/// <summary>
///
/// </summary>
/// <param name="data"></param>
/// <param name="key"></param>
/// <returns></returns>
public static byte[] ComputeMacForIntegrity(this byte[] data, KeyParameter key)
{
/*
* The computation of an s-byte MAC (4 ≤ s ≤ 8; see MAC algorithms) is according to ISO/IEC 9797-1 [2] using a 64-bit block cipher ALG in CBC mode as specified in ISO/IEC 10116. More precisely, the computation of a MAC S over a message MSG consisting of an arbitrary number of bytes with a MAC Session Key K$$_{{\rm S}}$$ takes place in the following steps:
* 1. Padding and Blocking
* Pad the message M according to ISO/IEC 7816-4 (which is equivalent to method 2 of ISO/IEC 9797-1), hence add a mandatory ‘80’ byte to the right of MSG, and then add the smallest number of ‘00’ bytes to the right such that the length of resulting message MSG := (MSG ‖ ‖ ‘80’ ‖ ‖ ‘00’ ‖ ‖ ‘00’ ‖ ‖ … ‖ ‖ ‘00’) is a multiple of 8 bytes.
* MSG is then divided into 8-byte blocks $$X_{1}$$, $$X_{2}$$, $$\ldots$$, $$X_{{\rm k}}$$.
* 2. MAC Session Key
* The MAC Session Key $$K_{{\rm S}}$$ either consists of only a leftmost key block $$K_{{\rm S}} = K_{{\rm SL}}$$ or the concatenation of a leftmost and a rightmost key block $$K_{{\rm S}} = (K_{{\rm SL} }\vert \vert K_{\rm SR})$$.
* 3. Cryptogram Computation
* Process the 8-byte blocks $$X_{1}$$, $$X_{2}$$, …, $$X_{{k}}$$ with the block cipher in CBC mode (see modes ofoperation) using the leftmost MAC Session Key block $$K_{{\rm SL}}$$:
* $${H}_{{i}} := {\rm ALG}({K}_{{\rm SL}})[{X}_{{i}} \oplus {H}_{{i} - 1}], {\rm for } i = 1, 2, \ldots, {k}$$
* with initial value $$H_{0}$$ := (‘00’ ‖ ‖ ‘00’ ‖ ‖ ‘00’ ‖ ‖ ‘00’ ‖ ‖ ‘00’ ‖ ‖ ‘00’ ‖ ‖ ‘00’ ‖ ‖ ‘00’).
* Compute the 8-byte block $$H_{{k} + 1}$$ in one of the following two ways:
* • According to ISO/IEC 9797-1 Algorithm 1:
* $${H}_{{k}+1} := {H}_{{k}}.$$
* • According to Optional Process 1 of ISO/IEC 9797-1 Algorithm 3:
* $${H}_{{k}+1} := {\rm ALG}({K}_{{\rm SL}})[{\rm ALG}^{-1}({K}_{{\rm SR}})[{H}_{{k}}]].$$
* The MAC S is then equal to the s most significant bytes of $$H_{{k} + 1}$$.
*/
IBlockCipher cipher = new DesEngine();
IMac mac = new ISO9797Alg3Mac(cipher, 64, new ISO7816d4Padding());
mac.Init(key);
mac.BlockUpdate(data, 0, data.Length);
var m = new byte[mac.GetMacSize()];
mac.DoFinal(m, 0);
return(m);
}
/// <summary>
///
/// </summary>
/// <param name="data"></param>
/// <param name="key"></param>
/// <returns></returns>
public static byte[] ComputeMacForPersoCryptogram(this byte[] data, KeyParameter key)
{
IBlockCipher cipher = new DesEdeEngine();
IMac mac = new ISO9797Alg3Mac(cipher, 64, new ISO7816d4Padding());
mac.Init(key);
mac.BlockUpdate(data, 0, data.Length);
var m = new byte[mac.GetMacSize()];
mac.DoFinal(m, 0);
return(m);
}