private static void CreateEncryptFileFor(string aliasName, string fileName, string pubFileName, bool isBinary)
{
DHKeyPair _aliaskeys = RestoreKeys(aliasName);
PublicKey _publickeyto = RestorePublicKey(pubFileName);
IDiffieHellman _dh = new DiffieHellman();
DHDerivedKey _derived = _dh.GenerateDerivedKey(_aliaskeys, _publickeyto);
Console.WriteLine($"Derived Key:\n {BitConverter.ToString(_derived.Value)}");
byte[] IV = System.Text.Encoding.UTF8.GetBytes(fileName);
ICypher cypher = new AesCypher(_derived.Value, IV);
byte[] encrypted;
if (isBinary)
{
var content = ReadBinFile(fileName);
encrypted = cypher.Encrypt(Convert.ToBase64String(content));
}
else
{
encrypted = cypher.Encrypt(ReadTextFile(fileName));
}
WriteBinFile($"{fileName}{extfile}", encrypted);
Console.WriteLine($"{fileName}{extfile} encrypt file created.");
}
private static void RestoreEncryptFileFrom(string aliasName, string fileName, string pubFileName, bool isBinary)
{
DHKeyPair _aliaskeys = RestoreKeys(aliasName);
PublicKey _publickeyto = RestorePublicKey(pubFileName);
IDiffieHellman _dh = new DiffieHellman();
DHDerivedKey _derived = _dh.GenerateDerivedKey(_aliaskeys, _publickeyto);
Console.WriteLine($"Derived Key:\n {BitConverter.ToString(_derived.Value)}");
string fileout = fileName.Replace(extfile, string.Empty);
byte[] IV = System.Text.Encoding.UTF8.GetBytes(fileout);
ICypher cypher = new AesCypher(_derived.Value, IV);
byte[] read = ReadBinFile(fileName);
string content = cypher.Decrypt(read);
if (isBinary)
{
var bcontent = Convert.FromBase64String(content);
WriteBinFile(fileout, bcontent);
}
else
{
WriteTextFile(fileout, content);
}
Console.WriteLine($"{fileout} decrypt file created.");
}
public DataExchangeKeys ComputeKeys(DHKeyPair my_key_pair, BigInteger buddy_public_key)
{
if (Utility.IsValidPublicKey(buddy_public_key) == false)
{
throw new ArgumentException("DataExchangeKeysManager:Buddy public key is invalid");
}
if (my_key_pair == null)
{
throw new ArgumentException("DataExchangeKeysManager: My Key Pair cannot be null");
}
if (my_key_pair.GetPrivateKey() < 1)
{
throw new ArgumentException("DataExchangeKeysManager: Private key in my_key_pair value cannot be less than 0");
}
if (buddy_public_key < 1)
{
throw new ArgumentException("DataExchangeKeysManager: Buddy public key value cannot be less than 0");
}
if (my_key_pair.GetPublicKey() > buddy_public_key)
{
_end_type = OTR_END_TYPE.HIGH_END;
_send_byte = OTRConstants.HIGH_END_SEND_BYTE_VALUE;
_recv_byte = OTRConstants.HIGH_END_RECV_BYTE_VALUE;
}
else
{
_end_type = OTR_END_TYPE.LOW_END;
_send_byte = OTRConstants.LOW_END_SEND_BYTE_VALUE;
_recv_byte = OTRConstants.LOW_END_RECV_BYTE_VALUE;
}
_data_exchange_keys = new DataExchangeKeys();
_data_exchange_keys.SetEndType(_end_type);
_secret = Utility.ComputeSecret(my_key_pair, buddy_public_key, OTRConstants.RFC_3526_GENERATOR, OTRConstants.RFC_3526_PRIME_MODULO());
Utility.SetSecByteMpi(_secret, ref _sec_data_byte_array_mpi);
_data_exchange_keys.SetSecData(_sec_data_byte_array_mpi);
ComputeSendKeys();
ComputeRecvKeys();
ComputeAesExtraKey();
return(_data_exchange_keys);
}
public DHKeyPair GenerateKeyPair()
{
key_serial++;
DHKeyPair _key_pair = new DHKeyPair(key_serial);
_key_pair.SetPrivateKey(Utility.GetRandBigInt(OTRConstants.DH_PRIVATE_KEY_MINIMUM_LENGTH_BITS));
_key_pair.SetPublicKey(BigInteger.ModPow(OTRConstants.RFC_3526_GENERATOR, _key_pair.GetPrivateKey(), OTRConstants.RFC_3526_PRIME_MODULO()));
return(_key_pair);
}
public static bool IsSignatureVerified(AKEKeys ake_keys, DHKeyPair key_pair, byte[] their_public_key_mpi_byte_array, byte[] encrypted_signature_byte_array,
byte[] hashed_encrypted_signature_byte_array, bool is_top_half_keys, ref UInt32 public_key_id, ref byte[] dsa_public_key_byte_array_encoded)
{
if (encrypted_signature_byte_array == null || encrypted_signature_byte_array.Length < 1)
{
throw new ArgumentException("IsSignatureVerified: Encrypted signature byte array cannot be null/empty");
}
if (hashed_encrypted_signature_byte_array == null || hashed_encrypted_signature_byte_array.Length < 1)
{
throw new ArgumentException("IsSignatureVerified: The hashed encrypted byte array cannot be null/empty");
}
if (ake_keys == null)
{
throw new ArgumentException("IsSignatureVerified: The AKE keys cannot be null");
}
bool _is_hash_verified = false;
if (is_top_half_keys == true)
{
_is_hash_verified = IsHashSignatureVerified(ake_keys.GetMACKey2(), encrypted_signature_byte_array, hashed_encrypted_signature_byte_array);
}
else
{
_is_hash_verified = IsHashSignatureVerified(ake_keys.GetMACKey4(), encrypted_signature_byte_array, hashed_encrypted_signature_byte_array);
}
if (_is_hash_verified == false)
{
return(false);
}
if (IsEncryptedSignatureVerified(ake_keys, key_pair, their_public_key_mpi_byte_array,
encrypted_signature_byte_array, 0, is_top_half_keys, ref public_key_id, ref dsa_public_key_byte_array_encoded) == false)
{
return(false);
}
return(true);
}
private static DHKeyPair RestoreKeys(string aliasName)
{
byte[] _aliasprivate = ReadBinFile($"{aliasName}.private.key");
string _aliaspublicS = ReadTextFile($"{aliasName}.public.key");
byte[] _aliaspublic = Convert.FromBase64String(_aliaspublicS);
DHKeyPair _aliaskeys =
new DHKeyPair(
new PrivateKey(_aliasprivate),
new PublicKey(_aliaspublic)
);
return(_aliaskeys);
}
public AKEKeys ComputeKeys(DHKeyPair my_key_pair, BigInteger public_key)
{
if (Utility.IsValidPublicKey(public_key) == false)
{
throw new ArgumentException("AKEKeysManager:Public key is invalid");
}
if (my_key_pair == null)
{
throw new ArgumentException("AKEKeysManager: My Key Pair cannot be null");
}
if (my_key_pair.GetPrivateKey() < 1)
{
throw new ArgumentException("AKEKeysManager: Private key in my_key_pair value cannot be less than 0");
}
if (public_key < 1)
{
throw new ArgumentException("AKEKeysManager: Public key value cannot be less than 0");
}
_ake_keys = new AKEKeys();
_secret = Utility.ComputeSecret(my_key_pair, public_key, OTRConstants.RFC_3526_GENERATOR, OTRConstants.RFC_3526_PRIME_MODULO());
Utility.SetSecByteMpi(_secret, ref _sec_data_byte_array_mpi);
_ake_keys.SetSecData(_sec_data_byte_array_mpi);
ComputeSessionIDByte();
ComputeEncryptionKeysBytes();
ComputeMACKeysBytes();
return(_ake_keys);
}
public Session(int clientOS, int clientRevision)
{
/* Initialize protocol with this session. */
this._protocol = new Protocol(this);
/* Set client properties. */
this._clientId = CLIENT_ID;
this._clientOs = clientOS;
this._clientRevision = clientRevision;
/* Client and server generate 16 random bytes each. */
this._clientRandom = new byte[16];
this._serverRandom = new byte[16];
RandomBytes.GetRandomBytes(ref this._clientRandom);
/* Allocate buffer for server RSA key. */
this._serverBlob = new byte[256];
/* Allocate buffer for salt and auth hash. */
this._username = null;
this._password = null;
this._salt = new byte[10];
this._authHash = new byte[20];
/*
* Create a private and public DH key and allocate buffer
* for shared key. This, along with key signing, is used
* to securely agree on a session key for the Shannon stream
* cipher.
*/
this._dhClientKeyPair = DH.GenerateKeyPair(768);
this._dhSharedKey = new byte[96];
/* Generate RSA key pair. */
this._rsaClientKeyPair = Sharpotify.Crypto.RSA.GenerateKeyPair(1024);
/* Allocate buffers for HMAC and Shannon stream cipher keys. */
this._keyHmac = new byte[20];
this._authHmac = new byte[20];
this._keyRecv = new byte[32];
this._keySend = new byte[32];
this._keyRecvIv = 0;
this._keySendIv = 0;
/* Stream cipher instances. */
this._shannonRecv = new Shannon();
this._shannonSend = new Shannon();
/* Allocate buffer for puzzle solution. */
this._puzzleDenominator = 0;
this._puzzleMagic = 0;
this._puzzleSolution = new byte[8];
/* Found in Storage.dat (cache) at offset 16. Modify first byte of cache hash. */
this._cacheHash = new byte[] {
(byte)0xf4, (byte)0xc2, (byte)0xaa, (byte)0x05,
(byte)0xe8, (byte)0x25, (byte)0xa7, (byte)0xb5,
(byte)0xe4, (byte)0xe6, (byte)0x59, (byte)0x0f,
(byte)0x3d, (byte)0xd0, (byte)0xbe, (byte)0x0a,
(byte)0xef, (byte)0x20, (byte)0x51, (byte)0x95
};
this._cacheHash[0] = (byte)new Random().Next();
/* Not initialized. */
this._initialClientPacket = null;
this._initialServerPacket = null;
}
private static bool IsEncryptedSignatureVerified(AKEKeys ake_keys, DHKeyPair key_pair, byte[] their_public_key_mpi_byte_array,
byte[] encryted_byte_array, UInt64 counter, bool is_top_half_keys, ref UInt32 public_key_id, ref byte[] dsa_public_key_byte_array_encoded)
{
int _next_start_index = -1;
bool _is_verified = false;
byte[] _decrypted_x_data_array = null;
byte[] _hashed_m_data_signature = null;
byte[] _dh_kid_bytes = null;
byte[] _temp_byte_array = null;
byte[] _dsa_public_key_type = null;
byte[] _dsa_public_key_param_p_mpi = null;
byte[] _dsa_public_key_param_q_mpi = null;
byte[] _dsa_public_key_param_g_mpi = null;
byte[] _dsa_public_key_param_y_mpi = null;
try
{
/*get encrypted signature bytes*/
_next_start_index = 0;
_temp_byte_array = null;
_next_start_index = Utility.DecodeDataFromBytesBE(encryted_byte_array, _next_start_index, ref _temp_byte_array);
if (_temp_byte_array == null || _temp_byte_array.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded Encrypted OTR Data type byte array cannot be null/empty");
}
if (is_top_half_keys == true)
{
_decrypted_x_data_array = Utility.AESGetDecrypt(ake_keys.GetAESKey1(), _temp_byte_array, counter);
}
else
{
_decrypted_x_data_array = Utility.AESGetDecrypt(ake_keys.GetAESKey2(), _temp_byte_array, counter);
}
if (_decrypted_x_data_array == null || _decrypted_x_data_array.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decrypted byte array cannot be null/empty");
}
/*get public key parameter bytes*/
_next_start_index = 0;
_temp_byte_array = null;
//get public key type
int _pub_key_start_index = _next_start_index;
_next_start_index = Utility.DecodeShortFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_type);
if (_dsa_public_key_type == null || _dsa_public_key_type.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded DSA public key type byte array cannot be null/empty");
}
if (BitConverter.ToUInt16(_dsa_public_key_type, 0) != OTRConstants.DSA_PUB_KEY_TYPE)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The DSA public key type is invalid");
}
//get MPI encoded DSA public key parameters
_next_start_index = Utility.DecoupleMpiFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_param_p_mpi);
_next_start_index = Utility.DecoupleMpiFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_param_q_mpi);
_next_start_index = Utility.DecoupleMpiFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_param_g_mpi);
_next_start_index = Utility.DecoupleMpiFromBytes(_decrypted_x_data_array, _next_start_index, ref _dsa_public_key_param_y_mpi);
int _pub_key_end_index = _next_start_index;
//get the whole encoded DSA key
dsa_public_key_byte_array_encoded = new byte[_pub_key_end_index - _pub_key_start_index];
Buffer.BlockCopy(_decrypted_x_data_array, _pub_key_start_index, dsa_public_key_byte_array_encoded, 0, dsa_public_key_byte_array_encoded.Length);
DsaPublicKeyParameters _dsa_public_key_params = GetDSAPublicKeyParams(_dsa_public_key_param_p_mpi, _dsa_public_key_param_q_mpi, _dsa_public_key_param_g_mpi, _dsa_public_key_param_y_mpi);
/*Get DH Key ID bytes*/
_next_start_index = Utility.DecodeIntFromBytes(_decrypted_x_data_array, _next_start_index, ref _dh_kid_bytes);
if (_dh_kid_bytes == null || _dh_kid_bytes.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded Key ID OTR Int type byte array cannot be null/empty");
}
public_key_id = BitConverter.ToUInt32(_dh_kid_bytes, 0);
/*Get Signed M_b*/
_hashed_m_data_signature = new byte[_decrypted_x_data_array.Length - _next_start_index];
Buffer.BlockCopy(_decrypted_x_data_array, _next_start_index, _hashed_m_data_signature, 0, _hashed_m_data_signature.Length);
if (_hashed_m_data_signature == null || _hashed_m_data_signature.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The extracted Signed byte array, M_b, cannot be null/empty");
}
/*Decode r and s */
_next_start_index = 0;
byte[] _decoded_signature_r_byte_array = null;
byte[] _decoded_signature_s_byte_array = null;
_next_start_index = Utility.DecodeMacFromBytesBE(_hashed_m_data_signature, _next_start_index, ref _decoded_signature_r_byte_array);
_next_start_index = Utility.DecodeMacFromBytesBE(_hashed_m_data_signature, _next_start_index, ref _decoded_signature_s_byte_array);
if (_decoded_signature_r_byte_array == null || _decoded_signature_r_byte_array.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded DSA signature parameter 'r' byte array cannot be null/empty");
}
if (_decoded_signature_s_byte_array == null || _decoded_signature_s_byte_array.Length < 1)
{
throw new InvalidDataException("IsEncryptedSignatureVerified: The decoded DSA signature parameter 's' byte array cannot be null/empty");
}
/*Verify Signature*/
byte[] _hashed_m_data_byte_array = ComputeM(ake_keys, their_public_key_mpi_byte_array, key_pair.GetPublicKeyMpiBytes(), dsa_public_key_byte_array_encoded, _dh_kid_bytes, is_top_half_keys);
_is_verified = DSASigner.VerifySignature(_dsa_public_key_params, _hashed_m_data_byte_array, _decoded_signature_r_byte_array, _decoded_signature_s_byte_array);
}
catch (Exception ex)
{
_is_verified = false;
throw new InvalidDataException("IsEncryptedVerified:" + ex.ToString());
}
return(_is_verified);
}