public void ExtractEd25519PublicKeyFromEd25519SecretKeyTest()
{
var kp = PublicKeyAuth.GenerateKeyPair();
var pub = PublicKeyAuth.ExtractEd25519PublicKeyFromEd25519SecretKey(kp.Secret);
Assert.AreEqual(Convert.ToBase64String(kp.Public), Convert.ToBase64String(pub));
}
public void PublicKeyAuthConvertToCurve25519()
{
var keypairSeed = new byte[] {
0x42, 0x11, 0x51, 0xa4, 0x59, 0xfa, 0xea, 0xde,
0x3d, 0x24, 0x71, 0x15, 0xf9, 0x4a, 0xed, 0xae,
0x42, 0x31, 0x81, 0x24, 0x09, 0x5a, 0xfa, 0xbe,
0x4d, 0x14, 0x51, 0xa5, 0x59, 0xfa, 0xed, 0xee
};
var keys = PublicKeyAuth.GenerateKeyPair(keypairSeed);
var ed25519Pk = keys.PublicKey;
var ed25519SkPk = keys.PrivateKey;
var curve25519Pk = PublicKeyAuth.ConvertEd25519PublicKeyToCurve25519PublicKey(ed25519Pk);
var curve25519Sk = PublicKeyAuth.ConvertEd25519SecretKeyToCurve25519SecretKey(ed25519SkPk);
Assert.AreEqual(Utilities.BinaryToHex(curve25519Pk, Utilities.HexFormat.None, Utilities.HexCase.Upper),
"F1814F0E8FF1043D8A44D25BABFF3CEDCAE6C22C3EDAA48F857AE70DE2BAAE50");
Assert.AreEqual(Utilities.BinaryToHex(curve25519Sk, Utilities.HexFormat.None, Utilities.HexCase.Upper),
"8052030376D47112BE7F73ED7A019293DD12AD910B654455798B4667D73DE166");
for (var i = 0; i < 500; i++)
{
keys = PublicKeyAuth.GenerateKeyPair();
ed25519Pk = keys.PublicKey;
ed25519SkPk = keys.PrivateKey;
curve25519Pk = PublicKeyAuth.ConvertEd25519PublicKeyToCurve25519PublicKey(ed25519Pk);
curve25519Sk = PublicKeyAuth.ConvertEd25519SecretKeyToCurve25519SecretKey(ed25519SkPk);
var curve25519Pk2 = ScalarMult.Base(curve25519Sk);
CollectionAssert.AreEqual(curve25519Pk, curve25519Pk2);
}
}
public void TestNoiseXx()
{
var rootKey = PublicKeyAuth.GenerateKeyPair();
var Verifier = DiscoHelper.CreatePublicKeyVerifier(rootKey.PublicKey);
var clienPair = Asymmetric.GenerateKeyPair();
var serverPair = Asymmetric.GenerateKeyPair();
// init
var clientConfig = new Config
{
KeyPair = clienPair,
HandshakePattern = NoiseHandshakeType.NoiseXX,
PublicKeyVerifier = Verifier,
StaticPublicKeyProof = DiscoHelper.CreateStaticPublicKeyProof(rootKey.PrivateKey, clienPair.PublicKey)
};
var serverConfig = new Config
{
KeyPair = serverPair,
HandshakePattern = NoiseHandshakeType.NoiseXX,
PublicKeyVerifier = Verifier,
StaticPublicKeyProof = DiscoHelper.CreateStaticPublicKeyProof(rootKey.PrivateKey, serverPair.PublicKey)
};
this.RunTwoWayTest(clientConfig, serverConfig, 1802);
}
/// <summary>
/// Constructs the server given the Network key and its keypair
/// </summary>
/// <param name="network_key">
/// The key that identifies the network
/// </param>
/// <param name="server_keypair">
/// The server's long term keypair
/// </param>
public Server(byte[] network_key, Sodium.KeyPair server_keypair)
{
this._network_key = network_key;
this._longterm_server_keypair = server_keypair;
_ephemeral_server_keypair = new KeyPair(PublicKeyAuth.GenerateKeyPair());
}
public Key(byte[] privateKey)
{
var keyPair = PublicKeyAuth.GenerateKeyPair(privateKey);
PrivateKey = keyPair.PrivateKey;
PublicKey = keyPair.PublicKey;
}
public void ConvertToCurve25519Test()
{
// Keypair seed from libsodium-net
var keypairSeed = new byte[] {
0x42, 0x11, 0x51, 0xa4, 0x59, 0xfa, 0xea, 0xde,
0x3d, 0x24, 0x71, 0x15, 0xf9, 0x4a, 0xed, 0xae,
0x42, 0x31, 0x81, 0x24, 0x09, 0x5a, 0xfa, 0xbe,
0x4d, 0x14, 0x51, 0xa5, 0x59, 0xfa, 0xed, 0xee
};
var kp = PublicKeyAuth.GenerateKeyPair(keypairSeed);
var ed25519Pk = kp.Public;
var ed25519SkPk = kp.Secret;
var curve25519Pk = PublicKeyAuth.ConvertEd25519PublicKeyToCurve25519PublicKey(ed25519Pk);
var curve25519Sk = PublicKeyAuth.ConvertEd25519SecretKeyToCurve25519SecretKey(ed25519SkPk);
Assert.AreEqual(Convert.ToBase64String(curve25519Pk), "8YFPDo/xBD2KRNJbq/887crmwiw+2qSPhXrnDeK6rlA=");
Assert.AreEqual(Convert.ToBase64String(curve25519Sk), "gFIDA3bUcRK+f3PtegGSk90SrZELZURVeYtGZ9c94WY=");
for (var i = 0; i < 500; i++)
{
kp = PublicKeyAuth.GenerateKeyPair();
ed25519Pk = kp.Public;
ed25519SkPk = kp.Secret;
curve25519Pk = PublicKeyAuth.ConvertEd25519PublicKeyToCurve25519PublicKey(ed25519Pk);
curve25519Sk = PublicKeyAuth.ConvertEd25519SecretKeyToCurve25519SecretKey(ed25519SkPk);
var curve25519Pk2 = ScalarMult.Base(curve25519Sk);
CollectionAssert.AreEqual(curve25519Pk, curve25519Pk2);
}
}
public Key(byte[] seed, int index)
{
var encoder = new ASCIIEncoder();
var secret = encoder.DecodeData(Ed25519Curve);
// var seedBytes = HexByteConvertorExtensions.HexToByteArrayInternal(seed);
var array = new HMACSHA512(secret).ComputeHash(seed);
var key = array.SafeSubarray(0, 32);
var chainCode = array.SafeSubarray(32, 32);
var derivedPath = unchecked ((uint)index + HardenedOffset);
derivedPath = HexByteConvertorExtensions.ReverseBytes(derivedPath);
var dpBytes = BitConverter.GetBytes(derivedPath);
var data = new byte[] { 0 }.Concat(key, dpBytes);
var array2 = new HMACSHA512(chainCode).ComputeHash(data);
var key2 = array2.SafeSubarray(0, 32);
var keyPair = PublicKeyAuth.GenerateKeyPair(key2);
PrivateKey = keyPair.PrivateKey;
PublicKey = keyPair.PublicKey;
}
public void ItWorks()
{
var network_key = new byte[] {
0xd4, 0xa1, 0xcb, 0x88, 0xa6, 0x6f, 0x02, 0xf8, 0xdb, 0x63, 0x5c,
0xe2, 0x64, 0x41, 0xcc, 0x5d, 0xac, 0x1b, 0x08, 0x42, 0x0c, 0xea,
0xac, 0x23, 0x08, 0x39, 0xb7, 0x55, 0x84, 0x5a, 0x9f, 0xfb
};
var client_keypair = PublicKeyAuth.GenerateKeyPair();
var server_keypair = PublicKeyAuth.GenerateKeyPair();
var client = new Client(network_key, server_keypair.PublicKey, client_keypair);
var server = new Server(network_key, server_keypair);
// Client -> Server [1]
var client_hello = client.Hello();
server.AcceptHello(client_hello);
// Client <- Server [2]
var server_hello = server.Hello();
client.AcceptHello(server_hello);
Assert.True(
Enumerable.SequenceEqual(client.EphemeralDerivedSecret, server.EphemeralDerivedSecret),
"The ephemeral derived secrets are not the same" +
"client: " +
$"{string.Join(" ", client.EphemeralDerivedSecret.Select(x => x.ToString()).ToArray())}\n" +
"server: " +
$"{string.Join(" ", server.EphemeralDerivedSecret.Select(x => x.ToString()).ToArray())}"
);
Assert.True(
Enumerable.SequenceEqual(client.ServerDerivedSecret, server.ServerDerivedSecret),
"The Server derived secrets are not the same\n" +
"client: " +
$"{string.Join(" ", client.ServerDerivedSecret.Select(x => x.ToString()).ToArray())}\n" +
"server: " +
$"{string.Join(" ", server.ServerDerivedSecret.Select(x => x.ToString()).ToArray())}"
);
// Client -> Server [3]
var client_auth = client.Authenticate();
server.AcceptAuth(client_auth);
Assert.True(
Enumerable.SequenceEqual(client.ClientDerivedSecret, server.ClientDerivedSecret),
"The Client derived secrets are not the same\n" +
"client: " +
$"{string.Join(" ", client.ClientDerivedSecret.Select(x => x.ToString()).ToArray())}\n" +
"server: " +
$"{string.Join(" ", server.ClientDerivedSecret.Select(x => x.ToString()).ToArray())}"
);
// Client <- Server [4]
var server_accept = server.Accept();
client.VerifyAccept(server_accept);
}
public void GenerateKeyPairTest()
{
var kp = PublicKeyAuth.GenerateKeyPair();
Assert.AreEqual(32, kp.Public.Length);
Assert.AreEqual(64, kp.Secret.Length);
}
public void GenerateKeyPairFromSeedTest()
{
var seed = Core.GetRandomBytes(32);
var kp = PublicKeyAuth.GenerateKeyPair(seed);
Assert.AreEqual(32, kp.Public.Length);
Assert.AreEqual(64, kp.Secret.Length);
}
public void GenerateKeyTest()
{
var actual = PublicKeyAuth.GenerateKeyPair();
//need a better test
Assert.IsNotNull(actual.PrivateKey);
Assert.IsNotNull(actual.PublicKey);
}
/// <summary>
/// Sign the specified message with the private key.
/// </summary>
/// <param name='privateKey'>
/// The private key.
/// </param>
/// <param name='message'>
/// The message.
/// </param>
/// <returns>
/// The message that has been signed (encrypted) by the private key.
/// </returns>
public byte[] Sign(byte[] privateKey, byte[] message)
{
if (Keys == null)
{
Keys = PublicKeyAuth.GenerateKeyPair(privateKey);
}
return(PublicKeyAuth.Sign(message, Keys.PrivateKey));
}
public void ExtractEd25519SeedFromEd25519SecretKeyTest()
{
var kp1 = PublicKeyAuth.GenerateKeyPair();
var seed = PublicKeyAuth.ExtractEd25519SeedFromEd25519SecretKey(kp1.Secret);
var kp2 = PublicKeyAuth.GenerateKeyPair(seed);
Assert.AreEqual(Convert.ToBase64String(kp1.Public), Convert.ToBase64String(kp2.Public));
Assert.AreEqual(Convert.ToBase64String(kp1.Secret), Convert.ToBase64String(kp2.Secret));
}
/// <summary>
/// Generate an ed25519 root key pair and save the private and public parts in different files.
/// </summary>
/// <param name="discoRootPrivateKeyFile">Path to private key file</param>
/// <param name="discoRootPublicKeyFile">Path to public key file</param>
public static void GenerateAndSaveDiscoRootKeyPair(
string discoRootPrivateKeyFile,
string discoRootPublicKeyFile)
{
var keyPair = PublicKeyAuth.GenerateKeyPair();
File.WriteAllText(discoRootPrivateKeyFile, keyPair.PrivateKey.ToHexString());
File.WriteAllText(discoRootPublicKeyFile, keyPair.PublicKey.ToHexString());
}
/// <summary>
/// Generates a KeyPair.
/// </summary>
/// <returns>The pair auth.</returns>
/// <param name="seed">Seed.</param>
public static KeyPairDto KeyPairAuth(byte[] seed = null)
{
var kp = PublicKeyAuth.GenerateKeyPair(seed);
return(new KeyPairDto()
{
PublicKey = kp.PublicKey, SecretKey = kp.PrivateKey
});
}
public static (string publicKey, string privateKey) GenerateSigningKeyPair()
{
char[] password = PasswordPrompt.EnterNewPassword();
byte[] passwordBytes = Password.Hash(password);
using var keyPair = PublicKeyAuth.GenerateKeyPair();
byte[] publicKey = Utilities.ConcatArrays(Constants.Ed25519KeyHeader, keyPair.PublicKey);
byte[] encryptedPrivateKey = PrivateKey.Encrypt(passwordBytes, keyPair.PrivateKey, Constants.Ed25519KeyHeader);
return(ConvertKeys(publicKey, encryptedPrivateKey));
}
public void ExtractEd25519PublicKeyFromEd25519SecretKey()
{
// generate an Ed25519 keypair
var keypair = PublicKeyAuth.GenerateKeyPair();
// extract the seed from the generated keypair
var publicKey = PublicKeyAuth.ExtractEd25519PublicKeyFromEd25519SecretKey(keypair.PrivateKey);
CollectionAssert.AreEqual(keypair.PublicKey, publicKey);
}
public void GenerateKeySeedTest()
{
var expected = new KeyPair(Utilities.HexToBinary("76a1592044a6e4f511265bca73a604d90b0529d1df602be30a19a9257660d1f5"),
Utilities.HexToBinary("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff76a1592044a6e4f511265bca73a604d90b0529d1df602be30a19a9257660d1f5"));
var actual = PublicKeyAuth.GenerateKeyPair(Utilities.HexToBinary("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"));
CollectionAssert.AreEqual(expected.PublicKey, actual.PublicKey);
CollectionAssert.AreEqual(expected.PrivateKey, actual.PrivateKey);
}
public void GenerateKeyVerifySignedDataTest()
{
var actual = PublicKeyAuth.GenerateKeyPair();
byte[] randomArray = SodiumCore.GetRandomBytes(255);
var sign = PublicKeyAuth.SignDetached(randomArray, actual.PrivateKey);
Assert.IsTrue(PublicKeyAuth.VerifyDetached(sign, randomArray, actual.PublicKey));
}
public void VerifyTest()
{
var kp = PublicKeyAuth.GenerateKeyPair();
byte[] message = System.Text.Encoding.UTF8.GetBytes("Hello, World!");
var signature = PublicKeyAuth.Sign(message, kp.Secret);
var verification = PublicKeyAuth.Verify(signature, kp.Public);
Assert.AreEqual(message.ToString(), verification.ToString());
}
/// <summary>
/// Constructs the client given
/// </summary>
/// <param name="network_key">
/// The key that identifies the network
/// </param>
/// <param name="server_pk">
/// The long term server public key
/// </param>
/// <param name="client_keys">
/// The long term client key pair
/// </param>
public Client(byte[] network_key, byte[] server_pk, Sodium.KeyPair client_keys)
{
this._network_key = network_key;
var ed_keypair = PublicKeyAuth.GenerateKeyPair();
_ephemeral_client_keypair = new KeyPair(ed_keypair);
_longterm_server_pk = server_pk;
_longterm_client_keypair = client_keys;
}
public void ItBuilds()
{
var network_key = new byte[] {
0xd4, 0xa1, 0xcb, 0x88, 0xa6, 0x6f, 0x02, 0xf8, 0xdb, 0x63, 0x5c,
0xe2, 0x64, 0x41, 0xcc, 0x5d, 0xac, 0x1b, 0x08, 0x42, 0x0c, 0xea,
0xac, 0x23, 0x08, 0x39, 0xb7, 0x55, 0x84, 0x5a, 0x9f, 0xfb
};
var client_keypair = PublicKeyAuth.GenerateKeyPair();
var server_keypair = PublicKeyAuth.GenerateKeyPair();
var client = new Client(network_key, server_keypair.PublicKey, client_keypair);
}
public void ExtractEd25519SeedFromEd25519SecretKeyTest()
{
// generate an Ed25519 keypair
var firstKeypair = PublicKeyAuth.GenerateKeyPair();
// extract the seed from the generated keypair
var seed = PublicKeyAuth.ExtractEd25519SeedFromEd25519SecretKey(firstKeypair.PrivateKey);
// generate a second keypair from the seed
var secondKeyPair = PublicKeyAuth.GenerateKeyPair(seed);
CollectionAssert.AreEqual(firstKeypair.PublicKey, secondKeyPair.PublicKey);
CollectionAssert.AreEqual(firstKeypair.PrivateKey, secondKeyPair.PrivateKey);
}
public void SignAndVerifyFromMessageTest()
{
var kp = PublicKeyAuth.GenerateKeyPair();
var signature = new PublicKeyAuth();
IBuffer data = CryptographicBuffer.ConvertStringToBinary("Hello, World!", BinaryStringEncoding.Utf8);
signature.Append(data);
var output = signature.GetValueAndReset(kp.Secret);
Assert.AreEqual(64, output.Length);
Assert.AreEqual(true, signature.GetValueAndVerify(output, kp.Public));
}
public void GenerateKeyPairWithBadSeed()
{
//Don`t copy bobSk for other tests (bad key)!
//30 byte
var bobSk = new byte[] {
0x5d, 0xab, 0x08, 0x7e, 0x62, 0x4a, 0x8a, 0x4b,
0x79, 0xe1, 0x7f, 0x8b, 0x83, 0x80, 0x0e, 0xe6,
0x6f, 0x3b, 0xb1, 0x29, 0x26, 0x18, 0xb6, 0xfd,
0x1c, 0x2f, 0x8b, 0x27, 0xff, 0x88
};
PublicKeyAuth.GenerateKeyPair(bobSk);
}
KeyPair EnsureKeyPair()
{
if (!System.IO.File.Exists(System.IO.Path.Combine("db", "oracle-key.txt")))
{
var keyPair = PublicKeyAuth.GenerateKeyPair();
System.IO.File.WriteAllText(System.IO.Path.Combine("db", "oracle-key.txt"), Convert.ToBase64String(keyPair.PublicKey) + " " + Convert.ToBase64String(keyPair.PrivateKey));
return(keyPair);
}
var data = System.IO.File.ReadAllText(System.IO.Path.Combine("db", "oracle-key.txt"));
var parts = data.Split(null);
return(new KeyPair(Convert.FromBase64String(parts[0]), Convert.FromBase64String(parts[1])));
}
public void SignTest()
{
var kp = PublicKeyAuth.GenerateKeyPair();
byte[] message = System.Text.Encoding.UTF8.GetBytes("Hello, World!");
var signature = PublicKeyAuth.Sign(message, kp.Secret);
// Test against a seed and expected output generated from libsodium
var seed = Convert.FromBase64String("zYZceFCtMRu4FAi/a47fN+21396uv/QcUMvi/u08zCw=");
var expected = Convert.FromBase64String("BlWhHIrosG+Q7jq/lMgxkw79f7dM1x2u+IR6f5nPojaVdaXpUbSpzVSPT238CCDInCnQQ5ueMetEoaXYhET+CEhlbGxvLCBXb3JsZCE=");
kp = PublicKeyAuth.GenerateKeyPair(seed);
signature = PublicKeyAuth.Sign(message, kp.Secret);
Assert.AreEqual(expected.ToString(), signature.ToString());
}
public static Key Create(string base64EncodedPrivateKey = null)
{
byte[] privateKey;
byte[] publicKey;
if (string.IsNullOrEmpty(base64EncodedPrivateKey))
{
var keyPair = PublicKeyAuth.GenerateKeyPair();
privateKey = keyPair.PrivateKey;
publicKey = keyPair.PublicKey;
}
else
{
privateKey = Convert.FromBase64String(base64EncodedPrivateKey);
publicKey = PublicKeyAuth.ExtractEd25519PublicKeyFromEd25519SecretKey(privateKey);
}
return(new Key(privateKey, publicKey));
}
public SigningKey(string keyContents)
{
var split = keyContents.Split(" ");
if (split.Length != 3)
{
throw new InvalidDataException("Key file is in the wrong format. Should be '$type $name $key'");
}
Type = split[0];
Name = split[1];
// Synapse uses unpadded base64, so we need to add our own padding to make this work.
var b64Seed = split[2].Trim();
while (b64Seed.Length % 4 != 0)
{
b64Seed += "=";
}
Pair = PublicKeyAuth.GenerateKeyPair(Convert.FromBase64String(b64Seed));
PublicKey = Convert.ToBase64String(Pair.PublicKey);
}
public void DetachedSignTest()
{
var kp = PublicKeyAuth.GenerateKeyPair();
string message = "Hello, World!";
byte[] byteMessage = System.Text.Encoding.UTF8.GetBytes(message);
var sig1 = PublicKeyAuth.SignDetached(message, kp.Secret);
var sig2 = PublicKeyAuth.SignDetached(byteMessage, kp.Secret);
Assert.AreEqual(Convert.ToBase64String(sig1), Convert.ToBase64String(sig2));
Assert.AreEqual(64, sig1.Length);
Assert.AreEqual(64, sig2.Length);
Assert.IsTrue(PublicKeyAuth.VerifyDetached(sig1, byteMessage, kp.Public));
Assert.IsTrue(PublicKeyAuth.VerifyDetached(sig1, message, kp.Public));
Assert.IsTrue(PublicKeyAuth.VerifyDetached(sig2, byteMessage, kp.Public));
Assert.IsTrue(PublicKeyAuth.VerifyDetached(sig2, message, kp.Public));
var kp2 = PublicKeyAuth.GenerateKeyPair();
Assert.IsFalse(PublicKeyAuth.VerifyDetached(sig2, message, kp2.Public));
Assert.IsFalse(PublicKeyAuth.VerifyDetached(sig2, "Invalid message test", kp.Public));
}
