예제 #1
0
        public static byte[] Decrypt(byte[] data, C25519Key key)
        {
            var size         = data[1] & 127;
            var sizeLength   = 0;
            var hasFieldSize = (data[1] & 128) != 0;

            if (hasFieldSize)
            {
                sizeLength = size;
                size       = (int)new BigInteger(data.Skip(2).Take(sizeLength).ToArray(), true, true);
            }
            var step = 2 + sizeLength;

            var asymmetricCipher = data.Skip(step).Take(32 * 3).ToArray();

            var asymmetricPlain = key.Decrypt(asymmetricCipher);

            step += AsymmetricSize;

            if (size == 200)
            {
                return(UnPad32(asymmetricPlain));
            }

            var symmetricKey = AesSherableKey.Parse(asymmetricPlain);

            return(symmetricKey.Decrypt(data.Skip(step).ToArray()));
        }
예제 #2
0
 protected override void SetItems(IReadOnlyList <byte[]> data)
 {
     VuId     = new Guid(data[0]);
     CvkPub   = data[1].Length != 0 ? C25519Key.Parse(data[1]) : null;
     CVKi     = new BigInteger(data[2], true, true);
     CvkiAuth = AesKey.Parse(data[3]);
 }
예제 #3
0
        //private bool _registered; //TODO: Ask matt why is not used

        public SimulatorClient(string url, string orkId, C25519Key privateKey)
        {
            _private = privateKey;
            _orkId   = orkId;
            _client  = new HttpClient {
                BaseAddress = new Uri(url)
            };
        }
예제 #4
0
 public KeyIdVault Map()
 {
     return(new KeyIdVault
     {
         KeyId = this.KeyId,
         Key = C25519Key.Parse(Convert.FromBase64String(Key))
     });
 }
예제 #5
0
 public VendorConfig CreateVendorConfig()
 {
     return(new VendorConfig
     {
         PrivateKey = C25519Key.Parse(Convert.FromBase64String(PrivateKey)),
         SecretKey = AesKey.Parse(SecretKey)
     });
 }
예제 #6
0
 public SimulatorFactory(IMemoryCache cache, IHttpContextAccessor context, Settings settings)
 {
     _key     = settings.Instance.GetSecretKey();
     _private = settings.Instance.GetPrivateKey();
     _config  = settings.Endpoints.Simulator;
     _orkId   = settings.Instance.Username;
     _cache   = cache;
     _context = context.HttpContext;
 }
예제 #7
0
        public static bool CheckAsymmetric(byte[] data, C25519Key key)
        {
            if (data == null || data.Length != AsymmetricSize)
            {
                return(false);
            }

            var cipher    = data.Take(EncryptionSize + TagSize).ToArray();
            var signature = data.Skip(EncryptionSize + TagSize).ToArray();

            return(key.Verify(cipher, signature.Skip(32).ToArray()));
        }
예제 #8
0
        public async Task <C25519Key> GetPublic()
        {
            var response = await _client.GetAsync("api/public");

            if (response.StatusCode != HttpStatusCode.OK)
            {
                throw new HttpRequestException(response.ToString());
            }

            var keyText = await response.Content.ReadAsStringAsync();

            return(C25519Key.Parse(Convert.FromBase64String(keyText)));
        }
예제 #9
0
        public async Task Add(Guid viud, BigInteger cvki, AesKey cvkiAuth, C25519Key cvkPub, Guid keyId, byte[] signature)
        {
            var payload = JsonSerializer.Serialize(new[] {
                cvkPub.ToByteArray(),
                cvki.ToByteArray(true, true),
                cvkiAuth.ToByteArray(),
                signature,
            });

            var body     = new StringContent(payload, Encoding.UTF8, "application/json");
            var response = await _client.PutAsync($"api/cvk/{viud}/{keyId}", body);

            if (response.StatusCode != HttpStatusCode.OK)
            {
                throw new HttpRequestException(response.ToString());
            }
        }
예제 #10
0
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddControllers(options =>
            {
                options.ModelBinderProviders.Insert(0, new C25519PointBinderProvider());
            });

            var settings = new Settings();

            Configuration.Bind("Settings", settings);

            services.AddSingleton(settings);
            services.AddHttpContextAccessor();
            services.AddMemoryCache();
            services.AddTransient <IEmailClient, MailKitClient>();
            services.AddTransient <OrkConfig>();
            services.AddSignalR();

            services.AddSpaStaticFiles(opt => opt.RootPath = "Client/dist");

            if (settings.Features.Metrics)
            {
                services.AddMetrics();
            }

            if (settings.Features.Throttling)
            {
                services.ConfigureThrottling();
            }

            if (settings.Features.Memory)
            {
                services.AddTransient <IKeyManagerFactory, MemoryFactory>();
            }
            else
            {
                services.AddTransient <IKeyManagerFactory, SimulatorFactory>();
            }

            services.AddCors();

            var privString = "AOAxMtmYfyI98Tr5jiQ77kZGA3goBctEWnDFTWnSOzol3pIbKWvLkkW83s55zJNczOxcbKXdeRSheFXmlDeQWS+KTCkfERyiI5J1i8Xlwe4clgY10LAfV0Ds9xP4QOhK";

            var priv      = C25519Key.Parse(privString);
            var pubString = priv.GetPublic().ToString();
        }
예제 #11
0
        public async Task <ActionResult <TideResponse> > Add([FromRoute] Guid vuid, [FromRoute] Guid keyId, [FromBody] string[] data)
        {
            var signature = FromBase64(data[3]);
            var account   = new CvkVault
            {
                VuId     = vuid,
                CvkPub   = C25519Key.Parse(FromBase64(data[0])),
                CVKi     = GetBigInteger(data[1]),
                CvkiAuth = AesKey.Parse(FromBase64(data[2]))
            };

            if (_features.Voucher)
            {
                var signer = await _keyIdManager.GetById(keyId);

                if (signer == null)
                {
                    return(BadRequest("Signer's key must be defined"));
                }

                if (!signer.Key.Verify(_config.Guid.ToByteArray().Concat(vuid.ToByteArray()).ToArray(), signature))
                {
                    return(BadRequest("Signature is not valid"));
                }
            }

            _logger.LogInformation("New cvk for {0} with pub {1}", vuid, data[0]);

            var resp = await _managerCvk.SetOrUpdate(account);

            if (!resp.Success)
            {
                return(resp);
            }

            var m = Encoding.UTF8.GetBytes(_config.UserName + vuid.ToString());
            //TODO: The ork should not send the orkid because the client should already know
            var signOrk = Convert.ToBase64String(_config.PrivateKey.Sign(m));

            resp.Content = new { orkid = _config.UserName, sign = signOrk };

            return(resp);
        }
예제 #12
0
        public static byte[] Encrypt(byte[] buffer, ulong tag, C25519Key key)
        {
            var toAsymmetricEncrypt = Pad32(buffer);
            var bufferSymmetric     = new byte[0];

            if (buffer.Length > 32)
            {
                var secret = new AesSherableKey();
                bufferSymmetric     = secret.Encrypt(buffer);
                toAsymmetricEncrypt = secret.ToByteArray();
            }

            var bufferAsymmetric = key.Encrypt(toAsymmetricEncrypt).ToByteArray();
            var tagBuffer        = BitConverter.GetBytes(tag);
            var signature        = key.Sign(bufferAsymmetric.Concat(tagBuffer).ToArray()).PadLeft(32 * 3);

            var size =
                bufferAsymmetric.Length +
                tagBuffer.Length +
                signature.Length +
                bufferSymmetric.Length;
            var dimension = DimensionBuffer(size);

            var all = new byte[1 + dimension.Length + size];

            all[0] = 1; // version #

            dimension.CopyTo(all, 1);
            var step = dimension.Length + 1;

            bufferAsymmetric.CopyTo(all, step);
            step += bufferAsymmetric.Length;

            tagBuffer.CopyTo(all, step);
            step += tagBuffer.Length;

            signature.CopyTo(all, step);
            step += signature.Length;

            bufferSymmetric.CopyTo(all, step);
            return(all);
        }
예제 #13
0
 public C25519Key GetPrivateKey() => C25519Key.Parse(Convert.FromBase64String(PrivateKey));
예제 #14
0
 public DCryptFlowBulk(C25519Key @private, Uri homeOrk)
 {
     _prv = @private;
     _dns = new DnsClient(homeOrk);
 }
예제 #15
0
 protected override void SetItems(IReadOnlyList <byte[]> data)
 {
     KeyId = new Guid(data[0]);
     Key   = data[1].Any() ? new C25519Key(data[1]) : null;
 }
예제 #16
0
 public List <C25519Key> GetPublics() => Publics.Where(pub => !string.IsNullOrWhiteSpace(pub))
 .Select(pub => C25519Key.Parse(pub.Trim())).ToList();
예제 #17
0
 public static byte[] Encrypt(string buffer, ulong tag, C25519Key key)
 => Encrypt(Encoding.UTF8.GetBytes(buffer), tag, key);
예제 #18
0
 public KeyIdVault(C25519Key key) : base(1)
 {
     Set(key);
 }
예제 #19
0
 public void Set(C25519Key key)
 {
     Key   = key;
     KeyId = new Guid(Utils.Hash(key.ToByteArray()).Take(16).ToArray());
 }
예제 #20
0
 public C25519Key GetPublicKey()
 {
     return(C25519Key.Parse(Public));
 }
예제 #21
0
 public OrkConfig(Settings settings)
 {
     UserName   = settings.Instance.Username;
     PrivateKey = settings.Instance.GetPrivateKey();
     _IdGen     = IdGenerator.Seed(PrivateKey.GetPublic().ToByteArray());
 }