public void TestAesEncrypt() { uint[] key = new uint[] { 1, 2, 3, 4 }; uint[] data = new uint[] { 5, 6, 7, 8 }; uint[] expected = new uint[] { 0x6A8FC678, 0xF71305CA, 0xACC4BE7, 0x58158314 }; var aes = new Sjcl.Cipher.Aes(key); uint[] actual = aes.Encrypt(data); Assert.IsTrue(Utils.CompareTables(expected, actual)); }
public void TestAesCtor() { uint[] key = new uint[] { 1, 2, 3, 4 }; uint[][] expected = new uint[][] { new uint[] {0x1,0x2,0x3,0x4,0x6263F262,0x6263F260,0x6263F263,0x6263F267,0x9BEA77C8,0xF98985A8,0x9BEA77CB,0xF98985AC,0x387DE651,0xC1F463F9,0x5A1E1432,0xA397919E,0xB8FCED5B,0x79088EA2,0x23169A90,0x80810B0E,0xA4D74696,0xDDDFC834,0xFEC952A4,0x7E4859AA,0xD61CEA65,0xBC32251,0xF50A70F5,0x8B42295F,0xBAB92558,0xB17A0709,0x447077FC,0xCF325EA3,0x19E12FD2,0xA89B28DB,0xECEB5F27,0x23D90184,0x379D70F4,0x9F06582F,0x73ED0708,0x5034068C,0x19F214A7,0x86F44C88,0xF5194B80,0xA52D4D0C}, new uint[] {0x19F214A7,0xA52D4D0C,0xF5194B80,0x86F44C88,0x3AA62193,0x4599526,0xEAEEA732,0x58C1582F,0x7873BBE,0xEEB73214,0xB22FFF1D,0x626779BC,0x5590368D,0x5C98CD09,0xD04886A1,0x65E04202,0xF24F44BC,0x8CD04BA8,0xB5A8C4A3,0x3070748F,0x2B3D9421,0x39788F0B,0x85D8B02C,0xC23F3033,0x5C57F60F,0xBCA03F27,0x47E7801F,0xE902A412,0xC4C3E510,0xFB47BF38,0xAEE5240D,0xB555521D,0xA76B02,0x55A29B35,0x1BB07610,0x7196B70D,0x632BCA13,0x4E12ED25,0x6A26C11D,0x7131DC0F,0x1,0x4,0x3,0x2} }; var aes = new Sjcl.Cipher.Aes(key); uint[][] actual = aes._key; Assert.IsTrue(Utils.CompareTables(expected, actual)); }
// convert user-supplied password array public static uint[] prepare_key(uint[] a) { int i, j, r; var pkey = new uint[] { 0x93C467E3, 0x7DB0C7A4, 0xD1BE3F81, 0x0152CB56 }; for (r = 65536; r-- > 0; ) { for (j = 0; j < a.Length; j += 4) { var key = new uint[] { 0, 0, 0, 0 }; for (i = 0; i < 4; i++) { if (i + j < a.Length) { key[i] = a[i + j]; } } var aes = new Sjcl.Cipher.Aes(key); pkey = aes.Encrypt(pkey); } } return pkey; }
public static Command Login(string user, string hash, uint[] passwordKey) { Command.SuccessCallBack successCallBack = (JToken result) => { // these need to be moved to session class uint[] u_storage_k; string u_storage_sid; object u_storage_privk; LoginResonse login = result.ToObject<LoginResonse>(); var aes = new Sjcl.Cipher.Aes(passwordKey); // decrypt master key uint[] keyData = Crypto.base64_to_a32(login.k); uint[] key = Crypto.decrypt_key(aes, keyData); if (!string.IsNullOrEmpty(login.tsid)) { // untested byte[] t = Crypto.base64urldecode(login.tsid); Debug.Assert(t.Length == 32); byte[] t0 = t.Take(16).ToArray(); byte[] t1 = t.Skip(16).Take(16).ToArray(); byte[] bytes = Crypto.a32_to_str(Crypto.encrypt_key(aes, Crypto.str_to_a32(t0))); if (Enumerable.SequenceEqual(bytes, t1)) { u_storage_k = key; u_storage_sid = login.tsid; } } else if (!string.IsNullOrEmpty(login.csid)) { uint[] t = Rsa.mpi2b(Crypto.base64urldecode(login.csid)); byte[] privk = Crypto.a32_to_str(Crypto.decrypt_key(aes, Crypto.base64_to_a32(login.privk))); var rsa_privk = new uint[4][]; // decompose private key int i; for (i = 0; i < 4; ++i) { int l = ((privk[0] * 256 + privk[1] + 7) >> 3) + 2; rsa_privk[i] = Rsa.mpi2b(privk.Take(l).ToArray()); if (false) { break; } // number?? privk = privk.Take(l).ToArray(); } // check format if ((i == 4) && (privk.Length < 16)) { // @@@ check remaining padding for added early wrong password detection likelihood u_storage_k = key; byte[] s = Hex.b2s(Rsa.RSAdecrypt(t, rsa_privk[2], rsa_privk[0], rsa_privk[1], rsa_privk[3])); u_storage_sid = Crypto.base64urlencode(s.Take(43).ToArray()); u_storage_privk = rsa_privk; } } Console.WriteLine(login); }; Command.ErrorCallBack errorCallBack = (Error result) => { switch (result) { case Error.ENOENT: Console.WriteLine("ENOENT"); break; default: Console.WriteLine(result); break; } }; var command = new Command(_LoginSessionChallengeOrResponse, successCallBack, errorCallBack); command.AddArgument("user", user); command.AddArgument("uh", hash); return command; }
public void TestSessionLoginFull() { Session session = new Session(); var passKey = Crypto.prepare_key_pw(Config.TestUserPass); var aes = new Sjcl.Cipher.Aes(passKey); string hash = Crypto.stringhash(Config.TestUserName.ToLower(), aes); { Command login = MakeCommand.Login(Config.TestUserName, hash, passKey); string expected = "[-9]"; // -9 is "ENOENT" which means user not found string actual = session.Execute(login); Assert.AreNotEqual(actual, expected); } { Command userDetails = MakeCommand.GetUserDetails(); string expected = ""; string actual = session.Execute(userDetails); Assert.AreEqual(actual, expected); } }