public void Setup()
{
var shaFactory = new NativeShaFactory();
var hmacFactory = new HmacFactory(shaFactory);
var entropyFactory = new EntropyProviderFactory();
var rsa = new Rsa(new RsaVisitor());
var kdfVisitor = new KdfVisitor(
new KdfOneStepFactory(shaFactory, new HmacFactory(shaFactory), new KmacFactory(new CSHAKEWrapper())),
new Crypto.KDF.KdfFactory(new CmacFactory(new BlockCipherEngineFactory(), new ModeBlockCipherFactory()),
hmacFactory), hmacFactory,
new CmacFactory(new BlockCipherEngineFactory(), new ModeBlockCipherFactory()),
new IkeV1Factory(hmacFactory, shaFactory),
new IkeV2Factory(hmacFactory),
new TlsKdfFactory(hmacFactory),
new HkdfFactory(hmacFactory));
_rsaSve = new RsaSve(rsa, _entropyProvider);
_kasBuilderPartyU = new KasIfcBuilder();
_schemeBuilderPartyU = new SchemeIfcBuilder(kdfVisitor);
_kasBuilderPartyV = new KasIfcBuilder();
_schemeBuilderPartyV = new SchemeIfcBuilder(kdfVisitor);
_secretKeyingMaterialBuilderPartyU = new IfcSecretKeyingMaterialBuilder();
_secretKeyingMaterialBuilderPartyV = new IfcSecretKeyingMaterialBuilder();
_kdfFactory = new KdfFactory(kdfVisitor);
_kdfParameterVisitor = new KdfParameterVisitor(entropyFactory.GetEntropyProvider(EntropyProviderTypes.Random));
_ktsFactory = new KtsFactory(shaFactory, rsa, entropyFactory);
_keyConfirmationFactory = new KeyConfirmationFactory(new KeyConfirmationMacDataCreator());
_fixedInfoFactory = new FixedInfoFactory(new FixedInfoStrategyFactory());
}
protected override void BuildKeyingMaterialThisParty(IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial)
{
// Note party ID should have been set on the builder outside of the scope of kas.
// Public key should have been set on the builder outside the scope of the kas instance.
// Create random Z, encrypt with IUT public key to arrive at C.
var rsaSveResult = _rsaSve.Generate(otherPartyKeyingMaterial.Key.PubKey);
thisPartyKeyingMaterialBuilder.WithZ(rsaSveResult.SharedSecretZ);
thisPartyKeyingMaterialBuilder.WithC(rsaSveResult.Ciphertext);
}
protected SchemeBase(
IEntropyProvider entropyProvider,
SchemeParametersIfc schemeParameters,
IFixedInfoFactory fixedInfoFactory,
FixedInfoParameter fixedInfoParameter,
IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IKeyConfirmationFactory keyConfirmationFactory,
MacParameters macParameters)
{
EntropyProvider = entropyProvider;
SchemeParameters = schemeParameters;
_fixedInfoFactory = fixedInfoFactory;
_fixedInfoParameter = fixedInfoParameter;
_thisPartyKeyingMaterialBuilder = thisPartyKeyingMaterialBuilder;
_keyConfirmationFactory = keyConfirmationFactory;
_macParameters = macParameters;
}
protected SchemeBaseKas
(
IEntropyProvider entropyProvider,
SchemeParametersIfc schemeParameters,
IFixedInfoFactory fixedInfoFactory,
FixedInfoParameter fixedInfoParameter,
IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IKeyConfirmationFactory keyConfirmationFactory,
MacParameters macParameters,
IKdfVisitor kdfVisitor,
IKdfParameter kdfParameter,
IRsaSve rsaSve
) : base(entropyProvider, schemeParameters, fixedInfoFactory, fixedInfoParameter, thisPartyKeyingMaterialBuilder, keyConfirmationFactory, macParameters)
{
_kdfVisitor = kdfVisitor;
_kdfParameter = kdfParameter;
_rsaSve = rsaSve;
}
protected override void BuildKeyingMaterialThisParty(IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial)
{
switch (SchemeParameters.KeyAgreementRole)
{
case KeyAgreementRole.InitiatorPartyU:
// Create a key of L length, wrap it with the other parties public key.
var keyToEncodeEncrypt = EntropyProvider.GetEntropy(SchemeParameters.KasAlgoAttributes.L);
var kts = _ktsFactory.Get(_ktsParameter.KtsHashAlg);
BitString fixedInfo = null;
if (!string.IsNullOrEmpty(_ktsParameter.AssociatedDataPattern))
{
ThisPartyKeyingMaterial = _thisPartyKeyingMaterialBuilder.Build(
SchemeParameters.KasAlgoAttributes.Scheme,
SchemeParameters.KasMode,
SchemeParameters.KeyAgreementRole,
SchemeParameters.KeyConfirmationRole,
SchemeParameters.KeyConfirmationDirection
);
fixedInfo = GetFixedInfo(otherPartyKeyingMaterial);
}
var c = kts.Encrypt(otherPartyKeyingMaterial.Key.PubKey, keyToEncodeEncrypt, fixedInfo).SharedSecretZ;
thisPartyKeyingMaterialBuilder.WithK(keyToEncodeEncrypt);
thisPartyKeyingMaterialBuilder.WithC(c);
break;
case KeyAgreementRole.ResponderPartyV:
// Key should have been set outside the scope of the kas instance
break;
default:
throw new ArgumentException($"Invalid {nameof(SchemeParameters.KeyAgreementRole)}");
}
}
protected override void BuildKeyingMaterialThisParty(IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial)
{
// Note party ID should have been set on the builder outside of the scope of kas.
switch (SchemeParameters.KeyAgreementRole)
{
case KeyAgreementRole.InitiatorPartyU:
// Create random Z, encrypt with IUT public key to arrive at C
var rsaSveResult = _rsaSve.Generate(otherPartyKeyingMaterial.Key.PubKey);
thisPartyKeyingMaterialBuilder.WithZ(rsaSveResult.SharedSecretZ);
thisPartyKeyingMaterialBuilder.WithC(rsaSveResult.Ciphertext);
break;
case KeyAgreementRole.ResponderPartyV:
// Provides public key and nonce. Public key should have been set on the builder outside the scope of the kas instance.
thisPartyKeyingMaterialBuilder.WithDkmNonce(
EntropyProvider.GetEntropy(SchemeParameters.KasAlgoAttributes.Modulo));
break;
default:
throw new ArgumentException($"Invalid {nameof(SchemeParameters.KeyAgreementRole)} for building keying material.");
}
}
public SchemeBaseKasOneKeyPair(
IEntropyProvider entropyProvider,
SchemeParametersIfc schemeParameters,
IFixedInfoFactory fixedInfoFactory,
FixedInfoParameter fixedInfoParameter,
IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IKeyConfirmationFactory keyConfirmationFactory,
MacParameters macParameters,
IKdfVisitor kdfVisitor,
IKdfParameter kdfParameter,
IRsaSve rsaSve)
: base(
entropyProvider,
schemeParameters,
fixedInfoFactory,
fixedInfoParameter,
thisPartyKeyingMaterialBuilder,
keyConfirmationFactory,
macParameters,
kdfVisitor,
kdfParameter,
rsaSve)
{
}
public SchemeKts(
IEntropyProvider entropyProvider,
SchemeParametersIfc schemeParameters,
IFixedInfoFactory fixedInfoFactory,
FixedInfoParameter fixedInfoParameter,
IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IKeyConfirmationFactory keyConfirmationFactory,
MacParameters macParameters,
IKtsFactory ktsFactory,
KtsParameter ktsParameter
)
: base
(
entropyProvider,
schemeParameters,
fixedInfoFactory,
fixedInfoParameter,
thisPartyKeyingMaterialBuilder,
keyConfirmationFactory,
macParameters)
{
_ktsFactory = ktsFactory;
_ktsParameter = ktsParameter;
}
public ISchemeIfcBuilder WithThisPartyKeyingMaterialBuilder(IIfcSecretKeyingMaterialBuilder value)
{
_thisPartyKeyingMaterialBuilder = value;
return(this);
}
protected abstract void BuildKeyingMaterialThisParty(
IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial);
