protected override void BuildKeyingMaterialThisParty(IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial)
{
// Note party ID should have been set on the builder outside of the scope of kas.
// Public key should have been set on the builder outside the scope of the kas instance.
// Create random Z, encrypt with IUT public key to arrive at C.
var rsaSveResult = _rsaSve.Generate(otherPartyKeyingMaterial.Key.PubKey);
thisPartyKeyingMaterialBuilder.WithZ(rsaSveResult.SharedSecretZ);
thisPartyKeyingMaterialBuilder.WithC(rsaSveResult.Ciphertext);
}
protected override void BuildKeyingMaterialThisParty(IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial)
{
switch (SchemeParameters.KeyAgreementRole)
{
case KeyAgreementRole.InitiatorPartyU:
// Create a key of L length, wrap it with the other parties public key.
var keyToEncodeEncrypt = EntropyProvider.GetEntropy(SchemeParameters.KasAlgoAttributes.L);
var kts = _ktsFactory.Get(_ktsParameter.KtsHashAlg);
BitString fixedInfo = null;
if (!string.IsNullOrEmpty(_ktsParameter.AssociatedDataPattern))
{
ThisPartyKeyingMaterial = _thisPartyKeyingMaterialBuilder.Build(
SchemeParameters.KasAlgoAttributes.Scheme,
SchemeParameters.KasMode,
SchemeParameters.KeyAgreementRole,
SchemeParameters.KeyConfirmationRole,
SchemeParameters.KeyConfirmationDirection
);
fixedInfo = GetFixedInfo(otherPartyKeyingMaterial);
}
var c = kts.Encrypt(otherPartyKeyingMaterial.Key.PubKey, keyToEncodeEncrypt, fixedInfo).SharedSecretZ;
thisPartyKeyingMaterialBuilder.WithK(keyToEncodeEncrypt);
thisPartyKeyingMaterialBuilder.WithC(c);
break;
case KeyAgreementRole.ResponderPartyV:
// Key should have been set outside the scope of the kas instance
break;
default:
throw new ArgumentException($"Invalid {nameof(SchemeParameters.KeyAgreementRole)}");
}
}
protected override void BuildKeyingMaterialThisParty(IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial)
{
// Note party ID should have been set on the builder outside of the scope of kas.
switch (SchemeParameters.KeyAgreementRole)
{
case KeyAgreementRole.InitiatorPartyU:
// Create random Z, encrypt with IUT public key to arrive at C
var rsaSveResult = _rsaSve.Generate(otherPartyKeyingMaterial.Key.PubKey);
thisPartyKeyingMaterialBuilder.WithZ(rsaSveResult.SharedSecretZ);
thisPartyKeyingMaterialBuilder.WithC(rsaSveResult.Ciphertext);
break;
case KeyAgreementRole.ResponderPartyV:
// Provides public key and nonce. Public key should have been set on the builder outside the scope of the kas instance.
thisPartyKeyingMaterialBuilder.WithDkmNonce(
EntropyProvider.GetEntropy(SchemeParameters.KasAlgoAttributes.Modulo));
break;
default:
throw new ArgumentException($"Invalid {nameof(SchemeParameters.KeyAgreementRole)} for building keying material.");
}
}
