protected virtual KeyParameter InitRecordMac(ChaChaEngine cipher, bool forEncryption, long seqNo) { byte[] array = new byte[8]; TlsUtilities.WriteUint64(seqNo, array, 0); cipher.Init(forEncryption, new ParametersWithIV(null, array)); byte[] array2 = new byte[64]; cipher.ProcessBytes(array2, 0, array2.Length, array2, 0); Array.Copy(array2, 0, array2, 32, 16); KeyParameter keyParameter = new KeyParameter(array2, 16, 32); Poly1305KeyGenerator.Clamp(keyParameter.GetKey()); return(keyParameter); }
protected virtual KeyParameter GenerateRecordMacKey(IStreamCipher cipher) { byte[] firstBlock = new byte[64]; cipher.ProcessBytes(firstBlock, 0, firstBlock.Length, firstBlock, 0); // NOTE: The BC implementation puts 'r' after 'k' Array.Copy(firstBlock, 0, firstBlock, 32, 16); Poly1305KeyGenerator.Clamp(firstBlock, 16); KeyParameter macKey = new KeyParameter(firstBlock, 16, 32); Arrays.Fill(firstBlock, (byte)0); return(macKey); }
private void testKeyGenerator() { CipherKeyGenerator gen = new Poly1305KeyGenerator(); gen.Init(new KeyGenerationParameters(new SecureRandom(), 256)); byte[] k = gen.GenerateKey(); if (k.Length != 32) { Fail("Poly1305 key should be 256 bits."); } try { Poly1305KeyGenerator.CheckKey(k); } catch (ArgumentException) { Fail("Poly1305 key should be Clamped on generation."); } byte[] k2 = new byte[k.Length]; Array.Copy(k, 0, k2, 0, k2.Length); Poly1305KeyGenerator.Clamp(k); if (!Arrays.AreEqual(k, k2)) { Fail("Poly1305 key should be Clamped on generation."); } /* * try * { * k2[19] = (byte)0xff; * Poly1305KeyGenerator.CheckKey(k2); * Fail("UnClamped key should fail check."); * } * catch (ArgumentException) * { * // Expected * } */ }