protected override void RestoreSymmertricKey(byte[] sharedSecretBytes) { byte[] merchantIdentifier = GetHashSha256Bytes(parameters.MerchantIdentifier); ConcatenationKdfGenerator generator = new ConcatenationKdfGenerator(new Sha256Digest()); byte[] algorithmIdBytes = Encoding.UTF8.GetBytes((char)0x0d + "id-aes256-GCM"); byte[] partyUInfoBytes = Encoding.UTF8.GetBytes("Apple"); byte[] partyVInfoBytes = merchantIdentifier; byte[] otherInfoBytes = Combine(Combine(algorithmIdBytes, partyUInfoBytes), partyVInfoBytes); generator.Init(new KdfParameters(sharedSecretBytes, otherInfoBytes)); EncryptionKeyBytes = new byte[32]; generator.GenerateBytes(EncryptionKeyBytes, 0, EncryptionKeyBytes.Length); }
static byte[] DeriveKey(IDictionary <string, object> header, int cekSizeBits, ECPublicKeyParameters externalPublicKey, ECPrivateKeyParameters ephemeralPrvKey) { var z = EcdhKeyAgreementZ(externalPublicKey, ephemeralPrvKey); var kdfGen = new ConcatenationKdfGenerator(new Sha256Digest()); byte[] algId = Encoding.ASCII.GetBytes(header["enc"].ToString()); byte[] apu = header.ContainsKey("apu") ? Base64Url.Decode((string)header["apu"]) : Arrays.Empty; byte[] apv = header.ContainsKey("apv") ? Base64Url.Decode((string)header["apv"]) : Arrays.Empty; byte[] kdl = CalcBeLengthArray(cekSizeBits); var otherInfo = Arrays.Concat(PrependLength(algId), PrependLength(apu), PrependLength(apv), kdl); //Console.Out.WriteLine($"otherInfo={VAU.ByteArrayToHexString(otherInfo)}"); kdfGen.Init(new KdfParameters(z, otherInfo)); byte[] secretKeyBytes = new byte[32]; kdfGen.GenerateBytes(secretKeyBytes, 0, secretKeyBytes.Length); return(secretKeyBytes); }
public IKdfCalculator <AgreementKdfParameters> From(byte[] shared) { AgreementKdfParameters parameters = new AgreementKdfParameters(new FipsKdfAlgorithm(algorithm, prf), shared, iv); if (parameters.Algorithm.Kdf == X963.Algorithm) { IDerivationFunction df = new Kdf2BytesGenerator(FipsShs.CreateDigest((FipsDigestAlgorithm)parameters.Prf.BaseAlgorithm)); df.Init(new KdfParameters(parameters.GetShared(), parameters.GetIV())); return(new AgreementKdfCalculator(parameters, df)); } else { IDerivationFunction df = new ConcatenationKdfGenerator(FipsShs.CreateDigest((FipsDigestAlgorithm)parameters.Prf.BaseAlgorithm)); df.Init(new KdfParameters(parameters.GetShared(), parameters.GetIV())); return(new AgreementKdfCalculator(parameters, df)); } }