/// <summary>
/// Derives cipher (encryption) and MAC (authentication) keys
/// from a single pre-key using a key derivation function.
/// </summary>
/// <param name="preKey">Pre-key to stretch.</param>
/// <param name="cipherKeySize">Cipher key size in bytes.</param>
/// <param name="macKeySize">MAC key size in bytes.</param>
/// <param name="kdfConfig">Key derivation function configuration.</param>
/// <param name="cipherKey">Cipher key.</param>
/// <param name="macKey">MAC key.</param>
public static void DeriveWorkingKeys(byte[] preKey, int cipherKeySize, int macKeySize,
KeyDerivationConfiguration kdfConfig, out byte[] cipherKey, out byte[] macKey)
{
// Derive the key which will be used for encrypting the manifest
byte[] stretchedKeys =
KdfFactory.DeriveKeyWithKdf(kdfConfig.FunctionName.ToEnum <KeyDerivationFunction>(),
preKey, kdfConfig.Salt, cipherKeySize + macKeySize,
kdfConfig.FunctionConfiguration);
// Retrieve the working encryption & authentication subkeys from the stretched manifest key
cipherKey = new byte[cipherKeySize];
macKey = new byte[macKeySize];
stretchedKeys.CopyBytes_NoChecks(0, cipherKey, 0, cipherKeySize);
stretchedKeys.CopyBytes_NoChecks(cipherKeySize, macKey, 0, macKeySize);
// Clear the pre-key and stretched manifest working combination key from memory
preKey.SecureWipe();
stretchedKeys.SecureWipe();
}
public byte[] DeriveKey(byte[] key, int outputSize, KeyDerivationConfiguration config)
{
return(DeriveKeyWithConfig(key, config.Salt, outputSize, config.FunctionConfiguration));
}
