public void ShouldVerifyRandomlyGeneratedSignatures(ModeValues mode, DigestSizes digest, Curve curveEnum)
{
var nonces = new List <BigInteger>();
var hashFunction = new HashFunction(mode, digest);
var shaFactory = new NativeShaFactory();
var sha = shaFactory.GetShaInstance(hashFunction);
var hmacFactory = new HmacFactory(shaFactory);
var hmac = hmacFactory.GetHmacInstance(hashFunction);
var subject = new EccDsa(sha, new DeterministicNonceProvider(hmac), EntropyProviderTypes.Random);
var curveFactory = new EccCurveFactory();
var curve = curveFactory.GetCurve(curveEnum);
var domainParams = new EccDomainParameters(curve);
var key = subject.GenerateKeyPair(domainParams).KeyPair;
var rand = new Random800_90();
for (var i = 0; i < 100; i++)
{
var message = rand.GetRandomBitString(1024);
var signature = subject.Sign(domainParams, key, message).Signature;
var verify = subject.Verify(domainParams, key, message, signature);
nonces.Add(signature.R);
Assert.IsTrue(verify.Success, verify.ErrorMessage);
}
// Check nonces for uniqueness
Assert.AreEqual(nonces.Count, nonces.Distinct().Count(), "Repeated nonce detected");
}
public void HmacSha512Test(string data, string key, string hex)
{
var function = HmacFactory.Create(HmacTypes.HmacSha512, key);
var hashVal = function.ComputeHash(data);
hashVal.GetHexString(true).ShouldBe(hex);
}
public void Setup()
{
var shaFactory = new NativeShaFactory();
var hmacFactory = new HmacFactory(shaFactory);
var entropyFactory = new EntropyProviderFactory();
var rsa = new Rsa(new RsaVisitor());
var kdfVisitor = new KdfVisitor(
new KdfOneStepFactory(shaFactory, new HmacFactory(shaFactory), new KmacFactory(new CSHAKEWrapper())),
new Crypto.KDF.KdfFactory(new CmacFactory(new BlockCipherEngineFactory(), new ModeBlockCipherFactory()),
hmacFactory), hmacFactory,
new CmacFactory(new BlockCipherEngineFactory(), new ModeBlockCipherFactory()),
new IkeV1Factory(hmacFactory, shaFactory),
new IkeV2Factory(hmacFactory),
new TlsKdfFactory(hmacFactory),
new HkdfFactory(hmacFactory));
_rsaSve = new RsaSve(rsa, _entropyProvider);
_kasBuilderPartyU = new KasIfcBuilder();
_schemeBuilderPartyU = new SchemeIfcBuilder(kdfVisitor);
_kasBuilderPartyV = new KasIfcBuilder();
_schemeBuilderPartyV = new SchemeIfcBuilder(kdfVisitor);
_secretKeyingMaterialBuilderPartyU = new IfcSecretKeyingMaterialBuilder();
_secretKeyingMaterialBuilderPartyV = new IfcSecretKeyingMaterialBuilder();
_kdfFactory = new KdfFactory(kdfVisitor);
_kdfParameterVisitor = new KdfParameterVisitor(entropyFactory.GetEntropyProvider(EntropyProviderTypes.Random));
_ktsFactory = new KtsFactory(shaFactory, rsa, entropyFactory);
_keyConfirmationFactory = new KeyConfirmationFactory(new KeyConfirmationMacDataCreator());
_fixedInfoFactory = new FixedInfoFactory(new FixedInfoStrategyFactory());
}
public void ShouldDemonstrateCurvePaddingIssue(Curve curve, bool hasIssue)
{
var shaFactory = new NativeShaFactory();
var hmacFactory = new HmacFactory(shaFactory);
var nonceProviderFactory = new EccNonceProviderFactory();
var entropyFactory = new EntropyProviderFactory();
var dsaFactory = new DsaEccFactory(shaFactory, hmacFactory, nonceProviderFactory, entropyFactory);
var dsa = dsaFactory.GetInstanceForKeys(entropyFactory.GetEntropyProvider(EntropyProviderTypes.Random));
var domainParameters = new EccDomainParameters(new EccCurveFactory().GetCurve(curve));
var key1 = dsa.GenerateKeyPair(domainParameters).KeyPair;
var key2 = dsa.GenerateKeyPair(domainParameters).KeyPair;
var calculationOldZ = new BadPaddingDiffieHellmanEcc().GenerateSharedSecretZ(domainParameters, key1, key2);
var calculationNewZ = new DiffieHellmanEcc().GenerateSharedSecretZ(domainParameters, key1, key2);
if (hasIssue)
{
Assert.AreNotEqual(calculationOldZ.SharedSecretZ.ToHex(), calculationNewZ.SharedSecretZ.ToHex());
}
else
{
Assert.AreEqual(calculationOldZ.SharedSecretZ.ToHex(), calculationNewZ.SharedSecretZ.ToHex());
}
}
public void ShouldIkeV2Correctly(ModeValues mode, DigestSizes digestSize, int dkmLength, string niHex, string nrHex, string girHex, string girNewHex, string spiiHex, string spirHex, string sKeySeedHex, string dkmHex, string dkmChildSAHex, string dkmChildSADhHex, string SKeySeedReKeyHex)
{
var ni = new BitString(niHex);
var nr = new BitString(nrHex);
var gir = new BitString(girHex);
var girNew = new BitString(girNewHex);
var spii = new BitString(spiiHex);
var spir = new BitString(spirHex);
var sKeySeed = new BitString(sKeySeedHex);
var dkm = new BitString(dkmHex);
var dkmChildSA = new BitString(dkmChildSAHex);
var dkmChildSADh = new BitString(dkmChildSADhHex);
var sKeySeedReKey = new BitString(SKeySeedReKeyHex);
var hmac = new HmacFactory(new NativeShaFactory()).GetHmacInstance(new HashFunction(mode, digestSize));
var subject = new IkeV2(hmac);
var result = subject.GenerateIke(ni, nr, gir, girNew, spii, spir, dkmLength);
Assert.IsTrue(result.Success);
Assert.AreEqual(sKeySeed, result.SKeySeed, "SKeySeed");
Assert.AreEqual(dkm, result.DKM, "DKM");
Assert.AreEqual(dkmChildSA, result.DKMChildSA, "DKMChildSA");
Assert.AreEqual(dkmChildSADh, result.DKMChildSADh, "DKMChildSADh");
Assert.AreEqual(sKeySeedReKey, result.SKeySeedReKey, "SKeySeedReKey");
}
public void ShouldHmacCorrectlySpotChecks(ModeValues mode, DigestSizes digestSize, int macLen, string msgHex, string keyHex, string expectedHex)
{
var hmacFactory = new HmacFactory(new NativeShaFactory());
var hmac = hmacFactory.GetHmacInstance(new HashFunction(mode, digestSize));
var msg = new BitString(msgHex);
var key = new BitString(keyHex);
var expected = new BitString(expectedHex);
var result = hmac.Generate(key, msg, macLen);
Assert.That(result.Success);
Assert.AreEqual(expected.ToHex(), result.Mac.ToHex());
}
public void ShouldHmacCorrectly(string label, ModeValues mode, DigestSizes digestSize, int keyByteSize, int additionToIndexInKey, BitString expectedHmac, int macLength)
{
var hashFunction = new HashFunction(mode, digestSize);
var factory = new HmacFactory(new NativeShaFactory());
_subject = factory.GetHmacInstance(hashFunction);
var key = GenKey(keyByteSize, additionToIndexInKey);
var message = GetBitStringFromString(label);
var result = _subject.Generate(key, message, macLength);
Assert.AreEqual(expectedHmac.ToHex(), result.Mac.ToHex());
}
public void HkdfShouldProduceCorrectResults(ModeValues mode, DigestSizes digest, string ikm, string salt, string info, int length, string okm)
{
var hmac = new HmacFactory(new NativeShaFactory()).GetHmacInstance(new HashFunction(mode, digest));
var hkdf = new Hkdf(hmac);
var ikmBs = new BitString(ikm);
var saltBs = new BitString(salt);
var infoBs = new BitString(info);
var okmBs = new BitString(okm);
var result = hkdf.DeriveKey(saltBs, ikmBs, infoBs, length);
Assert.IsTrue(result.Success);
Assert.AreEqual(okmBs, result.DerivedKey);
}
public void Setup()
{
_shaFactory = new NativeShaFactory();
IHmacFactory hmacFactory = new HmacFactory(_shaFactory);
IKmacFactory kmacFactory = new KmacFactory(new CSHAKEWrapper());
ICmacFactory cmacFactory = new CmacFactory(new BlockCipherEngineFactory(), new ModeBlockCipherFactory());
_kdfVisitor = new KdfVisitor(
new KdfOneStepFactory(_shaFactory, hmacFactory, kmacFactory),
new KdfFactory(cmacFactory, hmacFactory),
hmacFactory,
cmacFactory,
new IkeV1Factory(hmacFactory, _shaFactory),
new IkeV2Factory(hmacFactory),
new TlsKdfFactory(hmacFactory),
new HkdfFactory(hmacFactory));
}
public void Setup()
{
// Can't mock this up easily, needs properties from an actual HashFunction
_subject = new HmacFactory(new NativeShaFactory());
}
