/// <summary>
/// Create an AES key that is encrypted using a RSA certificate, this is the parsed version for increased efficiancy
///
/// To create the parsed cert <see cref="Kalix.ApiCrypto.RSA.RSACertificateParser.ParsePublicCertificate"/>
/// </summary>
/// <param name="keySize">Required AES key size</param>
/// <param name="rsaCert">RSA parsed public certificate used to sign</param>
/// <returns>data that can be stored</returns>
public static byte[] CreateBlob(AESKeySize keySize, RSAServiceProvider rsaCert)
{
int intKeySize;
switch (keySize)
{
case AESKeySize.AES128:
intKeySize = 128;
break;
case AESKeySize.AES192:
intKeySize = 192;
break;
case AESKeySize.AES256:
intKeySize = 256;
break;
default:
throw new ArgumentOutOfRangeException("keySize", "Unknown key size");
}
var aesProvider = new RijndaelManaged();
aesProvider.KeySize = intKeySize;
aesProvider.GenerateKey();
// Encrypt using the RSA cert and return
return(rsaCert.EncryptValue(aesProvider.Key));
}
public AthenaX5200(Machine machine)
{
memoryManager = new InternalMemoryManager();
RegistersCollection = new DoubleWordRegisterCollection(this);
rsaServiceProvider = new RSAServiceProvider(memoryManager);
aesServiceProvider = new AESServiceProvider(memoryManager, machine.SystemBus);
Registers.CSR.Define(this)
.WithFlag(0,
writeCallback: (_, val) =>
{
if (val)
{
Reset();
}
coreReset = val;
},
valueProviderCallback: _ => coreReset, name: "RESET")
.WithFlag(1, FieldMode.Write, writeCallback: (_, val) =>
{
if (val)
{
isCompleted = false;
}
}, name: "CLEAR_COMPLETE")
.WithFlag(2, FieldMode.Read, valueProviderCallback: _ => isCompleted, name: "COMPLETE")
.WithTag("BUSY", 3, 1)
.WithFlag(4, out coreExecuteCommand, name: "EXECUTE_COMMAND")
.WithReservedBits(5, 3)
.WithEnumField(8, 8, out operation)
.WithReservedBits(16, 3)
.WithTag("PKX_OFFSET", 19, 1)
.WithReservedBits(20, 12)
.WithWriteCallback((_, __) =>
{
if (!coreExecuteCommand.Value)
{
return;
}
if (!commands.TryGetValue(operation.Value, out var command))
{
this.Log(LogLevel.Error, "Unknown command: [{0}].", operation.Value);
return;
}
this.Log(LogLevel.Noisy, "Executing command: [{0}]", operation.Value);
command();
isCompleted = true;
coreExecuteCommand.Value = false;
});
commands = new Dictionary <JumpTable, Action>
{
{ JumpTable.DetectFirmwareVersion, EmptyHandler },
{ JumpTable.PrecomputeValueRSA, EmptyHandler },
{ JumpTable.InstantiateDRBG, InstantiateDRBG },
{ JumpTable.GenerateBlocksFromDRBG, GenerateBlocksWithDRBG },
{ JumpTable.UninstantiateDRBG, UninstantiateDRBG },
{ JumpTable.ModularExponentationRSA, rsaServiceProvider.ModularExponentation },
{ JumpTable.ModularReductionRSA, rsaServiceProvider.ModularReduction },
{ JumpTable.DecryptCipherRSA, rsaServiceProvider.DecryptData },
{ JumpTable.RunAES, aesServiceProvider.PerformAESOperation },
{ JumpTable.RunAES_DMA, aesServiceProvider.PerformAESOperationDMA },
};
Reset();
}
/// <summary>
/// Create an AES encryptor from an encrypted AES key, you can use the encryptor to create. This is the parsed version for increased efficiancy
///
/// To create the parsed cert <see cref="Kalix.ApiCrypto.RSA.RSACertificateParser.ParsePrivateCertificate"/>
/// </summary>
/// <param name="blob">AES data created from the <see cref="CreateBlob(AESKeySize, X509Certificate2)"/> or <see cref="CreateBlob(AESKeySize, RSAServiceProvider)"/> method</param>
/// <param name="rsaCert">Parsed RSA certificate to decrypt data, must have a private key</param>
/// <returns>Encryptor that can be used to encrypt/decrypt any number of documents</returns>
public static AESEncryptor CreateEncryptor(byte[] blob, RSAServiceProvider rsaCert)
{
var key = rsaCert.DecryptValue(blob);
return(new AESEncryptor(key));
}
