public void Interop_FromGoImpl(string curve, string key)
{
var goPub = Hex.Decode(key);
var csPub = EphemeralKeyPair.Generate(curve);
csPub.GenerateSharedKey(goPub);
}
public void Interop_FromGoImpl(string curve, string key)
{
var goPub = Hex.Decode(key);
var csPub = EphemeralKeyPair.Generate(curve);
Assert.DoesNotThrow(() => csPub.GenerateSharedKey(goPub));
}
public void TestGenerateEKeyPair(string curve)
{
var bob = EphemeralKeyPair.Generate(curve);
var alice = EphemeralKeyPair.Generate(curve);
var aliceSecret = alice.GenerateSharedKey(bob.PublicKey);
var bobSecret = bob.GenerateSharedKey(alice.PublicKey);
Assert.Equal(aliceSecret, bobSecret);
}
public void KeysShouldNotMatchIfDifferentCurves()
{
var bob = EphemeralKeyPair.Generate("curve25519");
var alice = EphemeralKeyPair.Generate("P-256");
Assert.Throws <ArgumentException>(() =>
{
var aliceSecret = alice.GenerateSharedKey(bob.PublicKey);
var bobSecret = bob.GenerateSharedKey(alice.PublicKey);
Assert.NotEqual(aliceSecret, bobSecret);
});
}
public void CanStretchKeysUsingBCL()
{
var ekeypair1 = EphemeralKeyPair.Generate("P-256");
var ekeypair2 = EphemeralKeyPair.Generate("P-256");
var secret1 = ekeypair1.GenerateSharedKey(ekeypair2.PublicKey);
var secret2 = ekeypair2.GenerateSharedKey(ekeypair1.PublicKey);
var stretched1 = StretchedKeys.Generate("AES-256", "SHA256", secret1);
var stretched2 = StretchedKeys.Generate("AES-256", "SHA256", secret2);
var raw = Encoding.UTF8.GetBytes("Hello world, this should be encrypted.");
byte[] encoded = null;
byte[] decoded = null;
using (var aes = Aes.Create())
{
aes.KeySize = 256;
aes.Padding = PaddingMode.PKCS7;
aes.Mode = CipherMode.CBC;
using (var encryptor = aes.CreateEncryptor(stretched1.Item1.CipherKey, stretched1.Item1.IV))
using (var mac = new HMACSHA256())
{
mac.Initialize();
mac.Key = stretched1.Item1.MacKey;
var data = encryptor.TransformFinalBlock(raw, 0, raw.Length);
encoded = data
.Concat(mac.ComputeHash(data, 0, data.Length))
.ToArray();
}
using (var decryptor = aes.CreateDecryptor(stretched2.Item1.CipherKey, stretched2.Item1.IV))
using (var mac = new HMACSHA256())
{
mac.Initialize();
mac.Key = stretched2.Item1.MacKey;
var mark = encoded.Length - (mac.HashSize / 8);
var digest = encoded.Skip(mark).ToArray();
Assert.Equal(mac.ComputeHash(encoded, 0, mark), digest);
decoded = decryptor.TransformFinalBlock(encoded, 0, mark);
}
}
Assert.Equal(Encoding.UTF8.GetString(decoded), Encoding.UTF8.GetString(raw));
}
public void CanStretchKeysUsingBouncyCastle(string curve, string cipher, string hash)
{
var ekeypair1 = EphemeralKeyPair.Generate(curve);
var ekeypair2 = EphemeralKeyPair.Generate(curve);
var secret1 = ekeypair1.GenerateSharedKey(ekeypair2.PublicKey);
var secret2 = ekeypair2.GenerateSharedKey(ekeypair1.PublicKey);
var stretched1 = StretchedKeys.Generate(cipher, hash, secret1);
var stretched2 = StretchedKeys.Generate(cipher, hash, secret2);
var raw = Encoding.UTF8.GetBytes("Hello world, this should be encrypted.");
byte[] encoded = null;
byte[] decoded = null;
cipher = cipher.Split('-').First();
hash = "HMAC" + hash;
var cipherKey1 = new ParametersWithIV(ParameterUtilities.CreateKeyParameter(cipher, stretched1.Item1.CipherKey), stretched1.Item1.IV);
var cipherKey2 = new ParametersWithIV(ParameterUtilities.CreateKeyParameter(cipher, stretched2.Item1.CipherKey), stretched2.Item1.IV);
var encryptor = CipherUtilities.GetCipher(cipher + "/CTR/NoPadding");
encryptor.Init(true, cipherKey1);
encoded = encryptor.DoFinal(raw);
encoded = encoded.Append(MacUtilities.CalculateMac(hash, new KeyParameter(stretched1.Item1.MacKey), encoded));
var decryptor = CipherUtilities.GetCipher(cipher + "/CTR/NoPadding");
decryptor.Init(false, cipherKey2);
var mac = MacUtilities.GetMac(hash);
mac.Init(new KeyParameter(stretched2.Item1.MacKey));
var digest = encoded.Slice(encoded.Length - mac.GetMacSize());
Assert.Equal(MacUtilities.DoFinal(mac, encoded.Slice(0, encoded.Length - digest.Length)), digest);
decoded = decryptor.DoFinal(encoded, 0, encoded.Length - digest.Length);
Assert.Equal(Encoding.UTF8.GetString(decoded), Encoding.UTF8.GetString(raw));
}
