public static void HashWithKeySuccess()
{
var a = new Blake2bMac();
using (var k = new Key(a))
{
var b = a.Mac(k, ReadOnlySpan <byte> .Empty);
Assert.NotNull(b);
Assert.Equal(a.DefaultMacSize, b.Length);
}
}
public static void Properties()
{
var a = new Blake2bMac();
Assert.Equal(16, a.MinKeySize);
Assert.Equal(32, a.DefaultKeySize);
Assert.Equal(64, a.MaxKeySize);
Assert.Equal(16, a.MinMacSize);
Assert.Equal(32, a.DefaultMacSize);
Assert.Equal(64, a.MaxMacSize);
}
public static void CreateKey()
{
var a = new Blake2bMac();
using (var k = new Key(a, KeyExportPolicies.AllowPlaintextArchiving))
{
var actual = k.Export(KeyBlobFormat.RawSymmetricKey);
var unexpected = new byte[actual.Length];
Utilities.Fill(unexpected, actual[0]);
Assert.NotEqual(unexpected, actual);
}
}
private static void Mac()
{
// This is an example of hashing byte[] using PinnedMemory. This is the best method as it protects bytes during creation of the mac
// and not just the output. It will also zero bytes after there written. However, raw byte[] is also accepted as shown in the commented version.
var digest = new Blake2bMac(new PinnedMemory <byte>(new byte[] { 63, 61, 77, 20, 63, 61, 77 }, false));
using var exampleHash = new PinnedMemory <byte>(new byte[digest.GetLength()]);
// digest.UpdateBlock(new byte[] {63, 61, 77, 20, 63, 61, 77, 20, 63, 61, 77}, 0, 11); // This may be exposed without being pinned.
digest.UpdateBlock(new PinnedMemory <byte>(new byte[] { 63, 61, 77, 20, 63, 61, 77, 20, 63, 61, 77 }, false),
0, 11);
digest.DoFinal(exampleHash, 0);
Console.WriteLine(BitConverter.ToString(exampleHash.ToArray()));
}
public static void ExportImportRaw(int keySize)
{
var a = new Blake2bMac();
var b = Utilities.RandomBytes.Slice(0, keySize);
using (var k = Key.Import(a, b, KeyBlobFormat.RawSymmetricKey, KeyExportPolicies.AllowPlaintextArchiving))
{
Assert.Equal(KeyExportPolicies.AllowPlaintextArchiving, k.ExportPolicy);
var expected = b.ToArray();
var actual = k.Export(KeyBlobFormat.RawSymmetricKey);
Assert.Equal(expected, actual);
}
}
public static void ExportImportRaw(int keySize, int macSize)
{
var a = new Blake2bMac(keySize, macSize);
var b = Utilities.RandomBytes.Slice(0, keySize);
Assert.Equal(keySize, a.KeySize);
Assert.Equal(macSize, a.MacSize);
using var k = Key.Import(a, b, KeyBlobFormat.RawSymmetricKey, new KeyCreationParameters { ExportPolicy = KeyExportPolicies.AllowPlaintextArchiving });
Assert.Equal(KeyExportPolicies.AllowPlaintextArchiving, k.ExportPolicy);
var expected = b.ToArray();
var actual = k.Export(KeyBlobFormat.RawSymmetricKey);
Assert.Equal(expected, actual);
}
public static void Mac()
{
var digest = new Blake2bMac(new PinnedMemory <byte>(new byte[] { 63, 61, 77, 20, 63, 61, 77 }, false));
// This is a common, but could be unsafe example of dealing with strings from a form using text encoding.
using var exampleHash = new PinnedMemory <byte>(new byte[digest.GetLength()]);
var unsafeCaw = "caw caw caw"; // this is unsafe because string's can't be pinned and are subject to garbage collection, and being written to disk (pagefile).
var caw = new PinnedMemory <byte>(Encoding.UTF8.GetBytes(unsafeCaw), false); // this is now safe but ONLY the variable caw, unsafeCaw is STILL exposed.
unsafeCaw = string.Empty; // unsafeCaw COULD STILL exposed even tho we set it to empty because this depends on garbage collection getting around to clearing it.
digest.UpdateBlock(caw, 0, caw.Length);
digest.DoFinal(exampleHash, 0);
Console.WriteLine(BitConverter.ToString(exampleHash.ToArray()));
// This is a more uncommon but should be safer example of how to use strings with SecureString for input.
using var exampleHash2 = new PinnedMemory <byte>(new byte[digest.GetLength()]);
var secureCaw = new SecureString();
secureCaw.AppendChar('c');
secureCaw.AppendChar('a');
secureCaw.AppendChar('w');
secureCaw.AppendChar(' ');
secureCaw.AppendChar('c');
secureCaw.AppendChar('a');
secureCaw.AppendChar('w');
secureCaw.AppendChar(' ');
secureCaw.AppendChar('c');
secureCaw.AppendChar('a');
secureCaw.AppendChar('w');
secureCaw.MakeReadOnly();
using var pinnedCaw = new PinnedMemory <char>(new char[secureCaw.Length]);
var cawPointer = Marshal.SecureStringToBSTR(secureCaw);
for (var i = 0; i <= secureCaw.Length - 1; i++)
{
var c = (char)Marshal.ReadByte(cawPointer, i * 2);
pinnedCaw[i] = c;
}
using var pinnedCawBytes = new PinnedMemory <byte>(Encoding.UTF8.GetBytes(pinnedCaw.ToArray()), false);
digest.UpdateBlock(pinnedCawBytes, 0, secureCaw.Length);
digest.DoFinal(exampleHash2, 0);
Console.WriteLine(BitConverter.ToString(exampleHash2.ToArray()));
}
public static void Properties()
{
var a = new Blake2bMac();
Assert.Equal(16, Blake2bMac.MinKeySize);
Assert.Equal(64, Blake2bMac.MaxKeySize);
Assert.Equal(16, Blake2bMac.MinMacSize);
Assert.Equal(64, Blake2bMac.MaxMacSize);
Assert.Equal(32, a.KeySize);
Assert.Equal(32, a.MacSize);
Assert.Equal(32, MacAlgorithm.Blake2b_128.KeySize);
Assert.Equal(16, MacAlgorithm.Blake2b_128.MacSize);
Assert.Equal(32, MacAlgorithm.Blake2b_256.KeySize);
Assert.Equal(32, MacAlgorithm.Blake2b_256.MacSize);
Assert.Equal(32, MacAlgorithm.Blake2b_512.KeySize);
Assert.Equal(64, MacAlgorithm.Blake2b_512.MacSize);
}
public static void HashWithNullKey()
{
var a = new Blake2bMac();
Assert.Throws <ArgumentNullException>("key", () => a.Mac(null, ReadOnlySpan <byte> .Empty));
}