public byte[] CreateMessage3() { CBORObject msg = CBORObject.NewArray(); if (_fSymmetricSecret) { msg.Add(6); } else { msg.Add(3); } msg.Add(_SessionId[1]); byte[] aad_3 = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msg.EncodeToBytes() }, _MessageDigest); byte[] signBody = new byte[0]; if (!_fSymmetricSecret) { Sign1Message sign1 = new Sign1Message(false, false); sign1.SetContent(aad_3); sign1.AddAttribute(HeaderKeys.Algorithm, _algSign, Attributes.DO_NOT_SEND); sign1.AddAttribute(HeaderKeys.KeyId, _SigningKey[CoseKeyKeys.KeyIdentifier], Attributes.UNPROTECTED); sign1.Sign(_SigningKey); CBORObject obj = CBORObject.NewArray(); obj.Add(sign1.EncodeToBytes()); signBody = obj.EncodeToBytes(); } byte[][] encKeys = _DeriveKeys(_Keys, _SecretSalt, aad_3, _algAEAD); Encrypt0Message enc = new Encrypt0Message(false); enc.SetContent(signBody); enc.SetExternalData(aad_3); enc.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND); enc.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(encKeys[1]), Attributes.DO_NOT_SEND); enc.Encrypt(encKeys[0]); msg.Add(enc.EncodeToBytes()); byte[] msgOut = msg.EncodeToBytes(); _LastMessageAuthenticator = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msgOut }, _MessageDigest); return(msgOut); }
public void noContent() { Sign1Message msg = new Sign1Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.ECDSA_256, Attributes.PROTECTED); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Sign(cnKeyPrivate)); Assert.AreEqual(e.Message, ("No Content Specified")); }
public void nullKey() { Sign1Message msg = new Sign1Message(); OneKey key = null; msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.ECDSA_256, Attributes.PROTECTED); msg.SetContent(rgbContent); Assert.ThrowsException <NullReferenceException>(() => msg.Sign(key)); }
public void unsupportedAlgorithm() { Sign1Message msg = new Sign1Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.HMAC_SHA_256, Attributes.PROTECTED); msg.SetContent(rgbContent); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Sign(cnKeyPrivate)); Assert.AreEqual(e.Message, ("Unknown Algorithm Specified")); }
public void unknownAlgorithm() { Sign1Message msg = new Sign1Message(); msg.AddAttribute(HeaderKeys.Algorithm, CBORObject.FromObject("Unknown"), Attributes.PROTECTED); msg.SetContent(rgbContent); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Sign(cnKeyPrivate)); Assert.AreEqual(e.Message, ("Unknown Algorithm Specified")); }
public void publicKey() { Sign1Message msg = new Sign1Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.ECDSA_256, Attributes.PROTECTED); msg.SetContent(rgbContent); CoseException e = Assert.ThrowsException <CoseException>(() => msg.Sign(cnKeyPublic)); Assert.AreEqual(e.Message, ("Private key required to sign")); }
public void testRoundTrip() { Sign1Message msg = new Sign1Message(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.ECDSA_256, Attributes.PROTECTED); msg.SetContent(rgbContent); msg.Sign(cnKeyPrivate); byte[] rgbMsg = msg.EncodeToBytes(); msg = (Sign1Message)Message.DecodeFromBytes(rgbMsg, Tags.Sign1); Boolean f = msg.Validate(cnKeyPublic); Assert.AreEqual(f, (true)); }
static public EdhocResponder ParseMessage3(byte[] msgData, KeySet serverKeys) { CBORObject algVerify = null; CBORObject msg = CBORObject.DecodeFromBytes(msgData); if (msg.Type != CBORType.Array) { throw new Exception("Invalid message"); } EdhocResponder edhoc = MessageList[new ListKey(msg[1].GetByteString())]; edhoc._Messages[2] = msgData; if (edhoc._fSymmetricSecret) { if (msg[0].AsInt16() != 6) { throw new Exception("Invalid Message"); } } else { if (msg[0].AsInt16() != 3) { throw new Exception("Invalid Message"); } } Encrypt0Message enc0 = (Encrypt0Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(msg[2].GetByteString(), Tags.Encrypt0); msg.Remove(msg[2]); byte[] data_3 = msg.EncodeToBytes(); byte[] aad_3 = ConcatenateAndHash(new byte[][] { edhoc._LastMessageAuthenticator, data_3 }, edhoc._MessageDigest); byte[][] useKeys = _DeriveKeys(edhoc._Keys, edhoc._SecretSalt, aad_3, edhoc._algAEAD); byte[] encKey = useKeys[0]; enc0.AddAttribute(HeaderKeys.Algorithm, edhoc._algAEAD, Attributes.DO_NOT_SEND); enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND); enc0.SetExternalData(aad_3); byte[] body = enc0.Decrypt(encKey); if (!edhoc._fSymmetricSecret) { CBORObject encBody = CBORObject.DecodeFromBytes(body); Sign1Message sign1 = (Sign1Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(encBody[0].GetByteString(), Tags.Sign1); sign1.AddAttribute(HeaderKeys.Algorithm, edhoc._algSign, Attributes.DO_NOT_SEND); CBORObject kidObject = sign1.FindAttribute(HeaderKeys.KeyId); byte[] kid = null; if (kidObject != null) { kid = kidObject.GetByteString(); } sign1.SetExternalData(aad_3); KeySet keys = new KeySet(); foreach (OneKey sigKey in serverKeys) { if (sigKey.HasKid(kid)) { keys.AddKey(sigKey); } } List <OneKey> ks = new List <OneKey>(); List <OneKey> ks2 = ks.Where(f => f.HasKid(kid)).ToList(); OneKey signingKey = null; foreach (OneKey sigKey in keys) { try { sign1.Validate(sigKey); signingKey = sigKey; } catch (Exception) { // nop; } } if (signingKey == null) { throw new Exception("Unable to complete - no signing key found"); } } else { // body is the EXT_3 value } edhoc._LastMessageAuthenticator = ConcatenateAndHash(new byte[][] { edhoc._LastMessageAuthenticator, msgData }, edhoc._MessageDigest); return(edhoc); }
public byte[] CreateMessage2() { CBORObject msg = CBORObject.NewArray(); CBORObject obj; if (_fSymmetricSecret) { msg.Add(5); // Msg Type } else { msg.Add(2); } msg.Add(_SessionId[1]); // S_U msg.Add(_SessionId[0]); // S_V msg.Add(_Nonce[0]); // N_V msg.Add(_Keys[0].PublicKey().AsCBOR()); // E_V msg.Add(_algKeyAgree); // HKDF_V msg.Add(_algAEAD); // AEAD_V if (!_fSymmetricSecret) { msg.Add(_algSign); // SIG_V obj = CBORObject.NewArray(); obj.Add(AlgorithmValuesInt.ECDSA_256); obj.Add(AlgorithmValues.EdDSA); msg.Add(obj); // SIGs_V } if (_algKeyAgree.Equals(COSE.AlgorithmValues.ECDH_SS_HKDF_256)) { _MessageDigest = new Sha256Digest(); } byte[] data2 = msg.EncodeToBytes(); byte[] aad_2 = ConcatenateAndHash(new byte[2][] { _Messages[0], data2 }, _MessageDigest); // M00TODO - hash message[0] before passing it in. byte[][] useKeys = _DeriveKeys(_Keys, _SecretSalt, aad_2, _algAEAD); byte[] aeadKey = useKeys[0]; byte[] signResult = new byte[0]; if (!_fSymmetricSecret) { Sign1Message sign1 = new Sign1Message(false, false); sign1.SetContent(aad_2); sign1.AddAttribute(HeaderKeys.KeyId, _SigningKey[CoseKeyKeys.KeyIdentifier], Attributes.UNPROTECTED); sign1.AddAttribute(HeaderKeys.Algorithm, _algSign, Attributes.DO_NOT_SEND); sign1.Sign(_SigningKey); signResult = sign1.EncodeToBytes(); } Encrypt0Message enc0 = new Encrypt0Message(true); enc0.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND); enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND); enc0.SetExternalData(aad_2); CBORObject encContent = CBORObject.NewArray(); encContent.Add(signResult); enc0.SetContent(encContent.EncodeToBytes()); enc0.Encrypt(aeadKey); msg.Add(enc0.EncodeToCBORObject()); // COSE_ENC_2 _Messages[1] = msg.EncodeToBytes(); _LastMessageAuthenticator = ConcatenateAndHash(new byte[][] { _Messages[0], _Messages[1] }, _MessageDigest); return(_Messages[1]); }
/// <summary> /// /// </summary> /// <param name="msgData"></param> /// <param name="keySetPublic"></param> public void ParseMessage2(byte[] msgData, KeySet keySetPublic) { int msgIndex; CBORObject algVerify = null; CBORObject msg = CBORObject.DecodeFromBytes(msgData); if (msg.Type != CBORType.Array) { throw new Exception("Invalid message"); } _Messages[1] = msgData; if (_fSymmetricSecret) { if (msg[0].AsInt16() != 5) { throw new Exception("Invalid Message"); } } else { if (msg[0].AsInt16() != 2) { throw new Exception("Invalid Message"); } } _SessionId[1] = msg[2].GetByteString(); // S_V _Nonce[1] = msg[3].GetByteString(); // N_V _Keys[1] = new OneKey(msg[4]); // E_V _algKeyAgree = msg[5]; // HKDF_V _algAEAD = msg[6]; // AAEAD_V if (_fSymmetricSecret) { msgIndex = 7; } else { algVerify = msg[7]; // SIG_V _algSign = _SelectAlgorithm(msg[8], new CBORObject[] { _SigningKey[CoseKeyKeys.Algorithm] }); // SIG_U msgIndex = 9; } // What is the hash algorithm to use? switch ((AlgorithmValuesInt)_algKeyAgree.AsInt32()) { case AlgorithmValuesInt.ECDH_SS_HKDF_256: _MessageDigest = new Sha256Digest(); break; case AlgorithmValuesInt.ECDH_SS_HKDF_512: _MessageDigest = new Sha512Digest(); break; } Encrypt0Message enc0 = (Encrypt0Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(msg[msgIndex].EncodeToBytes(), Tags.Encrypt0); msg.Remove(msg[msgIndex]); byte[] data_2 = msg.EncodeToBytes(); byte[] aad_2 = ConcatenateAndHash(new byte[2][] { _Messages[0], data_2 }, _MessageDigest); byte[][] useKeys = _DeriveKeys(_Keys, _SecretSalt, aad_2, _algAEAD); byte[] encKey = useKeys[0]; enc0.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND); enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND); enc0.SetExternalData(aad_2); byte[] body = enc0.Decrypt(encKey); if (!_fSymmetricSecret) { CBORObject encBody = CBORObject.DecodeFromBytes(body); Sign1Message sign1 = (Sign1Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(encBody[0].GetByteString(), Tags.Sign1); sign1.AddAttribute(HeaderKeys.Algorithm, algVerify, Attributes.DO_NOT_SEND); CBORObject kid = sign1.FindAttribute(HeaderKeys.KeyId); sign1.SetExternalData(aad_2); foreach (OneKey sigKey in keySetPublic) { sign1.Validate(sigKey); //FIND KEY); } } else { // body is the EXT_2 value } _LastMessageAuthenticator = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msgData }, _MessageDigest); }