/// <summary> /// Generates 32 bit 2nd Key based on key option selected /// </summary> /// <param name="MasterSeed">Seed used to generate the key from m_2Key</param> /// <param name="TransformSeed">Seed for key transformation</param> /// <param name="NumRounds">Iteration count of transformation</param> /// <returns></returns> public byte[] Get2ndKey32(byte[] Hash, byte[] MasterSeed, byte[] TransformSeed) { byte[] GeneratedKey = new byte[32]; byte[] HashBuffer = new byte[32 + 32 + 32]; // MasterSeed + DualKey + FirstStreamHash byte[] Key256Bits = null; byte[] pKey32 = null; try { Array.Copy(MasterSeed, 0, HashBuffer, 0, 32); KdfParameters KdfParams = new AesKdf().GetDefaultParameters(); KdfParams.SetUInt64(AesKdf.ParamRounds, Key2Transformations); KdfParams.SetByteArray(AesKdf.ParamSeed, TransformSeed); var Key2nd = Get2ndKey(); if (Key2nd == null) { throw new SecurityException("Invalid 2nd Key"); } ProtectedBinary pbinKey = Key2nd.GenerateKey32(KdfParams); if (pbinKey == null) { throw new SecurityException("Invalid Key"); } pKey32 = pbinKey.ReadData(); if ((pKey32 == null) || (pKey32.Length != 32)) { throw new SecurityException("Invalid Key Data"); } Array.Copy(pKey32, 0, HashBuffer, 32, 32); Array.Copy(Hash, 0, HashBuffer, 64, 32); SHA256Managed sha = new SHA256Managed(); Key256Bits = sha.ComputeHash(HashBuffer); Array.Copy(Key256Bits, GeneratedKey, 32); } finally { MemUtil.ZeroByteArray(HashBuffer); if (Key256Bits != null) { MemUtil.ZeroByteArray(Key256Bits); } if (pKey32 != null) { MemUtil.ZeroByteArray(pKey32); } } return(GeneratedKey); }
private byte[] GetKey() { byte[] ThreeDESKey = new byte[24]; MemoryStream ms = new MemoryStream(); ms.Write(m_MasterSeed, 0, 32); KdfParameters kdf = new AesKdf().GetDefaultParameters(); kdf.SetUInt64(AesKdf.ParamRounds, m_NumRounds); kdf.SetByteArray(AesKdf.ParamSeed, m_TransformSeed); ProtectedBinary pbinKey = m_2Key.GenerateKey32(kdf); if (pbinKey == null) { throw new SecurityException("Invalid Key"); } byte[] pKey32 = pbinKey.ReadData(); if ((pKey32 == null) || (pKey32.Length != 32)) { throw new SecurityException("Invalid Key Data"); } ms.Write(pKey32, 0, 32); byte[] sRandom = m_hash.Hash; ms.Write(sRandom, 0, sRandom.Length); SHA256Managed sha = new SHA256Managed(); byte[] Key256 = sha.ComputeHash(ms.ToArray()); Array.Copy(Key256, ThreeDESKey, ThreeDESKey.Length); ms.Close(); Array.Clear(pKey32, 0, 32); Array.Clear(Key256, 0, 32); return(ThreeDESKey); }