public void filter_users() { KeyPair keypair1 = new KeyPair(); KeyPair keypair2 = new KeyPair(); keypair1.generate(); keypair2.generate(); PicoBuffer expected = new PicoBuffer(0); PicoBuffer symmetricKey1 = new PicoBuffer(0); PicoBuffer symmetricKey2 = new PicoBuffer(0); PicoBuffer symmetricKey; CryptoSupport.generate_symmetric_key(symmetricKey1, CryptoSupport.AESKEY_SIZE); CryptoSupport.generate_symmetric_key(symmetricKey2, CryptoSupport.AESKEY_SIZE); Assert.IsFalse(symmetricKey1.equals(symmetricKey2)); IntPtr pub1 = keypair1.getpublickey(); IntPtr pub2 = keypair2.getpublickey(); Users users = new Users(); Assert.AreEqual(users.search_by_key(pub1).getIntPtr(), IntPtr.Zero); Assert.AreEqual(users.search_by_key(pub2).getIntPtr(), IntPtr.Zero); users.add_user("one", pub1, symmetricKey1); users.add_user("two", pub2, symmetricKey2); PicoBuffer user = users.search_by_key(pub1); expected.clear(); expected.append("one"); Assert.IsTrue(user.equals(expected)); user = users.search_by_key(pub2); expected.clear(); expected.append("two"); Assert.IsTrue(user.equals(expected)); Users filtered = new Users(); users.filter_by_name("one", filtered); Assert.AreEqual(filtered.search_by_key(pub2).getIntPtr(), IntPtr.Zero); user = users.search_by_key(pub1); expected.clear(); expected.append("one"); Assert.IsTrue(user.equals(expected)); // Check the correct symmetric keys are returned symmetricKey = users.search_symmetrickey_by_key(pub1); Assert.IsTrue(symmetricKey.equals(symmetricKey1)); symmetricKey = users.search_symmetrickey_by_key(pub2); Assert.IsTrue(symmetricKey.equals(symmetricKey2)); users.delete(); expected.delete(); filtered.delete(); keypair1.delete(); keypair2.delete(); }
void receive_status_message(Channel channel, EncKeys keys, string expected_extra_data) { Json json = new Json(); PicoBuffer buf = new PicoBuffer(0); PicoBuffer iv = new PicoBuffer(0); PicoBuffer cleartext = new PicoBuffer(0); channel.read(buf); json.deserialize(buf); Assert.AreEqual(json.get_decimal("sessionId"), 0); Base64.decode(json.get_string("iv"), iv); buf.clear(); Base64.decode(json.get_string("encryptedData"), buf); CryptoSupport.decrypt(keys.vEncKey, iv, buf, cleartext); PicoBuffer receivedExtraData = new PicoBuffer(0); byte[] status = new byte[2]; cleartext.copy_to_array(status, 2); Assert.AreEqual(status[0], 0x00); cleartext.copy_lengthprepend(1, receivedExtraData); receivedExtraData.append(new byte[] { 0x00 }); Assert.AreEqual(receivedExtraData.to_string(), expected_extra_data); json.delete(); buf.delete(); cleartext.delete(); iv.delete(); receivedExtraData.delete(); }
void send_pico_auth_message(Channel channel, EncKeys keys, Nonce serviceNonce, KeyPair picoIdentityKey, KeyPair picoEphemeralKey, string extra_data_to_send) { Json json = new Json(); PicoBuffer buf = new PicoBuffer(0); PicoBuffer toEncrypt = new PicoBuffer(0); picoIdentityKey.getpublicder(buf); toEncrypt.append_lengthprepend(buf); PicoBuffer toSign = new PicoBuffer(0); toSign.append(serviceNonce.get_buffer(), serviceNonce.get_length()); toSign.append(new byte[] { 0x00, 0x00, 0x00, 0x00 }); buf.clear(); picoEphemeralKey.getpublicder(buf); toSign.append(buf); buf.clear(); picoIdentityKey.sign_data(toSign, buf); toEncrypt.append_lengthprepend(buf); PicoBuffer mac = new PicoBuffer(0); buf.clear(); picoIdentityKey.getpublicder(buf); CryptoSupport.generate_mac(keys.pMacKey, buf, mac); toEncrypt.append_lengthprepend(mac); PicoBuffer extraData = new PicoBuffer(0); extraData.append(extra_data_to_send); toEncrypt.append_lengthprepend(extraData); PicoBuffer iv = new PicoBuffer(16); CryptoSupport.generate_iv(iv); PicoBuffer encrypted = new PicoBuffer(0); CryptoSupport.encrypt(keys.pEncKey, iv, toEncrypt, encrypted); buf.clear(); Base64.encode(encrypted, buf); json.add("encryptedData", buf); buf.clear(); Base64.encode(iv, buf); json.add("iv", buf); json.add("sessionId", 0); buf.clear(); json.serialize(buf); channel.write_buffer(buf); json.delete(); buf.delete(); toEncrypt.delete(); toSign.delete(); mac.delete(); extraData.delete(); iv.delete(); encrypted.delete(); }
void receive_service_auth_message(Channel channel, ref EncKeys keys, KeyPair picoEphemeralKey, Nonce picoNonce, ref IntPtr serviceEphemKey, ref Nonce serviceNonce) { Json json = new Json(); PicoBuffer buf = new PicoBuffer(0); PicoBuffer iv = new PicoBuffer(0); PicoBuffer cleartext = new PicoBuffer(0); channel.read(buf); json.deserialize(buf); Assert.AreEqual(json.get_decimal("sessionId"), 0); serviceEphemKey = CryptoSupport.read_base64_string_public_key(json.get_string("serviceEphemPublicKey")); buf.clear(); Base64.decode(json.get_string("serviceNonce"), buf); serviceNonce = new Nonce(); serviceNonce.set_buffer(buf); Base64.decode(json.get_string("iv"), iv); // Generate shared secrets PicoBuffer sharedSecret; IntPtr vEphemPriv; SigmaKeyDeriv sigmakeyderiv; sharedSecret = new PicoBuffer(0); vEphemPriv = picoEphemeralKey.getprivatekey(); KeyAgreement.generate_secret(vEphemPriv, serviceEphemKey, sharedSecret); sigmakeyderiv = new SigmaKeyDeriv(); sigmakeyderiv.set(sharedSecret, picoNonce, serviceNonce); sharedSecret.delete(); keys.pMacKey = new PicoBuffer(0); keys.pEncKey = new PicoBuffer(0); keys.vMacKey = new PicoBuffer(0); keys.vEncKey = new PicoBuffer(0); keys.sharedKey = new PicoBuffer(0); sigmakeyderiv.get_next_key(keys.pMacKey, 256); sigmakeyderiv.get_next_key(keys.pEncKey, 128); sigmakeyderiv.get_next_key(keys.vMacKey, 256); sigmakeyderiv.get_next_key(keys.vEncKey, 128); sigmakeyderiv.get_next_key(keys.sharedKey, 128); sigmakeyderiv.delete(); buf.clear(); Base64.decode(json.get_string("encryptedData"), buf); CryptoSupport.decrypt(keys.vEncKey, iv, buf, cleartext); int start = 0; int next = 0; PicoBuffer servicePublicKeyBytes = new PicoBuffer(0); PicoBuffer serviceSignature = new PicoBuffer(0); PicoBuffer serviceMac = new PicoBuffer(0); next = cleartext.copy_lengthprepend(start, servicePublicKeyBytes); IntPtr servicePublicKey = CryptoSupport.read_buffer_public_key(servicePublicKeyBytes); Assert.IsTrue(next > start); next = cleartext.copy_lengthprepend(start, serviceSignature); Assert.IsTrue(next > start); next = cleartext.copy_lengthprepend(start, serviceMac); Assert.IsTrue(next > start); // TODO assert signature json.delete(); buf.delete(); cleartext.delete(); servicePublicKeyBytes.delete(); serviceSignature.delete(); serviceMac.delete(); }