public void noAlgorithm()
{
Encrypt0Message msg = new Encrypt0Message();
msg.SetContent(strContent);
msg.Encrypt(rgbKey128);
}
public void noContent()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.Encrypt(rgbKey128);
}
public void unsupportedAlgorithm()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.HMAC_SHA_256, Attributes.PROTECTED);
msg.SetContent(strContent);
msg.Encrypt(rgbKey128);
}
public void incorrectKeySize()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.SetContent(strContent);
msg.Encrypt(rgbKey256);
}
public void unknownAlgorithm()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, CBORObject.FromObject("Unknown"), Attributes.PROTECTED);
msg.SetContent(strContent);
msg.Encrypt(rgbKey128);
}
public void nullKey()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.SetContent(strContent);
msg.Encrypt(null);
}
public void EncryptNullKey()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.SetContent(rgbContent);
Assert.ThrowsException <CoseException>(() =>
msg.Encrypt(null));
}
public void incorrectIV()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV128), Attributes.UNPROTECTED);
msg.SetContent(strContent);
msg.Encrypt(rgbKey128);
}
public void EncryptNoContent()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
CoseException e = Assert.ThrowsException <CoseException>(() =>
msg.Encrypt(rgbKey128));
Assert.AreEqual(e.Message, ("No Content Specified"));
}
public void EncryptIncorrectKeySize()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.SetContent(rgbContent);
CoseException e = Assert.ThrowsException <CoseException>(() =>
msg.Encrypt(rgbKey256));
Assert.AreEqual(e.Message, ("Incorrect Key Size"));
}
public void EncryptNoAlgorithm()
{
Encrypt0Message msg = new Encrypt0Message();
msg.SetContent(rgbContent);
CoseException e = Assert.ThrowsException <CoseException>(() =>
msg.Encrypt(rgbKey128));
Assert.AreEqual(e.Message, ("No Algorithm Specified"));
}
public void EncryptUnknownAlgorithm()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, CBORObject.FromObject("Unknown"), Attributes.PROTECTED);
msg.SetContent(rgbContent);
CoseException e = Assert.ThrowsException <CoseException>(() =>
msg.Encrypt(rgbKey128));
Assert.AreEqual(e.Message, ("Unknown Algorithm Specified"));
}
public void EncryptUnsupportedAlgorithm()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.HMAC_SHA_256, Attributes.PROTECTED);
msg.SetContent(rgbContent);
CoseException e = Assert.ThrowsException <CoseException>(() =>
msg.Encrypt(rgbKey128));
Assert.AreEqual(e.Message, ("Unknown Algorithm Specified"));
}
public void EncryptIncorrectIV()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV128), Attributes.UNPROTECTED);
msg.SetContent(rgbContent);
CoseException e = Assert.ThrowsException <CoseException>(() =>
msg.Encrypt(rgbKey128));
Assert.AreEqual(e.Message, ("IV size is incorrect."));
}
public void EncryptNoTag()
{
Encrypt0Message msg = new Encrypt0Message(false, true);
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED);
msg.SetContent(rgbContent);
msg.Encrypt(rgbKey128);
CBORObject cn = msg.EncodeToCBORObject();
Assert.AreEqual(cn.IsTagged, (false));
}
public void encryptNoEmitContent()
{
Encrypt0Message msg = new Encrypt0Message(true, false);
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED);
msg.SetContent(strContent);
msg.Encrypt(rgbKey128);
CBORObject cn = msg.EncodeToCBORObject();
Assert.IsTrue(cn[2].IsNull);
}
public void testDecodeFromBytes_byteArr_MessageTag()
{
Encrypt0Message msg = new Encrypt0Message(true, false);
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED);
msg.SetContent(rgbContent);
msg.Encrypt(rgbKey128);
byte[] rgbMsg = msg.EncodeToBytes();
msg = (Encrypt0Message)Message.DecodeFromBytes(rgbMsg);
Assert.AreEqual(false, (msg.HasContent()));
}
public byte[] CreateMessage3()
{
CBORObject msg = CBORObject.NewArray();
if (_fSymmetricSecret)
{
msg.Add(6);
}
else
{
msg.Add(3);
}
msg.Add(_SessionId[1]);
byte[] aad_3 = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msg.EncodeToBytes() }, _MessageDigest);
byte[] signBody = new byte[0];
if (!_fSymmetricSecret)
{
Sign1Message sign1 = new Sign1Message(false, false);
sign1.SetContent(aad_3);
sign1.AddAttribute(HeaderKeys.Algorithm, _algSign, Attributes.DO_NOT_SEND);
sign1.AddAttribute(HeaderKeys.KeyId, _SigningKey[CoseKeyKeys.KeyIdentifier], Attributes.UNPROTECTED);
sign1.Sign(_SigningKey);
CBORObject obj = CBORObject.NewArray();
obj.Add(sign1.EncodeToBytes());
signBody = obj.EncodeToBytes();
}
byte[][] encKeys = _DeriveKeys(_Keys, _SecretSalt, aad_3, _algAEAD);
Encrypt0Message enc = new Encrypt0Message(false);
enc.SetContent(signBody);
enc.SetExternalData(aad_3);
enc.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND);
enc.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(encKeys[1]), Attributes.DO_NOT_SEND);
enc.Encrypt(encKeys[0]);
msg.Add(enc.EncodeToBytes());
byte[] msgOut = msg.EncodeToBytes();
_LastMessageAuthenticator = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msgOut }, _MessageDigest);
return(msgOut);
}
public void testDecodeUnknown()
{
Encrypt0Message msg = new Encrypt0Message(false, true);
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED);
msg.SetContent(rgbContent);
msg.Encrypt(rgbKey128);
byte[] rgbMsg = msg.EncodeToBytes();
CoseException e = Assert.ThrowsException <CoseException>(() =>
msg = (Encrypt0Message)Message.DecodeFromBytes(rgbMsg, Tags.Unknown));
Assert.AreEqual(e.Message, ("Message was not tagged and no default tagging option given"));
}
public void roundTrip()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED);
msg.SetContent(strContent);
msg.Encrypt(rgbKey128);
byte[] rgbMsg = msg.EncodeToBytes();
msg = (Encrypt0Message)Message.DecodeFromBytes(rgbMsg);
msg.Decrypt(rgbKey128);
Assert.AreEqual <string>(msg.GetContentAsString(), strContent);
}
public void TestRoundTrip4()
{
Encrypt0Message msg = new Encrypt0Message();
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED);
msg.SetContent(rgbContent);
msg.Encrypt(rgbKey128);
CBORObject rgbMsg = msg.EncodeToCBORObject();
msg = (Encrypt0Message)Message.DecodeFromCBOR(rgbMsg);
byte[] contentNew = msg.Decrypt(rgbKey128);
CollectionAssert.AreEqual(rgbContent, (contentNew));
}
public void roundTripDetached()
{
Encrypt0Message msg = new Encrypt0Message(true, false);
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED);
msg.SetContent(strContent);
msg.Encrypt(rgbKey128);
byte[] content = msg.GetEncryptedContent();
byte[] rgb = msg.EncodeToBytes();
msg = (Encrypt0Message)Message.DecodeFromBytes(rgb);
msg.SetEncryptedContent(content);
msg.Decrypt(rgbKey128);
}
public void nullKeyForDecrypt()
{
Encrypt0Message msg = new Encrypt0Message(true, true);
// thrown.expect(CoseException.class);
// thrown.expectMessage("No Encrypted Content Specified");
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED);
msg.SetContent(strContent);
msg.Encrypt(rgbKey128);
byte[] rgb = msg.EncodeToBytes();
msg = (Encrypt0Message)Message.DecodeFromBytes(rgb);
msg.Decrypt(null);
}
public void NoContentForDecrypt()
{
Encrypt0Message msg = new Encrypt0Message(true, false);
msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED);
msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.UNPROTECTED);
msg.SetContent(rgbContent);
msg.Encrypt(rgbKey128);
byte[] rgb = msg.EncodeToBytes();
msg = (Encrypt0Message)Message.DecodeFromBytes(rgb);
CoseException e = Assert.ThrowsException <CoseException>(() =>
msg.Decrypt(rgbKey128));
Assert.AreEqual(e.Message, ("No Encrypted Content Specified."));
}
public byte[] CreateMessage2()
{
CBORObject msg = CBORObject.NewArray();
CBORObject obj;
if (_fSymmetricSecret)
{
msg.Add(5); // Msg Type
}
else
{
msg.Add(2);
}
msg.Add(_SessionId[1]); // S_U
msg.Add(_SessionId[0]); // S_V
msg.Add(_Nonce[0]); // N_V
msg.Add(_Keys[0].PublicKey().AsCBOR()); // E_V
msg.Add(_algKeyAgree); // HKDF_V
msg.Add(_algAEAD); // AEAD_V
if (!_fSymmetricSecret)
{
msg.Add(_algSign); // SIG_V
obj = CBORObject.NewArray();
obj.Add(AlgorithmValuesInt.ECDSA_256);
obj.Add(AlgorithmValues.EdDSA);
msg.Add(obj); // SIGs_V
}
if (_algKeyAgree.Equals(COSE.AlgorithmValues.ECDH_SS_HKDF_256))
{
_MessageDigest = new Sha256Digest();
}
byte[] data2 = msg.EncodeToBytes();
byte[] aad_2 = ConcatenateAndHash(new byte[2][] { _Messages[0], data2 }, _MessageDigest); // M00TODO - hash message[0] before passing it in.
byte[][] useKeys = _DeriveKeys(_Keys, _SecretSalt, aad_2, _algAEAD);
byte[] aeadKey = useKeys[0];
byte[] signResult = new byte[0];
if (!_fSymmetricSecret)
{
Sign1Message sign1 = new Sign1Message(false, false);
sign1.SetContent(aad_2);
sign1.AddAttribute(HeaderKeys.KeyId, _SigningKey[CoseKeyKeys.KeyIdentifier], Attributes.UNPROTECTED);
sign1.AddAttribute(HeaderKeys.Algorithm, _algSign, Attributes.DO_NOT_SEND);
sign1.Sign(_SigningKey);
signResult = sign1.EncodeToBytes();
}
Encrypt0Message enc0 = new Encrypt0Message(true);
enc0.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND);
enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND);
enc0.SetExternalData(aad_2);
CBORObject encContent = CBORObject.NewArray();
encContent.Add(signResult);
enc0.SetContent(encContent.EncodeToBytes());
enc0.Encrypt(aeadKey);
msg.Add(enc0.EncodeToCBORObject()); // COSE_ENC_2
_Messages[1] = msg.EncodeToBytes();
_LastMessageAuthenticator = ConcatenateAndHash(new byte[][] { _Messages[0], _Messages[1] }, _MessageDigest);
return(_Messages[1]);
}
public override void SendResponse(INextLayer nextLayer, Exchange exchange, Response response)
{
if (exchange.OscoapContext != null)
{
SecurityContext ctx = exchange.OscoapContext;
Codec.IMessageEncoder me = Spec.NewMessageEncoder();
Response encryptedResponse = new Response((StatusCode)response.Code);
if (response.Payload != null)
{
encryptedResponse.Payload = response.Payload;
}
MoveResponseHeaders(response, encryptedResponse);
if (_Log.IsInfoEnabled)
{
_Log.Info("SendResponse: New inner response message");
_Log.Info(encryptedResponse.ToString());
}
// Build AAD
CBORObject aad = CBORObject.NewArray();
aad.Add(1);
aad.Add(CBORObject.NewArray());
aad[1].Add(ctx.Sender.Algorithm);
aad.Add(exchange.OscoapSenderId);
aad.Add(exchange.OscoapSequenceNumber);
aad.Add(CBORObject.FromObject(new byte[0])); // Options
if (ctx.GroupId != null)
{
aad.Add(ctx.GroupId);
}
if (_Log.IsInfoEnabled)
{
_Log.Info("SendResponse: AAD = " + BitConverter.ToString(aad.EncodeToBytes()));
}
Encrypt0Message enc = new Encrypt0Message(false);
byte[] msg = me.Encode(encryptedResponse);
int tokenSize = msg[0] & 0xf;
byte[] msg2 = new byte[msg.Length - (3 + tokenSize)];
Array.Copy(msg, 4 + tokenSize, msg2, 1, msg2.Length - 1);
msg2[0] = msg[1];
enc.SetContent(msg2);
enc.SetExternalData(aad.EncodeToBytes());
if (response.HasOption(OptionType.Observe) || ctx.GroupId != null)
{
enc.AddAttribute(HeaderKeys.PartialIV, CBORObject.FromObject(ctx.Sender.PartialIV), Attributes.UNPROTECTED);
enc.AddAttribute(HeaderKeys.IV, ctx.Sender.GetIV(ctx.Sender.PartialIV), Attributes.DO_NOT_SEND);
ctx.Sender.IncrementSequenceNumber();
if (ctx.GroupId != null)
{
enc.AddAttribute(HeaderKeys.KeyId, CBORObject.FromObject(ctx.Sender.Id), Attributes.UNPROTECTED);
}
}
else
{
CBORObject iv = ctx.Recipient.GetIV(exchange.OscoapSequenceNumber);
enc.AddAttribute(HeaderKeys.IV, iv, Attributes.DO_NOT_SEND);
}
_Log.Info(m => m($"SendResponse: IV = {BitConverter.ToString(enc.FindAttribute(HeaderKeys.IV, Attributes.DO_NOT_SEND).GetByteString())}"));
_Log.Info(m => m($"SendResponse: Key = {BitConverter.ToString(ctx.Sender.Key)}"));
enc.AddAttribute(HeaderKeys.Algorithm, ctx.Sender.Algorithm, Attributes.DO_NOT_SEND);
enc.Encrypt(ctx.Sender.Key);
byte[] finalBody = DoCompression(enc);
OscoapOption o = new OscoapOption(OptionType.Oscoap);
o.Set(finalBody);
response.AddOption(o);
response.StatusCode = StatusCode.Content;
response.Payload = enc.GetEncryptedContent();
// Need to be able to retrieve this again undersome cirumstances.
if (encryptedResponse.HasOption(OptionType.Block2))
{
Request request = exchange.CurrentRequest;
Exchange.KeyUri keyUri = new Exchange.KeyUri(request.URI, null, response.Destination);
// Observe notification only send the first block, hence do not store them as ongoing
if (exchange.OSCOAP_ResponseBlockStatus != null && !encryptedResponse.HasOption(OptionType.Observe))
{
// Remember ongoing blockwise GET requests
BlockHolder blockInfo = new BlockHolder(exchange);
if (Util.Utils.Put(_ongoingExchanges, keyUri, blockInfo) == null)
{
if (_Log.IsInfoEnabled)
{
_Log.Info("Ongoing Block2 started late, storing " + keyUri + " for " + request);
}
}
else
{
if (_Log.IsInfoEnabled)
{
_Log.Info("Ongoing Block2 continued, storing " + keyUri + " for " + request);
}
}
}
else
{
if (_Log.IsInfoEnabled)
{
_Log.Info("Ongoing Block2 completed, cleaning up " + keyUri + " for " + request);
}
BlockHolder exc;
_ongoingExchanges.TryRemove(keyUri, out exc);
}
}
}
base.SendResponse(nextLayer, exchange, response);
}
/// <inheritdoc />
public override void SendRequest(INextLayer nextLayer, Exchange exchange, Request request)
{
if ((request.OscoapContext != null) || (exchange.OscoapContext != null))
{
SecurityContext ctx = exchange.OscoapContext;
if (request.OscoapContext != null)
{
ctx = request.OscoapContext;
exchange.OscoapContext = ctx;
}
Codec.IMessageEncoder me = Spec.NewMessageEncoder();
Request encryptedRequest = new Request(request.Method);
if (request.Payload != null)
{
encryptedRequest.Payload = request.Payload;
}
MoveRequestHeaders(request, encryptedRequest);
_Log.Info(m => m("New inner response message\n{0}", encryptedRequest.ToString()));
ctx.Sender.IncrementSequenceNumber();
Encrypt0Message enc = new Encrypt0Message(false);
byte[] msg = me.Encode(encryptedRequest);
int tokenSize = msg[0] & 0xf;
byte[] msg2 = new byte[msg.Length - (3 + tokenSize)];
Array.Copy(msg, 4 + tokenSize, msg2, 1, msg2.Length - 1);
msg2[0] = msg[1];
enc.SetContent(msg2);
// Build AAD
CBORObject aad = CBORObject.NewArray();
aad.Add(CBORObject.FromObject(1)); // version
aad.Add(CBORObject.NewArray());
aad[1].Add(CBORObject.FromObject(ctx.Sender.Algorithm));
aad.Add(CBORObject.FromObject(ctx.Sender.Id));
aad.Add(CBORObject.FromObject(ctx.Sender.PartialIV));
aad.Add(CBORObject.FromObject(new byte[0]));
if (ctx.GroupId != null)
{
aad.Add(CBORObject.FromObject(ctx.GroupId));
}
#if DEBUG
switch (SecurityContext.FutzError)
{
case 1:
aad[0] = CBORObject.FromObject(2);
break; // Change version #
case 2:
aad[1] = CBORObject.FromObject(request.Code + 1);
break; // Change request code
case 3:
aad[2] = CBORObject.FromObject(ctx.Sender.Algorithm.AsInt32() + 1);
break; // Change algorithm number
}
#endif
_Log.Info(m => m("SendRequest: AAD = {0}", BitConverter.ToString(aad.EncodeToBytes())));
enc.SetExternalData(aad.EncodeToBytes());
#if DEBUG
{
byte[] fooX = ctx.Sender.PartialIV;
if (SecurityContext.FutzError == 8)
{
fooX[fooX.Length - 1] += 1;
}
enc.AddAttribute(HeaderKeys.IV, ctx.Sender.GetIV(fooX), Attributes.DO_NOT_SEND);
}
#else
enc.AddAttribute(HeaderKeys.IV, ctx.Sender.GetIV(ctx.Sender.PartialIV), Attributes.DO_NOT_SEND);
#endif
enc.AddAttribute(HeaderKeys.PartialIV, CBORObject.FromObject(ctx.Sender.PartialIV), /* Attributes.PROTECTED */ Attributes.DO_NOT_SEND);
enc.AddAttribute(HeaderKeys.Algorithm, ctx.Sender.Algorithm, Attributes.DO_NOT_SEND);
enc.AddAttribute(HeaderKeys.KeyId, CBORObject.FromObject(ctx.Sender.Id), /*Attributes.PROTECTED*/ Attributes.DO_NOT_SEND);
if (ctx.GroupId != null)
{
enc.AddAttribute(CBORObject.FromObject("gid"), CBORObject.FromObject(ctx.GroupId), Attributes.DO_NOT_SEND);
}
if (_Log.IsInfoEnabled)
{
_Log.Info("SendRequest: AAD = " + BitConverter.ToString(aad.EncodeToBytes()));
_Log.Info("SendRequest: IV = " + BitConverter.ToString(ctx.Sender.GetIV(ctx.Sender.PartialIV).GetByteString()));
_Log.Info("SendRequest: Key = " + BitConverter.ToString(ctx.Sender.Key));
}
enc.Encrypt(ctx.Sender.Key);
if (ctx.Sender.SigningKey != null)
{
CounterSignature sig = new CounterSignature(ctx.Sender.SigningKey);
sig.AddAttribute(HeaderKeys.Algorithm, ctx.Sender.SigningKey[CoseKeyKeys.Algorithm], Attributes.DO_NOT_SEND);
sig.SetObject(enc);
CBORObject aad2 = ctx.Sender.SigningKey[CoseKeyKeys.Algorithm];
sig.SetExternalData(aad2.EncodeToBytes());
CBORObject signatureBytes = sig.EncodeToCBORObject();
enc.AddAttribute(HeaderKeys.CounterSignature, signatureBytes, Attributes.DO_NOT_SEND);
}
byte[] optionValue = DoCompression(enc);
OscoapOption o = new OscoapOption();
o.Set(optionValue);
request.AddOption(o);
request.Payload = enc.GetEncryptedContent();
if (request.HasOption(OptionType.Observe))
{
request.Method = Method.FETCH;
}
else
{
request.Method = Method.POST;
}
}
base.SendRequest(nextLayer, exchange, request);
}
/// <inheritdoc />
public override void SendRequest(INextLayer nextLayer, Exchange exchange, Request request)
{
if ((request.OscoreContext != null) || (exchange.OscoreContext != null))
{
SecurityContext ctx = exchange.OscoreContext;
if (request.OscoreContext != null)
{
ctx = request.OscoreContext;
exchange.OscoreContext = ctx;
}
Codec.IMessageEncoder me = Spec.NewMessageEncoder();
Request encryptedRequest = new Request(request.Method);
if (request.Payload != null)
{
encryptedRequest.Payload = request.Payload;
}
MoveRequestHeaders(request, encryptedRequest);
_Log.Info(m => m("New inner response message\n{0}", encryptedRequest.ToString()));
ctx.Sender.IncrementSequenceNumber();
Encrypt0Message enc = new Encrypt0Message(false);
byte[] msg = me.Encode(encryptedRequest);
int tokenSize = msg[0] & 0xf;
byte[] msg2 = new byte[msg.Length - (3 + tokenSize)];
Array.Copy(msg, 4 + tokenSize, msg2, 1, msg2.Length - 1);
msg2[0] = msg[1];
enc.SetContent(msg2);
// Build AAD
CBORObject aad = CBORObject.NewArray();
aad.Add(CBORObject.FromObject(1)); // version
aad.Add(CBORObject.NewArray()); // Algorithms
aad[1].Add(CBORObject.FromObject(ctx.Sender.Algorithm));
if (ctx.Sender.SigningAlgorithm != null)
{
aad[1].Add(ctx.Sender.SigningAlgorithm);
if (ctx.CountersignParams != null)
{
aad[1].Add(ctx.CountersignParams);
}
if (ctx.CountersignKeyParams != null)
{
aad[1].Add(ctx.CountersignKeyParams);
}
}
aad.Add(CBORObject.FromObject(ctx.Sender.Id));
aad.Add(CBORObject.FromObject(ctx.Sender.PartialIV));
aad.Add(CBORObject.FromObject(new byte[0])); // I options go here
_Log.Info(m => m("SendRequest: AAD = {0}", BitConverter.ToString(aad.EncodeToBytes())));
enc.SetExternalData(aad.EncodeToBytes());
enc.AddAttribute(HeaderKeys.IV, ctx.Sender.GetIV(ctx.Sender.PartialIV), Attributes.DO_NOT_SEND);
enc.AddAttribute(HeaderKeys.PartialIV, CBORObject.FromObject(ctx.Sender.PartialIV), /* Attributes.PROTECTED */ Attributes.DO_NOT_SEND);
enc.AddAttribute(HeaderKeys.Algorithm, ctx.Sender.Algorithm, Attributes.DO_NOT_SEND);
enc.AddAttribute(HeaderKeys.KeyId, CBORObject.FromObject(ctx.Sender.Id), /*Attributes.PROTECTED*/ Attributes.DO_NOT_SEND);
if (ctx.GroupId != null)
{
enc.AddAttribute(HeaderKeys.KidContext, CBORObject.FromObject(ctx.GroupId), Attributes.DO_NOT_SEND);
}
_Log.Info(m => m("SendRequest: AAD = {0}\nSendRequest: IV = {1}\nSendRequest: Key = {2}",
BitConverter.ToString(aad.EncodeToBytes()),
ctx.Sender.GetIV(ctx.Sender.PartialIV).GetByteString(),
BitConverter.ToString(ctx.Sender.Key)));
byte[] optionValue = BuildOscoreOption(enc);
CounterSignature1 cs1 = null;
if (ctx.Sender.SigningKey != null)
{
cs1 = new CounterSignature1(ctx.Sender.SigningKey);
cs1.AddAttribute(HeaderKeys.Algorithm, ctx.Sender.SigningAlgorithm, Attributes.DO_NOT_SEND);
aad.Add(optionValue);
_Log.Info(m => m("SendRequest: AAD for Signature = {0}", BitConverter.ToString(aad.EncodeToBytes())));
cs1.SetExternalData(aad.EncodeToBytes());
cs1.SetObject(enc);
enc.CounterSigner1 = cs1;
}
enc.Encrypt(ctx.Sender.Key);
OscoapOption o = new OscoapOption();
o.Set(optionValue);
request.AddOption(o);
request.Payload = enc.GetEncryptedContent();
if (cs1 != null)
{
int cbOrig = request.Payload.Length;
byte[] rgbOrig = request.Payload;
byte[] signatureBytes = cs1.EncodeToCBORObject().GetByteString();
Array.Resize(ref rgbOrig, cbOrig + signatureBytes.Length);
Array.Copy(signatureBytes, 0, rgbOrig, cbOrig, signatureBytes.Length);
request.Payload = rgbOrig;
}
request.Method = request.HasOption(OptionType.Observe) ? Method.FETCH : Method.POST;
request.Code = (int)request.Method;
}
base.SendRequest(nextLayer, exchange, request);
}
