private static APIResultAuthorize Authenticate003(ISimpleJsonRest web, APIAuthParams apiparams, string mail, string uip, AlephLogger logger)
{
try
{
logger.Debug(StandardNotePlugin.Name, $"AutParams[version:{apiparams.version}, pw_cost:{apiparams.pw_cost}, pw_nonce:{apiparams.pw_nonce}]");
if (apiparams.pw_cost < 100000)
{
throw new StandardNoteAPIException($"Account pw_cost is too small ({apiparams.pw_cost})");
}
var salt = StandardNoteCrypt.SHA256(string.Join(":", mail, "SF", "003", apiparams.pw_cost.ToString(), apiparams.pw_nonce));
byte[] bytes = PBKDF2.GenerateDerivedKey(768 / 8, Encoding.UTF8.GetBytes(uip), Encoding.UTF8.GetBytes(salt), apiparams.pw_cost, PBKDF2.HMACType.SHA512);
var pw = bytes.Skip(0 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var mk = bytes.Skip(1 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var ak = bytes.Skip(2 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var reqpw = EncodingConverter.ByteToHexBitFiddleUppercase(pw).ToLower();
APIResultAuthorize tok;
try
{
tok = web.PostTwoWay <APIResultAuthorize>(new APIRequestUser {
email = mail, password = reqpw
}, "auth/sign_in");
}
catch (RestStatuscodeException e1)
{
if (e1.StatusCode / 100 == 4 && !string.IsNullOrWhiteSpace(e1.HTTPContent))
{
var req = web.ParseJsonOrNull <APIBadRequest>(e1.HTTPContent);
if (req != null)
{
throw new StandardNoteAPIException($"Server returned status {e1.StatusCode}.\nMessage: '{req.error.message}'", e1);
}
}
throw;
}
tok.masterkey = mk;
tok.masterauthkey = ak;
tok.version = "003";
return(tok);
}
catch (RestException)
{
throw;
}
catch (StandardNoteAPIException)
{
throw;
}
catch (Exception e)
{
throw new StandardNoteAPIException("Authentification with StandardNoteAPI failed.", e);
}
}
private static APIResultAuthorize Authenticate002(ISimpleJsonRest web, APIAuthParams apiparams, string mail, string password, IAlephLogger logger)
{
try
{
logger.Debug(StandardNotePlugin.Name, $"AutParams[version:2, pw_cost:{apiparams.pw_cost}]");
if (apiparams.pw_func != PasswordFunc.pbkdf2)
{
throw new Exception("Unknown pw_func: " + apiparams.pw_func);
}
byte[] bytes = PBKDF2.GenerateDerivedKey(768 / 8, Encoding.UTF8.GetBytes(password), Encoding.UTF8.GetBytes(apiparams.pw_salt), apiparams.pw_cost, PBKDF2.HMACType.SHA512);
var pw = bytes.Skip(0 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var mk = bytes.Skip(1 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var ak = bytes.Skip(2 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var reqpw = EncodingConverter.ByteToHexBitFiddleUppercase(pw).ToLower();
APIResultAuthorize tok;
try
{
tok = web.PostTwoWay <APIResultAuthorize>(new APIRequestUser {
email = mail, password = reqpw
}, "auth/sign_in");
}
catch (RestStatuscodeException e1)
{
if (e1.StatusCode / 100 == 4 && !string.IsNullOrWhiteSpace(e1.HTTPContent))
{
var req = web.ParseJsonOrNull <APIBadRequest>(e1.HTTPContent);
if (req != null)
{
throw new StandardNoteAPIException($"Server returned status {e1.StatusCode}.\nMessage: '{req.error.message}'", e1);
}
}
throw;
}
tok.masterkey = mk;
tok.masterauthkey = ak;
tok.version = "002";
return(tok);
}
catch (RestException)
{
throw;
}
catch (StandardNoteAPIException)
{
throw;
}
catch (Exception e)
{
throw new StandardNoteAPIException("Authentification with StandardNoteAPI failed.", e);
}
}
public XElement Serialize()
{
var x = new XElement("itemskey",
new XAttribute("ID", UUID.ToString("P")),
new XAttribute("Version", Version),
new XAttribute("AuthKey", EncodingConverter.ByteToHexBitFiddleUppercase(AuthKey ?? new byte[0])),
new XAttribute("Default", IsDefault),
new XAttribute("CreationDate", CreationDate.ToString("yyyy-MM-ddTHH:mm:ss.fffffffzzz", CultureInfo.InvariantCulture)),
new XAttribute("ModificationDate", ModificationDate.ToString("yyyy-MM-ddTHH:mm:ss.fffffffzzz", CultureInfo.InvariantCulture)),
new XAttribute("AppData", RawAppData),
EncodingConverter.ByteToHexBitFiddleUppercase(Key));
return(x);
}
public static (byte[] pw, byte[] mk, byte[] ak, string reqpw) CreateAuthData002(StandardNoteAPI.APIResultAuthParams apiparams, string uip)
{
if (apiparams.pw_func != StandardNoteAPI.PasswordFunc.pbkdf2)
{
throw new Exception("Unknown pw_func: " + apiparams.pw_func);
}
byte[] bytes = PBKDF2.GenerateDerivedKey(768 / 8, Encoding.UTF8.GetBytes(uip), Encoding.UTF8.GetBytes(apiparams.pw_salt), apiparams.pw_cost, PBKDF2.HMACType.SHA512);
var pw = bytes.Skip(0 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var mk = bytes.Skip(1 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var ak = bytes.Skip(2 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var reqpw = EncodingConverter.ByteToHexBitFiddleUppercase(pw).ToLower();
return(pw, mk, ak, reqpw);
}
public static (byte[] pw, byte[] mk, byte[] ak, string reqpw) CreateAuthData003(StandardNoteAPI.APIResultAuthParams apiparams, string mail, string uip)
{
if (apiparams.pw_cost < 100000)
{
throw new StandardNoteAPIException($"Account pw_cost is too small ({apiparams.pw_cost})");
}
var salt = StandardNoteCrypt.SHA256Hex(string.Join(":", mail, "SF", "003", apiparams.pw_cost.ToString(), apiparams.pw_nonce));
byte[] bytes = PBKDF2.GenerateDerivedKey(768 / 8, Encoding.UTF8.GetBytes(uip), Encoding.UTF8.GetBytes(salt), apiparams.pw_cost, PBKDF2.HMACType.SHA512);
var pw = bytes.Skip(0 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var mk = bytes.Skip(1 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var ak = bytes.Skip(2 * (bytes.Length / 3)).Take(bytes.Length / 3).ToArray();
var reqpw = EncodingConverter.ByteToHexBitFiddleUppercase(pw).ToLower();
return(pw, mk, ak, reqpw);
}
private static APIResultAuthorize Authenticate001(ISimpleJsonRest web, APIAuthParams apiparams, string mail, string uip, AlephLogger logger)
{
try
{
logger.Debug(StandardNotePlugin.Name, $"AuthParams[version:1, pw_func:{apiparams.pw_func}, pw_alg:{apiparams.pw_alg}, pw_cost:{apiparams.pw_cost}, pw_key_size:{apiparams.pw_key_size}]");
if (apiparams.pw_func != PasswordFunc.pbkdf2)
{
throw new Exception("Unsupported pw_func: " + apiparams.pw_func);
}
byte[] bytes;
if (apiparams.pw_alg == PasswordAlg.sha512)
{
bytes = PBKDF2.GenerateDerivedKey(apiparams.pw_key_size / 8, Encoding.UTF8.GetBytes(uip), Encoding.UTF8.GetBytes(apiparams.pw_salt), apiparams.pw_cost, PBKDF2.HMACType.SHA512);
}
else if (apiparams.pw_alg == PasswordAlg.sha512)
{
bytes = PBKDF2.GenerateDerivedKey(apiparams.pw_key_size / 8, Encoding.UTF8.GetBytes(uip), Encoding.UTF8.GetBytes(apiparams.pw_salt), apiparams.pw_cost, PBKDF2.HMACType.SHA512);
}
else
{
throw new Exception("Unknown pw_alg: " + apiparams.pw_alg);
}
var pw = bytes.Take(bytes.Length / 2).ToArray();
var mk = bytes.Skip(bytes.Length / 2).ToArray();
var reqpw = EncodingConverter.ByteToHexBitFiddleUppercase(pw).ToLower();
APIResultAuthorize tok;
try
{
tok = web.PostDownload <APIResultAuthorize>("auth/sign_in", "email=" + mail, "password="******"Server returned status {e1.StatusCode}.\nMessage: '{req.error.message}'", e1);
}
}
throw;
}
tok.masterkey = mk;
tok.version = "001";
return(tok);
}
catch (StandardNoteAPIException)
{
throw;
}
catch (RestException)
{
throw;
}
catch (Exception e)
{
throw new StandardNoteAPIException("Authentification with StandardNoteAPI failed.", e);
}
}