public IIfcSecretKeyingMaterial Build(IfcScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, bool shouldValidateContributions = true) { if (shouldValidateContributions) { var generationRequirements = KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole( scheme, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection); ValidateNonce(generationRequirements); ValidateKey(generationRequirements); ValidatePartyId(generationRequirements); ValidateK(generationRequirements, scheme); } return(new IfcSecretKeyingMaterial() { C = _c, DkmNonce = _dkmNonce, K = _k, Key = _key, PartyId = _partyId, Z = _z, }); }
/// <summary> /// Constructs Kas parameter information /// </summary> /// <param name="keyAgreementRole">This party's key agreement role</param> /// <param name="kasMode">The mode of the KAS attempt</param> /// <param name="keyConfirmationRole">This party's key confirmation role</param> /// <param name="keyConfirmationDirection">This party's key confirmation direction</param> /// <param name="kasAssurances">The assurances associated with the KAS</param> /// <param name="thisPartyId">The ID associated with this party</param> protected SchemeParametersBase( TKasAlgoAttributes kasAlgoAttributes, KeyAgreementRole keyAgreementRole, KasMode kasMode, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, KasAssurance kasAssurances, BitString thisPartyId ) { if (kasMode != KasMode.NoKdfNoKc && BitString.IsZeroLengthOrNull(thisPartyId)) { throw new ArgumentException(nameof(thisPartyId)); } if (kasMode == KasMode.KdfKc) { if (keyConfirmationRole == KeyConfirmationRole.None || keyConfirmationDirection == KeyConfirmationDirection.None) { throw new ArgumentException( $"{nameof(KasMode.KdfKc)} requires a valid (not None) value for both {nameof(keyConfirmationRole)} and {nameof(keyConfirmationDirection)}"); } } KasAlgoAttributes = kasAlgoAttributes; KeyAgreementRole = keyAgreementRole; KasMode = kasMode; KeyConfirmationRole = keyConfirmationRole; KeyConfirmationDirection = keyConfirmationDirection; KasAssurances = kasAssurances; ThisPartyId = thisPartyId; }
/// <summary> /// Non AES-CCM constructor /// </summary> /// <param name="thisPartyKeyAgreementRole"></param> /// <param name="thisPartyKeyConfirmationRole"></param> /// <param name="keyConfirmationType"></param> /// <param name="macType"></param> /// <param name="keyLength"></param> /// <param name="macLength"></param> /// <param name="thisPartyIdentifier"></param> /// <param name="otherPartyIdentifier"></param> /// <param name="thisPartyPublicKey"></param> /// <param name="otherPartyPublicKey"></param> /// <param name="derivedKeyingMaterial"></param> public KeyConfirmationParameters( KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole thisPartyKeyConfirmationRole, KeyConfirmationDirection keyConfirmationType, KeyAgreementMacType macType, int keyLength, int macLength, BitString thisPartyIdentifier, BitString otherPartyIdentifier, BitString thisPartyPublicKey, BitString otherPartyPublicKey, BitString derivedKeyingMaterial ) { if (macType == KeyAgreementMacType.AesCcm) { throw new ArgumentException(nameof(macType)); } ThisPartyKeyAgreementRole = thisPartyKeyAgreementRole; ThisPartyKeyConfirmationRole = thisPartyKeyConfirmationRole; KeyConfirmationType = keyConfirmationType; MacType = macType; KeyLength = keyLength; MacLength = macLength; ThisPartyIdentifier = thisPartyIdentifier; OtherPartyIdentifier = otherPartyIdentifier; ThisPartyPublicKey = thisPartyPublicKey; OtherPartyPublicKey = otherPartyPublicKey; DerivedKeyingMaterial = derivedKeyingMaterial; KeyConfirmationType = keyConfirmationType; }
public ISecretKeyingMaterial Build(KasScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection) { var schemeRequirements = KasEnumMapping.GetSchemeRequirements( scheme, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection); ValidateDomainParameters(schemeRequirements.requirments, _domainParameters); ValidateEphemeralKey(schemeRequirements.requirments, _ephemeralKey); ValidateStaticKey(schemeRequirements.requirments, _staticKey); ValidateEphemeralNonce(schemeRequirements.requirments, _ephemeralNonce); ValidateDkmNonce(schemeRequirements.requirments, _dkmNonce); ValidatePartyId(schemeRequirements.requirments, _partyId); ValidateConsistentAlgorithm(schemeRequirements.kasAlgo, schemeRequirements.requirments, _domainParameters, _ephemeralKey, _staticKey); return(new SecretKeyingMaterial() { KasAlgorithm = schemeRequirements.kasAlgo, DkmNonce = _dkmNonce, DomainParameters = _domainParameters, EphemeralNonce = _ephemeralNonce, EphemeralKeyPair = _ephemeralKey, StaticKeyPair = _staticKey, PartyId = _partyId, }); }
public void ShouldReturnCorrectMac( string label, KeyAgreementRole thisKaRole, KeyConfirmationRole thisKcRole, KeyConfirmationDirection thisKcType, BitString thisId, BitString otherId, BitString thisPublicKey, BitString otherPublicKey, BitString expectedMacData) { var p = new KeyConfirmationParameters( thisKaRole, thisKcRole, thisKcType, KeyAgreementMacType.CmacAes, 0, 0, thisId, otherId, thisPublicKey, otherPublicKey, new BitString(0) ); _subject = new FakeKeyConfirmationBase(new KeyConfirmationMacDataCreator(), p); var result = _subject.GetMacData(); Assert.AreEqual(expectedMacData.ToHex(), result.ToHex()); }
public SchemeParametersIfc( KasAlgoAttributesIfc kasAlgoAttributes, KeyAgreementRole keyAgreementRole, KasMode kasMode, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, KasAssurance kasAssurances, BitString thisPartyId) : base(kasAlgoAttributes, keyAgreementRole, kasMode, keyConfirmationRole, keyConfirmationDirection, kasAssurances, thisPartyId) { }
/// <summary> /// Constructor for IFC schemes. /// </summary> /// <param name="scheme"></param> /// <param name="kasMode"></param> /// <param name="thisPartyKasRole"></param> /// <param name="thisPartyKeyConfirmationRole"></param> /// <param name="keyConfirmationDirection"></param> /// <param name="generatesKeyPair"></param> /// <param name="generatesEphemeralNonce"></param> public SchemeKeyNonceGenRequirement( TScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKasRole, KeyConfirmationRole thisPartyKeyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, bool generatesKeyPair, bool generatesEphemeralNonce ) : base( kasMode, thisPartyKasRole, thisPartyKeyConfirmationRole, keyConfirmationDirection, generatesKeyPair, generatesEphemeralNonce) { Scheme = scheme; }
public SchemeParameters( KasAlgoAttributes kasAlgoAttributes, KeyAgreementRole keyAgreementRole, KasMode kasMode, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, KasAssurance kasAssurances, BitString thisPartyId ) : base(kasAlgoAttributes, keyAgreementRole, kasMode, keyConfirmationRole, keyConfirmationDirection, kasAssurances, thisPartyId) { KasAlgorithm = KasEnumMapping.GetSchemeRequirements( kasAlgoAttributes.KasScheme, kasMode, keyAgreementRole, keyConfirmationRole, keyConfirmationDirection).kasAlgo; }
public void ShouldReturnCorrectKcRole(KeyConfirmationRole rolePartyA, KeyConfirmationRole expectedRolePartyB) { var result = KeyGenerationRequirementsHelper.GetOtherPartyKeyConfirmationRole(rolePartyA); Assert.AreEqual(expectedRolePartyB, result); }
public static (SchemeKeyNonceGenRequirement requirments, KasAlgorithm kasAlgo) GetSchemeRequirements(KasScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection) { FfcMap.TryFirst(f => f.Value == scheme, out var ffcResult); EccMap.TryFirst(f => f.Value == scheme, out var eccResult); if (ffcResult.Key == FfcScheme.None && eccResult.Key == EccScheme.None) { throw new ArgumentException($"Unable to map {nameof(scheme)} to {nameof(ffcResult)} or {nameof(eccResult)}"); } if (ffcResult.Key != FfcScheme.None) { return( KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole( ffcResult.Key, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection), KasAlgorithm.Ffc); } return( KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole( eccResult.Key, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection), KasAlgorithm.Ecc); }
> WithKeyConfirmationRole(KeyConfirmationRole value) { _keyConfirmationRole = value; return(this); }