public static int GetHFromCode(BitString typecode)
{
if (typecode.Equals(new BitString(5, 32)))
{
return(5);
}
else if (typecode.Equals(new BitString(6, 32)))
{
return(10);
}
else if (typecode.Equals(new BitString(7, 32)))
{
return(15);
}
else if (typecode.Equals(new BitString(8, 32)))
{
return(20);
}
else if (typecode.Equals(new BitString(9, 32)))
{
return(25);
}
else
{
return(0); // by default
}
}
public void Equals_Bitstring_ShouldReturnFalse_WhenNotEqual()
{
var bitString = new BitString("10010100");
var other = new BitString("10010110");
Assert.IsFalse(bitString.Equals(other));
}
public void Equals_Bitstring_ShouldReturnTrue_WhenSameInstance()
{
var bitString = new BitString();
var other = bitString;
Assert.IsTrue(bitString.Equals(other));
}
public void Equals_Object_ShouldReturnFalse_WhenNotBitstring()
{
var bitString = new BitString();
var other = "";
Assert.IsFalse(bitString.Equals(other));
}
public void Equals_Object_ShouldReturnTrue_WhenEqual()
{
var bitString = new BitString("10010110");
object other = new BitString("10010110");
Assert.IsTrue(bitString.Equals(other));
}
public void Equals_Bitstring_ShouldReturnFalse_WhenNullOther()
{
var bitString = new BitString();
BitString other = null;
Assert.IsFalse(bitString.Equals(other));
}
public void Equals_Bitstring_ShouldReturnFalse_WhenNotSameLength()
{
var bitString = new BitString("10010100");
var other = new BitString("100101");
Assert.IsTrue(Enumerable.SequenceEqual(bitString.Bytes, other.Bytes));
Assert.IsFalse(bitString.Equals(other));
}
public void Equals_Bitstring_ShouldReturnTrue_WhenEqual()
{
var bitString = new BitString("10010110");
var other = new BitString("10010110");
Assert.AreNotSame(bitString, other);
Assert.IsTrue(bitString.Equals(other));
}
// Computes Kc as described in rfc 8554
public BitString Algorithm4b(BitString sig, BitString msg, BitString pubType, BitString I, BitString q)
{
// 1. If the signature is not at least four bytes long, return INVALID.
if (sig.BitLength < 32)
{
return(null);
}
// 2. Parse sigtype, C, and y from the signature as follows:
// a. sigtype = strTou32(first 4 bytes of signature)
var sigType = sig.MSBSubstring(0, 32);
// b. If sigtype is not equal to pubtype, return INVALID.
if (!pubType.Equals(sigType))
{
return(null);
}
// c. Set n and p according to the pubtype and Table 1; if the signature is not exactly 4 + n * (p + 1)
// bytes long, return INVALID.
var p = LmotsModeMapping.GetPFromCode(sigType);
var n = LmotsModeMapping.GetNFromCode(sigType);
if (sig.BitLength != (4 + (n * (p + 1))) * 8)
{
return(null);
}
// d. C = next n bytes of signature
var C = sig.MSBSubstring(32, n * 8);
// e. y[0] = next n bytes of signature
// y[1] = next n bytes of signature
// ...
// y[p - 1] = next n bytes of signature
var y = sig.MSBSubstring((n * 8) + 32, p * n * 8);
// 3. Compute the string Kc as described in rfc 8554
var Q = _sha256.HashMessage(I
.ConcatenateBits(q)
.ConcatenateBits(D_MESG)
.ConcatenateBits(C)
.ConcatenateBits(msg)).Digest;
var cksmQ = CheckSum(Q);
var QcksmQ = Q.ConcatenateBits(cksmQ);
var z = LmsDllLoader.GenZ(_p, _n, _w, y.ToBytes(), QcksmQ.ToBytes(), I.ToBytes(), q.ToBytes());
var concatenated = I.ConcatenateBits(q).ConcatenateBits(D_PBLC);
concatenated = concatenated.ConcatenateBits(new BitString(z));
var Kc = _sha256.HashMessage(concatenated).Digest;
// 4. Return Kc.
return(Kc);
}
public void Setup()
{
_left = new BitString(N);
_right = new BitString(N);
while (_left.Equals(_right))
{
_left.SetRandomBits();
_right.SetRandomBits();
}
}
private BitString Final(int digestLength, int capacity, string functionName, BitString customizationHex)
{
if (functionName.Equals("") && BitString.Equals(customizationHex, new BitString(0)))
{
return(KeccakInternals.Keccak(_message, digestLength, capacity, true));
}
var formattedMessage = CSHAKEHelpers.FormatMessage(_message, capacity, functionName, customizationHex);
return(KeccakInternals.Keccak(formattedMessage, digestLength, capacity, true, true));
}
private static void TestToOperationsWithSameMeaning(Action <BitString, BitString, BitString, BitString> test)
{
const int n = 5654;
var x = new BitString(n);
var y = new BitString(n);
while (x.Equals(y))
{
x.SetRandomBits();
y.SetRandomBits();
}
var w = new BitString(x);
var v = new BitString(y);
Assert.False(x.Equals(y));
Assert.False(w.Equals(v));
Assert.True(x.Equals(w));
Assert.True(y.Equals(v));
test(x, y, w, v);
Assert.True(x.Equals(w));
}
public static int GetPFromCode(BitString typecode)
{
if (typecode.Equals(new BitString(1, 32)))
{
return(265);
}
else if (typecode.Equals(new BitString(2, 32)))
{
return(133);
}
else if (typecode.Equals(new BitString(3, 32)))
{
return(67);
}
else if (typecode.Equals(new BitString(4, 32)))
{
return(34);
}
else
{
return(0); // by default
}
}
public void ShouldReportErrorOnInvalidDecryptionTagNewEngine(
string testLabel,
string keyString,
string ivString,
string aadString,
string plainTextString,
string cipherTextString,
string tagString,
int tagLength
)
{
BitString key = new BitString(keyString);
BitString iv = new BitString(ivString);
BitString aad = new BitString(aadString);
BitString plainText = new BitString(plainTextString);
BitString cipherText = new BitString(cipherTextString);
BitString tag = new BitString(tagString);
var gcmEncryptParam = new AeadModeBlockCipherParameters(
BlockCipherDirections.Encrypt,
iv,
key,
plainText,
aad,
tag.BitLength
);
var encryptResult = _subject.ProcessPayload(gcmEncryptParam);
Assert.That(encryptResult.Success, nameof(_subject.ProcessPayload));
Assert.That(tag.Equals(encryptResult.Tag), nameof(encryptResult.Tag));
var xoredTag = encryptResult.Tag.XOR(GetBitStringOfLengthWithAll1s(encryptResult.Tag.BitLength));
var gcmDecryptParam = new AeadModeBlockCipherParameters(
BlockCipherDirections.Decrypt,
iv,
key,
encryptResult.Result,
aad,
xoredTag
);
var decryptResult = _subject.ProcessPayload(gcmDecryptParam);
Assert.IsFalse(decryptResult.Success, nameof(_subject.ProcessPayload));
Assert.AreEqual("Tags do not match", decryptResult.ErrorMessage, nameof(decryptResult.ErrorMessage));
}
public void ShouldGetDifferingPlainTextAfterDecryptionWithModifiedCipherTextNewEngine(
string testLabel,
string keyString,
string ivString,
string aadString,
string plainTextString,
string cipherTextString,
string tagString,
int tagLength
)
{
BitString key = new BitString(keyString);
BitString iv = new BitString(ivString);
BitString aad = new BitString(aadString);
BitString plainText = new BitString(plainTextString);
BitString cipherText = new BitString(cipherTextString);
BitString tag = new BitString(tagString);
var gcmEncryptParam = new AeadModeBlockCipherParameters(
BlockCipherDirections.Encrypt,
iv,
key,
plainText,
aad,
tag.BitLength
);
var encryptResult = _subject.ProcessPayload(gcmEncryptParam);
Assert.That(encryptResult.Success, nameof(_subject.ProcessPayload));
Assert.That(tag.Equals(encryptResult.Tag), nameof(encryptResult.Tag));
var xoredTag = encryptResult.Tag.XOR(GetBitStringOfLengthWithAll1s(encryptResult.Tag.BitLength));
var gcmDecryptParam = new AeadModeBlockCipherParameters(
BlockCipherDirections.Decrypt,
iv,
key,
encryptResult.Result,
aad,
xoredTag
);
var decryptResult = _subject.ProcessPayload(gcmDecryptParam);
Assert.AreNotEqual(plainText, decryptResult.Result, nameof(plainText));
}
public static BitString Encode(EdPoint point, int b)
{
var encoding = new BitString(point.Y, b);
var xBit = new BitString(point.X, b).GetLeastSignificantBits(1);
var bytes = new byte[b / 8];
bytes[0] = 1 << 7;
if (xBit.Equals(BitString.One()))
{
encoding = encoding.OR(new BitString(bytes));
}
else
{
encoding = encoding.AND(new BitString(bytes).NOT());
}
return(BitString.ReverseByteOrder(encoding)); // switch to little endian
}
private BitString Divide(BitString a, BitString b)
{
if (b.Equals(BitString.Zeroes(b.BitLength)))
{
return(BitString.Zeroes(a.BitLength));
}
var aBigInt = a.ToPositiveBigInteger();
var bBigInt = b.ToPositiveBigInteger();
var result = new BitString(aBigInt / bBigInt);
// Ensure result is the same number of bits as a
if (result.BitLength > a.BitLength)
{
result = result.GetLeastSignificantBits(a.BitLength);
}
else if (result.BitLength < a.BitLength)
{
result = BitString.Zeroes(a.BitLength - result.BitLength).ConcatenateBits(result);
}
return(result);
}