public async Task SetSeedWords(string password, string seedWords) { var iKey = await GetOrGenerateIntermediateKey(password); var encSeedWords = AesThenHmac.Encrypt(seedWords, iKey); await _hsm.SetAsync(EncSeedWordsLoc, encSeedWords); }
public void CanDecryptCiphertextFromPython() { // generated with python string password = "******"; string b64CipherText = "Gup4moWGF4RRcyPUErUuctQE2MlgH7hHIiy0+gxNT3Mc+Ktax/t25W47Lk4jOJt0QT8W2LhkwH8qg28qZ2bM0XozLEIPZe/mi9BuryrMJX8="; var plaintext = Cryptor.DecryptWithPassword(b64CipherText, password); Assert.True(plaintext == "poops"); }
public async Task <string> GetSeedWords(string password) { var iKey = await GetIntermediateKey(password); var encSeedWords = await _hsm.GetAsync(EncSeedWordsLoc); var seedWords = AesThenHmac.Decrypt(encSeedWords, iKey); return(seedWords); }
public async Task <byte[]> GetIntermediateKey(string password) { if (_uiConfig.HasIntermediateKey) { // throws if it fails string encIKeyString = await _hsm.GetAsync(I_KEY_LOC); byte[] encIKey = Convert.FromBase64String(encIKeyString); byte[] iKey = AesThenHmac.DecryptWithPassword(encIKey, password); return(iKey); } return(null); }
// Use an intermediate key. This way main password can be changed // out for a global pin in multi-wallet. Store it with biometrics // for access without a static password. public async Task <byte[]> GetOrGenerateIntermediateKey(string password) { byte[] iKey = await GetIntermediateKey(password); if (iKey is null) { // default one at cryptographically-secure pseudo-random iKey = AesThenHmac.NewKey(); } // store it encrypted under the password byte[] encIKey = AesThenHmac.EncryptWithPassword(iKey, password); string encIKeyString = Convert.ToBase64String(encIKey); await _hsm.SetAsync(I_KEY_LOC, encIKeyString); _uiConfig.HasIntermediateKey = true; _uiConfig.ToFile(); return(iKey); }