public IKdfOneStep GetInstance(KdaOneStepAuxFunction auxFunction, bool useCounter)
{
switch (auxFunction)
{
case KdaOneStepAuxFunction.SHA1:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA1, DigestSizes.d160)), useCounter));
case KdaOneStepAuxFunction.SHA2_D224:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA2, DigestSizes.d224)), useCounter));
case KdaOneStepAuxFunction.SHA2_D256:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA2, DigestSizes.d256)), useCounter));
case KdaOneStepAuxFunction.SHA2_D384:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA2, DigestSizes.d384)), useCounter));
case KdaOneStepAuxFunction.SHA2_D512:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA2, DigestSizes.d512)), useCounter));
case KdaOneStepAuxFunction.SHA2_D512_T224:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA2, DigestSizes.d512t224)), useCounter));
case KdaOneStepAuxFunction.SHA2_D512_T256:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA2, DigestSizes.d512t256)), useCounter));
case KdaOneStepAuxFunction.SHA3_D224:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA3, DigestSizes.d224)), useCounter));
case KdaOneStepAuxFunction.SHA3_D256:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA3, DigestSizes.d256)), useCounter));
case KdaOneStepAuxFunction.SHA3_D384:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA3, DigestSizes.d384)), useCounter));
case KdaOneStepAuxFunction.SHA3_D512:
return(new KdfSha(_shaFactory.GetShaInstance(new HashFunction(ModeValues.SHA3, DigestSizes.d512)), useCounter));
case KdaOneStepAuxFunction.HMAC_SHA1:
case KdaOneStepAuxFunction.HMAC_SHA2_D224:
case KdaOneStepAuxFunction.HMAC_SHA2_D256:
case KdaOneStepAuxFunction.HMAC_SHA2_D384:
case KdaOneStepAuxFunction.HMAC_SHA2_D512:
case KdaOneStepAuxFunction.HMAC_SHA2_D512_T224:
case KdaOneStepAuxFunction.HMAC_SHA2_D512_T256:
case KdaOneStepAuxFunction.HMAC_SHA3_D224:
case KdaOneStepAuxFunction.HMAC_SHA3_D256:
case KdaOneStepAuxFunction.HMAC_SHA3_D384:
case KdaOneStepAuxFunction.HMAC_SHA3_D512:
return(new KdfHmac(_hmacFactory, _shaFactory, auxFunction, useCounter));
case KdaOneStepAuxFunction.KMAC_128:
return(new KdfKmac(_kmacFactory, 256, useCounter));
case KdaOneStepAuxFunction.KMAC_256:
return(new KdfKmac(_kmacFactory, 512, useCounter));
default:
throw new ArgumentException(nameof(auxFunction));
}
}
public KdfHmac(IHmacFactory hmacFactory, IShaFactory shaFactory, KdaOneStepAuxFunction auxFunction, bool useCounter)
{
UseCounter = useCounter;
HashFunction hashFunction = null;
switch (auxFunction)
{
case KdaOneStepAuxFunction.HMAC_SHA1:
hashFunction = new HashFunction(ModeValues.SHA1, DigestSizes.d160);
break;
case KdaOneStepAuxFunction.HMAC_SHA2_D224:
hashFunction = new HashFunction(ModeValues.SHA2, DigestSizes.d224);
break;
case KdaOneStepAuxFunction.HMAC_SHA2_D256:
hashFunction = new HashFunction(ModeValues.SHA2, DigestSizes.d256);
break;
case KdaOneStepAuxFunction.HMAC_SHA2_D384:
hashFunction = new HashFunction(ModeValues.SHA2, DigestSizes.d384);
break;
case KdaOneStepAuxFunction.HMAC_SHA2_D512:
hashFunction = new HashFunction(ModeValues.SHA2, DigestSizes.d512);
break;
case KdaOneStepAuxFunction.HMAC_SHA2_D512_T224:
hashFunction = new HashFunction(ModeValues.SHA2, DigestSizes.d512t224);
break;
case KdaOneStepAuxFunction.HMAC_SHA2_D512_T256:
hashFunction = new HashFunction(ModeValues.SHA2, DigestSizes.d512t256);
break;
case KdaOneStepAuxFunction.HMAC_SHA3_D224:
hashFunction = new HashFunction(ModeValues.SHA3, DigestSizes.d224);
break;
case KdaOneStepAuxFunction.HMAC_SHA3_D256:
hashFunction = new HashFunction(ModeValues.SHA3, DigestSizes.d256);
break;
case KdaOneStepAuxFunction.HMAC_SHA3_D384:
hashFunction = new HashFunction(ModeValues.SHA3, DigestSizes.d384);
break;
case KdaOneStepAuxFunction.HMAC_SHA3_D512:
hashFunction = new HashFunction(ModeValues.SHA3, DigestSizes.d512);
break;
default:
throw new ArgumentException(nameof(auxFunction));
}
_hmac = hmacFactory.GetHmacInstance(hashFunction);
_sha = shaFactory.GetShaInstance(hashFunction);
}
public void ShouldKmac(
string label,
string fixedInfoPattern,
Kda kdfType,
KdaOneStepAuxFunction kdfAuxFunction,
int l,
BitString salt,
BitString z,
BitString algorithmId,
BitString uPartyId,
BitString uEphemData,
BitString vPartyid,
BitString vEphemData,
BitString issueFixedData,
BitString issueDkm,
BitString expectedDkm)
{
var param = new KdfParameterOneStep()
{
L = l,
Salt = salt,
Z = z,
AlgorithmId = algorithmId,
AuxFunction = kdfAuxFunction,
FixedInfoPattern = fixedInfoPattern,
FixedInputEncoding = FixedInfoEncoding.Concatenation
};
var fixedInfoFactory = new FixedInfoFactory(new FixedInfoStrategyFactory());
var fixedInfoParameter = new FixedInfoParameter()
{
AlgorithmId = algorithmId,
FixedInfoPattern = fixedInfoPattern,
Encoding = FixedInfoEncoding.Concatenation,
L = l,
Salt = salt
};
fixedInfoParameter.SetFixedInfo(
new PartyFixedInfo(uPartyId, uEphemData),
new PartyFixedInfo(vPartyid, vEphemData));
var fixedInfo = fixedInfoFactory
.Get()
.Get(fixedInfoParameter);
var kdf = _kdfOneStepFactory.GetInstance(param.AuxFunction, true);
var result = kdf.DeriveKey(param.Z, param.L, fixedInfo, param.Salt);
Assert.AreEqual(issueFixedData.ToHex(), fixedInfo.ToHex(), nameof(issueFixedData));
Assert.AreEqual(issueDkm.ToHex(), result.DerivedKey.ToHex(), nameof(issueDkm));
//Assert.AreEqual(expectedDkm.ToHex(), result.DerivedKey.ToHex(), nameof(expectedDkm));
}
public void NoCounterTestShouldSucceedIfDkmLengthLteOutputLengthOfHash(KdaOneStepAuxFunction auxFunction, int l)
{
var z = new BitString("BEEFBEEF");
var fixedInfo = new BitString("BEEF");
var noCounterKdf = _kdfVisitor.Kdf(new KdfParameterOneStepNoCounter()
{
AuxFunction = auxFunction,
L = l,
Z = z,
}, fixedInfo);
Assert.IsTrue(noCounterKdf.Success);
}
public void NoCounterTestShouldFailIfDkmLengthGtOutputLengthOfHash(
KdaOneStepAuxFunction auxFunction, int l)
{
var z = new BitString("BEEFBEEF");
var fixedInfo = new BitString("BEEF");
Assert.Throws <ArgumentException>(() =>
{
_kdfVisitor.Kdf(new KdfParameterOneStepNoCounter()
{
AuxFunction = auxFunction,
L = l,
Z = z,
}, fixedInfo);
});
}
public static int GetMaxOutputLengthOfDkmForOneStepAuxFunction(KdaOneStepAuxFunction auxFunction)
{
switch (auxFunction)
{
case KdaOneStepAuxFunction.SHA1:
case KdaOneStepAuxFunction.HMAC_SHA1:
return(160);
case KdaOneStepAuxFunction.SHA2_D224:
case KdaOneStepAuxFunction.SHA2_D512_T224:
case KdaOneStepAuxFunction.SHA3_D224:
case KdaOneStepAuxFunction.HMAC_SHA2_D224:
case KdaOneStepAuxFunction.HMAC_SHA2_D512_T224:
case KdaOneStepAuxFunction.HMAC_SHA3_D224:
return(224);
case KdaOneStepAuxFunction.SHA2_D256:
case KdaOneStepAuxFunction.SHA2_D512_T256:
case KdaOneStepAuxFunction.SHA3_D256:
case KdaOneStepAuxFunction.HMAC_SHA2_D256:
case KdaOneStepAuxFunction.HMAC_SHA2_D512_T256:
case KdaOneStepAuxFunction.HMAC_SHA3_D256:
return(256);
case KdaOneStepAuxFunction.SHA2_D384:
case KdaOneStepAuxFunction.SHA3_D384:
case KdaOneStepAuxFunction.HMAC_SHA2_D384:
case KdaOneStepAuxFunction.HMAC_SHA3_D384:
return(384);
case KdaOneStepAuxFunction.SHA2_D512:
case KdaOneStepAuxFunction.SHA3_D512:
case KdaOneStepAuxFunction.HMAC_SHA2_D512:
case KdaOneStepAuxFunction.HMAC_SHA3_D512:
return(512);
case KdaOneStepAuxFunction.KMAC_128:
case KdaOneStepAuxFunction.KMAC_256:
return(2048); // arbitrary, but we don't want to do a DKM exceeding this for testing
default:
throw new ArgumentOutOfRangeException(nameof(auxFunction), auxFunction, null);
}
}
public void NoCounterTestShouldPassOneStepNoCounterAndFailCounter(KdaOneStepAuxFunction auxFunction, int l, string zHex, string fixedInfoHex, string expectedHex)
{
var z = new BitString(zHex);
var fixedInfo = new BitString(fixedInfoHex);
var expected = new BitString(expectedHex);
var noCounterKdf = _kdfVisitor.Kdf(new KdfParameterOneStepNoCounter()
{
AuxFunction = auxFunction,
L = l,
Z = z,
}, fixedInfo);
var counterKdf = _kdfVisitor.Kdf(new KdfParameterOneStep()
{
AuxFunction = auxFunction,
L = l,
Z = z,
}, fixedInfo);
Assert.AreEqual(expected.ToHex(), noCounterKdf.DerivedKey.ToHex(), nameof(noCounterKdf));
Assert.AreNotEqual(expected.ToHex(), counterKdf.DerivedKey.ToHex(), nameof(counterKdf));
}
public IKdfOneStep GetInstance(KdaOneStepAuxFunction auxFunction, bool useCounter)
{
var kdf = _kdfFactory.GetInstance(auxFunction, useCounter);
return(new FakeKdf_BadDkm(kdf));
}
public void ShaShouldReturnProperHashFunctionFromConstruction(KdaOneStepAuxFunction kdfOneStepAuxFunction, ModeValues mode, DigestSizes digestSize)
{
_subject.GetInstance(kdfOneStepAuxFunction, true);
_shaFactory.Verify(v => v.GetShaInstance(new HashFunction(mode, digestSize)));
}
public void ShouldReturnCorrectImplementation(KdaOneStepAuxFunction auxFunction, Type expectedType)
{
var result = _subject.GetInstance(auxFunction, true);
Assert.IsInstanceOf(expectedType, result);
}
