public IIfcSecretKeyingMaterial Build(IfcScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole,
KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection,
bool shouldValidateContributions = true)
{
if (shouldValidateContributions)
{
var generationRequirements = KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole(
scheme, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection);
ValidateNonce(generationRequirements);
ValidateKey(generationRequirements);
ValidatePartyId(generationRequirements);
ValidateK(generationRequirements, scheme);
}
return(new IfcSecretKeyingMaterial()
{
C = _c,
DkmNonce = _dkmNonce,
K = _k,
Key = _key,
PartyId = _partyId,
Z = _z,
});
}
/// <summary>
/// Constructs Kas parameter information
/// </summary>
/// <param name="keyAgreementRole">This party's key agreement role</param>
/// <param name="kasMode">The mode of the KAS attempt</param>
/// <param name="keyConfirmationRole">This party's key confirmation role</param>
/// <param name="keyConfirmationDirection">This party's key confirmation direction</param>
/// <param name="kasAssurances">The assurances associated with the KAS</param>
/// <param name="thisPartyId">The ID associated with this party</param>
protected SchemeParametersBase(
TKasAlgoAttributes kasAlgoAttributes,
KeyAgreementRole keyAgreementRole,
KasMode kasMode,
KeyConfirmationRole keyConfirmationRole,
KeyConfirmationDirection keyConfirmationDirection,
KasAssurance kasAssurances,
BitString thisPartyId
)
{
if (kasMode != KasMode.NoKdfNoKc && BitString.IsZeroLengthOrNull(thisPartyId))
{
throw new ArgumentException(nameof(thisPartyId));
}
if (kasMode == KasMode.KdfKc)
{
if (keyConfirmationRole == KeyConfirmationRole.None ||
keyConfirmationDirection == KeyConfirmationDirection.None)
{
throw new ArgumentException(
$"{nameof(KasMode.KdfKc)} requires a valid (not None) value for both {nameof(keyConfirmationRole)} and {nameof(keyConfirmationDirection)}");
}
}
KasAlgoAttributes = kasAlgoAttributes;
KeyAgreementRole = keyAgreementRole;
KasMode = kasMode;
KeyConfirmationRole = keyConfirmationRole;
KeyConfirmationDirection = keyConfirmationDirection;
KasAssurances = kasAssurances;
ThisPartyId = thisPartyId;
}
public ISecretKeyingMaterial Build(KasScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole,
KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection)
{
var schemeRequirements = KasEnumMapping.GetSchemeRequirements(
scheme,
kasMode,
thisPartyKeyAgreementRole,
keyConfirmationRole,
keyConfirmationDirection);
ValidateDomainParameters(schemeRequirements.requirments, _domainParameters);
ValidateEphemeralKey(schemeRequirements.requirments, _ephemeralKey);
ValidateStaticKey(schemeRequirements.requirments, _staticKey);
ValidateEphemeralNonce(schemeRequirements.requirments, _ephemeralNonce);
ValidateDkmNonce(schemeRequirements.requirments, _dkmNonce);
ValidatePartyId(schemeRequirements.requirments, _partyId);
ValidateConsistentAlgorithm(schemeRequirements.kasAlgo, schemeRequirements.requirments, _domainParameters, _ephemeralKey, _staticKey);
return(new SecretKeyingMaterial()
{
KasAlgorithm = schemeRequirements.kasAlgo,
DkmNonce = _dkmNonce,
DomainParameters = _domainParameters,
EphemeralNonce = _ephemeralNonce,
EphemeralKeyPair = _ephemeralKey,
StaticKeyPair = _staticKey,
PartyId = _partyId,
});
}
public SchemeParametersIfc(
KasAlgoAttributesIfc kasAlgoAttributes,
KeyAgreementRole keyAgreementRole,
KasMode kasMode,
KeyConfirmationRole keyConfirmationRole,
KeyConfirmationDirection keyConfirmationDirection,
KasAssurance kasAssurances,
BitString thisPartyId)
: base(kasAlgoAttributes, keyAgreementRole, kasMode, keyConfirmationRole, keyConfirmationDirection, kasAssurances, thisPartyId)
{
}
/// <summary>
/// Constructor for IFC schemes.
/// </summary>
/// <param name="scheme"></param>
/// <param name="kasMode"></param>
/// <param name="thisPartyKasRole"></param>
/// <param name="thisPartyKeyConfirmationRole"></param>
/// <param name="keyConfirmationDirection"></param>
/// <param name="generatesKeyPair"></param>
/// <param name="generatesEphemeralNonce"></param>
public SchemeKeyNonceGenRequirement(
TScheme scheme,
KasMode kasMode,
KeyAgreementRole thisPartyKasRole,
KeyConfirmationRole thisPartyKeyConfirmationRole,
KeyConfirmationDirection keyConfirmationDirection,
bool generatesKeyPair,
bool generatesEphemeralNonce
) : base(
kasMode, thisPartyKasRole, thisPartyKeyConfirmationRole, keyConfirmationDirection, generatesKeyPair, generatesEphemeralNonce)
{
Scheme = scheme;
}
public SchemeParameters(
KasAlgoAttributes kasAlgoAttributes,
KeyAgreementRole keyAgreementRole,
KasMode kasMode,
KeyConfirmationRole keyConfirmationRole,
KeyConfirmationDirection keyConfirmationDirection,
KasAssurance kasAssurances,
BitString thisPartyId
) : base(kasAlgoAttributes, keyAgreementRole, kasMode, keyConfirmationRole, keyConfirmationDirection, kasAssurances, thisPartyId)
{
KasAlgorithm = KasEnumMapping.GetSchemeRequirements(
kasAlgoAttributes.KasScheme,
kasMode,
keyAgreementRole,
keyConfirmationRole,
keyConfirmationDirection).kasAlgo;
}
public static (SchemeKeyNonceGenRequirement requirments, KasAlgorithm kasAlgo) GetSchemeRequirements(KasScheme scheme, KasMode kasMode, KeyAgreementRole thisPartyKeyAgreementRole, KeyConfirmationRole keyConfirmationRole, KeyConfirmationDirection keyConfirmationDirection)
{
FfcMap.TryFirst(f => f.Value == scheme, out var ffcResult);
EccMap.TryFirst(f => f.Value == scheme, out var eccResult);
if (ffcResult.Key == FfcScheme.None && eccResult.Key == EccScheme.None)
{
throw new ArgumentException($"Unable to map {nameof(scheme)} to {nameof(ffcResult)} or {nameof(eccResult)}");
}
if (ffcResult.Key != FfcScheme.None)
{
return(
KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole(
ffcResult.Key, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection),
KasAlgorithm.Ffc);
}
return(
KeyGenerationRequirementsHelper.GetKeyGenerationOptionsForSchemeAndRole(
eccResult.Key, kasMode, thisPartyKeyAgreementRole, keyConfirmationRole, keyConfirmationDirection),
KasAlgorithm.Ecc);
}
