protected string DecryptUnderZMK(string clearZMK, string cryptData, KeySchemeTable.KeyScheme ZMK_KeyScheme, string AtallaVariant)
{
string result = "";
clearZMK = Utility.TransformUsingAtallaVariant(clearZMK, AtallaVariant);
switch (ZMK_KeyScheme)
{
case KeySchemeTable.KeyScheme.SingleDESKey:
case KeySchemeTable.KeyScheme.DoubleLengthKeyAnsi:
case KeySchemeTable.KeyScheme.TripleLengthKeyAnsi:
case KeySchemeTable.KeyScheme.Unspecified:
result = ThalesCore.Cryptography.TripleDES.TripleDESDecrypt(new ThalesCore.Cryptography.HexKey(clearZMK), cryptData);
break;
case KeySchemeTable.KeyScheme.DoubleLengthKeyVariant:
case KeySchemeTable.KeyScheme.TripleLengthKeyVariant:
result = ThalesCore.Cryptography.TripleDES.TripleDESDecryptVariant(new ThalesCore.Cryptography.HexKey(clearZMK), cryptData);
break;
}
switch (ZMK_KeyScheme)
{
case KeySchemeTable.KeyScheme.DoubleLengthKeyAnsi:
case KeySchemeTable.KeyScheme.DoubleLengthKeyVariant:
case KeySchemeTable.KeyScheme.TripleLengthKeyAnsi:
case KeySchemeTable.KeyScheme.TripleLengthKeyVariant:
result = KeySchemeTable.GetKeySchemeValue(ZMK_KeyScheme) + result;
break;
}
return(result);
}
public override string ProcessMessage()
{
LMKPairs.LMKPair LMKKeyPair; string var = "";
KeySchemeTable.KeyScheme ks;
HexKey.KeyLength kl;
KeySchemeTable.KeyScheme zmkKS;
HexKey.KeyLength zmkKL;
string cryptKey = m_inStack.PopFromStack().ConsoleMessageProperty;
string cryptZMK = m_inStack.PopFromStack().ConsoleMessageProperty;
string keyScheme = m_inStack.PopFromStack().ConsoleMessageProperty;
string keyType = m_inStack.PopFromStack().ConsoleMessageProperty;
ExtractKeySchemeAndLength(cryptZMK, out zmkKL, out zmkKS);
ExtractKeySchemeAndLength(cryptKey, out kl, out ks);
ValidateKeyTypeCode(keyType, out LMKKeyPair, out var);
if ((ks == KeySchemeTable.KeyScheme.DoubleLengthKeyVariant) || (ks == KeySchemeTable.KeyScheme.TripleLengthKeyVariant))
{
return("INVALID KEY SCHEME FOR ENCRYPTED KEY - MUST BE ANSI");
}
string clearZMK = Utility.DecryptZMKEncryptedUnderLMK(new HexKey(cryptZMK).ToString(), zmkKS, 0);
string clearKey = TripleDES.TripleDESDecrypt(new HexKey(clearZMK), new HexKey(cryptKey).ToString());
string cryptUnderLMK = Utility.EncryptUnderLMK(clearKey, KeySchemeTable.GetKeySchemeFromValue(keyScheme), LMKKeyPair, var);
string chkVal = TripleDES.TripleDESEncrypt(new HexKey(clearKey), ZEROES);
return("Key under LMK: " + MakeKeyPresentable(cryptUnderLMK) + System.Environment.NewLine +
"Key Check Value: " + MakeCheckValuePresentable(chkVal));
}
protected bool ValidateKeySchemeCode(string ksc, ref KeySchemeTable.KeyScheme KS, ref ThalesCore.Message.MessageResponse MR)
{
try
{
KS = KeySchemeTable.GetKeySchemeFromValue(ksc);
return(true);
}
catch (ThalesCore.Exceptions.XInvalidKeyType ex)
{
MR.AddElement(ErrorCodes.ER_26_INVALID_KEY_SCHEME);
return(false);
}
}
public HexKey(string key)
{
if ((key == null) || (key == ""))
{
throw new Exceptions.XInvalidKey("Invalid key data: " + key);
}
if ((key.Length == 17) || (key.Length == 33) || (key.Length == 49))
{
_scheme = KeySchemeTable.GetKeySchemeFromValue(key.Substring(0, 1));
if ((_scheme != KeySchemeTable.KeyScheme.DoubleLengthKeyAnsi) &&
(_scheme != KeySchemeTable.KeyScheme.DoubleLengthKeyVariant) &&
(_scheme != KeySchemeTable.KeyScheme.SingleDESKey) &&
(_scheme != KeySchemeTable.KeyScheme.TripleLengthKeyAnsi) &&
(_scheme != KeySchemeTable.KeyScheme.TripleLengthKeyVariant))
{
throw new Exceptions.XInvalidKeyScheme("Invalid key scheme " + key.Substring(0, 1));
}
else
{
key = key.Substring(1);
}
}
else
{
if (key.Length == 16)
{
_scheme = KeySchemeTable.KeyScheme.SingleDESKey;
}
else if (key.Length == 32)
{
_scheme = KeySchemeTable.KeyScheme.DoubleLengthKeyAnsi;
}
else
{
_scheme = KeySchemeTable.KeyScheme.TripleLengthKeyAnsi;
}
}
if (Utility.IsHexString(key) == false)
{
throw new Exceptions.XInvalidKey("Invalid key data: " + key);
}
if (key.Length == 16)
{
_partA = key;
_partB = key;
_partC = key;
_keyLength = KeyLength.SingleLength;
}
else if (key.Length == 32)
{
_partA = key.Substring(0, 16);
_partB = key.Substring(16);
_partC = _partA;
_keyLength = KeyLength.DoubleLength;
}
else if (key.Length == 48)
{
_partA = key.Substring(0, 16);
_partB = key.Substring(16, 16);
_partC = key.Substring(32);
_keyLength = KeyLength.TripleLength;
}
else
{
throw new Exceptions.XInvalidKey("Invalid key length: " + key);
}
}
protected void ValidateKeySchemeCode(string ksc, KeySchemeTable.KeyScheme KS)
{
KS = KeySchemeTable.GetKeySchemeFromValue(ksc);
}
public override string ProcessMessage()
{
LMKPairs.LMKPair LMKKeyPair = LMKPairs.LMKPair.Null;
string var = "";
KeySchemeTable.KeyScheme ks = KeySchemeTable.KeyScheme.Unspecified;
HexKey.KeyLength kl = HexKey.KeyLength.SingleLength;
KeySchemeTable.KeyScheme zmkKS = KeySchemeTable.KeyScheme.Unspecified;
HexKey.KeyLength zmkKL;
string cryptKey = m_inStack.PopFromStack().ConsoleMessageProperty;
string cryptZMK = m_inStack.PopFromStack().ConsoleMessageProperty;
string keyScheme = m_inStack.PopFromStack().ConsoleMessageProperty;
string keyType = m_inStack.PopFromStack().ConsoleMessageProperty;
ExtractKeySchemeAndLength(cryptZMK, out zmkKL, out zmkKS);
ExtractKeySchemeAndLength(cryptKey, out kl, out ks);
ValidateKeyTypeCode(keyType, out LMKKeyPair, out var);
string clearZMK = Utility.DecryptZMKEncryptedUnderLMK(new HexKey(cryptZMK).ToString(), zmkKS, 0);
string clearKey = Utility.DecryptUnderLMK(new HexKey(cryptKey).ToString(), ks, LMKKeyPair, var);
string cryptUnderZMK = Utility.EncryptUnderZMK(clearZMK, new HexKey(clearKey).ToString(), KeySchemeTable.GetKeySchemeFromValue(keyScheme));
string chkVal = TripleDES.TripleDESEncrypt(new HexKey(clearKey), ZEROES);
return("Key encrypted under ZMK: " + MakeKeyPresentable(cryptUnderZMK) + System.Environment.NewLine +
"Key Check Value: " + MakeCheckValuePresentable(chkVal));
}
