WIP: Add prompt implementation for service methods lock & unlock

client/src/crypto/native.rs

@@ -86,6 +86,16 @@ pub(crate) fn generate_public_key(private_key: impl AsRef<[u8]>) -> Result<Vec<u
     Ok(public_key_uint.to_bytes_be())
 }
 
+pub(crate) fn generate_public_key_for_secret_exchange(
+    private_key: impl AsRef<[u8]>,
+) -> Result<Vec<u8>, super::Error> {
+    let private_key_uint = BigUint::from_bytes_be(private_key.as_ref());
+    static DH_GENERATOR: LazyLock<BigUint> = LazyLock::new(|| BigUint::from_u64(0x2).unwrap());
+    let public_key_uint = powm_for_secret_exchange(&DH_GENERATOR, private_key_uint);
+
+    Ok(public_key_uint.to_bytes_be())
+}
+
 pub(crate) fn generate_aes_key(
     private_key: impl AsRef<[u8]>,
     server_public_key: impl AsRef<[u8]>,
@@ -115,6 +125,35 @@ pub(crate) fn generate_aes_key(
     Ok(okm)
 }
 
+pub(crate) fn generate_aes_key_for_secret_exchange(
+    private_key: impl AsRef<[u8]>,
+    server_public_key: impl AsRef<[u8]>,
+) -> Result<Zeroizing<Vec<u8>>, super::Error> {
+    let server_public_key_uint = BigUint::from_bytes_be(server_public_key.as_ref());
+    let private_key_uint = BigUint::from_bytes_be(private_key.as_ref());
+    let common_secret = powm_for_secret_exchange(&server_public_key_uint, private_key_uint);
+
+    let mut common_secret_bytes = common_secret.to_bytes_be();
+    let mut common_secret_padded = vec![0; 192 - common_secret_bytes.len()];
+    // inefficient, but ok for now
+    common_secret_padded.append(&mut common_secret_bytes);
+
+    // hkdf
+    // input_keying_material
+    let ikm = common_secret_padded;
+    let salt = None;
+    let info = [];
+
+    // output keying material
+    let mut okm = Zeroizing::new(vec![0; 16]);
+
+    let (_, hk) = Hkdf::<Sha256>::extract(salt, &ikm);
+    hk.expand(&info, okm.as_mut())
+        .expect("hkdf expand should never fail");
+
+    Ok(okm)
+}
+
 pub fn generate_iv() -> Result<Vec<u8>, super::Error> {
     Ok(EncAlg::generate_iv(cipher::rand_core::OsRng).to_vec())
 }
@@ -242,3 +281,39 @@ fn powm(base: &BigUint, mut exp: BigUint) -> BigUint {
 
     result
 }
+
+fn powm_for_secret_exchange(base: &BigUint, mut exp: BigUint) -> BigUint {
+    // for key exchange
+    static DH_PRIME: LazyLock<BigUint> = LazyLock::new(|| {
+        BigUint::from_bytes_be(&[
+            0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+            0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+            0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+            0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+            0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+            0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+            0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+            0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+            0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+            0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+            0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+            0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+            0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x23,
+            0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        ])
+    });
+
+    let mut base = base.clone();
+    let mut result: BigUint = One::one();
+
+    while !exp.is_zero() {
+        if exp.is_odd() {
+            result = result.mul(&base).rem(&*DH_PRIME);
+        }
+        exp = exp.shr(1);
+        base = (&base).mul(&base).rem(&*DH_PRIME);
+    }
+    exp.zeroize();
+
+    result
+}

client/src/crypto/openssl.rs

@@ -98,6 +98,18 @@ pub(crate) fn generate_public_key(private_key: impl AsRef<[u8]>) -> Result<Vec<u
     Ok(dh.set_private_key(private_key_bn)?.public_key().to_vec())
 }
 
+pub(crate) fn generate_public_key_for_secret_exchange(
+    private_key: impl AsRef<[u8]>,
+) -> Result<Vec<u8>, super::Error> {
+    let private_key_bn = BigNum::from_slice(private_key.as_ref()).unwrap();
+    let dh = Dh::from_pqg(
+        BigNum::get_rfc3526_prime_1536().unwrap(),
+        None,
+        BigNum::from_u32(2).unwrap(),
+    )?;
+    Ok(dh.set_private_key(private_key_bn)?.public_key().to_vec())
+}
+
 pub(crate) fn generate_aes_key(
     private_key: impl AsRef<[u8]>,
     server_public_key: impl AsRef<[u8]>,
@@ -131,6 +143,39 @@ pub(crate) fn generate_aes_key(
     Ok(okm)
 }
 
+pub(crate) fn generate_aes_key_for_secret_exchange(
+    private_key: impl AsRef<[u8]>,
+    server_public_key: impl AsRef<[u8]>,
+) -> Result<Zeroizing<Vec<u8>>, super::Error> {
+    let private_key_bn = BigNum::from_slice(private_key.as_ref()).unwrap();
+    let server_public_key_bn = BigNum::from_slice(server_public_key.as_ref()).unwrap();
+    let dh = Dh::from_pqg(
+        BigNum::get_rfc2409_prime_1024().unwrap(),
+        None,
+        BigNum::from_u32(2).unwrap(),
+    )?;
+    let mut common_secret_bytes = dh
+        .set_private_key(private_key_bn)?
+        .compute_key(&server_public_key_bn)?;
+
+    let mut common_secret_padded = vec![0; 192 - common_secret_bytes.len()];
+    // inefficient, but ok for now
+    common_secret_padded.append(&mut common_secret_bytes);
+
+    // hkdf
+    // input_keying_material
+    let ikm = common_secret_padded;
+
+    let mut okm = Zeroizing::new(vec![0; 16]);
+    let mut ctx = PkeyCtx::new_id(Id::HKDF).unwrap();
+    ctx.derive_init().unwrap();
+    ctx.set_hkdf_md(Md::sha256()).unwrap();
+    ctx.set_hkdf_key(&ikm).unwrap();
+    ctx.derive(Some(okm.as_mut()))
+        .expect("hkdf expand should never fail");
+    Ok(okm)
+}
+
 pub fn generate_iv() -> Result<Vec<u8>, super::Error> {
     let mut buf = vec![0; iv_len()];
     rand_bytes(&mut buf)?;

client/src/key.rs

@@ -47,6 +47,14 @@ impl Key {
         Ok(Self::new(crypto::generate_public_key(private_key)?))
     }
 
+    pub fn generate_public_key_for_secret_exchange(
+        private_key: &Self,
+    ) -> Result<Self, crypto::Error> {
+        Ok(Self::new(crypto::generate_public_key_for_secret_exchange(
+            private_key,
+        )?))
+    }
+
     pub fn generate_aes_key(
         private_key: &Self,
         server_public_key: &Self,
@@ -55,6 +63,15 @@ impl Key {
             crypto::generate_aes_key(private_key, server_public_key)?.to_vec(),
         ))
     }
+
+    pub fn generate_aes_key_for_secret_exchange(
+        private_key: &Self,
+        server_public_key: &Self,
+    ) -> Result<Self, crypto::Error> {
+        Ok(Self::new(
+            crypto::generate_aes_key_for_secret_exchange(private_key, server_public_key)?.to_vec(),
+        ))
+    }
 }
 
 impl From<&Key> for zvariant::Value<'_> {

server/Cargo.toml

@@ -9,6 +9,7 @@ rust-version.workspace = true
 version.workspace = true
 
 [dependencies]
+base64 = "0.22"
 clap.workspace = true
 enumflags2 = "0.7"
 oo7 = { workspace = true, features = ["unstable"] }

server/src/gnome/mod.rs

@@ -0,0 +1,2 @@
+pub mod prompter;
+pub mod secret_exchange;