public IKdfMultiExpansionParameter CreateParameter(TwoStepMultiExpansionConfiguration kdfConfiguration)
{
var iterationCount = _random.GetRandomInt(2, 5);
var iterationParameters = new List <KdfMultiExpansionIterationParameter>();
for (var i = 0; i < iterationCount; i++)
{
iterationParameters.Add(new KdfMultiExpansionIterationParameter(kdfConfiguration.L, _entropyProvider.GetEntropy(BitsOfEntropy)));
}
return(new KdfMultiExpansionParameterTwoStep()
{
Salt = kdfConfiguration.SaltMethod == MacSaltMethod.Default ?
new BitString(kdfConfiguration.SaltLen) :
_entropyProvider.GetEntropy(kdfConfiguration.SaltLen),
Iv = kdfConfiguration.IvLen == 0 ?
null :
_entropyProvider.GetEntropy(kdfConfiguration.IvLen),
KdfMode = kdfConfiguration.KdfMode,
MacMode = kdfConfiguration.MacMode,
CounterLen = kdfConfiguration.CounterLen,
CounterLocation = kdfConfiguration.CounterLocation,
Z = _entropyProvider.GetEntropy(BitsOfEntropy),
IterationParameters = iterationParameters
});
}
public KdfResult Kdf(KdfParameterOneStep param, BitString fixedInfo)
{
var result = _kdfVisitor.Kdf(param, fixedInfo);
var dkmBytesLen = result.DerivedKey.BitLength.CeilingDivide(BitString.BITSINBYTE);
// Modify a random byte within DKM
result.DerivedKey[_random.GetRandomInt(0, dkmBytesLen)] += 2;
return(result);
}
public SharedSecretResponse Encrypt(PublicKey rsaPublicKey, BitString keyingMaterial, BitString additionalInput)
{
var keyingMaterialByteLen = keyingMaterial.BitLength.CeilingDivide(BitString.BITSINBYTE);
var newKeyingMaterial = keyingMaterial.GetDeepCopy();
// Modify a random byte in the keying material prior to executing the base method
newKeyingMaterial[_random.GetRandomInt(0, keyingMaterialByteLen)] += 2;
return(_kts.Encrypt(rsaPublicKey, newKeyingMaterial, additionalInput));
}
public SharedSecretResponse Encrypt(PublicKey rsaPublicKey, BitString keyingMaterial, BitString additionalInput)
{
var result = _kts.Encrypt(rsaPublicKey, keyingMaterial, additionalInput);
var dkmByteLen = result.SharedSecretZ.BitLength.CeilingDivide(BitString.BITSINBYTE);
// Modify a random byte in the result prior to returning
result.SharedSecretZ[_random.GetRandomInt(0, dkmByteLen)] += 2;
return(result);
}
public KdfResult Kdf(KdfParameterOneStep param, BitString fixedInfo)
{
var zBytesLen = param.Z.BitLength.CeilingDivide(BitString.BITSINBYTE);
var modifiedParam = new KdfParameterOneStep()
{
L = param.L,
Salt = param.Salt,
Z = param.Z.GetDeepCopy(),
AuxFunction = param.AuxFunction,
FixedInfoPattern = param.FixedInfoPattern,
FixedInputEncoding = param.FixedInputEncoding
};
// Modify a random byte within Z
modifiedParam.Z[_random.GetRandomInt(0, zBytesLen)] += 2;
return(_kdfVisitor.Kdf(modifiedParam, fixedInfo));
}
private int GetNextRandomValue(bool isRecursiveInvoke = false)
{
int value = _random.GetRandomInt(_min, _max);
if (IsWithinDomain(value) && !_returnedValues.Contains(value))
{
_returnedValues.Add(value);
return(value);
}
// Find a value that falls within the domain
// By adding and/or subtracting to the random value until encountering a value that
// Is within the domain, and has not yet been used.
for (int i = 1; i <= _increment * (_returnedValues.Count + 1); i++)
{
int addToValue = value + i;
if (IsWithinDomain(addToValue) && !_returnedValues.Contains(addToValue))
{
_returnedValues.Add(addToValue);
return(addToValue);
}
int subtractFromValue = value - i;
if (IsWithinDomain(subtractFromValue) && !_returnedValues.Contains(subtractFromValue))
{
_returnedValues.Add(subtractFromValue);
return(subtractFromValue);
}
}
// If we hit this point and are not in a recursive invoke of the method
// then the domain has been exhausted of values.
// We can reset the "list" of values to produce (again) values from the original range.
if (!isRecursiveInvoke)
{
_returnedValues.Clear();
return(GetNextRandomValue(true));
}
// if however, this is a recursive call, then we have all ready attempted to do the above and we'll
// never be able to produce values from the range in the conditions specified.
// Rather than hit the stack overflow exception that is going to occur, fail out early.
throw new ConstraintException("Requested condition for values from domain will never be satisfied.");
}