public void ShouldVerifyRandomlyGeneratedSignatures(ModeValues mode, DigestSizes digest, Curve curveEnum)
{
var nonces = new List <BigInteger>();
var hashFunction = new HashFunction(mode, digest);
var shaFactory = new NativeShaFactory();
var sha = shaFactory.GetShaInstance(hashFunction);
var hmacFactory = new HmacFactory(shaFactory);
var hmac = hmacFactory.GetHmacInstance(hashFunction);
var subject = new EccDsa(sha, new DeterministicNonceProvider(hmac), EntropyProviderTypes.Random);
var curveFactory = new EccCurveFactory();
var curve = curveFactory.GetCurve(curveEnum);
var domainParams = new EccDomainParameters(curve);
var key = subject.GenerateKeyPair(domainParams).KeyPair;
var rand = new Random800_90();
for (var i = 0; i < 100; i++)
{
var message = rand.GetRandomBitString(1024);
var signature = subject.Sign(domainParams, key, message).Signature;
var verify = subject.Verify(domainParams, key, message, signature);
nonces.Add(signature.R);
Assert.IsTrue(verify.Success, verify.ErrorMessage);
}
// Check nonces for uniqueness
Assert.AreEqual(nonces.Count, nonces.Distinct().Count(), "Repeated nonce detected");
}
public void Setup()
{
var shaFactory = new NativeShaFactory();
var hmacFactory = new HmacFactory(shaFactory);
var entropyFactory = new EntropyProviderFactory();
var rsa = new Rsa(new RsaVisitor());
var kdfVisitor = new KdfVisitor(
new KdfOneStepFactory(shaFactory, new HmacFactory(shaFactory), new KmacFactory(new CSHAKEWrapper())),
new Crypto.KDF.KdfFactory(new CmacFactory(new BlockCipherEngineFactory(), new ModeBlockCipherFactory()),
hmacFactory), hmacFactory,
new CmacFactory(new BlockCipherEngineFactory(), new ModeBlockCipherFactory()),
new IkeV1Factory(hmacFactory, shaFactory),
new IkeV2Factory(hmacFactory),
new TlsKdfFactory(hmacFactory),
new HkdfFactory(hmacFactory));
_rsaSve = new RsaSve(rsa, _entropyProvider);
_kasBuilderPartyU = new KasIfcBuilder();
_schemeBuilderPartyU = new SchemeIfcBuilder(kdfVisitor);
_kasBuilderPartyV = new KasIfcBuilder();
_schemeBuilderPartyV = new SchemeIfcBuilder(kdfVisitor);
_secretKeyingMaterialBuilderPartyU = new IfcSecretKeyingMaterialBuilder();
_secretKeyingMaterialBuilderPartyV = new IfcSecretKeyingMaterialBuilder();
_kdfFactory = new KdfFactory(kdfVisitor);
_kdfParameterVisitor = new KdfParameterVisitor(entropyFactory.GetEntropyProvider(EntropyProviderTypes.Random));
_ktsFactory = new KtsFactory(shaFactory, rsa, entropyFactory);
_keyConfirmationFactory = new KeyConfirmationFactory(new KeyConfirmationMacDataCreator());
_fixedInfoFactory = new FixedInfoFactory(new FixedInfoStrategyFactory());
}
public void ShouldDemonstrateCurvePaddingIssue(Curve curve, bool hasIssue)
{
var shaFactory = new NativeShaFactory();
var hmacFactory = new HmacFactory(shaFactory);
var nonceProviderFactory = new EccNonceProviderFactory();
var entropyFactory = new EntropyProviderFactory();
var dsaFactory = new DsaEccFactory(shaFactory, hmacFactory, nonceProviderFactory, entropyFactory);
var dsa = dsaFactory.GetInstanceForKeys(entropyFactory.GetEntropyProvider(EntropyProviderTypes.Random));
var domainParameters = new EccDomainParameters(new EccCurveFactory().GetCurve(curve));
var key1 = dsa.GenerateKeyPair(domainParameters).KeyPair;
var key2 = dsa.GenerateKeyPair(domainParameters).KeyPair;
var calculationOldZ = new BadPaddingDiffieHellmanEcc().GenerateSharedSecretZ(domainParameters, key1, key2);
var calculationNewZ = new DiffieHellmanEcc().GenerateSharedSecretZ(domainParameters, key1, key2);
if (hasIssue)
{
Assert.AreNotEqual(calculationOldZ.SharedSecretZ.ToHex(), calculationNewZ.SharedSecretZ.ToHex());
}
else
{
Assert.AreEqual(calculationOldZ.SharedSecretZ.ToHex(), calculationNewZ.SharedSecretZ.ToHex());
}
}
public void ShouldKdfCorrectly()
{
var sha = new NativeShaFactory().GetShaInstance(new HashFunction(ModeValues.SHA2, DigestSizes.d256));
var subject = new AnsiX942Der(sha);
var zz = new BitString("0123456789ABCDEF");
var otherInfo = new BitString(0);
var param = new DerAns942Parameters
{
Zz = zz,
KeyLen = 256,
Oid = AnsiX942OidHelper.GetOidFromEnum(AnsiX942Oids.TDES),
PartyUInfo = otherInfo,
PartyVInfo = otherInfo,
SuppPubInfo = otherInfo,
SuppPrivInfo = otherInfo
};
var result = subject.DeriveKey(param);
Assert.IsTrue(result.Success);
Console.WriteLine(result.DerivedKey.ToHex());
Assert.Pass();
}
public void ShouldAnsiX963Correctly(ModeValues mode, DigestSizes digestSize, int keyLength, string zHex, string sharedInfoHex, string keyData)
{
var hash = new HashFunction(mode, digestSize);
var sha = new NativeShaFactory().GetShaInstance(hash);
var z = new BitString(zHex);
var sharedInfo = new BitString(sharedInfoHex);
var subject = new AnsiX963(sha);
var result = subject.DeriveKey(z, sharedInfo, keyLength);
Assert.IsTrue(result.Success, result.ErrorMessage);
Assert.AreEqual(keyData, result.DerivedKey.ToHex().ToLower());
}
public void Setup()
{
IShaFactory shaFactory = new NativeShaFactory();
IHmacFactory hmacFactory = new HmacFactory(shaFactory);
IKmacFactory kmacFactory = new KmacFactory(new CSHAKEWrapper());
ICmacFactory cmacFactory = new CmacFactory(new BlockCipherEngineFactory(), new ModeBlockCipherFactory());
_kdfVisitor = new KdfVisitor(
new KdfOneStepFactory(shaFactory, hmacFactory, kmacFactory),
new KdfFactory(cmacFactory, hmacFactory),
hmacFactory,
cmacFactory,
new IkeV1Factory(hmacFactory, shaFactory),
new IkeV2Factory(hmacFactory),
new TlsKdfFactory(hmacFactory),
new HkdfFactory(hmacFactory));
}
public void ShouldGenerateCorrectOtherInfo()
{
var sha = new NativeShaFactory().GetShaInstance(new HashFunction(ModeValues.SHA2, DigestSizes.d256));
var subject = new AnsiX942Der(sha);
var expectedKey = new BitString("7088B27511516F85551F20B33BB09AF453DD0ECA4542C5F48D5263D3474FC0C4");
var param = new DerAns942Parameters
{
Zz = new BitString("6B"),
KeyLen = 256,
Oid = AnsiX942OidHelper.GetOidFromEnum(AnsiX942Oids.TDES),
PartyUInfo = new BitString("299D468D60BC6A257E0B6523D691A3FC1602453B35F308C762FBBAC6069A88BC"),
PartyVInfo = new BitString("80D49BFE5BE01C7D56489AB017663C22B8CBB34C3174D1D71F00CB7505AC759A"),
SuppPubInfo = new BitString("3C21A5EA5988562C007986E0503D039E7231D9F152FE72A231A1FD98C59BCA6A"),
SuppPrivInfo = new BitString("FD47477542989B51E4A0845DFABD6EEAA465F69B3D75349B2520051782C7F3FC")
};
var result = subject.DeriveKey(param);
Assert.IsTrue(result.Success);
}
