public void Sha256Test()
{
var sha256 = CryptoHash.Sha256(System.Text.Encoding.UTF8.GetBytes(hashString));
string hex = BitConverter.ToString(sha256).Replace("-", string.Empty).ToLower();
Assert.AreEqual(sha256out, hex);
}
/// <summary>
/// Validates server acceptance message
/// </summary>
/// <remark>
/// Here the client verifies that the received message length is 80
/// bytes, then opens the encrypted box and verifies that the sent
/// message is server's signature to the derived shared secrets. With
/// this the handshake concludes.
/// </remark>
/// <exception cref="ArgumentException">
/// Thrown if the server's Accept <paramref name="msg"/> is not the
/// correct size or the signature is not valid.
/// </exception>
/// <param name="msg">
/// The received message, encrypted server's signature.
/// </param>
public void VerifyAccept(byte[] msg)
{
if (msg.Length != 80)
{
throw new ArgumentException("Incorrect message size");
}
var nonce = new byte[NONCE_SIZE];
nonce.Initialize();
// Concatenate the network key and derived secrets to obtain
// the message key
var key = CryptoHash.Sha256(
Utils.Concat(_network_key, _shared_ab, _shared_aB, _shared_Ab)
);
var opened_msg = SecretBox.Open(msg, nonce, key);
// Compute the message that it is supposed to be signed with the
// server's long term key
var hashed = CryptoHash.Sha256(_shared_ab);
var msg_to_verify = Utils.Concat(
_network_key, detached_signature_A,
_longterm_client_keypair.PublicKey, hashed
);
if (!PublicKeyAuth.VerifyDetached(opened_msg, msg_to_verify, _longterm_server_pk))
{
throw new ArgumentException("Invalid signature");
}
}
/// <summary>
/// Computes the message that accepts the handshake.
/// </summary>
/// <remark>
/// Here the server computes a signature of the network key, the
/// signature of the long term client's public key and a sha 256 of
/// the shared ab secret. This is signed with the server's long term
/// private key.
///
/// This signature is encrypted using a sha 256 of the network key
/// and all of the derived secrets.
/// </remark>
/// <returns>
/// A byte array of length 80 consisting of the message.
/// </returns>
public byte[] Accept()
{
var detached_signature = PublicKeyAuth.SignDetached(
Utils.Concat(
_network_key,
detached_signature_A,
_longterm_client_pk,
CryptoHash.Sha256(_shared_ab)
),
_longterm_server_keypair.PrivateKey
);
// A nonce consisting of 24 zeros
var nonce = new byte[NONCE_SIZE];
nonce.Initialize();
var key = CryptoHash.Sha256(
Utils.Concat(_network_key, _shared_ab, _shared_aB, _shared_Ab)
);
var msg = SecretBox.Create(detached_signature, nonce, key);
return(msg);
}
/// <summary>
/// Crafts the client Authenticate message
/// </summary>
/// <remark>
/// Consists of a signature of the network identifier, the server's
/// long term public key and a sha 256 of the derived secret ab,
/// concatenated with the client's long term public key. All
/// encrypted using the network identifier and the derived secrets
/// ab and aB.
///
/// This sets the object's <see cref="detached_signature_A"/>
/// </remark>
/// <returns>
/// The client Authenticate message
/// </returns>
public byte[] Authenticate()
{
var hash_ab = CryptoHash.Sha256(this._shared_ab);
// Concatenate the network identifier, the server's public key and
// the hash of the derived secret.
var to_sign = Utils.Concat(
_network_key, _longterm_server_pk, hash_ab
);
// Sign the first portion of the message and save it in the object
// state for later use in the server accept verification.
detached_signature_A = PublicKeyAuth.SignDetached(
to_sign, _longterm_client_keypair.PrivateKey
);
// Create the plaintext message
var plaintext = Utils.Concat(
detached_signature_A, _longterm_client_keypair.PublicKey
);
// Create the key from the network key and the shared secrets
var box_key = Utils.Concat(
_network_key, _shared_ab, _shared_aB
);
// A nonce consisting of 24 zeros
var nonce = new byte[NONCE_SIZE];
nonce.Initialize();
var msg = SecretBox.Create(plaintext, nonce, CryptoHash.Sha256(box_key));
return(msg);
}
/// <summary>
/// Given the keys obtained during the handshake generates a pair of
/// Boxer/Unboxer.
/// </summary>
/// <remarks>
/// <para>
/// TODO: Write about the process detailed in the spec
/// </para>
/// </remarks>
/// <param name="derived_secret">
/// The secret derived from the client long term key and the server's
/// ephemeral key (Ab).
/// </param>
/// <param name="foreing_pubkey">
/// The public key that identifies the other peer, that is, the server
/// public key if this is called from the client and vice versa.
/// </param>
/// <param name="self_pubkey">
/// The public key that identifies the entity calling this.
/// </param>
/// <param name="network_key">
/// The key that identifies the network, in the case of scuttlebutt is
/// the one posted in the scuttlebutt protocol
/// <see href="https://ssbc.github.io/scuttlebutt-protocol-guide/">
/// guide
/// </see>.
/// </param>
/// <param name="a">
/// The client's ephemeral public key used during the handshake.
/// </param>
/// <param name="b">
/// The server's ephemeral public key used during the handshake.
/// </param>
/// <returns>
/// The Boxer/Unboxer pair that a client or server can use to
/// communicate with the other.
/// </returns>
public static (Boxer, Unboxer) Build(
byte[] derived_secret,
byte[] foreing_pubkey,
byte[] self_pubkey,
byte[] network_key,
byte[] a,
byte[] b
)
{
var common = CryptoHash.Sha256(CryptoHash.Sha256(derived_secret));
var send_key = CryptoHash.Sha256(Utils.Concat(common, foreing_pubkey));
var recv_key = CryptoHash.Sha256(Utils.Concat(common, self_pubkey));
var send_nonce = new byte[24];
var recv_nonce = new byte[24];
var bhmac = SecretKeyAuth.Sign(b, network_key);
var ahmac = SecretKeyAuth.Sign(a, network_key);
Buffer.BlockCopy(send_nonce, 0, bhmac, 0, 24);
Buffer.BlockCopy(recv_nonce, 0, ahmac, 0, 24);
var boxer = new Boxer(send_key, send_nonce);
var unboxer = new Unboxer(recv_key, recv_nonce);
return(boxer, unboxer);
}
/// <summary>
/// Checks for <paramref name="msg"/> length and validity, extracting
/// the client's long term public key upon success.
/// </summary>
/// <param name="msg">Client authenticate message</param>
/// <exception cref="ArgumentException">
/// Thrown if the client Auth <paramref name="msg"/> fails to pass the
/// checks.
/// </exception>
public void AcceptAuth(byte[] msg)
{
if (msg.Length != 112)
{
throw new ArgumentException("Incorrect secretbox length");
}
// A nonce consisting of 24 zeros
var nonce = new byte[NONCE_SIZE];
nonce.Initialize();
// Calculate the decryption key from the dervided keys
var key = CryptoHash.Sha256(
Utils.Concat(_network_key, _shared_ab, _shared_aB)
);
var opened_msg = SecretBox.Open(msg, nonce, key);
if (opened_msg.Length != 96)
{
throw new ArgumentException("Invalid size of opened message");
}
// Extract the signature of the long term client's public key
// signed with the derived secret
var detached_signature = new byte[SIG_SIZE];
Buffer.BlockCopy(opened_msg, 0, detached_signature, 0, SIG_SIZE);
// Extract the long term client's public key
var lt_cli_pk = new byte[PUB_KEY_SIZE];
Buffer.BlockCopy(opened_msg, SIG_SIZE, lt_cli_pk, 0, PUB_KEY_SIZE);
var shared_hashed = CryptoHash.Sha256(_shared_ab);
// Concat network_key, server longterm pk and sha256 hashed shared_ab secret
var to_verify = Utils.Concat(
_network_key, _longterm_server_keypair.PublicKey, shared_hashed
);
if (!PublicKeyAuth.VerifyDetached(detached_signature, to_verify, lt_cli_pk))
{
throw new ArgumentException("Signature does not match");
}
detached_signature_A = detached_signature;
_longterm_client_pk = lt_cli_pk;
this.DeriveAb();
}
private static byte[] SodiumHash(HashType hash, byte[] buffer)
{
switch (hash)
{
case HashType.Blake2B:
return(Blake2B.ComputeHash(buffer));
case HashType.SipHash24:
return(ShortHash.Hash(buffer, SipHash24Key));
case HashType.Sha256:
return(CryptoHash.Sha256(buffer));
case HashType.Sha512:
return(CryptoHash.Sha512(buffer));
case HashType.Md5:
case HashType.Sha1:
case HashType.Sha384:
default:
throw new NotSupportedException();
}
}
public void CryptoHashSha256ArrayTest()
{
var actual = CryptoHash.Sha256(Encoding.UTF8.GetBytes("Adam Caudill"));
CollectionAssert.AreEqual(Utilities.HexToBinary(SHA256_HASH), actual);
}
public void CryptoHashSha256StringTest()
{
var actual = CryptoHash.Sha256("Adam Caudill");
CollectionAssert.AreEqual(Utilities.HexToBinary(SHA256_HASH), actual);
}
public static byte[] Sha256(this byte[] input)
{
return(CryptoHash.Sha256(input));
}
static void Main(string[] args)
{
var str = CryptoSecureString.ToSecureString(new[] { 'h', 'i', 'r', 'o' });
char [] charArray = CryptoSecureString.CharacterData(str);
string unsecure = CryptoSecureString.ConvertToUnsecureString(str);
var rsaParameters = new CryptoRSAParameters();
rsaParameters.GenerateKeys();
Console.WriteLine($"Random {Convert.ToBase64String(CryptoRandom.Generate(32))}");
Console.WriteLine("-------------------------------------------");
var message = "Hiro universe";
var messageBytes = Encoding.UTF8.GetBytes(message);
Console.WriteLine($"MD5 message: {message} hash: {Convert.ToBase64String(CryptoHash.Md5(messageBytes))}");
Console.WriteLine($"SHA1 message: {message} hash: {Convert.ToBase64String(CryptoHash.Sha1(messageBytes))}");
Console.WriteLine($"SHA256 message: {message} hash: {Convert.ToBase64String(CryptoHash.Sha256(messageBytes))}");
Console.WriteLine($"SHA512 message: {message} hash: {Convert.ToBase64String(CryptoHash.Sha512(messageBytes))}");
var key = CryptoRandom.Generate(32);
Console.WriteLine($"HMAC MD5 message: {message} hash: {Convert.ToBase64String(CryptoHmac.Md5(messageBytes, key))}");
Console.WriteLine($"HMAC SHA1 message: {message} hash: {Convert.ToBase64String(CryptoHmac.Sha1(messageBytes, key))}");
Console.WriteLine($"HMAC SHA256 message: {message} hash: {Convert.ToBase64String(CryptoHmac.Sha256(messageBytes, key))}");
Console.WriteLine($"HMAC SHA512 message: {message} hash: {Convert.ToBase64String(CryptoHmac.Sha512(messageBytes, key))}");
Console.WriteLine("-------------------------------------------");
Console.WriteLine("Passsword hash with salt");
Console.WriteLine($"Password: {message}");
Console.WriteLine($"Password hashed: {Convert.ToBase64String(CryptoHash.Password(messageBytes))}");
Console.WriteLine("-------------------------------------------");
var salt = CryptoRandom.Generate(32);
Console.WriteLine("Passsword hash with salt - Based Key Derivation Function - PBKDF2");
Console.WriteLine($"Password: {message}");
Console.WriteLine($"Password hashed 100 rounds: {Convert.ToBase64String(CryptoHash.Password(messageBytes, salt, 100))}");
Console.WriteLine($"Password hashed 1000 rounds: {Convert.ToBase64String(CryptoHash.Password(messageBytes, salt, 1000))}");
Console.WriteLine($"Password hashed 10000 rounds: {Convert.ToBase64String(CryptoHash.Password(messageBytes, salt, 10000))}");
Console.WriteLine("-------------------------------------------");
var desKey = CryptoRandom.Generate(8);
var desIv = CryptoRandom.Generate(8);
var desEncryptedMessage = CryptoDes.Encrypt(message, desKey, desIv);
var desDecryptedMessage = CryptoDes.Decrypt(desEncryptedMessage, desKey, desIv);
Console.WriteLine("DES Encryption");
Console.WriteLine($"Text: {message}");
Console.WriteLine($"Key: {Convert.ToBase64String(desKey)}");
Console.WriteLine($"IV: {Convert.ToBase64String(desIv)}");
Console.WriteLine($"Encrypted: {Convert.ToBase64String(desEncryptedMessage)}");
Console.WriteLine($"Decrypted: {desDecryptedMessage}");
Console.WriteLine("-------------------------------------------");
var tripleDesKey = CryptoRandom.Generate(16);
var tripleDesIv = CryptoRandom.Generate(8);
var tripleDesEncryptedMessage = CryptoTripleDes.Encrypt(message, tripleDesKey, tripleDesIv);
var tripleDesDecryptedMessage = CryptoTripleDes.Decrypt(tripleDesEncryptedMessage, tripleDesKey, tripleDesIv);
Console.WriteLine("Triple DES Encryption");
Console.WriteLine($"Text: {message}");
Console.WriteLine($"Key: {Convert.ToBase64String(tripleDesKey)}");
Console.WriteLine($"IV: {Convert.ToBase64String(tripleDesIv)}");
Console.WriteLine($"Encrypted: {Convert.ToBase64String(tripleDesEncryptedMessage)}");
Console.WriteLine($"Decrypted: {tripleDesDecryptedMessage}");
Console.WriteLine("-------------------------------------------");
var aesKey = CryptoRandom.Generate(32);
var aesIv = CryptoRandom.Generate(16);
var aesEncryptedMessage = CryptoAes.Encrypt(message, aesKey, aesIv);
var aesDecryptedMessage = CryptoAes.Decrypt(aesEncryptedMessage, aesKey, aesIv);
Console.WriteLine("AES Encryption");
Console.WriteLine($"Text: {message}");
Console.WriteLine($"Key: {Convert.ToBase64String(aesKey)}");
Console.WriteLine($"IV: {Convert.ToBase64String(aesIv)}");
Console.WriteLine($"Encrypted: {Convert.ToBase64String(aesEncryptedMessage)}");
Console.WriteLine($"Decrypted: {aesDecryptedMessage}");
Console.WriteLine("-------------------------------------------");
var rsaEncryptedMessage = CryptoRsa.Encrypt(messageBytes, rsaParameters.publicKey);
var rsaDecryptedMessage = CryptoRsa.Decrypt(rsaEncryptedMessage, rsaParameters.privateKey);
Console.WriteLine("RSA Encryption");
Console.WriteLine($"Text: {message}");
Console.WriteLine($"Encrypted: {Convert.ToBase64String(rsaEncryptedMessage)}");
Console.WriteLine($"Decrypted: {Encoding.Default.GetString(rsaDecryptedMessage)}");
Console.WriteLine("-------------------------------------------");
var hybridEncryptedPacket = CryptoHybrid.Encrypt(message, rsaParameters.publicKey);
var hybridDecryptedMessage = CryptoHybrid.Decrypt(hybridEncryptedPacket, rsaParameters.privateKey);
Console.WriteLine("Hybrid Encryption using AES and RSA");
Console.WriteLine($"Text: {message}");
Console.WriteLine($"Encrypted: {Convert.ToBase64String(hybridEncryptedPacket.EncryptedData)}");
Console.WriteLine($"Decrypted: {hybridDecryptedMessage}");
Console.WriteLine("-------------------------------------------");
var hashedMessage = CryptoHash.Sha256(messageBytes);
var signature = CryptoDigitalSignature.Sign(hashedMessage, rsaParameters.privateKey);
var verify = CryptoDigitalSignature.Verify(hashedMessage, signature, rsaParameters.publicKey);
Console.WriteLine("Digital Signature");
Console.WriteLine($"Text: {message}");
Console.WriteLine($"Signature: {Convert.ToBase64String(signature)}");
Console.WriteLine("Is Verified: " + (verify ? "true" : "false"));
Console.WriteLine("-------------------------------------------");
try {
var hybridSignatureEncryptedPacket = CryptoHybridIntegrity.Encrypt(message, rsaParameters);
var hybridSignatureDecryptedMessage = CryptoHybridIntegrity.Decrypt(hybridSignatureEncryptedPacket, rsaParameters);
Console.WriteLine("Hybrid encryption with digital signature");
Console.WriteLine($"Text: {message}");
Console.WriteLine($"Signature: {Convert.ToBase64String(hybridSignatureEncryptedPacket.Signature)}");
Console.WriteLine($"Encrypted: {Convert.ToBase64String(hybridSignatureEncryptedPacket.EncryptedData)}");
Console.WriteLine($"Decrypted: {hybridSignatureDecryptedMessage}");
}
catch (CryptographicException ex)
{
Console.WriteLine("Error : " + ex.Message);
}
}
