func init() { var err error kp1, err = libkb.GenerateNaclDHKeyPair() if err != nil { panic(err) } kp2, err = libkb.GenerateNaclDHKeyPair() if err != nil { panic(err) } }
// Test that CryptoHandler.UnboxBytes32() decrypts a boxed 32-byte // array correctly. func TestCryptoUnboxBytes32(t *testing.T) { tc := SetupEngineTest(t, "crypto") defer tc.Cleanup() u := CreateAndSignupFakeUser(tc, "fu") secretUI := &libkb.TestSecretUI{Passphrase: u.Passphrase} key, err := getMySecretKey( tc.G, secretUI, libkb.DeviceEncryptionKeyType, "test") if err != nil { t.Fatal(err) } kp, ok := key.(libkb.NaclDHKeyPair) if !ok || kp.Private == nil { t.Fatalf("unexpected key %v", key) } peerKp, err := libkb.GenerateNaclDHKeyPair() if err != nil { t.Fatal(err) } expectedBytes32 := keybase1.Bytes32{0, 1, 2, 3, 4, 5} nonce := [24]byte{6, 7, 8, 9, 10} peersPublicKey := keybase1.BoxPublicKey(peerKp.Public) encryptedData := box.Seal(nil, expectedBytes32[:], &nonce, (*[32]byte)(&kp.Public), (*[32]byte)(peerKp.Private)) var encryptedBytes32 keybase1.EncryptedBytes32 if len(encryptedBytes32) != len(encryptedData) { t.Fatalf("Expected %d bytes, got %d", len(encryptedBytes32), len(encryptedData)) } copy(encryptedBytes32[:], encryptedData) bytes32, err := UnboxBytes32(tc.G, secretUI, keybase1.UnboxBytes32Arg{ EncryptedBytes32: encryptedBytes32, Nonce: nonce, PeersPublicKey: peersPublicKey, }) if err != nil { t.Fatal(err) } if bytes32 != expectedBytes32 { t.Errorf("expected %s, got %s", expectedBytes32, bytes32) } }
// MakeRandomTLFKeys implements the Crypto interface for CryptoCommon. func (c *CryptoCommon) MakeRandomTLFKeys() ( tlfPublicKey TLFPublicKey, tlfPrivateKey TLFPrivateKey, tlfEphemeralPublicKey TLFEphemeralPublicKey, tlfEphemeralPrivateKey TLFEphemeralPrivateKey, tlfCryptKey TLFCryptKey, err error) { defer func() { if err != nil { tlfPublicKey = TLFPublicKey{} tlfPrivateKey = TLFPrivateKey{} tlfEphemeralPublicKey = TLFEphemeralPublicKey{} tlfEphemeralPrivateKey = TLFEphemeralPrivateKey{} tlfCryptKey = TLFCryptKey{} } }() publicKey, privateKey, err := box.GenerateKey(rand.Reader) if err != nil { return } tlfPublicKey = MakeTLFPublicKey(*publicKey) tlfPrivateKey = MakeTLFPrivateKey(*privateKey) keyPair, err := libkb.GenerateNaclDHKeyPair() if err != nil { return } tlfEphemeralPublicKey = MakeTLFEphemeralPublicKey(keyPair.Public) tlfEphemeralPrivateKey = MakeTLFEphemeralPrivateKey(*keyPair.Private) err = cryptoRandRead(tlfCryptKey.data[:]) if err != nil { return } return }
func (e *DeviceKeygen) setup(ctx *Context) { if e.runErr != nil { return } signArg := e.newNaclArg(ctx, func() (libkb.NaclKeyPair, error) { kp, err := libkb.GenerateNaclSigningKeyPair() if err != nil { return nil, err } return kp, nil }, libkb.NaclEdDSAExpireIn) e.naclSignGen = libkb.NewNaclKeyGen(signArg) encArg := e.newNaclArg(ctx, func() (libkb.NaclKeyPair, error) { kp, err := libkb.GenerateNaclDHKeyPair() if err != nil { return nil, err } return kp, nil }, libkb.NaclDHExpireIn) e.naclEncGen = libkb.NewNaclKeyGen(encArg) }
// HandleDidCounterSign implements HandleDidCounterSign in // kex2.Provisionee interface. func (e *Kex2Provisionee) HandleDidCounterSign(sig []byte) (err error) { e.G().Log.Debug("+ HandleDidCounterSign()") defer func() { e.G().Log.Debug("- HandleDidCounterSign() -> %s", libkb.ErrToOk(err)) }() e.G().Log.Debug("HandleDidCounterSign sig: %s", string(sig)) // load self user (to load merkle root) _, err = libkb.LoadUser(libkb.NewLoadUserByNameArg(e.G(), e.username)) if err != nil { return err } // decode sig decSig, err := e.decodeSig(sig) if err != nil { return err } e.dh, err = libkb.GenerateNaclDHKeyPair() if err != nil { return err } // make a keyproof for the dh key, signed w/ e.eddsa dhSig, dhSigID, err := e.dhKeyProof(e.dh, decSig.eldestKID, decSig.seqno, decSig.linkID) if err != nil { return err } // create the key args for eddsa, dh keys eddsaArgs, err := makeKeyArgs(decSig.sigID, sig, libkb.SibkeyType, e.eddsa, decSig.eldestKID, decSig.signingKID) if err != nil { return err } dhArgs, err := makeKeyArgs(dhSigID, []byte(dhSig), libkb.SubkeyType, e.dh, decSig.eldestKID, e.eddsa.GetKID()) if err != nil { return err } // logged in, so save the login state err = e.saveLoginState() if err != nil { return err } // push the LKS server half err = e.pushLKSServerHalf() if err != nil { return err } // save device and keys locally err = e.localSave() if err != nil { return err } // post the key sigs to the api server err = e.postSigs(eddsaArgs, dhArgs) if err != nil { return err } return err }
func TestCryptoUnboxBytes32AnyPaper(t *testing.T) { tc := SetupEngineTest(t, "crypto") defer tc.Cleanup() u := CreateAndSignupFakeUser(tc, "fu") // create a paper key and cache it ctx := &Context{ LogUI: tc.G.UI.GetLogUI(), LoginUI: &libkb.TestLoginUI{}, SecretUI: u.NewSecretUI(), } peng := NewPaperKey(tc.G) if err := RunEngine(peng, ctx); err != nil { t.Fatal(err) } err := tc.G.LoginState().Account(func(a *libkb.Account) { a.SetUnlockedPaperKey(peng.SigKey(), peng.EncKey()) }, "TestCryptoUnboxBytes32AnyPaper") key := peng.EncKey() kp, ok := key.(libkb.NaclDHKeyPair) if !ok { t.Fatalf("paper enc key type: %T, expected libkb.NaclDHKeyPair", key) } if kp.Private == nil { t.Fatalf("paper enc key has nil private key") } peerKp, err := libkb.GenerateNaclDHKeyPair() if err != nil { t.Fatal(err) } expectedBytes32 := keybase1.Bytes32{0, 1, 2, 3, 4, 5} nonce := [24]byte{6, 7, 8, 9, 10} peersPublicKey := keybase1.BoxPublicKey(peerKp.Public) encryptedData := box.Seal(nil, expectedBytes32[:], &nonce, (*[32]byte)(&kp.Public), (*[32]byte)(peerKp.Private)) var encryptedBytes32 keybase1.EncryptedBytes32 if len(encryptedBytes32) != len(encryptedData) { t.Fatalf("Expected %d bytes, got %d", len(encryptedBytes32), len(encryptedData)) } copy(encryptedBytes32[:], encryptedData) _, err = UnboxBytes32(tc.G, u.NewSecretUI(), keybase1.UnboxBytes32Arg{ EncryptedBytes32: encryptedBytes32, Nonce: nonce, PeersPublicKey: peersPublicKey, }) // this should fail if err == nil { t.Fatal("UnboxBytes32 worked with paper key encrypted data") } if _, ok := err.(libkb.DecryptionError); !ok { t.Fatalf("error %T, expected libkb.DecryptionError", err) } // this should work arg := keybase1.UnboxBytes32AnyArg{ Bundles: []keybase1.CiphertextBundle{ {Kid: kp.GetKID(), Ciphertext: encryptedBytes32, Nonce: nonce}, }, PeersPublicKey: peersPublicKey, } res, err := UnboxBytes32Any(tc.G, u.NewSecretUI(), arg) if err != nil { t.Fatal(err) } if res.Plaintext != expectedBytes32 { t.Errorf("UnboxBytes32Any plaintext: %x, expected %x", res.Plaintext, expectedBytes32) } if res.Kid.IsNil() { t.Errorf("UnboxBytes32Any kid is nil") } // clear the paper key cache to test getting a paper key via UI err = tc.G.LoginState().Account(func(a *libkb.Account) { a.ClearCachedSecretKeys() }, "TestCryptoUnboxBytes32AnyPaper") if err != nil { t.Fatal(err) } // set the passphrase in the secretUI to the paper key secretUI := u.NewSecretUI() secretUI.Passphrase = peng.Passphrase() res, err = UnboxBytes32Any(tc.G, secretUI, arg) if err != nil { t.Fatal(err) } if res.Plaintext != expectedBytes32 { t.Errorf("UnboxBytes32Any plaintext: %x, expected %x", res.Plaintext, expectedBytes32) } if res.Kid.IsNil() { t.Errorf("UnboxBytes32Any kid is nil") } }
// Test that CryptoHandler.UnboxBytes32() decrypts a boxed 32-byte // array correctly. func TestCryptoUnboxBytes32(t *testing.T) { tc := SetupEngineTest(t, "crypto") defer tc.Cleanup() u := CreateAndSignupFakeUser(tc, "fu") f := func() libkb.SecretUI { return &libkb.TestSecretUI{Passphrase: u.Passphrase} } key, err := getMySecretKey( tc.G, f, libkb.DeviceEncryptionKeyType, "test") if err != nil { t.Fatal(err) } kp, ok := key.(libkb.NaclDHKeyPair) if !ok || kp.Private == nil { t.Fatalf("unexpected key %v", key) } peerKp, err := libkb.GenerateNaclDHKeyPair() if err != nil { t.Fatal(err) } expectedBytes32 := keybase1.Bytes32{0, 1, 2, 3, 4, 5} nonce := [24]byte{6, 7, 8, 9, 10} peersPublicKey := keybase1.BoxPublicKey(peerKp.Public) encryptedData := box.Seal(nil, expectedBytes32[:], &nonce, (*[32]byte)(&kp.Public), (*[32]byte)(peerKp.Private)) var encryptedBytes32 keybase1.EncryptedBytes32 if len(encryptedBytes32) != len(encryptedData) { t.Fatalf("Expected %d bytes, got %d", len(encryptedBytes32), len(encryptedData)) } copy(encryptedBytes32[:], encryptedData) bytes32, err := UnboxBytes32(tc.G, f, keybase1.UnboxBytes32Arg{ EncryptedBytes32: encryptedBytes32, Nonce: nonce, PeersPublicKey: peersPublicKey, }) if err != nil { t.Fatal(err) } if bytes32 != expectedBytes32 { t.Errorf("expected %s, got %s", expectedBytes32, bytes32) } // also test UnboxBytes32Any: arg := keybase1.UnboxBytes32AnyArg{ Bundles: []keybase1.CiphertextBundle{ {Kid: kp.GetKID(), Ciphertext: encryptedBytes32, Nonce: nonce, PublicKey: peersPublicKey}, }, } res, err := UnboxBytes32Any(tc.G, f, arg) if err != nil { t.Fatal(err) } if res.Plaintext != expectedBytes32 { t.Errorf("UnboxBytes32Any plaintext: %x, expected %x", res.Plaintext, expectedBytes32) } if res.Kid.IsNil() { t.Errorf("UnboxBytes32Any kid is nil") } }