Skip to content

Instantly share code, notes, and snippets.

@AljoschaMeyer
Last active June 5, 2017 18:21
Show Gist options
  • Save AljoschaMeyer/d8766ce2ee6bc8e1e20194567863f25c to your computer and use it in GitHub Desktop.
Save AljoschaMeyer/d8766ce2ee6bc8e1e20194567863f25c to your computer and use it in GitHub Desktop.
Generate minimal test data for secret-handshake
{"app":{"type":"Buffer","data":[52,185,47,13,238,73,54,193,180,19,66,202,191,136,67,66,207,130,141,57,155,24,157,10,109,135,81,181,218,83,45,48]},"client_pub":{"type":"Buffer","data":[205,114,202,57,38,184,63,222,144,155,64,179,144,197,229,104,203,61,147,95,133,75,69,81,114,149,95,100,152,202,196,229]},"client_sec":{"type":"Buffer","data":[113,68,145,235,255,76,78,208,78,118,201,180,137,97,236,25,175,200,166,106,242,242,232,76,25,143,73,127,1,32,29,173,205,114,202,57,38,184,63,222,144,155,64,179,144,197,229,104,203,61,147,95,133,75,69,81,114,149,95,100,152,202,196,229]},"client_eph_pub":{"type":"Buffer","data":[5,183,99,118,32,105,120,85,99,217,136,206,182,220,187,54,53,38,182,52,146,127,126,36,34,252,151,147,154,206,118,63]},"client_eph_sec":{"type":"Buffer","data":[64,228,231,100,36,145,174,8,56,182,83,77,150,44,120,250,125,72,251,41,5,24,16,209,57,53,192,149,157,160,83,64]},"server_pub":{"type":"Buffer","data":[102,24,108,176,85,212,227,58,158,129,206,237,133,175,164,37,166,135,224,46,113,177,173,46,53,39,0,225,25,84,59,74]},"server_sec":{"type":"Buffer","data":[251,34,151,9,220,202,131,159,47,191,231,140,69,35,64,39,121,125,198,227,58,64,111,99,217,114,144,179,1,44,49,128,102,24,108,176,85,212,227,58,158,129,206,237,133,175,164,37,166,135,224,46,113,177,173,46,53,39,0,225,25,84,59,74]},"server_eph_pub":{"type":"Buffer","data":[69,226,136,97,196,24,35,59,212,84,105,37,118,164,231,212,229,138,42,222,86,186,66,96,232,33,165,250,142,100,21,85]},"server_eph_sec":{"type":"Buffer","data":[96,220,145,160,75,238,60,249,94,224,237,116,146,42,95,70,247,124,208,82,128,161,236,75,131,234,115,89,88,17,46,114]}}
{"client_challenge":{"type":"Buffer","data":[16,236,189,145,82,186,50,188,176,82,100,1,0,25,137,10,110,135,60,106,30,0,200,181,217,238,157,87,157,142,192,248,5,183,99,118,32,105,120,85,99,217,136,206,182,220,187,54,53,38,182,52,146,127,126,36,34,252,151,147,154,206,118,63]},"server_challenge":{"type":"Buffer","data":[151,225,223,62,183,3,34,99,45,127,85,62,135,137,170,153,87,20,146,205,38,238,176,99,196,29,116,183,108,138,249,214,69,226,136,97,196,24,35,59,212,84,105,37,118,164,231,212,229,138,42,222,86,186,66,96,232,33,165,250,142,100,21,85]},"client_auth":{"type":"Buffer","data":[29,229,57,48,99,21,161,197,142,157,144,145,8,147,207,54,237,197,104,60,22,253,174,13,122,106,100,227,191,236,26,1,37,104,100,190,32,102,167,67,223,64,8,58,96,89,73,102,125,21,99,178,69,39,120,250,43,63,88,218,62,118,143,46,15,69,177,197,199,185,5,84,178,93,52,75,157,17,117,152,177,29,236,117,8,144,158,151,22,58,214,125,66,65,187,6,130,63,241,38,63,66,186,68,100,169,193,135,16,140,214,47]},"server_accept":{"type":"Buffer","data":[124,108,117,181,31,45,100,215,72,113,137,243,125,67,113,170,0,135,107,219,2,2,111,60,182,108,217,69,201,58,102,85,231,91,84,108,138,168,59,134,63,76,11,6,206,44,80,94,41,236,160,60,81,28,81,189,183,110,81,70,124,114,98,43,153,36,143,238,145,82,117,31,156,248,216,255,77,61,125,123]},"client_enc_key":{"type":"Buffer","data":[75,190,32,14,217,91,85,221,190,145,77,15,207,199,95,3,212,191,156,255,231,87,48,65,201,66,187,229,190,121,186,190]},"client_enc_nonce":{"type":"Buffer","data":[151,225,223,62,183,3,34,99,45,127,85,62,135,137,170,153,87,20,146,205,38,238,176,99]},"client_dec_key":{"type":"Buffer","data":[122,27,103,250,50,15,22,66,242,248,12,49,66,153,176,183,77,244,9,59,125,241,47,121,110,107,191,152,103,248,65,33]},"client_dec_nonce":{"type":"Buffer","data":[16,236,189,145,82,186,50,188,176,82,100,1,0,25,137,10,110,135,60,106,30,0,200,181]},"server_enc_key":{"type":"Buffer","data":[122,27,103,250,50,15,22,66,242,248,12,49,66,153,176,183,77,244,9,59,125,241,47,121,110,107,191,152,103,248,65,33]},"server_enc_nonce":{"type":"Buffer","data":[16,236,189,145,82,186,50,188,176,82,100,1,0,25,137,10,110,135,60,106,30,0,200,181]},"server_dec_key":{"type":"Buffer","data":[75,190,32,14,217,91,85,221,190,145,77,15,207,199,95,3,212,191,156,255,231,87,48,65,201,66,187,229,190,121,186,190]},"server_dec_nonce":{"type":"Buffer","data":[151,225,223,62,183,3,34,99,45,127,85,62,135,137,170,153,87,20,146,205,38,238,176,99]}}
// The data used in the test of the C implementation.
const sodium = require('chloride');
const crypto = require('secret-handshake/crypto');
const random = require('secret-handshake/random');
const initClientState = (app_key, clientKeypair, server_pub, rnd) => {
return crypto.initialize({
app_key,
local: {
publicKey: clientKeypair.publicKey,
secretKey: clientKeypair.secretKey,
},
remote: {
publicKey: server_pub
},
random: rnd
});
};
const initServerState = (app_key, serverKeypair, rnd) => {
return crypto.initialize({
app_key,
local: {
publicKey: serverKeypair.publicKey,
secretKey: serverKeypair.secretKey,
},
random: rnd
});
}
const _clientRand = random(32);
const _serverRand = random(32);
const clientKeypair = {
publicKey: Buffer.from([225,162,73,136,73,119,94,84,208,102,233,120,23,46,225,245,198,79,176,0,151,208,70,146,111,23,94,101,25,192,30,35]),
secretKey: Buffer.from([243,168,6,50,44,78,192,183,210,241,189,36,183,154,132,119,115,84,47,151,32,32,26,237,64,180,69,20,95,133,92,176,225,162,73,136,73,119,94,84,208,102,233,120,23,46,225,245,198,79,176,0,151,208,70,146,111,23,94,101,25,192,30,35])
};
const serverKeypair = {
publicKey: Buffer.from([42,190,113,153,16,248,187,195,163,201,187,204,86,238,66,151,52,115,160,4,244,1,12,76,170,129,66,12,202,54,1,70]),
secretKey: Buffer.from([118,98,17,77,86,116,58,146,99,84,198,164,35,220,73,213,246,224,242,230,175,116,71,218,56,37,212,66,163,14,74,209,42,190,113,153,16,248,187,195,163,201,187,204,86,238,66,151,52,115,160,4,244,1,12,76,170,129,66,12,202,54,1,70])
};
const app = Buffer.from([111,97,159,86,19,13,53,115,66,209,32,84,255,140,143,85,157,74,32,154,156,90,29,185,141,19,184,255,104,107,124,198]);
let clientState = initClientState(app, clientKeypair, serverKeypair.publicKey, _clientRand);
let serverState = initServerState(app, serverKeypair, _serverRand);
clientState.local.kx_pk = Buffer.from([79,79,77,238,254,215,129,197,235,41,185,208,47,32,146,37,255,237,208,215,182,92,201,106,85,86,157,41,53,165,177,32]);
clientState.local.kx_sk = Buffer.from([80,169,55,157,134,142,219,152,125,240,174,209,225,109,46,188,97,224,193,187,198,58,226,193,24,235,213,214,49,55,213,104]);
clientState.local.app_mac = sodium.crypto_auth(clientState.local.kx_pk, app);
serverState.local.kx_pk = Buffer.from([166,12,63,218,235,136,61,99,232,142,165,147,88,93,79,177,23,148,129,57,179,24,192,174,90,62,40,83,51,9,97,82]);
serverState.local.kx_sk = Buffer.from([176,248,210,185,226,76,162,153,239,144,57,206,218,97,2,215,155,5,223,189,22,28,137,85,228,233,93,79,217,203,63,125]);
serverState.local.app_mac = sodium.crypto_auth(serverState.local.kx_pk, app);
// console.log(clientState);
const inputs = {
app: app,
client_pub: Buffer.from(clientState.local.publicKey),
client_sec: Buffer.from(clientState.local.secretKey),
client_eph_pub: Buffer.from(clientState.local.kx_pk),
client_eph_sec: Buffer.from(clientState.local.kx_sk),
server_pub: Buffer.from(serverState.local.publicKey),
server_sec: Buffer.from(serverState.local.secretKey),
server_eph_pub: Buffer.from(serverState.local.kx_pk),
server_eph_sec: Buffer.from(serverState.local.kx_sk)
}
const client_challenge = crypto.createChallenge(clientState);
serverState = crypto.verifyChallenge(serverState, client_challenge);
const server_challenge = crypto.createChallenge(serverState);
clientState = crypto.clientVerifyChallenge(clientState, server_challenge);
const client_auth = crypto.clientCreateAuth(clientState);
serverState = crypto.serverVerifyAuth(serverState, client_auth);
console.log(serverState);
const server_accept = crypto.serverCreateAccept(serverState);
clientState = crypto.clientVerifyAccept(clientState, server_accept);
crypto.clean(clientState);
crypto.clean(serverState);
const results = {
client_challenge,
server_challenge,
client_auth,
server_accept,
client_enc_key: clientState.encryptKey,
client_enc_nonce: clientState.remote.app_mac.slice(0, 24),
client_dec_key: clientState.decryptKey,
client_dec_nonce: clientState.local.app_mac.slice(0, 24),
server_enc_key: serverState.encryptKey,
server_enc_nonce: serverState.remote.app_mac.slice(0, 24),
server_dec_key: serverState.decryptKey,
server_dec_nonce: serverState.local.app_mac.slice(0, 24),
};
console.log(JSON.stringify(inputs));
console.log();
console.log(JSON.stringify(results));
// A little script to generate test data for secret-handshake. Unlike the test vectors,
// this does not expose any details of the crypto state. It simply prints all observable
// data produced by certain input data.
//
// data.json contains a sample output
const sodium = require('chloride');
const crypto = require('secret-handshake/crypto');
const random = require('secret-handshake/random');
const initClientState = (app_key, clientKeypair, server_pub, rnd) => {
return crypto.initialize({
app_key,
local: {
publicKey: clientKeypair.publicKey,
secretKey: clientKeypair.secretKey,
},
remote: {
publicKey: server_pub
},
random: rnd
});
};
const initServerState = (app_key, serverKeypair, rnd) => {
return crypto.initialize({
app_key,
local: {
publicKey: serverKeypair.publicKey,
secretKey: serverKeypair.secretKey,
},
random: rnd
});
}
const _clientRand = random(32);
const _serverRand = random(32);
const clientKeypair = sodium.crypto_sign_keypair();
const serverKeypair = sodium.crypto_sign_keypair();
const app = random(32);
let clientState = initClientState(app, clientKeypair, serverKeypair.publicKey, _clientRand);
let serverState = initServerState(app, serverKeypair, _serverRand);
const inputs = {
app: app,
client_pub: Buffer.from(clientState.local.publicKey),
client_sec: Buffer.from(clientState.local.secretKey),
client_eph_pub: Buffer.from(clientState.local.kx_pk),
client_eph_sec: Buffer.from(clientState.local.kx_sk),
server_pub: Buffer.from(serverState.local.publicKey),
server_sec: Buffer.from(serverState.local.secretKey),
server_eph_pub: Buffer.from(serverState.local.kx_pk),
server_eph_sec: Buffer.from(serverState.local.kx_sk)
}
const client_challenge = crypto.createChallenge(clientState);
serverState = crypto.verifyChallenge(serverState, client_challenge);
const server_challenge = crypto.createChallenge(serverState);
clientState = crypto.clientVerifyChallenge(clientState, server_challenge);
const client_auth = crypto.clientCreateAuth(clientState);
serverState = crypto.serverVerifyAuth(serverState, client_auth);
const server_accept = crypto.serverCreateAccept(serverState);
clientState = crypto.clientVerifyAccept(clientState, server_accept);
crypto.clean(clientState);
crypto.clean(serverState);
const results = {
client_challenge,
server_challenge,
client_auth,
server_accept,
client_enc_key: clientState.encryptKey,
client_enc_nonce: clientState.remote.app_mac.slice(0, 24),
client_dec_key: clientState.decryptKey,
client_dec_nonce: clientState.local.app_mac.slice(0, 24),
server_enc_key: serverState.encryptKey,
server_enc_nonce: serverState.remote.app_mac.slice(0, 24),
server_dec_key: serverState.decryptKey,
server_dec_nonce: serverState.local.app_mac.slice(0, 24),
};
console.log(JSON.stringify(inputs));
console.log();
console.log(JSON.stringify(results));
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment