public void ShouldThrowArgumentExceptionOnInvalidMacType(KeyAgreementMacType keyAgreementMacType) { ModeValues mode = ModeValues.SHA1; DigestSizes digestSize = DigestSizes.NONE; Assert.Throws(typeof(ArgumentException), () => EnumMapping.GetHashFunctionOptions(keyAgreementMacType, ref mode, ref digestSize)); }
public void ShouldVerifyRandomlyGeneratedSignatures(ModeValues mode, DigestSizes digest, Curve curveEnum) { var nonces = new List <BigInteger>(); var hashFunction = new HashFunction(mode, digest); var shaFactory = new NativeShaFactory(); var sha = shaFactory.GetShaInstance(hashFunction); var hmacFactory = new HmacFactory(shaFactory); var hmac = hmacFactory.GetHmacInstance(hashFunction); var subject = new EccDsa(sha, new DeterministicNonceProvider(hmac), EntropyProviderTypes.Random); var curveFactory = new EccCurveFactory(); var curve = curveFactory.GetCurve(curveEnum); var domainParams = new EccDomainParameters(curve); var key = subject.GenerateKeyPair(domainParams).KeyPair; var rand = new Random800_90(); for (var i = 0; i < 100; i++) { var message = rand.GetRandomBitString(1024); var signature = subject.Sign(domainParams, key, message).Signature; var verify = subject.Verify(domainParams, key, message, signature); nonces.Add(signature.R); Assert.IsTrue(verify.Success, verify.ErrorMessage); } // Check nonces for uniqueness Assert.AreEqual(nonces.Count, nonces.Distinct().Count(), "Repeated nonce detected"); }
public INoKeyConfirmation GetInstance(INoKeyConfirmationParameters parameters) { switch (parameters.KeyAgreementMacType) { case KeyAgreementMacType.AesCcm: return(new NoKeyConfirmationAesCcm(_macDataCreator, parameters, new CcmBlockCipher(new AesEngine(), new ModeBlockCipherFactory(), new AES_CCMInternals()))); case KeyAgreementMacType.CmacAes: return(new NoKeyConfirmationCmac(_macDataCreator, parameters, _cmacFactory.GetCmacInstance(CmacTypes.AES128))); // doesn't matter as long as aea case KeyAgreementMacType.HmacSha1: case KeyAgreementMacType.HmacSha2D224: case KeyAgreementMacType.HmacSha2D256: case KeyAgreementMacType.HmacSha2D384: case KeyAgreementMacType.HmacSha2D512: case KeyAgreementMacType.HmacSha2D512_T224: case KeyAgreementMacType.HmacSha2D512_T256: case KeyAgreementMacType.HmacSha3D224: case KeyAgreementMacType.HmacSha3D256: case KeyAgreementMacType.HmacSha3D384: case KeyAgreementMacType.HmacSha3D512: ModeValues modeValue = ModeValues.SHA2; DigestSizes digestSize = DigestSizes.NONE; EnumMapping.GetHashFunctionOptions(parameters.KeyAgreementMacType, ref modeValue, ref digestSize); return(new NoKeyConfirmationHmac(_macDataCreator, parameters, _hmacFactory.GetHmacInstance(new HashFunction(modeValue, digestSize)))); default: throw new ArgumentException($"{GetType().Name}, {nameof(parameters.KeyAgreementMacType)}"); } }
public void ShouldIkeV2Correctly(ModeValues mode, DigestSizes digestSize, int dkmLength, string niHex, string nrHex, string girHex, string girNewHex, string spiiHex, string spirHex, string sKeySeedHex, string dkmHex, string dkmChildSAHex, string dkmChildSADhHex, string SKeySeedReKeyHex) { var ni = new BitString(niHex); var nr = new BitString(nrHex); var gir = new BitString(girHex); var girNew = new BitString(girNewHex); var spii = new BitString(spiiHex); var spir = new BitString(spirHex); var sKeySeed = new BitString(sKeySeedHex); var dkm = new BitString(dkmHex); var dkmChildSA = new BitString(dkmChildSAHex); var dkmChildSADh = new BitString(dkmChildSADhHex); var sKeySeedReKey = new BitString(SKeySeedReKeyHex); var hmac = new HmacFactory(new NativeShaFactory()).GetHmacInstance(new HashFunction(mode, digestSize)); var subject = new IkeV2(hmac); var result = subject.GenerateIke(ni, nr, gir, girNew, spii, spir, dkmLength); Assert.IsTrue(result.Success); Assert.AreEqual(sKeySeed, result.SKeySeed, "SKeySeed"); Assert.AreEqual(dkm, result.DKM, "DKM"); Assert.AreEqual(dkmChildSA, result.DKMChildSA, "DKMChildSA"); Assert.AreEqual(dkmChildSADh, result.DKMChildSADh, "DKMChildSADh"); Assert.AreEqual(sKeySeedReKey, result.SKeySeedReKey, "SKeySeedReKey"); }
public void ShouldReturnCorrectMac(ModeValues modeValue, DigestSizes digestSize, int keySize, int tagLength, BitString serverId, BitString iutId, BitString serverPublicKey, BitString iutPublicKey, BitString derivedKeyingMaterial, BitString expectedMacData, BitString expectedTag) { var hmac = _hmacFactory.GetHmacInstance(new HashFunction(modeValue, digestSize)); var p = new KeyConfirmationParameters( KeyAgreementRole.InitiatorPartyU, KeyConfirmationRole.Provider, KeyConfirmationDirection.Bilateral, KeyAgreementMacType.CmacAes, // note this doesn't matter for the scope of this test keySize, tagLength, iutId, serverId, iutPublicKey, serverPublicKey, derivedKeyingMaterial ); _subject = new KeyConfirmationHmac(new KeyConfirmationMacDataCreator(), p, hmac); var result = _subject.ComputeMac(); Assert.That(result.Success); Assert.AreEqual(expectedMacData.ToHex(), result.MacData.ToHex(), nameof(expectedMacData)); Assert.AreEqual(expectedTag.ToHex(), result.Mac.ToHex(), nameof(expectedTag)); }
public void ShouldSetCorrectHashFunctionAttributesFromHmac(KeyAgreementMacType keyAgreementMacType, ModeValues expectedModeValue, DigestSizes expectedDigestSize) { ModeValues mode = ModeValues.SHA1; DigestSizes digestSize = DigestSizes.NONE; EnumMapping.GetHashFunctionOptions(keyAgreementMacType, ref mode, ref digestSize); Assert.AreEqual(expectedModeValue, mode, nameof(expectedModeValue)); Assert.AreEqual(expectedDigestSize, digestSize, nameof(expectedDigestSize)); }
public void ShouldAnsiX963Correctly(ModeValues mode, DigestSizes digestSize, int keyLength, string zHex, string sharedInfoHex, string keyData) { var hash = new HashFunction(mode, digestSize); var sha = new NativeShaFactory().GetShaInstance(hash); var z = new BitString(zHex); var sharedInfo = new BitString(sharedInfoHex); var subject = new AnsiX963(sha); var result = subject.DeriveKey(z, sharedInfo, keyLength); Assert.IsTrue(result.Success, result.ErrorMessage); Assert.AreEqual(keyData, result.DerivedKey.ToHex().ToLower()); }
public HashFunction(ModeValues mode, DigestSizes digestSize) { Mode = mode; DigestSize = digestSize; var attributes = ShaAttributes.GetShaAttributes(mode, digestSize); OutputLen = attributes.outputLen; BlockSize = attributes.blockSize; MaxMessageLen = attributes.maxMessageSize; ProcessingLen = attributes.processingLen; Name = attributes.name; }
//[TestCase(ModeValues.SHA3, DigestSizes.d224, "ABCD", "")] //[TestCase(ModeValues.SHA3, DigestSizes.d256, "ABCD", "")] //[TestCase(ModeValues.SHA3, DigestSizes.d384, "ABCD", "")] //[TestCase(ModeValues.SHA3, DigestSizes.d512, "ABCD", "")] public void ShouldComputeCorrectResult(ModeValues mode, DigestSizes digestSize, string inputHex, string outputHex) { var hashFunction = new HashFunction(mode, digestSize); var input = new BitString(inputHex); var expectedOutput = new BitString(outputHex); var factory = new HashConditioningComponentFactory(new DrbgFactory(new NativeShaFactory(), new HmacFactory(new NativeShaFactory()))); var subject = factory.GetInstance(hashFunction); var result = subject.DerivationFunction(input, hashFunction.OutputLen); Assert.IsTrue(result.Success); Assert.AreEqual(expectedOutput.ToHex(), result.Bits.ToHex()); }
public void ShouldHmacCorrectlySpotChecks(ModeValues mode, DigestSizes digestSize, int macLen, string msgHex, string keyHex, string expectedHex) { var hmacFactory = new HmacFactory(new NativeShaFactory()); var hmac = hmacFactory.GetHmacInstance(new HashFunction(mode, digestSize)); var msg = new BitString(msgHex); var key = new BitString(keyHex); var expected = new BitString(expectedHex); var result = hmac.Generate(key, msg, macLen); Assert.That(result.Success); Assert.AreEqual(expected.ToHex(), result.Mac.ToHex()); }
public void ShouldHmacCorrectly(string label, ModeValues mode, DigestSizes digestSize, int keyByteSize, int additionToIndexInKey, BitString expectedHmac, int macLength) { var hashFunction = new HashFunction(mode, digestSize); var factory = new HmacFactory(new NativeShaFactory()); _subject = factory.GetHmacInstance(hashFunction); var key = GenKey(keyByteSize, additionToIndexInKey); var message = GetBitStringFromString(label); var result = _subject.Generate(key, message, macLength); Assert.AreEqual(expectedHmac.ToHex(), result.Mac.ToHex()); }
public void HkdfShouldProduceCorrectResults(ModeValues mode, DigestSizes digest, string ikm, string salt, string info, int length, string okm) { var hmac = new HmacFactory(new NativeShaFactory()).GetHmacInstance(new HashFunction(mode, digest)); var hkdf = new Hkdf(hmac); var ikmBs = new BitString(ikm); var saltBs = new BitString(salt); var infoBs = new BitString(info); var okmBs = new BitString(okm); var result = hkdf.DeriveKey(saltBs, ikmBs, infoBs, length); Assert.IsTrue(result.Success); Assert.AreEqual(okmBs, result.DerivedKey); }
public IKeyConfirmation GetInstance(IKeyConfirmationParameters parameters) { switch (parameters.MacType) { case KeyAgreementMacType.AesCcm: ConfirmKeyLengthAesCcm(parameters.KeyLength); return(new KeyConfirmationAesCcm( _macDataCreator, parameters, new CcmBlockCipher(new AesEngine(), new ModeBlockCipherFactory(), new AES_CCMInternals()))); case KeyAgreementMacType.CmacAes: var cmacEnum = MapCmacEnum(parameters.KeyLength); return(new KeyConfirmationCmac( _macDataCreator, parameters, _cmacFactory.GetCmacInstance(cmacEnum))); case KeyAgreementMacType.HmacSha1: case KeyAgreementMacType.HmacSha2D224: case KeyAgreementMacType.HmacSha2D256: case KeyAgreementMacType.HmacSha2D384: case KeyAgreementMacType.HmacSha2D512: case KeyAgreementMacType.HmacSha2D512_T224: case KeyAgreementMacType.HmacSha2D512_T256: case KeyAgreementMacType.HmacSha3D224: case KeyAgreementMacType.HmacSha3D256: case KeyAgreementMacType.HmacSha3D384: case KeyAgreementMacType.HmacSha3D512: ModeValues modeValue = ModeValues.SHA2; DigestSizes digestSize = DigestSizes.NONE; EnumMapping.GetHashFunctionOptions(parameters.MacType, ref modeValue, ref digestSize); return(new KeyConfirmationHmac( _macDataCreator, parameters, _hmacFactory.GetHmacInstance(new HashFunction(modeValue, digestSize)))); case KeyAgreementMacType.Kmac_128: return(new KeyConfirmationKmac(_macDataCreator, parameters, _kmacFactory, 256)); case KeyAgreementMacType.Kmac_256: return(new KeyConfirmationKmac(_macDataCreator, parameters, _kmacFactory, 512)); default: throw new ArgumentException($"{GetType().Name}, {nameof(parameters.MacType)}"); } }
public void ShouldMacCorrectly(int keyLength, int macLength, KeyAgreementMacType keyAgreementMacType, BitString dkm, BitString nonce, BitString expectedMacData, BitString expectedMac) { ModeValues modeValue = ModeValues.SHA2; DigestSizes digestSize = DigestSizes.NONE; EnumMapping.GetHashFunctionOptions(keyAgreementMacType, ref modeValue, ref digestSize); NoKeyConfirmationParameters p = new NoKeyConfirmationParameters(keyAgreementMacType, macLength, dkm, nonce); _subject = new NoKeyConfirmationHmac(new NoKeyConfirmationMacDataCreator(), p, _algoFactory.GetHmacInstance(new HashFunction(modeValue, digestSize))); var result = _subject.ComputeMac(); Assert.That(result.Success, nameof(result.Success)); Assert.AreEqual(expectedMacData.ToHex(), result.MacData.ToHex(), nameof(result.MacData)); Assert.AreEqual(expectedMac.ToHex(), result.Mac.ToHex(), nameof(result.Mac)); }
public void TestCasesFromGhIssues(string label, ModeValues mode, DigestSizes digestSize, int keyLen, string zzHex, string otherInfoHex, string expectedHex) { var zz = new BitString(zzHex); var otherInfo = new BitString(otherInfoHex); var hashFunction = new HashFunction(mode, digestSize); var sha = _factory.GetShaInstance(hashFunction); var subject = new AnsiX942Concat(sha); var param = new ConcatAns942Parameters { Zz = zz, KeyLen = keyLen, OtherInfo = otherInfo }; var result = subject.DeriveKey(param); Assert.True(result.Success); Assert.AreEqual(new BitString(expectedHex).ToHex(), result.DerivedKey.ToHex()); }
public void IsoIec9797Tests(ModeValues mode, DigestSizes digestSize, int macLength, string ascii, int count, string keyHex, string expectedHex) { var sha = _shaFactory.GetShaInstance(new HashFunction(mode, digestSize)); _subject = new NativeHmac(sha); var key = new BitString(keyHex); BitString message; if (count == 0) { message = new BitString(Encoding.ASCII.GetBytes(ascii)); } else { message = new BitString(Encoding.ASCII.GetBytes(ascii), count * 8); } var result = _subject.Generate(key, message, macLength); var expected = new BitString(expectedHex, macLength); Assert.AreEqual(expected.ToHex(), result.Mac.ToHex()); }
public void ShouldIkeV1Correctly(ModeValues mode, DigestSizes digestSize, string niHex, string nrHex, string gxyHex, string ckyiHex, string ckyrHex, string sKeyIdHex, string sKeyIdDHex, string sKeyIdAHex, string sKeyIdEHex) { var ni = new BitString(niHex); var nr = new BitString(nrHex); var gxy = new BitString(gxyHex); var ckyi = new BitString(ckyiHex); var ckyr = new BitString(ckyrHex); var sKeyId = new BitString(sKeyIdHex); var sKeyIdD = new BitString(sKeyIdDHex); var sKeyIdA = new BitString(sKeyIdAHex); var sKeyIdE = new BitString(sKeyIdEHex); var hash = new HashFunction(mode, digestSize); var subject = _factory.GetIkeV1Instance(AuthenticationMethods.Dsa, hash); var result = subject.GenerateIke(ni, nr, gxy, ckyi, ckyr); Assert.IsTrue(result.Success); Assert.AreEqual(sKeyId, result.SKeyId, "sKeyId"); Assert.AreEqual(sKeyIdD, result.SKeyIdD, "sKeyIdD"); Assert.AreEqual(sKeyIdA, result.SKeyIdA, "sKeyIdA"); Assert.AreEqual(sKeyIdE, result.SKeyIdE, "sKeyIdE"); }
public void ShouldKdfCorrectly( string label, ModeValues modeValue, DigestSizes digestSize, int kdfSize, BigInteger z, BitString otherInfo, BitString expectedDerivedKeyingMaterial ) { var sha = _shaFactory.GetShaInstance(new HashFunction(modeValue, digestSize)); _subject = new KdfSha(sha, true); var result = _subject.DeriveKey( new BitString(z), kdfSize, otherInfo, null ); Assert.That(result.Success); Assert.AreEqual(expectedDerivedKeyingMaterial.ToHex(), result.DerivedKey.ToHex()); }
public void ShaShouldReturnProperHashFunctionFromConstruction(KdaOneStepAuxFunction kdfOneStepAuxFunction, ModeValues mode, DigestSizes digestSize) { _subject.GetInstance(kdfOneStepAuxFunction, true); _shaFactory.Verify(v => v.GetShaInstance(new HashFunction(mode, digestSize))); }
/// <summary> /// Determines the correct <see cref="ModeValues"/> and <see cref="DigestSizes"/> based on <see cref="KeyAgreementMacType"/> /// </summary> /// <param name="keyAgreementMacType">The key agreement mac type to check against</param> /// <param name="modeValue">The equivalent mode</param> /// <param name="digestSize">The equivalent digest size</param> public static void GetHashFunctionOptions(KeyAgreementMacType keyAgreementMacType, ref ModeValues modeValue, ref DigestSizes digestSize) { switch (keyAgreementMacType) { case KeyAgreementMacType.HmacSha1: modeValue = ModeValues.SHA1; digestSize = DigestSizes.d160; break; case KeyAgreementMacType.HmacSha2D224: modeValue = ModeValues.SHA2; digestSize = DigestSizes.d224; break; case KeyAgreementMacType.HmacSha2D256: modeValue = ModeValues.SHA2; digestSize = DigestSizes.d256; break; case KeyAgreementMacType.HmacSha2D384: modeValue = ModeValues.SHA2; digestSize = DigestSizes.d384; break; case KeyAgreementMacType.HmacSha2D512: modeValue = ModeValues.SHA2; digestSize = DigestSizes.d512; break; case KeyAgreementMacType.HmacSha2D512_T224: modeValue = ModeValues.SHA2; digestSize = DigestSizes.d512t224; break; case KeyAgreementMacType.HmacSha2D512_T256: modeValue = ModeValues.SHA2; digestSize = DigestSizes.d512t256; break; case KeyAgreementMacType.HmacSha3D224: modeValue = ModeValues.SHA3; digestSize = DigestSizes.d224; break; case KeyAgreementMacType.HmacSha3D256: modeValue = ModeValues.SHA3; digestSize = DigestSizes.d256; break; case KeyAgreementMacType.HmacSha3D384: modeValue = ModeValues.SHA3; digestSize = DigestSizes.d384; break; case KeyAgreementMacType.HmacSha3D512: modeValue = ModeValues.SHA3; digestSize = DigestSizes.d512; break; default: throw new ArgumentException($"{typeof(EnumMapping)}, {nameof(keyAgreementMacType)}"); } }