Examples with HashedPin org.whispersystems.signalservice.api.kbs.HashedPin used on opensource projects

Example 11 with HashedPin

use of org.whispersystems.signalservice.api.kbs.HashedPin in project Signal-Android by signalapp.

the class PinHashing_hashPin_Test method argon2_hashed_pin_password.

@Test
public void argon2_hashed_pin_password() throws IOException {
    String pin = "password";
    byte[] backupId = Hex.fromStringCondensed("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
    MasterKey masterKey = new MasterKey(Hex.fromStringCondensed("202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f"));
    HashedPin hashedPin = PinHashing.hashPin(pin, () -> backupId);
    KbsData kbsData = hashedPin.createNewKbsData(masterKey);
    assertArrayEquals(hashedPin.getKbsAccessKey(), kbsData.getKbsAccessKey());
    assertArrayEquals(Hex.fromStringCondensed("ab7e8499d21f80a6600b3b9ee349ac6d72c07e3359fe885a934ba7aa844429f8"), kbsData.getKbsAccessKey());
    assertArrayEquals(Hex.fromStringCondensed("3f33ce58eb25b40436592a30eae2a8fabab1899095f4e2fba6e2d0dc43b4a2d9cac5a3931748522393951e0e54dec769"), kbsData.getCipherText());
    assertEquals(masterKey, kbsData.getMasterKey());
    String localPinHash = PinHashing.localPinHash(pin);
    assertTrue(PinHashing.verifyLocalPinHash(localPinHash, pin));
}

Example 12 with HashedPin

use of org.whispersystems.signalservice.api.kbs.HashedPin in project Signal-Android by signalapp.

the class HashedPinKbsDataTest method vectors_decryptKbsDataIVCipherText.

@Test
public void vectors_decryptKbsDataIVCipherText() throws IOException, InvalidCiphertextException {
    for (KbsTestVector vector : getKbsTestVectorList()) {
        HashedPin hashedPin = HashedPin.fromArgon2Hash(vector.getArgon2Hash());
        KbsData kbsData = hashedPin.decryptKbsDataIVCipherText(vector.getIvAndCipher());
        assertArrayEquals(vector.getMasterKey(), kbsData.getMasterKey().serialize());
        assertArrayEquals(vector.getIvAndCipher(), kbsData.getCipherText());
        assertArrayEquals(vector.getKbsAccessKey(), kbsData.getKbsAccessKey());
        assertEquals(vector.getRegistrationLock(), kbsData.getMasterKey().deriveRegistrationLock());
    }
}

Example 13 with HashedPin

use of org.whispersystems.signalservice.api.kbs.HashedPin in project Signal-Android by signalapp.

the class HashedPinKbsDataTest method vectors_createNewKbsData.

@Test
public void vectors_createNewKbsData() throws IOException {
    for (KbsTestVector vector : getKbsTestVectorList()) {
        HashedPin hashedPin = HashedPin.fromArgon2Hash(vector.getArgon2Hash());
        KbsData kbsData = hashedPin.createNewKbsData(MasterKey.createNew(mockRandom(vector.getMasterKey())));
        assertArrayEquals(vector.getMasterKey(), kbsData.getMasterKey().serialize());
        assertArrayEquals(vector.getIvAndCipher(), kbsData.getCipherText());
        assertArrayEquals(vector.getKbsAccessKey(), kbsData.getKbsAccessKey());
        assertEquals(vector.getRegistrationLock(), kbsData.getMasterKey().deriveRegistrationLock());
    }
}

Example 14 with HashedPin

use of org.whispersystems.signalservice.api.kbs.HashedPin in project Signal-Android by signalapp.

the class PinState method setPinOnEnclave.

@WorkerThread
@NonNull
private static KbsPinData setPinOnEnclave(@NonNull KbsEnclave enclave, @NonNull String pin, @NonNull MasterKey masterKey) throws IOException, UnauthenticatedResponseException {
    Log.i(TAG, "Setting PIN on enclave: " + enclave.getEnclaveName());
    KeyBackupService kbs = ApplicationDependencies.getKeyBackupService(enclave);
    KeyBackupService.PinChangeSession pinChangeSession = kbs.newPinChangeSession();
    HashedPin hashedPin = PinHashing.hashPin(pin, pinChangeSession);
    KbsPinData newData = pinChangeSession.setPin(hashedPin, masterKey);
    SignalStore.kbsValues().setKbsMasterKey(newData, pin);
    return newData;
}

Example 15 with HashedPin

use of org.whispersystems.signalservice.api.kbs.HashedPin in project Signal-Android by signalapp.

the class KbsRepository method restoreMasterKeyFromEnclave.

@NonNull
private static KbsPinData restoreMasterKeyFromEnclave(@NonNull KbsEnclave enclave, @NonNull String pin, @NonNull String basicStorageCredentials, @NonNull TokenResponse tokenResponse) throws IOException, KeyBackupSystemWrongPinException, KeyBackupSystemNoDataException {
    KeyBackupService keyBackupService = ApplicationDependencies.getKeyBackupService(enclave);
    KeyBackupService.RestoreSession session = keyBackupService.newRegistrationSession(basicStorageCredentials, tokenResponse);
    try {
        Log.i(TAG, "Restoring pin from KBS");
        HashedPin hashedPin = PinHashing.hashPin(pin, session);
        KbsPinData kbsData = session.restorePin(hashedPin);
        if (kbsData != null) {
            Log.i(TAG, "Found registration lock token on KBS.");
        } else {
            throw new AssertionError("Null not expected");
        }
        return kbsData;
    } catch (UnauthenticatedResponseException | InvalidKeyException e) {
        Log.w(TAG, "Failed to restore key", e);
        throw new IOException(e);
    } catch (KeyBackupServicePinException e) {
        Log.w(TAG, "Incorrect pin", e);
        throw new KeyBackupSystemWrongPinException(e.getToken());
    }
}