예제 #1
0
        public ActionResult Index()
        {
            var nutData = new NutData
            {
                Timestamp = DateTime.Now,
                Address = IPAddress.Parse(Request.ServerVariables["REMOTE_ADDR"]),
                Counter = ++Globals.Counter,
                Entropy = new byte[4]
            };

            // just to keep the database size down, delete all nuts older than 2 minutes, but only every 10 page requests
            if(Globals.Counter % 10 == 0)
            {
                var deleted = _nutRepository.DeleteOlderThan(DateTime.Now.AddMinutes(-2));
                Console.WriteLine("{0} nuts deleted", deleted);
            }

            var rng = new RNGCryptoServiceProvider();
            rng.GetBytes(nutData.Entropy);

            var nut = HttpServerUtility.UrlTokenEncode(_sqrlServer.GenerateNut(Globals.AesKey, Globals.AesIV, nutData));
            var url = string.Format("{0}/{1}",
                                    Url.Action("Sqrl",
                                                "Login",
                                                null,
                                                "sqrl",
                                                Request.Url.Host + ":" + Request.Url.Port),
                                    nut);

            _nutRepository.Create(nut);

            var barcodeWriter = new BarcodeWriter
            {
                Format = BarcodeFormat.QR_CODE,
                Options = new EncodingOptions
                {
                    Width = 400,
                    Height = 400
                }
            };

            var image = barcodeWriter.Write(url);
            MemoryStream stream = new System.IO.MemoryStream();
            image.Save(stream, ImageFormat.Png);
            byte[] imageBytes = stream.ToArray();

            var model = new SqrlLoginModel
            {
                Url = url,
                QrCode = Convert.ToBase64String(imageBytes),
                Nut = nut
            };

            return View(model);
        }
예제 #2
0
        /// <summary>
        ///  Generates a nut.
        /// </summary>
        /// <returns>
        ///  The nut.
        /// </returns>
        /// <param name='key'>
        ///  An encryption key that is used on the generated data to return and encrypted nut.
        /// </param>
        /// <param name='iv'>
        ///  The initialization vector for the Rijndael cipher.
        /// </param>
        public byte[] GenerateNut(byte[] key, byte[] iv)
        {
            var rng = new RNGCryptoServiceProvider();

            var nutData = new NutData
            {
                Address   = new IPAddress(0),
                Timestamp = DateTime.UtcNow,
                Counter   = _counter,
                Entropy   = new byte[4]
            };

            rng.GetBytes(nutData.Entropy);

            _counter++;

            return(GenerateNut(key, iv, nutData));
        }
예제 #3
0
        /// <summary>
        ///  Generates the nut.
        /// </summary>
        /// <returns>
        ///  The nut.
        /// </returns>
        /// <param name='key'>
        ///  An encryption key that is used on the given data to return and encrypted nut.
        /// </param>
        /// <param name='iv'>
        ///  The initialization vector for the Rijndael cipher.
        /// </param>
        /// <param name='data'>
        ///  Data to encrypt into the nut.
        /// </param>
        public byte[] GenerateNut(byte[] key, byte[] iv, NutData data)
        {
            var nutStruct = data.GetNutStruct();

            return(_aesHandler.Encrypt(key, iv, nutStruct.GetBytes()));
        }
예제 #4
0
        /// <summary>
        ///  Generates a nut. 
        /// </summary>
        /// <returns>
        ///  The nut. 
        /// </returns>
        /// <param name='key'>
        ///  An encryption key that is used on the generated data to return and encrypted nut. 
        /// </param>
        /// <param name='iv'>
        ///  The initialization vector for the Rijndael cipher. 
        /// </param>
        public byte[] GenerateNut(byte[] key, byte[] iv)
        {
            var rng = new RNGCryptoServiceProvider();

            var nutData = new NutData
            {
                Address = new IPAddress(0),
                Timestamp = DateTime.UtcNow,
                Counter = _counter,
                Entropy = new byte[4]
            };

            rng.GetBytes(nutData.Entropy);

            _counter++;

            return GenerateNut(key, iv, nutData);
        }
예제 #5
0
 /// <summary>
 ///  Generates the nut. 
 /// </summary>
 /// <returns>
 ///  The nut. 
 /// </returns>
 /// <param name='key'>
 ///  An encryption key that is used on the given data to return and encrypted nut. 
 /// </param>
 /// <param name='iv'>
 ///  The initialization vector for the Rijndael cipher. 
 /// </param>
 /// <param name='data'>
 ///  Data to encrypt into the nut. 
 /// </param>
 public byte[] GenerateNut(byte[] key, byte[] iv, NutData data)
 {
     var nutStruct = data.GetNutStruct();
     return _aesHandler.Encrypt(key, iv, nutStruct.GetBytes());
 }
예제 #6
0
파일: Main.cs 프로젝트: brownj/SqrlNet
        public static void Main(string[] args)
        {
            ISqrlSigner signer = new SqrlSigner();
            IPbkdfHandler pbkdfHandler = new PbkdfHandler();
            IHmacGenerator hmac = new HmacGenerator();
            ISqrlClient client = new SqrlClient(pbkdfHandler, hmac, signer);
            IAesHandler aesHandler = new AesHandler();
            ISqrlServer server = new SqrlServer(signer, aesHandler);
            ISsssHandler ssss = new SsssHandler();
            var rng = new RNGCryptoServiceProvider();

            byte theByte = 0;

            while(true)
            {
                var secret = new byte[1];
                //rng.GetBytes(secret);
                secret[0] = theByte;

                var shares = ssss.Split(secret, 3, 4);
                var subset = new Dictionary<int, byte[]>();
                subset[1] = shares[1];
                subset[2] = shares[2];
                //subset[3] = shares[3];
                subset[4] = shares[4];
                //subset[5] = shares[5];
                //subset[6] = shares[6];
                //subset[7] = shares[7];
                //subset[8] = shares[8];
                //subset[9] = shares[9];
                //subset[10] = shares[10];
                //subset[11] = shares[11];
                //subset[12] = shares[12];
                //subset[13] = shares[13];
                //subset[14] = shares[14];
                //subset[15] = shares[15];
                //subset[16] = shares[16];
                //subset[17] = shares[17];
                //subset[18] = shares[18];
                //subset[19] = shares[19];
                //subset[20] = shares[20];
                //subset[21] = shares[21];
                //subset[22] = shares[22];
                //subset[23] = shares[23];
                //subset[24] = shares[24];
                //subset[25] = shares[25];
                var reconstructedSecret = ssss.Restore(subset);

                if(!secret.SequenceEqual(reconstructedSecret))
                {
                    Console.WriteLine("the byte: {0}", theByte);
                    foreach(var share in shares)
                    {
                        Console.WriteLine("{0}-{1}", share.Key, BitConverter.ToString(share.Value).Replace("-", ""));
                    }
                    Console.WriteLine("{0}", Convert.ToBase64String(secret));
                    Console.WriteLine("{0}", Convert.ToBase64String(reconstructedSecret));
                    break;
                }
                theByte++;

                if(theByte == 0)
                {
                    Console.WriteLine("Success!");
                    break;
                }
            }

            Console.Write("Password:  "******"Password verified");
            }

            var nutData = new NutData
            {
                Address = IPAddress.Parse("172.8.92.254"),
                Timestamp = DateTime.UtcNow,
                Counter = 4,
                Entropy = new byte[4]
            };

            var aesKey = new byte[16];
            var aesIV = new byte[16];

            rng.GetBytes(aesKey);
            rng.GetBytes(aesIV);

            var nut = HttpServerUtility.UrlTokenEncode(server.GenerateNut(aesKey, aesIV, nutData));

            var protocol = "sqrl://";
            var urlBase = "www.example.com/sqrl/";
            var url = string.Format("{0}{1}{2}", protocol, urlBase, nut);

            var sqrlData = client.GetSqrlDataForLogin(identity.MasterIdentityKey, password, identity.Salt, url);

            var decryptedSignature = signer.Verify(sqrlData.PublicKey, sqrlData.Signature);

            // This is the data that the client passes to the server
            Console.WriteLine("Url: {0}", sqrlData.Url);
            Console.WriteLine("Public Key: {0}", Convert.ToBase64String(sqrlData.PublicKey));
            Console.WriteLine("Signature: {0}", Convert.ToBase64String(sqrlData.Signature));
            Console.WriteLine("Decrypted Signature: {0}", Encoding.UTF8.GetString(decryptedSignature));

            Console.WriteLine();
            Console.WriteLine("=========== Server ===========");

            // The server will verify that the data sent from the client matches what is expected
            Console.WriteLine("Verified by server:  {0}", server.VerifySqrlRequest(sqrlData, string.Format("{0}{1}", urlBase, nut)));
        }