public static byte[] Decrypt(byte[] data, C25519Key key) { var size = data[1] & 127; var sizeLength = 0; var hasFieldSize = (data[1] & 128) != 0; if (hasFieldSize) { sizeLength = size; size = (int)new BigInteger(data.Skip(2).Take(sizeLength).ToArray(), true, true); } var step = 2 + sizeLength; var asymmetricCipher = data.Skip(step).Take(32 * 3).ToArray(); var asymmetricPlain = key.Decrypt(asymmetricCipher); step += AsymmetricSize; if (size == 200) { return(UnPad32(asymmetricPlain)); } var symmetricKey = AesSherableKey.Parse(asymmetricPlain); return(symmetricKey.Decrypt(data.Skip(step).ToArray())); }
protected override void SetItems(IReadOnlyList <byte[]> data) { VuId = new Guid(data[0]); CvkPub = data[1].Length != 0 ? C25519Key.Parse(data[1]) : null; CVKi = new BigInteger(data[2], true, true); CvkiAuth = AesKey.Parse(data[3]); }
//private bool _registered; //TODO: Ask matt why is not used public SimulatorClient(string url, string orkId, C25519Key privateKey) { _private = privateKey; _orkId = orkId; _client = new HttpClient { BaseAddress = new Uri(url) }; }
public KeyIdVault Map() { return(new KeyIdVault { KeyId = this.KeyId, Key = C25519Key.Parse(Convert.FromBase64String(Key)) }); }
public VendorConfig CreateVendorConfig() { return(new VendorConfig { PrivateKey = C25519Key.Parse(Convert.FromBase64String(PrivateKey)), SecretKey = AesKey.Parse(SecretKey) }); }
public SimulatorFactory(IMemoryCache cache, IHttpContextAccessor context, Settings settings) { _key = settings.Instance.GetSecretKey(); _private = settings.Instance.GetPrivateKey(); _config = settings.Endpoints.Simulator; _orkId = settings.Instance.Username; _cache = cache; _context = context.HttpContext; }
public static bool CheckAsymmetric(byte[] data, C25519Key key) { if (data == null || data.Length != AsymmetricSize) { return(false); } var cipher = data.Take(EncryptionSize + TagSize).ToArray(); var signature = data.Skip(EncryptionSize + TagSize).ToArray(); return(key.Verify(cipher, signature.Skip(32).ToArray())); }
public async Task <C25519Key> GetPublic() { var response = await _client.GetAsync("api/public"); if (response.StatusCode != HttpStatusCode.OK) { throw new HttpRequestException(response.ToString()); } var keyText = await response.Content.ReadAsStringAsync(); return(C25519Key.Parse(Convert.FromBase64String(keyText))); }
public async Task Add(Guid viud, BigInteger cvki, AesKey cvkiAuth, C25519Key cvkPub, Guid keyId, byte[] signature) { var payload = JsonSerializer.Serialize(new[] { cvkPub.ToByteArray(), cvki.ToByteArray(true, true), cvkiAuth.ToByteArray(), signature, }); var body = new StringContent(payload, Encoding.UTF8, "application/json"); var response = await _client.PutAsync($"api/cvk/{viud}/{keyId}", body); if (response.StatusCode != HttpStatusCode.OK) { throw new HttpRequestException(response.ToString()); } }
public void ConfigureServices(IServiceCollection services) { services.AddControllers(options => { options.ModelBinderProviders.Insert(0, new C25519PointBinderProvider()); }); var settings = new Settings(); Configuration.Bind("Settings", settings); services.AddSingleton(settings); services.AddHttpContextAccessor(); services.AddMemoryCache(); services.AddTransient <IEmailClient, MailKitClient>(); services.AddTransient <OrkConfig>(); services.AddSignalR(); services.AddSpaStaticFiles(opt => opt.RootPath = "Client/dist"); if (settings.Features.Metrics) { services.AddMetrics(); } if (settings.Features.Throttling) { services.ConfigureThrottling(); } if (settings.Features.Memory) { services.AddTransient <IKeyManagerFactory, MemoryFactory>(); } else { services.AddTransient <IKeyManagerFactory, SimulatorFactory>(); } services.AddCors(); var privString = "AOAxMtmYfyI98Tr5jiQ77kZGA3goBctEWnDFTWnSOzol3pIbKWvLkkW83s55zJNczOxcbKXdeRSheFXmlDeQWS+KTCkfERyiI5J1i8Xlwe4clgY10LAfV0Ds9xP4QOhK"; var priv = C25519Key.Parse(privString); var pubString = priv.GetPublic().ToString(); }
public async Task <ActionResult <TideResponse> > Add([FromRoute] Guid vuid, [FromRoute] Guid keyId, [FromBody] string[] data) { var signature = FromBase64(data[3]); var account = new CvkVault { VuId = vuid, CvkPub = C25519Key.Parse(FromBase64(data[0])), CVKi = GetBigInteger(data[1]), CvkiAuth = AesKey.Parse(FromBase64(data[2])) }; if (_features.Voucher) { var signer = await _keyIdManager.GetById(keyId); if (signer == null) { return(BadRequest("Signer's key must be defined")); } if (!signer.Key.Verify(_config.Guid.ToByteArray().Concat(vuid.ToByteArray()).ToArray(), signature)) { return(BadRequest("Signature is not valid")); } } _logger.LogInformation("New cvk for {0} with pub {1}", vuid, data[0]); var resp = await _managerCvk.SetOrUpdate(account); if (!resp.Success) { return(resp); } var m = Encoding.UTF8.GetBytes(_config.UserName + vuid.ToString()); //TODO: The ork should not send the orkid because the client should already know var signOrk = Convert.ToBase64String(_config.PrivateKey.Sign(m)); resp.Content = new { orkid = _config.UserName, sign = signOrk }; return(resp); }
public static byte[] Encrypt(byte[] buffer, ulong tag, C25519Key key) { var toAsymmetricEncrypt = Pad32(buffer); var bufferSymmetric = new byte[0]; if (buffer.Length > 32) { var secret = new AesSherableKey(); bufferSymmetric = secret.Encrypt(buffer); toAsymmetricEncrypt = secret.ToByteArray(); } var bufferAsymmetric = key.Encrypt(toAsymmetricEncrypt).ToByteArray(); var tagBuffer = BitConverter.GetBytes(tag); var signature = key.Sign(bufferAsymmetric.Concat(tagBuffer).ToArray()).PadLeft(32 * 3); var size = bufferAsymmetric.Length + tagBuffer.Length + signature.Length + bufferSymmetric.Length; var dimension = DimensionBuffer(size); var all = new byte[1 + dimension.Length + size]; all[0] = 1; // version # dimension.CopyTo(all, 1); var step = dimension.Length + 1; bufferAsymmetric.CopyTo(all, step); step += bufferAsymmetric.Length; tagBuffer.CopyTo(all, step); step += tagBuffer.Length; signature.CopyTo(all, step); step += signature.Length; bufferSymmetric.CopyTo(all, step); return(all); }
public C25519Key GetPrivateKey() => C25519Key.Parse(Convert.FromBase64String(PrivateKey));
public DCryptFlowBulk(C25519Key @private, Uri homeOrk) { _prv = @private; _dns = new DnsClient(homeOrk); }
protected override void SetItems(IReadOnlyList <byte[]> data) { KeyId = new Guid(data[0]); Key = data[1].Any() ? new C25519Key(data[1]) : null; }
public List <C25519Key> GetPublics() => Publics.Where(pub => !string.IsNullOrWhiteSpace(pub)) .Select(pub => C25519Key.Parse(pub.Trim())).ToList();
public static byte[] Encrypt(string buffer, ulong tag, C25519Key key) => Encrypt(Encoding.UTF8.GetBytes(buffer), tag, key);
public KeyIdVault(C25519Key key) : base(1) { Set(key); }
public void Set(C25519Key key) { Key = key; KeyId = new Guid(Utils.Hash(key.ToByteArray()).Take(16).ToArray()); }
public C25519Key GetPublicKey() { return(C25519Key.Parse(Public)); }
public OrkConfig(Settings settings) { UserName = settings.Instance.Username; PrivateKey = settings.Instance.GetPrivateKey(); _IdGen = IdGenerator.Seed(PrivateKey.GetPublic().ToByteArray()); }