public void filter_users() { KeyPair keypair1 = new KeyPair(); KeyPair keypair2 = new KeyPair(); keypair1.generate(); keypair2.generate(); PicoBuffer expected = new PicoBuffer(0); PicoBuffer symmetricKey1 = new PicoBuffer(0); PicoBuffer symmetricKey2 = new PicoBuffer(0); PicoBuffer symmetricKey; CryptoSupport.generate_symmetric_key(symmetricKey1, CryptoSupport.AESKEY_SIZE); CryptoSupport.generate_symmetric_key(symmetricKey2, CryptoSupport.AESKEY_SIZE); Assert.IsFalse(symmetricKey1.equals(symmetricKey2)); IntPtr pub1 = keypair1.getpublickey(); IntPtr pub2 = keypair2.getpublickey(); Users users = new Users(); Assert.AreEqual(users.search_by_key(pub1).getIntPtr(), IntPtr.Zero); Assert.AreEqual(users.search_by_key(pub2).getIntPtr(), IntPtr.Zero); users.add_user("one", pub1, symmetricKey1); users.add_user("two", pub2, symmetricKey2); PicoBuffer user = users.search_by_key(pub1); expected.clear(); expected.append("one"); Assert.IsTrue(user.equals(expected)); user = users.search_by_key(pub2); expected.clear(); expected.append("two"); Assert.IsTrue(user.equals(expected)); Users filtered = new Users(); users.filter_by_name("one", filtered); Assert.AreEqual(filtered.search_by_key(pub2).getIntPtr(), IntPtr.Zero); user = users.search_by_key(pub1); expected.clear(); expected.append("one"); Assert.IsTrue(user.equals(expected)); // Check the correct symmetric keys are returned symmetricKey = users.search_symmetrickey_by_key(pub1); Assert.IsTrue(symmetricKey.equals(symmetricKey1)); symmetricKey = users.search_symmetrickey_by_key(pub2); Assert.IsTrue(symmetricKey.equals(symmetricKey2)); users.delete(); expected.delete(); filtered.delete(); keypair1.delete(); keypair2.delete(); }
void receive_status_message(Channel channel, EncKeys keys, string expected_extra_data) { Json json = new Json(); PicoBuffer buf = new PicoBuffer(0); PicoBuffer iv = new PicoBuffer(0); PicoBuffer cleartext = new PicoBuffer(0); channel.read(buf); json.deserialize(buf); Assert.AreEqual(json.get_decimal("sessionId"), 0); Base64.decode(json.get_string("iv"), iv); buf.clear(); Base64.decode(json.get_string("encryptedData"), buf); CryptoSupport.decrypt(keys.vEncKey, iv, buf, cleartext); PicoBuffer receivedExtraData = new PicoBuffer(0); byte[] status = new byte[2]; cleartext.copy_to_array(status, 2); Assert.AreEqual(status[0], 0x00); cleartext.copy_lengthprepend(1, receivedExtraData); receivedExtraData.append(new byte[] { 0x00 }); Assert.AreEqual(receivedExtraData.to_string(), expected_extra_data); json.delete(); buf.delete(); cleartext.delete(); iv.delete(); receivedExtraData.delete(); }
void send_start_message(Channel channel, int picoVersion, KeyPair picoEphemeralKey, Nonce picoNonce) { Json json = new Json(); PicoBuffer buf = new PicoBuffer(0); json.add("picoVersion", (double)2); picoEphemeralKey.getpublicpem(buf); json.add("picoEphemeralPublicKey", buf); buf.clear(); Base64.encode(picoNonce.get_buffer(), picoNonce.get_length(), buf); json.add("picoNonce", buf); buf.clear(); json.serialize(buf); channel.write_buffer(buf); buf.delete(); json.delete(); }
void send_pico_auth_message(Channel channel, EncKeys keys, Nonce serviceNonce, KeyPair picoIdentityKey, KeyPair picoEphemeralKey, string extra_data_to_send) { Json json = new Json(); PicoBuffer buf = new PicoBuffer(0); PicoBuffer toEncrypt = new PicoBuffer(0); picoIdentityKey.getpublicder(buf); toEncrypt.append_lengthprepend(buf); PicoBuffer toSign = new PicoBuffer(0); toSign.append(serviceNonce.get_buffer(), serviceNonce.get_length()); toSign.append(new byte[] { 0x00, 0x00, 0x00, 0x00 }); buf.clear(); picoEphemeralKey.getpublicder(buf); toSign.append(buf); buf.clear(); picoIdentityKey.sign_data(toSign, buf); toEncrypt.append_lengthprepend(buf); PicoBuffer mac = new PicoBuffer(0); buf.clear(); picoIdentityKey.getpublicder(buf); CryptoSupport.generate_mac(keys.pMacKey, buf, mac); toEncrypt.append_lengthprepend(mac); PicoBuffer extraData = new PicoBuffer(0); extraData.append(extra_data_to_send); toEncrypt.append_lengthprepend(extraData); PicoBuffer iv = new PicoBuffer(16); CryptoSupport.generate_iv(iv); PicoBuffer encrypted = new PicoBuffer(0); CryptoSupport.encrypt(keys.pEncKey, iv, toEncrypt, encrypted); buf.clear(); Base64.encode(encrypted, buf); json.add("encryptedData", buf); buf.clear(); Base64.encode(iv, buf); json.add("iv", buf); json.add("sessionId", 0); buf.clear(); json.serialize(buf); channel.write_buffer(buf); json.delete(); buf.delete(); toEncrypt.delete(); toSign.delete(); mac.delete(); extraData.delete(); iv.delete(); encrypted.delete(); }
public void equals() { PicoBuffer b = new PicoBuffer(3); PicoBuffer b2 = new PicoBuffer(3); b.append("1234"); b2.append("6789"); Assert.IsFalse(b.equals(b2)); b2.clear(); b2.append("1234"); Assert.IsTrue(b.equals(b2)); b.set_pos(10); Assert.IsFalse(b.equals(b2)); b.delete(); b2.delete(); }
void receive_service_auth_message(Channel channel, ref EncKeys keys, KeyPair picoEphemeralKey, Nonce picoNonce, ref IntPtr serviceEphemKey, ref Nonce serviceNonce) { Json json = new Json(); PicoBuffer buf = new PicoBuffer(0); PicoBuffer iv = new PicoBuffer(0); PicoBuffer cleartext = new PicoBuffer(0); channel.read(buf); json.deserialize(buf); Assert.AreEqual(json.get_decimal("sessionId"), 0); serviceEphemKey = CryptoSupport.read_base64_string_public_key(json.get_string("serviceEphemPublicKey")); buf.clear(); Base64.decode(json.get_string("serviceNonce"), buf); serviceNonce = new Nonce(); serviceNonce.set_buffer(buf); Base64.decode(json.get_string("iv"), iv); // Generate shared secrets PicoBuffer sharedSecret; IntPtr vEphemPriv; SigmaKeyDeriv sigmakeyderiv; sharedSecret = new PicoBuffer(0); vEphemPriv = picoEphemeralKey.getprivatekey(); KeyAgreement.generate_secret(vEphemPriv, serviceEphemKey, sharedSecret); sigmakeyderiv = new SigmaKeyDeriv(); sigmakeyderiv.set(sharedSecret, picoNonce, serviceNonce); sharedSecret.delete(); keys.pMacKey = new PicoBuffer(0); keys.pEncKey = new PicoBuffer(0); keys.vMacKey = new PicoBuffer(0); keys.vEncKey = new PicoBuffer(0); keys.sharedKey = new PicoBuffer(0); sigmakeyderiv.get_next_key(keys.pMacKey, 256); sigmakeyderiv.get_next_key(keys.pEncKey, 128); sigmakeyderiv.get_next_key(keys.vMacKey, 256); sigmakeyderiv.get_next_key(keys.vEncKey, 128); sigmakeyderiv.get_next_key(keys.sharedKey, 128); sigmakeyderiv.delete(); buf.clear(); Base64.decode(json.get_string("encryptedData"), buf); CryptoSupport.decrypt(keys.vEncKey, iv, buf, cleartext); int start = 0; int next = 0; PicoBuffer servicePublicKeyBytes = new PicoBuffer(0); PicoBuffer serviceSignature = new PicoBuffer(0); PicoBuffer serviceMac = new PicoBuffer(0); next = cleartext.copy_lengthprepend(start, servicePublicKeyBytes); IntPtr servicePublicKey = CryptoSupport.read_buffer_public_key(servicePublicKeyBytes); Assert.IsTrue(next > start); next = cleartext.copy_lengthprepend(start, serviceSignature); Assert.IsTrue(next > start); next = cleartext.copy_lengthprepend(start, serviceMac); Assert.IsTrue(next > start); // TODO assert signature json.delete(); buf.delete(); cleartext.delete(); servicePublicKeyBytes.delete(); serviceSignature.delete(); serviceMac.delete(); }
public void KeyDeriv() { SigmaKeyDeriv sigmakeyderiv; PicoBuffer sharedSecret; Nonce picoNonce; Nonce serviceNonce; PicoBuffer keyBytes; PicoBuffer nonceData; PicoBuffer base64; sharedSecret = new PicoBuffer(0); sharedSecret.append("\x23\x02\x38\x40\x70\x23\x49\x08\x23\x04\x48\x20\x39\x48\x02\x70\x8"); nonceData = new PicoBuffer(0); nonceData.append("\x01\x02\x03\x04\x05\x06\x07\x08"); picoNonce = new Nonce(); picoNonce.set_buffer(nonceData); nonceData.clear(); nonceData.append("\x07\x04\x09\x02\x03\x07\x05\x06"); serviceNonce = new Nonce(); serviceNonce.set_buffer(nonceData); nonceData.delete(); sigmakeyderiv = new SigmaKeyDeriv(); sigmakeyderiv.set(sharedSecret, picoNonce, serviceNonce); sharedSecret.delete();; picoNonce.delete(); serviceNonce.delete(); // sharedKey keyBytes = new PicoBuffer(0); base64 = new PicoBuffer(0); sigmakeyderiv.get_next_key(keyBytes, 128); Base64.encode(keyBytes, base64); base64.append(new byte[] { 0x00 }); Assert.AreEqual(base64.to_string(), "7iU6mLgArgvtO9HW0lvk/g=="); // pMacKey keyBytes.clear(); base64.clear(); sigmakeyderiv.get_next_key(keyBytes, 256); Base64.encode(keyBytes, base64); base64.append(new byte[] { 0x00 }); Assert.AreEqual(base64.to_string(), "L0VyA6JS5ZMggVMvJB22s61K+9INGk3OqK0eyJLMnSs="); // pEncKey keyBytes.clear(); base64.clear(); sigmakeyderiv.get_next_key(keyBytes, 128); Base64.encode(keyBytes, base64); base64.append(new byte[] { 0x00 }); Assert.AreEqual(base64.to_string(), "ynUis+NzmrGp5yC3nX0Gjw=="); // vMacKey keyBytes.clear(); base64.clear(); sigmakeyderiv.get_next_key(keyBytes, 256); Base64.encode(keyBytes, base64); base64.append(new byte[] { 0x00 }); Assert.AreEqual(base64.to_string(), "J1mluN+sD9qrhdQ83vd/o7BKQvsq5l80t7CuTcs6A0A="); // pEncKey keyBytes.clear(); base64.clear(); sigmakeyderiv.get_next_key(keyBytes, 128); Base64.encode(keyBytes, base64); base64.append(new byte[] { 0x00 }); Assert.AreEqual(base64.to_string(), "7HK9ZbFCzAiVXUnlzOGDVA=="); keyBytes.delete(); base64.delete(); sigmakeyderiv.delete(); }