code format
This commit is contained in:
@@ -1,297 +1,297 @@
|
||||
/*
|
||||
PIP - Platform Independent Primitives
|
||||
PIP Authentication API
|
||||
Andrey Bychkov work.a.b@yandex.ru
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Lesser General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "piauth.h"
|
||||
#define PIAUTH_NOISE_MAX_SIZE 256
|
||||
|
||||
PIAuth::PIAuth(const PIByteArray & sign) : PIObject() {
|
||||
setName("Client");
|
||||
role = Client;
|
||||
state = NotConnected;
|
||||
sign_sk = sign;
|
||||
sign_pk = crypt.extractSignPublicKey(sign);
|
||||
}
|
||||
|
||||
|
||||
void PIAuth::setServerPassword(const PIString & ps) {
|
||||
pass_hash = crypt.passwordHash(ps, PIString("PIAuth").toByteArray());
|
||||
}
|
||||
|
||||
|
||||
void PIAuth::stop() {
|
||||
role = Client;
|
||||
state = NotConnected;
|
||||
auth_sign.clear();
|
||||
box_sk.clear();
|
||||
box_pk.clear();
|
||||
my_pk.clear();
|
||||
}
|
||||
|
||||
|
||||
void PIAuth::startClient() {
|
||||
role = Client;
|
||||
state = AuthProbe;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PIAuth::startServer() {
|
||||
setName("Server");
|
||||
role = Server;
|
||||
state = AuthProbe;
|
||||
PIByteArray ba;
|
||||
crypt.generateKeypair(my_pk, box_sk);
|
||||
PIByteArray noise = crypt.generateRandomBuff(randomi()%PIAUTH_NOISE_MAX_SIZE+128);
|
||||
ba << (int)state << custom_info << sign_pk << my_pk << noise;
|
||||
PIByteArray sign = crypt.signMessage(ba, sign_sk);
|
||||
ba << sign;
|
||||
return ba;
|
||||
}
|
||||
|
||||
|
||||
PIAuth::State PIAuth::receive(PIByteArray & ba) {
|
||||
if (ba.size() < sizeof(int)) return disconnect(ba, "invalid data size");
|
||||
State rstate;
|
||||
int s;
|
||||
ba >> s;
|
||||
rstate = (State)s;
|
||||
// if (state != rstate) return disconect(ba);
|
||||
|
||||
//client side
|
||||
if (role == Client) {
|
||||
if (state == AuthProbe && rstate == AuthProbe) {
|
||||
if (ba.size() < sizeof(int)*5) return disconnect(ba, "invalid data size");
|
||||
PIByteArray rinfo;
|
||||
PIByteArray rsign;
|
||||
PIByteArray rsign_pk;
|
||||
PIByteArray noise;
|
||||
ba >> rinfo >> rsign_pk >> box_pk >> noise >> rsign;
|
||||
if (rsign_pk.isEmpty() || box_pk.isEmpty() || rsign.isEmpty()) return disconnect(ba, "invalid key size");
|
||||
|
||||
PIByteArray tba;
|
||||
tba << (int)rstate << rinfo << rsign_pk << box_pk << noise;
|
||||
if (!crypt.verifySign(tba, rsign, rsign_pk)) return disconnect(ba, "Incorrect sign");
|
||||
bool auth = false;
|
||||
if (isAuthorizedKey(rsign_pk)) {
|
||||
auth = true;
|
||||
} else {
|
||||
authorize(rinfo, &auth);
|
||||
if (auth) auth_pkeys << rsign_pk;
|
||||
}
|
||||
if (!auth) return disconnect(ba, "Unauthorised");
|
||||
ba.clear();
|
||||
auth_sign = rsign_pk;
|
||||
crypt.generateKeypair(my_pk, box_sk);
|
||||
tba.clear();
|
||||
tba << sign_pk << my_pk << box_pk;
|
||||
PIByteArray sign = crypt.signMessage(tba, sign_sk);
|
||||
tba << sign;
|
||||
tba = crypt.crypt(tba, box_pk, box_sk);
|
||||
state = AuthReply;
|
||||
noise = crypt.generateRandomBuff(randomi()%PIAUTH_NOISE_MAX_SIZE);
|
||||
ba << (int)state << tba << my_pk << noise;
|
||||
sign = crypt.signMessage(ba, sign_sk);
|
||||
ba << sign;
|
||||
return state;
|
||||
}
|
||||
if (state == AuthReply && rstate == PassRequest) {
|
||||
PIByteArray ctba, tba;
|
||||
PIByteArray noise;
|
||||
PIByteArray rsign, rsign_pk;
|
||||
ba >> ctba >> rsign;
|
||||
bool ok = false;
|
||||
tba = crypt.decrypt(ctba, box_pk, box_sk, &ok);
|
||||
if (tba.isEmpty() || !ok) return disconnect(ba, "Message corrupted");
|
||||
ba.clear();
|
||||
ba << (int)rstate << ctba;
|
||||
if (!crypt.verifySign(ba, rsign, auth_sign)) return disconnect(ba, "Incorrect sign");
|
||||
ctba.clear();
|
||||
tba >> rsign_pk >> noise >> ctba;
|
||||
if (rsign_pk != auth_sign || ctba != my_pk) return disconnect(ba, "Invalid public key");
|
||||
PIString ps;
|
||||
PIByteArray ph;
|
||||
passwordRequest(&ps);
|
||||
if (ps.isEmpty()) return disconnect(ba, "Canceled by user");
|
||||
ph = crypt.passwordHash(ps, PIString("PIAuth").toByteArray());
|
||||
ps.fill(PIChar());
|
||||
tba.clear();
|
||||
tba << ph << auth_sign << sign_pk;
|
||||
tba = crypt.crypt(tba, box_pk, box_sk);
|
||||
ba.clear();
|
||||
state = PassRequest;
|
||||
ba << (int)state << tba;
|
||||
rsign = crypt.signMessage(ba, sign_sk);
|
||||
ba << rsign;
|
||||
return state;
|
||||
}
|
||||
if ((state == AuthReply && rstate == KeyExchange) || (state == PassRequest && rstate == KeyExchange)) {
|
||||
PIByteArray tba, ctba;
|
||||
PIByteArray rsign;
|
||||
ba >> ctba >> rsign;
|
||||
bool ok = false;
|
||||
tba = crypt.decrypt(ctba, box_pk, box_sk, &ok);
|
||||
if (tba.isEmpty() || !ok) return disconnect(ba, "Message corrupted");
|
||||
ba.clear();
|
||||
ba << (int)rstate << ctba;
|
||||
if (!crypt.verifySign(ba, rsign, auth_sign)) return disconnect(ba, "Incorrect sign");
|
||||
tba >> secret_key;
|
||||
if (secret_key.size() != crypt.sizeKey()) return disconnect(ba, "Invalid key");
|
||||
ba.clear();
|
||||
state = Connected;
|
||||
connected(PIString());
|
||||
ba << (int)state << crypt.crypt(custom_info, secret_key) << crypt.generateRandomBuff(randomi()%PIAUTH_NOISE_MAX_SIZE);
|
||||
return state;
|
||||
}
|
||||
if (state == Connected && rstate == Connected) {
|
||||
ba.clear();
|
||||
state = Connected;
|
||||
connected(PIString());
|
||||
ba << (int)state << crypt.crypt(custom_info, secret_key) << crypt.generateRandomBuff(randomi()%PIAUTH_NOISE_MAX_SIZE);
|
||||
return state;
|
||||
}
|
||||
}
|
||||
|
||||
// server side
|
||||
if (role == Server) {
|
||||
if (state == AuthProbe && rstate == AuthReply) {
|
||||
if (ba.size() < sizeof(int)*4) return disconnect(ba, "invalid data size");
|
||||
PIByteArray ctba, tba;
|
||||
PIByteArray noise;
|
||||
PIByteArray rsign1, rsign2;
|
||||
PIByteArray rsign_pk;
|
||||
PIByteArray pk, mpk;
|
||||
ba >> ctba >> pk >> noise >> rsign1;
|
||||
bool ok = false;
|
||||
tba = crypt.decrypt(ctba, pk, box_sk, &ok);
|
||||
if (tba.isEmpty() || !ok) return disconnect(ba, "Message corrupted");
|
||||
if (tba.size() < sizeof(int)*3) return disconnect(tba, "invalid data size");
|
||||
tba >> rsign_pk >> box_pk >> mpk >> rsign2;
|
||||
if (pk != box_pk || mpk != my_pk) return disconnect(ba, "Invalid public key");
|
||||
ba.clear();
|
||||
ba << (int)rstate << ctba << box_pk << noise;
|
||||
if (!crypt.verifySign(ba, rsign1, rsign_pk)) return disconnect(ba, "Incorrect sign");
|
||||
ba.clear();
|
||||
ba << rsign_pk << box_pk << my_pk;
|
||||
if (!crypt.verifySign(ba, rsign2, rsign_pk)) return disconnect(ba, "Incorrect sign");
|
||||
auth_sign = rsign_pk;
|
||||
if (isAuthorizedKey(rsign_pk)) {
|
||||
state = KeyExchange;
|
||||
ba = createSKMessage();
|
||||
return state;
|
||||
} else {
|
||||
ba.clear();
|
||||
tba.clear();
|
||||
state = PassRequest;
|
||||
noise = crypt.generateRandomBuff(randomi()%PIAUTH_NOISE_MAX_SIZE);
|
||||
tba << sign_pk << noise << box_pk;
|
||||
tba = crypt.crypt(tba, box_pk, box_sk);
|
||||
ba << (int)state << tba;
|
||||
rsign1 = crypt.signMessage(ba, sign_sk);
|
||||
ba << rsign1;
|
||||
return state;
|
||||
}
|
||||
}
|
||||
if (state == PassRequest && rstate == PassRequest) {
|
||||
PIByteArray tba, ctba;
|
||||
PIByteArray rsign_pk, rsign, mpk;
|
||||
ba >> ctba >> rsign;
|
||||
bool ok = false;
|
||||
tba = crypt.decrypt(ctba, box_pk, box_sk, &ok);
|
||||
if (tba.isEmpty() || !ok) return disconnect(ba, "Message corrupted");
|
||||
ba.clear();
|
||||
ba << (int)rstate << ctba;
|
||||
if (!crypt.verifySign(ba, rsign, auth_sign)) return disconnect(ba, "Incorrect sign");
|
||||
ctba.clear();
|
||||
tba >> ctba >> mpk >> rsign_pk;
|
||||
if (rsign_pk != auth_sign || mpk != sign_pk) return disconnect(ba, "Invalid public key");
|
||||
bool auth = (ctba == pass_hash);
|
||||
if (ctba.isEmpty() || pass_hash.isEmpty()) auth = false;
|
||||
passwordCheck(auth);
|
||||
if (!auth) {
|
||||
// piSleep(1);
|
||||
return disconnect(ba, "Invalid password");
|
||||
}
|
||||
state = KeyExchange;
|
||||
ba = createSKMessage();
|
||||
return state;
|
||||
}
|
||||
if ((state == KeyExchange && rstate == Connected) || (state == Connected && rstate == Connected)) {
|
||||
ba.clear();
|
||||
PIByteArray rinfo;
|
||||
ba >> rinfo;
|
||||
bool ok = false;
|
||||
rinfo = crypt.decrypt(rinfo, secret_key, &ok);
|
||||
if (!ok) return disconnect(ba, "Error while exchange keys");
|
||||
state = Connected;
|
||||
connected(rinfo);
|
||||
ba << (int)state << crypt.generateRandomBuff(randomi()%PIAUTH_NOISE_MAX_SIZE);
|
||||
return state;
|
||||
}
|
||||
}
|
||||
|
||||
return disconnect(ba, "invalid state " + PIString::fromNumber((int)state));
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PIAuth::getSecretKey() {
|
||||
if (state == Connected) return secret_key;
|
||||
return PIByteArray();
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PIAuth::generateSign(const PIByteArray & seed) {
|
||||
PIByteArray pk, sk;
|
||||
PICrypt::generateSignKeys(pk, sk, seed);
|
||||
return sk;
|
||||
}
|
||||
|
||||
|
||||
PIAuth::State PIAuth::disconnect(PIByteArray & ba, const PIString & error) {
|
||||
if (!error.isEmpty()) piCoutObj << error;
|
||||
auth_sign.clear();
|
||||
box_sk.clear();
|
||||
box_pk.clear();
|
||||
my_pk.clear();
|
||||
secret_key.clear();
|
||||
ba.clear();
|
||||
state = NotConnected;
|
||||
disconnected(error);
|
||||
return state;
|
||||
}
|
||||
|
||||
|
||||
bool PIAuth::isAuthorizedKey(const PIByteArray & pkey) {
|
||||
for (int i=0; i<auth_pkeys.size_s(); ++i) {
|
||||
if (pkey == auth_pkeys[i]) return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PIAuth::createSKMessage() {
|
||||
secret_key = crypt.generateKey();
|
||||
PIByteArray tba;
|
||||
PIByteArray noise = crypt.generateRandomBuff(randomi()%PIAUTH_NOISE_MAX_SIZE);
|
||||
tba << secret_key << noise;
|
||||
tba = crypt.crypt(tba, box_pk, box_sk);
|
||||
PIByteArray ret;
|
||||
ret << (int)state << tba;
|
||||
PIByteArray sign = crypt.signMessage(ret, sign_sk);
|
||||
ret << sign;
|
||||
return ret;
|
||||
}
|
||||
/*
|
||||
PIP - Platform Independent Primitives
|
||||
PIP Authentication API
|
||||
Andrey Bychkov work.a.b@yandex.ru
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Lesser General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "piauth.h"
|
||||
#define PIAUTH_NOISE_MAX_SIZE 256
|
||||
|
||||
PIAuth::PIAuth(const PIByteArray & sign): PIObject() {
|
||||
setName("Client");
|
||||
role = Client;
|
||||
state = NotConnected;
|
||||
sign_sk = sign;
|
||||
sign_pk = crypt.extractSignPublicKey(sign);
|
||||
}
|
||||
|
||||
|
||||
void PIAuth::setServerPassword(const PIString & ps) {
|
||||
pass_hash = crypt.passwordHash(ps, PIString("PIAuth").toByteArray());
|
||||
}
|
||||
|
||||
|
||||
void PIAuth::stop() {
|
||||
role = Client;
|
||||
state = NotConnected;
|
||||
auth_sign.clear();
|
||||
box_sk.clear();
|
||||
box_pk.clear();
|
||||
my_pk.clear();
|
||||
}
|
||||
|
||||
|
||||
void PIAuth::startClient() {
|
||||
role = Client;
|
||||
state = AuthProbe;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PIAuth::startServer() {
|
||||
setName("Server");
|
||||
role = Server;
|
||||
state = AuthProbe;
|
||||
PIByteArray ba;
|
||||
crypt.generateKeypair(my_pk, box_sk);
|
||||
PIByteArray noise = crypt.generateRandomBuff(randomi() % PIAUTH_NOISE_MAX_SIZE + 128);
|
||||
ba << (int)state << custom_info << sign_pk << my_pk << noise;
|
||||
PIByteArray sign = crypt.signMessage(ba, sign_sk);
|
||||
ba << sign;
|
||||
return ba;
|
||||
}
|
||||
|
||||
|
||||
PIAuth::State PIAuth::receive(PIByteArray & ba) {
|
||||
if (ba.size() < sizeof(int)) return disconnect(ba, "invalid data size");
|
||||
State rstate;
|
||||
int s;
|
||||
ba >> s;
|
||||
rstate = (State)s;
|
||||
// if (state != rstate) return disconect(ba);
|
||||
|
||||
// client side
|
||||
if (role == Client) {
|
||||
if (state == AuthProbe && rstate == AuthProbe) {
|
||||
if (ba.size() < sizeof(int) * 5) return disconnect(ba, "invalid data size");
|
||||
PIByteArray rinfo;
|
||||
PIByteArray rsign;
|
||||
PIByteArray rsign_pk;
|
||||
PIByteArray noise;
|
||||
ba >> rinfo >> rsign_pk >> box_pk >> noise >> rsign;
|
||||
if (rsign_pk.isEmpty() || box_pk.isEmpty() || rsign.isEmpty()) return disconnect(ba, "invalid key size");
|
||||
|
||||
PIByteArray tba;
|
||||
tba << (int)rstate << rinfo << rsign_pk << box_pk << noise;
|
||||
if (!crypt.verifySign(tba, rsign, rsign_pk)) return disconnect(ba, "Incorrect sign");
|
||||
bool auth = false;
|
||||
if (isAuthorizedKey(rsign_pk)) {
|
||||
auth = true;
|
||||
} else {
|
||||
authorize(rinfo, &auth);
|
||||
if (auth) auth_pkeys << rsign_pk;
|
||||
}
|
||||
if (!auth) return disconnect(ba, "Unauthorised");
|
||||
ba.clear();
|
||||
auth_sign = rsign_pk;
|
||||
crypt.generateKeypair(my_pk, box_sk);
|
||||
tba.clear();
|
||||
tba << sign_pk << my_pk << box_pk;
|
||||
PIByteArray sign = crypt.signMessage(tba, sign_sk);
|
||||
tba << sign;
|
||||
tba = crypt.crypt(tba, box_pk, box_sk);
|
||||
state = AuthReply;
|
||||
noise = crypt.generateRandomBuff(randomi() % PIAUTH_NOISE_MAX_SIZE);
|
||||
ba << (int)state << tba << my_pk << noise;
|
||||
sign = crypt.signMessage(ba, sign_sk);
|
||||
ba << sign;
|
||||
return state;
|
||||
}
|
||||
if (state == AuthReply && rstate == PassRequest) {
|
||||
PIByteArray ctba, tba;
|
||||
PIByteArray noise;
|
||||
PIByteArray rsign, rsign_pk;
|
||||
ba >> ctba >> rsign;
|
||||
bool ok = false;
|
||||
tba = crypt.decrypt(ctba, box_pk, box_sk, &ok);
|
||||
if (tba.isEmpty() || !ok) return disconnect(ba, "Message corrupted");
|
||||
ba.clear();
|
||||
ba << (int)rstate << ctba;
|
||||
if (!crypt.verifySign(ba, rsign, auth_sign)) return disconnect(ba, "Incorrect sign");
|
||||
ctba.clear();
|
||||
tba >> rsign_pk >> noise >> ctba;
|
||||
if (rsign_pk != auth_sign || ctba != my_pk) return disconnect(ba, "Invalid public key");
|
||||
PIString ps;
|
||||
PIByteArray ph;
|
||||
passwordRequest(&ps);
|
||||
if (ps.isEmpty()) return disconnect(ba, "Canceled by user");
|
||||
ph = crypt.passwordHash(ps, PIString("PIAuth").toByteArray());
|
||||
ps.fill(PIChar());
|
||||
tba.clear();
|
||||
tba << ph << auth_sign << sign_pk;
|
||||
tba = crypt.crypt(tba, box_pk, box_sk);
|
||||
ba.clear();
|
||||
state = PassRequest;
|
||||
ba << (int)state << tba;
|
||||
rsign = crypt.signMessage(ba, sign_sk);
|
||||
ba << rsign;
|
||||
return state;
|
||||
}
|
||||
if ((state == AuthReply && rstate == KeyExchange) || (state == PassRequest && rstate == KeyExchange)) {
|
||||
PIByteArray tba, ctba;
|
||||
PIByteArray rsign;
|
||||
ba >> ctba >> rsign;
|
||||
bool ok = false;
|
||||
tba = crypt.decrypt(ctba, box_pk, box_sk, &ok);
|
||||
if (tba.isEmpty() || !ok) return disconnect(ba, "Message corrupted");
|
||||
ba.clear();
|
||||
ba << (int)rstate << ctba;
|
||||
if (!crypt.verifySign(ba, rsign, auth_sign)) return disconnect(ba, "Incorrect sign");
|
||||
tba >> secret_key;
|
||||
if (secret_key.size() != crypt.sizeKey()) return disconnect(ba, "Invalid key");
|
||||
ba.clear();
|
||||
state = Connected;
|
||||
connected(PIString());
|
||||
ba << (int)state << crypt.crypt(custom_info, secret_key) << crypt.generateRandomBuff(randomi() % PIAUTH_NOISE_MAX_SIZE);
|
||||
return state;
|
||||
}
|
||||
if (state == Connected && rstate == Connected) {
|
||||
ba.clear();
|
||||
state = Connected;
|
||||
connected(PIString());
|
||||
ba << (int)state << crypt.crypt(custom_info, secret_key) << crypt.generateRandomBuff(randomi() % PIAUTH_NOISE_MAX_SIZE);
|
||||
return state;
|
||||
}
|
||||
}
|
||||
|
||||
// server side
|
||||
if (role == Server) {
|
||||
if (state == AuthProbe && rstate == AuthReply) {
|
||||
if (ba.size() < sizeof(int) * 4) return disconnect(ba, "invalid data size");
|
||||
PIByteArray ctba, tba;
|
||||
PIByteArray noise;
|
||||
PIByteArray rsign1, rsign2;
|
||||
PIByteArray rsign_pk;
|
||||
PIByteArray pk, mpk;
|
||||
ba >> ctba >> pk >> noise >> rsign1;
|
||||
bool ok = false;
|
||||
tba = crypt.decrypt(ctba, pk, box_sk, &ok);
|
||||
if (tba.isEmpty() || !ok) return disconnect(ba, "Message corrupted");
|
||||
if (tba.size() < sizeof(int) * 3) return disconnect(tba, "invalid data size");
|
||||
tba >> rsign_pk >> box_pk >> mpk >> rsign2;
|
||||
if (pk != box_pk || mpk != my_pk) return disconnect(ba, "Invalid public key");
|
||||
ba.clear();
|
||||
ba << (int)rstate << ctba << box_pk << noise;
|
||||
if (!crypt.verifySign(ba, rsign1, rsign_pk)) return disconnect(ba, "Incorrect sign");
|
||||
ba.clear();
|
||||
ba << rsign_pk << box_pk << my_pk;
|
||||
if (!crypt.verifySign(ba, rsign2, rsign_pk)) return disconnect(ba, "Incorrect sign");
|
||||
auth_sign = rsign_pk;
|
||||
if (isAuthorizedKey(rsign_pk)) {
|
||||
state = KeyExchange;
|
||||
ba = createSKMessage();
|
||||
return state;
|
||||
} else {
|
||||
ba.clear();
|
||||
tba.clear();
|
||||
state = PassRequest;
|
||||
noise = crypt.generateRandomBuff(randomi() % PIAUTH_NOISE_MAX_SIZE);
|
||||
tba << sign_pk << noise << box_pk;
|
||||
tba = crypt.crypt(tba, box_pk, box_sk);
|
||||
ba << (int)state << tba;
|
||||
rsign1 = crypt.signMessage(ba, sign_sk);
|
||||
ba << rsign1;
|
||||
return state;
|
||||
}
|
||||
}
|
||||
if (state == PassRequest && rstate == PassRequest) {
|
||||
PIByteArray tba, ctba;
|
||||
PIByteArray rsign_pk, rsign, mpk;
|
||||
ba >> ctba >> rsign;
|
||||
bool ok = false;
|
||||
tba = crypt.decrypt(ctba, box_pk, box_sk, &ok);
|
||||
if (tba.isEmpty() || !ok) return disconnect(ba, "Message corrupted");
|
||||
ba.clear();
|
||||
ba << (int)rstate << ctba;
|
||||
if (!crypt.verifySign(ba, rsign, auth_sign)) return disconnect(ba, "Incorrect sign");
|
||||
ctba.clear();
|
||||
tba >> ctba >> mpk >> rsign_pk;
|
||||
if (rsign_pk != auth_sign || mpk != sign_pk) return disconnect(ba, "Invalid public key");
|
||||
bool auth = (ctba == pass_hash);
|
||||
if (ctba.isEmpty() || pass_hash.isEmpty()) auth = false;
|
||||
passwordCheck(auth);
|
||||
if (!auth) {
|
||||
// piSleep(1);
|
||||
return disconnect(ba, "Invalid password");
|
||||
}
|
||||
state = KeyExchange;
|
||||
ba = createSKMessage();
|
||||
return state;
|
||||
}
|
||||
if ((state == KeyExchange && rstate == Connected) || (state == Connected && rstate == Connected)) {
|
||||
ba.clear();
|
||||
PIByteArray rinfo;
|
||||
ba >> rinfo;
|
||||
bool ok = false;
|
||||
rinfo = crypt.decrypt(rinfo, secret_key, &ok);
|
||||
if (!ok) return disconnect(ba, "Error while exchange keys");
|
||||
state = Connected;
|
||||
connected(rinfo);
|
||||
ba << (int)state << crypt.generateRandomBuff(randomi() % PIAUTH_NOISE_MAX_SIZE);
|
||||
return state;
|
||||
}
|
||||
}
|
||||
|
||||
return disconnect(ba, "invalid state " + PIString::fromNumber((int)state));
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PIAuth::getSecretKey() {
|
||||
if (state == Connected) return secret_key;
|
||||
return PIByteArray();
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PIAuth::generateSign(const PIByteArray & seed) {
|
||||
PIByteArray pk, sk;
|
||||
PICrypt::generateSignKeys(pk, sk, seed);
|
||||
return sk;
|
||||
}
|
||||
|
||||
|
||||
PIAuth::State PIAuth::disconnect(PIByteArray & ba, const PIString & error) {
|
||||
if (!error.isEmpty()) piCoutObj << error;
|
||||
auth_sign.clear();
|
||||
box_sk.clear();
|
||||
box_pk.clear();
|
||||
my_pk.clear();
|
||||
secret_key.clear();
|
||||
ba.clear();
|
||||
state = NotConnected;
|
||||
disconnected(error);
|
||||
return state;
|
||||
}
|
||||
|
||||
|
||||
bool PIAuth::isAuthorizedKey(const PIByteArray & pkey) {
|
||||
for (int i = 0; i < auth_pkeys.size_s(); ++i) {
|
||||
if (pkey == auth_pkeys[i]) return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PIAuth::createSKMessage() {
|
||||
secret_key = crypt.generateKey();
|
||||
PIByteArray tba;
|
||||
PIByteArray noise = crypt.generateRandomBuff(randomi() % PIAUTH_NOISE_MAX_SIZE);
|
||||
tba << secret_key << noise;
|
||||
tba = crypt.crypt(tba, box_pk, box_sk);
|
||||
PIByteArray ret;
|
||||
ret << (int)state << tba;
|
||||
PIByteArray sign = crypt.signMessage(ret, sign_sk);
|
||||
ret << sign;
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -1,448 +1,457 @@
|
||||
/*
|
||||
PIP - Platform Independent Primitives
|
||||
Cryptographic class using lib Sodium
|
||||
Andrey Bychkov work.a.b@yandex.ru
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Lesser General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "picrypt.h"
|
||||
#ifdef PIP_CRYPT
|
||||
# include <sodium.h>
|
||||
#endif
|
||||
|
||||
#define PICRYPT_DISABLED_WARNING piCout << "[PICrypt]" << "Warning: PICrypt is disabled, to enable install sodium library and rebuild pip";
|
||||
|
||||
const char hash_def_key[] = "_picrypt_\0\0\0\0\0\0\0";
|
||||
const int hash_def_key_size = 9;
|
||||
|
||||
|
||||
PICrypt::PICrypt() {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) piCout << "[PICrypt]" << "Error while initialize sodium!";
|
||||
nonce_.resize(crypto_secretbox_NONCEBYTES);
|
||||
key_.resize(crypto_secretbox_KEYBYTES);
|
||||
randombytes_buf(key_.data(), key_.size());
|
||||
randombytes_buf(nonce_.data(), nonce_.size());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
bool PICrypt::setKey(const PIByteArray & _key) {
|
||||
if (_key.size() != key_.size()) return false;
|
||||
key_ = _key;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::setKey(const PIString & secret) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
hash.resize(crypto_generichash_BYTES);
|
||||
PIByteArray s(secret.data(), secret.size());
|
||||
crypto_generichash(hash.data(), hash.size(), s.data(), s.size(), (const uchar*)hash_def_key, hash_def_key_size);
|
||||
hash.resize(key_.size());
|
||||
setKey(hash);
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::crypt(const PIByteArray & data) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
ret.resize(data.size() + crypto_secretbox_MACBYTES);
|
||||
randombytes_buf(nonce_.data(), nonce_.size());
|
||||
crypto_secretbox_easy(ret.data(), data.data(), data.size(), nonce_.data(), key_.data());
|
||||
ret.append(nonce_);
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::crypt(const PIByteArray & data, PIByteArray key) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (key.size() != crypto_secretbox_KEYBYTES)
|
||||
key.resize(crypto_secretbox_KEYBYTES, ' ');
|
||||
//return PIByteArray();
|
||||
if (!init()) return ret;
|
||||
PIByteArray n;
|
||||
ret.resize(data.size() + crypto_secretbox_MACBYTES);
|
||||
n.resize(crypto_secretbox_NONCEBYTES);
|
||||
randombytes_buf(n.data(), n.size());
|
||||
crypto_secretbox_easy(ret.data(), data.data(), data.size(), n.data(), key.data());
|
||||
ret.append(n);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, bool *ok) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (crypt_data.size() < nonce_.size() + crypto_secretbox_MACBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return PIByteArray();
|
||||
}
|
||||
ret.resize(crypt_data.size() - nonce_.size() - crypto_secretbox_MACBYTES);
|
||||
memcpy(nonce_.data(), crypt_data.data(crypt_data.size() - nonce_.size()), nonce_.size());
|
||||
if (crypto_secretbox_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - nonce_.size(), nonce_.data(), key_.data()) != 0) {
|
||||
if (ok) *ok = false;
|
||||
// piCout << "[PICrypt]" << "bad key_";
|
||||
return PIByteArray();
|
||||
}
|
||||
#endif
|
||||
if (ok) *ok = true;
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, PIByteArray key, bool *ok) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (key.size() != crypto_secretbox_KEYBYTES)
|
||||
key.resize(crypto_secretbox_KEYBYTES, ' ');
|
||||
/*if (ok) *ok = false;
|
||||
return PIByteArray();
|
||||
}*/
|
||||
if (crypt_data.size() < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return PIByteArray();
|
||||
}
|
||||
if (!init()) return ret;
|
||||
PIByteArray n;
|
||||
n.resize(crypto_secretbox_NONCEBYTES);
|
||||
ret.resize(crypt_data.size() - n.size() - crypto_secretbox_MACBYTES);
|
||||
memcpy(n.data(), crypt_data.data(crypt_data.size() - n.size()), n.size());
|
||||
if (crypto_secretbox_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - n.size(), n.data(), key.data()) != 0) {
|
||||
if (ok) *ok = false;
|
||||
// piCout << "[PICrypt]" << "bad key_";
|
||||
return PIByteArray();
|
||||
} else if (ok) *ok = true;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::hash(const PIString & secret) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return hash;
|
||||
hash.resize(crypto_generichash_BYTES);
|
||||
PIByteArray s(secret.data(), secret.size());
|
||||
crypto_generichash(hash.data(), hash.size(), s.data(), s.size(),(const uchar*)hash_def_key, hash_def_key_size);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::hash(const PIByteArray & data) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return hash;
|
||||
hash.resize(crypto_generichash_BYTES);
|
||||
crypto_generichash(hash.data(), hash.size(), data.data(), data.size(), (const uchar*)hash_def_key, hash_def_key_size);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::hash(const PIByteArray & data, const unsigned char *key, size_t keylen) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return hash;
|
||||
hash.resize(crypto_generichash_BYTES);
|
||||
crypto_generichash(hash.data(), hash.size(), data.data(), data.size(), key, keylen);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
size_t PICrypt::sizeHash() {
|
||||
#ifdef PIP_CRYPT
|
||||
return crypto_generichash_BYTES;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
ullong PICrypt::shorthash(const PIString& s, PIByteArray key) {
|
||||
ullong hash = 0;
|
||||
#ifdef PIP_CRYPT
|
||||
if (crypto_shorthash_BYTES != sizeof(hash)) piCout << "[PICrypt]" << "internal error: bad hash size";
|
||||
if (!init()) return hash;
|
||||
if (key.size() != crypto_shorthash_KEYBYTES) {
|
||||
piCout << "[PICrypt]" << "invalid key size" << key.size() << ", shoud be" << crypto_shorthash_KEYBYTES << ", filled zeros";
|
||||
key.resize(crypto_shorthash_KEYBYTES, 0);
|
||||
}
|
||||
PIByteArray in(s.data(), s.size());
|
||||
crypto_shorthash((uchar *)&hash, in.data(), in.size(), key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::generateKey() {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return hash;
|
||||
hash.resize(crypto_secretbox_KEYBYTES);
|
||||
randombytes_buf(hash.data(), hash.size());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::generateRandomBuff(int size) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init() || size <= 0) return hash;
|
||||
hash.resize(size);
|
||||
randombytes_buf(hash.data(), hash.size());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
size_t PICrypt::sizeKey() {
|
||||
#ifdef PIP_CRYPT
|
||||
return crypto_secretbox_KEYBYTES;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
size_t PICrypt::sizeCrypt() {
|
||||
#ifdef PIP_CRYPT
|
||||
return crypto_secretbox_MACBYTES + crypto_secretbox_NONCEBYTES;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
void PICrypt::generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return;
|
||||
public_key.resize(crypto_sign_PUBLICKEYBYTES);
|
||||
secret_key.resize(crypto_sign_SECRETKEYBYTES);
|
||||
crypto_sign_keypair(public_key.data(), secret_key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
void PICrypt::generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init() || seed.isEmpty()) return;
|
||||
public_key.resize(crypto_sign_PUBLICKEYBYTES);
|
||||
secret_key.resize(crypto_sign_SECRETKEYBYTES);
|
||||
crypto_sign_seed_keypair(public_key.data(), secret_key.data(), hash(seed).data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::extractSignPublicKey(const PIByteArray & secret_key) {
|
||||
PIByteArray pk;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init() || secret_key.size() != crypto_sign_SECRETKEYBYTES) return pk;
|
||||
pk.resize(crypto_sign_PUBLICKEYBYTES);
|
||||
crypto_sign_ed25519_sk_to_pk(pk.data(), secret_key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return pk;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::signMessage(const PIByteArray & data, PIByteArray secret_key) {
|
||||
PIByteArray sign;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return sign;
|
||||
sign.resize(crypto_sign_BYTES);
|
||||
crypto_sign_detached(sign.data(), 0, data.data(), data.size(), secret_key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return sign;
|
||||
}
|
||||
|
||||
|
||||
bool PICrypt::verifySign(const PIByteArray & data, const PIByteArray & signature, PIByteArray public_key) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return false;
|
||||
return (crypto_sign_verify_detached(signature.data(), data.data(), data.size(), public_key.data()) == 0);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
void PICrypt::generateKeypair(PIByteArray & public_key, PIByteArray & secret_key) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return;
|
||||
public_key.resize(crypto_box_PUBLICKEYBYTES);
|
||||
secret_key.resize(crypto_box_SECRETKEYBYTES);
|
||||
crypto_box_keypair(public_key.data(), secret_key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
void PICrypt::generateKeypair(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return;
|
||||
public_key.resize(crypto_box_PUBLICKEYBYTES);
|
||||
secret_key.resize(crypto_box_SECRETKEYBYTES);
|
||||
crypto_box_seed_keypair(public_key.data(), secret_key.data(), hash(seed).data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::crypt(const PIByteArray & data, const PIByteArray & public_key, const PIByteArray & secret_key) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return ret;
|
||||
if (public_key.size() != crypto_box_PUBLICKEYBYTES)
|
||||
return ret;
|
||||
if (secret_key.size() != crypto_box_SECRETKEYBYTES)
|
||||
return ret;
|
||||
PIByteArray n;
|
||||
ret.resize(data.size() + crypto_box_MACBYTES);
|
||||
n.resize(crypto_box_NONCEBYTES);
|
||||
randombytes_buf(n.data(), n.size());
|
||||
if (crypto_box_easy(ret.data(), data.data(), data.size(), n.data(), public_key.data(), secret_key.data()) != 0)
|
||||
return PIByteArray();
|
||||
ret.append(n);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, const PIByteArray & public_key, const PIByteArray & secret_key, bool * ok) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return ret;
|
||||
if (public_key.size() != crypto_box_PUBLICKEYBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return ret;
|
||||
}
|
||||
if (secret_key.size() != crypto_box_SECRETKEYBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return ret;
|
||||
}
|
||||
if (crypt_data.size() < crypto_box_NONCEBYTES + crypto_box_MACBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return ret;
|
||||
}
|
||||
PIByteArray n;
|
||||
n.resize(crypto_secretbox_NONCEBYTES);
|
||||
ret.resize(crypt_data.size() - n.size() - crypto_secretbox_MACBYTES);
|
||||
memcpy(n.data(), crypt_data.data(crypt_data.size() - n.size()), n.size());
|
||||
if (crypto_box_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - n.size(), n.data(), public_key.data(), secret_key.data()) != 0) {
|
||||
if (ok) *ok = false;
|
||||
// piCout << "[PICrypt]" << "bad key_";
|
||||
return PIByteArray();
|
||||
} else if (ok) *ok = true;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::passwordHash(const PIString & password, const PIByteArray & seed) {
|
||||
#ifdef crypto_pwhash_ALG_ARGON2I13
|
||||
// char out[crypto_pwhash_STRBYTES];
|
||||
PIByteArray pass = password.toUTF8();
|
||||
PIByteArray n = hash(seed);
|
||||
PIByteArray ph;
|
||||
ph.resize(crypto_box_SEEDBYTES);
|
||||
n.resize(crypto_pwhash_SALTBYTES);
|
||||
// randombytes_buf(n.data(), n.size());
|
||||
// crypto_shorthash(n.data(), seed.data(), seed.size(), PIByteArray(crypto_shorthash_KEYBYTES).data());
|
||||
int r = crypto_pwhash(ph.data(), ph.size(), (const char*)pass.data(), pass.size(), n.data(), crypto_pwhash_argon2i_opslimit_moderate(), crypto_pwhash_argon2i_memlimit_moderate(), crypto_pwhash_ALG_ARGON2I13);
|
||||
//crypto_pwhash_str(out, (const char*)pass.data(), pass.size(), crypto_pwhash_argon2i_opslimit_moderate(), crypto_pwhash_argon2i_memlimit_moderate());
|
||||
pass.fill(0);
|
||||
if (r != 0) return PIByteArray();
|
||||
return ph;
|
||||
// PIByteArray ret;
|
||||
// ret << ph << n << crypto_pwhash_argon2i_opslimit_moderate() << crypto_pwhash_argon2i_memlimit_moderate();
|
||||
// return ret;
|
||||
#else
|
||||
return PIByteArray();
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
PIString PICrypt::version() {
|
||||
#ifdef PIP_CRYPT
|
||||
return SODIUM_VERSION_STRING;
|
||||
#else
|
||||
return PIString();
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
bool PICrypt::init() {
|
||||
#ifdef PIP_CRYPT
|
||||
static bool inited = false;
|
||||
if (inited) return true;
|
||||
//piCout << "[PICrypt]" << "init ...";
|
||||
inited = sodium_init();
|
||||
if (!inited)
|
||||
inited = sodium_init();
|
||||
//piCout << "[PICrypt]" << "init" << inited;
|
||||
return inited;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/*
|
||||
PIP - Platform Independent Primitives
|
||||
Cryptographic class using lib Sodium
|
||||
Andrey Bychkov work.a.b@yandex.ru
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Lesser General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "picrypt.h"
|
||||
#ifdef PIP_CRYPT
|
||||
# include <sodium.h>
|
||||
#endif
|
||||
|
||||
#define PICRYPT_DISABLED_WARNING \
|
||||
piCout << "[PICrypt]" \
|
||||
<< "Warning: PICrypt is disabled, to enable install sodium library and rebuild pip";
|
||||
|
||||
const char hash_def_key[] = "_picrypt_\0\0\0\0\0\0\0";
|
||||
const int hash_def_key_size = 9;
|
||||
|
||||
|
||||
PICrypt::PICrypt() {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init())
|
||||
piCout << "[PICrypt]"
|
||||
<< "Error while initialize sodium!";
|
||||
nonce_.resize(crypto_secretbox_NONCEBYTES);
|
||||
key_.resize(crypto_secretbox_KEYBYTES);
|
||||
randombytes_buf(key_.data(), key_.size());
|
||||
randombytes_buf(nonce_.data(), nonce_.size());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
bool PICrypt::setKey(const PIByteArray & _key) {
|
||||
if (_key.size() != key_.size()) return false;
|
||||
key_ = _key;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::setKey(const PIString & secret) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
hash.resize(crypto_generichash_BYTES);
|
||||
PIByteArray s(secret.data(), secret.size());
|
||||
crypto_generichash(hash.data(), hash.size(), s.data(), s.size(), (const uchar *)hash_def_key, hash_def_key_size);
|
||||
hash.resize(key_.size());
|
||||
setKey(hash);
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::crypt(const PIByteArray & data) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
ret.resize(data.size() + crypto_secretbox_MACBYTES);
|
||||
randombytes_buf(nonce_.data(), nonce_.size());
|
||||
crypto_secretbox_easy(ret.data(), data.data(), data.size(), nonce_.data(), key_.data());
|
||||
ret.append(nonce_);
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::crypt(const PIByteArray & data, PIByteArray key) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (key.size() != crypto_secretbox_KEYBYTES) key.resize(crypto_secretbox_KEYBYTES, ' ');
|
||||
// return PIByteArray();
|
||||
if (!init()) return ret;
|
||||
PIByteArray n;
|
||||
ret.resize(data.size() + crypto_secretbox_MACBYTES);
|
||||
n.resize(crypto_secretbox_NONCEBYTES);
|
||||
randombytes_buf(n.data(), n.size());
|
||||
crypto_secretbox_easy(ret.data(), data.data(), data.size(), n.data(), key.data());
|
||||
ret.append(n);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, bool * ok) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (crypt_data.size() < nonce_.size() + crypto_secretbox_MACBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return PIByteArray();
|
||||
}
|
||||
ret.resize(crypt_data.size() - nonce_.size() - crypto_secretbox_MACBYTES);
|
||||
memcpy(nonce_.data(), crypt_data.data(crypt_data.size() - nonce_.size()), nonce_.size());
|
||||
if (crypto_secretbox_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - nonce_.size(), nonce_.data(), key_.data()) != 0) {
|
||||
if (ok) *ok = false;
|
||||
// piCout << "[PICrypt]" << "bad key_";
|
||||
return PIByteArray();
|
||||
}
|
||||
#endif
|
||||
if (ok) *ok = true;
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, PIByteArray key, bool * ok) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (key.size() != crypto_secretbox_KEYBYTES) key.resize(crypto_secretbox_KEYBYTES, ' ');
|
||||
/*if (ok) *ok = false;
|
||||
return PIByteArray();
|
||||
}*/
|
||||
if (crypt_data.size() < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return PIByteArray();
|
||||
}
|
||||
if (!init()) return ret;
|
||||
PIByteArray n;
|
||||
n.resize(crypto_secretbox_NONCEBYTES);
|
||||
ret.resize(crypt_data.size() - n.size() - crypto_secretbox_MACBYTES);
|
||||
memcpy(n.data(), crypt_data.data(crypt_data.size() - n.size()), n.size());
|
||||
if (crypto_secretbox_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - n.size(), n.data(), key.data()) != 0) {
|
||||
if (ok) *ok = false;
|
||||
// piCout << "[PICrypt]" << "bad key_";
|
||||
return PIByteArray();
|
||||
} else if (ok)
|
||||
*ok = true;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::hash(const PIString & secret) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return hash;
|
||||
hash.resize(crypto_generichash_BYTES);
|
||||
PIByteArray s(secret.data(), secret.size());
|
||||
crypto_generichash(hash.data(), hash.size(), s.data(), s.size(), (const uchar *)hash_def_key, hash_def_key_size);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::hash(const PIByteArray & data) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return hash;
|
||||
hash.resize(crypto_generichash_BYTES);
|
||||
crypto_generichash(hash.data(), hash.size(), data.data(), data.size(), (const uchar *)hash_def_key, hash_def_key_size);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::hash(const PIByteArray & data, const unsigned char * key, size_t keylen) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return hash;
|
||||
hash.resize(crypto_generichash_BYTES);
|
||||
crypto_generichash(hash.data(), hash.size(), data.data(), data.size(), key, keylen);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
size_t PICrypt::sizeHash() {
|
||||
#ifdef PIP_CRYPT
|
||||
return crypto_generichash_BYTES;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
ullong PICrypt::shorthash(const PIString & s, PIByteArray key) {
|
||||
ullong hash = 0;
|
||||
#ifdef PIP_CRYPT
|
||||
if (crypto_shorthash_BYTES != sizeof(hash))
|
||||
piCout << "[PICrypt]"
|
||||
<< "internal error: bad hash size";
|
||||
if (!init()) return hash;
|
||||
if (key.size() != crypto_shorthash_KEYBYTES) {
|
||||
piCout << "[PICrypt]"
|
||||
<< "invalid key size" << key.size() << ", shoud be" << crypto_shorthash_KEYBYTES << ", filled zeros";
|
||||
key.resize(crypto_shorthash_KEYBYTES, 0);
|
||||
}
|
||||
PIByteArray in(s.data(), s.size());
|
||||
crypto_shorthash((uchar *)&hash, in.data(), in.size(), key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::generateKey() {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return hash;
|
||||
hash.resize(crypto_secretbox_KEYBYTES);
|
||||
randombytes_buf(hash.data(), hash.size());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::generateRandomBuff(int size) {
|
||||
PIByteArray hash;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init() || size <= 0) return hash;
|
||||
hash.resize(size);
|
||||
randombytes_buf(hash.data(), hash.size());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return hash;
|
||||
}
|
||||
|
||||
|
||||
size_t PICrypt::sizeKey() {
|
||||
#ifdef PIP_CRYPT
|
||||
return crypto_secretbox_KEYBYTES;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
size_t PICrypt::sizeCrypt() {
|
||||
#ifdef PIP_CRYPT
|
||||
return crypto_secretbox_MACBYTES + crypto_secretbox_NONCEBYTES;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
void PICrypt::generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return;
|
||||
public_key.resize(crypto_sign_PUBLICKEYBYTES);
|
||||
secret_key.resize(crypto_sign_SECRETKEYBYTES);
|
||||
crypto_sign_keypair(public_key.data(), secret_key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
void PICrypt::generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init() || seed.isEmpty()) return;
|
||||
public_key.resize(crypto_sign_PUBLICKEYBYTES);
|
||||
secret_key.resize(crypto_sign_SECRETKEYBYTES);
|
||||
crypto_sign_seed_keypair(public_key.data(), secret_key.data(), hash(seed).data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::extractSignPublicKey(const PIByteArray & secret_key) {
|
||||
PIByteArray pk;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init() || secret_key.size() != crypto_sign_SECRETKEYBYTES) return pk;
|
||||
pk.resize(crypto_sign_PUBLICKEYBYTES);
|
||||
crypto_sign_ed25519_sk_to_pk(pk.data(), secret_key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return pk;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::signMessage(const PIByteArray & data, PIByteArray secret_key) {
|
||||
PIByteArray sign;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return sign;
|
||||
sign.resize(crypto_sign_BYTES);
|
||||
crypto_sign_detached(sign.data(), 0, data.data(), data.size(), secret_key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return sign;
|
||||
}
|
||||
|
||||
|
||||
bool PICrypt::verifySign(const PIByteArray & data, const PIByteArray & signature, PIByteArray public_key) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return false;
|
||||
return (crypto_sign_verify_detached(signature.data(), data.data(), data.size(), public_key.data()) == 0);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
void PICrypt::generateKeypair(PIByteArray & public_key, PIByteArray & secret_key) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return;
|
||||
public_key.resize(crypto_box_PUBLICKEYBYTES);
|
||||
secret_key.resize(crypto_box_SECRETKEYBYTES);
|
||||
crypto_box_keypair(public_key.data(), secret_key.data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
void PICrypt::generateKeypair(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed) {
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return;
|
||||
public_key.resize(crypto_box_PUBLICKEYBYTES);
|
||||
secret_key.resize(crypto_box_SECRETKEYBYTES);
|
||||
crypto_box_seed_keypair(public_key.data(), secret_key.data(), hash(seed).data());
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::crypt(const PIByteArray & data, const PIByteArray & public_key, const PIByteArray & secret_key) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return ret;
|
||||
if (public_key.size() != crypto_box_PUBLICKEYBYTES) return ret;
|
||||
if (secret_key.size() != crypto_box_SECRETKEYBYTES) return ret;
|
||||
PIByteArray n;
|
||||
ret.resize(data.size() + crypto_box_MACBYTES);
|
||||
n.resize(crypto_box_NONCEBYTES);
|
||||
randombytes_buf(n.data(), n.size());
|
||||
if (crypto_box_easy(ret.data(), data.data(), data.size(), n.data(), public_key.data(), secret_key.data()) != 0) return PIByteArray();
|
||||
ret.append(n);
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, const PIByteArray & public_key, const PIByteArray & secret_key, bool * ok) {
|
||||
PIByteArray ret;
|
||||
#ifdef PIP_CRYPT
|
||||
if (!init()) return ret;
|
||||
if (public_key.size() != crypto_box_PUBLICKEYBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return ret;
|
||||
}
|
||||
if (secret_key.size() != crypto_box_SECRETKEYBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return ret;
|
||||
}
|
||||
if (crypt_data.size() < crypto_box_NONCEBYTES + crypto_box_MACBYTES) {
|
||||
if (ok) *ok = false;
|
||||
return ret;
|
||||
}
|
||||
PIByteArray n;
|
||||
n.resize(crypto_secretbox_NONCEBYTES);
|
||||
ret.resize(crypt_data.size() - n.size() - crypto_secretbox_MACBYTES);
|
||||
memcpy(n.data(), crypt_data.data(crypt_data.size() - n.size()), n.size());
|
||||
if (crypto_box_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - n.size(), n.data(), public_key.data(), secret_key.data()) !=
|
||||
0) {
|
||||
if (ok) *ok = false;
|
||||
// piCout << "[PICrypt]" << "bad key_";
|
||||
return PIByteArray();
|
||||
} else if (ok)
|
||||
*ok = true;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
PIByteArray PICrypt::passwordHash(const PIString & password, const PIByteArray & seed) {
|
||||
#ifdef crypto_pwhash_ALG_ARGON2I13
|
||||
// char out[crypto_pwhash_STRBYTES];
|
||||
PIByteArray pass = password.toUTF8();
|
||||
PIByteArray n = hash(seed);
|
||||
PIByteArray ph;
|
||||
ph.resize(crypto_box_SEEDBYTES);
|
||||
n.resize(crypto_pwhash_SALTBYTES);
|
||||
// randombytes_buf(n.data(), n.size());
|
||||
// crypto_shorthash(n.data(), seed.data(), seed.size(), PIByteArray(crypto_shorthash_KEYBYTES).data());
|
||||
int r = crypto_pwhash(ph.data(),
|
||||
ph.size(),
|
||||
(const char *)pass.data(),
|
||||
pass.size(),
|
||||
n.data(),
|
||||
crypto_pwhash_argon2i_opslimit_moderate(),
|
||||
crypto_pwhash_argon2i_memlimit_moderate(),
|
||||
crypto_pwhash_ALG_ARGON2I13);
|
||||
// crypto_pwhash_str(out, (const char*)pass.data(), pass.size(), crypto_pwhash_argon2i_opslimit_moderate(),
|
||||
// crypto_pwhash_argon2i_memlimit_moderate());
|
||||
pass.fill(0);
|
||||
if (r != 0) return PIByteArray();
|
||||
return ph;
|
||||
// PIByteArray ret;
|
||||
// ret << ph << n << crypto_pwhash_argon2i_opslimit_moderate() << crypto_pwhash_argon2i_memlimit_moderate();
|
||||
// return ret;
|
||||
#else
|
||||
return PIByteArray();
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
PIString PICrypt::version() {
|
||||
#ifdef PIP_CRYPT
|
||||
return SODIUM_VERSION_STRING;
|
||||
#else
|
||||
return PIString();
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
bool PICrypt::init() {
|
||||
#ifdef PIP_CRYPT
|
||||
static bool inited = false;
|
||||
if (inited) return true;
|
||||
// piCout << "[PICrypt]" << "init ...";
|
||||
inited = sodium_init();
|
||||
if (!inited) inited = sodium_init();
|
||||
// piCout << "[PICrypt]" << "init" << inited;
|
||||
return inited;
|
||||
#else
|
||||
PICRYPT_DISABLED_WARNING
|
||||
#endif
|
||||
return false;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user