/// <summary>
/// Creates a <see cref="AuthenticationConfiguration" /> using a CMAC/OMAC1 construction.
/// </summary>
/// <remarks>
/// The CMAC configuration generated may be used with a MacStream,
/// e.g. package payload item authentication.
/// </remarks>
/// <param name="cipherEnum">Block cipher to use as basis of the CMAC construction.</param>
/// <param name="outputSize">Output size of the CMAC in bytes.</param>
/// <returns>The authentication configuration as a <see cref="AuthenticationConfiguration" />.</returns>
public static AuthenticationConfiguration CreateAuthenticationConfigurationCmac(BlockCipher cipherEnum, out int outputSize)
{
outputSize = Athena.Cryptography.BlockCiphers[cipherEnum].DefaultBlockSizeBits / 8;
int keySize = Athena.Cryptography.BlockCiphers[cipherEnum].DefaultKeySizeBits;
byte[] functionConfig = Encoding.UTF8.GetBytes(cipherEnum.ToString());
return(CreateAuthConf(MacFunction.Cmac.ToString(), keySize, outputSize * 8, functionConfig, null));
}
/// <summary>
/// Create a configuration for a block cipher.
/// </summary>
/// <param name="cipher">Block cipher to use.</param>
/// <param name="mode">Mode of operation for the cipher.</param>
/// <param name="padding">Padding scheme to use with the mode, where necessary (e.g. CBC).</param>
/// <param name="keySize">Key size to use, in bits.</param>
/// <param name="blockSize">Cipher block size to use, in bits.</param>
/// <returns>Block cipher configuration DTO.</returns>
public static CipherConfiguration CreateBlockCipherConfiguration(BlockCipher cipher,
BlockCipherMode mode, BlockCipherPadding padding, int?keySize = null, int?blockSize = null)
{
var config = new CipherConfiguration {
Type = CipherType.Block
};
// Set the key size
int keySizeNonNull = keySize ?? Athena.Cryptography.BlockCiphers[cipher].DefaultKeySizeBits;
if (keySize == null || Athena.Cryptography.BlockCiphers[cipher].AllowableKeySizesBits.Contains(keySizeNonNull))
{
config.KeySizeBits = keySizeNonNull;
}
else
{
throw new CipherKeySizeException(cipher, keySizeNonNull);
}
// Set the block size
int blockSizeNonNull = blockSize ?? Athena.Cryptography.BlockCiphers[cipher].DefaultBlockSizeBits;
if (blockSize == null ||
Athena.Cryptography.BlockCiphers[cipher].AllowableBlockSizesBits.Contains(blockSizeNonNull))
{
config.BlockSizeBits = blockSizeNonNull;
}
else
{
throw new BlockSizeException(cipher, blockSizeNonNull);
}
// Set the mode
if (Athena.Cryptography.BlockCipherModes[mode].PaddingRequirement == PaddingRequirement.Always &&
padding == BlockCipherPadding.None)
{
throw new ArgumentException(mode +
" mode must be used with padding or errors will occur when plaintext length is not equal to or a multiple of the block size.");
}
config.ModeName = mode.ToString();
config.PaddingName = padding.ToString();
config.CipherName = cipher.ToString();
config.InitialisationVector = new byte[config.BlockSizeBits.Value / 8];
StratCom.EntropySupplier.NextBytes(config.InitialisationVector);
return(config);
}
/// <summary>
/// Creates a <see cref="AuthenticationConfiguration" /> using a Poly1305-{block cipher} construction,
/// e.g. Poly1305-AES.
/// </summary>
/// <remarks>
/// The Poly1305 configuration generated may be used with a MacStream,
/// e.g. package payload item authentication.
/// </remarks>
/// <param name="cipherEnum">Block cipher to use as basis of the Poly1305 construction. Must be 128-bit block size.</param>
/// <param name="nonce">Nonce to use. If null, it will be randomly generated.</param>
/// <returns>The authentication configuration as a <see cref="AuthenticationConfiguration" />.</returns>
public static AuthenticationConfiguration CreateAuthenticationConfigurationPoly1305(BlockCipher cipherEnum, byte[] nonce = null)
{
if (Athena.Cryptography.BlockCiphers[cipherEnum].DefaultBlockSizeBits != 128)
{
throw new ArgumentException("Incompatible cipher block size.");
}
byte[] functionConfig = Encoding.UTF8.GetBytes(cipherEnum.ToString());
if (nonce == null)
{
nonce = new byte[16];
StratCom.EntropySupplier.NextBytes(nonce);
}
return(CreateAuthConf(MacFunction.Poly1305.ToString(), 256, 128, functionConfig, nonce));
}
/// <summary>
/// Block cipher to be used, e.g. AES, Twofish, etc.
/// </summary>
public void SetBlockCipher(BlockCipher value)
{
RawConfiguration.CipherName = value.ToString();
}
public CipherKeySizeException(BlockCipher cipherEnum, int requestedSizeBits)
: this(cipherEnum.ToString(), requestedSizeBits, Athena.Cryptography.BlockCiphers[cipherEnum].AllowableKeySizesBits.ToList())
{
}
