/// <summary> /// Returns the string to pass to the platform APIs for a given algorithm. /// </summary> /// <param name="algorithm">The algorithm desired.</param> /// <returns>The platform-specific string to pass to OpenAlgorithm.</returns> private static string GetAlgorithmName(KeyDerivationAlgorithm algorithm) { switch (algorithm) { case KeyDerivationAlgorithm.Pbkdf2Md5: return(Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Md5); case KeyDerivationAlgorithm.Pbkdf2Sha1: return(Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Sha1); case KeyDerivationAlgorithm.Pbkdf2Sha256: return(Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Sha256); case KeyDerivationAlgorithm.Pbkdf2Sha384: return(Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Sha384); case KeyDerivationAlgorithm.Pbkdf2Sha512: return(Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Sha512); case KeyDerivationAlgorithm.Sp800108CtrHmacMd5: return(Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacMd5); case KeyDerivationAlgorithm.Sp800108CtrHmacSha1: return(Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacSha1); case KeyDerivationAlgorithm.Sp800108CtrHmacSha256: return(Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacSha256); case KeyDerivationAlgorithm.Sp800108CtrHmacSha384: return(Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacSha384); case KeyDerivationAlgorithm.Sp800108CtrHmacSha512: return(Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacSha512); case KeyDerivationAlgorithm.Sp80056aConcatMd5: return(Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatMd5); case KeyDerivationAlgorithm.Sp80056aConcatSha1: return(Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatSha1); case KeyDerivationAlgorithm.Sp80056aConcatSha256: return(Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatSha256); case KeyDerivationAlgorithm.Sp80056aConcatSha384: return(Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatSha384); case KeyDerivationAlgorithm.Sp80056aConcatSha512: return(Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatSha512); default: throw new NotSupportedException(); } }
public static void DeriveBytesWithUnusedSalt(KeyDerivationAlgorithm a) { if (!a.SupportsSalt) { var x = KeyAgreementAlgorithm.X25519; using (var k = new Key(x)) using (var s = x.Agree(k, k.PublicKey)) { Assert.Throws <ArgumentException>("salt", () => a.DeriveBytes(s, new byte[1], ReadOnlySpan <byte> .Empty, 0)); } } }
public void KeyDerivation_Pbkdf2(KeyDerivationAlgorithm algorithmName) { IKeyDerivationAlgorithmProvider?provider = WinRTCrypto.KeyDerivationAlgorithmProvider.OpenAlgorithm(algorithmName); ICryptographicKey?originalKey = provider.CreateKey(Encoding.UTF8.GetBytes("my secret")); var salt = WinRTCrypto.CryptographicBuffer.GenerateRandom(32); const int iterationCount = 2; IKeyDerivationParameters?parameters = WinRTCrypto.KeyDerivationParameters.BuildForPbkdf2(salt, iterationCount); const int desiredKeySize = 8; byte[] derivedKey = WinRTCrypto.CryptographicEngine.DeriveKeyMaterial(originalKey, parameters, desiredKeySize); Assert.Equal(desiredKeySize, derivedKey.Length); this.logger.WriteLine("Derived key: {0}", Convert.ToBase64String(derivedKey)); }
public static void DeriveBytesWithSpanTooLarge(KeyDerivationAlgorithm a) { var x = KeyAgreementAlgorithm.X25519; if (a.MaxCount == int.MaxValue) { return; } using (var k = new Key(x)) using (var s = x.Agree(k, k.PublicKey)) { Assert.Throws <ArgumentException>("bytes", () => a.DeriveBytes(s, ReadOnlySpan <byte> .Empty, ReadOnlySpan <byte> .Empty, new byte[a.MaxCount + 1])); } }
public static void DeriveBytesWithSaltOverlapping(KeyDerivationAlgorithm a) { var x = KeyAgreementAlgorithm.X25519; if (!a.SupportsSalt) { return; } using (var k = new Key(x)) using (var s = x.Agree(k, k.PublicKey)) { var b = new byte[200]; Assert.Throws <ArgumentException>("bytes", () => a.DeriveBytes(s, b.AsSpan(10, 100), ReadOnlySpan <byte> .Empty, b.AsSpan(60, 100))); Assert.Throws <ArgumentException>("bytes", () => a.DeriveBytes(s, b.AsSpan(60, 100), ReadOnlySpan <byte> .Empty, b.AsSpan(10, 100))); } }
/// <summary> /// Returns the string to pass to the platform APIs for a given algorithm. /// </summary> /// <param name="algorithm">The algorithm desired.</param> /// <returns>The platform-specific string to pass to OpenAlgorithm.</returns> private static string GetAlgorithmName(KeyDerivationAlgorithm algorithm) { switch (algorithm) { case KeyDerivationAlgorithm.Pbkdf2Md5: return Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Md5; case KeyDerivationAlgorithm.Pbkdf2Sha1: return Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Sha1; case KeyDerivationAlgorithm.Pbkdf2Sha256: return Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Sha256; case KeyDerivationAlgorithm.Pbkdf2Sha384: return Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Sha384; case KeyDerivationAlgorithm.Pbkdf2Sha512: return Platform.Core.KeyDerivationAlgorithmNames.Pbkdf2Sha512; case KeyDerivationAlgorithm.Sp800108CtrHmacMd5: return Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacMd5; case KeyDerivationAlgorithm.Sp800108CtrHmacSha1: return Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacSha1; case KeyDerivationAlgorithm.Sp800108CtrHmacSha256: return Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacSha256; case KeyDerivationAlgorithm.Sp800108CtrHmacSha384: return Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacSha384; case KeyDerivationAlgorithm.Sp800108CtrHmacSha512: return Platform.Core.KeyDerivationAlgorithmNames.Sp800108CtrHmacSha512; case KeyDerivationAlgorithm.Sp80056aConcatMd5: return Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatMd5; case KeyDerivationAlgorithm.Sp80056aConcatSha1: return Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatSha1; case KeyDerivationAlgorithm.Sp80056aConcatSha256: return Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatSha256; case KeyDerivationAlgorithm.Sp80056aConcatSha384: return Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatSha384; case KeyDerivationAlgorithm.Sp80056aConcatSha512: return Platform.Core.KeyDerivationAlgorithmNames.Sp80056aConcatSha512; default: throw new NotSupportedException(); } }
public void CreateKey(KeyDerivationAlgorithm algorithmName, string result) { this.logger.WriteLine("Testing algorithm: {0}", algorithmName); IKeyDerivationAlgorithmProvider?algorithm = WinRTCrypto.KeyDerivationAlgorithmProvider.OpenAlgorithm(algorithmName); ICryptographicKey key = algorithm.CreateKey(this.originalKey); Assert.NotNull(key); Assert.Equal(this.originalKey.Length * 8, key.KeySize); IKeyDerivationParameters parameters = WinRTCrypto.KeyDerivationParameters.BuildForPbkdf2(this.salt, this.iterations); Assert.Equal(this.iterations, parameters.IterationCount); CollectionAssertEx.AreEqual(this.salt, parameters.KdfGenericBinary); try { byte[] keyMaterial = WinRTCrypto.CryptographicEngine.DeriveKeyMaterial(key, parameters, 20); Assert.Equal(result, Convert.ToBase64String(keyMaterial)); } catch (NotSupportedException) { this.logger.WriteLine(" - Not supported on this platform"); } }
/// <summary> /// Initializes a new instance of the <see cref="KeyDerivationAlgorithmProvider"/> class. /// </summary> /// <param name="algorithm">The algorithm.</param> internal KeyDerivationAlgorithmProvider(KeyDerivationAlgorithm algorithm) { this.algorithm = algorithm; }
/// <summary> /// Initializes a new instance of the <see cref="KeyDerivationAlgorithmProvider"/> class. /// </summary> /// <param name="algorithm">The algorithm.</param> internal KeyDerivationAlgorithmProvider(KeyDerivationAlgorithm algorithm) { this.algorithm = algorithm; }
/// <inheritdoc /> public IKeyDerivationAlgorithmProvider OpenAlgorithm(KeyDerivationAlgorithm algorithm) { return new KeyDerivationAlgorithmProvider(algorithm); }
/// <summary> /// Initializes a new instance of the <see cref="KeyDerivationCryptographicKey"/> class. /// </summary> /// <param name="algorithm">The algorithm to use when deriving a cryptographic key.</param> /// <param name="key">The key.</param> internal KeyDerivationCryptographicKey(KeyDerivationAlgorithm algorithm, byte[] key) { Requires.NotNull(key, "key"); this.algorithm = algorithm; this.key = key; }