protected override void BuildKeyingMaterialThisParty(IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial)
{
// Note party ID should have been set on the builder outside of the scope of kas.
// Public key should have been set on the builder outside the scope of the kas instance.
// Create random Z, encrypt with IUT public key to arrive at C.
var rsaSveResult = _rsaSve.Generate(otherPartyKeyingMaterial.Key.PubKey);
thisPartyKeyingMaterialBuilder.WithZ(rsaSveResult.SharedSecretZ);
thisPartyKeyingMaterialBuilder.WithC(rsaSveResult.Ciphertext);
}
protected override void BuildKeyingMaterialThisParty(IIfcSecretKeyingMaterialBuilder thisPartyKeyingMaterialBuilder,
IIfcSecretKeyingMaterial otherPartyKeyingMaterial)
{
// Note party ID should have been set on the builder outside of the scope of kas.
switch (SchemeParameters.KeyAgreementRole)
{
case KeyAgreementRole.InitiatorPartyU:
// Create random Z, encrypt with IUT public key to arrive at C
var rsaSveResult = _rsaSve.Generate(otherPartyKeyingMaterial.Key.PubKey);
thisPartyKeyingMaterialBuilder.WithZ(rsaSveResult.SharedSecretZ);
thisPartyKeyingMaterialBuilder.WithC(rsaSveResult.Ciphertext);
break;
case KeyAgreementRole.ResponderPartyV:
// Provides public key and nonce. Public key should have been set on the builder outside the scope of the kas instance.
thisPartyKeyingMaterialBuilder.WithDkmNonce(
EntropyProvider.GetEntropy(SchemeParameters.KasAlgoAttributes.Modulo));
break;
default:
throw new ArgumentException($"Invalid {nameof(SchemeParameters.KeyAgreementRole)} for building keying material.");
}
}
