public IBlockResult GetResult(int outputLength)
{
IMac md5Hmac = new HMac(md5Provider.CreateEngine(EngineUsage.GENERAL));
IMac sha1HMac = FipsShs.CreateHmac(FipsShs.Sha1HMac);
return(new SimpleBlockResult(PRF_legacy(parameters, outputLength, md5Hmac, sha1HMac)));
}
public byte[] Generate(byte[] agreed)
{
IMac prfMac;
if (prfAlgorithm == FipsPrfAlgorithm.AesCMac)
{
Internal.IBlockCipher aesEng = FipsAes.ENGINE_PROVIDER.CreateEngine(EngineUsage.GENERAL);
aesEng.Init(true, new KeyParameter(salt ?? new byte[16]));
prfMac = new CMac(aesEng);
prfMac.Init(null);
}
else
{
prfMac = FipsShs.CreateHmac((DigestAlgorithm)prfAlgorithm.BaseAlgorithm);
prfMac.Init(new KeyParameter(salt ?? new byte[((HMac)prfMac).GetUnderlyingDigest().GetByteLength()]));
}
byte[] mac = Macs.DoFinal(prfMac, agreed, 0, agreed.Length);
// ZEROIZE
Arrays.Fill(agreed, (byte)0);
return(mac);
}
internal HMacDRBGProvider(FipsDigestAlgorithm algorithm, byte[] nonce, byte[] personalizationString, int securityStrength, byte[] primaryAdditionalInput)
{
CryptoStatus.IsReady();
this.hMac = FipsShs.CreateHmac(algorithm);
this.nonce = nonce;
this.personalizationString = personalizationString;
this.securityStrength = securityStrength;
this.primaryAdditionalInput = primaryAdditionalInput;
}
public IPasswordBasedDeriver <Parameters> Build()
{
Parameters parameters = new Parameters(digestAlgorithm, converter, password, iterationCount, salt);
Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator(FipsShs.CreateHmac(parameters.Prf));
gen.Init(parameters.Password, parameters.Salt, parameters.IterationCount);
return(new PasswordBasedDeriver <Parameters>(parameters, gen));
}
private static byte[] PRF(TlsKdfWithPrfParameters parameters, int size)
{
byte[] label = Strings.ToByteArray(parameters.Label);
byte[] labelSeed = Arrays.Concatenate(label, parameters.SeedMaterial);
IMac prfMac = FipsShs.CreateHmac(parameters.Prf);
byte[] buf = new byte[size];
hmac_hash(prfMac, parameters.Secret, labelSeed, buf);
return(buf);
}