public void Rfc5869DeriveOutputLengthLessThanZero()
{
byte[] ikm = new byte[20];
AssertExtensions.Throws <ArgumentOutOfRangeException>(
"outputLength",
() => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, -1, Array.Empty <byte>(), Array.Empty <byte>()));
}
public void Rfc5869DeriveKeyOkmPotentiallyOverflowingValue()
{
byte[] ikm = new byte[20];
AssertExtensions.Throws <ArgumentOutOfRangeException>(
"outputLength",
() => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, 8421505, Array.Empty <byte>(), Array.Empty <byte>()));
}
public async Task ConvertDownlink(IDuplexPipe client, IDuplexPipe server)
{
using var down = cryptoParameter.GetCrypto();
var pmp = new ProtocolMessagePipe(server);
var salt = await pmp.ReadAsync(new SaltMessage(cryptoParameter.KeySize));
var key = new byte[cryptoParameter.KeySize];
HKDF.DeriveKey(HashAlgorithmName.SHA1, mainKey, key, salt.Salt.Span, _ssSubKeyInfo);
down.Init(key, null);
Memory <byte> nonce = new byte[cryptoParameter.NonceSize];
nonce.Span.Fill(0);
while (true)
{
try
{
var block = await pmp.ReadAsync(new AeadBlockMessage(down, nonce, cryptoParameter));
await client.Output.WriteAsync(block.Data);
client.Output.Advance(block.Data.Length);
}
catch (FormatException)
{
return;
}
}
}
public void TestCases(TestCaseData testCaseData)
{
using var hkdf = new HKDF(testCaseData.Algorithm);
var actualKeyingMaterial = hkdf.DeriveKey(testCaseData.InitialKeyingMaterial, testCaseData.Salt, testCaseData.Info, testCaseData.Length);
Assert.Equal(testCaseData.ExpectedKeyingMaterial, actualKeyingMaterial.ToArray());
}
public void Rfc5869DeriveKeyOkmMaxSizePlusOne()
{
byte[] ikm = new byte[20];
AssertExtensions.Throws <ArgumentOutOfRangeException>(
"outputLength",
() => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, 20 * 255 + 1, Array.Empty <byte>(), Array.Empty <byte>()));
}
public static byte[] DeriveKey(byte[] sharedKey, int rounds)
{
if (sharedKey == null || sharedKey.Length <= 0)
{
throw new ArgumentNullException("Key");
}
if (rounds < 0)
{
throw new ArgumentException("Rounds has to be greater than 0");
}
byte[] hashedkey;
using (SHA256 sha256Hash = SHA256.Create())
{
byte[] key = sha256Hash.ComputeHash(sharedKey);
hashedkey = new byte[32];
for (int i = 0; i < rounds; i++)
{
hashedkey = HKDF.DeriveKey(HashAlgorithmName.SHA256, hashedkey, hashedkey.Length);
}
}
return(hashedkey);
}
public void Rfc5869DeriveKeySpanOkmMaxSizePlusOne()
{
byte[] ikm = new byte[20];
byte[] okm = new byte[20 * 255 + 1];
AssertExtensions.Throws <ArgumentException>(
"output",
() => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, okm, Array.Empty <byte>(), Array.Empty <byte>()));
}
public void Rfc5869DeriveKeySpanOkmPotentiallyOverflowingValue()
{
byte[] ikm = new byte[20];
byte[] okm = new byte[8421505];
AssertExtensions.Throws <ArgumentException>(
"output",
() => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, okm, Array.Empty <byte>(), Array.Empty <byte>()));
}
void DeriveSubKey(byte[] materKey, byte[] salt, byte[] info, byte[] subkeyBuffer, int subKeyLength)
{
//Throw.IfNull(() => materKey);
//Throw.IfNull(() => salt);
//Throw.IfNull(() => info);
var k = HKDF.DeriveKey(HashAlgorithmName.SHA1, materKey, subKeyLength, salt, info);
Buffer.BlockCopy(k, 0, subkeyBuffer, 0, k.Length);
}
public void Rfc5869DeriveKeyOutputLengthZero()
{
byte[] ikm = new byte[20];
byte[] okm = new byte[0];
AssertExtensions.Throws <ArgumentException>(
"output",
() => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, okm, Array.Empty <byte>(), Array.Empty <byte>()));
}
public void NET()
{
Span <byte> output = stackalloc byte[82];
for (var i = 0; i < Max; ++i)
{
HKDF.DeriveKey(HashAlgorithmName.SHA256, _ikm, output, _salt, _info);
}
}
public virtual void InitCipher(byte[] salt, bool isEncrypt)
{
this.salt = new byte[saltLen];
Array.Copy(salt, this.salt, saltLen);
HKDF.DeriveKey(HashAlgorithmName.SHA1, masterKey, sessionKey, salt, InfoBytes);
this.Log().Debug($"salt {instanceId}", salt, saltLen);
this.Log().Debug($"sessionkey {instanceId}", sessionKey, keyLen);
}
public async Task ConvertUplink(IDuplexPipe client, IDuplexPipe server)
{
using var up = cryptoParameter.GetCrypto();
var pmp = new ProtocolMessagePipe(server);
var salt = new SaltMessage(16, true);
await pmp.WriteAsync(salt);
var key = new byte[cryptoParameter.KeySize];
HKDF.DeriveKey(HashAlgorithmName.SHA1, mainKey, key, salt.Salt.Span, _ssSubKeyInfo);
up.Init(key, null);
Memory <byte> nonce = new byte[cryptoParameter.NonceSize];
nonce.Span.Fill(0);
// TODO write salt with data
while (true)
{
var result = await client.Input.ReadAsync();
if (result.IsCanceled || result.IsCompleted)
{
return;
}
// TODO compress into one chunk when possible
foreach (var item in result.Buffer)
{
foreach (var i in SplitBigChunk(item))
{
await pmp.WriteAsync(new AeadBlockMessage(up, nonce, cryptoParameter)
{
// in send routine, Data is readonly
Data = MemoryMarshal.AsMemory(i),
});
}
}
client.Input.AdvanceTo(result.Buffer.End);
}
}
protected override byte[] DeriveKey(HashAlgorithmName hash, byte[] ikm, int outputLength, byte[] salt, byte[] info)
{
byte[] output = new byte[outputLength];
HKDF.DeriveKey(hash, ikm, output, salt, info);
return(output);
}
public byte[] DeriveKey(byte[] KeyToDeriveFrom)
{
byte[] key = HKDF.DeriveKey(HashAlgorithm, KeyToDeriveFrom, KeySize >> 3, Salt);
return(key);
}
protected override byte[] DeriveKey(HashAlgorithmName hash, byte[] ikm, int outputLength, byte[] salt, byte[] info)
{
return(HKDF.DeriveKey(hash, ikm, outputLength, salt, info));
}
public void Rfc5869DeriveKeyNullIkm()
{
AssertExtensions.Throws <ArgumentNullException>(
"ikm",
() => HKDF.DeriveKey(HashAlgorithmName.SHA1, null, 20, Array.Empty <byte>(), Array.Empty <byte>()));
}
