Example #1
0
        public BitString Get(FixedInfoParameter param)
        {
            if (string.IsNullOrEmpty(param?.FixedInfoPattern))
            {
                return(new BitString(0));
            }

            var fixedInfoParts = new Dictionary <string, BitString>();

            // split the pattern into pieces
            var pieces = param.FixedInfoPattern.Split("||".ToCharArray(), StringSplitOptions.RemoveEmptyEntries);

            if (!pieces.Any())
            {
                return(new BitString(0));
            }

            foreach (var piece in pieces)
            {
                var workingPiece = piece.Replace("||", "");
                GetDataFromPiece(fixedInfoParts, workingPiece, param);
            }

            return(_fixedInfoStrategyFactory.Get(param.Encoding).GetFixedInfo(fixedInfoParts));
        }
Example #2
0
        public void ShouldKmac(
            string label,
            string fixedInfoPattern,
            Kda kdfType,
            KdaOneStepAuxFunction kdfAuxFunction,
            int l,
            BitString salt,
            BitString z,
            BitString algorithmId,
            BitString uPartyId,
            BitString uEphemData,
            BitString vPartyid,
            BitString vEphemData,
            BitString issueFixedData,
            BitString issueDkm,
            BitString expectedDkm)
        {
            var param = new KdfParameterOneStep()
            {
                L                  = l,
                Salt               = salt,
                Z                  = z,
                AlgorithmId        = algorithmId,
                AuxFunction        = kdfAuxFunction,
                FixedInfoPattern   = fixedInfoPattern,
                FixedInputEncoding = FixedInfoEncoding.Concatenation
            };

            var fixedInfoFactory   = new FixedInfoFactory(new FixedInfoStrategyFactory());
            var fixedInfoParameter = new FixedInfoParameter()
            {
                AlgorithmId      = algorithmId,
                FixedInfoPattern = fixedInfoPattern,
                Encoding         = FixedInfoEncoding.Concatenation,
                L    = l,
                Salt = salt
            };

            fixedInfoParameter.SetFixedInfo(
                new PartyFixedInfo(uPartyId, uEphemData),
                new PartyFixedInfo(vPartyid, vEphemData));

            var fixedInfo = fixedInfoFactory
                            .Get()
                            .Get(fixedInfoParameter);

            var kdf = _kdfOneStepFactory.GetInstance(param.AuxFunction, true);

            var result = kdf.DeriveKey(param.Z, param.L, fixedInfo, param.Salt);

            Assert.AreEqual(issueFixedData.ToHex(), fixedInfo.ToHex(), nameof(issueFixedData));
            Assert.AreEqual(issueDkm.ToHex(), result.DerivedKey.ToHex(), nameof(issueDkm));
            //Assert.AreEqual(expectedDkm.ToHex(), result.DerivedKey.ToHex(), nameof(expectedDkm));
        }
Example #3
0
 protected SchemeBase(
     IEntropyProvider entropyProvider,
     SchemeParametersIfc schemeParameters,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters macParameters)
 {
     EntropyProvider                 = entropyProvider;
     SchemeParameters                = schemeParameters;
     _fixedInfoFactory               = fixedInfoFactory;
     _fixedInfoParameter             = fixedInfoParameter;
     _thisPartyKeyingMaterialBuilder = thisPartyKeyingMaterialBuilder;
     _keyConfirmationFactory         = keyConfirmationFactory;
     _macParameters = macParameters;
 }
Example #4
0
 protected SchemeBaseKas
 (
     IEntropyProvider entropyProvider,
     SchemeParametersIfc schemeParameters,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters macParameters,
     IKdfVisitor kdfVisitor,
     IKdfParameter kdfParameter,
     IRsaSve rsaSve
 ) : base(entropyProvider, schemeParameters, fixedInfoFactory, fixedInfoParameter, thisPartyKeyingMaterialBuilder, keyConfirmationFactory, macParameters)
 {
     _kdfVisitor   = kdfVisitor;
     _kdfParameter = kdfParameter;
     _rsaSve       = rsaSve;
 }
Example #5
0
        public void DkmIntermediateValues()
        {
            var l                 = 512;
            var algorithmId       = new BitString("A0752AE1B4165A32C1387D1DA5E9F8AE");
            var fixedInfoPattern  = "algorithmId||l||uPartyInfo||vPartyInfo";
            var fixedInfoEncoding = FixedInfoEncoding.Concatenation;
            var z                 = new BitString("08E11078180FBDA3C73183F116DA038243802E22F165C2EF4C6BD9AC82612F86FD4F8197AB0B4F5A5E14390BD8F01A55B443FEA55A05438978BC8368691CB8013D5BE2312FB7C64125882835EE3BACD0D442C83A636DE2DF81B04F714C75E2874A284784C1EE987D7E61123CE5C53AC82DD0DE4CA3022985DFA320C83444A338C50DFA2803D9A1B28E6C3D8CF2C283A27983B6F0AEA89444504A5D63A127E9BBEE05FE6867B34CE3C18CF438477ACF3D07C1F01D00913DC37661DC4FBD623E83A48407C2FF8A6369A1B682EC6C0BA62C9A1AC5DFAB8D3FF6C7FEF3CA1DED9943786043EEA76A58CCA19BAB408805C26A2CF93D57A5B6E4E872AF2D585704044C");

            var uPartyFixedInfo = new PartyFixedInfo(
                new BitString("CAFE01020304"),
                new BitString("DAC2B3C01810B48A206333183E4E873E139FE6E4EC274EDB44B27419BA96C1401B49670A44C1F89B996C235E242962CF4D39C9F9E99D4281B8D9D75C5129BDB4822B02C0DC8515C60F6C0337D5EFEAA1346EFE2F5A8475C17FCF85B1A536E13B2E6FBA0BA2737409DAECD4F4A36D104DD3BE465AD92CD081959489CCD1B26FE496B2090FB30EE3892C8090DF6EE74661D696F23A2A71F68FB7B395C97236F6B937639891AE1B6EAEC814928B325D9B2F3B7FFBEBE9A718F2964CBA01118EE9D769E769D24ED6553B79D9F82CA62619C3D20105DEF06618B6FAEA7FB358206F628B07AAA5B80AC97D99830D943C1AE78D8F9926CB3A1D004F650FCA0D40117D3C"));

            var vPartyFixedInfo = new PartyFixedInfo(
                new BitString("434156536964"),
                new BitString("121DCC2DD2F243398381290F0F1AE0648F7B1911606BCA5F1065D54578B40CCBCEB3CBC0EF5F7DACAA3567CEEB8B220AE3E257ED325380DDDDBB8C4F9FEE6FEB4F149A3225C447E7684B64E049A81A9CB57433E89F5CE068E6F0843646E6F80F16B1760628D87F17CAF74912BC66CE61F1D33697FD859CC51AC20AA4DB12DEB25D2147180A0C70EB0C316D3C22FA2BF0955F48259856305DC9801298C38B4838346B0DE85763C13AF8CEED2EE266462C5BCE30244A131D6B099E7CCB4668BAFA5F4FA3682786BFC5849238B6C13AFB464C58017D85A887D7D4346F162945CC3184AF68DDAC92845C4CB6CCD1EAF19F78B4A511129A3EA9C82D50FAACE30B7B50"));

            var fixedInfoParam = new FixedInfoParameter()
            {
                AlgorithmId      = algorithmId,
                Encoding         = fixedInfoEncoding,
                L                = l,
                FixedInfoPattern = fixedInfoPattern
            };

            fixedInfoParam.SetFixedInfo(uPartyFixedInfo, vPartyFixedInfo);

            var fixedInfo = _fixedInfoFactory.Get().Get(fixedInfoParam);

            var kdf = _kdfFactory.GetKdf();
            var dkm = kdf.DeriveKey(new KdfParameterOneStep()
            {
                Z                  = z,
                L                  = l,
                AlgorithmId        = algorithmId,
                AuxFunction        = KdaOneStepAuxFunction.SHA2_D256,
                FixedInfoPattern   = fixedInfoPattern,
                FixedInputEncoding = fixedInfoEncoding
            }, fixedInfo);

            Assert.AreEqual(
                new BitString("6D7783F2CB7D9F35A0B8809430A62B152D7C128F960B2827E46130D8955797601DB5263A135BC429D60568EDEB72B656F819CFC348CCC02EEEA7FE589FFA385B").ToHex(),
                dkm.DerivedKey.ToHex());
        }
Example #6
0
 protected SchemeBase(
     SchemeParameters schemeParameters,
     ISecretKeyingMaterial thisPartyKeyingMaterial,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IKdfFactory kdfFactory,
     IKdfParameter kdfParameter,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters keyConfirmationParameter)
 {
     SchemeParameters          = schemeParameters;
     ThisPartyKeyingMaterial   = thisPartyKeyingMaterial;
     _fixedInfoFactory         = fixedInfoFactory;
     _fixedInfoParameter       = fixedInfoParameter;
     _kdfFactory               = kdfFactory;
     _kdfParameter             = kdfParameter;
     _keyConfirmationFactory   = keyConfirmationFactory;
     _keyConfirmationParameter = keyConfirmationParameter;
 }
Example #7
0
 protected SchemeBaseEcc(
     SchemeParameters schemeParameters,
     ISecretKeyingMaterial thisPartyKeyingMaterial,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IKdfFactory kdfFactory,
     IKdfParameter kdfParameter,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters keyConfirmationParameter)
     : base(
         schemeParameters,
         thisPartyKeyingMaterial,
         fixedInfoFactory,
         fixedInfoParameter,
         kdfFactory,
         kdfParameter,
         keyConfirmationFactory,
         keyConfirmationParameter)
 {
 }
Example #8
0
 public SchemeEccFullUnified(
     SchemeParameters schemeParameters,
     ISecretKeyingMaterial thisPartyKeyingMaterial,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IKdfFactory kdfFactory,
     IKdfParameter kdfParameter,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters keyConfirmationParameter,
     IDiffieHellman <EccDomainParameters, EccKeyPair> diffieHellman)
     : base(
         schemeParameters,
         thisPartyKeyingMaterial,
         fixedInfoFactory,
         fixedInfoParameter,
         kdfFactory,
         kdfParameter,
         keyConfirmationFactory,
         keyConfirmationParameter)
 {
     _diffieHellman = diffieHellman;
 }
Example #9
0
 public SchemeEccFullMqv(
     SchemeParameters schemeParameters,
     ISecretKeyingMaterial thisPartyKeyingMaterial,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IKdfFactory kdfFactory,
     IKdfParameter kdfParameter,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters keyConfirmationParameter,
     IMqv <EccDomainParameters, EccKeyPair> mqv)
     : base(
         schemeParameters,
         thisPartyKeyingMaterial,
         fixedInfoFactory,
         fixedInfoParameter,
         kdfFactory,
         kdfParameter,
         keyConfirmationFactory,
         keyConfirmationParameter)
 {
     _mqv = mqv;
 }
 public SchemeFfcDhHybridOneFlow(
     SchemeParameters schemeParameters,
     ISecretKeyingMaterial thisPartyKeyingMaterial,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IKdfFactory kdfFactory,
     IKdfParameter kdfParameter,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters keyConfirmationParameter,
     IDiffieHellman <FfcDomainParameters, FfcKeyPair> diffieHellman)
     : base(
         schemeParameters,
         thisPartyKeyingMaterial,
         fixedInfoFactory,
         fixedInfoParameter,
         kdfFactory,
         kdfParameter,
         keyConfirmationFactory,
         keyConfirmationParameter)
 {
     _diffieHellman = diffieHellman;
 }
Example #11
0
 public SchemeBaseKasOneKeyPair(
     IEntropyProvider entropyProvider,
     SchemeParametersIfc schemeParameters,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters macParameters,
     IKdfVisitor kdfVisitor,
     IKdfParameter kdfParameter,
     IRsaSve rsaSve)
     : base(
         entropyProvider,
         schemeParameters,
         fixedInfoFactory,
         fixedInfoParameter,
         thisPartyKeyingMaterialBuilder,
         keyConfirmationFactory,
         macParameters,
         kdfVisitor,
         kdfParameter,
         rsaSve)
 {
 }
Example #12
0
 public SchemeKts(
     IEntropyProvider entropyProvider,
     SchemeParametersIfc schemeParameters,
     IFixedInfoFactory fixedInfoFactory,
     FixedInfoParameter fixedInfoParameter,
     IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
     IKeyConfirmationFactory keyConfirmationFactory,
     MacParameters macParameters,
     IKtsFactory ktsFactory,
     KtsParameter ktsParameter
     )
     : base
     (
         entropyProvider,
         schemeParameters,
         fixedInfoFactory,
         fixedInfoParameter,
         thisPartyKeyingMaterialBuilder,
         keyConfirmationFactory,
         macParameters)
 {
     _ktsFactory   = ktsFactory;
     _ktsParameter = ktsParameter;
 }
Example #13
0
 public ISchemeIfcBuilder WithFixedInfo(IFixedInfoFactory factory, FixedInfoParameter parameter)
 {
     _fixedInfoFactory   = factory;
     _fixedInfoParameter = parameter;
     return(this);
 }
Example #14
0
        public void BothPartiesShouldKas1()
        {
            var l        = 512;
            var modulo   = 2048;
            var scheme   = IfcScheme.Kas1_basic;
            var kasMode  = KasMode.KdfNoKc;
            var idPartyU = new BitString("1010101010");
            var idPartyV = new BitString("BEEFFACE");

            // Set the key and party id for party u's builder
            _secretKeyingMaterialBuilderPartyU
            .WithKey(null)
            .WithPartyId(idPartyU);

            // Partial party v secret keying material is needed for party U to initialize
            var secretKeyingMaterialPartyV = _secretKeyingMaterialBuilderPartyV
                                             .WithKey(new KeyPair()
            {
                PrivKey = new CrtPrivateKey()
                {
                    P    = new BitString("F79CE837FBD16A6DCF35CBD83F856BF2D4F33F58BF726E82EBB880B55ACEAE6C3A2170788624913968739703D9D3F7BEF2AD9346E8A44568156E5C8D0BD2E16639A4AB36445EA0683927FD04DA83F147458B873B34E710E558B4D6268DCB6165787287CA1A3D497AE9C82EF98A9E1CEB95E9596C3859D9C06FC6748ED88A3169").ToPositiveBigInteger(),
                    Q    = new BitString("CEAF12D64C14E32E4633A597135349A7554952122F9628213E22D96223A22D8C8535C4FB8B705FEC38D3FA839C43D54B3DCDEA1199211993AB9E47AC011B0240B741DAE89E8675405BEC344929D3BF85CEDA7E25E3E5CE601E638101B1BBD96C1D24565BC8A425BBF2CDF7688237F72C9FF867DA881F650E9DA38DC442680E53").ToPositiveBigInteger(),
                    DMP1 = new BitString("0D3261685C9F0203ECF00155929DAF33983251BF04AB9D8ECC261AA2015E86FDA04353E85FC2860804ABE747E910430840E1172A2E860D0FCE473B896BD8758CE9767507B2906DE83788F37A404BEBE40D905DA3C2F3F8984035842293B3FC54D1095014287E2FA32BBE5979C3EF6DE4ED495E2F20B883008055488E5B24E173").ToPositiveBigInteger(),
                    DMQ1 = new BitString("43B8DB9D93D81B46C0950BA256873235C33A4F6399181186EA9B8D180C6B41BA59FCF3764A08E63CB4284E74749D8BE0494BF9F1C41AA00D7DDE658DD8C7308A3925E2800CEB316174F5FE75D162A286488E6E9C2070EF9F6EEE0C73AB171B8D6750E2CD388B45FE6D68AB1C25B270EFC248DA3A40E2E0F920A59882717EFBB9").ToPositiveBigInteger(),
                    IQMP = new BitString("E018E420369A94A74663AF749EF114137AB5A7F01D885043243F328C1BE84EA82347BEDA0DA7407B77F01931FAF527A9EF73385FAFA2C7787682EEB05E0E1D6580F81355205A983F867BAE116CBBB4D2968BEB3D955C5AA13F22D40ACDD921F8ADD87DF5134A06037E1EF08FE93A103C8F0B6571309A59234B2511E93D1F2C48").ToPositiveBigInteger()
                },
                PubKey = new PublicKey()
                {
                    E = new BitString("3BCF32AB").ToPositiveBigInteger(),
                    N = new BitString("C7E9995819FC7F3CFF7CB2660A43BBFD8336C50203ED07FDDBC17325D96AA2BE21BCFC218CBB8CBF6947210C06C298B58AB52BAF88841A34DE5A7425920E86B2064D92A8F4ABB356A9A7E8D21138CB5BB0A47D53CE01895AB2FCAEF27E8DC2AD00DA0DDD7E7681C6214CABD8D8324A0258E625D3D807595B364690DAFEF5935947EAE69E5184E42E7C8DB4121CF8A4B89E92A4096790B6C7437FB4AC126FAF6F5D9F81292042D29A510E8C6795F06F8E8EDCBFF5FBE37664510CBC003C1C5BDA3A5548D38DBCE5E6C48ABA1A395D2983B843E653663587AC4514E437C828E66D66009063930CDE90DBADE3A6F7D54E07614B3E3116B15DD80772DC6CE829C30B").ToPositiveBigInteger()
                }
            })
                                             .WithPartyId(idPartyV)
                                             .Build(
                scheme,
                kasMode,
                KeyAgreementRole.ResponderPartyV,
                KeyConfirmationRole.None,
                KeyConfirmationDirection.None,
                false);

            var fixedInfoParameter = new FixedInfoParameter()
            {
                L = l,
            };

            // KDF
            IKdfParameter kdfParam         = null;
            var           kdfConfiguration = new OneStepConfiguration()
            {
                L                 = l,
                SaltLen           = 128,
                SaltMethod        = MacSaltMethod.Default,
                FixedInfoEncoding = FixedInfoEncoding.Concatenation,
                FixedInfoPattern  = "l|uPartyInfo|vPartyInfo",
                AuxFunction       = KdaOneStepAuxFunction.HMAC_SHA2_D224
            };

            if (KeyGenerationRequirementsHelper.IfcKdfSchemes.Contains(scheme))
            {
                kdfParam = kdfConfiguration.GetKdfParameter(_kdfParameterVisitor);

                fixedInfoParameter.Encoding         = kdfConfiguration.FixedInfoEncoding;
                fixedInfoParameter.FixedInfoPattern = kdfConfiguration.FixedInfoPattern;
                fixedInfoParameter.Salt             = kdfParam.Salt;
            }

            // KTS
            KtsParameter ktsParam         = null;
            var          ktsConfiguration = new KtsConfiguration()
            {
                Encoding = FixedInfoEncoding.Concatenation,
                AssociatedDataPattern = "l|uPartyInfo|vPartyInfo",
                HashAlg = KasHashAlg.SHA2_D224
            };

            if (KeyGenerationRequirementsHelper.IfcKtsSchemes.Contains(scheme))
            {
                fixedInfoParameter.Encoding         = ktsConfiguration.Encoding;
                fixedInfoParameter.FixedInfoPattern = ktsConfiguration.AssociatedDataPattern;

                ktsParam = new KtsParameter()
                {
                    Encoding = ktsConfiguration.Encoding,
                    AssociatedDataPattern = ktsConfiguration.AssociatedDataPattern,
                    KtsHashAlg            = ktsConfiguration.HashAlg
                };
            }

            // MAC
            MacParameters    macParam         = null;
            MacConfiguration macConfiguration = new MacConfiguration()
            {
                KeyLen  = 128,
                MacLen  = 128,
                MacType = KeyAgreementMacType.HmacSha2D224
            };
            IKeyConfirmationFactory kcFactory = null;

            if (KeyGenerationRequirementsHelper.IfcKcSchemes.Contains(scheme))
            {
                macParam = new MacParameters(
                    macConfiguration.MacType,
                    macConfiguration.KeyLen,
                    macConfiguration.MacLen);

                kcFactory = _keyConfirmationFactory;
            }

            // Initialize Party U KAS
            _schemeBuilderPartyU
            .WithSchemeParameters(new SchemeParametersIfc(
                                      new KasAlgoAttributesIfc(scheme, modulo, l),
                                      KeyAgreementRole.InitiatorPartyU,
                                      kasMode,
                                      KeyConfirmationRole.None,
                                      KeyConfirmationDirection.None,
                                      KasAssurance.None,
                                      idPartyU
                                      ))
            .WithFixedInfo(_fixedInfoFactory, fixedInfoParameter)
            .WithKdf(_kdfFactory, kdfParam)
            .WithKts(_ktsFactory, ktsParam)
            .WithKeyConfirmation(kcFactory, macParam)
            .WithEntropyProvider(_entropyProvider)
            .WithRsaSve(_rsaSve)
            .WithThisPartyKeyingMaterialBuilder(_secretKeyingMaterialBuilderPartyU);

            var kasPartyU = _kasBuilderPartyU
                            .WithSchemeBuilder(_schemeBuilderPartyU)
                            .Build();

            kasPartyU.InitializeThisPartyKeyingMaterial(secretKeyingMaterialPartyV);
            var initializedKeyingMaterialPartyU = kasPartyU.Scheme.ThisPartyKeyingMaterial;


            // Initialize Party V KAS
            _schemeBuilderPartyV
            .WithSchemeParameters(new SchemeParametersIfc(
                                      new KasAlgoAttributesIfc(scheme, modulo, l),
                                      KeyAgreementRole.ResponderPartyV,
                                      kasMode,
                                      KeyConfirmationRole.None,
                                      KeyConfirmationDirection.None,
                                      KasAssurance.None,
                                      idPartyV
                                      ))
            .WithFixedInfo(_fixedInfoFactory, fixedInfoParameter)
            .WithKdf(_kdfFactory, kdfParam)
            .WithKts(_ktsFactory, ktsParam)
            .WithKeyConfirmation(kcFactory, macParam)
            .WithEntropyProvider(_entropyProvider)
            .WithRsaSve(_rsaSve)
            .WithThisPartyKeyingMaterialBuilder(_secretKeyingMaterialBuilderPartyV);

            var kasPartyV = _kasBuilderPartyV
                            .WithSchemeBuilder(_schemeBuilderPartyV)
                            .Build();

            kasPartyV.InitializeThisPartyKeyingMaterial(initializedKeyingMaterialPartyU);

            var initializedKeyingMaterialPartyV = kasPartyV.Scheme.ThisPartyKeyingMaterial;

            var resultPartyU = kasPartyU.ComputeResult(initializedKeyingMaterialPartyV);
            var resultPartyV = kasPartyV.ComputeResult(resultPartyU.KeyingMaterialPartyU);

            Assert.AreEqual(resultPartyU.Dkm.ToHex(), resultPartyV.Dkm.ToHex());
        }
Example #15
0
        public void Sample()
        {
            var l        = 512;
            var modulo   = 2048;
            var scheme   = IfcScheme.Kts_oaep_partyV_keyConfirmation;
            var kasMode  = KasMode.NoKdfKc;
            var idPartyU = new BitString("434156536964");
            var idPartyV = new BitString("123456ABCD");

            // Set the key and party id for party u's builder
            _secretKeyingMaterialBuilderPartyU
            .WithKey(null)
            .WithC(new BitString("61489C8AE69AA4B55AE296C98656751883F1F27C6D861019E9AAE9198EEFE4B6105DB0C7009A320DA52AFF699B816124CF986F8426AFFB48397054176A22EC46E81145ADEAB0B2D9C12725281115578D6A6FD8F8E605EDCC4DB6DC4068CB77E504C8529D248422E91ECF70A5F7CEDBB16EE3C503FF6E58C026228CAFB4F0A55B4C358665EA60A95522BEC50FA1538FAAC758EF7DB72A20B1E38C87C009D9C8A7D1D3F9999F465FD32C8A486C72D9407A9D136A6E68615F4EB3C6D463596DB867FC05EAED52B700EF4B7BF7D0005DBB9D30F57AA6CFBAC46E134E5E31BF106F0B38752A443C73CEF7D7C6C0C0B6A52F5E837A028196460068A0967E53E02FDE69"))
            .WithPartyId(idPartyU);

            // Partial party v secret keying material is needed for party U to initialize
            var secretKeyingMaterialPartyV = _secretKeyingMaterialBuilderPartyV
                                             .WithKey(new KeyPair()
            {
                PrivKey = new PrivateKey()
                {
                    P = new BitString("DD03D104A0691B7CD884FE341A62283961814F082DA1725E76B08FF15530C110E42FD8CA4A663507F01DE2BEBCB321750C7E78C6CAE6C6B6CE1B6AD5710B9ABA43BAE73BD834B7DA4719EFF357417AE08601FDF0EB05CBCC6AB0FF01407C20DF113A003693A776096E64CB95B33166CE1DAB5292EBABF543F07BE34E3E253E13").ToPositiveBigInteger(),
                    Q = new BitString("C45280305C0A92347463D05A94CA75BA5145EF0417855E5574319ACC80C135FE5E86C16FA172039502689BBC568315C737A59C7FD46D2886C221A35FA0959C102026DDAA92AC5FEEC5C372400C207718903A611DD155253C31541C0061C85975A8A7DCCD9BA60298C26ED5FAA959DADE210427F90A45B7FCF479509544215C9B").ToPositiveBigInteger(),
                    D = new BitString("0720E1FD614A1A00B649FCC0147E3A88F0AE7AA3F5D7FD71A8A220DD83EBE88AB490CACB2F6BD071532D4F8C87C8C4C72A3B3298B7B6377344CCD14D32BC973434E4B63ED6F8690E9316B5CB73BBFB74143B85D66FA31A65EB913F8E2931AB173DA04F79EE5E97401D3C98BCACBA35CB2BE9EEBCD6A6DCD8B3C5322807F96D0AEA3C04AA3CD123735C1AF0E08F86D435912CF7188E435A7C224AE954329DEB4B77BE2A5C529EA8D20E059BD891F8732AA4AC279C555EF7F5709A7CD36CABEFB5B99E13D00B1A18CC2ED056E1BB6FB71B6AAEAD4CBE453EF04A412D92A6850EAC6765D091A3F9EF5844EB695E754512077D6C5D4ECDDEF80C4EC5A32CF8379541").ToPositiveBigInteger(),
                },
                PubKey = new PublicKey()
                {
                    E = new BitString("3BDEA4775FE1").ToPositiveBigInteger(),
                    N = new BitString("A97E25EC26FBDB464F81CA5E1BBE412485961ECE7C0003E8EDFC63B6946F6B3E42B13235F7FC4EF52AD5719C67B8BF5F492CF3D7721AEAD0DEE44B867BF55C388BE3B2D4FD04737846032DA940B8596D423CE2D965A6FC724600411BCF2C5BA4931EE7E8943718366EC33D7079F58487161F9951CFD38CC7E3E29264677F744BD09C7D0CD1FC1B9B417D3C1CFF53A0B32354CEC86719379632BB1A4E9F3834159BF39FED2A7A2A16F8AA45524712AE6FCF31B87BCDB8C77434FCBEB061006D38F5C7FCB62CB44669A28EFAD975D31E30C64083168AC0F97922AA3C0FA214C2F1F492A16F6002A3CE003C64DBF1525C5EEFEEBE411E6721567858B70E0F4E6981").ToPositiveBigInteger()
                }
            })
                                             .WithPartyId(idPartyV)
                                             .Build(
                scheme,
                kasMode,
                KeyAgreementRole.ResponderPartyV,
                KeyConfirmationRole.None,
                KeyConfirmationDirection.None,
                false);

            var fixedInfoParameter = new FixedInfoParameter()
            {
                L = l,
            };

            // KTS
            KtsParameter ktsParam         = null;
            var          ktsConfiguration = new KtsConfiguration()
            {
                Encoding = FixedInfoEncoding.None,
                AssociatedDataPattern = "",
                HashAlg = KasHashAlg.SHA2_D224
            };

            if (KeyGenerationRequirementsHelper.IfcKtsSchemes.Contains(scheme))
            {
                fixedInfoParameter.Encoding         = ktsConfiguration.Encoding;
                fixedInfoParameter.FixedInfoPattern = ktsConfiguration.AssociatedDataPattern;

                ktsParam = new KtsParameter()
                {
                    Encoding = ktsConfiguration.Encoding,
                    AssociatedDataPattern = ktsConfiguration.AssociatedDataPattern,
                    KtsHashAlg            = ktsConfiguration.HashAlg
                };
            }

            // MAC
            MacParameters    macParam         = null;
            MacConfiguration macConfiguration = new MacConfiguration()
            {
                KeyLen  = 128,
                MacLen  = 224,
                MacType = KeyAgreementMacType.Kmac_128
            };
            IKeyConfirmationFactory kcFactory = null;

            if (KeyGenerationRequirementsHelper.IfcKcSchemes.Contains(scheme))
            {
                macParam = new MacParameters(
                    macConfiguration.MacType,
                    macConfiguration.KeyLen,
                    macConfiguration.MacLen);

                kcFactory = _keyConfirmationFactory;
            }

            // Build keying material from party u
            var initializedKeyingMaterialPartyU = _secretKeyingMaterialBuilderPartyU.Build(
                scheme,
                KasMode.NoKdfKc,
                KeyAgreementRole.InitiatorPartyU,
                KeyConfirmationRole.Recipient,
                KeyConfirmationDirection.Unilateral);

            // Initialize Party V KAS
            _schemeBuilderPartyV
            .WithSchemeParameters(new SchemeParametersIfc(
                                      new KasAlgoAttributesIfc(scheme, modulo, l),
                                      KeyAgreementRole.ResponderPartyV,
                                      kasMode,
                                      KeyConfirmationRole.Provider,
                                      KeyConfirmationDirection.Unilateral,
                                      KasAssurance.None,
                                      idPartyV
                                      ))
            .WithFixedInfo(_fixedInfoFactory, fixedInfoParameter)
            .WithKts(_ktsFactory, ktsParam)
            .WithKeyConfirmation(kcFactory, macParam)
            .WithEntropyProvider(_entropyProvider)
            .WithRsaSve(_rsaSve)
            .WithThisPartyKeyingMaterialBuilder(_secretKeyingMaterialBuilderPartyV);

            var kasPartyV = _kasBuilderPartyV
                            .WithSchemeBuilder(_schemeBuilderPartyV)
                            .Build();

            kasPartyV.InitializeThisPartyKeyingMaterial(initializedKeyingMaterialPartyU);
            kasPartyV.Scheme.ThisPartyKeyingMaterial = secretKeyingMaterialPartyV;

            var expectedDkm = new BitString("ACEC7886E4FD2CDC5763ACCBDAA5CBEBC1704CDD05B2606256535777CF1C8E6AD335559AB2CBC63551650CA8E0C7CE2895D53E36927B7C02862B52AA327E4164");

            var resultPartyV = kasPartyV.ComputeResult(initializedKeyingMaterialPartyU);

            Console.WriteLine(resultPartyV.Dkm.ToHex());
            Assert.AreEqual(expectedDkm.ToHex(), resultPartyV.Dkm.ToHex());
        }
Example #16
0
        private void GetDataFromPiece(Dictionary <string, BitString> fixedInfoParts, string workingPiece, FixedInfoParameter fixedInfoParameter)
        {
            if (workingPiece.Equals("uPartyInfo", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, BitString.GetAtLeastZeroLengthBitString(fixedInfoParameter.FixedInfoPartyU.PartyId)
                                   .ConcatenateBits(
                                       BitString.GetAtLeastZeroLengthBitString(fixedInfoParameter.FixedInfoPartyU.EphemeralData)));
                return;
            }

            if (workingPiece.Equals("uPartyId", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, BitString.GetAtLeastZeroLengthBitString(fixedInfoParameter.FixedInfoPartyU.PartyId));
                return;
            }

            if (workingPiece.Equals("uEphemeralData", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, BitString.GetAtLeastZeroLengthBitString(fixedInfoParameter.FixedInfoPartyU.EphemeralData));
                return;
            }

            if (workingPiece.Equals("vPartyInfo", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, BitString.GetAtLeastZeroLengthBitString(fixedInfoParameter.FixedInfoPartyV.PartyId)
                                   .ConcatenateBits(
                                       BitString.GetAtLeastZeroLengthBitString(fixedInfoParameter.FixedInfoPartyV.EphemeralData)));
                return;
            }

            if (workingPiece.Equals("vPartyId", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, BitString.GetAtLeastZeroLengthBitString(fixedInfoParameter.FixedInfoPartyV.PartyId));
                return;
            }

            if (workingPiece.Equals("vEphemeralData", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, BitString.GetAtLeastZeroLengthBitString(fixedInfoParameter.FixedInfoPartyV.EphemeralData));
                return;
            }

            if (workingPiece.Equals("L", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, BitString.To32BitString(fixedInfoParameter.L));
                return;
            }

            if (workingPiece.Equals("salt", StringComparison.OrdinalIgnoreCase))
            {
                if (fixedInfoParameter.Salt?.BitLength > 0)
                {
                    // We only want to add the salt to the fixed info when it isn't the default
                    if (fixedInfoParameter.Salt.ToPositiveBigInteger() == 0)
                    {
                        return;
                    }
                    fixedInfoParts.Add(workingPiece, fixedInfoParameter.Salt);
                }
                return;
            }

            if (workingPiece.Equals("iv", StringComparison.OrdinalIgnoreCase))
            {
                if (fixedInfoParameter.Iv?.BitLength > 0)
                {
                    fixedInfoParts.Add(workingPiece, fixedInfoParameter.Iv);
                }
                return;
            }

            if (workingPiece.Equals("counter", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, new BitString(32).BitStringAddition(BitString.One()));
                return;
            }

            if (workingPiece.Equals("algorithmId", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, fixedInfoParameter.AlgorithmId);
                return;
            }

            if (workingPiece.Equals("label", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, fixedInfoParameter.Label);
                return;
            }

            if (workingPiece.Equals("context", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, fixedInfoParameter.Context);
                return;
            }

            if (workingPiece.Equals("t", StringComparison.OrdinalIgnoreCase))
            {
                fixedInfoParts.Add(workingPiece, fixedInfoParameter.T);
                return;
            }

            if (workingPiece.StartsWith("literal[", StringComparison.OrdinalIgnoreCase))
            {
                // remove the "literal[]" to get just the hex value
                workingPiece = workingPiece.Replace("literal[", "").Replace("]", "");
                fixedInfoParts.Add(workingPiece, new BitString(workingPiece));
                return;
            }

            if (workingPiece.StartsWith("entropyBits[", StringComparison.OrdinalIgnoreCase))
            {
                workingPiece = workingPiece.Replace("entropyBits[", "").Replace("]", "");
                int.TryParse(workingPiece, out var result);
                fixedInfoParts.Add("entropyBits", fixedInfoParameter.EntropyBits);
                return;
            }

            throw new ArgumentException($"{nameof(workingPiece)}: {workingPiece}");
        }