/// <summary>
/// Here we generate the key from random data, then we will use the TLS 1.3 Expand function to ensure that
/// if there is a weakness in our randoms it is harder to reverse
/// </summary>
private ISymmetricalCipher GenerateKey(OwnedMemory <byte> buffer)
{
//We use the crypto random function to fill the key buffer initially
_cryptoProvider.FillWithRandom(buffer.Span);
//We use the Hkdf expand method to make it harder to exploit any weakness in the random number generator
_cryptoProvider.HashProvider.HkdfExpandLabel(HashType.SHA512, buffer.Span, _ticketLabel, new ReadOnlySpan <byte>(), buffer.Span);
return(_cryptoProvider.BulkCipherProvider.GetCipherKey(_cipherType, buffer));
}
/// <summary>
/// Here we generate the key from random data, then we will use the TLS 1.3 Expand function to ensure that
/// if there is a weakness in our randoms it is harder to reverse
/// </summary>
private void GenerateKeys(SecretSchedulePool pool, int numberOfKeys)
{
var buffer = pool.GetKeyBuffer();
//We use the crypto random function to fill the key buffer initially
_cryptoProvider.FillWithRandom(buffer.Span);
//We use the Hkdf expand method to make it harder to exploit any weakness in the random number generator
_cryptoProvider.HashProvider.HkdfExpandLabel(HashType.SHA512, buffer.Span, _ticketLabel, new ReadOnlySpan <byte>(), buffer.Span);
_keys.Add(_cryptoProvider.BulkCipherProvider.GetCipherKey(_cipherType, buffer));
for (var i = 0; i < (numberOfKeys - 1); i++)
{
var newBuffer = pool.GetKeyBuffer();
buffer.Memory.Span.CopyTo(newBuffer.Memory.Span);
_keys.Add(_cryptoProvider.BulkCipherProvider.GetCipherKey(_cipherType, newBuffer));
}
}
public void GenerateClientRandom()
{
var span = _clientRandom.Span;
_cryptoProvider.FillWithRandom(span);
}