Class: Rmega::Session
- Inherits:
-
Object
- Object
- Rmega::Session
- Extended by:
- Crypto
- Includes:
- Crypto, Loggable, Net, NotInspectable, Options
- Defined in:
- lib/rmega/session.rb
Instance Attribute Summary collapse
-
#master_key ⇒ Object
Returns the value of attribute master_key.
-
#request_id ⇒ Object
readonly
Returns the value of attribute request_id.
-
#rsa_privk ⇒ Object
readonly
Returns the value of attribute rsa_privk.
-
#shared_keys ⇒ Object
readonly
Returns the value of attribute shared_keys.
-
#sid ⇒ Object
readonly
Returns the value of attribute sid.
Class Method Summary collapse
Instance Method Summary collapse
- #decrypt_rsa_private_key(encrypted_privk) ⇒ Object
- #decrypt_session_id(csid) ⇒ Object
- #ephemeral_login(user_handle, password) ⇒ Object
- #hash_password(password) ⇒ Object
-
#initialize ⇒ Session
constructor
A new instance of Session.
-
#login(email, password) ⇒ Object
If the user_hash is found on the server it returns: * The user master_key (128 bit for AES) encrypted with the password_hash * The RSA private key ecrypted with the master_key * A brand new session_id encrypted with the RSA private key.
- #random_request_id ⇒ Object
- #request(body, query_params = {}) ⇒ Object
- #request_url(params = {}) ⇒ Object
- #storage ⇒ Object
- #user_hash(aes_key, email) ⇒ Object
Methods included from Crypto::Rsa
Methods included from Crypto::AesCtr
#aes_ctr_cipher, #aes_ctr_decrypt, #aes_ctr_encrypt
Methods included from Crypto::AesEcb
#aes_ecb_cipher, #aes_ecb_decrypt, #aes_ecb_encrypt
Methods included from Crypto::AesCbc
#aes_cbc_cipher, #aes_cbc_decrypt, #aes_cbc_encrypt, #aes_cbc_mac
Methods included from Options
Methods included from Net
#http_get_content, #http_post, #survive
Methods included from Loggable
Methods included from NotInspectable
Constructor Details
#initialize ⇒ Session
Returns a new instance of Session.
13 14 15 16 |
# File 'lib/rmega/session.rb', line 13 def initialize @request_id = random_request_id @shared_keys = {} end |
Instance Attribute Details
#master_key ⇒ Object
Returns the value of attribute master_key.
11 12 13 |
# File 'lib/rmega/session.rb', line 11 def master_key @master_key end |
#request_id ⇒ Object (readonly)
Returns the value of attribute request_id.
10 11 12 |
# File 'lib/rmega/session.rb', line 10 def request_id @request_id end |
#rsa_privk ⇒ Object (readonly)
Returns the value of attribute rsa_privk.
10 11 12 |
# File 'lib/rmega/session.rb', line 10 def rsa_privk @rsa_privk end |
#shared_keys ⇒ Object (readonly)
Returns the value of attribute shared_keys.
10 11 12 |
# File 'lib/rmega/session.rb', line 10 def shared_keys @shared_keys end |
#sid ⇒ Object (readonly)
Returns the value of attribute sid.
10 11 12 |
# File 'lib/rmega/session.rb', line 10 def sid @sid end |
Class Method Details
.ephemeral ⇒ Object
136 137 138 139 140 141 142 143 144 145 146 147 148 |
# File 'lib/rmega/session.rb', line 136 def self.ephemeral master_key = OpenSSL::Random.random_bytes(16) password = OpenSSL::Random.random_bytes(16) password_hash = hash_password(password) challenge = OpenSSL::Random.random_bytes(16) session = new user_handle = session.request(a: 'up', k: Utils.base64urlencode(aes_ecb_encrypt(password_hash, master_key)), ts: Utils.base64urlencode(challenge + aes_ecb_encrypt(master_key, challenge))) return session.ephemeral_login(user_handle, password) end |
.hash_password(password) ⇒ Object
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'lib/rmega/session.rb', line 42 def self.hash_password(password) pwd = password.dup.force_encoding('BINARY') pkey = "\x93\xc4\x67\xe3\x7d\xb0\xc7\xa4\xd1\xbe\x3f\x81\x1\x52\xcb\x56".force_encoding('BINARY') null_byte = "\x0".force_encoding('BINARY').freeze blank = (null_byte*16).force_encoding('BINARY').freeze keys = {} 65536.times do (0..pwd.size-1).step(16) do |j| keys[j] ||= begin key = blank.dup 16.times { |i| key[i] = pwd[i+j] || null_byte if i+j < pwd.size } key end pkey = aes_ecb_encrypt(keys[j], pkey) end end return pkey end |
Instance Method Details
#decrypt_rsa_private_key(encrypted_privk) ⇒ Object
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/rmega/session.rb', line 22 def decrypt_rsa_private_key(encrypted_privk) privk = aes_ecb_decrypt(@master_key, Utils.base64urldecode(encrypted_privk)) # Decompose private key decomposed_key = [] 4.times do len = ((privk[0].ord * 256 + privk[1].ord + 7) >> 3) + 2 privk_part = privk[0, len] decomposed_key << Utils.string_to_bignum(privk[0..len-1][2..-1]) privk = privk[len..-1] end return decomposed_key end |
#decrypt_session_id(csid) ⇒ Object
65 66 67 68 69 70 71 72 73 |
# File 'lib/rmega/session.rb', line 65 def decrypt_session_id(csid) csid = Utils.base64_mpi_to_bn(csid) csid = rsa_decrypt(csid, @rsa_privk) csid = csid.to_s(16) csid = '0' + csid if csid.length % 2 > 0 csid = Utils.hexstr_to_bstr(csid)[0,43] csid = Utils.base64urlencode(csid) return csid end |
#ephemeral_login(user_handle, password) ⇒ Object
123 124 125 126 127 128 129 130 131 132 133 134 |
# File 'lib/rmega/session.rb', line 123 def ephemeral_login(user_handle, password) resp = request(a: 'us', user: user_handle) password_hash = hash_password(password) @master_key = aes_cbc_decrypt(password_hash, Utils.base64urldecode(resp['k'])) @sid = resp['tsid'] @rsa_privk = nil @shared_keys = {} return self end |
#hash_password(password) ⇒ Object
38 39 40 |
# File 'lib/rmega/session.rb', line 38 def hash_password(password) self.class.hash_password(password) end |
#login(email, password) ⇒ Object
If the user_hash is found on the server it returns:
-
The user master_key (128 bit for AES) encrypted with the password_hash
-
The RSA private key ecrypted with the master_key
-
A brand new session_id encrypted with the RSA private key
89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
# File 'lib/rmega/session.rb', line 89 def login(email, password) # discover the version of the account (1: old accounts, >=2: newer accouts) resp = request(a: 'us0', user: email.strip) account_version = resp["v"].to_i # Derive an hash from the user password if account_version == 1 password_hash = hash_password(password) u_hash = user_hash(password_hash, email.strip.downcase) else df2 = PBKDF2.new( :password => password, :salt => Utils.base64urldecode(resp['s']), :iterations => 100000, :hash_function => :sha512, :key_length => 16 * 2, ).bin_string password_hash = df2[0,16] u_hash = Utils.base64urlencode(df2[16,32]) end # Send the login request req = {a: 'us', user: email.strip, uh: u_hash} req[:sek] = Utils.base64urlencode(SecureRandom.random_bytes(16)) if account_version != 1 resp = request(req) @master_key = aes_cbc_decrypt(password_hash, Utils.base64urldecode(resp['k'])) @rsa_privk = decrypt_rsa_private_key(resp['privk']) @sid = decrypt_session_id(resp['csid']) @shared_keys = {} return self end |
#random_request_id ⇒ Object
150 151 152 |
# File 'lib/rmega/session.rb', line 150 def random_request_id rand(1E7..1E9).to_i end |
#request(body, query_params = {}) ⇒ Object
162 163 164 165 166 167 168 169 170 171 172 |
# File 'lib/rmega/session.rb', line 162 def request(body, query_params = {}) survive do @request_id += 1 api_response = APIResponse.new(http_post(request_url(query_params), [body].to_json)) if api_response.ok? return(api_response.as_json) else raise(api_response.as_error) end end end |
#request_url(params = {}) ⇒ Object
154 155 156 157 158 159 160 |
# File 'lib/rmega/session.rb', line 154 def request_url(params = {}) params = params.merge(sid: @sid) if @sid params = params.to_a.map { |a| a.join("=") }.join("&") params = "&#{params}" unless params.empty? return "#{.api_url}?id=#{@request_id}#{params}" end |
#storage ⇒ Object
18 19 20 |
# File 'lib/rmega/session.rb', line 18 def storage @storage ||= Storage.new(self) end |
#user_hash(aes_key, email) ⇒ Object
75 76 77 78 79 80 81 82 83 |
# File 'lib/rmega/session.rb', line 75 def user_hash(aes_key, email) s_bytes = email.bytes.to_a hash = Array.new(16, 0) s_bytes.size.times { |n| hash[n & 15] = hash[n & 15] ^ s_bytes[n] } hash = hash.pack('c*') 16384.times { hash = aes_ecb_encrypt(aes_key, hash) } hash = hash[0..4-1] + hash[8..12-1] return Utils.base64urlencode(hash) end |