public static bool IsSignatureVerified(AKEKeys ake_keys, DHKeyPair key_pair, byte[] their_public_key_mpi_byte_array, byte[] encrypted_signature_byte_array,
byte[] hashed_encrypted_signature_byte_array, bool is_top_half_keys, ref UInt32 public_key_id, ref byte[] dsa_public_key_byte_array_encoded)
{
if (encrypted_signature_byte_array == null || encrypted_signature_byte_array.Length < 1)
{
throw new ArgumentException("IsSignatureVerified: Encrypted signature byte array cannot be null/empty");
}
if (hashed_encrypted_signature_byte_array == null || hashed_encrypted_signature_byte_array.Length < 1)
{
throw new ArgumentException("IsSignatureVerified: The hashed encrypted byte array cannot be null/empty");
}
if (ake_keys == null)
{
throw new ArgumentException("IsSignatureVerified: The AKE keys cannot be null");
}
bool _is_hash_verified = false;
if (is_top_half_keys == true)
{
_is_hash_verified = IsHashSignatureVerified(ake_keys.GetMACKey2(), encrypted_signature_byte_array, hashed_encrypted_signature_byte_array);
}
else
{
_is_hash_verified = IsHashSignatureVerified(ake_keys.GetMACKey4(), encrypted_signature_byte_array, hashed_encrypted_signature_byte_array);
}
if (_is_hash_verified == false)
{
return(false);
}
if (IsEncryptedSignatureVerified(ake_keys, key_pair, their_public_key_mpi_byte_array,
encrypted_signature_byte_array, 0, is_top_half_keys, ref public_key_id, ref dsa_public_key_byte_array_encoded) == false)
{
return(false);
}
return(true);
}
private void ComputeSignatureValues(AKEKeys ake_keys, byte[] x_byte_array_data, UInt64 aes_counter, bool is_top_half_keys)
{
if (ake_keys == null)
{
throw new ArgumentException("ComputeSignatureValues: AKE keys object should not be null");
}
if (is_top_half_keys == true && (ake_keys.GetAESKey1() == null || ake_keys.GetAESKey1().Length < 1))
{
throw new ArgumentException("ComputeSignatureValues: The AKE AES key 1 should not be null/empty");
}
if (is_top_half_keys == false && (ake_keys.GetAESKey2() == null || ake_keys.GetAESKey2().Length < 1))
{
throw new ArgumentException("ComputeSignatureValues: The AKE AES key 2 should not be null/empty");
}
if (x_byte_array_data == null || x_byte_array_data.Length < 1)
{
throw new ArgumentException("ComputeSignatureValues: The x_byte_array_data cannot be null/empty");
}
if (aes_counter < 0)
{
throw new ArgumentException("ComputeSignatureValues: The aes counter value cannot be less than zero");
}
byte[] _encrypted_signature_byte_array = null;
if (is_top_half_keys == true)
{
_encrypted_signature_byte_array = Utility.AESGetEncrypt(ake_keys.GetAESKey1(), x_byte_array_data, aes_counter);
}
else
{
_encrypted_signature_byte_array = Utility.AESGetEncrypt(ake_keys.GetAESKey2(), x_byte_array_data, aes_counter);
}
try
{
Utility.EncodeOTRDataBE(_encrypted_signature_byte_array, ref _encoded_encrypted_signature_byte_array);
}
catch (Exception ex)
{
throw new InvalidDataException("ComputeSignatureValues:" + ex.ToString());
}
if (is_top_half_keys == true && (ake_keys.GetMACKey2() == null || ake_keys.GetMACKey2().Length < 1))
{
throw new InvalidDataException("ComputeSignatureValues: The AKE MAC key 2 should not be null/empty");
}
if (is_top_half_keys == false && (ake_keys.GetMACKey4() == null || ake_keys.GetMACKey4().Length < 1))
{
throw new InvalidDataException("ComputeSignatureValues: The AKE MAC key 4 should not be null/empty");
}
if (is_top_half_keys == true)
{
_hashed_encoded_encrypted_byte_array = Utility.SHA256GetKeyedHash(ake_keys.GetMACKey2(), _encoded_encrypted_signature_byte_array);
}
else
{
_hashed_encoded_encrypted_byte_array = Utility.SHA256GetKeyedHash(ake_keys.GetMACKey4(), _encoded_encrypted_signature_byte_array);
}
_truncated_hash_signature = new byte[OTRConstants.MAC_SIGNATURE_LENGTH_BITS / 8];
Buffer.BlockCopy(_hashed_encoded_encrypted_byte_array, 0, _truncated_hash_signature, 0, _truncated_hash_signature.Length);
}
