コード例 #1
0
        /// <summary>
        /// Here we generate the key from random data, then we will use the TLS 1.3 Expand function to ensure that
        /// if there is a weakness in our randoms it is harder to reverse
        /// </summary>
        private void GenerateKeys(SecretSchedulePool pool, int numberOfKeys)
        {
            var buffer = pool.GetKeyBuffer();

            //We use the crypto random function to fill the key buffer initially
            _cryptoProvider.FillWithRandom(buffer.Span);
            //We use the Hkdf expand method to make it harder to exploit any weakness in the random number generator
            _cryptoProvider.HashProvider.HkdfExpandLabel(HashType.SHA512, buffer.Span, _ticketLabel, new ReadOnlySpan <byte>(), buffer.Span);
            _keys.Add(_cryptoProvider.BulkCipherProvider.GetCipherKey(_cipherType, buffer));
            for (var i = 0; i < (numberOfKeys - 1); i++)
            {
                var newBuffer = pool.GetKeyBuffer();
                buffer.Memory.Span.CopyTo(newBuffer.Memory.Span);
                _keys.Add(_cryptoProvider.BulkCipherProvider.GetCipherKey(_cipherType, newBuffer));
            }
        }
コード例 #2
0
        public EphemeralSessionProvider(ICryptoProvider provider, BulkCipherType cipherType, SecretSchedulePool secretPool)
        {
            _cryptoProvider = provider;
            _cipherType     = cipherType;
            var keyBuffer = secretPool.GetKeyBuffer();

            _key     = GenerateKey(keyBuffer);
            _keyGuid = Guid.NewGuid();
        }