// 2022 (c) GPLv3, acetone at i2pmail.org // Zero Storage Captcha #include "zerostoragecaptchacrypto.h" #include "timetoken.h" #include #include #include #include constexpr int TIME_TOKEN_SIZE = 10; namespace ZeroStorageCaptchaCrypto { QTimer* TimeToken::m_updater = nullptr; QString TimeToken::m_current; QString TimeToken::m_prev; bool KeyHolder::m_caseSensitive = false; uint8_t KeyHolder::m_key[KEYSIZE] {0}; void TimeToken::init() { if (m_updater) return; m_updater = new QTimer; m_current = ZeroStorageCaptchaCrypto::random(TIME_TOKEN_SIZE); m_updater->setInterval(2000); // 2 minutes QObject::connect(m_updater, &QTimer::timeout, [&]() { m_prev = m_current; m_current = ZeroStorageCaptchaCrypto::random(TIME_TOKEN_SIZE); }); m_updater->start(); } QString KeyHolder::captchaSecretLine(const QString &captchaAnswer, bool prevTimeToken) { if (m_key[0] == 0) { auto noize = ZeroStorageCaptchaCrypto::random(KEYSIZE); for (int i = 0; i < KEYSIZE; ++i) { m_key[i] = noize[i]; } } QString hashedAnswer = ZeroStorageCaptchaCrypto::hash((m_caseSensitive ? captchaAnswer : captchaAnswer.toUpper()) + (prevTimeToken ? TimeToken::prevToken() : TimeToken::currentToken()) ); uint8_t signature[SIGSIZE]; sign(reinterpret_cast(hashedAnswer.toStdString().c_str()), hashedAnswer.size(), signature, m_key); QByteArray rawResultArray; for(int i = 0; i < SIGSIZE; ++i) { rawResultArray += signature[i]; } return compact(rawResultArray.toBase64(QByteArray::Base64Option::Base64UrlEncoding)); } bool KeyHolder::validateCaptchaAnswer(const QString &answer, const QString &secretLine) { if (captchaSecretLine(answer) == secretLine) return true; return captchaSecretLine(answer, true) == secretLine; } QString KeyHolder::compact(const QString &str) { QString result; int counter = 0; for (const auto& c: str) { if (++counter % 3 == 0) { result += c; } } result.remove('='); result.remove('_'); result.remove('-'); return result; } void KeyHolder::sign(const uint8_t *buf, int len, uint8_t *signature, const uint8_t *privateKey) { auto MDCtx = EVP_MD_CTX_create (); auto PKey = EVP_PKEY_new_raw_private_key (EVP_PKEY_ED25519, NULL, privateKey, KEYSIZE); EVP_DigestSignInit (MDCtx, NULL, NULL, NULL, PKey); size_t l = SIGSIZE; EVP_DigestSign (MDCtx, signature, &l, buf, len); EVP_PKEY_free (PKey); EVP_MD_CTX_destroy (MDCtx); } QString hash(const QString &str) { // Partially bit-inverted SHA256 QVector in; for(auto c: str) { in.push_back(c.unicode()); } QVector out(SHA256_DIGEST_LENGTH); SHA256(in.data(), in.size(), out.data()); QByteArray rawResult; for (auto b: out) { rawResult.push_back(b); } short count = 0; for (auto it = rawResult.begin(); it != rawResult.end(); ++it) { if (++count % 2 == 0) { *it = ~*it; } } return rawResult.toBase64(QByteArray::Base64Option::Base64UrlEncoding); } QByteArray random(int length) { constexpr char randomtable[60] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X'}; QByteArray random_value; std::random_device rd; std::uniform_int_distribution dist(0, 59); while(random_value.size() < length) { random_value += randomtable[dist(rd)]; } return random_value; } } // namespace