示例#1
0
        public byte[] CreateMessage3()
        {
            CBORObject msg = CBORObject.NewArray();

            if (_fSymmetricSecret)
            {
                msg.Add(6);
            }
            else
            {
                msg.Add(3);
            }
            msg.Add(_SessionId[1]);

            byte[] aad_3 = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msg.EncodeToBytes() }, _MessageDigest);

            byte[] signBody = new byte[0];
            if (!_fSymmetricSecret)
            {
                Sign1Message sign1 = new Sign1Message(false, false);
                sign1.SetContent(aad_3);
                sign1.AddAttribute(HeaderKeys.Algorithm, _algSign, Attributes.DO_NOT_SEND);
                sign1.AddAttribute(HeaderKeys.KeyId, _SigningKey[CoseKeyKeys.KeyIdentifier], Attributes.UNPROTECTED);
                sign1.Sign(_SigningKey);

                CBORObject obj = CBORObject.NewArray();
                obj.Add(sign1.EncodeToBytes());

                signBody = obj.EncodeToBytes();
            }

            byte[][] encKeys = _DeriveKeys(_Keys, _SecretSalt, aad_3, _algAEAD);

            Encrypt0Message enc = new Encrypt0Message(false);

            enc.SetContent(signBody);
            enc.SetExternalData(aad_3);
            enc.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND);
            enc.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(encKeys[1]), Attributes.DO_NOT_SEND);
            enc.Encrypt(encKeys[0]);

            msg.Add(enc.EncodeToBytes());

            byte[] msgOut = msg.EncodeToBytes();

            _LastMessageAuthenticator = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msgOut }, _MessageDigest);

            return(msgOut);
        }
示例#2
0
        public void noContent()
        {
            Sign1Message msg = new Sign1Message();

            msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.ECDSA_256, Attributes.PROTECTED);
            CoseException e = Assert.ThrowsException <CoseException>(() =>
                                                                     msg.Sign(cnKeyPrivate));

            Assert.AreEqual(e.Message, ("No Content Specified"));
        }
示例#3
0
        public void nullKey()
        {
            Sign1Message msg = new Sign1Message();
            OneKey       key = null;

            msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.ECDSA_256, Attributes.PROTECTED);
            msg.SetContent(rgbContent);
            Assert.ThrowsException <NullReferenceException>(() =>
                                                            msg.Sign(key));
        }
示例#4
0
        public void unsupportedAlgorithm()
        {
            Sign1Message msg = new Sign1Message();

            msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.HMAC_SHA_256, Attributes.PROTECTED);
            msg.SetContent(rgbContent);
            CoseException e = Assert.ThrowsException <CoseException>(() =>
                                                                     msg.Sign(cnKeyPrivate));

            Assert.AreEqual(e.Message, ("Unknown Algorithm Specified"));
        }
示例#5
0
        public void unknownAlgorithm()
        {
            Sign1Message msg = new Sign1Message();

            msg.AddAttribute(HeaderKeys.Algorithm, CBORObject.FromObject("Unknown"), Attributes.PROTECTED);
            msg.SetContent(rgbContent);
            CoseException e = Assert.ThrowsException <CoseException>(() =>
                                                                     msg.Sign(cnKeyPrivate));

            Assert.AreEqual(e.Message, ("Unknown Algorithm Specified"));
        }
示例#6
0
        public void publicKey()
        {
            Sign1Message msg = new Sign1Message();

            msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.ECDSA_256, Attributes.PROTECTED);
            msg.SetContent(rgbContent);
            CoseException e = Assert.ThrowsException <CoseException>(() =>
                                                                     msg.Sign(cnKeyPublic));

            Assert.AreEqual(e.Message, ("Private key required to sign"));
        }
示例#7
0
        public void testRoundTrip()
        {
            Sign1Message msg = new Sign1Message();

            msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.ECDSA_256, Attributes.PROTECTED);
            msg.SetContent(rgbContent);
            msg.Sign(cnKeyPrivate);
            byte[] rgbMsg = msg.EncodeToBytes();

            msg = (Sign1Message)Message.DecodeFromBytes(rgbMsg, Tags.Sign1);
            Boolean f = msg.Validate(cnKeyPublic);

            Assert.AreEqual(f, (true));
        }
示例#8
0
        static public EdhocResponder ParseMessage3(byte[] msgData, KeySet serverKeys)
        {
            CBORObject algVerify = null;

            CBORObject msg = CBORObject.DecodeFromBytes(msgData);

            if (msg.Type != CBORType.Array)
            {
                throw new Exception("Invalid message");
            }

            EdhocResponder edhoc = MessageList[new ListKey(msg[1].GetByteString())];

            edhoc._Messages[2] = msgData;

            if (edhoc._fSymmetricSecret)
            {
                if (msg[0].AsInt16() != 6)
                {
                    throw new Exception("Invalid Message");
                }
            }
            else
            {
                if (msg[0].AsInt16() != 3)
                {
                    throw new Exception("Invalid Message");
                }
            }


            Encrypt0Message enc0 = (Encrypt0Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(msg[2].GetByteString(), Tags.Encrypt0);

            msg.Remove(msg[2]);

            byte[] data_3 = msg.EncodeToBytes();
            byte[] aad_3  = ConcatenateAndHash(new byte[][] { edhoc._LastMessageAuthenticator, data_3 }, edhoc._MessageDigest);

            byte[][] useKeys = _DeriveKeys(edhoc._Keys, edhoc._SecretSalt, aad_3, edhoc._algAEAD);
            byte[]   encKey  = useKeys[0];

            enc0.AddAttribute(HeaderKeys.Algorithm, edhoc._algAEAD, Attributes.DO_NOT_SEND);
            enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND);
            enc0.SetExternalData(aad_3);
            byte[] body = enc0.Decrypt(encKey);

            if (!edhoc._fSymmetricSecret)
            {
                CBORObject encBody = CBORObject.DecodeFromBytes(body);

                Sign1Message sign1 = (Sign1Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(encBody[0].GetByteString(), Tags.Sign1);
                sign1.AddAttribute(HeaderKeys.Algorithm, edhoc._algSign, Attributes.DO_NOT_SEND);

                CBORObject kidObject = sign1.FindAttribute(HeaderKeys.KeyId);
                byte[]     kid       = null;
                if (kidObject != null)
                {
                    kid = kidObject.GetByteString();
                }
                sign1.SetExternalData(aad_3);

                KeySet keys = new KeySet();
                foreach (OneKey sigKey in serverKeys)
                {
                    if (sigKey.HasKid(kid))
                    {
                        keys.AddKey(sigKey);
                    }
                }

                List <OneKey> ks  = new List <OneKey>();
                List <OneKey> ks2 = ks.Where(f => f.HasKid(kid)).ToList();

                OneKey signingKey = null;
                foreach (OneKey sigKey in keys)
                {
                    try {
                        sign1.Validate(sigKey);
                        signingKey = sigKey;
                    }
                    catch (Exception) {
                        // nop;
                    }
                }

                if (signingKey == null)
                {
                    throw new Exception("Unable to complete - no signing key found");
                }
            }
            else
            {
                // body is the EXT_3 value
            }

            edhoc._LastMessageAuthenticator = ConcatenateAndHash(new byte[][] { edhoc._LastMessageAuthenticator, msgData }, edhoc._MessageDigest);

            return(edhoc);
        }
示例#9
0
        public byte[] CreateMessage2()
        {
            CBORObject msg = CBORObject.NewArray();
            CBORObject obj;

            if (_fSymmetricSecret)
            {
                msg.Add(5);             // Msg Type
            }
            else
            {
                msg.Add(2);
            }

            msg.Add(_SessionId[1]);                 // S_U
            msg.Add(_SessionId[0]);                 // S_V
            msg.Add(_Nonce[0]);                     // N_V
            msg.Add(_Keys[0].PublicKey().AsCBOR()); // E_V
            msg.Add(_algKeyAgree);                  // HKDF_V
            msg.Add(_algAEAD);                      // AEAD_V
            if (!_fSymmetricSecret)
            {
                msg.Add(_algSign);          // SIG_V

                obj = CBORObject.NewArray();
                obj.Add(AlgorithmValuesInt.ECDSA_256);
                obj.Add(AlgorithmValues.EdDSA);
                msg.Add(obj);               // SIGs_V
            }

            if (_algKeyAgree.Equals(COSE.AlgorithmValues.ECDH_SS_HKDF_256))
            {
                _MessageDigest = new Sha256Digest();
            }

            byte[] data2 = msg.EncodeToBytes();
            byte[] aad_2 = ConcatenateAndHash(new byte[2][] { _Messages[0], data2 }, _MessageDigest);   // M00TODO - hash message[0] before passing it in.

            byte[][] useKeys = _DeriveKeys(_Keys, _SecretSalt, aad_2, _algAEAD);
            byte[]   aeadKey = useKeys[0];

            byte[] signResult = new byte[0];
            if (!_fSymmetricSecret)
            {
                Sign1Message sign1 = new Sign1Message(false, false);
                sign1.SetContent(aad_2);
                sign1.AddAttribute(HeaderKeys.KeyId, _SigningKey[CoseKeyKeys.KeyIdentifier], Attributes.UNPROTECTED);
                sign1.AddAttribute(HeaderKeys.Algorithm, _algSign, Attributes.DO_NOT_SEND);

                sign1.Sign(_SigningKey);
                signResult = sign1.EncodeToBytes();
            }

            Encrypt0Message enc0 = new Encrypt0Message(true);

            enc0.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND);
            enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND);
            enc0.SetExternalData(aad_2);
            CBORObject encContent = CBORObject.NewArray();

            encContent.Add(signResult);
            enc0.SetContent(encContent.EncodeToBytes());

            enc0.Encrypt(aeadKey);
            msg.Add(enc0.EncodeToCBORObject());  // COSE_ENC_2

            _Messages[1] = msg.EncodeToBytes();

            _LastMessageAuthenticator = ConcatenateAndHash(new byte[][] { _Messages[0], _Messages[1] }, _MessageDigest);

            return(_Messages[1]);
        }
示例#10
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="msgData"></param>
        /// <param name="keySetPublic"></param>
        public void ParseMessage2(byte[] msgData, KeySet keySetPublic)
        {
            int        msgIndex;
            CBORObject algVerify = null;

            CBORObject msg = CBORObject.DecodeFromBytes(msgData);

            if (msg.Type != CBORType.Array)
            {
                throw new Exception("Invalid message");
            }

            _Messages[1] = msgData;

            if (_fSymmetricSecret)
            {
                if (msg[0].AsInt16() != 5)
                {
                    throw new Exception("Invalid Message");
                }
            }
            else
            {
                if (msg[0].AsInt16() != 2)
                {
                    throw new Exception("Invalid Message");
                }
            }

            _SessionId[1] = msg[2].GetByteString();       // S_V
            _Nonce[1]     = msg[3].GetByteString();       // N_V
            _Keys[1]      = new OneKey(msg[4]);           // E_V
            _algKeyAgree  = msg[5];                       // HKDF_V
            _algAEAD      = msg[6];                       // AAEAD_V
            if (_fSymmetricSecret)
            {
                msgIndex = 7;
            }
            else
            {
                algVerify = msg[7];                                                                            // SIG_V
                _algSign  = _SelectAlgorithm(msg[8], new CBORObject[] { _SigningKey[CoseKeyKeys.Algorithm] }); // SIG_U
                msgIndex  = 9;
            }

            //  What is the hash algorithm to use?
            switch ((AlgorithmValuesInt)_algKeyAgree.AsInt32())
            {
            case AlgorithmValuesInt.ECDH_SS_HKDF_256:
                _MessageDigest = new Sha256Digest();
                break;

            case AlgorithmValuesInt.ECDH_SS_HKDF_512:
                _MessageDigest = new Sha512Digest();
                break;
            }


            Encrypt0Message enc0 = (Encrypt0Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(msg[msgIndex].EncodeToBytes(), Tags.Encrypt0);

            msg.Remove(msg[msgIndex]);
            byte[] data_2 = msg.EncodeToBytes();
            byte[] aad_2  = ConcatenateAndHash(new byte[2][] { _Messages[0], data_2 }, _MessageDigest);

            byte[][] useKeys = _DeriveKeys(_Keys, _SecretSalt, aad_2, _algAEAD);
            byte[]   encKey  = useKeys[0];
            enc0.AddAttribute(HeaderKeys.Algorithm, _algAEAD, Attributes.DO_NOT_SEND);
            enc0.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(useKeys[1]), Attributes.DO_NOT_SEND);
            enc0.SetExternalData(aad_2);
            byte[] body = enc0.Decrypt(encKey);

            if (!_fSymmetricSecret)
            {
                CBORObject encBody = CBORObject.DecodeFromBytes(body);

                Sign1Message sign1 = (Sign1Message)Com.AugustCellars.COSE.Message.DecodeFromBytes(encBody[0].GetByteString(), Tags.Sign1);
                sign1.AddAttribute(HeaderKeys.Algorithm, algVerify, Attributes.DO_NOT_SEND);

                CBORObject kid = sign1.FindAttribute(HeaderKeys.KeyId);
                sign1.SetExternalData(aad_2);



                foreach (OneKey sigKey in keySetPublic)
                {
                    sign1.Validate(sigKey); //FIND KEY);
                }
            }
            else
            {
                // body is the EXT_2 value
            }

            _LastMessageAuthenticator = ConcatenateAndHash(new byte[2][] { _LastMessageAuthenticator, msgData }, _MessageDigest);
        }