Exemplo n.º 1
0
        /// <summary>
        ///   Given the keys obtained during the handshake generates a pair of
        ///   Boxer/Unboxer.
        /// </summary>
        /// <remarks>
        ///   <para>
        ///     TODO: Write about the process detailed in the spec
        ///   </para>
        /// </remarks>
        /// <param name="derived_secret">
        ///   The secret derived from the client long term key and the server's
        ///   ephemeral key (Ab).
        /// </param>
        /// <param name="foreing_pubkey">
        ///   The public key that identifies the other peer, that is, the server
        ///   public key if this is called from the client and vice versa.
        /// </param>
        /// <param name="self_pubkey">
        ///   The public key that identifies the entity calling this.
        /// </param>
        /// <param name="network_key">
        ///   The key that identifies the network, in the case of scuttlebutt is
        ///   the one posted in the scuttlebutt protocol
        ///   <see href="https://ssbc.github.io/scuttlebutt-protocol-guide/">
        ///     guide
        ///   </see>.
        /// </param>
        /// <param name="a">
        ///   The client's ephemeral public key used during the handshake.
        /// </param>
        /// <param name="b">
        ///   The server's ephemeral public key used during the handshake.
        /// </param>
        /// <returns>
        ///   The Boxer/Unboxer pair that a client or server can use to
        ///   communicate with the other.
        /// </returns>
        public static (Boxer, Unboxer) Build(
            byte[] derived_secret,
            byte[] foreing_pubkey,
            byte[] self_pubkey,
            byte[] network_key,
            byte[] a,
            byte[] b
            )
        {
            var common = CryptoHash.Sha256(CryptoHash.Sha256(derived_secret));

            var send_key = CryptoHash.Sha256(Utils.Concat(common, foreing_pubkey));
            var recv_key = CryptoHash.Sha256(Utils.Concat(common, self_pubkey));

            var send_nonce = new byte[24];
            var recv_nonce = new byte[24];

            var bhmac = SecretKeyAuth.Sign(b, network_key);
            var ahmac = SecretKeyAuth.Sign(a, network_key);

            Buffer.BlockCopy(send_nonce, 0, bhmac, 0, 24);
            Buffer.BlockCopy(recv_nonce, 0, ahmac, 0, 24);

            var boxer   = new Boxer(send_key, send_nonce);
            var unboxer = new Unboxer(recv_key, recv_nonce);

            return(boxer, unboxer);
        }
Exemplo n.º 2
0
        public void SimpleAuthTest()
        {
            var expected = Utilities.HexToBinary("9f44681a662b7cde80c4eb34db5102b62a8b482272e3cceef73a334ec1d321c0");
            var actual   = SecretKeyAuth.Sign(Encoding.UTF8.GetBytes("Adam Caudill"), Encoding.UTF8.GetBytes("01234567890123456789012345678901"));

            CollectionAssert.AreEqual(expected, actual);
        }
 public void SecretKeyAuthSignWithBadKey()
 {
     Assert.Throws <KeyOutOfRangeException>(() =>
     {
         SecretKeyAuth.Sign(Encoding.UTF8.GetBytes("Adam Caudill"),
                            Encoding.UTF8.GetBytes("0123456789012345678901234567890"));
     });
 }
Exemplo n.º 4
0
        public void SignAndVerifyTest()
        {
            byte[] key     = SecretKeyAuth.GenerateKey();
            byte[] message = System.Text.Encoding.UTF8.GetBytes("Hello, World!");

            byte[] signature    = SecretKeyAuth.Sign(message, key);
            bool   verification = SecretKeyAuth.Verify(message, signature, key);

            Assert.IsTrue(verification);
        }
Exemplo n.º 5
0
        public void SignTest()
        {
            // Test signing given a known key and signature generated from libsodium
            byte[] key = Convert.FromBase64String("wYSsnapy7G9F+NTo/bVvIpnRv/ULd97XSMPLoe4+abM=");
            String expectedSignature = "hQ4vOFX+pPJNhXxnbMfzAtLjSVeRBBGCOIjlNoIWvzA=";

            byte[] message   = System.Text.Encoding.UTF8.GetBytes("Hello, World!");
            byte[] signature = SecretKeyAuth.Sign(message, key);

            Assert.AreEqual(expectedSignature, Convert.ToBase64String(signature));
        }
Exemplo n.º 6
0
        /// <summary>
        ///   Craft server response to client hello
        /// </summary>
        /// <returns>
        ///   Returns the message ready to be sent, consisting of the server
        ///   ephemeral key and an hmac of the server key signed with the
        ///   network key.
        /// </returns>
        public byte[] Hello()
        {
            var hmac = SecretKeyAuth.Sign(
                _ephemeral_server_keypair.PublicKey,
                _network_key
                );

            var msg = Utils.Concat(
                hmac, _ephemeral_server_keypair.PublicKey
                );

            return(msg);
        }
Exemplo n.º 7
0
        /// <summary>
        ///   Crafts the client's hello message.
        /// </summary>
        /// <remark>
        ///   Signs the ephemeral public key with the network key and appends
        ///   that key.
        /// </remark>
        /// <returns>
        ///   The message to be sent
        /// </returns>
        public byte[] Hello()
        {
            var signed_key = SecretKeyAuth.Sign(
                this._ephemeral_client_keypair.PublicKey,
                this._network_key
                );

            var msg = Utils.Concat(
                signed_key, _ephemeral_client_keypair.PublicKey
                );

            return(msg);
        }
        public void SecretKeyAuthSignAndVerifyTest()
        {
            byte[] key     = SecretKeyAuth.GenerateKey();
            String message = "Hello, World!";

            byte[] signature = SecretKeyAuth.Sign(System.Text.Encoding.UTF8.GetBytes(message), key);
            Assert.AreEqual(32, signature.Length);
            bool verification = SecretKeyAuth.Verify(System.Text.Encoding.UTF8.GetBytes(message), signature, key);

            Assert.IsTrue(verification);

            signature = SecretKeyAuth.Sign(message, key);
            Assert.AreEqual(32, signature.Length);
            verification = SecretKeyAuth.Verify(message, signature, key);
            Assert.IsTrue(verification);
        }
 public void SecretKeyAuthSignWithBadKey()
 {
     SecretKeyAuth.Sign(Encoding.UTF8.GetBytes("Adam Caudill"),
                        Encoding.UTF8.GetBytes("0123456789012345678901234567890"));
 }