public static void ExtractWithEmptySalt() { const int HashLen = 256 / 8; var a = new HkdfSha256(); using (var s = SharedSecret.Import(ReadOnlySpan <byte> .Empty)) { var expected = a.Extract(s, new byte[HashLen]); var actual = a.Extract(s, ReadOnlySpan <byte> .Empty); Assert.Equal(expected, actual); } }
public static void Test(string privateKey, string publicKey, string sharedSecret) { var a = new X25519(); var kdf = new HkdfSha256(); using (var k = Key.Import(a, privateKey.DecodeHex(), KeyBlobFormat.RawPrivateKey)) using (var sharedSecretExpected = SharedSecret.Import(sharedSecret.DecodeHex())) using (var sharedSecretActual = a.Agree(k, PublicKey.Import(a, publicKey.DecodeHex(), KeyBlobFormat.RawPublicKey))) { var expected = kdf.Extract(sharedSecretExpected, ReadOnlySpan <byte> .Empty); var actual = kdf.Extract(sharedSecretActual, ReadOnlySpan <byte> .Empty); Assert.Equal(expected, actual); } }
public static void ExtractWithSpanWithSaltOverlapping() { var a = new HkdfSha256(); using (var s = SharedSecret.Import(ReadOnlySpan <byte> .Empty)) { var expected = new byte[a.PseudorandomKeySize]; var actual = Utilities.RandomBytes.Slice(0, a.PseudorandomKeySize).ToArray(); a.Extract(s, actual, expected); a.Extract(s, actual, actual); Assert.Equal(expected, actual); } }
public static void ExtractWithSpanWithEmptySalt() { const int HashLen = 256 / 8; var a = new HkdfSha256(); using (var s = SharedSecret.Import(ReadOnlySpan <byte> .Empty)) { var expected = new byte[a.PseudorandomKeySize]; var actual = new byte[expected.Length]; a.Extract(s, new byte[HashLen], expected); a.Extract(s, ReadOnlySpan <byte> .Empty, actual); Assert.Equal(expected, actual); } }
public static void ExtractWithSpanTooLong() { var a = new HkdfSha256(); using (var s = SharedSecret.Import(ReadOnlySpan <byte> .Empty)) { Assert.Throws <ArgumentException>("pseudorandomKey", () => a.Extract(s, ReadOnlySpan <byte> .Empty, new byte[a.PseudorandomKeySize + 1])); } }
public static void ExtractSuccess() { var a = new HkdfSha256(); using (var s = SharedSecret.Import(ReadOnlySpan <byte> .Empty)) { var expected = s_prkForEmpty.DecodeHex(); var actual = a.Extract(s, ReadOnlySpan <byte> .Empty); Assert.Equal(expected, actual); Assert.Equal(a.PseudorandomKeySize, actual.Length); } }
public static void TestTwoStep(string ikm, string salt, string info, string expectedPrk, string expectedOkm) { var a = new HkdfSha256(); using (var s = SharedSecret.Import(ikm.DecodeHex())) { var actualPrk = a.Extract(s, salt.DecodeHex()); Assert.Equal(expectedPrk.DecodeHex(), actualPrk); var actualOkm = a.Expand(actualPrk, info.DecodeHex(), expectedOkm.DecodeHex().Length); Assert.Equal(expectedOkm.DecodeHex(), actualOkm); } }
public static void ExtractWithSpanSuccess() { var a = new HkdfSha256(); using (var s = SharedSecret.Import(ReadOnlySpan <byte> .Empty)) { var expected = s_prkForEmpty.DecodeHex(); var actual = new byte[expected.Length]; a.Extract(s, ReadOnlySpan <byte> .Empty, actual); Assert.Equal(expected, actual); } }
public static void BitMaskedAgree(string privateKey, string publicKey, string sharedSecret) { var a = new X25519(); var kdf = new HkdfSha256(); var pk1 = publicKey.DecodeHex(); var pk2 = publicKey.DecodeHex(); pk1[pk1.Length - 1] &= 0x7F; pk2[pk2.Length - 1] |= 0x80; using (var k = Key.Import(a, privateKey.DecodeHex(), KeyBlobFormat.RawPrivateKey)) using (var sharedSecretExpected = SharedSecret.Import(sharedSecret.DecodeHex())) using (var sharedSecretActual1 = a.Agree(k, PublicKey.Import(a, pk1, KeyBlobFormat.RawPublicKey))) using (var sharedSecretActual2 = a.Agree(k, PublicKey.Import(a, pk2, KeyBlobFormat.RawPublicKey))) { var expected = kdf.Extract(sharedSecretExpected, ReadOnlySpan <byte> .Empty); var actual1 = kdf.Extract(sharedSecretActual1, ReadOnlySpan <byte> .Empty); var actual2 = kdf.Extract(sharedSecretActual2, ReadOnlySpan <byte> .Empty); Assert.Equal(expected, actual1); Assert.Equal(expected, actual2); } }
public static void ExpandWithInfoOverlapping() { var a = new HkdfSha256(); var x = new X25519(); using (var k = new Key(x)) using (var s = x.Agree(k, k.PublicKey)) { var b = new byte[200]; var prk = a.Extract(s, ReadOnlySpan <byte> .Empty); Assert.Throws <ArgumentException>("bytes", () => a.Expand(prk, b.AsSpan().Slice(10, 100), b.AsSpan().Slice(60, 100))); Assert.Throws <ArgumentException>("bytes", () => a.Expand(prk, b.AsSpan().Slice(60, 100), b.AsSpan().Slice(10, 100))); } }
public static void ExtractWithSpanWithNullSecret() { var a = new HkdfSha256(); Assert.Throws <ArgumentNullException>("sharedSecret", () => a.Extract(null, ReadOnlySpan <byte> .Empty, Span <byte> .Empty)); }