Esempio n. 1
0
        static public EdhocResponder ParseMessage3(byte[] msgData, KeySet serverKeys)
        {
            CBORObject algVerify = null;

            CBORObject msg = CBORObject.DecodeFromBytes(msgData);

            if (msg.Type != CBORType.Array)
            {
                throw new Exception("Invalid message");
            }

            EdhocResponder edhoc = MessageList[new ListKey(msg[1].GetByteString())];

            edhoc._Messages[2] = msgData;

            if (edhoc._fSymmetricSecret)
            {
                if (msg[0].AsInt16() != 6)
                {
                    throw new Exception("Invalid Message");
                }
            }
            else
            {
                if (msg[0].AsInt16() != 3)
                {
                    throw new Exception("Invalid Message");
                }
            }


            Encrypt0Message enc0 = (Encrypt0Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(msg[2].GetByteString(), Tags.Encrypt0);

            msg.Remove(msg[2]);

            byte[] data_3 = msg.EncodeToBytes();
            byte[] aad_3  = ConcatenateAndHash(new byte[][] { edhoc._LastMessageAuthenticator, data_3 }, edhoc._MessageDigest);

            byte[][] useKeys = _DeriveKeys(edhoc._Keys, edhoc._SecretSalt, aad_3, edhoc._algAEAD);
            byte[]   encKey  = useKeys[0];

            enc0.AddAttribute(HeaderKeys.Algorithm, edhoc._algAEAD, Attributes.DO_NOT_SEND);
            enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND);
            enc0.SetExternalData(aad_3);
            byte[] body = enc0.Decrypt(encKey);

            if (!edhoc._fSymmetricSecret)
            {
                CBORObject encBody = CBORObject.DecodeFromBytes(body);

                Sign1Message sign1 = (Sign1Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(encBody[0].GetByteString(), Tags.Sign1);
                sign1.AddAttribute(HeaderKeys.Algorithm, edhoc._algSign, Attributes.DO_NOT_SEND);

                CBORObject kidObject = sign1.FindAttribute(HeaderKeys.KeyId);
                byte[]     kid       = null;
                if (kidObject != null)
                {
                    kid = kidObject.GetByteString();
                }
                sign1.SetExternalData(aad_3);

                KeySet keys = new KeySet();
                foreach (OneKey sigKey in serverKeys)
                {
                    if (sigKey.HasKid(kid))
                    {
                        keys.AddKey(sigKey);
                    }
                }

                List <OneKey> ks  = new List <OneKey>();
                List <OneKey> ks2 = ks.Where(f => f.HasKid(kid)).ToList();

                OneKey signingKey = null;
                foreach (OneKey sigKey in keys)
                {
                    try {
                        sign1.Validate(sigKey);
                        signingKey = sigKey;
                    }
                    catch (Exception) {
                        // nop;
                    }
                }

                if (signingKey == null)
                {
                    throw new Exception("Unable to complete - no signing key found");
                }
            }
            else
            {
                // body is the EXT_3 value
            }

            edhoc._LastMessageAuthenticator = ConcatenateAndHash(new byte[][] { edhoc._LastMessageAuthenticator, msgData }, edhoc._MessageDigest);

            return(edhoc);
        }
Esempio n. 2
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="msgData"></param>
        /// <param name="keySetPublic"></param>
        public void ParseMessage2(byte[] msgData, KeySet keySetPublic)
        {
            int        msgIndex;
            CBORObject algVerify = null;

            CBORObject msg = CBORObject.DecodeFromBytes(msgData);

            if (msg.Type != CBORType.Array)
            {
                throw new Exception("Invalid message");
            }

            _Messages[1] = msgData;

            if (_fSymmetricSecret)
            {
                if (msg[0].AsInt16() != 5)
                {
                    throw new Exception("Invalid Message");
                }
            }
            else
            {
                if (msg[0].AsInt16() != 2)
                {
                    throw new Exception("Invalid Message");
                }
            }

            _SessionId[1] = msg[2].GetByteString();       // S_V
            _Nonce[1]     = msg[3].GetByteString();       // N_V
            _Keys[1]      = new OneKey(msg[4]);           // E_V
            _algKeyAgree  = msg[5];                       // HKDF_V
            _algAEAD      = msg[6];                       // AAEAD_V
            if (_fSymmetricSecret)
            {
                msgIndex = 7;
            }
            else
            {
                algVerify = msg[7];                                                                            // SIG_V
                _algSign  = _SelectAlgorithm(msg[8], new CBORObject[] { _SigningKey[CoseKeyKeys.Algorithm] }); // SIG_U
                msgIndex  = 9;
            }

            //  What is the hash algorithm to use?
            switch ((AlgorithmValuesInt)_algKeyAgree.AsInt32())
            {
            case AlgorithmValuesInt.ECDH_SS_HKDF_256:
                _MessageDigest = new Sha256Digest();
                break;

            case AlgorithmValuesInt.ECDH_SS_HKDF_512:
                _MessageDigest = new Sha512Digest();
                break;
            }


            Encrypt0Message enc0 = (Encrypt0Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(msg[msgIndex].EncodeToBytes(), Tags.Encrypt0);

            msg.Remove(msg[msgIndex]);
            byte[] data_2 = msg.EncodeToBytes();
            byte[] aad_2  = ConcatenateAndHash(new byte[2][] { _Messages[0], data_2 }, _MessageDigest);

            byte[][] useKeys = _DeriveKeys(_Keys, _SecretSalt, aad_2, _algAEAD);
            byte[]   encKey  = useKeys[0];
            enc0.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND);
            enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND);
            enc0.SetExternalData(aad_2);
            byte[] body = enc0.Decrypt(encKey);

            if (!_fSymmetricSecret)
            {
                CBORObject encBody = CBORObject.DecodeFromBytes(body);

                Sign1Message sign1 = (Sign1Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(encBody[0].GetByteString(), Tags.Sign1);
                sign1.AddAttribute(HeaderKeys.Algorithm, algVerify, Attributes.DO_NOT_SEND);

                CBORObject kid = sign1.FindAttribute(HeaderKeys.KeyId);
                sign1.SetExternalData(aad_2);



                foreach (OneKey sigKey in keySetPublic)
                {
                    sign1.Validate(sigKey); //FIND KEY);
                }
            }
            else
            {
                // body is the EXT_2 value
            }

            _LastMessageAuthenticator = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msgData }, _MessageDigest);
        }