private void FireNetworkKeyS2ChangedMulti(byte groupId, byte ownerId, byte[] networkKey, SecuritySchemes securityScheme)
{
var mpanKey = new byte[SecurityS2Utils.KEY_SIZE];
var ccmKey = new byte[SecurityS2Utils.KEY_SIZE];
var personalization = new byte[SecurityS2Utils.PERSONALIZATION_SIZE];
SecurityS2Utils.NetworkKeyExpand(networkKey, ccmKey, personalization, mpanKey);
var peerGroupId = new NodeGroupId(ownerId, groupId);
if (groupId != 0)
{
if (McKeys.ContainsKey(peerGroupId))
{
McKeys[peerGroupId].CcmKey = ccmKey;
McKeys[peerGroupId].MpanKey = mpanKey;
McKeys[peerGroupId].SecurityScheme = securityScheme;
}
else
{
McKeys.Add(peerGroupId, new MulticastKey {
CcmKey = ccmKey, MpanKey = mpanKey, SecurityScheme = securityScheme
});
}
}
}
public byte[] CalculateTempNetworkKeyS2(byte[] receiverPublicKey, bool isKeySender)
{
byte[] authTag = new byte[64];
byte[] ret = new byte[16];
if (isKeySender)
{
Array.Copy(GetPublicKeyS2(), 0, authTag, 0, GetPublicKeyS2().Length);
Array.Copy(receiverPublicKey, 0, authTag, GetPublicKeyS2().Length, receiverPublicKey.Length);
SecurityS2Utils.TempKeyExtract(GetSharedSecretS2(receiverPublicKey), authTag, ret);
}
else
{
Array.Copy(receiverPublicKey, 0, authTag, 0, receiverPublicKey.Length);
Array.Copy(GetJoinPublicKeyS2(), 0, authTag, receiverPublicKey.Length, GetJoinPublicKeyS2().Length);
SecurityS2Utils.TempKeyExtract(GetJoinSharedSecretS2(receiverPublicKey), authTag, ret);
}
return(ret);
}
internal byte[] GenerateSecretKey()
{
byte[] ret = new byte[SecurityS2Utils.PERSONALIZATION_SIZE];
var ctx = new CTR_DRBG_CTX();
var personalization = new byte[SecurityS2Utils.PERSONALIZATION_SIZE];
SecurityS2Utils.AesCtrDrbgInstantiate(ref ctx, GetEntropyInput(), personalization);
var first_sequence = new byte[SecurityS2Utils.KEY_SIZE];
SecurityS2Utils.AesCtrDrbgGenerate(ref ctx, first_sequence);
var second_sequence = new byte[SecurityS2Utils.KEY_SIZE];
SecurityS2Utils.AesCtrDrbgGenerate(ref ctx, second_sequence);
Array.Copy(first_sequence, ret, 16);
Array.Copy(second_sequence, 0, ret, 16, 16);
return(ret);
}
private void FireNetworkKeyS2Changed(InvariantPeerNodeId peerNodeId, byte[] networkKey, SecuritySchemes securityScheme)
{
var mpanKey = new byte[SecurityS2Utils.KEY_SIZE];
var ccmKey = new byte[SecurityS2Utils.KEY_SIZE];
var personalization = new byte[SecurityS2Utils.PERSONALIZATION_SIZE];
if (securityScheme == SecuritySchemes.S2_TEMP)
{
SecurityS2Utils.TempKeyExpand(networkKey, ccmKey, personalization, mpanKey);
}
else
{
SecurityS2Utils.NetworkKeyExpand(networkKey, ccmKey, personalization, mpanKey);
}
switch (peerNodeId.NodeId2)
{
case 0:
for (int ii = 0; ii <= ushort.MaxValue; ii++)
{
var index = new InvariantPeerNodeId(ii);
if (ScKeys.ContainsKey(index) && !ScKeys[index].CcmKey.SequenceEqual(ccmKey) &&
ScKeys[index].SecurityScheme == securityScheme)
{
ScKeys[index].CcmKey = ccmKey;
ScKeys[index].Personalization = personalization;
if (SpanTable.GetSpanState(index) != SpanStates.ReceiversNonce)
{
SpanTable.SetNonceFree(index);
}
}
}
for (int i = 0; i <= ushort.MaxValue; i++)
{
var index = new NodeGroupId(i);
if (McKeys.ContainsKey(index) && !McKeys[index].CcmKey.SequenceEqual(ccmKey) &&
McKeys[index].SecurityScheme == securityScheme)
{
MpanTable.RemoveRecord(index);
}
}
break;
case 0xFF:
for (int ii = 0; ii <= ushort.MaxValue; ii++)
{
var i = new InvariantPeerNodeId(ii);
if (ScKeys.ContainsKey(i))
{
ScKeys[i].CcmKey = ccmKey;
ScKeys[i].Personalization = personalization;
ScKeys[i].SecurityScheme = securityScheme;
}
}
MpanTable.ClearMpanTable();
SpanTable.ClearNonceTable();
break;
default:
if (ScKeys.ContainsKey(peerNodeId))
{
ScKeys[peerNodeId].CcmKey = ccmKey;
ScKeys[peerNodeId].Personalization = personalization;
ScKeys[peerNodeId].SecurityScheme = securityScheme;
}
else
{
ScKeys.Add(peerNodeId,
new SinglecastKey
{
CcmKey = ccmKey,
Personalization = personalization,
SecurityScheme = securityScheme
});
}
if (SpanTable.GetSpanState(peerNodeId) != SpanStates.ReceiversNonce)
{
SpanTable.SetNonceFree(peerNodeId);
}
break;
}
if (IsInclusion && securityScheme == SecuritySchemes.S2_TEMP)
{
IsTempKeyActivatedOnInclusion = true;
}
if (NetworkKeyS2Changed != null)
{
NetworkKeyS2Changed(peerNodeId, networkKey, securityScheme, IsInclusion);
}
if (peerNodeId.NodeId2 == 0)
{
for (int ii = 0; ii <= ushort.MaxValue; ii++)
{
var index = new InvariantPeerNodeId(ii);
// TODO S2 if (_scKeys.ContainsKey(index) && !_scKeys[index].CcmKey.SequenceEqual(ccmKey) && _scKeys[index].SecurityScheme == securityScheme)
{
RetransmissionTableS2.Clear();
}
}
}
else if (peerNodeId.NodeId2 == 0xFF)
{
RetransmissionTableS2.Clear();
}
else
{
if (RetransmissionTableS2.ContainsKey(peerNodeId))
{
RetransmissionTableS2.Remove(peerNodeId);
}
}
}
public byte[] GetJoinSharedSecretS2(byte[] receiverPublicKey)
{
byte[] ret = new byte[32];
SecurityS2Utils.CryptoScalarmultCurve25519(ret, JoinSecretKeyS2, receiverPublicKey);
return(ret);
}
public byte[] GetJoinPublicKeyS2()
{
byte[] ret = new byte[32];
SecurityS2Utils.CryptoScalarmultCurve25519Base(ret, JoinSecretKeyS2);
return(ret);
}
