public void ShouldThrowWithInvalidKeyLengthCmac(KeyAgreementMacType macType, int keyLength)
{
var p = new KeyConfirmationParameters(0, 0, 0, macType, keyLength,
0, null, null, null, null, null);
Assert.Throws(typeof(ArgumentException), () => _subject.GetInstance(p));
}
public void ShouldThrowArgumentExceptionOnInvalidMacType(KeyAgreementMacType keyAgreementMacType)
{
ModeValues mode = ModeValues.SHA1;
DigestSizes digestSize = DigestSizes.NONE;
Assert.Throws(typeof(ArgumentException), () => EnumMapping.GetHashFunctionOptions(keyAgreementMacType, ref mode, ref digestSize));
}
/// <summary>
/// Non AES-CCM constructor
/// </summary>
/// <param name="thisPartyKeyAgreementRole"></param>
/// <param name="thisPartyKeyConfirmationRole"></param>
/// <param name="keyConfirmationType"></param>
/// <param name="macType"></param>
/// <param name="keyLength"></param>
/// <param name="macLength"></param>
/// <param name="thisPartyIdentifier"></param>
/// <param name="otherPartyIdentifier"></param>
/// <param name="thisPartyPublicKey"></param>
/// <param name="otherPartyPublicKey"></param>
/// <param name="derivedKeyingMaterial"></param>
public KeyConfirmationParameters(
KeyAgreementRole thisPartyKeyAgreementRole,
KeyConfirmationRole thisPartyKeyConfirmationRole,
KeyConfirmationDirection keyConfirmationType,
KeyAgreementMacType macType,
int keyLength,
int macLength,
BitString thisPartyIdentifier,
BitString otherPartyIdentifier,
BitString thisPartyPublicKey,
BitString otherPartyPublicKey,
BitString derivedKeyingMaterial
)
{
if (macType == KeyAgreementMacType.AesCcm)
{
throw new ArgumentException(nameof(macType));
}
ThisPartyKeyAgreementRole = thisPartyKeyAgreementRole;
ThisPartyKeyConfirmationRole = thisPartyKeyConfirmationRole;
KeyConfirmationType = keyConfirmationType;
MacType = macType;
KeyLength = keyLength;
MacLength = macLength;
ThisPartyIdentifier = thisPartyIdentifier;
OtherPartyIdentifier = otherPartyIdentifier;
ThisPartyPublicKey = thisPartyPublicKey;
OtherPartyPublicKey = otherPartyPublicKey;
DerivedKeyingMaterial = derivedKeyingMaterial;
KeyConfirmationType = keyConfirmationType;
}
public KeyConfirmationMacDetail(KeyAgreementMacType macType, int maxTagLen, int minKeyLen, int maxKeyLen)
{
MacType = macType;
MaxTagLen = maxTagLen;
MinKeyLen = minKeyLen;
MaxKeyLen = maxKeyLen;
}
public void ShouldSetCorrectHashFunctionAttributesFromHmac(KeyAgreementMacType keyAgreementMacType, ModeValues expectedModeValue, DigestSizes expectedDigestSize)
{
ModeValues mode = ModeValues.SHA1;
DigestSizes digestSize = DigestSizes.NONE;
EnumMapping.GetHashFunctionOptions(keyAgreementMacType, ref mode, ref digestSize);
Assert.AreEqual(expectedModeValue, mode, nameof(expectedModeValue));
Assert.AreEqual(expectedDigestSize, digestSize, nameof(expectedDigestSize));
}
public MacParameters(KeyAgreementMacType macType, int keyLength, int macLength)
{
if (macType == KeyAgreementMacType.AesCcm)
{
throw new ArgumentException(nameof(macType));
}
MacType = macType;
KeyLength = keyLength;
MacLength = macLength;
}
/// <summary>
/// Constructor used for MACs (not AES-CCM)
/// </summary>
/// <param name="keyAgreementMacType">The MAC type used</param>
/// <param name="derivedKeyingMaterial">The keying material used as the MAC key</param>
/// <param name="macLength">The returned MAC length</param>
/// <param name="nonce">The nonce used (concatenated onto "Standard Test Message")</param>
public NoKeyConfirmationParameters(KeyAgreementMacType keyAgreementMacType, int macLength, BitString derivedKeyingMaterial, BitString nonce)
{
if (keyAgreementMacType == KeyAgreementMacType.AesCcm)
{
throw new ArgumentException(nameof(keyAgreementMacType));
}
KeyAgreementMacType = keyAgreementMacType;
MacLength = macLength;
DerivedKeyingMaterial = derivedKeyingMaterial;
Nonce = nonce;
}
public MacParameters(KeyAgreementMacType macType, int keyLength, int macLength, BitString ccmNonce)
{
if (macType != KeyAgreementMacType.AesCcm)
{
throw new ArgumentException(nameof(macType));
}
MacType = macType;
KeyLength = keyLength;
MacLength = macLength;
CcmNonce = ccmNonce;
}
public void ShouldReturnCorrectInstance(KeyAgreementMacType macType, Type expectedType)
{
NoKeyConfirmationParameters p = null;
if (macType == KeyAgreementMacType.AesCcm)
{
p = new NoKeyConfirmationParameters(macType, 1, new BitString(1), new BitString(1), new BitString(1));
}
else
{
p = new NoKeyConfirmationParameters(macType, 1, new BitString(1), new BitString(1));
}
var result = _subject.GetInstance(p);
Assert.IsInstanceOf(expectedType, result);
}
public void ShouldMacCorrectly(int keyLength, int macLength, KeyAgreementMacType keyAgreementMacType, BitString dkm, BitString nonce, BitString expectedMacData, BitString expectedMac)
{
ModeValues modeValue = ModeValues.SHA2;
DigestSizes digestSize = DigestSizes.NONE;
EnumMapping.GetHashFunctionOptions(keyAgreementMacType, ref modeValue, ref digestSize);
NoKeyConfirmationParameters p =
new NoKeyConfirmationParameters(keyAgreementMacType, macLength, dkm, nonce);
_subject = new NoKeyConfirmationHmac(new NoKeyConfirmationMacDataCreator(), p, _algoFactory.GetHmacInstance(new HashFunction(modeValue, digestSize)));
var result = _subject.ComputeMac();
Assert.That(result.Success, nameof(result.Success));
Assert.AreEqual(expectedMacData.ToHex(), result.MacData.ToHex(), nameof(result.MacData));
Assert.AreEqual(expectedMac.ToHex(), result.Mac.ToHex(), nameof(result.Mac));
}
public void ShouldReturnCorrectInstance(KeyAgreementMacType macType, int keyLength, Type expectedType)
{
IKeyConfirmation result = null;
if (macType == KeyAgreementMacType.AesCcm)
{
KeyConfirmationParameters p = new KeyConfirmationParameters(0, 0, 0, macType, keyLength,
0, null, null, null, null, null, new BitString(1));
result = _subject.GetInstance(p);
}
else
{
KeyConfirmationParameters p = new KeyConfirmationParameters(0, 0, 0, macType, keyLength,
0, null, null, null, null, null);
result = _subject.GetInstance(p);
}
Assert.IsInstanceOf(expectedType, result);
}
public IMacParametersBuilder WithKeyAgreementMacType(KeyAgreementMacType value)
{
_keyAgreementMacType = value;
return(this);
}
/// <summary>
/// Determines the correct <see cref="ModeValues"/> and <see cref="DigestSizes"/> based on <see cref="KeyAgreementMacType"/>
/// </summary>
/// <param name="keyAgreementMacType">The key agreement mac type to check against</param>
/// <param name="modeValue">The equivalent mode</param>
/// <param name="digestSize">The equivalent digest size</param>
public static void GetHashFunctionOptions(KeyAgreementMacType keyAgreementMacType, ref ModeValues modeValue, ref DigestSizes digestSize)
{
switch (keyAgreementMacType)
{
case KeyAgreementMacType.HmacSha1:
modeValue = ModeValues.SHA1;
digestSize = DigestSizes.d160;
break;
case KeyAgreementMacType.HmacSha2D224:
modeValue = ModeValues.SHA2;
digestSize = DigestSizes.d224;
break;
case KeyAgreementMacType.HmacSha2D256:
modeValue = ModeValues.SHA2;
digestSize = DigestSizes.d256;
break;
case KeyAgreementMacType.HmacSha2D384:
modeValue = ModeValues.SHA2;
digestSize = DigestSizes.d384;
break;
case KeyAgreementMacType.HmacSha2D512:
modeValue = ModeValues.SHA2;
digestSize = DigestSizes.d512;
break;
case KeyAgreementMacType.HmacSha2D512_T224:
modeValue = ModeValues.SHA2;
digestSize = DigestSizes.d512t224;
break;
case KeyAgreementMacType.HmacSha2D512_T256:
modeValue = ModeValues.SHA2;
digestSize = DigestSizes.d512t256;
break;
case KeyAgreementMacType.HmacSha3D224:
modeValue = ModeValues.SHA3;
digestSize = DigestSizes.d224;
break;
case KeyAgreementMacType.HmacSha3D256:
modeValue = ModeValues.SHA3;
digestSize = DigestSizes.d256;
break;
case KeyAgreementMacType.HmacSha3D384:
modeValue = ModeValues.SHA3;
digestSize = DigestSizes.d384;
break;
case KeyAgreementMacType.HmacSha3D512:
modeValue = ModeValues.SHA3;
digestSize = DigestSizes.d512;
break;
default:
throw new ArgumentException($"{typeof(EnumMapping)}, {nameof(keyAgreementMacType)}");
}
}
