public void InitialChainSymmetryTest1()
{
byte[] rk = rng.Generate(32);
byte[] rhk = rng.Generate(32);
byte[] shk = rng.Generate(32);
var skey1 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var skey2 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var ckey1 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var ckey2 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
byte[] spub1 = skey1.GetPublicKey();
byte[] spub2 = skey2.GetPublicKey();
byte[] cpub1 = ckey1.GetPublicKey();
byte[] cpub2 = ckey2.GetPublicKey();
var secdhstep = EcdhRatchetStep.InitializeServer(kdf, digest,
skey1, rk, cpub1, skey2, rhk, shk);
var cecdhsteps = EcdhRatchetStep.InitializeClient(kdf, digest,
rk, spub1, spub2, ckey1, shk, rhk, ckey2);
// the initialized client can send to the server
var clientkeys = cecdhsteps[0].SendingChain.RatchetForSending(kdf);
var serverkeys = secdhstep.ReceivingChain.RatchetForReceiving(kdf, clientkeys.generation);
Assert.Equal(clientkeys.key, serverkeys.key);
}
public void SecondChainRatchetTest()
{
byte[] rk = rng.Generate(32);
byte[] rhk = rng.Generate(32);
byte[] shk = rng.Generate(32);
var skey1 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var skey2 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var skey3 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var ckey1 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var ckey2 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var ckey3 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
byte[] spub1 = skey1.GetPublicKey();
byte[] spub2 = skey2.GetPublicKey();
byte[] spub3 = skey3.GetPublicKey();
byte[] cpub1 = ckey1.GetPublicKey();
byte[] cpub2 = ckey2.GetPublicKey();
byte[] cpub3 = ckey2.GetPublicKey();
var secdhstep1 = EcdhRatchetStep.InitializeServer(kdf, digest,
skey1, rk, cpub1, skey2, rhk, shk);
var cecdhsteps = EcdhRatchetStep.InitializeClient(kdf, digest,
rk, spub1, spub2, ckey1, shk, rhk, ckey2);
var secdhstep2 = secdhstep1.Ratchet(kdf, digest,
cpub2, skey3);
// and the server sends back
var cecdhstep3 = cecdhsteps[1].Ratchet(kdf, digest,
spub3, ckey3);
var serverkeys = secdhstep2.SendingChain.RatchetForSending(kdf);
var clientkeys = cecdhstep3.ReceivingChain.RatchetForReceiving(kdf, serverkeys.generation);
Assert.Equal(serverkeys.key, clientkeys.key);
}
public void InitialChainRatchetTest()
{
byte[] rk = rng.Generate(32);
byte[] rhk = rng.Generate(32);
byte[] shk = rng.Generate(32);
var skey1 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var skey2 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var skey3 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var ckey1 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var ckey2 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
byte[] spub1 = skey1.GetPublicKey();
byte[] spub2 = skey2.GetPublicKey();
byte[] spub3 = skey3.GetPublicKey();
byte[] cpub1 = ckey1.GetPublicKey();
byte[] cpub2 = ckey2.GetPublicKey();
var secdhstep1 = EcdhRatchetStep.InitializeServer(kdf, digest,
skey1, rk, cpub1, skey2, rhk, shk);
var cecdhsteps = EcdhRatchetStep.InitializeClient(kdf, digest,
rk, spub1, spub2, ckey1, shk, rhk, ckey2);
// client sends new ECDH to server
var secdhstep2 = secdhstep1.Ratchet(kdf, digest,
cpub2, skey3);
// which means the client now can send using its latest step
var clientkeys = cecdhsteps[1].SendingChain.RatchetForSending(kdf);
var serverkeys = secdhstep2.ReceivingChain.RatchetForReceiving(kdf, clientkeys.generation);
Assert.Equal(clientkeys.key, serverkeys.key);
}
public void ServerInitializeReferenceTest(byte[] rk, byte[] rhk, byte[] shk, byte[] _skey1, byte[] _skey2, byte[] cpub, byte[] rckey, byte[] sckey)
{
var skey1 = new KeyAgreement(_skey1);
var skey2 = new KeyAgreement(_skey2);
var ecdhstep = EcdhRatchetStep.InitializeServer(kdf, digest,
skey1, rk, cpub, skey2, rhk, shk);
Assert.Equal(rckey, ecdhstep.ReceivingChain.ChainKey);
Assert.Equal(sckey, ecdhstep.SendingChain.ChainKey);
}
public void InitialChainSymmetryReferenceTest(byte[] rk, byte[] rhk, byte[] shk, byte[] _skey1, byte[] _skey2, byte[] _ckey1, byte[] _ckey2, byte[] rckey, byte[] sckey)
{
var skey1 = new KeyAgreement(_skey1);
var skey2 = new KeyAgreement(_skey2);
var ckey1 = new KeyAgreement(_ckey1);
var ckey2 = new KeyAgreement(_ckey2);
byte[] spub1 = skey1.GetPublicKey();
byte[] spub2 = skey2.GetPublicKey();
byte[] cpub1 = ckey1.GetPublicKey();
byte[] cpub2 = ckey2.GetPublicKey();
var secdhstep = EcdhRatchetStep.InitializeServer(kdf, digest,
skey1, rk, cpub1, skey2, rhk, shk);
var cecdhsteps = EcdhRatchetStep.InitializeClient(kdf, digest,
rk, spub1, spub2, ckey1, shk, rhk, ckey2);
Assert.Equal(rckey, secdhstep.ReceivingChain.ChainKey);
Assert.Equal(rckey, cecdhsteps[0].SendingChain.ChainKey);
Assert.Equal(sckey, secdhstep.SendingChain.ChainKey);
Assert.Equal(sckey, cecdhsteps[1].ReceivingChain.ChainKey);
}
public void ServerInitializeTest()
{
byte[] rk = rng.Generate(32);
byte[] rhk = rng.Generate(32);
byte[] shk = rng.Generate(32);
var skey1 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
var skey2 = new KeyAgreement(KeyGeneration.GeneratePrivateKey());
byte[] ckey = KeyGeneration.GeneratePrivateKey();
byte[] cpub = KeyGeneration.GetPublicKeyFromPrivateKey(ckey);
var ecdhstep = EcdhRatchetStep.InitializeServer(kdf, digest,
skey1, rk, cpub, skey2, rhk, shk);
Assert.NotNull(ecdhstep);
Assert.NotNull(ecdhstep.NextReceiveHeaderKey);
Assert.NotNull(ecdhstep.NextSendHeaderKey);
Assert.NotNull(ecdhstep.NextRootKey);
Assert.NotNull(ecdhstep.ReceiveHeaderKey);
Assert.NotNull(ecdhstep.ReceivingChain.ChainKey);
Assert.Equal(0, ecdhstep.ReceivingChain.Generation);
Assert.NotNull(ecdhstep.SendingChain.ChainKey);
Assert.Equal(0, ecdhstep.SendingChain.Generation);
}