private async Task SetKeys(string seedString)
{
if (Keys.Init)
{
return;
}
if (string.IsNullOrEmpty(seedString))
{
throw new WebSocketError("Missing seed", Session.Username);
}
if (Keys.Salts == null)
{
throw new WebSocketError("Missing salts", Session.Username);
}
if (string.IsNullOrEmpty(_seedString))
{
_seedString = seedString;
}
var seed = Convert.FromBase64String(seedString);
Keys.EncryptionKey = AesGcmUtils.ImportKeyFromMaster(seed, Convert.FromBase64String(Keys.Salts.EncryptionKeySalt));
Keys.DhPrivateKey = DiffieHellmanUtils.ImportKeyFromMaster(seed, Convert.FromBase64String(Keys.Salts.DhKeySalt));
Keys.HmacKey = HmacUtils.ImportKeyFromMaster(seed, Convert.FromBase64String(Keys.Salts.HmacKeySalt));
await ValidateKey();
Keys.Init = true;
_resolveConnection?.Invoke();
_connectionResolved = true;
}
public async Task <(string sessionId, DateTime creationDate, string userId)> GenerateKeysAndSignUp(
string username, string password, byte[] seed, string email, Dictionary <string, string> profile)
{
var(passwordToken, passwordSalts, passwordBasedBackup) = GeneratePasswordToken(password, seed);
var encryptionKeySalt = Hkdf.GenerateSalt();
var dhKeySalt = Hkdf.GenerateSalt();
var hmacKeySalt = Hkdf.GenerateSalt();
var dhPrivateKey = DiffieHellmanUtils.ImportKeyFromMaster(seed, dhKeySalt);
var publicKey = DiffieHellmanUtils.GetPublicKey(dhPrivateKey);
var keySalts = new KeySalts
{
EncryptionKeySalt = Convert.ToBase64String(encryptionKeySalt),
DhKeySalt = Convert.ToBase64String(dhKeySalt),
HmacKeySalt = Convert.ToBase64String(hmacKeySalt),
};
var request = new SignUpApiRequest
{
Username = username,
PasswordToken = passwordToken,
PublicKey = publicKey,
PasswordSalts = passwordSalts,
KeySalts = keySalts,
Email = email,
Profile = profile,
PasswordBasedBackup = passwordBasedBackup
};
var response = await _api.SignUp(request);
if (response.IsSuccessStatusCode)
{
var apiResponse = JsonConvert.DeserializeObject <SignUpApiResponse>(await response.Content.ReadAsStringAsync());
return(apiResponse.SessionId, apiResponse.CreationDate, apiResponse.UserId);
}
var one = ParseGenericErrors(await response.Content.ReadAsStringAsync(), response.StatusCode);
if (one != null)
{
throw one;
}
var two = await ParseGenericUsernamePasswordError(response);
if (two != null)
{
throw two;
}
throw new Exception($"Unknown error during SignUp: {response.StatusCode} - {await response.Content.ReadAsStringAsync()}");
}
private async Task ValidateKey()
{
if (_dh == null)
{
_ = _logger.Log("FETCH SERVER PUBLIC KEY");
_dh = new DiffieHellmanUtils(await GetServerPublicKey());
}
var sharedKey = _dh.GetSharedKeyWithServer(Keys.DhPrivateKey);
var validationMessage = Convert.ToBase64String(AesGcmUtils.Decrypt(sharedKey, _encryptedValidationMessage));
await Request("ValidateKey", new RequestParams { ValidationMessage = validationMessage });
}
