/// <summary>
/// Given the keys obtained during the handshake generates a pair of
/// Boxer/Unboxer.
/// </summary>
/// <remarks>
/// <para>
/// TODO: Write about the process detailed in the spec
/// </para>
/// </remarks>
/// <param name="derived_secret">
/// The secret derived from the client long term key and the server's
/// ephemeral key (Ab).
/// </param>
/// <param name="foreing_pubkey">
/// The public key that identifies the other peer, that is, the server
/// public key if this is called from the client and vice versa.
/// </param>
/// <param name="self_pubkey">
/// The public key that identifies the entity calling this.
/// </param>
/// <param name="network_key">
/// The key that identifies the network, in the case of scuttlebutt is
/// the one posted in the scuttlebutt protocol
/// <see href="https://ssbc.github.io/scuttlebutt-protocol-guide/">
/// guide
/// </see>.
/// </param>
/// <param name="a">
/// The client's ephemeral public key used during the handshake.
/// </param>
/// <param name="b">
/// The server's ephemeral public key used during the handshake.
/// </param>
/// <returns>
/// The Boxer/Unboxer pair that a client or server can use to
/// communicate with the other.
/// </returns>
public static (Boxer, Unboxer) Build(
byte[] derived_secret,
byte[] foreing_pubkey,
byte[] self_pubkey,
byte[] network_key,
byte[] a,
byte[] b
)
{
var common = CryptoHash.Sha256(CryptoHash.Sha256(derived_secret));
var send_key = CryptoHash.Sha256(Utils.Concat(common, foreing_pubkey));
var recv_key = CryptoHash.Sha256(Utils.Concat(common, self_pubkey));
var send_nonce = new byte[24];
var recv_nonce = new byte[24];
var bhmac = SecretKeyAuth.Sign(b, network_key);
var ahmac = SecretKeyAuth.Sign(a, network_key);
Buffer.BlockCopy(send_nonce, 0, bhmac, 0, 24);
Buffer.BlockCopy(recv_nonce, 0, ahmac, 0, 24);
var boxer = new Boxer(send_key, send_nonce);
var unboxer = new Unboxer(recv_key, recv_nonce);
return(boxer, unboxer);
}
public void SimpleAuthTest()
{
var expected = Utilities.HexToBinary("9f44681a662b7cde80c4eb34db5102b62a8b482272e3cceef73a334ec1d321c0");
var actual = SecretKeyAuth.Sign(Encoding.UTF8.GetBytes("Adam Caudill"), Encoding.UTF8.GetBytes("01234567890123456789012345678901"));
CollectionAssert.AreEqual(expected, actual);
}
public void SecretKeyAuthSignWithBadKey()
{
Assert.Throws <KeyOutOfRangeException>(() =>
{
SecretKeyAuth.Sign(Encoding.UTF8.GetBytes("Adam Caudill"),
Encoding.UTF8.GetBytes("0123456789012345678901234567890"));
});
}
public void SignAndVerifyTest()
{
byte[] key = SecretKeyAuth.GenerateKey();
byte[] message = System.Text.Encoding.UTF8.GetBytes("Hello, World!");
byte[] signature = SecretKeyAuth.Sign(message, key);
bool verification = SecretKeyAuth.Verify(message, signature, key);
Assert.IsTrue(verification);
}
public void SignTest()
{
// Test signing given a known key and signature generated from libsodium
byte[] key = Convert.FromBase64String("wYSsnapy7G9F+NTo/bVvIpnRv/ULd97XSMPLoe4+abM=");
String expectedSignature = "hQ4vOFX+pPJNhXxnbMfzAtLjSVeRBBGCOIjlNoIWvzA=";
byte[] message = System.Text.Encoding.UTF8.GetBytes("Hello, World!");
byte[] signature = SecretKeyAuth.Sign(message, key);
Assert.AreEqual(expectedSignature, Convert.ToBase64String(signature));
}
/// <summary>
/// Craft server response to client hello
/// </summary>
/// <returns>
/// Returns the message ready to be sent, consisting of the server
/// ephemeral key and an hmac of the server key signed with the
/// network key.
/// </returns>
public byte[] Hello()
{
var hmac = SecretKeyAuth.Sign(
_ephemeral_server_keypair.PublicKey,
_network_key
);
var msg = Utils.Concat(
hmac, _ephemeral_server_keypair.PublicKey
);
return(msg);
}
/// <summary>
/// Crafts the client's hello message.
/// </summary>
/// <remark>
/// Signs the ephemeral public key with the network key and appends
/// that key.
/// </remark>
/// <returns>
/// The message to be sent
/// </returns>
public byte[] Hello()
{
var signed_key = SecretKeyAuth.Sign(
this._ephemeral_client_keypair.PublicKey,
this._network_key
);
var msg = Utils.Concat(
signed_key, _ephemeral_client_keypair.PublicKey
);
return(msg);
}
public void SecretKeyAuthSignAndVerifyTest()
{
byte[] key = SecretKeyAuth.GenerateKey();
String message = "Hello, World!";
byte[] signature = SecretKeyAuth.Sign(System.Text.Encoding.UTF8.GetBytes(message), key);
Assert.AreEqual(32, signature.Length);
bool verification = SecretKeyAuth.Verify(System.Text.Encoding.UTF8.GetBytes(message), signature, key);
Assert.IsTrue(verification);
signature = SecretKeyAuth.Sign(message, key);
Assert.AreEqual(32, signature.Length);
verification = SecretKeyAuth.Verify(message, signature, key);
Assert.IsTrue(verification);
}
public void SecretKeyAuthSignWithBadKey()
{
SecretKeyAuth.Sign(Encoding.UTF8.GetBytes("Adam Caudill"),
Encoding.UTF8.GetBytes("0123456789012345678901234567890"));
}