void receive_service_auth_message(Channel channel, ref EncKeys keys, KeyPair picoEphemeralKey, Nonce picoNonce, ref IntPtr serviceEphemKey, ref Nonce serviceNonce)
{
Json json = new Json();
PicoBuffer buf = new PicoBuffer(0);
PicoBuffer iv = new PicoBuffer(0);
PicoBuffer cleartext = new PicoBuffer(0);
channel.read(buf);
json.deserialize(buf);
Assert.AreEqual(json.get_decimal("sessionId"), 0);
serviceEphemKey = CryptoSupport.read_base64_string_public_key(json.get_string("serviceEphemPublicKey"));
buf.clear();
Base64.decode(json.get_string("serviceNonce"), buf);
serviceNonce = new Nonce();
serviceNonce.set_buffer(buf);
Base64.decode(json.get_string("iv"), iv);
// Generate shared secrets
PicoBuffer sharedSecret;
IntPtr vEphemPriv;
SigmaKeyDeriv sigmakeyderiv;
sharedSecret = new PicoBuffer(0);
vEphemPriv = picoEphemeralKey.getprivatekey();
KeyAgreement.generate_secret(vEphemPriv, serviceEphemKey, sharedSecret);
sigmakeyderiv = new SigmaKeyDeriv();
sigmakeyderiv.set(sharedSecret, picoNonce, serviceNonce);
sharedSecret.delete();
keys.pMacKey = new PicoBuffer(0);
keys.pEncKey = new PicoBuffer(0);
keys.vMacKey = new PicoBuffer(0);
keys.vEncKey = new PicoBuffer(0);
keys.sharedKey = new PicoBuffer(0);
sigmakeyderiv.get_next_key(keys.pMacKey, 256);
sigmakeyderiv.get_next_key(keys.pEncKey, 128);
sigmakeyderiv.get_next_key(keys.vMacKey, 256);
sigmakeyderiv.get_next_key(keys.vEncKey, 128);
sigmakeyderiv.get_next_key(keys.sharedKey, 128);
sigmakeyderiv.delete();
buf.clear();
Base64.decode(json.get_string("encryptedData"), buf);
CryptoSupport.decrypt(keys.vEncKey, iv, buf, cleartext);
int start = 0;
int next = 0;
PicoBuffer servicePublicKeyBytes = new PicoBuffer(0);
PicoBuffer serviceSignature = new PicoBuffer(0);
PicoBuffer serviceMac = new PicoBuffer(0);
next = cleartext.copy_lengthprepend(start, servicePublicKeyBytes);
IntPtr servicePublicKey = CryptoSupport.read_buffer_public_key(servicePublicKeyBytes);
Assert.IsTrue(next > start);
next = cleartext.copy_lengthprepend(start, serviceSignature);
Assert.IsTrue(next > start);
next = cleartext.copy_lengthprepend(start, serviceMac);
Assert.IsTrue(next > start);
// TODO assert signature
json.delete();
buf.delete();
cleartext.delete();
servicePublicKeyBytes.delete();
serviceSignature.delete();
serviceMac.delete();
}
public void KeyDeriv()
{
SigmaKeyDeriv sigmakeyderiv;
PicoBuffer sharedSecret;
Nonce picoNonce;
Nonce serviceNonce;
PicoBuffer keyBytes;
PicoBuffer nonceData;
PicoBuffer base64;
sharedSecret = new PicoBuffer(0);
sharedSecret.append("\x23\x02\x38\x40\x70\x23\x49\x08\x23\x04\x48\x20\x39\x48\x02\x70\x8");
nonceData = new PicoBuffer(0);
nonceData.append("\x01\x02\x03\x04\x05\x06\x07\x08");
picoNonce = new Nonce();
picoNonce.set_buffer(nonceData);
nonceData.clear();
nonceData.append("\x07\x04\x09\x02\x03\x07\x05\x06");
serviceNonce = new Nonce();
serviceNonce.set_buffer(nonceData);
nonceData.delete();
sigmakeyderiv = new SigmaKeyDeriv();
sigmakeyderiv.set(sharedSecret, picoNonce, serviceNonce);
sharedSecret.delete();;
picoNonce.delete();
serviceNonce.delete();
// sharedKey
keyBytes = new PicoBuffer(0);
base64 = new PicoBuffer(0);
sigmakeyderiv.get_next_key(keyBytes, 128);
Base64.encode(keyBytes, base64);
base64.append(new byte[] { 0x00 });
Assert.AreEqual(base64.to_string(), "7iU6mLgArgvtO9HW0lvk/g==");
// pMacKey
keyBytes.clear();
base64.clear();
sigmakeyderiv.get_next_key(keyBytes, 256);
Base64.encode(keyBytes, base64);
base64.append(new byte[] { 0x00 });
Assert.AreEqual(base64.to_string(), "L0VyA6JS5ZMggVMvJB22s61K+9INGk3OqK0eyJLMnSs=");
// pEncKey
keyBytes.clear();
base64.clear();
sigmakeyderiv.get_next_key(keyBytes, 128);
Base64.encode(keyBytes, base64);
base64.append(new byte[] { 0x00 });
Assert.AreEqual(base64.to_string(), "ynUis+NzmrGp5yC3nX0Gjw==");
// vMacKey
keyBytes.clear();
base64.clear();
sigmakeyderiv.get_next_key(keyBytes, 256);
Base64.encode(keyBytes, base64);
base64.append(new byte[] { 0x00 });
Assert.AreEqual(base64.to_string(), "J1mluN+sD9qrhdQ83vd/o7BKQvsq5l80t7CuTcs6A0A=");
// pEncKey
keyBytes.clear();
base64.clear();
sigmakeyderiv.get_next_key(keyBytes, 128);
Base64.encode(keyBytes, base64);
base64.append(new byte[] { 0x00 });
Assert.AreEqual(base64.to_string(), "7HK9ZbFCzAiVXUnlzOGDVA==");
keyBytes.delete();
base64.delete();
sigmakeyderiv.delete();
}