public unsafe void DeriveMasterSecretTls12(IHashProvider hashProvider, HashType hashType, void *seed, int seedLength, void *output, int outputLength) { var ctx = EVP_PKEY_CTX_new(_eKey, IntPtr.Zero); try { ThrowOnError(EVP_PKEY_derive_init(ctx)); ThrowOnError(EVP_PKEY_derive_set_peer(ctx, _clientKey)); IntPtr len = IntPtr.Zero; ThrowOnError(EVP_PKEY_derive(ctx, null, ref len)); var data = stackalloc byte[len.ToInt32()]; ThrowOnError(EVP_PKEY_derive(ctx, data, ref len)); var newSeed = stackalloc byte[seedLength + Tls1_2Consts.MasterSecretLabelSize]; var sSpan = new Span <byte>(newSeed, seedLength + Tls1_2Consts.MasterSecretLabelSize); var masterSpan = Tls1_2Consts.GetMasterSecretSpan(); masterSpan.CopyTo(sSpan); var seedSpan = new Span <byte>(seed, seedLength); seedSpan.CopyTo(sSpan.Slice(masterSpan.Length)); PrfFunctions.P_Hash12(hashProvider, hashType, new Span <byte>(output, outputLength), data, len.ToInt32(), sSpan); Dispose(); } finally { ctx.Free(); } }
public unsafe void CalculateClientFinished() { var hashResult = stackalloc byte[_state.HandshakeHash.HashSize + Tls1_2Consts.ClientFinishedLabelSize]; var seed = new Span <byte>(hashResult, _state.HandshakeHash.HashSize + Tls1_2Consts.ClientFinishedLabelSize); _state.HandshakeHash.InterimHash(hashResult + Tls1_2Consts.ClientFinishedLabelSize, _state.HandshakeHash.HashSize); var finishedLabel = Tls1_2Consts.GetClientFinishedSpan(); finishedLabel.CopyTo(seed); PrfFunctions.P_Hash12(_state.CryptoProvider.HashProvider, _state.CipherSuite.HashType, _clientSpan, _masterSecret, Tls1_2Consts.MASTER_SECRET_LENGTH, seed); }
public void GenerateKeyMaterial() { _materialLength = (_state.CryptoProvider.CipherProvider.GetKeySize(_state.CipherSuite.BulkCipherType) * 2) + 4 * 2; var seedLength = Tls1_2Consts.KeyExpansionLabelSize + Hello.RandomLength * 2; var seed = stackalloc byte[seedLength]; var seedSpan = new Span <byte>(seed, seedLength); Tls1_2Consts.GetKeyExpansionSpan().CopyTo(seedSpan); ServerRandom.CopyTo(seedSpan.Slice(Tls1_2Consts.KeyExpansionLabelSize)); ClientRandom.CopyTo(seedSpan.Slice(Tls1_2Consts.KeyExpansionLabelSize + Hello.RandomLength)); var materialSpan = new Span <byte>(_keyData, _materialLength); PrfFunctions.P_Hash12(_state.CryptoProvider.HashProvider, _state.CipherSuite.HashType, materialSpan, _masterSecret, Tls1_2Consts.MASTER_SECRET_LENGTH, seedSpan); }
public void CompareClientFinishedGenerateServerFinished(ReadableBuffer buffer) { _state.HandshakeHash.HashData(buffer); buffer = buffer.Slice(4); var result = CompareFunctions.ConstantTimeEquals(_clientSpan, buffer); var hashResult = stackalloc byte[_state.HandshakeHash.HashSize + Tls1_2Consts.ServerFinishedLabelSize]; var seed = new Span <byte>(hashResult, _state.HandshakeHash.HashSize + Tls1_2Consts.ServerFinishedLabelSize); _state.HandshakeHash.InterimHash(hashResult + Tls1_2Consts.ServerFinishedLabelSize, _state.HandshakeHash.HashSize); var finishedLabel = Tls1_2Consts.GetServerFinishedSpan(); finishedLabel.CopyTo(seed); PrfFunctions.P_Hash12(_state.CryptoProvider.HashProvider, _state.CipherSuite.HashType, _serverSpan, _masterSecret, Tls1_2Consts.MASTER_SECRET_LENGTH, seed); }