decrypting DMs

[Julian Steinwachs]

hi,

I'm trying to retrace the crypto of twister in order to incorporate it into ma javascript library. But im failing currently in decrypting an DM that i sent to an test account. My current poc is on github at https://github.com/Tschaul/twister-crypto-js-poc . It would be very helpful if someone could point me im the right direction. I think the problem might be that i need the correct initialisation vector, but i dont know where from.

Greetings!

Tschaul

[Miguel Freitas]

Hi Julian,

Do you know we have a working DM testvector and code here, right?

https://github.com/miguelfreitas/twister-html/blob/master/twister-crypto-test.html

Did you try this testvector? Or maybe comparing decrypt function here to your code:

https://github.com/miguelfreitas/twister-html/blob/master/js/twister-crypto.js

regards,

Miguel

--
You received this message because you are subscribed to the Google Groups "twister-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to twister-dev...@googlegroups.com.
To post to this group, send email to twist...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Julian Steinwachs]

i started with that. The decryption  part is still in exactly that state because i reverted it back after every try. Basically i'm just trying to apply that code to a post from the network. Greetings!

[Miguel Freitas]

On Sun, Dec 27, 2015 at 12:16 PM, Julian Steinwachs <julian.s...@fau.de> wrote:

i started with that. The decryption  part is still in exactly that state because i reverted it back after every try. Basically i'm just trying to apply that code to a post from the network. Greetings!

So, does your code works with the testvector but not with a real DM post?

[Julian Steinwachs]

no it does not work with the testvector. The problem is the new version of bitcoinjs-lib . The code from the twister-html repo is incompatible with the new version. They changed some method signatures. 

Also i find it strange to use an empty buffer als iv. Thoughts thats just for the testvector.

Thanks for helping

[Miguel Freitas]

On Sun, Dec 27, 2015 at 2:16 PM, Julian Steinwachs <julian.s...@fau.de> wrote:

no it does not work with the testvector. The problem is the new version of bitcoinjs-lib . The code from the twister-html repo is incompatible with the new version. They changed some method signatures. 

hmmm, got it.

we may compare intermediate steps to pinpoint where it starts to fail (eg. the "secret" derived from EC multiplication before computing the sha512 etc).

 

Also i find it strange to use an empty buffer als iv. Thoughts thats just for the testvector.

That's correct: the IV is actually initialized to all zeros (16 bytes), see here

https://github.com/miguelfreitas/twister-core/blob/master/src/key.cpp#L379

Which is fine, btw, since we don't reuse the key between DMs.

(You may try if "empty IV" is the same as "all zeros IV" for this new bitcoinjs-lib)

regards,

Miguel

[Julian Steinwachs]

I pushed a version with the testvector. The hmac signatures match. The aes_key entry matches the aes_key concatenated with the hmac_key. What is the "ecies_key_derivation" entry? Greetings!

[Julian Steinwachs]

When i insert decrypter.setAutoPadding() the testvector at least gets decrypted correctly. For the DM i sent to my testaccount it get something strange however: "`3:mqg6:secret2:to9:pampalulue" without the double quotes. "pampalulu" is the name of the testaccount and "secret" is the message. It probably should be a bencoded string but it is malformed. The correct decrypted content is probably "d3:msg6:secret2:to9:pampalulue". So the first byte gets corrupted from 64 to 60 and 5th one gets corrupted from 73 to 70. Any idea whats going on?

[Julian Steinwachs]

Finally got it! new Buffer(16) does not create an all zero buffer instead i use new Buffer("00000000000000000000000000000000","hex") now. Will push the working poc to https://github.com/Tschaul/twister-crypto-js-poc/

Greetings

[Miguel Freitas]

Good job! :-)