/// <summary>
/// Encrypt the specified data using the specified salt.
///Encrypt uses provided salt, uses master key
///& salt to generate per-data key & nonce with the help of HKDF
///Salt is concatenated to the ciphertext
/// </summary>
/// <returns>The encrypted data bytes.</returns>
/// <param name="data">Data to be encrypted.</param>
public byte[] EncryptWithSalt(byte[] data, byte[] salt)
{
Validation.NotNull(data);
Validation.NotNullOrEmptyByteArray(salt);
var hkdf = new HkdfBytesGenerator(new Sha512Digest());
hkdf.Init(new HkdfParameters(this.key, salt, this.domain));
var keyNonce = new byte[SymKeyLen + SymNonceLen];
hkdf.GenerateBytes(keyNonce, 0, keyNonce.Length);
var cipher = new GcmBlockCipher(new AesEngine());
var keyNonceSlice1 = ((Span <byte>)keyNonce).Slice(0, SymKeyLen);
var keyNonceSlice2 = ((Span <byte>)keyNonce).Slice(SymKeyLen);
var parameters = new AeadParameters(
new KeyParameter(keyNonceSlice1.ToArray()),
SymTagLen * 8,
keyNonceSlice2.ToArray());
cipher.Init(true, parameters);
var cipherText = new byte[cipher.GetOutputSize(data.Length)];
var len = cipher.ProcessBytes(data, 0, data.Length, cipherText, 0);
cipher.DoFinal(cipherText, len);
return(Bytes.Combine(salt, cipherText));
}
public void ExtraSignWithSignatureSnapshot_Should_AddValidSignature()
{
//STC-9
var rawSignedModel = faker.PredefinedRawSignedModel(null, true, false, false);
var crypto = new VirgilCrypto();
var signer = new ModelSigner(new VirgilCardCrypto());
Assert.AreEqual(rawSignedModel.Signatures.Count, 1);
var keyPair = crypto.GenerateKeys();
var signParams = new SignParams()
{
Signer = "test_id",
SignerPrivateKey = keyPair.PrivateKey
};
var signatureSnapshot = faker.Random.Bytes(32);
signer.Sign(rawSignedModel, signParams, signatureSnapshot);
Assert.AreEqual(rawSignedModel.Signatures.Count, 2);
var extraSignature = rawSignedModel.Signatures.Last();
Assert.AreEqual(extraSignature.Signer, signParams.Signer);
Assert.AreEqual(extraSignature.Snapshot, signatureSnapshot);
var extendedSnapshot = Bytes.Combine(rawSignedModel.ContentSnapshot, signatureSnapshot);
Assert.True(crypto.VerifySignature(
extraSignature.Signature,
extendedSnapshot,
keyPair.PublicKey));
}
public void Combine()
{
var byte0 = new byte[] { 12, 34 };
var byte1 = new byte[] { 56, 78 };
var byte2 = new byte[] { 90 };
// action
var combined = Bytes.Combine(byte0, byte1, byte2);
// assert
var expected = new byte[] { 12, 34, 56, 78, 90 };
CollectionAssert.AreEqual(expected, combined);
}
static Domains()
{
commonPrefix = new byte[] { 0x56, 0x52, 0x47, 0x4c, 0x50, 0x48, 0x45 }; // VRGLPHE
Dhc0 = Bytes.Combine(commonPrefix, new byte[] { 0x31 });
Dhc1 = Bytes.Combine(commonPrefix, new byte[] { 0x32 });
Dhs0 = Bytes.Combine(commonPrefix, new byte[] { 0x33 });
Dhs1 = Bytes.Combine(commonPrefix, new byte[] { 0x34 });
ProofOK = Bytes.Combine(commonPrefix, new byte[] { 0x35 });
ProofErr = Bytes.Combine(commonPrefix, new byte[] { 0x36 });
Encrypt = Bytes.Combine(commonPrefix, new byte[] { 0x37 });
KdfInfoZ = Bytes.Combine(commonPrefix, new byte[] { 0x38 });
KdfInfoClientKey = Bytes.Combine(commonPrefix, new byte[] { 0x39 });
}
/// <summary>
/// Adds signature to the specified <see cref="RawSignedModel"/> using specified signer
/// parameters included private key, signer type and additional raw bytes.
/// </summary>
/// <param name="model"> the instance of <see cref="RawSignedModel"/> to be signed.</param>
/// <param name="@params"> the instance of <see cref="SignParams"/> to sign with.</param>
/// <param name="signatureSnapshot"> Some additional raw bytes to be signed with model.</param>
public void Sign(RawSignedModel model, SignParams @params, byte[] signatureSnapshot = null)
{
ValidateExtendedSignParams(model, @params);
ThrowExceptionIfSignatureExists(@params, model.Signatures);
var extendedSnapshot = signatureSnapshot != null?
Bytes.Combine(model.ContentSnapshot, signatureSnapshot)
: model.ContentSnapshot;
var signatureBytes = Crypto.GenerateSignature(extendedSnapshot, @params.SignerPrivateKey);
var signature = new RawSignature
{
Signer = @params.Signer,
Signature = signatureBytes,
Snapshot = signatureSnapshot
};
model.Signatures.Add(signature);
}
public void SelfSignWithSignatureSnapshot_Should_AddValidSignature()
{
//STC-9
var rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
var crypto = new VirgilCrypto();
var signer = new ModelSigner(new VirgilCardCrypto());
Assert.AreEqual(rawSignedModel.Signatures.Count, 0);
var signatureSnapshot = faker.Random.Bytes(32);
signer.SelfSign(rawSignedModel, faker.PredefinedKeyPair().PrivateKey, signatureSnapshot);
var selfSignature = rawSignedModel.Signatures.First();
Assert.AreEqual(selfSignature.Signer, ModelSigner.SelfSigner);
Assert.AreEqual(selfSignature.Snapshot, signatureSnapshot);
var extendedSnapshot = Bytes.Combine(rawSignedModel.ContentSnapshot, signatureSnapshot);
Assert.True(crypto.VerifySignature(
selfSignature.Signature,
extendedSnapshot,
faker.PredefinedKeyPair().PublicKey)
);
}
