static public EdhocResponder ParseMessage3(byte[] msgData, KeySet serverKeys)
{
CBORObject algVerify = null;
CBORObject msg = CBORObject.DecodeFromBytes(msgData);
if (msg.Type != CBORType.Array)
{
throw new Exception("Invalid message");
}
EdhocResponder edhoc = MessageList[new ListKey(msg[1].GetByteString())];
edhoc._Messages[2] = msgData;
if (edhoc._fSymmetricSecret)
{
if (msg[0].AsInt16() != 6)
{
throw new Exception("Invalid Message");
}
}
else
{
if (msg[0].AsInt16() != 3)
{
throw new Exception("Invalid Message");
}
}
Encrypt0Message enc0 = (Encrypt0Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(msg[2].GetByteString(), Tags.Encrypt0);
msg.Remove(msg[2]);
byte[] data_3 = msg.EncodeToBytes();
byte[] aad_3 = ConcatenateAndHash(new byte[][] { edhoc._LastMessageAuthenticator, data_3 }, edhoc._MessageDigest);
byte[][] useKeys = _DeriveKeys(edhoc._Keys, edhoc._SecretSalt, aad_3, edhoc._algAEAD);
byte[] encKey = useKeys[0];
enc0.AddAttribute(HeaderKeys.Algorithm, edhoc._algAEAD, Attributes.DO_NOT_SEND);
enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND);
enc0.SetExternalData(aad_3);
byte[] body = enc0.Decrypt(encKey);
if (!edhoc._fSymmetricSecret)
{
CBORObject encBody = CBORObject.DecodeFromBytes(body);
Sign1Message sign1 = (Sign1Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(encBody[0].GetByteString(), Tags.Sign1);
sign1.AddAttribute(HeaderKeys.Algorithm, edhoc._algSign, Attributes.DO_NOT_SEND);
CBORObject kidObject = sign1.FindAttribute(HeaderKeys.KeyId);
byte[] kid = null;
if (kidObject != null)
{
kid = kidObject.GetByteString();
}
sign1.SetExternalData(aad_3);
KeySet keys = new KeySet();
foreach (OneKey sigKey in serverKeys)
{
if (sigKey.HasKid(kid))
{
keys.AddKey(sigKey);
}
}
List <OneKey> ks = new List <OneKey>();
List <OneKey> ks2 = ks.Where(f => f.HasKid(kid)).ToList();
OneKey signingKey = null;
foreach (OneKey sigKey in keys)
{
try {
sign1.Validate(sigKey);
signingKey = sigKey;
}
catch (Exception) {
// nop;
}
}
if (signingKey == null)
{
throw new Exception("Unable to complete - no signing key found");
}
}
else
{
// body is the EXT_3 value
}
edhoc._LastMessageAuthenticator = ConcatenateAndHash(new byte[][] { edhoc._LastMessageAuthenticator, msgData }, edhoc._MessageDigest);
return(edhoc);
}
/// <summary>
///
/// </summary>
/// <param name="msgData"></param>
/// <param name="keySetPublic"></param>
public void ParseMessage2(byte[] msgData, KeySet keySetPublic)
{
int msgIndex;
CBORObject algVerify = null;
CBORObject msg = CBORObject.DecodeFromBytes(msgData);
if (msg.Type != CBORType.Array)
{
throw new Exception("Invalid message");
}
_Messages[1] = msgData;
if (_fSymmetricSecret)
{
if (msg[0].AsInt16() != 5)
{
throw new Exception("Invalid Message");
}
}
else
{
if (msg[0].AsInt16() != 2)
{
throw new Exception("Invalid Message");
}
}
_SessionId[1] = msg[2].GetByteString(); // S_V
_Nonce[1] = msg[3].GetByteString(); // N_V
_Keys[1] = new OneKey(msg[4]); // E_V
_algKeyAgree = msg[5]; // HKDF_V
_algAEAD = msg[6]; // AAEAD_V
if (_fSymmetricSecret)
{
msgIndex = 7;
}
else
{
algVerify = msg[7]; // SIG_V
_algSign = _SelectAlgorithm(msg[8], new CBORObject[] { _SigningKey[CoseKeyKeys.Algorithm] }); // SIG_U
msgIndex = 9;
}
// What is the hash algorithm to use?
switch ((AlgorithmValuesInt)_algKeyAgree.AsInt32())
{
case AlgorithmValuesInt.ECDH_SS_HKDF_256:
_MessageDigest = new Sha256Digest();
break;
case AlgorithmValuesInt.ECDH_SS_HKDF_512:
_MessageDigest = new Sha512Digest();
break;
}
Encrypt0Message enc0 = (Encrypt0Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(msg[msgIndex].EncodeToBytes(), Tags.Encrypt0);
msg.Remove(msg[msgIndex]);
byte[] data_2 = msg.EncodeToBytes();
byte[] aad_2 = ConcatenateAndHash(new byte[2][] { _Messages[0], data_2 }, _MessageDigest);
byte[][] useKeys = _DeriveKeys(_Keys, _SecretSalt, aad_2, _algAEAD);
byte[] encKey = useKeys[0];
enc0.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND);
enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND);
enc0.SetExternalData(aad_2);
byte[] body = enc0.Decrypt(encKey);
if (!_fSymmetricSecret)
{
CBORObject encBody = CBORObject.DecodeFromBytes(body);
Sign1Message sign1 = (Sign1Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(encBody[0].GetByteString(), Tags.Sign1);
sign1.AddAttribute(HeaderKeys.Algorithm, algVerify, Attributes.DO_NOT_SEND);
CBORObject kid = sign1.FindAttribute(HeaderKeys.KeyId);
sign1.SetExternalData(aad_2);
foreach (OneKey sigKey in keySetPublic)
{
sign1.Validate(sigKey); //FIND KEY);
}
}
else
{
// body is the EXT_2 value
}
_LastMessageAuthenticator = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msgData }, _MessageDigest);
}
