, 0xac, 0xd4, 0x45, 0xa0, 0xa4, 0x5e,
                0xab, 0x08, 0x2c, 0xb1, 0xa7, 0x36, 0x04, 0xf4,
            };

            var phe         = new PheCrypto();
            var rng         = new SecureRandom();
            var encrService = new EncryptionService(key);
            var cipherText  = encrService.EncryptWithSalt(plainText, rnd);

            Assert.Equal(cipherText, expectedCipherText);

            var decyptedText = phe.Decrypt(cipherText, key);

            Assert.Equal(plainText, decyptedText);
        }
Beispiel #5
0
        public void TestRotatePublicServerKey()
        {
            var phe = new PheCrypto();
            var oldPublicServerKey = phe.DecodePublicKey(this.serverPublic);
            var newPublicServerKey = phe.RotatePublicKey(oldPublicServerKey, this.token);

            Assert.Equal(this.rotatedServerPub, newPublicServerKey.Encode());
        }
Beispiel #6
0
        public void TestSimpleHashZ()
        {
            var expectedHashZ = "69727408650258925666157816894980607074870114162787023360036165814485426747693";
            var phe           = new PheCrypto();
            var hashZ         = phe.HashZ(Domains.ProofOK, phe.CurveG.GetEncoded());

            Assert.Equal(new BigInteger(expectedHashZ, 10), hashZ);
        }
Beispiel #7
0
        public void TestRotatePrivateClientKey()
        {
            var phe = new PheCrypto();
            var oldClientPrivateKey = phe.DecodeSecretKey(this.clientPrivate);
            var newClientSecretKey  = phe.RotateSecretKey(oldClientPrivateKey, this.token);

            Assert.Equal(this.rotatedClientSk, newClientSecretKey.Encode());
        }
Beispiel #8
0
        public static ProtocolContext Create(string appId, string accessToken,
                                             string serverPublicKey, string clientSecretKey, string[] updateTokens = null)
        {
            var phe = new PheCrypto();

            var(pkSVer, pkS) = EnsureServerPublicKey(serverPublicKey, phe);
            var(skCVer, skC) = EnsureClientSecretKey(clientSecretKey, phe);

            if (pkSVer != skCVer)
            {
                throw new ArgumentException("Incorrect versions for Server/Client keys.");
            }

            var serializer = new HttpBodySerializer();
            var client     = new PheClient(serializer)
            {
                AccessToken = accessToken,
                BaseUri     = new Uri("https://api.passw0rd.io/")
            };

            var ctx = new ProtocolContext
            {
                AppId  = appId,
                Client = client,
                Crypto = phe
            };

            var serverPksDictionary = new Dictionary <int, PublicKey> {
                [pkSVer] = pkS
            };
            var clientSksDictionary = new Dictionary <int, SecretKey> {
                [skCVer] = skC
            };

            if (updateTokens != null && updateTokens.Length > 0)
            {
                var updateTokenList = updateTokens.Select(UpdateToken.Decode)
                                      .Where(it => it.Version > skCVer)
                                      .OrderBy(it => it.Version)
                                      .ToList();

                ctx.UpdateTokens = updateTokenList;

                foreach (var token in updateTokenList)
                {
                    pkS = phe.RotatePublicKey(pkS, token.A, token.B);
                    skC = phe.RotateSecretKey(skC, token.A, token.B);

                    serverPksDictionary.Add(token.Version, pkS);
                    clientSksDictionary.Add(token.Version, skC);
                }
            }

            ctx.clientSecretKeys = clientSksDictionary;
            ctx.serverPublicKeys = serverPksDictionary;

            return(ctx);
        }
Beispiel #9
0
        public void Should_ComputeIdenticalC0AndC1Values_When_TheSameKeyAndNonceArePassed()
        {
            var phe   = new PheCrypto();
            var skS   = phe.DecodeSecretKey(this.clientPrivate);
            var nonce = phe.GenerateNonce();

            var(c0, c1)   = phe.ComputeC(skS, nonce);
            var(c00, c11) = phe.ComputeC(skS, nonce);

            Assert.Equal(Bytes.ToString(c0, StringEncoding.HEX), Bytes.ToString(c00, StringEncoding.HEX));
            Assert.Equal(Bytes.ToString(c1, StringEncoding.HEX), Bytes.ToString(c11, StringEncoding.HEX));
        }
Beispiel #10
0
        public void Should_ComputeTheSameC0Value_For_SpecifiedListOfParameters()
        {
            var phe = new PheCrypto();

            var pwd = Bytes.FromString("passw0rd");
            var skC = phe.DecodeSecretKey(Bytes.FromString("gPdKsQRz9Vmc/DnbfxCHUioU6omEa0Sg7pncSHOhA7I=", StringEncoding.BASE64));
            var nC  = Bytes.FromString("CTnPcIn2xcz+4/9jjLuFZNJiWLBiohnaGVTb3X1zPt0=", StringEncoding.BASE64);
            var c0  = Bytes.FromString("BKAH5Rww+a9+8lzO3oYE8zfz2Oxp3+Xrv2jp9EFGRlS7bWU5iYoWQHZqrkM+UYq2TYON3Gz8w3mzLSy3yS0XlJw=", StringEncoding.BASE64);
            var t0  = Bytes.FromString("BPGwrvLl3CAolVo1RIoNT7TqTC3T66eLykxa/Vw1gyof+3scfaiqTAAQXQ57q6zEkEeJHjNl4GBghQceI/UNl7c=", StringEncoding.BASE64);

            var c00 = phe.ComputeC0(skC, pwd, nC, t0);

            Assert.Equal(c0, c00);
        }
Beispiel #11
0
        public void Should_ComputeIdenticalC0AndC1Values_When_TheSameKeyAndNonceArePassed()
        {
            var phe = new PheCrypto();

            var skS = phe.DecodeSecretKey(Bytes.FromString("I4ETKFzr3QmUu+Olhp1L2KvRgjfseO530R/A+aQ80Go=", StringEncoding.BASE64));
            var nS  = Bytes.FromString("4g1N7hTxVWEHesoGZ5eTwbufdSnRtzxzkEQaBkXWsL4=", StringEncoding.BASE64);
            var c0  = Bytes.FromString("BI4mieAp/rdVctneZnhj0Ucu8Sc4LGMu2P5z9j49iXtN3AhDBWgIS1A4kfLI1ktcQAJACK4vwgutomtuWSoYllc=", StringEncoding.BASE64);
            var c1  = Bytes.FromString("BHENDFDcDsaWwpZLAWXDvEXlrEpIwr1p+OESiRCSemnk41WdfObVsvGPsYNFopaCJN762vP4MINb9HGzjmbM+aU=", StringEncoding.BASE64);

            var(c00, c11) = phe.ComputeC(skS, nS);

            Assert.Equal(c0, c00);
            Assert.Equal(c1, c11);
        }
Beispiel #12
0
        public void Should_RotateTheSamePublicKey_When_OldPublicKeyAndUpdateTokenAreGiven()
        {
            var a    = Bytes.FromString("T20buheJjFOg+rsxP5ADIS7G3htdY/MUt9VozMOgEfA=", StringEncoding.BASE64);
            var b    = Bytes.FromString("UbXPXPtmKuudthZXXjJTE9AxBEgZB7mTFD+TGViCgHU=", StringEncoding.BASE64);
            var pkS  = Bytes.FromString("BBqqpApF8EsvQtLQlcR1sBon9RbKDcrsNypYDGatbx5JxvdQfGaszDwen01xQVWxL0UvrLfmzTBJHpL+q5+kyWw=", StringEncoding.BASE64);
            var pkS1 = Bytes.FromString("BMiu/KcLEom9PwAeEeN9gYJZ45kdlYdo1bYPsd8YjWvRVgqJY2MzJlu2OR1d7ynxZvsdXbVY68pxG/oK3k+3xX0=", StringEncoding.BASE64);

            var phe    = new PheCrypto();
            var phePkC = phe.DecodePublicKey(pkS);

            var phePkC1 = phe.RotatePublicKey(phePkC, a, b);

            Assert.Equal(pkS1, phePkC1.Encode());
        }
Beispiel #13
0
        public void TestEncrypt_empty()
        {
            var phe = new PheCrypto();
            var rng = new SecureRandom();
            var key = new byte[EncryptionService.SymKeyLen];

            rng.NextBytes(key);

            var plainText    = new byte[0];
            var cipherText   = phe.Encrypt(plainText, key);
            var decyptedText = phe.Decrypt(cipherText, key);

            Assert.Equal(decyptedText, plainText);
        }
Beispiel #14
0
        public void TestHashZVector2()
        {
            var pub = new byte[]
            {
                0x04, 0x39, 0x01, 0x9b, 0x9e, 0x2f, 0x1b, 0xae,
                0x60, 0x65, 0xcd, 0x9b, 0x85, 0x94, 0xfe, 0xa6,
                0xe3, 0x5a, 0x9a, 0xfd, 0xd3, 0x15, 0x96, 0xca,
                0xd8, 0xf8, 0xa4, 0xb1, 0xbd, 0xcd, 0x9b, 0x24,
                0x40, 0x5b, 0x8b, 0x13, 0x23, 0xf2, 0xdd, 0x6b,
                0x1b, 0x1d, 0x3f, 0x57, 0x5d, 0x00, 0xf4, 0xa8,
                0x5f, 0xb8, 0x67, 0x90, 0x69, 0x74, 0xea, 0x16,
                0x4b, 0x41, 0x9e, 0x93, 0x66, 0x47, 0xd8, 0xfb,
                0x7b,
            };

            var c0X   = "66305582120524875023859689648303664817335268054431490163250455437389177295478";
            var c0Y   = "19615011428787373705295950431517815162915845805720956004550495681707511034851";
            var c1X   = "11237049376971579382843942757546874380042467137583453135179008882019225463739";
            var c1Y   = "80961525191994723690800208523971748057046695876178833586656397502847317233228";
            var t1X   = "39244241269455735193598520026736537476566784866134072628798326598844377151651";
            var t1Y   = "10612278657611837393693400625940452527356993857624739575347941960949401758261";
            var t2X   = "108016526337105983792792579967716341976396349948643843073602635679441433077833";
            var t2Y   = "90379537067318020066230942533439624193620174277378193732900885672181004096656";
            var t3X   = "36913295823787819500630010367019659122715720420780370192192548665300728488299";
            var t3Y   = "36547572032269541322937508337036635249923361457001752921238955135105574250650";
            var t4X   = "49166285642990312777312778351013119878896537776050488997315166935690363463787";
            var t4Y   = "66983832439067043864623691503721372978034854603698954939248898067109763920732";
            var chlng = "98801234524135497507777343590157351416109876307242902372535142932873423904771";

            var phe   = new PheCrypto();
            var c0    = (FpPoint)phe.Curve.CreatePoint(new BigInteger(c0X, 10), new BigInteger(c0Y, 10));
            var c1    = (FpPoint)phe.Curve.CreatePoint(new BigInteger(c1X, 10), new BigInteger(c1Y, 10));
            var t1    = (FpPoint)phe.Curve.CreatePoint(new BigInteger(t1X, 10), new BigInteger(t1Y, 10));
            var t2    = (FpPoint)phe.Curve.CreatePoint(new BigInteger(t2X, 10), new BigInteger(t2Y, 10));
            var t3    = (FpPoint)phe.Curve.CreatePoint(new BigInteger(t3X, 10), new BigInteger(t3Y, 10));
            var t4    = (FpPoint)phe.Curve.CreatePoint(new BigInteger(t4X, 10), new BigInteger(t4Y, 10));
            var hashZ = phe.HashZ(
                Domains.ProofErr,
                pub,
                phe.CurveG.GetEncoded(),
                c0.GetEncoded(),
                c1.GetEncoded(),
                t1.GetEncoded(),
                t2.GetEncoded(),
                t3.GetEncoded(),
                t4.GetEncoded());

            Assert.Equal(new BigInteger(chlng, 10), hashZ);
        }
Beispiel #15
0
        public void Should_RotateTheSameSecretKey_When_OldSecretKeyAndUpdateTokenAreGiven()
        {
            var a    = Bytes.FromString("T20buheJjFOg+rsxP5ADIS7G3htdY/MUt9VozMOgEfA=", StringEncoding.BASE64);
            var b    = Bytes.FromString("UbXPXPtmKuudthZXXjJTE9AxBEgZB7mTFD+TGViCgHU=", StringEncoding.BASE64);
            var skC  = Bytes.FromString("YOCs/LOx6hll3nUBC29xpNJuLXofpKaBUNHPDBMA7JI=", StringEncoding.BASE64);
            var skC1 = Bytes.FromString("Zd+YJUvpXKQIjMaeZiad4vFOoU+mH2Qldx/yqwmGg2I=", StringEncoding.BASE64);
            // var pkS = Bytes.FromString("BBqqpApF8EsvQtLQlcR1sBon9RbKDcrsNypYDGatbx5JxvdQfGaszDwen01xQVWxL0UvrLfmzTBJHpL+q5+kyWw=", StringEncoding.BASE64);

            var phe    = new PheCrypto();
            var pheSkC = phe.DecodeSecretKey(skC);

            var pheSkC1 = phe.RotateSecretKey(pheSkC, a, b);

            Assert.Equal(skC1, pheSkC1.Encode());
        }
Beispiel #16
0
        public void Should_DecryptM_When_SpecifiedListOfParametersArePassed()
        {
            var phe = new PheCrypto();

            var pwd = Bytes.FromString("passw0rd");
            var skC = phe.DecodeSecretKey(Bytes.FromString("Ty+3kM7kPFQjZu1NKyJjHqdUnDl9/n7mlHu7VJMyLRw=", StringEncoding.BASE64));
            var nC  = Bytes.FromString("9Gr0Jrg+vux+xBOLpGLXemB7uuwq7xkIa4JVgAJG5Yw=", StringEncoding.BASE64);
            var c1  = Bytes.FromString("BMkSH2xpOLox46HQf0oq8vqtYApMezo7K83xCMDgsUzgpI75esc6KJTRrqf7Nq5+y2LiGwyfJ/X8wZ7IXywy+gg=", StringEncoding.BASE64);
            var t1  = Bytes.FromString("BPGSx7b84QaTFJoXJcQ70qPuppbGkh8udqSIZJ7R8AE6Br0CBvPw69exsa3jxeHmMN17vY9l9wXdZcQt7FST2fc=", StringEncoding.BASE64);
            var m   = Bytes.FromString("XslZXIrsVj1XYVF74gWfi0Lo4frLsDObirNl5mFwYeA=", StringEncoding.BASE64);

            var mm = phe.DecryptM(skC, pwd, nC, t1, c1);

            Assert.Equal(m, mm);
        }
Beispiel #17
0
        private FpPoint MakePoint()
        {
            var rng    = new SecureRandom();
            var phe    = new PheCrypto();
            var swu    = new Swu(phe.Curve.Q, phe.Curve.B.ToBigInteger());
            var random = new byte[Swu.PointHashLen];

            rng.NextBytes(random);
            var(x, y) = swu.HashToPoint(random);
            var xField  = phe.Curve.FromBigInteger(x);
            var yField  = phe.Curve.FromBigInteger(y);
            var ecpoint = phe.Curve.CreatePoint(x, y);

            return((FpPoint)ecpoint);
        }
Beispiel #18
0
        public void TestDecrypt_badLength()
        {
            var phe = new PheCrypto();
            var rng = new SecureRandom();
            var key = new byte[EncryptionService.SymKeyLen];

            rng.NextBytes(key);

            var cipherText = new byte[EncryptionService.SymSaltLen + 15];

            rng.NextBytes(cipherText);

            var ex = Record.Exception(() => { phe.Decrypt(cipherText, key); });

            Assert.NotNull(ex);
            Assert.IsType <ArgumentException>(ex);
        }
Beispiel #19
0
        public void HashToPoint_Should_GeneratePointOnCurve_When_RandomHashesArePassed()
        {
            var phe    = new PheCrypto();
            var swu    = new Swu(phe.Curve.Q, phe.Curve.B.ToBigInteger());
            var rng    = new SecureRandom();
            var sha512 = new SHA512Helper();

            var random = new byte[32];

            for (int i = 0; i <= 15000; i++)
            {
                rng.NextBytes(random);
                var hash = sha512.ComputeHash(null, random);
                var(x, y) = swu.DataToPoint(hash);
                Assert.True(phe.Curve.CreatePoint(x, y).IsValid());
            }
        }
Beispiel #20
0
        public void TestPoint_Encoding()
        {
            var rng    = new SecureRandom();
            var phe    = new PheCrypto();
            var swu    = new Swu(phe.Curve.Q, phe.Curve.B.ToBigInteger());
            var random = new byte[Swu.PointHashLen];

            rng.NextBytes(random);
            var(x, y) = swu.HashToPoint(random);
            var xField  = phe.Curve.FromBigInteger(x);
            var yField  = phe.Curve.FromBigInteger(y);
            var ecpoint = phe.Curve.CreatePoint(x, y);

            var encoded = ecpoint.GetEncoded();
            var decoded = phe.Curve.DecodePoint(encoded);

            Assert.Equal(ecpoint, decoded);
        }
Beispiel #21
0
        public void TestHs1()
        {
            var ns = new byte[]
            {
                0x04, 0x60, 0x41, 0x90, 0xea, 0xe3, 0x03, 0x48,
                0xc4, 0x67, 0xa2, 0x56, 0xaa, 0x20, 0xf0, 0xe1,
                0x22, 0xfd, 0x4c, 0x54, 0xb0, 0x2a, 0x03, 0x26,
                0x84, 0xf1, 0x22, 0x11, 0xfc, 0x9a, 0x8e, 0xe3,
            };

            var expectedX = "17908376941582875772307252089828253420307082915473361881522058301944387204152";
            var expectedY = "33408333837140987002065754540391028444871058307081963101365044681462597430369";
            var phe       = new PheCrypto();
            var point     = phe.HashToPoint(Domains.Dhs1, ns);

            Assert.Equal(new BigInteger(expectedX, 10), point.XCoord.ToBigInteger());
            Assert.Equal(new BigInteger(expectedY, 10), point.YCoord.ToBigInteger());
        }
Beispiel #22
0
        public void Should_RotateTheSameSecretKey_When_OldSecretKeyAndUpdateTokenAreGiven()
        {
            var a    = ByteString.CopyFrom(Bytes.FromString("T20buheJjFOg+rsxP5ADIS7G3htdY/MUt9VozMOgEfA=", StringEncoding.BASE64));
            var b    = ByteString.CopyFrom(Bytes.FromString("UbXPXPtmKuudthZXXjJTE9AxBEgZB7mTFD+TGViCgHU=", StringEncoding.BASE64));
            var skC  = Bytes.FromString("YOCs/LOx6hll3nUBC29xpNJuLXofpKaBUNHPDBMA7JI=", StringEncoding.BASE64);
            var skC1 = Bytes.FromString("Zd+YJUvpXKQIjMaeZiad4vFOoU+mH2Qldx/yqwmGg2I=", StringEncoding.BASE64);

            var phe    = new PheCrypto();
            var pheSkC = phe.DecodeSecretKey(skC);
            var token1 = new UpdateToken()
            {
                A = a,
                B = b,
            };
            var pheSkC1 = phe.RotateSecretKey(pheSkC, token1.ToByteArray());

            Assert.Equal(skC1, pheSkC1.Encode());
        }
Beispiel #23
0
        public void TestHs0()
        {
            var ns = new byte[]
            {
                0x8e, 0x48, 0xac, 0x4b, 0x4a, 0x0c, 0x3f, 0x87,
                0x83, 0x69, 0x6f, 0x5d, 0x1f, 0x77, 0xd4, 0x25,
                0x64, 0x84, 0xd5, 0xb0, 0x7f, 0xd3, 0x8a, 0xf6,
                0xb2, 0xbf, 0x2d, 0x7b, 0x34, 0x57, 0x8a, 0x24,
            };

            var expectedX = "25300858746488398178355367558777222618482687866522608982770829435057272700048";
            var expectedY = "110446173948945874058011275277660983270153244227256872727234408438424462761061";
            var phe       = new PheCrypto();
            var point     = phe.HashToPoint(Domains.Dhs0, ns);

            Assert.Equal(new BigInteger(expectedX, 10), point.XCoord.ToBigInteger());
            Assert.Equal(new BigInteger(expectedY, 10), point.YCoord.ToBigInteger());
        }
Beispiel #24
0
        public void Should_ComputeTheSameC0Value_For_SpecifiedListOfParameters()
        {
            var phe = new PheCrypto();
            var ns  = new byte[]
            {
                0x04, 0x60, 0x41, 0x90, 0xea, 0xe3, 0x03, 0x48,
                0xc4, 0x67, 0xa2, 0x56, 0xaa, 0x20, 0xf0, 0xe1,
                0x22, 0xfd, 0x4c, 0x54, 0xb0, 0x2a, 0x03, 0x26,
                0x84, 0xf1, 0x22, 0x11, 0xfc, 0x9a, 0x8e, 0xe3,
            };
            var pwd        = Bytes.FromString("passw0rd");
            var skC        = phe.DecodeSecretKey(this.clientPrivate);
            var hash       = new Dictionary <string, int>();
            var expectedC0 = Bytes.FromString("047062653b3a156a0a211686506f86427f13cdbe3825ca4ee820a8f202b91cf76cd276cc2f506191b491e85f5ac412cc36b2502cfbf23b130b0808d93c37271651", StringEncoding.HEX);
            var t0         = Bytes.FromString("04f1b0aef2e5dc2028955a35448a0d4fb4ea4c2dd3eba78bca4c5afd5c35832a1ffb7b1c7da8aa4c00105d0e7babacc49047891e3365e0606085071e23f50d97b7", StringEncoding.HEX);

            var c0 = phe.ComputeC0(skC, pwd, ns, t0);

            Assert.Equal(expectedC0, c0);
        }
Beispiel #25
0
        public void TestHashToPoint()
        {
            byte[] mockedRandomBytes = new byte[]
            {
                0x80, 0x39, 0x05, 0x31, 0x49, 0x44, 0x70, 0xbe,
                0x0b, 0x29, 0x65, 0x01, 0x58, 0x6b, 0xfc, 0xd9,
                0xe1, 0x31, 0xc3, 0x9e, 0x2d, 0xec, 0xc7, 0x53,
                0xd4, 0xf2, 0x5f, 0xef, 0xd2, 0x28, 0x1e, 0xea,
                0xe0, 0x92, 0x7d, 0x0e, 0xd0, 0x57, 0x2e, 0x7f,
                0xe7, 0x7b, 0x60, 0x93, 0x15, 0xbc, 0x86, 0x5e,
                0xd4, 0x38, 0x92, 0xcd, 0x6c, 0xda, 0xf5, 0x65,
                0x18, 0x1a, 0x3d, 0xf9, 0x2b, 0x13, 0x80, 0xdc,
                0xc4, 0x08, 0x93, 0xc8, 0xdf, 0x19, 0x7b, 0x6b,
                0x8f, 0x74, 0x8f, 0x39, 0x23, 0xa1, 0x8a, 0x6d,
                0xd4, 0xdd, 0xb5, 0xc3, 0x01, 0x66, 0xa9, 0x5a,
                0xb8, 0xbc, 0x14, 0xde, 0x83, 0x26, 0xdb, 0x32,
                0xf3, 0x1d, 0xa8, 0xef, 0x0b, 0xdd, 0x38, 0x5f,
                0x83, 0xb3, 0x6c, 0xf8, 0x89, 0x48, 0xc3, 0xee,
                0xb3, 0x97, 0x4d, 0x04, 0x08, 0x12, 0x53, 0xf5,
                0x60, 0x44, 0x67, 0x91, 0xc1, 0x9e, 0x03, 0xab,
                0x4b, 0x70, 0x0b, 0xcb, 0x4e, 0x03, 0x81, 0x7d,
                0x40, 0x96, 0xa2, 0x60, 0x5a, 0x80, 0xb2, 0x23,
                0x6d, 0x62, 0x3c, 0x5a, 0x5e, 0xd2, 0x45, 0xdb,
                0x36, 0x56, 0xda, 0xb9, 0x2e, 0x6e, 0xe1, 0xe6,
                0x10, 0x27, 0x97, 0x3b, 0xbc, 0x2e, 0x04, 0x8d,
                0x21, 0xce, 0x4c, 0xf0, 0x29, 0x03, 0x7e, 0x17,
                0x0c, 0x34, 0x81, 0x8d, 0xaa, 0x25, 0x33, 0xe6,
                0xf8, 0x77, 0xe1, 0x59, 0x65, 0x89, 0x16, 0xa2,
            };

            var crypto = new PheCrypto();
            var m      = crypto.HashToPoint(null, mockedRandomBytes.Take(32).ToArray());

            var expectedM = (FpPoint)crypto.Curve.CreatePoint(
                new BigInteger("47919986077532098346505903401676113443327441655946536745084881296990002308999", 10),
                new BigInteger("83980225500589559999287763767838231751053639306927585927546932471768986795515", 10));
            var xcoord = m.XCoord.ToBigInteger();
            var ycoord = m.YCoord.ToBigInteger();

            Assert.Equal(expectedM, m);
        }
Beispiel #26
0
        public void TestValidPasswordRequest()
        {
            var rngMock = Substitute.For <IPheRandomGenerator>();

            rngMock.GenerateNonce(16).Returns(this.mockedRandomBytes.Take(16).ToArray());
            rngMock.GenerateNonce(32).Returns(this.mockedRandomBytes.Take(32).ToArray());

            var crypto = new PheCrypto();

            crypto.Rng = rngMock;

            var appSecretKey = crypto.DecodeSecretKey(this.clientPrivate);

            var servicePublicKey = crypto.DecodePublicKey(this.serverPublic);
            var pheClient        = new PheClient(appSecretKey, servicePublicKey);

            pheClient.Crypto = crypto;
            var req = pheClient.CreateVerifyPasswordRequest(this.password, this.enrollmentRecord);

            Assert.Equal(this.verifyPasswordReq, req);
        }
Beispiel #27
0
        public void TestEncrypt_badKey()
        {
            var phe = new PheCrypto();
            var rng = new SecureRandom();
            var key = new byte[EncryptionService.SymKeyLen];

            rng.NextBytes(key);

            var plainText = new byte[365];

            rng.NextBytes(plainText);

            var cipherText = phe.Encrypt(plainText, key);

            key[0]++;

            var ex = Record.Exception(() => { phe.Decrypt(cipherText, key); });

            Assert.NotNull(ex);
            Assert.IsType <InvalidCipherTextException>(ex);
        }
Beispiel #28
0
        public void TestRotateEnrollmentRecord()
        {
            var rngMock = Substitute.For <IPheRandomGenerator>();

            rngMock.GenerateNonce(16).Returns(this.mockedRandomBytes.Take(16).ToArray());
            rngMock.GenerateNonce(32).Returns(this.mockedRandomBytes.Take(32).ToArray());

            var crypto = new PheCrypto();

            crypto.Rng = rngMock;

            var appSecretKey = crypto.DecodeSecretKey(this.clientPrivate);

            var servicePublicKey = crypto.DecodePublicKey(this.serverPublic);
            var pheClient        = new PheClient();

            pheClient.Crypto = crypto;
            var updatedEnrollmentRecord = pheClient.UpdateEnrollmentRecord(this.token, this.enrollmentRecord);

            Assert.Equal(this.updatedRecord, updatedEnrollmentRecord);
        }
Beispiel #29
0
        public void TestRotateClientKey()
        {
            var rngMock = Substitute.For <IPheRandomGenerator>();

            rngMock.GenerateNonce(16).Returns(this.mockedRandomBytes.Take(16).ToArray());
            rngMock.GenerateNonce(32).Returns(this.mockedRandomBytes.Take(32).ToArray());

            var crypto = new PheCrypto();

            crypto.Rng = rngMock;

            var appSecretKey = crypto.DecodeSecretKey(this.clientPrivate);

            var servicePublicKey = crypto.DecodePublicKey(this.serverPublic);
            var pheClient        = new PheClient(appSecretKey, servicePublicKey);

            pheClient.Crypto = crypto;
            var(rotatedAppSecretKey, rotatedServicePublicKey) = pheClient.RotateKeys(this.token);

            Assert.Equal(this.rotatedClientSk, rotatedAppSecretKey.Encode());
            Assert.Equal(this.rotatedServerPub, rotatedServicePublicKey.Encode());
        }
Beispiel #30
0
        public void TestHashZVector1()
        {
            var pub = new byte[]
            {
                0x04, 0x21, 0xc3, 0x71, 0x95, 0x74, 0xaf, 0xce,
                0xc6, 0x5e, 0x35, 0xbd, 0x77, 0x5a, 0x5b, 0xe3,
                0x6c, 0x77, 0xc0, 0xbe, 0x45, 0x01, 0xf5, 0xd7,
                0x0f, 0xf0, 0x70, 0xd5, 0x1a, 0x89, 0x3a, 0xd8,
                0xe0, 0x0c, 0xe6, 0xb8, 0x9b, 0x17, 0x88, 0xe6,
                0xc1, 0x27, 0xa0, 0xe1, 0x25, 0xd9, 0xde, 0x6a,
                0x71, 0x16, 0x46, 0xa0, 0x38, 0x0f, 0xc4, 0xe9,
                0x5a, 0x74, 0xe5, 0x2c, 0x89, 0xf1, 0x12, 0x2a,
                0x7c,
            };

            var c0X   = "97803661066250274657510595696566855164534492744724548093309723513248461995097";
            var c0Y   = "32563640650805051226489658838020042684659728733816530715089727234214066735908";
            var c1X   = "83901588226167680046300869772314554609808129217097458603677198943293551162597";
            var c1Y   = "69578797673242144759724361924884259223786981560985539034793627438888366836078";
            var t1X   = "34051691470374495568913340263568595354597873005782528499014802063444122859583";
            var t1Y   = "55902370943165854960816059167184401667567213725158022607170263924097403943290";
            var t2X   = "101861885104337123215820986653465602199317278936192518417111183141791463240617";
            var t2Y   = "40785451420258280256125533532563267231769863378114083364571107590767796025737";
            var t3X   = "79689595215343344259388135277552904427007069090288122793121340067386243614518";
            var t3Y   = "63043970895569149637126206639504503565389755448934804609068720159153015056302";
            var chlng = "93919747365284119397236447539917482315419780885577135068398876525953972539838";

            var phe = new PheCrypto();
            var c0  = (FpPoint)phe.Curve.CreatePoint(new BigInteger(c0X, 10), new BigInteger(c0Y, 10));
            var c1  = (FpPoint)phe.Curve.CreatePoint(new BigInteger(c1X, 10), new BigInteger(c1Y, 10));
            var t1  = (FpPoint)phe.Curve.CreatePoint(new BigInteger(t1X, 10), new BigInteger(t1Y, 10));
            var t2  = (FpPoint)phe.Curve.CreatePoint(new BigInteger(t2X, 10), new BigInteger(t2Y, 10));
            var t3  = (FpPoint)phe.Curve.CreatePoint(new BigInteger(t3X, 10), new BigInteger(t3Y, 10));

            var hashZ = phe.HashZ(Domains.ProofOK, pub, phe.CurveG.GetEncoded(), c0.GetEncoded(), c1.GetEncoded(), t1.GetEncoded(), t2.GetEncoded(), t3.GetEncoded());

            Assert.Equal(new BigInteger(chlng, 10), hashZ);
        }