private void FireNetworkKeyS2ChangedMulti(byte groupId, byte ownerId, byte[] networkKey, SecuritySchemes securityScheme) { var mpanKey = new byte[SecurityS2Utils.KEY_SIZE]; var ccmKey = new byte[SecurityS2Utils.KEY_SIZE]; var personalization = new byte[SecurityS2Utils.PERSONALIZATION_SIZE]; SecurityS2Utils.NetworkKeyExpand(networkKey, ccmKey, personalization, mpanKey); var peerGroupId = new NodeGroupId(ownerId, groupId); if (groupId != 0) { if (McKeys.ContainsKey(peerGroupId)) { McKeys[peerGroupId].CcmKey = ccmKey; McKeys[peerGroupId].MpanKey = mpanKey; McKeys[peerGroupId].SecurityScheme = securityScheme; } else { McKeys.Add(peerGroupId, new MulticastKey { CcmKey = ccmKey, MpanKey = mpanKey, SecurityScheme = securityScheme }); } } }
public byte[] CalculateTempNetworkKeyS2(byte[] receiverPublicKey, bool isKeySender) { byte[] authTag = new byte[64]; byte[] ret = new byte[16]; if (isKeySender) { Array.Copy(GetPublicKeyS2(), 0, authTag, 0, GetPublicKeyS2().Length); Array.Copy(receiverPublicKey, 0, authTag, GetPublicKeyS2().Length, receiverPublicKey.Length); SecurityS2Utils.TempKeyExtract(GetSharedSecretS2(receiverPublicKey), authTag, ret); } else { Array.Copy(receiverPublicKey, 0, authTag, 0, receiverPublicKey.Length); Array.Copy(GetJoinPublicKeyS2(), 0, authTag, receiverPublicKey.Length, GetJoinPublicKeyS2().Length); SecurityS2Utils.TempKeyExtract(GetJoinSharedSecretS2(receiverPublicKey), authTag, ret); } return(ret); }
internal byte[] GenerateSecretKey() { byte[] ret = new byte[SecurityS2Utils.PERSONALIZATION_SIZE]; var ctx = new CTR_DRBG_CTX(); var personalization = new byte[SecurityS2Utils.PERSONALIZATION_SIZE]; SecurityS2Utils.AesCtrDrbgInstantiate(ref ctx, GetEntropyInput(), personalization); var first_sequence = new byte[SecurityS2Utils.KEY_SIZE]; SecurityS2Utils.AesCtrDrbgGenerate(ref ctx, first_sequence); var second_sequence = new byte[SecurityS2Utils.KEY_SIZE]; SecurityS2Utils.AesCtrDrbgGenerate(ref ctx, second_sequence); Array.Copy(first_sequence, ret, 16); Array.Copy(second_sequence, 0, ret, 16, 16); return(ret); }
private void FireNetworkKeyS2Changed(InvariantPeerNodeId peerNodeId, byte[] networkKey, SecuritySchemes securityScheme) { var mpanKey = new byte[SecurityS2Utils.KEY_SIZE]; var ccmKey = new byte[SecurityS2Utils.KEY_SIZE]; var personalization = new byte[SecurityS2Utils.PERSONALIZATION_SIZE]; if (securityScheme == SecuritySchemes.S2_TEMP) { SecurityS2Utils.TempKeyExpand(networkKey, ccmKey, personalization, mpanKey); } else { SecurityS2Utils.NetworkKeyExpand(networkKey, ccmKey, personalization, mpanKey); } switch (peerNodeId.NodeId2) { case 0: for (int ii = 0; ii <= ushort.MaxValue; ii++) { var index = new InvariantPeerNodeId(ii); if (ScKeys.ContainsKey(index) && !ScKeys[index].CcmKey.SequenceEqual(ccmKey) && ScKeys[index].SecurityScheme == securityScheme) { ScKeys[index].CcmKey = ccmKey; ScKeys[index].Personalization = personalization; if (SpanTable.GetSpanState(index) != SpanStates.ReceiversNonce) { SpanTable.SetNonceFree(index); } } } for (int i = 0; i <= ushort.MaxValue; i++) { var index = new NodeGroupId(i); if (McKeys.ContainsKey(index) && !McKeys[index].CcmKey.SequenceEqual(ccmKey) && McKeys[index].SecurityScheme == securityScheme) { MpanTable.RemoveRecord(index); } } break; case 0xFF: for (int ii = 0; ii <= ushort.MaxValue; ii++) { var i = new InvariantPeerNodeId(ii); if (ScKeys.ContainsKey(i)) { ScKeys[i].CcmKey = ccmKey; ScKeys[i].Personalization = personalization; ScKeys[i].SecurityScheme = securityScheme; } } MpanTable.ClearMpanTable(); SpanTable.ClearNonceTable(); break; default: if (ScKeys.ContainsKey(peerNodeId)) { ScKeys[peerNodeId].CcmKey = ccmKey; ScKeys[peerNodeId].Personalization = personalization; ScKeys[peerNodeId].SecurityScheme = securityScheme; } else { ScKeys.Add(peerNodeId, new SinglecastKey { CcmKey = ccmKey, Personalization = personalization, SecurityScheme = securityScheme }); } if (SpanTable.GetSpanState(peerNodeId) != SpanStates.ReceiversNonce) { SpanTable.SetNonceFree(peerNodeId); } break; } if (IsInclusion && securityScheme == SecuritySchemes.S2_TEMP) { IsTempKeyActivatedOnInclusion = true; } if (NetworkKeyS2Changed != null) { NetworkKeyS2Changed(peerNodeId, networkKey, securityScheme, IsInclusion); } if (peerNodeId.NodeId2 == 0) { for (int ii = 0; ii <= ushort.MaxValue; ii++) { var index = new InvariantPeerNodeId(ii); // TODO S2 if (_scKeys.ContainsKey(index) && !_scKeys[index].CcmKey.SequenceEqual(ccmKey) && _scKeys[index].SecurityScheme == securityScheme) { RetransmissionTableS2.Clear(); } } } else if (peerNodeId.NodeId2 == 0xFF) { RetransmissionTableS2.Clear(); } else { if (RetransmissionTableS2.ContainsKey(peerNodeId)) { RetransmissionTableS2.Remove(peerNodeId); } } }
public byte[] GetJoinSharedSecretS2(byte[] receiverPublicKey) { byte[] ret = new byte[32]; SecurityS2Utils.CryptoScalarmultCurve25519(ret, JoinSecretKeyS2, receiverPublicKey); return(ret); }
public byte[] GetJoinPublicKeyS2() { byte[] ret = new byte[32]; SecurityS2Utils.CryptoScalarmultCurve25519Base(ret, JoinSecretKeyS2); return(ret); }