Mirror/Novaria
1
0
Fork 0
mirror of https://github.com/raphaeIl/Novaria.git synced 2025-12-14 07:24:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

dh fully works, refactor packet handling stuff

Browse Source
This commit is contained in:
raphaeIl
2025-01-12 19:57:52 -05:00
parent 730fff1545
commit 71f602b7fe
13 changed files with 418 additions and 576 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
Novaria.Common/Crypto/AeadTool.cs
View File

@@ -4,6 +4,8 @@ using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
using Novaria.Common.Util;
//using Mono.Security.Cryptography;
using NSec.Cryptography;
using static System.Runtime.InteropServices.JavaScript.JSType;
@@ -12,10 +14,10 @@ namespace Novaria.Common.Crypto
{
public static class AeadTool
{
public static byte[] CLIENT_PUBLIC_KEY { get; set; }
public static ClientType clientType; // apprently the ike key for pc and mobile is different somehow
public static byte[] PS_REQUEST_NONCE = new byte[12];
public static byte[] PS_PUBLIC_KEY = new byte[96]; // this is my public key, [69, 0, 0, 0, ...., 0, 0, 0, 69], 69s so i actually know i sent it correctly in frida log
public static byte[] PS_PUBLIC_KEY { get => DiffieHellman.Instance.ServerPublicKey.ToByteArray(); }
public static string TOKEN = "seggs"; // hardcoded for now
public static readonly byte[] DEFAULT_SERVERLIST_KEY;
@@ -25,16 +27,6 @@ namespace Novaria.Common.Crypto
public static readonly byte[] associatedData;
public static byte[] GenerateRandomPublicKey()
{
byte[] key = new byte[96];
using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
{
rng.GetBytes(key);
}
return key;
}
public static ReadOnlySpan<byte> AEADMARK
{
get
@@ -47,32 +39,33 @@ namespace Novaria.Common.Crypto
static AeadTool()
{
AeadTool.clientType = ClientType.Mobile;
DEFAULT_SERVERLIST_KEY = new byte[] { 74, 72, 42, 67, 80, 51, 50, 57, 89, 120, 111, 103, 81, 74, 69, 120 };
DEFAULT_SERVERLIST_IV = new byte[] { 225, 92, 61, 72, 193, 89, 3, 64, 50, 61, 50, 145, 59, 128, 99, 72 };
FIRST_IKE_KEY = new byte[] { 51, 76, 83, 57, 38, 111, 89, 100, 115, 112, 94, 53, 119, 105, 56, 38, 90, 120, 67, 35, 99, 55, 77, 90, 103, 55, 51, 104, 98, 69, 68, 119 };
key3 = new byte[32];
if (clientType == ClientType.Mobile)
{
FIRST_IKE_KEY = Encoding.ASCII.GetBytes("3LS9&oYdsp^5wi8&ZxC#c7MZg73hbEDw");
}
else
{
FIRST_IKE_KEY = Encoding.ASCII.GetBytes("#$*;1H&x*)0!@,/OcIe4VbiL[~fLyE7t");
}
associatedData = new byte[13];
// assume AesGcm not supported (frida log)
associatedData[associatedData.Length - 1] = 1;
//byte[] testkey = Encoding.ASCII.GetBytes("#$*;1H&x*)0!@,/OcIe4VbiL[~fLyE7t"); // apprently key different for pc
//[75,49,239,215,37,193,247,16,183,230,183,161,235,3,201,156,64,192,54,208,139,46,144,123,142,80,149,85,161,26,15,195]
//Console.WriteLine("test key" + testkey.Length);
//Utils.Utils.PrintByteArray(testkey);
//Console.WriteLine();
//testkey.CopyTo(FIRST_IKE_KEY, 0);
PS_PUBLIC_KEY[0] = 69;
PS_PUBLIC_KEY[95] = 69;
PS_REQUEST_NONCE[0] = 42;
PS_REQUEST_NONCE[11] = 42;
key3[0] = 111;
key3[31] = 111;
}
public static bool Dencrypt_ChaCha20(Span<byte> result, ReadOnlySpan<byte> key, ReadOnlySpan<byte> nonce, ReadOnlySpan<byte> data, ReadOnlySpan<byte> associatedData)
@@ -81,7 +74,7 @@ namespace Novaria.Common.Crypto
KeyBlobFormat keyBlobFormat = KeyBlobFormat.RawSymmetricKey;
KeyCreationParameters keyCreationParameters = default(KeyCreationParameters);
bool result2;
//System.ArgumentException: 'The length of the plaintext must be equal to the length of the ciphertext minus the tag size. (Parameter
using (Key key2 = Key.Import(chaCha20Poly, key, keyBlobFormat, ref keyCreationParameters))
{
result2 = AeadAlgorithm.ChaCha20Poly1305.Decrypt(key2, nonce, associatedData, data, result);
@@ -141,6 +134,12 @@ namespace Novaria.Common.Crypto
}
}
}
}
public enum ClientType
{
PC,
Mobile,
}
}

41
Novaria.Common/Crypto/DiffieHellman.cs Normal file
View File

@@ -0,0 +1,41 @@
using Novaria.Common.Util;
using System.Numerics;
namespace Novaria.Common.Crypto
{
public class DiffieHellman : Singleton<DiffieHellman>
{
private BigInteger p = BigInteger.Parse("1552518092300708935130918131258481755631334049434514313202351194902966239949102107258669453876591642442910007680288864229150803718918046342632727613031282983744380820890196288509170691316593175367469551763119843371637221007210577919");
private BigInteger g = 2;
private BigInteger spriv = new BigInteger(new byte[] { 1, 2, 3, 4 }); // hardcoded server priv key
public BigInteger ServerPublicKey { get; set; }
public DiffieHellman()
{
//g** Spriv mod p
ServerPublicKey = BigInteger.ModPow(g, spriv, p);
}
public byte[] CalculateKey(byte[] clientPubKey) // server calculates key like this
{
BigInteger clientPubKeyInt = new BigInteger(clientPubKey.Reverse().ToArray());
//Cpub**Spriv mod p
return BigInteger.ModPow(clientPubKeyInt, spriv, p).ToByteArray(true, true)[..32];
}
// this is for pcap parsing use only, officalServerPubKey is in the first IKE response, client priv will be pcaped too
public byte[] CalculateKey(byte[] officalServerPubKey, byte[] officialClientPriv)
{
BigInteger officalServerPubKeyInt = new BigInteger(officalServerPubKey.Reverse().ToArray());
BigInteger officialClientPrivInt = new BigInteger(officialClientPriv.Reverse().ToArray());
BigInteger result = BigInteger.ModPow(officalServerPubKeyInt, officialClientPrivInt, p);
return result.ToByteArray(true, true)[..32];
}
}
}