public static void Main(string[] args)
{
if (args.Length != 2)
{
Console.WriteLine("Usage: ECCTest.exe ecdsaca.der ecdsakey.cng");
return;
}
X509Certificate2 cert = new X509Certificate2(args[0]);
PublicKey publicKey = cert.PublicKey;
ECDsaCng ecdsaPublicKey = GetECDSAFromPublicKey(publicKey);
ecdsaPublicKey.HashAlgorithm = CngAlgorithm.Sha512;
byte[] cngBlob = File.ReadAllBytes(args[1]);
CngKey cngKey = CngKey.Import(cngBlob, CngKeyBlobFormat.GenericPrivateBlob, CngProvider.MicrosoftSoftwareKeyStorageProvider);
ECDsaCng ecdsaPrivateKey = new ECDsaCng(cngKey);
ecdsaPrivateKey.HashAlgorithm = CngAlgorithm.Sha512;
byte[] data = new byte[256];
for (int i = 0; i < data.Length; i++)
{
data[i] = (byte)i;
}
byte[] signature = ecdsaPrivateKey.SignData(data);
PrintBytes("signature", signature);
Console.WriteLine("Signature verified: " + ecdsaPublicKey.VerifyData(data, signature));
ECDiffieHellmanBc alice = new ECDiffieHellmanBc();
ECDiffieHellmanCng bob = new ECDiffieHellmanCng();
byte[] aliceKey = alice.DeriveKeyMaterial(bob.PublicKey);
byte[] bobKey = bob.DeriveKeyMaterial(alice.PublicKey);
PrintBytes("alice key", aliceKey);
PrintBytes("bob key", bobKey);
Console.WriteLine("Running CMAC test");
byte[] keyBytes = new byte[24];
KeyParameter key = new KeyParameter(keyBytes);
byte[] hashedData = new byte[31];
for (int i = 0; i < hashedData.Length; i++)
{
hashedData[i] = (byte)i;
}
CMac cmac = new CMac(new AesEngine(), 128);
cmac.Init(key);
cmac.BlockUpdate(hashedData, 0, hashedData.Length);
byte[] hash = new byte[cmac.GetMacSize()];
cmac.DoFinal(hash, 0);
PrintBytes("hash", hash);
}
protected byte[] AES_CMAC(CBORObject alg, byte[] K)
{
int cbitKey;
int cbitTag;
IBlockCipher aes = new AesFastEngine();
CMac mac = new CMac(aes);
KeyParameter ContentKey;
// The requirements from spec
// IV is 128 bits of zeros
// key sizes are 128, 192 and 256 bits
// Authentication tag sizes are 64 and 128 bits
byte[] IV = new byte[128 / 8];
Debug.Assert(alg.Type == CBORType.TextString);
switch (alg.AsString())
{
case "AES-CMAC-128/64":
cbitKey = 128;
cbitTag = 64;
break;
case "AES-CMAC-256/64":
cbitKey = 256;
cbitTag = 64;
break;
default:
throw new Exception("Unrecognized algorithm");
}
if (K.Length != cbitKey / 8)
{
throw new CoseException("Key is incorrectly sized");
}
ContentKey = new KeyParameter(K);
// Build the text to be digested
mac.Init(ContentKey);
byte[] toDigest = BuildContentBytes();
byte[] C = new byte[128 / 8];
mac.BlockUpdate(toDigest, 0, toDigest.Length);
mac.DoFinal(C, 0);
byte[] rgbOut = new byte[cbitTag / 8];
Array.Copy(C, 0, rgbOut, 0, cbitTag / 8);
return(rgbOut);
}
public void runTest()
{
IBlockCipher cipher = new AesEngine();
IMac mac = new CMac(cipher, 128);
KeyParameter key = new KeyParameter(keyBytes128);
var Encryption_derived_Block_AES128 = new KeyDerevationBlock()
{
Counter = "01", KeyUsageIndicator = "0000", Seperator = "00", AlgorithmIndicator = "0002",
Length = "0080"
};
byte[] EncryptionBlockInput = Encryption_derived_Block_AES128.CreateKeyDevBytes();
var MAC_derived_Block_AES128 = new KeyDerevationBlock()
{
Counter = "01", KeyUsageIndicator = "0001", Seperator = "00", AlgorithmIndicator = "0002",
Length = "0080"
};
byte[] MACnBlockInput = MAC_derived_Block_AES128.CreateKeyDevBytes();
Console.WriteLine("----------------------------------------------------------------");
Console.WriteLine("Deriving a Key for Encryption");
Console.WriteLine("Using input derivation key: " + Encryption_derived_Block_AES128.CreateKeyDev());
mac.Init(key);
mac.BlockUpdate(EncryptionBlockInput, 0, EncryptionBlockInput.Length);
byte[] outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
Console.WriteLine("Derived Encryption Key:" + Hex.ToHexString(outBytes));
Derived_Encryption_Key = outBytes;
Console.WriteLine("----------------------------------------------------------------");
Console.WriteLine("Deriving a Key for MAC");
Console.WriteLine("Using input derivation key: " + MAC_derived_Block_AES128.CreateKeyDev());
mac.Init(key);
mac.BlockUpdate(MACnBlockInput, 0, MACnBlockInput.Length);
mac.DoFinal(outBytes, 0);
Console.WriteLine("Derived MAC Key:" + Hex.ToHexString(outBytes));
Derived_MAC_Key = outBytes;
Console.WriteLine("----------------------------------------------------------------");
//build block
}
private static byte[] Scp03_mac(byte[] keybytes, byte[] msg, int lengthBits)
{
// FIXME: programmatically set the crypto backend
IBlockCipher cipher = new AesEngine();
CMac cmac = new CMac(cipher);
cmac.Init(new KeyParameter(keybytes));
cmac.BlockUpdate(msg, 0, msg.Length);
byte[] outVal = new byte[cmac.GetMacSize()];
cmac.DoFinal(outVal, 0);
return(Arrays.CopyOf(outVal, lengthBits / 8));
}
private byte[] AesCMac(byte[] inputBytes)
{
var mac = new CMac(_myAes);
var keyParam = new KeyParameter(_config.DigestKey);
mac.Init(keyParam);
mac.BlockUpdate(inputBytes, 0, inputBytes.Length);
var hash = new byte[mac.GetMacSize()];
mac.DoFinal(hash, 0);
return(hash);
}
public static byte[] GetCMACDigest(byte[] data, byte[] key)
{
IBlockCipher cipher = new AesEngine();
IMac mac = new CMac(cipher, 128);
KeyParameter keyParam = new KeyParameter(key);
mac.Init(keyParam);
mac.BlockUpdate(data, 0, data.Length);
byte[] outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
return(outBytes);
}
public override void PerformTest()
{
IBlockCipher cipher = new AesEngine();
IMac mac = new CMac(cipher, 128);
//128 bytes key
KeyParameter key = new KeyParameter(keyBytes128);
// 0 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
byte[] outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m0))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k128_m0) + " got "
+ Hex.ToHexString(outBytes));
}
// 16 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m16))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k128_m16) + " got "
+ Hex.ToHexString(outBytes));
}
// 40 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m40))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k128_m40) + " got "
+ Hex.ToHexString(outBytes));
}
// 64 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m64))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k128_m64) + " got "
+ Hex.ToHexString(outBytes));
}
//192 bytes key
key = new KeyParameter(keyBytes192);
// 0 bytes message - 192 bytes key
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m0))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k192_m0) + " got "
+ Hex.ToHexString(outBytes));
}
// 16 bytes message - 192 bytes key
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m16))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k192_m16) + " got "
+ Hex.ToHexString(outBytes));
}
// 40 bytes message - 192 bytes key
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m40))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k192_m40) + " got "
+ Hex.ToHexString(outBytes));
}
// 64 bytes message - 192 bytes key
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m64))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k192_m64) + " got "
+ Hex.ToHexString(outBytes));
}
//256 bytes key
key = new KeyParameter(keyBytes256);
// 0 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m0))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k256_m0) + " got "
+ Hex.ToHexString(outBytes));
}
// 16 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m16))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k256_m16) + " got "
+ Hex.ToHexString(outBytes));
}
// 40 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m40))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k256_m40) + " got "
+ Hex.ToHexString(outBytes));
}
// 64 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m64))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k256_m64) + " got "
+ Hex.ToHexString(outBytes));
}
TestExceptions();
}
public static void PerformTest()
{
//ISO20038 vp = new ISO20038();
//vp.runTest();
//**
Console.WriteLine(" +-----+ +-----+ +-----+ +-----+ +-----+ +---+----+ ");
Console.WriteLine(" | M_1 | | M_2 | | M_n | | M_1 | | M_2 | |M_n|10^i| ");
Console.WriteLine(" +-----+ +-----+ +-----+ +-----+ +-----+ +---+----+ ");
Console.WriteLine(" | | | +--+ | | | +--+ ");
Console.WriteLine(" | +--->(+) +--->(+)<-|K1| | +--->(+) +--->(+)<-|K2| ");
Console.WriteLine(" | | | | | +--+ | | | | | +--+ ");
Console.WriteLine(" +-----+ | +-----+ | +-----+ +-----+ | +-----+ | +-----+ ");
Console.WriteLine(" |AES_K| | |AES_K| | |AES_K| |AES_K| | |AES_K | | |AES_K| ");
Console.WriteLine(" +-----+ | +-----+ | +-----+ +-----+ | +-----+ | +-----+ ");
Console.WriteLine(" | | | | | | | | | | ");
Console.WriteLine(" +-----+ +-----+ | +-----+ +-----+ | ");
Console.WriteLine(" | | ");
Console.WriteLine(" +-----+ +-----+ ");
Console.WriteLine(" | T | | T | ");
Console.WriteLine(" +-----+ +-----+ ");
IBlockCipher cipher = new AesEngine();
IMac mac = new CMac(cipher, 128);
Console.WriteLine("CMAC Init.. Cipher: " + cipher.AlgorithmName);
Console.WriteLine("CMAC Init.. MAC BlockSize: " + 128);
Console.WriteLine("----------------------------------------------------------------");
//128 bytes key
KeyParameter key = new KeyParameter(keyBytes128);
Console.WriteLine("Example 1:Message len = 0 bytes, key = " + keyBytes128.Length + " bytes");
Console.WriteLine("M: <empty string>");
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes128));
// 0 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
byte[] outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m0))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k128_m0) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 16 bytes message - 128 bytes key
Console.WriteLine("Example 2: Message len = " + input16.Length + " bytes, key = " + keyBytes128.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input16));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes128));
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m16))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k128_m16) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 40 bytes message - 128 bytes key
Console.WriteLine("Example 3: Message len = " + input40.Length + " bytes, key = " + keyBytes128.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input40));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes128));
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m40))
{
Console.WriteLine("Failed - expected " + Hex.ToHexString(output_k128_m40) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 64 bytes message - 128 bytes key
Console.WriteLine("Example 4: Message len = " + input64.Length + " bytes, key = " + keyBytes128.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input64));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes128));
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if ((!AreEqual(outBytes, output_k128_m64)))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k128_m64) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
//192 bytes key
key = new KeyParameter(keyBytes192);
Console.WriteLine("Example 5: Message len = 0 bytes, key = " + keyBytes192.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input0));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes192));
// 0 bytes message - 192 bytes ke
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m0))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k192_m0) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("Generated CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 16 bytes message - 192 bytes key
Console.WriteLine("Example 6: Message len = " + input16.Length + " bytes, key = " + keyBytes192.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input16));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes192));
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m16))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k192_m16) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("Generated CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 40 bytes message - 192 bytes key
Console.WriteLine("Example 7: Message len = " + input40.Length + " bytes, key = " + keyBytes192.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input40));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes192));
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m40))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k192_m40) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("Generated CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 64 bytes message - 192 bytes key
Console.WriteLine("Example 8: Message len = " + input64.Length + " bytes, key = " + keyBytes192.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input64));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes192));
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m64))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k192_m64) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("Generated CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
//256 bytes key
key = new KeyParameter(keyBytes256);
Console.WriteLine("Example 9: Message len = 0 bytes, key = " + keyBytes256.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input0));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes256));
// 0 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m0))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k256_m0) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("Generated CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 16 bytes message - 256 bytes key
Console.WriteLine("Example 10: Message len = " + input16.Length + " bytes, key = " + keyBytes256.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input16));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes256));
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m16))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k256_m16) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("Generated CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 40 bytes message - 256 bytes key
Console.WriteLine("Example 11: Message len = " + input40.Length + " bytes, key = " + keyBytes256.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input40));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes256));
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m40))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k256_m40) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("Generated CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
// 64 bytes message - 256 bytes key
Console.WriteLine("Example 12: Message len = " + input64.Length + " bytes, key = " + keyBytes256.Length + " bytes");
Console.WriteLine("M: " + Hex.ToHexString(input64));
Console.WriteLine("KEY: " + Hex.ToHexString(keyBytes256));
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m64))
{
Console.WriteLine("Failed - expected "
+ Hex.ToHexString(output_k256_m64) + " got "
+ Hex.ToHexString(outBytes));
}
Console.WriteLine("Generated CMAC:" + Hex.ToHexString(outBytes));
Console.WriteLine("----------------------------------------------------------------");
TestExceptions();
}