-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generate private key #7
Comments
And a test is found here: https://github.com/nextcloud/android/blob/2a7da670369069ba12d7e21ca49ebfcab39051d7/src/androidTest/java/com/owncloud/android/util/EncryptionTestIT.java#L134-L134 It is rather long, but I wanted to use a real example and not "only" some random strings. 12 word mnemonic:
privateKeyString:
encrypted:
|
Thanks !! @tobiasKaminsky !! |
@tobiasKaminsky , first step : PBKDF2WithHmacSHA1 salt = $4$YmBjm3hk$Qb74D5IUYwghUmzsMqeNFx5z0/8$ secretKey output : NknhSReUhcuSY2u+pEIgLPl+h8Bhore3JPHPhbDVqFlYH8xJACwuKRKlmglp0Z9WMH2QJMyoFIYKbmVT4UAOVyud9+LMvfwvjNsTV5qzk2IfEWn1WdqvuNW4deDRAw440yrt49dqUQWR98we9HlxI16fGbRf/7cPneIxG3V7P2c32yqo4YIXdgO2xBx8QuVMnDeZWvdloVjqIf+xsDeFrAvi91ubYlnpBCnta1LyBI7Dxv2cUDTlmC0jz+Z+PPZAGATv6G471xcTLlPzxzhckLNm8Bt2s5+EBhRVvT1q2KVvIBrs/PpkLMxlIWjIS7j8QDqsYIg4708POqELPjeaoQ== Confirm ? This output is the key for AES/GCM/NoPadding , but IV ? |
Oh, yeah, I forgot this: |
@tobiasKaminsky I have ended this, server response with 200. Status :
and now ? for make test if is all correct ? before Metadata struct for directory/files encr ? |
If you create a new user and send me the 12 word mnenomic I can try to use it on android. |
I have use your mnemonic : moreovertelevisionfactorytendencyindependenceinternationalintellectualimpressinterestvolunteer User : nc |
Cool. Now we know that android -> iOS works. |
@tobiasKaminsky a question, when "Assume that no key pair exists on the server" the mnemonic is automatically create from client ( BIP39) and "displayed" to the user with the possibility to displayed next from password-touchID from keychain etc ? |
I present the mnemonic during inital setup within the app. |
@tobiasKaminsky where is in Android the function(s) for test key pair from server + mnemonic ? Thanks -- DONE -- New request @tobiasKaminsky, detail of : -3- Get public system key from server to validate the signature of the users public key. Thanks |
@tobiasKaminsky on your Server is not possible create file/folder .... please check Thanks a lot |
@tobiasKaminsky @marinofaggiana the flow should/can be the same on iOS as it is on Android. :) |
@jancborchardt maybe yes ... maybe no 😄 |
Exists an issue from the encrypt aes_256_gcm from Android and OpenSSL (iOS) see code : |
Decrypt now is OK arggggggggg --> decode64 for a PEM ! -1- Why Android ecode64 a privateKey in pem format ? this is needless |
It is not PEM. It base64 DER. |
publicKey in PEM and privateKey in DER ? for me is better ONLY pem no DER |
@LukasReschke @tobiasKaminsky I have no preference here. And the spec is incomplete. But sticking to 1 format seems indeed best. |
The decryptAsymmetricData required PEM format : RSA *rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, 0, NULL); as encryptAsymmetricString required publicKey in PEM format : unsigned char *pKey = (unsigned char *)[publicKey UTF8String]; // Extract real publicKey |
Well this is just the implementation you use, there is also a bunch of other functions that take other formats. The openssl EVP allows keys in almost any format. (See d2i_PrivateKey_bio etc). Anyway, as I said. I don't have a preference but lets wait for the others involved to comment as well. |
oh yes yes but for me only 1 format :-) |
I can change android side to store the private key as pem on the server:
|
Thanks Tobi, when done can you recreate on server (marino user) the new certificate ? |
Done, new passphrase is: domainponyremindtenfalltoiletdollsuncleversharevehiclesoldier |
thx |
ok @tobiasKaminsky done but why encode base64 the privateKey ? |
privateKey.getEncoded() is a byte array (byte[]), so this cannot be directly printed as pem. |
PEM format is base64, why base64 again ? convert you array byte in normal string UTF8 |
Simply transforming a byte[] to string results in:
I think I am now according to PEM format?
|
Client generates a 12 word long mnemonic from the english BIP-0039 word list. The word list contains 2048 words, thus resulting in 2048^12 possible key combinations.
-OK [done]
Client encrypts the private key using AES/GCM/NoPadding as cipher (128 bit key size) and uses PBKDF2WithHmacSHA1 as key derivation, as password the in step 1 generated mnemonic is used.
@tobiasKaminsky can I see this step on your code and and example of step for check ?
Thanksssssssss 🔒
The text was updated successfully, but these errors were encountered: