public byte[] Generate(byte[] agreed) { IMac prfMac; if (prfAlgorithm == FipsPrfAlgorithm.AesCMac) { Internal.IBlockCipher aesEng = FipsAes.ENGINE_PROVIDER.CreateEngine(EngineUsage.GENERAL); aesEng.Init(true, new KeyParameter(salt ?? new byte[16])); prfMac = new CMac(aesEng); prfMac.Init(null); } else { prfMac = FipsShs.CreateHmac((DigestAlgorithm)prfAlgorithm.BaseAlgorithm); prfMac.Init(new KeyParameter(salt ?? new byte[((HMac)prfMac).GetUnderlyingDigest().GetByteLength()])); } byte[] mac = Macs.DoFinal(prfMac, agreed, 0, agreed.Length); // ZEROIZE Arrays.Fill(agreed, (byte)0); return(mac); }
/** * Construct a SP800-90A CTR DRBG. * <p> * Minimum entropy requirement is the security strength requested. * </p> * @param engine underlying block cipher to use to support DRBG * @param keySizeInBits size of the key to use with the block cipher. * @param securityStrength security strength required (in bits) * @param entropySource source of entropy to use for seeding/reseeding. * @param personalizationString personalization string to distinguish this DRBG (may be null). * @param nonce nonce to further distinguish this DRBG (may be null). */ internal CtrSP800Drbg(Internal.IBlockCipher engine, int keySizeInBits, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce) { mEngine = engine; mKeySizeInBits = keySizeInBits; mSeedLength = keySizeInBits + engine.GetBlockSize() * 8; mIsTDEA = isTDEA(engine); init(securityStrength, entropySource, personalizationString, nonce); }
internal static IBufferedCipher CreateBufferedCipher(string name, AlgorithmMode algorithmMode, IParametersWithIV <IParameters <Algorithm>, Algorithm> parameters, bool forEncryption, IEngineProvider <Internal.IBlockCipher> cipherProvider) { Internal.IBlockCipher baseCipher = cipherProvider.CreateEngine(GetUsage(forEncryption, algorithmMode)); Internal.IBlockCipher cipher; switch (algorithmMode) { case AlgorithmMode.CBC: cipher = new CbcBlockCipher(baseCipher); break; case AlgorithmMode.CS1: return(new NistCtsBlockCipher(NistCtsBlockCipher.CS1, baseCipher)); case AlgorithmMode.CS2: return(new NistCtsBlockCipher(NistCtsBlockCipher.CS2, baseCipher)); case AlgorithmMode.CS3: return(new NistCtsBlockCipher(NistCtsBlockCipher.CS3, baseCipher)); case AlgorithmMode.CFB8: cipher = new CfbBlockCipher(baseCipher, 8); break; case AlgorithmMode.CFB64: cipher = new CfbBlockCipher(baseCipher, 64); break; case AlgorithmMode.CFB128: cipher = new CfbBlockCipher(baseCipher, 128); break; case AlgorithmMode.OpenPGPCFB: cipher = new OpenPgpCfbBlockCipher(baseCipher); break; case AlgorithmMode.OFB64: cipher = new OfbBlockCipher(baseCipher, 64); break; case AlgorithmMode.OFB128: cipher = new OfbBlockCipher(baseCipher, 128); break; case AlgorithmMode.CTR: cipher = new SicBlockCipher(baseCipher); break; default: throw new ArgumentException("Unknown algorithm mode passed to " + name + ".Provider: " + algorithmMode); } return(new BufferedBlockCipher(cipher)); }
internal static IAeadBlockCipher CreateAeadCipher(string name, AlgorithmMode algorithmMode, IParametersWithIV <IParameters <Algorithm>, Algorithm> parameters, bool forEncryption, IEngineProvider <Internal.IBlockCipher> cipherProvider) { Internal.IBlockCipher baseCipher = cipherProvider.CreateEngine(GetUsage(forEncryption, algorithmMode)); switch (algorithmMode) { case AlgorithmMode.CCM: return(new CcmBlockCipher(baseCipher)); case AlgorithmMode.GCM: return(new GcmBlockCipher(baseCipher)); default: throw new ArgumentException("Unknown algorithm mode passed to " + name + ".Provider: " + algorithmMode); } }
internal static IWrapper CreateWrapper(string name, AlgorithmMode algorithmMode, bool useInverse, bool forWrapping, IEngineProvider <Internal.IBlockCipher> baseCipherProvider) { Internal.IBlockCipher baseCipher = baseCipherProvider.CreateEngine(GetWrapUsage(useInverse, forWrapping)); IWrapper cipher; switch (algorithmMode) { case AlgorithmMode.WRAP: cipher = new SP80038FWrapEngine(baseCipher, useInverse); break; case AlgorithmMode.WRAPPAD: cipher = new SP80038FWrapWithPaddingEngine(baseCipher, useInverse); break; default: throw new ArgumentException("Unknown wrapper algorithm passed to " + name + ".Provider: " + algorithmMode); } cipher.Init(forWrapping, null); return(cipher); }