public OtherInfo( IEntropyProvider entropyProvider, string otherInfoPattern, int otherInfoLength, KeyAgreementRole thisPartyKeyAgreementRole, PartyOtherInfo thisPartyOtherInfo, PartyOtherInfo otherPartyOtherInfo ) { _thisPartyKeyAgreementRole = thisPartyKeyAgreementRole; _thisPartyOtherInfo = thisPartyOtherInfo; _otherPartyOtherInfo = otherPartyOtherInfo; // split the pattern into pieces var pieces = otherInfoPattern.Split("||".ToCharArray(), StringSplitOptions.RemoveEmptyEntries); foreach (var piece in pieces) { var workingPiece = piece.Replace("||", ""); _otherInfo = _otherInfo.ConcatenateBits(ConcatenatePieceOntoOtherInfo(workingPiece)); } // Add entropy to hit otherInfoLength _otherInfo = _otherInfo.ConcatenateBits(entropyProvider.GetEntropy(otherInfoLength - _otherInfo.BitLength)); _otherInfo = _otherInfo.GetMostSignificantBits(otherInfoLength); }
public ISecretKeyingMaterial Build(KasScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection) { var schemeRequirements = KasEnumMapping.GetSchemeRequirements( scheme, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection); ValidateDomainParameters(schemeRequirements.requirments, _domainParameters); ValidateEphemeralKey(schemeRequirements.requirments, _ephemeralKey); ValidateStaticKey(schemeRequirements.requirments, _staticKey); ValidateEphemeralNonce(schemeRequirements.requirments, _ephemeralNonce); ValidateDkmNonce(schemeRequirements.requirments, _dkmNonce); ValidatePartyId(schemeRequirements.requirments, _partyId); ValidateConsistentAlgorithm(schemeRequirements.kasAlgo, schemeRequirements.requirments, _domainParameters, _ephemeralKey, _staticKey); return(new SecretKeyingMaterial() { KasAlgorithm = schemeRequirements.kasAlgo, DkmNonce = _dkmNonce, DomainParameters = _domainParameters, EphemeralNonce = _ephemeralNonce, EphemeralKeyPair = _ephemeralKey, StaticKeyPair = _staticKey, PartyId = _partyId, }); }
public IIfcSecretKeyingMaterial Build(IfcScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, bool shouldValidateContributions = true) { if (shouldValidateContributions) { var generationRequirements = KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole( scheme, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection); ValidateNonce(generationRequirements); ValidateKey(generationRequirements); ValidatePartyId(generationRequirements); ValidateK(generationRequirements, scheme); } return(new IfcSecretKeyingMaterial() { C = _c, DkmNonce = _dkmNonce, K = _k, Key = _key, PartyId = _partyId, Z = _z, }); }
/// <summary> /// Constructs Kas parameter information /// </summary> /// <param name="keyAgreementRole">This party's key agreement role</param> /// <param name="kasMode">The mode of the KAS attempt</param> /// <param name="keyConfirmationRole">This party's key confirmation role</param> /// <param name="keyConfirmationDirection">This party's key confirmation direction</param> /// <param name="kasAssurances">The assurances associated with the KAS</param> /// <param name="thisPartyId">The ID associated with this party</param> protected SchemeParametersBase( TKasAlgoAttributes kasAlgoAttributes, KeyAgreementRole keyAgreementRole, KasMode kasMode, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, KasAssurance kasAssurances, BitString thisPartyId ) { if (kasMode != KasMode.NoKdfNoKc && BitString.IsZeroLengthOrNull(thisPartyId)) { throw new ArgumentException(nameof(thisPartyId)); } if (kasMode == KasMode.KdfKc) { if (keyConfirmationRole == KeyConfirmationRole.None || keyConfirmationDirection == KeyConfirmationDirection.None) { throw new ArgumentException( $"{nameof(KasMode.KdfKc)} requires a valid (not None) value for both {nameof(keyConfirmationRole)} and {nameof(keyConfirmationDirection)}"); } } KasAlgoAttributes = kasAlgoAttributes; KeyAgreementRole = keyAgreementRole; KasMode = kasMode; KeyConfirmationRole = keyConfirmationRole; KeyConfirmationDirection = keyConfirmationDirection; KasAssurances = kasAssurances; ThisPartyId = thisPartyId; }
/// <summary> /// Non AES-CCM constructor /// </summary> /// <param name="thisPartyKeyAgreementRole"></param> /// <param name="thisPartyKeyConfirmationRole"></param> /// <param name="keyConfirmationType"></param> /// <param name="macType"></param> /// <param name="keyLength"></param> /// <param name="macLength"></param> /// <param name="thisPartyIdentifier"></param> /// <param name="otherPartyIdentifier"></param> /// <param name="thisPartyPublicKey"></param> /// <param name="otherPartyPublicKey"></param> /// <param name="derivedKeyingMaterial"></param> public KeyConfirmationParameters( KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole thisPartyKeyConfirmationRole, KeyConfirmationDirection keyConfirmationType, KeyAgreementMacType macType, int keyLength, int macLength, BitString thisPartyIdentifier, BitString otherPartyIdentifier, BitString thisPartyPublicKey, BitString otherPartyPublicKey, BitString derivedKeyingMaterial ) { if (macType == KeyAgreementMacType.AesCcm) { throw new ArgumentException(nameof(macType)); } ThisPartyKeyAgreementRole = thisPartyKeyAgreementRole; ThisPartyKeyConfirmationRole = thisPartyKeyConfirmationRole; KeyConfirmationType = keyConfirmationType; MacType = macType; KeyLength = keyLength; MacLength = macLength; ThisPartyIdentifier = thisPartyIdentifier; OtherPartyIdentifier = otherPartyIdentifier; ThisPartyPublicKey = thisPartyPublicKey; OtherPartyPublicKey = otherPartyPublicKey; DerivedKeyingMaterial = derivedKeyingMaterial; KeyConfirmationType = keyConfirmationType; }
public void ShouldReturnCorrectMac( string label, KeyAgreementRole thisKaRole, KeyConfirmationRole thisKcRole, KeyConfirmationDirection thisKcType, BitString thisId, BitString otherId, BitString thisPublicKey, BitString otherPublicKey, BitString expectedMacData) { var p = new KeyConfirmationParameters( thisKaRole, thisKcRole, thisKcType, KeyAgreementMacType.CmacAes, 0, 0, thisId, otherId, thisPublicKey, otherPublicKey, new BitString(0) ); _subject = new FakeKeyConfirmationBase(new KeyConfirmationMacDataCreator(), p); var result = _subject.GetMacData(); Assert.AreEqual(expectedMacData.ToHex(), result.ToHex()); }
public IOtherInfo GetInstance( string otherInfoPattern, int otherInfoLength, KeyAgreementRole thisPartyKeyAgreementRole, PartyOtherInfo thisPartySharedInformation, PartyOtherInfo otherPartySharedInformation) { return(new FakeOtherInfo(_otherInfo)); }
public SchemeParametersIfc( KasAlgoAttributesIfc kasAlgoAttributes, KeyAgreementRole keyAgreementRole, KasMode kasMode, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, KasAssurance kasAssurances, BitString thisPartyId) : base(kasAlgoAttributes, keyAgreementRole, kasMode, keyConfirmationRole, keyConfirmationDirection, kasAssurances, thisPartyId) { }
protected override BitString GetEphemeralDataFromKeyContribution(IIfcSecretKeyingMaterial secretKeyingMaterial, KeyAgreementRole keyAgreementRole, bool excludeEphemeralData) { // KAS1 Party U C // KAS1 Party V NV if (keyAgreementRole == KeyAgreementRole.InitiatorPartyU) { return(secretKeyingMaterial.C); } return(secretKeyingMaterial.DkmNonce); }
/// <summary> /// Constructor for IFC schemes. /// </summary> /// <param name="scheme"></param> /// <param name="kasMode"></param> /// <param name="thisPartyKasRole"></param> /// <param name="thisPartyKeyConfirmationRole"></param> /// <param name="keyConfirmationDirection"></param> /// <param name="generatesKeyPair"></param> /// <param name="generatesEphemeralNonce"></param> public SchemeKeyNonceGenRequirement( TScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKasRole, KeyConfirmationRole thisPartyKeyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, bool generatesKeyPair, bool generatesEphemeralNonce ) : base( kasMode, thisPartyKasRole, thisPartyKeyConfirmationRole, keyConfirmationDirection, generatesKeyPair, generatesEphemeralNonce) { Scheme = scheme; }
protected KasBuilderKdfNoKc( ISchemeBuilder <TKasDsaAlgoAttributes, TOtherPartySharedInfo, TDomainParameters, TKeyPair> schemeBuilder, TKasDsaAlgoAttributes kasDsaAlgoAttributes, KeyAgreementRole keyAgreementRole, KasAssurance assurances, BitString partyId ) { _schemeBuilder = schemeBuilder; _kasDsaAlgoAttributes = kasDsaAlgoAttributes; _keyAgreementRole = keyAgreementRole; _assurances = assurances; _partyId = partyId; }
public KasBuilderNoKdfNoKcEcc( ISchemeBuilder <KasDsaAlgoAttributesEcc, OtherPartySharedInformation <EccDomainParameters, EccKeyPair>, EccDomainParameters, EccKeyPair> schemeBuilder, KasDsaAlgoAttributesEcc kasDsaAlgoAttributes, KeyAgreementRole keyAgreementRole, KasAssurance assurances, BitString partyId) : base( schemeBuilder, kasDsaAlgoAttributes, keyAgreementRole, assurances, partyId ) { }
public SchemeParameters( KasAlgoAttributes kasAlgoAttributes, KeyAgreementRole keyAgreementRole, KasMode kasMode, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection, KasAssurance kasAssurances, BitString thisPartyId ) : base(kasAlgoAttributes, keyAgreementRole, kasMode, keyConfirmationRole, keyConfirmationDirection, kasAssurances, thisPartyId) { KasAlgorithm = KasEnumMapping.GetSchemeRequirements( kasAlgoAttributes.KasScheme, kasMode, keyAgreementRole, keyConfirmationRole, keyConfirmationDirection).kasAlgo; }
public IOtherInfo GetInstance( string otherInfoPattern, int otherInfoLength, KeyAgreementRole thisPartyKeyAgreementRole, PartyOtherInfo thisPartyOtherInfo, PartyOtherInfo otherPartyOtherInfo ) { return(new OtherInfo( _entropyProvider, otherInfoPattern, otherInfoLength, thisPartyKeyAgreementRole, thisPartyOtherInfo, otherPartyOtherInfo )); }
public void ShouldReturnCorrectOtherInfoCavsTests( KeyAgreementRole iutRole, OtherPartySharedInformation <FfcDomainParameters, FfcKeyPair> uPartySharedInformation, OtherPartySharedInformation <FfcDomainParameters, FfcKeyPair> vPartySharedInformation, int otherInfoLength, BitString expectedOtherInfo ) { string otherInfoPattern = "uPartyInfo||vPartyInfo"; TestableEntropyProvider entropyProvider = new TestableEntropyProvider(); // u/v party info comprised of ID, and dkmNonce, find the bitlength of both parties contributed information // to determine which bits are the "random" bits to inject into the TestableEntropyProvider. var composedBitLength = uPartySharedInformation.PartyId.BitLength + uPartySharedInformation.DkmNonce.BitLength + vPartySharedInformation.PartyId.BitLength; var entropyBits = expectedOtherInfo.GetLeastSignificantBits(expectedOtherInfo.BitLength - composedBitLength); entropyProvider.AddEntropy(entropyBits); var uPartyOtherInfo = new PartyOtherInfo(uPartySharedInformation.PartyId, uPartySharedInformation.DkmNonce); var vPartyOtherInfo = new PartyOtherInfo(vPartySharedInformation.PartyId, vPartySharedInformation.DkmNonce); _subject = new OtherInfo( entropyProvider, otherInfoPattern, otherInfoLength, KeyAgreementRole.InitiatorPartyU, uPartyOtherInfo, vPartyOtherInfo ); var result = _subject.GetOtherInfo(); Assert.AreEqual(expectedOtherInfo.ToHex(), result.ToHex()); }
public static (SchemeKeyNonceGenRequirement requirments, KasAlgorithm kasAlgo) GetSchemeRequirements(KasScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection) { FfcMap.TryFirst(f => f.Value == scheme, out var ffcResult); EccMap.TryFirst(f => f.Value == scheme, out var eccResult); if (ffcResult.Key == FfcScheme.None && eccResult.Key == EccScheme.None) { throw new ArgumentException($"Unable to map {nameof(scheme)} to {nameof(ffcResult)} or {nameof(eccResult)}"); } if (ffcResult.Key != FfcScheme.None) { return( KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole( ffcResult.Key, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection), KasAlgorithm.Ffc); } return( KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole( eccResult.Key, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection), KasAlgorithm.Ecc); }
public void ShouldReturnCorrectKasRole(KeyAgreementRole rolePartyA, KeyAgreementRole expectedRolePartyB) { var result = KeyGenerationRequirementsHelper.GetOtherPartyKeyAgreementRole(rolePartyA); Assert.AreEqual(expectedRolePartyB, result); }
/// <summary> /// Get the <see cref="PartyFixedInfo"/> as it pertains to the provided <see cref="IIfcSecretKeyingMaterial"/> /// for the specified <see cref="KeyAgreementRole"/>. /// </summary> /// <param name="secretKeyingMaterial">The secret keying material for the party.</param> /// <param name="keyAgreementRole">The parties key agreement role.</param> /// <param name="excludeEphemeralData">Should the ephemeral data be excluded? (Used for KTS fixed info generation)</param> /// <returns></returns> private PartyFixedInfo GetPartyFixedInfo(IIfcSecretKeyingMaterial secretKeyingMaterial, KeyAgreementRole keyAgreementRole, bool excludeEphemeralData) { return(new PartyFixedInfo(secretKeyingMaterial.PartyId, GetEphemeralDataFromKeyContribution(secretKeyingMaterial, keyAgreementRole, excludeEphemeralData))); }
/// <summary> /// The ephemeral data can be composed of any of C, CU, CV, NV, depending on the party, and scheme /// /// Scheme Party Ephemeral Data /// KAS1 Party U C /// KAS1 Party V NV /// KAS2 Party U CU /// KAS2 Party V CV /// KTS Party U C /// KTS Party V null /// </summary> /// <param name="secretKeyingMaterial">a party's secret keying material</param> /// <param name="keyAgreementRole">a party's key agreement role</param> /// <param name="excludeEphemeralData">Should the ephemeral data be excluded? (Used for KTS fixed info generation)</param> /// <returns></returns> protected abstract BitString GetEphemeralDataFromKeyContribution(IIfcSecretKeyingMaterial secretKeyingMaterial, KeyAgreementRole keyAgreementRole, bool excludeEphemeralData);
WithKeyAgreementRole(KeyAgreementRole value) { _keyAgreementRole = value; return(this); }
protected override BitString GetEphemeralDataFromKeyContribution(IIfcSecretKeyingMaterial secretKeyingMaterial, KeyAgreementRole keyAgreementRole, bool excludeEphemeralData) { return(secretKeyingMaterial.C); }