public void noContent() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.Encrypt(rgbKey128); }
public void noAlgorithm() { Encrypt0Message msg = new Encrypt0Message(); msg.SetContent(strContent); msg.Encrypt(rgbKey128); }
public void unknownAlgorithm() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, CBORObject.FromObject("Unknown"), Attributes.PROTECTED); msg.SetContent(strContent); msg.Encrypt(rgbKey128); }
public void incorrectKeySize() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.SetContent(strContent); msg.Encrypt(rgbKey256); }
public void nullKey() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.SetContent(strContent); msg.Encrypt(null); }
public void unsupportedAlgorithm() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.HMAC_SHA_256, Attributes.PROTECTED); msg.SetContent(strContent); msg.Encrypt(rgbKey128); }
public void incorrectIV() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV128), Attributes.UNPROTECTED); msg.SetContent(strContent); msg.Encrypt(rgbKey128); }
public void EncryptNullKey() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.SetContent(rgbContent); Assert.ThrowsException <CoseException>(() => msg.Encrypt(null)); }
public void testSetContent_byteArr() { byte[] rgbData = new byte[] { 1, 2, 3, 4, 5, 6, 7 }; Message instance = new Encrypt0Message(); instance.SetContent(rgbData); byte[] result = instance.GetContent(); Assert.AreEqual(result, (rgbData)); }
public void EncryptNoContent() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Encrypt(rgbKey128)); Assert.AreEqual(e.Message, ("No Content Specified")); }
public void EncryptNoAlgorithm() { Encrypt0Message msg = new Encrypt0Message(); msg.SetContent(rgbContent); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Encrypt(rgbKey128)); Assert.AreEqual(e.Message, ("No Algorithm Specified")); }
public void EncryptIncorrectKeySize() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.SetContent(rgbContent); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Encrypt(rgbKey256)); Assert.AreEqual(e.Message, ("Incorrect Key Size")); }
public void EncryptUnknownAlgorithm() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, CBORObject.FromObject("Unknown"), Attributes.PROTECTED); msg.SetContent(rgbContent); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Encrypt(rgbKey128)); Assert.AreEqual(e.Message, ("Unknown Algorithm Specified")); }
public void EncryptUnsupportedAlgorithm() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.HMAC_SHA_256, Attributes.PROTECTED); msg.SetContent(rgbContent); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Encrypt(rgbKey128)); Assert.AreEqual(e.Message, ("Unknown Algorithm Specified")); }
public void testHasContent() { Message instance = new Encrypt0Message(); Boolean expResult = false; Boolean result = instance.HasContent(); Assert.AreEqual(expResult, (expResult)); instance.SetContent(new byte[10]); result = instance.HasContent(); Assert.AreEqual(result, (true)); }
public void EncryptIncorrectIV() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV128), Attributes.UNPROTECTED); msg.SetContent(rgbContent); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Encrypt(rgbKey128)); Assert.AreEqual(e.Message, ("IV size is incorrect.")); }
public void testSetContent_String() { String strData = "12345678"; byte[] rgbData = new byte[] { 49, 50, 51, 52, 53, 54, 55, 56 }; Message instance = new Encrypt0Message(); instance.SetContent(strData); byte[] result = instance.GetContent(); Assert.AreEqual(result, (rgbData)); }
public void EncryptNoTag() { Encrypt0Message msg = new Encrypt0Message(false, true); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED); msg.SetContent(rgbContent); msg.Encrypt(rgbKey128); CBORObject cn = msg.EncodeToCBORObject(); Assert.AreEqual(cn.IsTagged, (false)); }
public void encryptNoEmitContent() { Encrypt0Message msg = new Encrypt0Message(true, false); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED); msg.SetContent(strContent); msg.Encrypt(rgbKey128); CBORObject cn = msg.EncodeToCBORObject(); Assert.IsTrue(cn[2].IsNull); }
public void testDecodeFromBytes_byteArr_MessageTag() { Encrypt0Message msg = new Encrypt0Message(true, false); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED); msg.SetContent(rgbContent); msg.Encrypt(rgbKey128); byte[] rgbMsg = msg.EncodeToBytes(); msg = (Encrypt0Message)Message.DecodeFromBytes(rgbMsg); Assert.AreEqual(false, (msg.HasContent())); }
public byte[] CreateMessage3() { CBORObject msg = CBORObject.NewArray(); if (_fSymmetricSecret) { msg.Add(6); } else { msg.Add(3); } msg.Add(_SessionId[1]); byte[] aad_3 = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msg.EncodeToBytes() }, _MessageDigest); byte[] signBody = new byte[0]; if (!_fSymmetricSecret) { Sign1Message sign1 = new Sign1Message(false, false); sign1.SetContent(aad_3); sign1.AddAttribute(HeaderKeys.Algorithm, _algSign, Attributes.DO_NOT_SEND); sign1.AddAttribute(HeaderKeys.KeyId, _SigningKey[CoseKeyKeys.KeyIdentifier], Attributes.UNPROTECTED); sign1.Sign(_SigningKey); CBORObject obj = CBORObject.NewArray(); obj.Add(sign1.EncodeToBytes()); signBody = obj.EncodeToBytes(); } byte[][] encKeys = _DeriveKeys(_Keys, _SecretSalt, aad_3, _algAEAD); Encrypt0Message enc = new Encrypt0Message(false); enc.SetContent(signBody); enc.SetExternalData(aad_3); enc.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND); enc.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(encKeys[1]), Attributes.DO_NOT_SEND); enc.Encrypt(encKeys[0]); msg.Add(enc.EncodeToBytes()); byte[] msgOut = msg.EncodeToBytes(); _LastMessageAuthenticator = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msgOut }, _MessageDigest); return(msgOut); }
public void testDecodeUnknown() { Encrypt0Message msg = new Encrypt0Message(false, true); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED); msg.SetContent(rgbContent); msg.Encrypt(rgbKey128); byte[] rgbMsg = msg.EncodeToBytes(); CoseException e = Assert.ThrowsException <CoseException>(() => msg = (Encrypt0Message)Message.DecodeFromBytes(rgbMsg, Tags.Unknown)); Assert.AreEqual(e.Message, ("Message was not tagged and no default tagging option given")); }
public void roundTrip() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED); msg.SetContent(strContent); msg.Encrypt(rgbKey128); byte[] rgbMsg = msg.EncodeToBytes(); msg = (Encrypt0Message)Message.DecodeFromBytes(rgbMsg); msg.Decrypt(rgbKey128); Assert.AreEqual <string>(msg.GetContentAsString(), strContent); }
public void TestRoundTrip4() { Encrypt0Message msg = new Encrypt0Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED); msg.SetContent(rgbContent); msg.Encrypt(rgbKey128); CBORObject rgbMsg = msg.EncodeToCBORObject(); msg = (Encrypt0Message)Message.DecodeFromCBOR(rgbMsg); byte[] contentNew = msg.Decrypt(rgbKey128); CollectionAssert.AreEqual(rgbContent, (contentNew)); }
public void nullKeyForDecrypt() { Encrypt0Message msg = new Encrypt0Message(true, true); // thrown.expect(CoseException.class); // thrown.expectMessage("No Encrypted Content Specified"); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED); msg.SetContent(strContent); msg.Encrypt(rgbKey128); byte[] rgb = msg.EncodeToBytes(); msg = (Encrypt0Message)Message.DecodeFromBytes(rgb); msg.Decrypt(null); }
public void roundTripDetached() { Encrypt0Message msg = new Encrypt0Message(true, false); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED); msg.SetContent(strContent); msg.Encrypt(rgbKey128); byte[] content = msg.GetEncryptedContent(); byte[] rgb = msg.EncodeToBytes(); msg = (Encrypt0Message)Message.DecodeFromBytes(rgb); msg.SetEncryptedContent(content); msg.Decrypt(rgbKey128); }
public void NoContentForDecrypt() { Encrypt0Message msg = new Encrypt0Message(true, false); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED); msg.SetContent(rgbContent); msg.Encrypt(rgbKey128); byte[] rgb = msg.EncodeToBytes(); msg = (Encrypt0Message)Message.DecodeFromBytes(rgb); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Decrypt(rgbKey128)); Assert.AreEqual(e.Message, ("No Encrypted Content Specified.")); }
private static Encrypt0Message Uncompress(byte[] raw) { CBORObject map = CBORObject.NewMap(); if (raw.Length == 0) { raw = new byte[1]; } // Decode the wierd body // First byte is of the form 0abcdeee where abcd are flags and eee is the the IV size. if (0 != (raw[0] & 0x80)) { return(null); // This is not legal } if (0 != (raw[0] & 0x40)) { return(null); // These are not currently supported. } int iX = 1; if (0 != (raw[0] & 0x07)) { byte[] ivX = new byte[raw[0] & 0x7]; Array.Copy(raw, iX, ivX, 0, ivX.Length); map.Add(HeaderKeys.PartialIV, ivX); iX += ivX.Length; } if (0 != (raw[0] & 0x10)) { byte[] gidX = new byte[raw[iX]]; Array.Copy(raw, iX + 1, gidX, 0, gidX.Length); iX += (gidX.Length + 1); map.Add(CBORObject.FromObject("gid"), gidX); } if (0 != (raw[0] & 0x20)) { byte[] counter = new byte[raw[iX]]; Array.Copy(raw, iX + 1, counter, 0, counter.Length); iX += (counter.Length + 1); map.Add(HeaderKeys.CounterSignature, counter); } if (0 != (raw[0] & 0x08)) { byte[] kidX = new byte[raw.Length - iX]; Array.Copy(raw, iX, kidX, 0, kidX.Length); map.Add(HeaderKeys.KeyId, kidX); } CBORObject msgX = CBORObject.NewArray(); msgX.Add(new byte[0]); msgX.Add(map); msgX.Add(CBORObject.Null); Encrypt0Message msg = (Encrypt0Message)COSE.Message.DecodeFromBytes(msgX.EncodeToBytes(), Tags.Encrypt0); return(msg); }
private static byte[] DoCompression(Encrypt0Message msg) { // Start with 0abc deee // a, b, c and d are presence flags // eee is the length of the iv field. int cbSize = 1; // CBORObject partialIV = msg.FindAttribute(HeaderKeys.PartialIV); byte[] iv = new byte[0]; if (partialIV != null) { iv = partialIV.GetByteString(); } cbSize += iv.Length; byte head = (byte)iv.Length; // Context Hint/Group ID CBORObject gid = msg.FindAttribute(CBORObject.FromObject("gid")); if (gid != null) { cbSize += (1 + gid.GetByteString().Length); head |= 0x10; } CBORObject sig = msg.FindAttribute(HeaderKeys.CounterSignature); byte[] sigBytes = null; if (sig != null) { sigBytes = sig.EncodeToBytes(); cbSize += (1 + sigBytes.Length); head |= 0x20; } CBORObject kid = msg.FindAttribute(HeaderKeys.KeyId); if (kid != null) { cbSize += (0 + kid.GetByteString().Length); head |= 0x08; } // Additional items to flag byte[] encBody = new byte[cbSize]; encBody[0] = head; cbSize = 1; if (iv.Length > 0) { Array.Copy(iv, 0, encBody, cbSize, iv.Length); cbSize += iv.Length; } if (gid != null) { if (gid.GetByteString().Length > 255) { throw new Exception("GID too large"); } encBody[cbSize] = (byte)gid.GetByteString().Length; Array.Copy(gid.GetByteString(), 0, encBody, cbSize + 1, gid.GetByteString().Length); cbSize += gid.GetByteString().Length + 1; } if (sig != null) { if (sigBytes.Length > 255) { throw new Exception("SIG too large"); } encBody[cbSize] = (byte)sigBytes.Length; Array.Copy(sigBytes, 0, encBody, cbSize + 1, sig.GetByteString().Length); cbSize += sigBytes.Length + 1; } if (kid != null) { if (kid.GetByteString().Length > 255) { throw new Exception("KID too large"); } Array.Copy(kid.GetByteString(), 0, encBody, cbSize, kid.GetByteString().Length); } #if DEBUG { CBORObject xxx = msg.EncodeToCBORObject(); Console.WriteLine("Protected Attributes = " + BitConverter.ToString(xxx[0].GetByteString())); } #endif return(encBody); }
/// <inheritdoc /> public override void SendRequest(INextLayer nextLayer, Exchange exchange, Request request) { if ((request.OscoapContext != null) || (exchange.OscoapContext != null)) { SecurityContext ctx = exchange.OscoapContext; if (request.OscoapContext != null) { ctx = request.OscoapContext; exchange.OscoapContext = ctx; } Codec.IMessageEncoder me = Spec.NewMessageEncoder(); Request encryptedRequest = new Request(request.Method); if (request.Payload != null) { encryptedRequest.Payload = request.Payload; } MoveRequestHeaders(request, encryptedRequest); _Log.Info(m => m("New inner response message\n{0}", encryptedRequest.ToString())); ctx.Sender.IncrementSequenceNumber(); Encrypt0Message enc = new Encrypt0Message(false); byte[] msg = me.Encode(encryptedRequest); int tokenSize = msg[0] & 0xf; byte[] msg2 = new byte[msg.Length - (3 + tokenSize)]; Array.Copy(msg, 4 + tokenSize, msg2, 1, msg2.Length - 1); msg2[0] = msg[1]; enc.SetContent(msg2); // Build AAD CBORObject aad = CBORObject.NewArray(); aad.Add(CBORObject.FromObject(1)); // version aad.Add(CBORObject.NewArray()); aad[1].Add(CBORObject.FromObject(ctx.Sender.Algorithm)); aad.Add(CBORObject.FromObject(ctx.Sender.Id)); aad.Add(CBORObject.FromObject(ctx.Sender.PartialIV)); aad.Add(CBORObject.FromObject(new byte[0])); if (ctx.GroupId != null) { aad.Add(CBORObject.FromObject(ctx.GroupId)); } #if DEBUG switch (SecurityContext.FutzError) { case 1: aad[0] = CBORObject.FromObject(2); break; // Change version # case 2: aad[1] = CBORObject.FromObject(request.Code + 1); break; // Change request code case 3: aad[2] = CBORObject.FromObject(ctx.Sender.Algorithm.AsInt32() + 1); break; // Change algorithm number } #endif _Log.Info(m => m("SendRequest: AAD = {0}", BitConverter.ToString(aad.EncodeToBytes()))); enc.SetExternalData(aad.EncodeToBytes()); #if DEBUG { byte[] fooX = ctx.Sender.PartialIV; if (SecurityContext.FutzError == 8) { fooX[fooX.Length - 1] += 1; } enc.AddAttribute(HeaderKeys.IV, ctx.Sender.GetIV(fooX), Attributes.DO_NOT_SEND); } #else enc.AddAttribute(HeaderKeys.IV, ctx.Sender.GetIV(ctx.Sender.PartialIV), Attributes.DO_NOT_SEND); #endif enc.AddAttribute(HeaderKeys.PartialIV, CBORObject.FromObject(ctx.Sender.PartialIV), /* Attributes.PROTECTED */ Attributes.DO_NOT_SEND); enc.AddAttribute(HeaderKeys.Algorithm, ctx.Sender.Algorithm, Attributes.DO_NOT_SEND); enc.AddAttribute(HeaderKeys.KeyId, CBORObject.FromObject(ctx.Sender.Id), /*Attributes.PROTECTED*/ Attributes.DO_NOT_SEND); if (ctx.GroupId != null) { enc.AddAttribute(CBORObject.FromObject("gid"), CBORObject.FromObject(ctx.GroupId), Attributes.DO_NOT_SEND); } if (_Log.IsInfoEnabled) { _Log.Info("SendRequest: AAD = " + BitConverter.ToString(aad.EncodeToBytes())); _Log.Info("SendRequest: IV = " + BitConverter.ToString(ctx.Sender.GetIV(ctx.Sender.PartialIV).GetByteString())); _Log.Info("SendRequest: Key = " + BitConverter.ToString(ctx.Sender.Key)); } enc.Encrypt(ctx.Sender.Key); if (ctx.Sender.SigningKey != null) { CounterSignature sig = new CounterSignature(ctx.Sender.SigningKey); sig.AddAttribute(HeaderKeys.Algorithm, ctx.Sender.SigningKey[CoseKeyKeys.Algorithm], Attributes.DO_NOT_SEND); sig.SetObject(enc); CBORObject aad2 = ctx.Sender.SigningKey[CoseKeyKeys.Algorithm]; sig.SetExternalData(aad2.EncodeToBytes()); CBORObject signatureBytes = sig.EncodeToCBORObject(); enc.AddAttribute(HeaderKeys.CounterSignature, signatureBytes, Attributes.DO_NOT_SEND); } byte[] optionValue = DoCompression(enc); OscoapOption o = new OscoapOption(); o.Set(optionValue); request.AddOption(o); request.Payload = enc.GetEncryptedContent(); if (request.HasOption(OptionType.Observe)) { request.Method = Method.FETCH; } else { request.Method = Method.POST; } } base.SendRequest(nextLayer, exchange, request); }