private uint[] SecureExpand(byte[] Key) { // expanded key size int keySize = 4 * (m_rndCount + 1); // hkdf return array int keyBytes = keySize * 4; byte[] rawKey = new byte[keyBytes]; HKDF gen = new HKDF(m_kdfExtractor); // change 1.2: use extract only on an oversized key if (Key.Length > m_kdfExtractor.BlockSize) { // seperate salt and key m_kdfKeySize = m_kdfExtractor.BlockSize; byte[] kdfKey = new byte[m_kdfKeySize]; Buffer.BlockCopy(Key, 0, kdfKey, 0, m_kdfKeySize); int saltSize = Key.Length - m_kdfKeySize; byte[] kdfSalt = new byte[saltSize]; Buffer.BlockCopy(Key, m_kdfKeySize, kdfSalt, 0, saltSize); // info can be null gen.Initialize(kdfKey, kdfSalt, m_kdfInfo); } else { if (m_kdfInfo.Length != 0) { gen.Info = m_kdfInfo; } gen.Initialize(Key); } gen.Generate(rawKey); gen.Dispose(); // initialize working key uint[] expKey = new uint[keySize]; // copy bytes to working key Buffer.BlockCopy(rawKey, 0, expKey, 0, keyBytes); return(expKey); }