public static void TestOneStep(string ikm, string salt, string info, string expectedPrk, string expectedOkm) { var a = new HkdfSha256(); using (var s = SharedSecret.Import(ikm.DecodeHex())) { var actualOkm = a.DeriveBytes(s, salt.DecodeHex(), info.DecodeHex(), expectedOkm.DecodeHex().Length); Assert.Equal(expectedOkm.DecodeHex(), actualOkm); } }
public Key CreateAes256GcmSymmetricKey(byte[] clientPublicKeyBytes, Key serverKey) { var keyDerivationAlgorithm = new HkdfSha256(); //Import clientPublicKey from bytes PublicKey clientPublicKey = PublicKey.Import(keyAgreementAlgorithm, clientPublicKeyBytes, KeyBlobFormat.RawPublicKey); //Create SharedSecret SharedSecret sharedSecretServer = keyAgreementAlgorithm.Agree(serverKey, clientPublicKey); //Convert sharedSecret to bytes var sharedSecretBytes = keyDerivationAlgorithm.DeriveBytes(sharedSecretServer, null, null, sharedSecretServer.Size); //Create symmetric key from sharedSecret bytes return(Key.Import(aeadAlgorithm, sharedSecretBytes, KeyBlobFormat.RawSymmetricKey)); }