/// <summary>
/// Calculates the message signature (HMAC-SHA256).
/// </summary>
/// <returns>The message signature.</returns>
/// <param name="bytes">Signature bytes.</param>
public byte[] CalculateMessageSignature(byte[] bytes)
{
return(MacUtilities.CalculateMac(
"HMAC-SHA256",
new KeyParameter(_hmacSecret),
bytes));
}
/// <summary>
/// Generates a signature using the specified signatureType
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="consumerSecret">The consumer seceret</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="signatureType">The type of signature to use</param>
/// <returns>A base64 string of the hash value</returns>
public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
normalizedUrl = null;
normalizedRequestParameters = null;
switch (signatureType)
{
case SignatureTypes.PLAINTEXT:
return(WebUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret)));
case SignatureTypes.HMACSHA1:
string signatureBase = GenerateSignatureBase(url, consumerKey, token, httpMethod, timeStamp, nonce, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters);
if (string.IsNullOrEmpty(signatureBase))
{
throw new ArgumentNullException("data");
}
byte[] hmacKey = StringToAscii(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)));
//HMACSHA1 hmacsha1 = new HMACSHA1(hmacKey);
byte[] dataBuffer = StringToAscii(signatureBase);
//byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer);
byte[] hashBytes = MacUtilities.CalculateMac("HMAC-SHA1", new KeyParameter(hmacKey), dataBuffer);
return(Convert.ToBase64String(hashBytes));
case SignatureTypes.RSASHA1:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
private static byte[] GenerateHkdf(byte[] salt, byte[] ikm, byte[] info, int len)
{
IMac prkGen = MacUtilities.GetMac("HmacSHA256");
prkGen.Init(new KeyParameter(MacUtilities.CalculateMac("HmacSHA256", new KeyParameter(salt), ikm)));
prkGen.BlockUpdate(info, 0, info.Length);
prkGen.Update(1);
byte[] result = MacUtilities.DoFinal(prkGen);
if (result.Length > len)
{
Array.Resize(ref result, len);
}
return(result);
}
public static byte[] GenerateHKDF(byte[] salt, byte[] ikm, byte[] info, int len)
{
IMac PRKGen = MacUtilities.GetMac("HmacSHA256");
PRKGen.Init(new KeyParameter(MacUtilities.CalculateMac("HmacSHA256", new KeyParameter(salt), ikm)));
PRKGen.BlockUpdate(info, 0, info.Length);
PRKGen.Update((byte)1);
byte[] Result = MacUtilities.DoFinal(PRKGen);
if (Result.Length > len)
{
Array.Resize(ref Result, len);
}
return(Result);
}
public override void PerformTest()
{
base.PerformTest();
millionATest(million_a_digest);
byte[] data = Strings.ToUtf8ByteArray("fred");
KeyParameter key = new KeyParameter(Pkcs5S1ParametersGenerator.Pkcs5PasswordToUtf8Bytes("1".ToCharArray()));
byte[] mac = MacUtilities.CalculateMac("HMAC/GOST3411", key, data);
if (!Arrays.AreEqual(Hex.Decode("e9f98610cfc80084462b175a15d2b4ec10b2ab892eae5a6179d572d9b1db6b72"), mac))
{
Fail("mac calculation failed.");
}
}
public void CanStretchKeysUsingBouncyCastle(string curve, string cipher, string hash)
{
var ekeypair1 = EphemeralKeyPair.Generate(curve);
var ekeypair2 = EphemeralKeyPair.Generate(curve);
var secret1 = ekeypair1.GenerateSharedKey(ekeypair2.PublicKey);
var secret2 = ekeypair2.GenerateSharedKey(ekeypair1.PublicKey);
var stretched1 = StretchedKeys.Generate(cipher, hash, secret1);
var stretched2 = StretchedKeys.Generate(cipher, hash, secret2);
var raw = Encoding.UTF8.GetBytes("Hello world, this should be encrypted.");
byte[] encoded = null;
byte[] decoded = null;
cipher = cipher.Split('-').First();
hash = "HMAC" + hash;
var cipherKey1 = new ParametersWithIV(ParameterUtilities.CreateKeyParameter(cipher, stretched1.Item1.CipherKey), stretched1.Item1.IV);
var cipherKey2 = new ParametersWithIV(ParameterUtilities.CreateKeyParameter(cipher, stretched2.Item1.CipherKey), stretched2.Item1.IV);
var encryptor = CipherUtilities.GetCipher(cipher + "/CTR/NoPadding");
encryptor.Init(true, cipherKey1);
encoded = encryptor.DoFinal(raw);
encoded = encoded.Append(MacUtilities.CalculateMac(hash, new KeyParameter(stretched1.Item1.MacKey), encoded));
var decryptor = CipherUtilities.GetCipher(cipher + "/CTR/NoPadding");
decryptor.Init(false, cipherKey2);
var mac = MacUtilities.GetMac(hash);
mac.Init(new KeyParameter(stretched2.Item1.MacKey));
var digest = encoded.Slice(encoded.Length - mac.GetMacSize());
Assert.Equal(MacUtilities.DoFinal(mac, encoded.Slice(0, encoded.Length - digest.Length)), digest);
decoded = decryptor.DoFinal(encoded, 0, encoded.Length - digest.Length);
Assert.Equal(Encoding.UTF8.GetString(decoded), Encoding.UTF8.GetString(raw));
}
public static byte[] CalculateHMAC(byte[] key, byte[] data)
{
return(MacUtilities.CalculateMac("HMAC-SHA256", new KeyParameter(key), data));
}